Find a vulnerability
Search criteria
400 vulnerabilities by slackware
VAR-201006-0051
Vulnerability from variot - Updated: 2026-04-10 23:36Cross-site request forgery (CSRF) vulnerability in the web interface in CUPS before 1.4.4, as used on Apple Mac OS X 10.5.8, Mac OS X 10.6 before 10.6.4, and other platforms, allows remote attackers to hijack the authentication of administrators for requests that change settings. CUPS is prone to a cross-site request-forgery vulnerability. This issue affects the CUPS web interface component. Attackers can exploit this issue to perform certain administrative actions and gain unauthorized access to the affected application. NOTE: This issue was previously covered in BID 40871 (Apple Mac OS X Prior to 10.6.4 Multiple Security Vulnerabilities), but has been given its own record to better document it. Apple Mac OS X is the operating system used by Apple family computers, and Font Book is a font management tool included in Mac OS X. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Debian Security Advisory DSA-2176-1 security@debian.org http://www.debian.org/security/ Moritz Muehlenhoff March 02, 2011 http://www.debian.org/security/faq
Package : cups Vulnerability : several Problem type : remote Debian-specific: no CVE ID : CVE-2008-5183 CVE-2009-3553 CVE-2010-0540 CVE-2010-0542 CVE-2010-1748 CVE-2010-2431 CVE-2010-2432 CVE-2010-2941
Several vulnerabilities have been discovered in the Common UNIX Printing System:
CVE-2008-5183
A null pointer dereference in RSS job completion notifications could lead to denial of service.
CVE-2009-3553
It was discovered that incorrect file descriptor handling could lead to denial of service.
CVE-2010-0540
A cross-site request forgery vulnerability was discovered in the web interface.
CVE-2010-0542
Incorrect memory management in the filter subsystem could lead to denial of service.
CVE-2010-2431
Emmanuel Bouillon discovered a symlink vulnerability in handling of cache files.
CVE-2010-2432
Denial of service in the authentication code.
CVE-2010-2941
Incorrect memory management in the IPP code could lead to denial of service or the execution of arbitrary code.
For the oldstable distribution (lenny), this problem has been fixed in version 1.3.8-1+lenny9.
The stable distribution (squeeze) and the unstable distribution (sid) had already been fixed prior to the initial Squeeze release.
We recommend that you upgrade your cups packages.
Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: http://www.debian.org/security/
Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux)
iEYEARECAAYFAk1tgPIACgkQXm3vHE4uyloDXQCgxy/m5yHvjnIopjEdPcmdzIW5 HaAAn1r6v/N27Y5g5O4vudCQgLt7uBPx =j7wC -----END PGP SIGNATURE-----
Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ .
Packages for 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more: http://store.mandriva.com/product_info.php?cPath=149&products_id=490
The updated packages have been patched to correct these issues.
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0540 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0542 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1748 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2431 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2941
Updated Packages:
Mandriva Linux 2009.0: f659df34ee2b206427a38cefbca99cc2 2009.0/i586/cups-1.3.10-0.4mdv2009.0.i586.rpm 1b92d2762a23b983f0da6ed527c9cee8 2009.0/i586/cups-common-1.3.10-0.4mdv2009.0.i586.rpm a0719dfedbcce4ca02b8f1d69250c67b 2009.0/i586/cups-serial-1.3.10-0.4mdv2009.0.i586.rpm 130c8d5b44e513e52d6d40fc22974139 2009.0/i586/libcups2-1.3.10-0.4mdv2009.0.i586.rpm 06d0f7f3754246e67ff100ee3e15a6c2 2009.0/i586/libcups2-devel-1.3.10-0.4mdv2009.0.i586.rpm 7179976e3a7490deced5374723453065 2009.0/i586/php-cups-1.3.10-0.4mdv2009.0.i586.rpm d457f260b56c65d119f3f4577a7dc90f 2009.0/SRPMS/cups-1.3.10-0.4mdv2009.0.src.rpm
Mandriva Linux 2009.0/X86_64: 109c1f41b21fbb8e2c97aaeafae1340a 2009.0/x86_64/cups-1.3.10-0.4mdv2009.0.x86_64.rpm d0fca9c94c5269fec27a31086c399145 2009.0/x86_64/cups-common-1.3.10-0.4mdv2009.0.x86_64.rpm 4ff96778ae90f228ef99d94487d87f77 2009.0/x86_64/cups-serial-1.3.10-0.4mdv2009.0.x86_64.rpm 3f0127d51b2cdc9bf661e9de91b52f39 2009.0/x86_64/lib64cups2-1.3.10-0.4mdv2009.0.x86_64.rpm 473bdbea1f1379fc46f0523ab5a91e92 2009.0/x86_64/lib64cups2-devel-1.3.10-0.4mdv2009.0.x86_64.rpm 6d720a64deac48ca276266bb6895f72d 2009.0/x86_64/php-cups-1.3.10-0.4mdv2009.0.x86_64.rpm d457f260b56c65d119f3f4577a7dc90f 2009.0/SRPMS/cups-1.3.10-0.4mdv2009.0.src.rpm
Mandriva Linux 2010.0: b896bb55528f9b3f7329bdefbd06e907 2010.0/i586/cups-1.4.1-12.2mdv2010.0.i586.rpm 9915c592984b953fc97caeaff6adfd51 2010.0/i586/cups-common-1.4.1-12.2mdv2010.0.i586.rpm 9301ef3c2f510317064d543603ce2093 2010.0/i586/cups-serial-1.4.1-12.2mdv2010.0.i586.rpm 30b760a74bfe1338139c810e727321c0 2010.0/i586/libcups2-1.4.1-12.2mdv2010.0.i586.rpm d6bb4b1902321d01065f5523fe8b8bd1 2010.0/i586/libcups2-devel-1.4.1-12.2mdv2010.0.i586.rpm 1e9b384c4ca7bfdd0a5294662e167cbb 2010.0/i586/php-cups-1.4.1-12.2mdv2010.0.i586.rpm a3ade5cdca9098f024c821f02e2497d1 2010.0/SRPMS/cups-1.4.1-12.2mdv2010.0.src.rpm
Mandriva Linux 2010.0/X86_64: b85a2eb58e0321e8bbe9f0db0b67b270 2010.0/x86_64/cups-1.4.1-12.2mdv2010.0.x86_64.rpm c3e5f2aaab48b3569af9adc0fe066e36 2010.0/x86_64/cups-common-1.4.1-12.2mdv2010.0.x86_64.rpm 8cae31ce49c4d45093a09aab4317c452 2010.0/x86_64/cups-serial-1.4.1-12.2mdv2010.0.x86_64.rpm 330e6c0d2fb1c00c63ac3750b0e3044a 2010.0/x86_64/lib64cups2-1.4.1-12.2mdv2010.0.x86_64.rpm bc7348bba4476c16c35e651b9826431c 2010.0/x86_64/lib64cups2-devel-1.4.1-12.2mdv2010.0.x86_64.rpm cc0081d5748a4e538b1154e110eb74ea 2010.0/x86_64/php-cups-1.4.1-12.2mdv2010.0.x86_64.rpm a3ade5cdca9098f024c821f02e2497d1 2010.0/SRPMS/cups-1.4.1-12.2mdv2010.0.src.rpm
Mandriva Enterprise Server 5: 27242832f57d843a6e96f7be948060f7 mes5/i586/cups-1.3.10-0.4mdvmes5.1.i586.rpm c68061ebd7157579308ba9e3c0a0e988 mes5/i586/cups-common-1.3.10-0.4mdvmes5.1.i586.rpm 2a06820729e49c98883494971dbd839e mes5/i586/cups-serial-1.3.10-0.4mdvmes5.1.i586.rpm f959dac3e1ce73a9c228a56956f50277 mes5/i586/libcups2-1.3.10-0.4mdvmes5.1.i586.rpm eb7ab898a4c42c095cdd82a12527ce78 mes5/i586/libcups2-devel-1.3.10-0.4mdvmes5.1.i586.rpm 64c94ac46b571cafb1610c49a6134031 mes5/i586/php-cups-1.3.10-0.4mdvmes5.1.i586.rpm e2adcd8eec6039164aa45738cec40586 mes5/SRPMS/cups-1.3.10-0.4mdvmes5.1.src.rpm
Mandriva Enterprise Server 5/X86_64: 992e12cd8507d0d58fb6e72ca402429f mes5/x86_64/cups-1.3.10-0.4mdvmes5.1.x86_64.rpm 4528d0e4dccbc15507e8575c98255711 mes5/x86_64/cups-common-1.3.10-0.4mdvmes5.1.x86_64.rpm 3e840cbe6f1883706c14cbafc838478c mes5/x86_64/cups-serial-1.3.10-0.4mdvmes5.1.x86_64.rpm a8cfe7e9c3e82ae1c61b7da0ba7daf26 mes5/x86_64/lib64cups2-1.3.10-0.4mdvmes5.1.x86_64.rpm b377f64dff30db3b76cd7b651f796783 mes5/x86_64/lib64cups2-devel-1.3.10-0.4mdvmes5.1.x86_64.rpm d2b4d6a768bd6083c970d53744e4aeb1 mes5/x86_64/php-cups-1.3.10-0.4mdvmes5.1.x86_64.rpm e2adcd8eec6039164aa45738cec40586 mes5/SRPMS/cups-1.3.10-0.4mdvmes5.1.src.rpm
To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandriva for security. ----------------------------------------------------------------------
Secunia CSI integrated with Microsoft WSUS and Microsoft SCCM for 3rd party Patch Management
Free webinars
http://secunia.com/vulnerability_scanning/corporate/webinars/
TITLE: Apple Mac OS X Security Update Fixes Multiple Vulnerabilities
SECUNIA ADVISORY ID: SA40220
VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/40220/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=40220
RELEASE DATE: 2010-06-24
DISCUSS ADVISORY: http://secunia.com/advisories/40220/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)
http://secunia.com/advisories/40220/
ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=40220
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION: Apple has issued a security update for Mac OS X, which fixes multiple vulnerabilities.
1) The CUPS web interface allows users to perform certain actions via HTTP requests without performing any validity checks to verify the requests. This can be exploited to change CUPS settings if a logged-in administrative user visits a malicious web site.
2) A use-after-free error in CUPS when processing "get-printer-jobs" requests can be exploited to crash "cupsd".
NOTE: "cupsd" is automatically restarted after the crash occurs.
3) An uninitialised memory access error in the CUPS web interface when handling form variables can be exploited to disclose potentially sensitive "cupsd" memory.
4) The "Finder" implementation leaves the ownership of selected files unchanged when "Apply to enclosed items..." is selected in the "Get Info" window, resulting in unexpected permissions.
5) An error in Adobe Flash Player can be exploited to bypass domain sandbox limitations and perform unauthorized cross-domain requests.
For more information: SA38547
6) An error in "Folder Manager" when unmounting disk images containing a malicious "Cleanup At Startup" directory can be exploited to delete arbitrary directories via symlink attacks.
7) An input sanitation error exists in "Help Viewer" when handling "help:" URLs. This can be exploited to execute arbitrary JavaScript code in the context of the local domain and disclose sensitive information or potentially execute arbitrary code.
8) An error in iChat when handling inline image transfers can be exploited to upload files to arbitrary locations on an AIM user's system via directory traversal attacks.
9) Multiple integer overflow errors in LibTIFF can be exploited to cause heap-based buffer overflows and potentially execute arbitrary code.
For more information: SA40181
10) An unspecified error in ImageIO when processing MPEG2 movie files can be exploited to corrupt memory and potentially execute arbitrary code.
11) Multiple integer underflow errors in Kerberos can be exploited to corrupt heap memory and potentially execute arbitrary code.
For more information: SA38080
12) An error in Kerberos can be exploited by malicious users to trigger a double-free and potentially execute arbitrary code.
For more information: SA39420
13) An error in Kerberos when handling authorization data can be exploited to terminate an affected server.
14) An error in libcurl when handling compressed web content can potentially be exploited to cause a buffer overflow and execute arbitrary code.
16) A format string error when handling "afp:", "cifs:", and "smb:" URLs can be exploited to potentially execute arbitrary code.
17) Open Directory establishes plain text connections when binding to network account servers without SSL support. This can be exploited to potentially execute arbitrary code via Man-in-the-Middle (MitM) attacks.
18) An error when handling local network printers having a Unicode character in the service name can be exploited to trigger a printing failure in certain applications.
19) An integer overflow error in the CUPS "cgtexttops" filter can be exploited to corrupt memory and potentially execute arbitrary code.
20) An error in the Ruby WEBrick HTTP server can be exploited to generate error pages interpreted as having an UTF-7 character set. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site.
21) An error in the configuration of the included Samba distribution can be exploited to gain access to arbitrary files via symlink attacks.
This may be related to: SA38454
22) Multiple errors in SquirrelMail can be exploited to conduct cross-site scripting, cross-site request forgery, session fixation, and phishing attacks.
For more information: SA34627 SA35073
23) Wiki Server does not specify a character set when serving HTML documents. This can be exploited to execute arbitrary HTML and script code in a user's browser session by making a specially crafted post or comment.
SOLUTION: Apply Security Update 2010-004 or update to version 10.6.4.
Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
PROVIDED AND/OR DISCOVERED BY: 1) Adrian 'pagvac' Pastor of Gnucitizen 6, 8, 10, 15, 20) Reported by the vendor.
The vendor also credits: 1) Tim Starling 2) Tim Waugh 3) Luca Carettoni 4) Michi Ruepp of pianobakery.com 7) Clint Ruoho of Laconic Security 9) Kevin Finisterre of digitalmunition.com 16) Ilja van Sprundel of IOActive, and Chris Ries of Carnegie Mellon University Computing Services 18) Filipp Lepalaan of mcare Oy 19) regenrecht working with iDefense
ORIGINAL ADVISORY: Apple: http://support.apple.com/kb/HT4188
Gnucitizen: http://www.gnucitizen.org/blog/apple-further-locks-down-cups-cve-2010-0540/
OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201207-10
http://security.gentoo.org/
Severity: High Title: CUPS: Multiple vulnerabilities Date: July 09, 2012 Bugs: #295256, #308045, #325551, #380771 ID: 201207-10
Synopsis
Multiple vulnerabilities have been found in CUPS, some of which may allow execution of arbitrary code or local privilege escalation.
Background
CUPS, the Common Unix Printing System, is a full-featured print server.
Affected packages
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 net-print/cups < 1.4.8-r1 >= 1.4.8-r1
Description
Multiple vulnerabilities have been discovered in CUPS. Please review the CVE identifiers referenced below for details.
Impact
A remote attacker may be able to execute arbitrary code using specially crafted streams, IPP requests or files, or cause a Denial of Service (daemon crash or hang). A local attacker may be able to gain escalated privileges or overwrite arbitrary files. Furthermore, a remote attacker may be able to obtain sensitive information from the CUPS process or hijack a CUPS administrator authentication request.
Workaround
There is no known workaround at this time.
Resolution
All CUPS users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=net-print/cups-1.4.8-r1"
NOTE: This is a legacy GLSA. Updates for all affected architectures are available since September 03, 2011. It is likely that your system is already no longer affected by this issue.
References
[ 1 ] CVE-2009-3553 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-3553 [ 2 ] CVE-2010-0302 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-0302 [ 3 ] CVE-2010-0393 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-0393 [ 4 ] CVE-2010-0540 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-0540 [ 5 ] CVE-2010-0542 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-0542 [ 6 ] CVE-2010-1748 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-1748 [ 7 ] CVE-2010-2431 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-2431 [ 8 ] CVE-2010-2432 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-2432 [ 9 ] CVE-2010-2941 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-2941 [ 10 ] CVE-2011-3170 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3170
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201207-10.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2012 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5 . =========================================================== Ubuntu Security Notice USN-952-1 June 21, 2010 cups, cupsys vulnerabilities CVE-2010-0540, CVE-2010-0542, CVE-2010-1748 ===========================================================
A security issue affects the following Ubuntu releases:
Ubuntu 6.06 LTS Ubuntu 8.04 LTS Ubuntu 9.04 Ubuntu 9.10 Ubuntu 10.04 LTS
This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu.
The problem can be corrected by upgrading your system to the following package versions:
Ubuntu 6.06 LTS: cupsys 1.2.2-0ubuntu0.6.06.19
Ubuntu 8.04 LTS: cupsys 1.3.7-1ubuntu3.11
Ubuntu 9.04: cups 1.3.9-17ubuntu3.9
Ubuntu 9.10: cups 1.4.1-5ubuntu2.6
Ubuntu 10.04 LTS: cups 1.4.3-1ubuntu1.2
In general, a standard system update will make all the necessary changes. (CVE-2010-0540)
It was discovered that CUPS did not properly handle memory allocations in the texttops filter. (CVE-2010-1748)
Updated packages for Ubuntu 6.06 LTS:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.2-0ubuntu0.6.06.19.diff.gz
Size/MD5: 115313 005b2e259ee2bc9aeb334d3b2ca51faa
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.2-0ubuntu0.6.06.19.dsc
Size/MD5: 1061 177a2f8e4a29a35ea13fd51256f1380f
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.2.orig.tar.gz
Size/MD5: 4070384 2c99b8aa4c8dc25c8a84f9c06aa52e3e
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-gnutls10_1.2.2-0ubuntu0.6.06.19_all.deb
Size/MD5: 998 35bdefd4098d83e84274364d62ee78ae
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.2.2-0ubuntu0.6.06.19_amd64.deb
Size/MD5: 36246 f780e86740e595dc53b1ed5c75b55c13
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.2.2-0ubuntu0.6.06.19_amd64.deb
Size/MD5: 81834 4085edf21acd7cc603465d9cab24197f
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.2-0ubuntu0.6.06.19_amd64.deb
Size/MD5: 2297664 891a2b5476e05e98e0b821fad88d0daf
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.2.2-0ubuntu0.6.06.19_amd64.deb
Size/MD5: 6096 7f361fac37f34a2560226286e3f59cb4
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.2.2-0ubuntu0.6.06.19_amd64.deb
Size/MD5: 78160 7a84d018f2ca5b447dc647034759b0e1
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.2.2-0ubuntu0.6.06.19_amd64.deb
Size/MD5: 25738 dad628ebfbdc12b32325657781edd0e4
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.2.2-0ubuntu0.6.06.19_amd64.deb
Size/MD5: 131420 8cf624425e00972351b02f37d150916e
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.2.2-0ubuntu0.6.06.19_i386.deb
Size/MD5: 34766 84d90801efca2b0330fccea613ce63de
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.2.2-0ubuntu0.6.06.19_i386.deb
Size/MD5: 77896 158339fe207b732d69201e75cb0f3381
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.2-0ubuntu0.6.06.19_i386.deb
Size/MD5: 2263760 2eca2208b83d962a5c3c5e1fe6d4275f
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.2.2-0ubuntu0.6.06.19_i386.deb
Size/MD5: 6094 36b6a321662416156d7260007a6ca31a
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.2.2-0ubuntu0.6.06.19_i386.deb
Size/MD5: 77288 ad80ca6edfc486db896d9eb779e0f650
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.2.2-0ubuntu0.6.06.19_i386.deb
Size/MD5: 25744 1d533c0ab57482330ae306a7891ec6ff
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.2.2-0ubuntu0.6.06.19_i386.deb
Size/MD5: 123508 83db482d3738e3ffcc3bfbee0cc33721
powerpc architecture (Apple Macintosh G3/G4/G5):
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.2.2-0ubuntu0.6.06.19_powerpc.deb
Size/MD5: 40476 37b383d15aacfd39dae5300cf032bbd1
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.2.2-0ubuntu0.6.06.19_powerpc.deb
Size/MD5: 89508 0f77ab8e581be995daab715e3dd7abc3
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.2-0ubuntu0.6.06.19_powerpc.deb
Size/MD5: 2310060 47807a4cd2146d7a209a2a189c2b8cb3
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.2.2-0ubuntu0.6.06.19_powerpc.deb
Size/MD5: 6100 ea6cc5c9d5f9bed2541300fe56597e78
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.2.2-0ubuntu0.6.06.19_powerpc.deb
Size/MD5: 79802 b1a45ff6919450143c754a1ff36e9060
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.2.2-0ubuntu0.6.06.19_powerpc.deb
Size/MD5: 25742 1f563fdffe4e8bd058bedf9460e88e4c
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.2.2-0ubuntu0.6.06.19_powerpc.deb
Size/MD5: 129252 330ddedb5d53bae2ba5c7752e18fcfa6
sparc architecture (Sun SPARC/UltraSPARC):
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.2.2-0ubuntu0.6.06.19_sparc.deb
Size/MD5: 35384 8ed75eb174931274c38d13af2fb7c112
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.2.2-0ubuntu0.6.06.19_sparc.deb
Size/MD5: 78676 ddd3a0a2cb9352db14eb335413b08f46
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.2-0ubuntu0.6.06.19_sparc.deb
Size/MD5: 2298378 da734c1436bd698bec5f919f75d28ed5
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.2.2-0ubuntu0.6.06.19_sparc.deb
Size/MD5: 6096 e1848071c118342cd2c4bb2cb3ca2ce9
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.2.2-0ubuntu0.6.06.19_sparc.deb
Size/MD5: 77080 aacd50b0ac685df76f63d312727604d9
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.2.2-0ubuntu0.6.06.19_sparc.deb
Size/MD5: 25752 05b0ee318bdfa19b7de919ed6754b410
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.2.2-0ubuntu0.6.06.19_sparc.deb
Size/MD5: 124994 c16e6c9aaca61f227d1c3940d93002da
Updated packages for Ubuntu 8.04 LTS:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.3.7-1ubuntu3.11.diff.gz
Size/MD5: 152646 c20cc845d61bec4c777a623bdd3a6043
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.3.7-1ubuntu3.11.dsc
Size/MD5: 1444 f04fc7976a0a92b58e57ff27631efab0
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.3.7.orig.tar.gz
Size/MD5: 4700333 383e556d9841475847da6076c88da467
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-common_1.3.7-1ubuntu3.11_all.deb
Size/MD5: 1144560 7b4f2abb608fa6c442994caa8c47e110
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.3.7-1ubuntu3.11_amd64.deb
Size/MD5: 37526 a9d6ecea3143d1335dc31815cf75dbd5
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.3.7-1ubuntu3.11_amd64.deb
Size/MD5: 90076 042ae92e8d94ae9d2482952b2e99df5a
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.3.7-1ubuntu3.11_amd64.deb
Size/MD5: 1890142 14da569119511e5f51b320cfc79506d1
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.3.7-1ubuntu3.11_amd64.deb
Size/MD5: 60796 60488f0471f8c9bc173c03320bb789b2
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.3.7-1ubuntu3.11_amd64.deb
Size/MD5: 50214 47f4d3a00e8f761452a020a09a7384b4
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.3.7-1ubuntu3.11_amd64.deb
Size/MD5: 345354 e963afb3e1275ddf97b68284e40372ea
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.3.7-1ubuntu3.11_amd64.deb
Size/MD5: 179228 f33a66c1ac3967328f17297b1749b53b
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.3.7-1ubuntu3.11_i386.deb
Size/MD5: 36950 df31639f3490ff68d09f8029cec8924f
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.3.7-1ubuntu3.11_i386.deb
Size/MD5: 88546 b9ea8e8c14ed2d0f8ecfe137fdf6454a
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.3.7-1ubuntu3.11_i386.deb
Size/MD5: 1872422 9b0e8cce7f3ac6f029d1d9722e98a213
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.3.7-1ubuntu3.11_i386.deb
Size/MD5: 60092 9e5eb97dd1cebd0229863029e4ca8f78
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.3.7-1ubuntu3.11_i386.deb
Size/MD5: 49858 34a9fac10b0722657d2ca8ef56848f8d
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.3.7-1ubuntu3.11_i386.deb
Size/MD5: 339688 c898e4f9f0dca3101a03dd02111a10f4
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.3.7-1ubuntu3.11_i386.deb
Size/MD5: 176154 6a9ab1e5e19cadb5c7252502fc027de7
lpia architecture (Low Power Intel Architecture):
http://ports.ubuntu.com/pool/main/c/cupsys/cupsys-bsd_1.3.7-1ubuntu3.11_lpia.deb
Size/MD5: 36672 f41063e4a148dc8899ebef34e6cbfb3c
http://ports.ubuntu.com/pool/main/c/cupsys/cupsys-client_1.3.7-1ubuntu3.11_lpia.deb
Size/MD5: 88846 4b68211c70b5bb7e656254da22bbd318
http://ports.ubuntu.com/pool/main/c/cupsys/cupsys_1.3.7-1ubuntu3.11_lpia.deb
Size/MD5: 1874024 d6476f29b2979d242c8ff37d2241a61b
http://ports.ubuntu.com/pool/main/c/cupsys/libcupsimage2-dev_1.3.7-1ubuntu3.11_lpia.deb
Size/MD5: 60494 320b2a5fdfebf2c40a0710adff97036d
http://ports.ubuntu.com/pool/main/c/cupsys/libcupsimage2_1.3.7-1ubuntu3.11_lpia.deb
Size/MD5: 50816 3c56d3f411c40dedf3b6436b30b54b9a
http://ports.ubuntu.com/pool/main/c/cupsys/libcupsys2-dev_1.3.7-1ubuntu3.11_lpia.deb
Size/MD5: 337320 79b5fb2771ca47c968f5abf93b91202c
http://ports.ubuntu.com/pool/main/c/cupsys/libcupsys2_1.3.7-1ubuntu3.11_lpia.deb
Size/MD5: 174996 0bcdda8df4f857444adca2943fd3c170
powerpc architecture (Apple Macintosh G3/G4/G5):
http://ports.ubuntu.com/pool/main/c/cupsys/cupsys-bsd_1.3.7-1ubuntu3.11_powerpc.deb
Size/MD5: 46938 ad94ebf4867859a982bb89477eab7ea4
http://ports.ubuntu.com/pool/main/c/cupsys/cupsys-client_1.3.7-1ubuntu3.11_powerpc.deb
Size/MD5: 110644 a281f4e5aa21d689540f919d5ee3fa5d
http://ports.ubuntu.com/pool/main/c/cupsys/cupsys_1.3.7-1ubuntu3.11_powerpc.deb
Size/MD5: 1958650 0e52cf6cd29c14ff0f2cc3212c552b99
http://ports.ubuntu.com/pool/main/c/cupsys/libcupsimage2-dev_1.3.7-1ubuntu3.11_powerpc.deb
Size/MD5: 59936 4091d328dee9d0deba5661fc5e762f1c
http://ports.ubuntu.com/pool/main/c/cupsys/libcupsimage2_1.3.7-1ubuntu3.11_powerpc.deb
Size/MD5: 54924 4fcf6eb1050a0eeee9854126fee0a79e
http://ports.ubuntu.com/pool/main/c/cupsys/libcupsys2-dev_1.3.7-1ubuntu3.11_powerpc.deb
Size/MD5: 342064 8d4b8d42acc54c66da52949ea44fd553
http://ports.ubuntu.com/pool/main/c/cupsys/libcupsys2_1.3.7-1ubuntu3.11_powerpc.deb
Size/MD5: 184954 42c1c793307f1cc4d18d522ae80f0270
sparc architecture (Sun SPARC/UltraSPARC):
http://ports.ubuntu.com/pool/main/c/cupsys/cupsys-bsd_1.3.7-1ubuntu3.11_sparc.deb
Size/MD5: 38036 e62ae6e8d6d291f9ed605c555d158718
http://ports.ubuntu.com/pool/main/c/cupsys/cupsys-client_1.3.7-1ubuntu3.11_sparc.deb
Size/MD5: 91032 0eeec008bd95aebc2cf01b29dc21c908
http://ports.ubuntu.com/pool/main/c/cupsys/cupsys_1.3.7-1ubuntu3.11_sparc.deb
Size/MD5: 1907984 55de2e9030db5aa551bce341684870dc
http://ports.ubuntu.com/pool/main/c/cupsys/libcupsimage2-dev_1.3.7-1ubuntu3.11_sparc.deb
Size/MD5: 57832 b053dd502dd903723e8d6a77ce0b1c2b
http://ports.ubuntu.com/pool/main/c/cupsys/libcupsimage2_1.3.7-1ubuntu3.11_sparc.deb
Size/MD5: 48216 1def563a1d36813e430550ff75cf8d5e
http://ports.ubuntu.com/pool/main/c/cupsys/libcupsys2-dev_1.3.7-1ubuntu3.11_sparc.deb
Size/MD5: 341820 abc71448985875caa6210132ecf46b93
http://ports.ubuntu.com/pool/main/c/cupsys/libcupsys2_1.3.7-1ubuntu3.11_sparc.deb
Size/MD5: 174938 f91384db37267deab1639718fe3b8c34
Updated packages for Ubuntu 9.04:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups_1.3.9-17ubuntu3.9.diff.gz
Size/MD5: 347764 2955695161c0ce780898d42714dba9c8
http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups_1.3.9-17ubuntu3.9.dsc
Size/MD5: 1995 00cc768af9e65ccaaed74d7c4352e86d
http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups_1.3.9.orig.tar.gz
Size/MD5: 4809771 e6f2d90491ed050e5ff2104b617b88ea
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-common_1.3.9-17ubuntu3.9_all.deb
Size/MD5: 1165952 144fdfb5ea034f6f0efa02c8d36f5667
http://security.ubuntu.com/ubuntu/pool/main/c/cups/cupsys-dbg_1.3.9-17ubuntu3.9_all.deb
Size/MD5: 61232 dfdb0322c17e7e1b747ba8f9db12a498
http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsys2-dev_1.3.9-17ubuntu3.9_all.deb
Size/MD5: 61240 06126e6e2f7caf9e7fd2f124daf3396c
http://security.ubuntu.com/ubuntu/pool/universe/c/cups/cupsys-bsd_1.3.9-17ubuntu3.9_all.deb
Size/MD5: 61226 808e56e373bc060585483194bcfac4a7
http://security.ubuntu.com/ubuntu/pool/universe/c/cups/cupsys-client_1.3.9-17ubuntu3.9_all.deb
Size/MD5: 61230 17df573a12aca59fb662736b11cb5a89
http://security.ubuntu.com/ubuntu/pool/universe/c/cups/cupsys-common_1.3.9-17ubuntu3.9_all.deb
Size/MD5: 4518 b33fc896433f2122e19187140ff848bf
http://security.ubuntu.com/ubuntu/pool/universe/c/cups/cupsys_1.3.9-17ubuntu3.9_all.deb
Size/MD5: 61218 521cc3faadf974588bd059da948ffd46
http://security.ubuntu.com/ubuntu/pool/universe/c/cups/libcupsys2_1.3.9-17ubuntu3.9_all.deb
Size/MD5: 61230 5d435cb91fe17f9603d67ac58cf00ebd
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-bsd_1.3.9-17ubuntu3.9_amd64.deb
Size/MD5: 37304 456a29fc3e6e4a6a12afb28cf070d153
http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-client_1.3.9-17ubuntu3.9_amd64.deb
Size/MD5: 119754 3a3546041387ada93c1f834570d0b7db
http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-dbg_1.3.9-17ubuntu3.9_amd64.deb
Size/MD5: 1675558 fd25a667614137c16bfa36e8c4bcf772
http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups_1.3.9-17ubuntu3.9_amd64.deb
Size/MD5: 2178564 f1799dbcec836870692ecaa40b254f8b
http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcups2-dev_1.3.9-17ubuntu3.9_amd64.deb
Size/MD5: 352570 5ac8c911b9b70ba35f4054ae5fff6857
http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcups2_1.3.9-17ubuntu3.9_amd64.deb
Size/MD5: 178584 8f72778104c3015920601f7d39ec58ca
http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsimage2-dev_1.3.9-17ubuntu3.9_amd64.deb
Size/MD5: 61264 cc1633d90a82496ea55beb87d9e4282a
http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsimage2_1.3.9-17ubuntu3.9_amd64.deb
Size/MD5: 52218 ef2c76e51468c29f16868f9b65a1d986
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-bsd_1.3.9-17ubuntu3.9_i386.deb
Size/MD5: 36230 3469935b69c38df8cc889905082f6170
http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-client_1.3.9-17ubuntu3.9_i386.deb
Size/MD5: 115268 2c97947d64499af1488d7147aabd1272
http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-dbg_1.3.9-17ubuntu3.9_i386.deb
Size/MD5: 1533088 e0c1e8945bcf28c325313ecc8675819b
http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups_1.3.9-17ubuntu3.9_i386.deb
Size/MD5: 2144702 03fd75f8698031522c9483663deaddf4
http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcups2-dev_1.3.9-17ubuntu3.9_i386.deb
Size/MD5: 346396 a89110547944785464731b47fadf5ef9
http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcups2_1.3.9-17ubuntu3.9_i386.deb
Size/MD5: 175170 470d2d69e5df366ca7d359b86c4693b3
http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsimage2-dev_1.3.9-17ubuntu3.9_i386.deb
Size/MD5: 60498 7a2cb2739132e79a1fa70c0983d6bda0
http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsimage2_1.3.9-17ubuntu3.9_i386.deb
Size/MD5: 51542 60e03d1de616cc7d9fd5deccfba7e73f
lpia architecture (Low Power Intel Architecture):
http://ports.ubuntu.com/pool/main/c/cups/cups-bsd_1.3.9-17ubuntu3.9_lpia.deb
Size/MD5: 36028 95dd554290394bba340e1b9ed0eeca22
http://ports.ubuntu.com/pool/main/c/cups/cups-client_1.3.9-17ubuntu3.9_lpia.deb
Size/MD5: 114518 7cdf8bfff996881b0ff38122507d24f8
http://ports.ubuntu.com/pool/main/c/cups/cups-dbg_1.3.9-17ubuntu3.9_lpia.deb
Size/MD5: 1562414 99f96dacc52fb8ab31879dc8d917eed3
http://ports.ubuntu.com/pool/main/c/cups/cups_1.3.9-17ubuntu3.9_lpia.deb
Size/MD5: 2141504 666f44d2a5057b47b0926b8fbc0ff9ce
http://ports.ubuntu.com/pool/main/c/cups/libcups2-dev_1.3.9-17ubuntu3.9_lpia.deb
Size/MD5: 343356 43f548744343771bfccc97e0965767e5
http://ports.ubuntu.com/pool/main/c/cups/libcups2_1.3.9-17ubuntu3.9_lpia.deb
Size/MD5: 173468 495c1181694e597d3e2ee9b7879f63b4
http://ports.ubuntu.com/pool/main/c/cups/libcupsimage2-dev_1.3.9-17ubuntu3.9_lpia.deb
Size/MD5: 60670 59cb79251da624cf56788a6ebbdd1854
http://ports.ubuntu.com/pool/main/c/cups/libcupsimage2_1.3.9-17ubuntu3.9_lpia.deb
Size/MD5: 52342 8b1039fde9779991586c0861bde5d692
powerpc architecture (Apple Macintosh G3/G4/G5):
http://ports.ubuntu.com/pool/main/c/cups/cups-bsd_1.3.9-17ubuntu3.9_powerpc.deb
Size/MD5: 43570 1bfc6992664c3dcf9ac9853ab5b6f62f
http://ports.ubuntu.com/pool/main/c/cups/cups-client_1.3.9-17ubuntu3.9_powerpc.deb
Size/MD5: 138118 56c93d7803d01c16a39e9fbe917e3a98
http://ports.ubuntu.com/pool/main/c/cups/cups-dbg_1.3.9-17ubuntu3.9_powerpc.deb
Size/MD5: 1649586 223b30bbc9f4d0e25c327eb10bf364ec
http://ports.ubuntu.com/pool/main/c/cups/cups_1.3.9-17ubuntu3.9_powerpc.deb
Size/MD5: 2266484 6abc3509cdcf34e481d74adb7b939ec2
http://ports.ubuntu.com/pool/main/c/cups/libcups2-dev_1.3.9-17ubuntu3.9_powerpc.deb
Size/MD5: 348324 d36b5c40f196d505735fe367a7a2380a
http://ports.ubuntu.com/pool/main/c/cups/libcups2_1.3.9-17ubuntu3.9_powerpc.deb
Size/MD5: 183986 555915a89c0a514dcb6e77486a9112ed
http://ports.ubuntu.com/pool/main/c/cups/libcupsimage2-dev_1.3.9-17ubuntu3.9_powerpc.deb
Size/MD5: 61310 1c61fe881255b71f6264119f319f24b3
http://ports.ubuntu.com/pool/main/c/cups/libcupsimage2_1.3.9-17ubuntu3.9_powerpc.deb
Size/MD5: 57406 ab4fb5ea4040929b5ec38abad5f38cfb
sparc architecture (Sun SPARC/UltraSPARC):
http://ports.ubuntu.com/pool/main/c/cups/cups-bsd_1.3.9-17ubuntu3.9_sparc.deb
Size/MD5: 37208 6046757ca4fe9b690247c34fe009b8ea
http://ports.ubuntu.com/pool/main/c/cups/cups-client_1.3.9-17ubuntu3.9_sparc.deb
Size/MD5: 117494 0a21aaee253debec63b21c20dfda20bd
http://ports.ubuntu.com/pool/main/c/cups/cups-dbg_1.3.9-17ubuntu3.9_sparc.deb
Size/MD5: 1477080 6d03ce62f445559aeac03429e66cf9bb
http://ports.ubuntu.com/pool/main/c/cups/cups_1.3.9-17ubuntu3.9_sparc.deb
Size/MD5: 2211336 6ea40676d2b68ab7e75e4e81d79493c5
http://ports.ubuntu.com/pool/main/c/cups/libcups2-dev_1.3.9-17ubuntu3.9_sparc.deb
Size/MD5: 345154 da2107d40cbf1f8575995dddb031ac25
http://ports.ubuntu.com/pool/main/c/cups/libcups2_1.3.9-17ubuntu3.9_sparc.deb
Size/MD5: 170956 d17a5b8ce2609a9a73b8b49af592d31d
http://ports.ubuntu.com/pool/main/c/cups/libcupsimage2-dev_1.3.9-17ubuntu3.9_sparc.deb
Size/MD5: 57854 9978193eaa21591bcbda0103bd2d7420
http://ports.ubuntu.com/pool/main/c/cups/libcupsimage2_1.3.9-17ubuntu3.9_sparc.deb
Size/MD5: 49696 e9933a11538063753748ab7a29ddf48b
Updated packages for Ubuntu 9.10:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups_1.4.1-5ubuntu2.6.diff.gz
Size/MD5: 430803 9896ab093cf6c3ef71a80e0c37e4b7aa
http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups_1.4.1-5ubuntu2.6.dsc
Size/MD5: 2273 893689e77881954b258ddb7107aa699e
http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups_1.4.1.orig.tar.gz
Size/MD5: 5287327 4dc8f431ef50752dfd61d9d4959abd06
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-common_1.4.1-5ubuntu2.6_all.deb
Size/MD5: 1420352 27ce929720fc629fed288754a91ce13b
http://security.ubuntu.com/ubuntu/pool/main/c/cups/cupsys-dbg_1.4.1-5ubuntu2.6_all.deb
Size/MD5: 69858 388fcac30796d5907253d647b12d7969
http://security.ubuntu.com/ubuntu/pool/universe/c/cups/cupsddk_1.4.1-5ubuntu2.6_all.deb
Size/MD5: 69822 3cf78e179ad70f3273abfc1263664266
http://security.ubuntu.com/ubuntu/pool/universe/c/cups/cupsys-bsd_1.4.1-5ubuntu2.6_all.deb
Size/MD5: 69854 97bd4ac6413bb46ab53861a581113f0a
http://security.ubuntu.com/ubuntu/pool/universe/c/cups/cupsys-client_1.4.1-5ubuntu2.6_all.deb
Size/MD5: 69854 b391fa9c83fbf3009e56df2746ab94d2
http://security.ubuntu.com/ubuntu/pool/universe/c/cups/cupsys-common_1.4.1-5ubuntu2.6_all.deb
Size/MD5: 4544 57b5675c9659d18d88a113f55a2176f9
http://security.ubuntu.com/ubuntu/pool/universe/c/cups/cupsys_1.4.1-5ubuntu2.6_all.deb
Size/MD5: 69842 7aff9ca2dc796cb3604221265e9b2747
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-bsd_1.4.1-5ubuntu2.6_amd64.deb
Size/MD5: 36714 b7a8d6d23214b4d0cbc888888a48e335
http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-client_1.4.1-5ubuntu2.6_amd64.deb
Size/MD5: 120262 8dfd957d0cc33ffaaf32072079907ee1
http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-dbg_1.4.1-5ubuntu2.6_amd64.deb
Size/MD5: 90150 3233d3c9c94c0f262f00f4b71d7a81d5
http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups_1.4.1-5ubuntu2.6_amd64.deb
Size/MD5: 1909664 73ed914b62e3c9e04dcaec55b543407d
http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcups2-dev_1.4.1-5ubuntu2.6_amd64.deb
Size/MD5: 210802 f23c0fdafcfd0fad270f8afa3a937c31
http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcups2_1.4.1-5ubuntu2.6_amd64.deb
Size/MD5: 219530 3c472155e2f3471ddb68a50b6661aa42
http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupscgi1-dev_1.4.1-5ubuntu2.6_amd64.deb
Size/MD5: 103906 a77f22491afdfd65c60fe01ba8660673
http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupscgi1_1.4.1-5ubuntu2.6_amd64.deb
Size/MD5: 33134 5d3ba0a39217678739e2c7812512d28c
http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsdriver1-dev_1.4.1-5ubuntu2.6_amd64.deb
Size/MD5: 90504 fe988efeb10d537670c25ad298c58eb7
http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsdriver1_1.4.1-5ubuntu2.6_amd64.deb
Size/MD5: 22188 6316c51f52a01de4b3011411db62a5b7
http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsimage2-dev_1.4.1-5ubuntu2.6_amd64.deb
Size/MD5: 61528 5b4718cdfd4387c0d7114f2580c8254b
http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsimage2_1.4.1-5ubuntu2.6_amd64.deb
Size/MD5: 53152 4013a5f53425a382b45889fe73f6f3a9
http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsmime1-dev_1.4.1-5ubuntu2.6_amd64.deb
Size/MD5: 81518 f81f9bcdd2faf8a7f9ba6fefe4f8cdc2
http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsmime1_1.4.1-5ubuntu2.6_amd64.deb
Size/MD5: 15490 e4228a982cf71ae48ee2af86325b45ac
http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsppdc1-dev_1.4.1-5ubuntu2.6_amd64.deb
Size/MD5: 143326 b8a0420a543914c8299e340a5723ba1d
http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsppdc1_1.4.1-5ubuntu2.6_amd64.deb
Size/MD5: 60108 fa27048727ffbbb4e58ba9ee6ccaadeb
http://security.ubuntu.com/ubuntu/pool/universe/c/cups/cups-ppdc_1.4.1-5ubuntu2.6_amd64.deb
Size/MD5: 34522 851e93d20f1315beb56cf357956c5f2a
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-bsd_1.4.1-5ubuntu2.6_i386.deb
Size/MD5: 35484 3a0b604fdbf0106ca6886eee07968dff
http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-client_1.4.1-5ubuntu2.6_i386.deb
Size/MD5: 115306 688d22b75b84a4b0ef3ed89306f653bf
http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-dbg_1.4.1-5ubuntu2.6_i386.deb
Size/MD5: 89220 4b4a76a3551a6c934975aa040289a3d4
http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups_1.4.1-5ubuntu2.6_i386.deb
Size/MD5: 1867674 564568d5ec8164e9ee916dc41951d660
http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcups2-dev_1.4.1-5ubuntu2.6_i386.deb
Size/MD5: 199732 6617d9b279c98755836e6ce614978924
http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcups2_1.4.1-5ubuntu2.6_i386.deb
Size/MD5: 213492 2c15204d6c3c638327b812a76259c33a
http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupscgi1-dev_1.4.1-5ubuntu2.6_i386.deb
Size/MD5: 102998 80bcbfadf15cb8f0b578362352fc461f
http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupscgi1_1.4.1-5ubuntu2.6_i386.deb
Size/MD5: 32872 2cb6e24ce760d286b1e4ce2e7dc9275c
http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsdriver1-dev_1.4.1-5ubuntu2.6_i386.deb
Size/MD5: 90720 5c967305feec17ac2c2715ca3a553263
http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsdriver1_1.4.1-5ubuntu2.6_i386.deb
Size/MD5: 22070 d77fc0c0f4db9f7e907f658be56f9c42
http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsimage2-dev_1.4.1-5ubuntu2.6_i386.deb
Size/MD5: 60316 88f1d9c994bfc4ac28381aa8ca28585e
http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsimage2_1.4.1-5ubuntu2.6_i386.deb
Size/MD5: 52414 b8598a149d3a8f8b3d0cb79f12633dea
http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsmime1-dev_1.4.1-5ubuntu2.6_i386.deb
Size/MD5: 81432 e2eba2bb5cd587421404445bf4cb3c36
http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsmime1_1.4.1-5ubuntu2.6_i386.deb
Size/MD5: 15202 531427f9f7e56220142b4e51233daf01
http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsppdc1-dev_1.4.1-5ubuntu2.6_i386.deb
Size/MD5: 141908 70047df2efe6271a7f0fe81be26e898b
http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsppdc1_1.4.1-5ubuntu2.6_i386.deb
Size/MD5: 61440 287af16b51cbf417374964ce1faaa9a0
http://security.ubuntu.com/ubuntu/pool/universe/c/cups/cups-ppdc_1.4.1-5ubuntu2.6_i386.deb
Size/MD5: 32818 67c42e8a46deb780a4ea43679a8f7b1b
lpia architecture (Low Power Intel Architecture):
http://ports.ubuntu.com/pool/main/c/cups/cups-bsd_1.4.1-5ubuntu2.6_lpia.deb
Size/MD5: 35444 43e9a036f2cb42db2e2894edfef0afda
http://ports.ubuntu.com/pool/main/c/cups/cups-client_1.4.1-5ubuntu2.6_lpia.deb
Size/MD5: 115172 a7a25b4d3d2c988a06dee38802fd2e0b
http://ports.ubuntu.com/pool/main/c/cups/cups-dbg_1.4.1-5ubuntu2.6_lpia.deb
Size/MD5: 89146 d45d7185a76bd44f3e11a2f52b87f1fd
http://ports.ubuntu.com/pool/main/c/cups/cups_1.4.1-5ubuntu2.6_lpia.deb
Size/MD5: 1865278 622d02b7fdcfd8ad0c7ab5e4758dc29c
http://ports.ubuntu.com/pool/main/c/cups/libcups2-dev_1.4.1-5ubuntu2.6_lpia.deb
Size/MD5: 197074 b109e960fb1cfd95ecc65cdcb106bc97
http://ports.ubuntu.com/pool/main/c/cups/libcups2_1.4.1-5ubuntu2.6_lpia.deb
Size/MD5: 212098 185440c848f158c3f1ea8a00096454e6
http://ports.ubuntu.com/pool/main/c/cups/libcupscgi1-dev_1.4.1-5ubuntu2.6_lpia.deb
Size/MD5: 102282 ff45f4229a289f1d3a5eadf0dfa1f6d7
http://ports.ubuntu.com/pool/main/c/cups/libcupscgi1_1.4.1-5ubuntu2.6_lpia.deb
Size/MD5: 32662 51fff11adcbf03ff5c6c4344231f40f4
http://ports.ubuntu.com/pool/main/c/cups/libcupsdriver1-dev_1.4.1-5ubuntu2.6_lpia.deb
Size/MD5: 90140 2025394e060c7ac4135fb3197c82e2aa
http://ports.ubuntu.com/pool/main/c/cups/libcupsdriver1_1.4.1-5ubuntu2.6_lpia.deb
Size/MD5: 21772 94c88b2f892a3ca17071da2e1d3f57de
http://ports.ubuntu.com/pool/main/c/cups/libcupsimage2-dev_1.4.1-5ubuntu2.6_lpia.deb
Size/MD5: 59952 b6e1c63ff6dcf6fae5ddf41e83bf2b39
http://ports.ubuntu.com/pool/main/c/cups/libcupsimage2_1.4.1-5ubuntu2.6_lpia.deb
Size/MD5: 52580 2733ad91569bb1b7018966ac2316d6b3
http://ports.ubuntu.com/pool/main/c/cups/libcupsmime1-dev_1.4.1-5ubuntu2.6_lpia.deb
Size/MD5: 81372 71e31f4d06b1de5ede2c8186e60292fb
http://ports.ubuntu.com/pool/main/c/cups/libcupsmime1_1.4.1-5ubuntu2.6_lpia.deb
Size/MD5: 15308 f81a0425d623423089f99b429a15e916
http://ports.ubuntu.com/pool/main/c/cups/libcupsppdc1-dev_1.4.1-5ubuntu2.6_lpia.deb
Size/MD5: 142212 ec10060804a0e9747a65322cdb456ea0
http://ports.ubuntu.com/pool/main/c/cups/libcupsppdc1_1.4.1-5ubuntu2.6_lpia.deb
Size/MD5: 62670 e9f0de51cdf2665eaeb9699f4440d4b3
http://ports.ubuntu.com/pool/universe/c/cups/cups-ppdc_1.4.1-5ubuntu2.6_lpia.deb
Size/MD5: 33272 5cb032354f73c1f3b549b9bf4ba034b3
powerpc architecture (Apple Macintosh G3/G4/G5):
http://ports.ubuntu.com/pool/main/c/cups/cups-bsd_1.4.1-5ubuntu2.6_powerpc.deb
Size/MD5: 37002 98296fbdb2c48a660ec17b0c4a4f3c90
http://ports.ubuntu.com/pool/main/c/cups/cups-client_1.4.1-5ubuntu2.6_powerpc.deb
Size/MD5: 121666 bba9834fa00e775df09cf0f0488f7f9a
http://ports.ubuntu.com/pool/main/c/cups/cups-dbg_1.4.1-5ubuntu2.6_powerpc.deb
Size/MD5: 89800 d19794e77bb85ad268c3d2bc2bfa1f31
http://ports.ubuntu.com/pool/main/c/cups/cups_1.4.1-5ubuntu2.6_powerpc.deb
Size/MD5: 1931086 acb1d07a0d0a2dc17fba7683ec52e16b
http://ports.ubuntu.com/pool/main/c/cups/libcups2-dev_1.4.1-5ubuntu2.6_powerpc.deb
Size/MD5: 203926 83542c3ef9602299bfb8302ed77290e7
http://ports.ubuntu.com/pool/main/c/cups/libcups2_1.4.1-5ubuntu2.6_powerpc.deb
Size/MD5: 224070 6ed170661f54e7fa50f61a69a904ec21
http://ports.ubuntu.com/pool/main/c/cups/libcupscgi1-dev_1.4.1-5ubuntu2.6_powerpc.deb
Size/MD5: 103042 8966b98ea957fbb8b92a4678317fddae
http://ports.ubuntu.com/pool/main/c/cups/libcupscgi1_1.4.1-5ubuntu2.6_powerpc.deb
Size/MD5: 35072 b1aa40b4d141f00000864f0a87a795f3
http://ports.ubuntu.com/pool/main/c/cups/libcupsdriver1-dev_1.4.1-5ubuntu2.6_powerpc.deb
Size/MD5: 89920 f1f371d9914166ec1af92bf5706253f0
http://ports.ubuntu.com/pool/main/c/cups/libcupsdriver1_1.4.1-5ubuntu2.6_powerpc.deb
Size/MD5: 22332 87366d86919da7b07046b73a1b276471
http://ports.ubuntu.com/pool/main/c/cups/libcupsimage2-dev_1.4.1-5ubuntu2.6_powerpc.deb
Size/MD5: 60622 d5dfb6d846e1b6f3935071d78da667ba
http://ports.ubuntu.com/pool/main/c/cups/libcupsimage2_1.4.1-5ubuntu2.6_powerpc.deb
Size/MD5: 55370 b598355d538a5202a38c1286b8cf9cb8
http://ports.ubuntu.com/pool/main/c/cups/libcupsmime1-dev_1.4.1-5ubuntu2.6_powerpc.deb
Size/MD5: 81882 96dca3856de634bbd9596a6fc7afa9c6
http://ports.ubuntu.com/pool/main/c/cups/libcupsmime1_1.4.1-5ubuntu2.6_powerpc.deb
Size/MD5: 15792 ada89970388879b889ce3ce23f0786e9
http://ports.ubuntu.com/pool/main/c/cups/libcupsppdc1-dev_1.4.1-5ubuntu2.6_powerpc.deb
Size/MD5: 141460 54b03efb38851fc77a7c32217d89a838
http://ports.ubuntu.com/pool/main/c/cups/libcupsppdc1_1.4.1-5ubuntu2.6_powerpc.deb
Size/MD5: 64954 75bb84b2f2aed56705323657a98c94c6
http://ports.ubuntu.com/pool/universe/c/cups/cups-ppdc_1.4.1-5ubuntu2.6_powerpc.deb
Size/MD5: 34788 3b21946edb4a3f5b5a53941a97c7902b
sparc architecture (Sun SPARC/UltraSPARC):
http://ports.ubuntu.com/pool/main/c/cups/cups-bsd_1.4.1-5ubuntu2.6_sparc.deb
Size/MD5: 36050 40e9f13fcb68ae0f7b780ddffa930569
http://ports.ubuntu.com/pool/main/c/cups/cups-client_1.4.1-5ubuntu2.6_sparc.deb
Size/MD5: 117802 69758c023939b53c735884c8bb3da729
http://ports.ubuntu.com/pool/main/c/cups/cups-dbg_1.4.1-5ubuntu2.6_sparc.deb
Size/MD5: 89654 d38e699a47d22475311fbc9f72835462
http://ports.ubuntu.com/pool/main/c/cups/cups_1.4.1-5ubuntu2.6_sparc.deb
Size/MD5: 1954398 385300918a21dc44de8f253ee2f28eaf
http://ports.ubuntu.com/pool/main/c/cups/libcups2-dev_1.4.1-5ubuntu2.6_sparc.deb
Size/MD5: 201862 dcf93f4fd26767ca13dd8562244fcf1b
http://ports.ubuntu.com/pool/main/c/cups/libcups2_1.4.1-5ubuntu2.6_sparc.deb
Size/MD5: 211164 700260b08f51811acc2a051b24378125
http://ports.ubuntu.com/pool/main/c/cups/libcupscgi1-dev_1.4.1-5ubuntu2.6_sparc.deb
Size/MD5: 104686 dea3e49233b35c05ceb73d2c6cb377c2
http://ports.ubuntu.com/pool/main/c/cups/libcupscgi1_1.4.1-5ubuntu2.6_sparc.deb
Size/MD5: 32990 05ea0b382be4213b3a5a56cea510f2ef
http://ports.ubuntu.com/pool/main/c/cups/libcupsdriver1-dev_1.4.1-5ubuntu2.6_sparc.deb
Size/MD5: 90114 8e30914034d660780c8023500e6ffc3f
http://ports.ubuntu.com/pool/main/c/cups/libcupsdriver1_1.4.1-5ubuntu2.6_sparc.deb
Size/MD5: 21388 3924468f70aa5cd4ba7000414fdf0688
http://ports.ubuntu.com/pool/main/c/cups/libcupsimage2-dev_1.4.1-5ubuntu2.6_sparc.deb
Size/MD5: 58154 093eb825804bc6d172335e1a73f9afb6
http://ports.ubuntu.com/pool/main/c/cups/libcupsimage2_1.4.1-5ubuntu2.6_sparc.deb
Size/MD5: 50288 47b1de9dede6755e934512df997031d9
http://ports.ubuntu.com/pool/main/c/cups/libcupsmime1-dev_1.4.1-5ubuntu2.6_sparc.deb
Size/MD5: 80642 f0c36f2b152a9c5834f871a9e3ba534a
http://ports.ubuntu.com/pool/main/c/cups/libcupsmime1_1.4.1-5ubuntu2.6_sparc.deb
Size/MD5: 14382 74976d5c3d9d2e5f84c63b3d95df8dad
http://ports.ubuntu.com/pool/main/c/cups/libcupsppdc1-dev_1.4.1-5ubuntu2.6_sparc.deb
Size/MD5: 144596 8c8e872d9a7fc3461cd3295c47c46da4
http://ports.ubuntu.com/pool/main/c/cups/libcupsppdc1_1.4.1-5ubuntu2.6_sparc.deb
Size/MD5: 61448 f654d799a55faf5c5bbbc6d111d17e0e
http://ports.ubuntu.com/pool/universe/c/cups/cups-ppdc_1.4.1-5ubuntu2.6_sparc.deb
Size/MD5: 33862 426ade2e9fa86473091f0722f60b2e3a
Updated packages for Ubuntu 10.04:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups_1.4.3-1ubuntu1.2.diff.gz
Size/MD5: 496671 585b5a839d9ec546a9534330a76c0964
http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups_1.4.3-1ubuntu1.2.dsc
Size/MD5: 2273 167a7ea0e055786fe2e5f74c03b92294
http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups_1.4.3.orig.tar.gz
Size/MD5: 5367387 947aefd4849d0da93b5a8a99673f62b2
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-common_1.4.3-1ubuntu1.2_all.deb
Size/MD5: 1463434 ab433df67ddd32bf49adbe3e16ba82c4
http://security.ubuntu.com/ubuntu/pool/main/c/cups/cupsys-dbg_1.4.3-1ubuntu1.2_all.deb
Size/MD5: 73442 8dad2edf6d46f76dcb52db201016947d
http://security.ubuntu.com/ubuntu/pool/universe/c/cups/cupsddk_1.4.3-1ubuntu1.2_all.deb
Size/MD5: 73402 db5a399abfcb69136bdd86554d1ab636
http://security.ubuntu.com/ubuntu/pool/universe/c/cups/cupsys-bsd_1.4.3-1ubuntu1.2_all.deb
Size/MD5: 73432 9fb3a058c65da62706a80d9484010eef
http://security.ubuntu.com/ubuntu/pool/universe/c/cups/cupsys-client_1.4.3-1ubuntu1.2_all.deb
Size/MD5: 73438 dab3b5e2ff47294536789a858bb9a3b3
http://security.ubuntu.com/ubuntu/pool/universe/c/cups/cupsys-common_1.4.3-1ubuntu1.2_all.deb
Size/MD5: 4552 e0c4a0047f7ec0268315afaa85caf9b0
http://security.ubuntu.com/ubuntu/pool/universe/c/cups/cupsys_1.4.3-1ubuntu1.2_all.deb
Size/MD5: 73424 ced4b61fab69b55277de4b5a29b7017d
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-bsd_1.4.3-1ubuntu1.2_amd64.deb
Size/MD5: 44774 d9e37725367f31858091bdf5b168d881
http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-client_1.4.3-1ubuntu1.2_amd64.deb
Size/MD5: 140618 94b07ecdeac71ffd4ccd6417ba744a98
http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-dbg_1.4.3-1ubuntu1.2_amd64.deb
Size/MD5: 93886 7a2163f56c74b490b1c1a3a6c10d0cf4
http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups_1.4.3-1ubuntu1.2_amd64.deb
Size/MD5: 1973830 125e1409b54622ebcd8c0557efc004ab
http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcups2-dev_1.4.3-1ubuntu1.2_amd64.deb
Size/MD5: 212968 d6ab1b998818ba99f18b1e633666c13f
http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcups2_1.4.3-1ubuntu1.2_amd64.deb
Size/MD5: 223550 2c887f725f30a5e1d9aa2c20d6268337
http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupscgi1-dev_1.4.3-1ubuntu1.2_amd64.deb
Size/MD5: 107780 ec510ebb54127d6567d5b585321733d4
http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupscgi1_1.4.3-1ubuntu1.2_amd64.deb
Size/MD5: 33114 5ccf1df923f97a7ab3f0dcb56f9c7294
http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsdriver1-dev_1.4.3-1ubuntu1.2_amd64.deb
Size/MD5: 94168 f3fb3af8004fcb81ef04220e6a66d7f2
http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsdriver1_1.4.3-1ubuntu1.2_amd64.deb
Size/MD5: 22086 cf810510c3b376d69b13f37398aacc1a
http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsimage2-dev_1.4.3-1ubuntu1.2_amd64.deb
Size/MD5: 61438 882621ff9d056e9ac830ea5627bc0c93
http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsimage2_1.4.3-1ubuntu1.2_amd64.deb
Size/MD5: 53094 09ed3cb267e2e3b8bcbe208ea7a0ad02
http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsmime1-dev_1.4.3-1ubuntu1.2_amd64.deb
Size/MD5: 85296 3557d7e7ba9cdc196a6040eea6cd7272
http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsmime1_1.4.3-1ubuntu1.2_amd64.deb
Size/MD5: 15444 ea9e1ce52141169dd6c64f2633c195a4
http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsppdc1-dev_1.4.3-1ubuntu1.2_amd64.deb
Size/MD5: 147096 e85555341ed2031d26c921dc77ed7503
http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsppdc1_1.4.3-1ubuntu1.2_amd64.deb
Size/MD5: 59990 9ba72110aead42b48c679562e4b55af0
http://security.ubuntu.com/ubuntu/pool/universe/c/cups/cups-ppdc_1.4.3-1ubuntu1.2_amd64.deb
Size/MD5: 34596 3d41e6ee5ab5bc0abd355c5625c36091
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-bsd_1.4.3-1ubuntu1.2_i386.deb
Size/MD5: 43346 6de1a8c71528e1ec1014a5331309e8bd
http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-client_1.4.3-1ubuntu1.2_i386.deb
Size/MD5: 135836 9bee4520bf4ca64466a08a51b426088a
http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-dbg_1.4.3-1ubuntu1.2_i386.deb
Size/MD5: 92978 9397ab013a3ee9f18378b30b40d924ce
http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups_1.4.3-1ubuntu1.2_i386.deb
Size/MD5: 1928108 558ae105b117bd0ba98580b0db10de45
http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcups2-dev_1.4.3-1ubuntu1.2_i386.deb
Size/MD5: 202544 8bcf1d8fcafe878a6c3728ea448966e5
http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcups2_1.4.3-1ubuntu1.2_i386.deb
Size/MD5: 217726 7d8eddc54dc065a4a7d277c908e83f3e
http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupscgi1-dev_1.4.3-1ubuntu1.2_i386.deb
Size/MD5: 106934 441cd88aabbaa2a57adb57daebfd13c1
http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupscgi1_1.4.3-1ubuntu1.2_i386.deb
Size/MD5: 32950 fe896ca272249efb52cc3325c959b956
http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsdriver1-dev_1.4.3-1ubuntu1.2_i386.deb
Size/MD5: 94304 20dd13df8749e1e3b17053288b768146
http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsdriver1_1.4.3-1ubuntu1.2_i386.deb
Size/MD5: 21780 8c493eed360e1c996dacf20a993a4457
http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsimage2-dev_1.4.3-1ubuntu1.2_i386.deb
Size/MD5: 60196 8937ce7e76d479a3be672ed8287a7675
http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsimage2_1.4.3-1ubuntu1.2_i386.deb
Size/MD5: 52268 ca080db4912f21a37e496999506a4e12
http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsmime1-dev_1.4.3-1ubuntu1.2_i386.deb
Size/MD5: 85238 d9ded4b415c370cff8cf2c1a9c6b403a
http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsmime1_1.4.3-1ubuntu1.2_i386.deb
Size/MD5: 15138 c18676b7afb412704b384d02a9f764a0
http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsppdc1-dev_1.4.3-1ubuntu1.2_i386.deb
Size/MD5: 145604 c3f0c1d386de11db2c83b29ce61d747e
http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsppdc1_1.4.3-1ubuntu1.2_i386.deb
Size/MD5: 61266 9350be23632e0bb41bacdf493916f1e5
http://security.ubuntu.com/ubuntu/pool/universe/c/cups/cups-ppdc_1.4.3-1ubuntu1.2_i386.deb
Size/MD5: 32894 588a8edd7a8cef5ad2312c6b2a466d41
powerpc architecture (Apple Macintosh G3/G4/G5):
http://ports.ubuntu.com/pool/main/c/cups/cups-bsd_1.4.3-1ubuntu1.2_powerpc.deb
Size/MD5: 44800 b5b282e36f232b95a4221a19c58e4d80
http://ports.ubuntu.com/pool/main/c/cups/cups-client_1.4.3-1ubuntu1.2_powerpc.deb
Size/MD5: 142152 c7959ec969f56a4c8061a9115e3fb9d0
http://ports.ubuntu.com/pool/main/c/cups/cups-dbg_1.4.3-1ubuntu1.2_powerpc.deb
Size/MD5: 93536 31ab6658804a9d5b8e165f7182522792
http://ports.ubuntu.com/pool/main/c/cups/cups_1.4.3-1ubuntu1.2_powerpc.deb
Size/MD5: 1992826 720559a8b6b13a49cb8de64599dc0d0c
http://ports.ubuntu.com/pool/main/c/cups/libcups2-dev_1.4.3-1ubuntu1.2_powerpc.deb
Size/MD5: 206536 c0792eccffa336a078847fc1570f1847
http://ports.ubuntu.com/pool/main/c/cups/libcups2_1.4.3-1ubuntu1.2_powerpc.deb
Size/MD5: 228182 7336ad247af6f88cf383738429859a03
http://ports.ubuntu.com/pool/main/c/cups/libcupscgi1-dev_1.4.3-1ubuntu1.2_powerpc.deb
Size/MD5: 107032 aa51ce9c4d8b97a4be4c4604c1ece7dd
http://ports.ubuntu.com/pool/main/c/cups/libcupscgi1_1.4.3-1ubuntu1.2_powerpc.deb
Size/MD5: 35034 5ad9a33558ab86fe168d1778367f5614
http://ports.ubuntu.com/pool/main/c/cups/libcupsdriver1-dev_1.4.3-1ubuntu1.2_powerpc.deb
Size/MD5: 93706 46fab84fdbe699e3bf89ac4d7a7a5f21
http://ports.ubuntu.com/pool/main/c/cups/libcupsdriver1_1.4.3-1ubuntu1.2_powerpc.deb
Size/MD5: 22244 4427366e73d2ed6b756290bbbe89f33e
http://ports.ubuntu.com/pool/main/c/cups/libcupsimage2-dev_1.4.3-1ubuntu1.2_powerpc.deb
Size/MD5: 60546 b5561e25ff9d7a625079a4a92b97eeeb
http://ports.ubuntu.com/pool/main/c/cups/libcupsimage2_1.4.3-1ubuntu1.2_powerpc.deb
Size/MD5: 55298 7564d5317f23a06dd984e7a011f7d4a3
http://ports.ubuntu.com/pool/main/c/cups/libcupsmime1-dev_1.4.3-1ubuntu1.2_powerpc.deb
Size/MD5: 85702 e50cfac0de465610de321b6a247294ad
http://ports.ubuntu.com/pool/main/c/cups/libcupsmime1_1.4.3-1ubuntu1.2_powerpc.deb
Size/MD5: 15702 b530dc6e40497cdd17cb2eef7fc86f35
http://ports.ubuntu.com/pool/main/c/cups/libcupsppdc1-dev_1.4.3-1ubuntu1.2_powerpc.deb
Size/MD5: 145258 3e1d1f46e3a3a978073cb7134660dca8
http://ports.ubuntu.com/pool/main/c/cups/libcupsppdc1_1.4.3-1ubuntu1.2_powerpc.deb
Size/MD5: 64908 91d9e1374bca739f621f52ff824cb967
http://ports.ubuntu.com/pool/universe/c/cups/cups-ppdc_1.4.3-1ubuntu1.2_powerpc.deb
Size/MD5: 34770 300740d181959eaa050dd38e8d7f5b95
sparc architecture (Sun SPARC/UltraSPARC):
http://ports.ubuntu.com/pool/main/c/cups/cups-bsd_1.4.3-1ubuntu1.2_sparc.deb
Size/MD5: 44076 8e8b983418cfe367c386a581948e62d1
http://ports.ubuntu.com/pool/main/c/cups/cups-client_1.4.3-1ubuntu1.2_sparc.deb
Size/MD5: 140914 b937ab49f26f53b13dbacfa1b1755b5e
http://ports.ubuntu.com/pool/main/c/cups/cups-dbg_1.4.3-1ubuntu1.2_sparc.deb
Size/MD5: 93224 9b81849a723629db064aada33a669605
http://ports.ubuntu.com/pool/main/c/cups/cups_1.4.3-1ubuntu1.2_sparc.deb
Size/MD5: 2042588 76638c4d1cc937a4d3038d6ca56c017c
http://ports.ubuntu.com/pool/main/c/cups/libcups2-dev_1.4.3-1ubuntu1.2_sparc.deb
Size/MD5: 210178 e1f8624cc98825259447a8f3cfccab43
http://ports.ubuntu.com/pool/main/c/cups/libcups2_1.4.3-1ubuntu1.2_sparc.deb
Size/MD5: 220154 d2692b4767b48e7960007762babdfd4d
http://ports.ubuntu.com/pool/main/c/cups/libcupscgi1-dev_1.4.3-1ubuntu1.2_sparc.deb
Size/MD5: 109484 ee657ed269651dad0e97742db63b3fa6
http://ports.ubuntu.com/pool/main/c/cups/libcupscgi1_1.4.3-1ubuntu1.2_sparc.deb
Size/MD5: 33836 49d880a15f6c4c92dc37ef7c9a3e94ed
http://ports.ubuntu.com/pool/main/c/cups/libcupsdriver1-dev_1.4.3-1ubuntu1.2_sparc.deb
Size/MD5: 94740 807e344de7057bf78fdbe6d16c8160fe
http://ports.ubuntu.com/pool/main/c/cups/libcupsdriver1_1.4.3-1ubuntu1.2_sparc.deb
Size/MD5: 22060 285f1d26a014fcaba9c52a8a204f4a8e
http://ports.ubuntu.com/pool/main/c/cups/libcupsimage2-dev_1.4.3-1ubuntu1.2_sparc.deb
Size/MD5: 59236 f2769fd0e05f40416fafb3b8b4e71fd3
http://ports.ubuntu.com/pool/main/c/cups/libcupsimage2_1.4.3-1ubuntu1.2_sparc.deb
Size/MD5: 51354 0dacc2034f6a772bf1a35c4390bd707b
http://ports.ubuntu.com/pool/main/c/cups/libcupsmime1-dev_1.4.3-1ubuntu1.2_sparc.deb
Size/MD5: 84742 42f204443d66552e20b05f431a37c9b6
http://ports.ubuntu.com/pool/main/c/cups/libcupsmime1_1.4.3-1ubuntu1.2_sparc.deb
Size/MD5: 14596 7bc50be13da6d36c7a8b1ef77ea2c64c
http://ports.ubuntu.com/pool/main/c/cups/libcupsppdc1-dev_1.4.3-1ubuntu1.2_sparc.deb
Size/MD5: 150882 f51782127f098c8431b4c08ad9084a08
http://ports.ubuntu.com/pool/main/c/cups/libcupsppdc1_1.4.3-1ubuntu1.2_sparc.deb
Size/MD5: 62864 470e0fe33fae056cb349cba8f291552a
http://ports.ubuntu.com/pool/universe/c/cups/cups-ppdc_1.4.3-1ubuntu1.2_sparc.deb
Size/MD5: 34536 d7f328a90189cac65cda36e18bac2391
Show details on source website
{
"affected_products": {
"_id": null,
"data": [
{
"_id": null,
"model": "mac os x",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "10.6.3"
},
{
"_id": null,
"model": "mac os x",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "10.6.2"
},
{
"_id": null,
"model": "mac os x server",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "10.6.2"
},
{
"_id": null,
"model": "mac os x",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "10.6.1"
},
{
"_id": null,
"model": "mac os x",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "10.5.8"
},
{
"_id": null,
"model": "mac os x server",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "10.6.3"
},
{
"_id": null,
"model": "mac os x server",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "10.6.1"
},
{
"_id": null,
"model": "mac os x server",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "10.5.8"
},
{
"_id": null,
"model": "mac os x",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "10.6.0"
},
{
"_id": null,
"model": "mac os x server",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "10.6.0"
},
{
"_id": null,
"model": "cups",
"scope": "lt",
"trust": 0.8,
"vendor": "cups",
"version": "1.4.4"
},
{
"_id": null,
"model": "mac os x",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "v10.5.8"
},
{
"_id": null,
"model": "mac os x",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "v10.6 to v10.6.3"
},
{
"_id": null,
"model": "mac os x server",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "v10.5.8"
},
{
"_id": null,
"model": "mac os x server",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "v10.6 to v10.6.3"
},
{
"_id": null,
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "oracle",
"version": "11 express"
},
{
"_id": null,
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "3 (x86)"
},
{
"_id": null,
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "3 (x86-64)"
},
{
"_id": null,
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "3.0"
},
{
"_id": null,
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "3.0 (x86-64)"
},
{
"_id": null,
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "4.0"
},
{
"_id": null,
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "4.0 (x86-64)"
},
{
"_id": null,
"model": "turbolinux appliance server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "3.0"
},
{
"_id": null,
"model": "turbolinux appliance server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "3.0 (x64)"
},
{
"_id": null,
"model": "turbolinux client",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "2008"
},
{
"_id": null,
"model": "turbolinux server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "11"
},
{
"_id": null,
"model": "turbolinux server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "11 (x64)"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3 (as)"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3 (es)"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3 (ws)"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 (as)"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 (es)"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 (ws)"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4.8 (as)"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4.8 (es)"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5 (server)"
},
{
"_id": null,
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3.0"
},
{
"_id": null,
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4.0"
},
{
"_id": null,
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5.0 (client)"
},
{
"_id": null,
"model": "rhel desktop workstation",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5 (client)"
},
{
"_id": null,
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "9.10"
},
{
"_id": null,
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "9.10"
},
{
"_id": null,
"model": "linux lpia",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "9.10"
},
{
"_id": null,
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "9.10"
},
{
"_id": null,
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "9.10"
},
{
"_id": null,
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "9.04"
},
{
"_id": null,
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "9.04"
},
{
"_id": null,
"model": "linux lpia",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "9.04"
},
{
"_id": null,
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "9.04"
},
{
"_id": null,
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "9.04"
},
{
"_id": null,
"model": "linux lts sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "8.04"
},
{
"_id": null,
"model": "linux lts powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "8.04"
},
{
"_id": null,
"model": "linux lts lpia",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "8.04"
},
{
"_id": null,
"model": "linux lts i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "8.04"
},
{
"_id": null,
"model": "linux lts amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "8.04"
},
{
"_id": null,
"model": "linux lts sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"_id": null,
"model": "linux lts powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"_id": null,
"model": "linux lts i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"_id": null,
"model": "linux lts amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"_id": null,
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"_id": null,
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"_id": null,
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"_id": null,
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"_id": null,
"model": "solaris express",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "11"
},
{
"_id": null,
"model": "linux x86 64 -current",
"scope": null,
"trust": 0.3,
"vendor": "slackware",
"version": null
},
{
"_id": null,
"model": "linux x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "13.1"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "13.1"
},
{
"_id": null,
"model": "linux -current",
"scope": null,
"trust": 0.3,
"vendor": "slackware",
"version": null
},
{
"_id": null,
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"_id": null,
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"_id": null,
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"_id": null,
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"_id": null,
"model": "enterprise linux desktop workstation client",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"_id": null,
"model": "enterprise linux desktop supplementary client",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"_id": null,
"model": "enterprise linux desktop multi os client",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"_id": null,
"model": "enterprise linux desktop client",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"_id": null,
"model": "enterprise linux as for sap",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"_id": null,
"model": "enterprise linux as extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"_id": null,
"model": "enterprise linux as extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"_id": null,
"model": "enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5.3"
},
{
"_id": null,
"model": "enterprise linux as 4.8.z",
"scope": null,
"trust": 0.3,
"vendor": "redhat",
"version": null
},
{
"_id": null,
"model": "enterprise linux as 4.7.z",
"scope": null,
"trust": 0.3,
"vendor": "redhat",
"version": null
},
{
"_id": null,
"model": "enterprise linux as 4.6.z",
"scope": null,
"trust": 0.3,
"vendor": "redhat",
"version": null
},
{
"_id": null,
"model": "enterprise linux as 4.5.z",
"scope": null,
"trust": 0.3,
"vendor": "redhat",
"version": null
},
{
"_id": null,
"model": "enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"_id": null,
"model": "enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"_id": null,
"model": "enterprise linux desktop version",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"_id": null,
"model": "enterprise linux 5.4.z server",
"scope": null,
"trust": 0.3,
"vendor": "redhat",
"version": null
},
{
"_id": null,
"model": "enterprise linux beta",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5.4"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5.4"
},
{
"_id": null,
"model": "enterprise linux 5.3.z server",
"scope": null,
"trust": 0.3,
"vendor": "redhat",
"version": null
},
{
"_id": null,
"model": "enterprise linux 5.2.z server",
"scope": null,
"trust": 0.3,
"vendor": "redhat",
"version": null
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5.1"
},
{
"_id": null,
"model": "enterprise linux server",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "pardus",
"version": "20090"
},
{
"_id": null,
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2010.1"
},
{
"_id": null,
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2010.1"
},
{
"_id": null,
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2010.0"
},
{
"_id": null,
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2010.0"
},
{
"_id": null,
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2009.0"
},
{
"_id": null,
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2009.0"
},
{
"_id": null,
"model": "enterprise server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "5"
},
{
"_id": null,
"model": "enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "5"
},
{
"_id": null,
"model": "corporate server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "4.0"
},
{
"_id": null,
"model": "corporate server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "4.0"
},
{
"_id": null,
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"_id": null,
"model": "software products cups",
"scope": "eq",
"trust": 0.3,
"vendor": "easy",
"version": "1.4.2"
},
{
"_id": null,
"model": "software products cups",
"scope": "eq",
"trust": 0.3,
"vendor": "easy",
"version": "1.4.1"
},
{
"_id": null,
"model": "software products cups",
"scope": "eq",
"trust": 0.3,
"vendor": "easy",
"version": "1.3.10"
},
{
"_id": null,
"model": "software products cups",
"scope": "eq",
"trust": 0.3,
"vendor": "easy",
"version": "1.3.9"
},
{
"_id": null,
"model": "software products cups",
"scope": "eq",
"trust": 0.3,
"vendor": "easy",
"version": "1.3.8"
},
{
"_id": null,
"model": "software products cups",
"scope": "eq",
"trust": 0.3,
"vendor": "easy",
"version": "1.3.7"
},
{
"_id": null,
"model": "software products cups",
"scope": "eq",
"trust": 0.3,
"vendor": "easy",
"version": "1.3.6"
},
{
"_id": null,
"model": "software products cups",
"scope": "eq",
"trust": 0.3,
"vendor": "easy",
"version": "1.3.5"
},
{
"_id": null,
"model": "software products cups",
"scope": "eq",
"trust": 0.3,
"vendor": "easy",
"version": "1.3.3"
},
{
"_id": null,
"model": "software products cups",
"scope": "eq",
"trust": 0.3,
"vendor": "easy",
"version": "1.3.2"
},
{
"_id": null,
"model": "software products cups",
"scope": "eq",
"trust": 0.3,
"vendor": "easy",
"version": "1.2.12"
},
{
"_id": null,
"model": "software products cups",
"scope": "eq",
"trust": 0.3,
"vendor": "easy",
"version": "1.2.10"
},
{
"_id": null,
"model": "software products cups",
"scope": "eq",
"trust": 0.3,
"vendor": "easy",
"version": "1.2.9"
},
{
"_id": null,
"model": "software products cups",
"scope": "eq",
"trust": 0.3,
"vendor": "easy",
"version": "1.2.8"
},
{
"_id": null,
"model": "software products cups",
"scope": "eq",
"trust": 0.3,
"vendor": "easy",
"version": "1.2.4"
},
{
"_id": null,
"model": "software products cups",
"scope": "eq",
"trust": 0.3,
"vendor": "easy",
"version": "1.2.2"
},
{
"_id": null,
"model": "software products cups rc1",
"scope": "eq",
"trust": 0.3,
"vendor": "easy",
"version": "1.1.23"
},
{
"_id": null,
"model": "software products cups",
"scope": "eq",
"trust": 0.3,
"vendor": "easy",
"version": "1.1.23"
},
{
"_id": null,
"model": "software products cups rc1",
"scope": "eq",
"trust": 0.3,
"vendor": "easy",
"version": "1.1.22"
},
{
"_id": null,
"model": "software products cups",
"scope": "eq",
"trust": 0.3,
"vendor": "easy",
"version": "1.1.22"
},
{
"_id": null,
"model": "software products cups",
"scope": "eq",
"trust": 0.3,
"vendor": "easy",
"version": "1.1.21"
},
{
"_id": null,
"model": "software products cups",
"scope": "eq",
"trust": 0.3,
"vendor": "easy",
"version": "1.1.20"
},
{
"_id": null,
"model": "software products cups rc5",
"scope": "eq",
"trust": 0.3,
"vendor": "easy",
"version": "1.1.19"
},
{
"_id": null,
"model": "software products cups",
"scope": "eq",
"trust": 0.3,
"vendor": "easy",
"version": "1.1.19"
},
{
"_id": null,
"model": "software products cups",
"scope": "eq",
"trust": 0.3,
"vendor": "easy",
"version": "1.1.18"
},
{
"_id": null,
"model": "software products cups",
"scope": "eq",
"trust": 0.3,
"vendor": "easy",
"version": "1.1.17"
},
{
"_id": null,
"model": "software products cups",
"scope": "eq",
"trust": 0.3,
"vendor": "easy",
"version": "1.1.16"
},
{
"_id": null,
"model": "software products cups",
"scope": "eq",
"trust": 0.3,
"vendor": "easy",
"version": "1.1.15"
},
{
"_id": null,
"model": "software products cups",
"scope": "eq",
"trust": 0.3,
"vendor": "easy",
"version": "1.1.14"
},
{
"_id": null,
"model": "software products cups",
"scope": "eq",
"trust": 0.3,
"vendor": "easy",
"version": "1.1.13"
},
{
"_id": null,
"model": "software products cups",
"scope": "eq",
"trust": 0.3,
"vendor": "easy",
"version": "1.1.12"
},
{
"_id": null,
"model": "software products cups",
"scope": "eq",
"trust": 0.3,
"vendor": "easy",
"version": "1.1.10"
},
{
"_id": null,
"model": "software products cups",
"scope": "eq",
"trust": 0.3,
"vendor": "easy",
"version": "1.1.7"
},
{
"_id": null,
"model": "software products cups",
"scope": "eq",
"trust": 0.3,
"vendor": "easy",
"version": "1.1.6"
},
{
"_id": null,
"model": "software products cups",
"scope": "eq",
"trust": 0.3,
"vendor": "easy",
"version": "1.1.4-5"
},
{
"_id": null,
"model": "software products cups",
"scope": "eq",
"trust": 0.3,
"vendor": "easy",
"version": "1.1.4-3"
},
{
"_id": null,
"model": "software products cups",
"scope": "eq",
"trust": 0.3,
"vendor": "easy",
"version": "1.1.4-2"
},
{
"_id": null,
"model": "software products cups",
"scope": "eq",
"trust": 0.3,
"vendor": "easy",
"version": "1.1.4"
},
{
"_id": null,
"model": "software products cups",
"scope": "eq",
"trust": 0.3,
"vendor": "easy",
"version": "1.1.1"
},
{
"_id": null,
"model": "software products cups",
"scope": "eq",
"trust": 0.3,
"vendor": "easy",
"version": "1.0.4-8"
},
{
"_id": null,
"model": "software products cups",
"scope": "eq",
"trust": 0.3,
"vendor": "easy",
"version": "1.0.4"
},
{
"_id": null,
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"_id": null,
"model": "linux s/390",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"_id": null,
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"_id": null,
"model": "linux mipsel",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"_id": null,
"model": "linux mips",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"_id": null,
"model": "linux m68k",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"_id": null,
"model": "linux ia-64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"_id": null,
"model": "linux ia-32",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"_id": null,
"model": "linux hppa",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"_id": null,
"model": "linux armel",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"_id": null,
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"_id": null,
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"_id": null,
"model": "linux alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"_id": null,
"model": "proactive contact",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.1.2"
},
{
"_id": null,
"model": "proactive contact",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.1.1"
},
{
"_id": null,
"model": "proactive contact",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.1"
},
{
"_id": null,
"model": "proactive contact",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.0"
},
{
"_id": null,
"model": "messaging storage server mm3.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"_id": null,
"model": "messaging storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"_id": null,
"model": "messaging storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.1"
},
{
"_id": null,
"model": "messaging storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.0"
},
{
"_id": null,
"model": "messaging storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.0"
},
{
"_id": null,
"model": "messaging storage server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"_id": null,
"model": "messaging storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"_id": null,
"model": "messaging storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"_id": null,
"model": "messaging storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.0"
},
{
"_id": null,
"model": "messaging storage server",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"_id": null,
"model": "message networking mn",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"_id": null,
"model": "message networking",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"_id": null,
"model": "message networking",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"_id": null,
"model": "message networking",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"_id": null,
"model": "iq",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.1"
},
{
"_id": null,
"model": "iq",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5"
},
{
"_id": null,
"model": "intuity audix lx r1.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"_id": null,
"model": "intuity audix lx sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"_id": null,
"model": "intuity audix lx sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"_id": null,
"model": "intuity audix lx",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"_id": null,
"model": "intuity audix lx",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.0"
},
{
"_id": null,
"model": "intuity audix",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"_id": null,
"model": "aura system manager sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"_id": null,
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.0"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.3"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.2"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.1"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.8"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.7"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.6"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.5"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.4"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.3"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.2"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.1"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.3"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.2"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.1"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.8"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.7"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.6"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.5"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.4"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.3"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.2"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.1"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5"
},
{
"_id": null,
"model": "software products cups",
"scope": "ne",
"trust": 0.3,
"vendor": "easy",
"version": "1.4.4"
},
{
"_id": null,
"model": "mac os server",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.4"
},
{
"_id": null,
"model": "mac os",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.4"
}
],
"sources": [
{
"db": "BID",
"id": "40889"
},
{
"db": "CNNVD",
"id": "CNNVD-201006-280"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001645"
},
{
"db": "NVD",
"id": "CVE-2010-0540"
}
]
},
"configurations": {
"_id": null,
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:cups:cups",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:apple:mac_os_x",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:apple:mac_os_x_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:oracle:solaris",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:misc:miraclelinux_asianux_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:turbolinux:turbolinux_appliance_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:turbolinux:turbolinux_client",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:turbolinux:turbolinux_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:redhat:enterprise_linux",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:redhat:enterprise_linux_desktop",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:redhat:rhel_desktop_workstation",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2010-001645"
}
]
},
"credits": {
"_id": null,
"data": "Apple; Adrian \u0027pagvac\u0027 Pastor of GNUCITIZEN, and Tim Starling; Tim Waugh; Luca Carettoni; Michi Ruepp of pianobakery.com; Clint Ruoho of Laconic Security; Kevin Finisterre of digitalmunition.com; MIT Kerberos Team; Joel Johnson, Debian, Brian Almeida; Emm",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201006-280"
}
],
"trust": 0.6
},
"cve": "CVE-2010-0540",
"cvss": {
"_id": null,
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 6.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 6.8,
"id": "CVE-2010-0540",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 6.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 6.8,
"id": "VHN-43145",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:S/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2010-0540",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2010-0540",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-201006-280",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-43145",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-43145"
},
{
"db": "CNNVD",
"id": "CNNVD-201006-280"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001645"
},
{
"db": "NVD",
"id": "CVE-2010-0540"
}
]
},
"description": {
"_id": null,
"data": "Cross-site request forgery (CSRF) vulnerability in the web interface in CUPS before 1.4.4, as used on Apple Mac OS X 10.5.8, Mac OS X 10.6 before 10.6.4, and other platforms, allows remote attackers to hijack the authentication of administrators for requests that change settings. CUPS is prone to a cross-site request-forgery vulnerability. This issue affects the CUPS web interface component. \nAttackers can exploit this issue to perform certain administrative actions and gain unauthorized access to the affected application. \nNOTE: This issue was previously covered in BID 40871 (Apple Mac OS X Prior to 10.6.4 Multiple Security Vulnerabilities), but has been given its own record to better document it. Apple Mac OS X is the operating system used by Apple family computers, and Font Book is a font management tool included in Mac OS X. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n- -------------------------------------------------------------------------\nDebian Security Advisory DSA-2176-1 security@debian.org\nhttp://www.debian.org/security/ Moritz Muehlenhoff\nMarch 02, 2011 http://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : cups\nVulnerability : several\nProblem type : remote\nDebian-specific: no\nCVE ID : CVE-2008-5183 CVE-2009-3553 CVE-2010-0540 CVE-2010-0542 CVE-2010-1748 CVE-2010-2431 CVE-2010-2432 CVE-2010-2941\n\nSeveral vulnerabilities have been discovered in the Common UNIX Printing\nSystem:\n\nCVE-2008-5183\n\n A null pointer dereference in RSS job completion notifications\n could lead to denial of service. \n\nCVE-2009-3553\n\n It was discovered that incorrect file descriptor handling\n could lead to denial of service. \n\nCVE-2010-0540\n\n A cross-site request forgery vulnerability was discovered in\n the web interface. \n\nCVE-2010-0542\n\n Incorrect memory management in the filter subsystem could lead\n to denial of service. \n \nCVE-2010-2431\n \n Emmanuel Bouillon discovered a symlink vulnerability in handling\n of cache files. \n\nCVE-2010-2432\n\n Denial of service in the authentication code. \n\nCVE-2010-2941\n\n Incorrect memory management in the IPP code could lead to denial\n of service or the execution of arbitrary code. \n\nFor the oldstable distribution (lenny), this problem has been fixed in\nversion 1.3.8-1+lenny9. \n\nThe stable distribution (squeeze) and the unstable distribution (sid)\nhad already been fixed prior to the initial Squeeze release. \n\nWe recommend that you upgrade your cups packages. \n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: http://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.10 (GNU/Linux)\n\niEYEARECAAYFAk1tgPIACgkQXm3vHE4uyloDXQCgxy/m5yHvjnIopjEdPcmdzIW5\nHaAAn1r6v/N27Y5g5O4vudCQgLt7uBPx\n=j7wC\n-----END PGP SIGNATURE-----\n\n_______________________________________________\nFull-Disclosure - We believe in it. \nCharter: http://lists.grok.org.uk/full-disclosure-charter.html\nHosted and sponsored by Secunia - http://secunia.com/\n. \n \n Packages for 2009.0 are provided as of the Extended Maintenance\n Program. Please visit this link to learn more:\n http://store.mandriva.com/product_info.php?cPath=149\u0026products_id=490\n \n The updated packages have been patched to correct these issues. \n _______________________________________________________________________\n\n References:\n\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0540\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0542\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1748\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2431\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2941\n _______________________________________________________________________\n\n Updated Packages:\n\n Mandriva Linux 2009.0:\n f659df34ee2b206427a38cefbca99cc2 2009.0/i586/cups-1.3.10-0.4mdv2009.0.i586.rpm\n 1b92d2762a23b983f0da6ed527c9cee8 2009.0/i586/cups-common-1.3.10-0.4mdv2009.0.i586.rpm\n a0719dfedbcce4ca02b8f1d69250c67b 2009.0/i586/cups-serial-1.3.10-0.4mdv2009.0.i586.rpm\n 130c8d5b44e513e52d6d40fc22974139 2009.0/i586/libcups2-1.3.10-0.4mdv2009.0.i586.rpm\n 06d0f7f3754246e67ff100ee3e15a6c2 2009.0/i586/libcups2-devel-1.3.10-0.4mdv2009.0.i586.rpm\n 7179976e3a7490deced5374723453065 2009.0/i586/php-cups-1.3.10-0.4mdv2009.0.i586.rpm \n d457f260b56c65d119f3f4577a7dc90f 2009.0/SRPMS/cups-1.3.10-0.4mdv2009.0.src.rpm\n\n Mandriva Linux 2009.0/X86_64:\n 109c1f41b21fbb8e2c97aaeafae1340a 2009.0/x86_64/cups-1.3.10-0.4mdv2009.0.x86_64.rpm\n d0fca9c94c5269fec27a31086c399145 2009.0/x86_64/cups-common-1.3.10-0.4mdv2009.0.x86_64.rpm\n 4ff96778ae90f228ef99d94487d87f77 2009.0/x86_64/cups-serial-1.3.10-0.4mdv2009.0.x86_64.rpm\n 3f0127d51b2cdc9bf661e9de91b52f39 2009.0/x86_64/lib64cups2-1.3.10-0.4mdv2009.0.x86_64.rpm\n 473bdbea1f1379fc46f0523ab5a91e92 2009.0/x86_64/lib64cups2-devel-1.3.10-0.4mdv2009.0.x86_64.rpm\n 6d720a64deac48ca276266bb6895f72d 2009.0/x86_64/php-cups-1.3.10-0.4mdv2009.0.x86_64.rpm \n d457f260b56c65d119f3f4577a7dc90f 2009.0/SRPMS/cups-1.3.10-0.4mdv2009.0.src.rpm\n\n Mandriva Linux 2010.0:\n b896bb55528f9b3f7329bdefbd06e907 2010.0/i586/cups-1.4.1-12.2mdv2010.0.i586.rpm\n 9915c592984b953fc97caeaff6adfd51 2010.0/i586/cups-common-1.4.1-12.2mdv2010.0.i586.rpm\n 9301ef3c2f510317064d543603ce2093 2010.0/i586/cups-serial-1.4.1-12.2mdv2010.0.i586.rpm\n 30b760a74bfe1338139c810e727321c0 2010.0/i586/libcups2-1.4.1-12.2mdv2010.0.i586.rpm\n d6bb4b1902321d01065f5523fe8b8bd1 2010.0/i586/libcups2-devel-1.4.1-12.2mdv2010.0.i586.rpm\n 1e9b384c4ca7bfdd0a5294662e167cbb 2010.0/i586/php-cups-1.4.1-12.2mdv2010.0.i586.rpm \n a3ade5cdca9098f024c821f02e2497d1 2010.0/SRPMS/cups-1.4.1-12.2mdv2010.0.src.rpm\n\n Mandriva Linux 2010.0/X86_64:\n b85a2eb58e0321e8bbe9f0db0b67b270 2010.0/x86_64/cups-1.4.1-12.2mdv2010.0.x86_64.rpm\n c3e5f2aaab48b3569af9adc0fe066e36 2010.0/x86_64/cups-common-1.4.1-12.2mdv2010.0.x86_64.rpm\n 8cae31ce49c4d45093a09aab4317c452 2010.0/x86_64/cups-serial-1.4.1-12.2mdv2010.0.x86_64.rpm\n 330e6c0d2fb1c00c63ac3750b0e3044a 2010.0/x86_64/lib64cups2-1.4.1-12.2mdv2010.0.x86_64.rpm\n bc7348bba4476c16c35e651b9826431c 2010.0/x86_64/lib64cups2-devel-1.4.1-12.2mdv2010.0.x86_64.rpm\n cc0081d5748a4e538b1154e110eb74ea 2010.0/x86_64/php-cups-1.4.1-12.2mdv2010.0.x86_64.rpm \n a3ade5cdca9098f024c821f02e2497d1 2010.0/SRPMS/cups-1.4.1-12.2mdv2010.0.src.rpm\n\n Mandriva Enterprise Server 5:\n 27242832f57d843a6e96f7be948060f7 mes5/i586/cups-1.3.10-0.4mdvmes5.1.i586.rpm\n c68061ebd7157579308ba9e3c0a0e988 mes5/i586/cups-common-1.3.10-0.4mdvmes5.1.i586.rpm\n 2a06820729e49c98883494971dbd839e mes5/i586/cups-serial-1.3.10-0.4mdvmes5.1.i586.rpm\n f959dac3e1ce73a9c228a56956f50277 mes5/i586/libcups2-1.3.10-0.4mdvmes5.1.i586.rpm\n eb7ab898a4c42c095cdd82a12527ce78 mes5/i586/libcups2-devel-1.3.10-0.4mdvmes5.1.i586.rpm\n 64c94ac46b571cafb1610c49a6134031 mes5/i586/php-cups-1.3.10-0.4mdvmes5.1.i586.rpm \n e2adcd8eec6039164aa45738cec40586 mes5/SRPMS/cups-1.3.10-0.4mdvmes5.1.src.rpm\n\n Mandriva Enterprise Server 5/X86_64:\n 992e12cd8507d0d58fb6e72ca402429f mes5/x86_64/cups-1.3.10-0.4mdvmes5.1.x86_64.rpm\n 4528d0e4dccbc15507e8575c98255711 mes5/x86_64/cups-common-1.3.10-0.4mdvmes5.1.x86_64.rpm\n 3e840cbe6f1883706c14cbafc838478c mes5/x86_64/cups-serial-1.3.10-0.4mdvmes5.1.x86_64.rpm\n a8cfe7e9c3e82ae1c61b7da0ba7daf26 mes5/x86_64/lib64cups2-1.3.10-0.4mdvmes5.1.x86_64.rpm\n b377f64dff30db3b76cd7b651f796783 mes5/x86_64/lib64cups2-devel-1.3.10-0.4mdvmes5.1.x86_64.rpm\n d2b4d6a768bd6083c970d53744e4aeb1 mes5/x86_64/php-cups-1.3.10-0.4mdvmes5.1.x86_64.rpm \n e2adcd8eec6039164aa45738cec40586 mes5/SRPMS/cups-1.3.10-0.4mdvmes5.1.src.rpm\n _______________________________________________________________________\n\n To upgrade automatically use MandrivaUpdate or urpmi. The verification\n of md5 checksums and GPG signatures is performed automatically for you. \n\n All packages are signed by Mandriva for security. ----------------------------------------------------------------------\n\n\nSecunia CSI integrated with Microsoft WSUS and Microsoft SCCM for 3rd party Patch Management\n\nFree webinars\n\nhttp://secunia.com/vulnerability_scanning/corporate/webinars/\n\n\n----------------------------------------------------------------------\n\nTITLE:\nApple Mac OS X Security Update Fixes Multiple Vulnerabilities\n\nSECUNIA ADVISORY ID:\nSA40220\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/40220/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=40220\n\nRELEASE DATE:\n2010-06-24\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/40220/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/40220/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=40220\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nApple has issued a security update for Mac OS X, which fixes multiple\nvulnerabilities. \n\n1) The CUPS web interface allows users to perform certain actions via\nHTTP requests without performing any validity checks to verify the\nrequests. This can be exploited to change CUPS settings if a\nlogged-in administrative user visits a malicious web site. \n\n2) A use-after-free error in CUPS when processing \"get-printer-jobs\"\nrequests can be exploited to crash \"cupsd\". \n\nNOTE: \"cupsd\" is automatically restarted after the crash occurs. \n\n3) An uninitialised memory access error in the CUPS web interface\nwhen handling form variables can be exploited to disclose potentially\nsensitive \"cupsd\" memory. \n\n4) The \"Finder\" implementation leaves the ownership of selected files\nunchanged when \"Apply to enclosed items...\" is selected in the \"Get\nInfo\" window, resulting in unexpected permissions. \n\n5) An error in Adobe Flash Player can be exploited to bypass domain\nsandbox limitations and perform unauthorized cross-domain requests. \n\nFor more information:\nSA38547\n\n6) An error in \"Folder Manager\" when unmounting disk images\ncontaining a malicious \"Cleanup At Startup\" directory can be\nexploited to delete arbitrary directories via symlink attacks. \n\n7) An input sanitation error exists in \"Help Viewer\" when handling\n\"help:\" URLs. This can be exploited to execute arbitrary JavaScript\ncode in the context of the local domain and disclose sensitive\ninformation or potentially execute arbitrary code. \n\n8) An error in iChat when handling inline image transfers can be\nexploited to upload files to arbitrary locations on an AIM user\u0027s\nsystem via directory traversal attacks. \n\n9) Multiple integer overflow errors in LibTIFF can be exploited to\ncause heap-based buffer overflows and potentially execute arbitrary\ncode. \n\nFor more information:\nSA40181\n\n10) An unspecified error in ImageIO when processing MPEG2 movie files\ncan be exploited to corrupt memory and potentially execute arbitrary\ncode. \n\n11) Multiple integer underflow errors in Kerberos can be exploited to\ncorrupt heap memory and potentially execute arbitrary code. \n\nFor more information:\nSA38080\n\n12) An error in Kerberos can be exploited by malicious users to\ntrigger a double-free and potentially execute arbitrary code. \n\nFor more information:\nSA39420\n\n13) An error in Kerberos when handling authorization data can be\nexploited to terminate an affected server. \n\n14) An error in libcurl when handling compressed web content can\npotentially be exploited to cause a buffer overflow and execute\narbitrary code. \n\n16) A format string error when handling \"afp:\", \"cifs:\", and \"smb:\"\nURLs can be exploited to potentially execute arbitrary code. \n\n17) Open Directory establishes plain text connections when binding to\nnetwork account servers without SSL support. This can be exploited to\npotentially execute arbitrary code via Man-in-the-Middle (MitM)\nattacks. \n\n18) An error when handling local network printers having a Unicode\ncharacter in the service name can be exploited to trigger a printing\nfailure in certain applications. \n\n19) An integer overflow error in the CUPS \"cgtexttops\" filter can be\nexploited to corrupt memory and potentially execute arbitrary code. \n\n20) An error in the Ruby WEBrick HTTP server can be exploited to\ngenerate error pages interpreted as having an UTF-7 character set. \nThis can be exploited to execute arbitrary HTML and script code in a\nuser\u0027s browser session in context of an affected site. \n\n21) An error in the configuration of the included Samba distribution\ncan be exploited to gain access to arbitrary files via symlink\nattacks. \n\nThis may be related to:\nSA38454\n\n22) Multiple errors in SquirrelMail can be exploited to conduct\ncross-site scripting, cross-site request forgery, session fixation,\nand phishing attacks. \n\nFor more information:\nSA34627\nSA35073\n\n23) Wiki Server does not specify a character set when serving HTML\ndocuments. This can be exploited to execute arbitrary HTML and script\ncode in a user\u0027s browser session by making a specially crafted post or\ncomment. \n\nSOLUTION:\nApply Security Update 2010-004 or update to version 10.6.4. \n\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nPROVIDED AND/OR DISCOVERED BY:\n1) Adrian \u0027pagvac\u0027 Pastor of Gnucitizen\n6, 8, 10, 15, 20) Reported by the vendor. \n\nThe vendor also credits:\n1) Tim Starling\n2) Tim Waugh\n3) Luca Carettoni\n4) Michi Ruepp of pianobakery.com\n7) Clint Ruoho of Laconic Security\n9) Kevin Finisterre of digitalmunition.com\n16) Ilja van Sprundel of IOActive, and Chris Ries of Carnegie Mellon\nUniversity Computing Services\n18) Filipp Lepalaan of mcare Oy\n19) regenrecht working with iDefense\n\nORIGINAL ADVISORY:\nApple:\nhttp://support.apple.com/kb/HT4188\n\nGnucitizen:\nhttp://www.gnucitizen.org/blog/apple-further-locks-down-cups-cve-2010-0540/\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 201207-10\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n http://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: High\n Title: CUPS: Multiple vulnerabilities\n Date: July 09, 2012\n Bugs: #295256, #308045, #325551, #380771\n ID: 201207-10\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nMultiple vulnerabilities have been found in CUPS, some of which may\nallow execution of arbitrary code or local privilege escalation. \n\nBackground\n==========\n\nCUPS, the Common Unix Printing System, is a full-featured print server. \n\nAffected packages\n=================\n\n -------------------------------------------------------------------\n Package / Vulnerable / Unaffected\n -------------------------------------------------------------------\n 1 net-print/cups \u003c 1.4.8-r1 \u003e= 1.4.8-r1\n\nDescription\n===========\n\nMultiple vulnerabilities have been discovered in CUPS. Please review\nthe CVE identifiers referenced below for details. \n\nImpact\n======\n\nA remote attacker may be able to execute arbitrary code using specially\ncrafted streams, IPP requests or files, or cause a Denial of Service\n(daemon crash or hang). A local attacker may be able to gain escalated\nprivileges or overwrite arbitrary files. Furthermore, a remote attacker\nmay be able to obtain sensitive information from the CUPS process or\nhijack a CUPS administrator authentication request. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll CUPS users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=net-print/cups-1.4.8-r1\"\n\nNOTE: This is a legacy GLSA. Updates for all affected architectures are\navailable since September 03, 2011. It is likely that your system is\nalready no longer affected by this issue. \n\nReferences\n==========\n\n[ 1 ] CVE-2009-3553\n http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-3553\n[ 2 ] CVE-2010-0302\n http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-0302\n[ 3 ] CVE-2010-0393\n http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-0393\n[ 4 ] CVE-2010-0540\n http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-0540\n[ 5 ] CVE-2010-0542\n http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-0542\n[ 6 ] CVE-2010-1748\n http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-1748\n[ 7 ] CVE-2010-2431\n http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-2431\n[ 8 ] CVE-2010-2432\n http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-2432\n[ 9 ] CVE-2010-2941\n http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-2941\n[ 10 ] CVE-2011-3170\n http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3170\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-201207-10.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2012 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n. ===========================================================\nUbuntu Security Notice USN-952-1 June 21, 2010\ncups, cupsys vulnerabilities\nCVE-2010-0540, CVE-2010-0542, CVE-2010-1748\n===========================================================\n\nA security issue affects the following Ubuntu releases:\n\nUbuntu 6.06 LTS\nUbuntu 8.04 LTS\nUbuntu 9.04\nUbuntu 9.10\nUbuntu 10.04 LTS\n\nThis advisory also applies to the corresponding versions of\nKubuntu, Edubuntu, and Xubuntu. \n\nThe problem can be corrected by upgrading your system to the\nfollowing package versions:\n\nUbuntu 6.06 LTS:\n cupsys 1.2.2-0ubuntu0.6.06.19\n\nUbuntu 8.04 LTS:\n cupsys 1.3.7-1ubuntu3.11\n\nUbuntu 9.04:\n cups 1.3.9-17ubuntu3.9\n\nUbuntu 9.10:\n cups 1.4.1-5ubuntu2.6\n\nUbuntu 10.04 LTS:\n cups 1.4.3-1ubuntu1.2\n\nIn general, a standard system update will make all the necessary changes. (CVE-2010-0540)\n\nIt was discovered that CUPS did not properly handle memory allocations in\nthe texttops filter. (CVE-2010-1748)\n\n\nUpdated packages for Ubuntu 6.06 LTS:\n\n Source archives:\n\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.2-0ubuntu0.6.06.19.diff.gz\n Size/MD5: 115313 005b2e259ee2bc9aeb334d3b2ca51faa\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.2-0ubuntu0.6.06.19.dsc\n Size/MD5: 1061 177a2f8e4a29a35ea13fd51256f1380f\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.2.orig.tar.gz\n Size/MD5: 4070384 2c99b8aa4c8dc25c8a84f9c06aa52e3e\n\n Architecture independent packages:\n\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-gnutls10_1.2.2-0ubuntu0.6.06.19_all.deb\n Size/MD5: 998 35bdefd4098d83e84274364d62ee78ae\n\n amd64 architecture (Athlon64, Opteron, EM64T Xeon):\n\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.2.2-0ubuntu0.6.06.19_amd64.deb\n Size/MD5: 36246 f780e86740e595dc53b1ed5c75b55c13\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.2.2-0ubuntu0.6.06.19_amd64.deb\n Size/MD5: 81834 4085edf21acd7cc603465d9cab24197f\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.2-0ubuntu0.6.06.19_amd64.deb\n Size/MD5: 2297664 891a2b5476e05e98e0b821fad88d0daf\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.2.2-0ubuntu0.6.06.19_amd64.deb\n Size/MD5: 6096 7f361fac37f34a2560226286e3f59cb4\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.2.2-0ubuntu0.6.06.19_amd64.deb\n Size/MD5: 78160 7a84d018f2ca5b447dc647034759b0e1\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.2.2-0ubuntu0.6.06.19_amd64.deb\n Size/MD5: 25738 dad628ebfbdc12b32325657781edd0e4\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.2.2-0ubuntu0.6.06.19_amd64.deb\n Size/MD5: 131420 8cf624425e00972351b02f37d150916e\n\n i386 architecture (x86 compatible Intel/AMD):\n\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.2.2-0ubuntu0.6.06.19_i386.deb\n Size/MD5: 34766 84d90801efca2b0330fccea613ce63de\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.2.2-0ubuntu0.6.06.19_i386.deb\n Size/MD5: 77896 158339fe207b732d69201e75cb0f3381\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.2-0ubuntu0.6.06.19_i386.deb\n Size/MD5: 2263760 2eca2208b83d962a5c3c5e1fe6d4275f\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.2.2-0ubuntu0.6.06.19_i386.deb\n Size/MD5: 6094 36b6a321662416156d7260007a6ca31a\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.2.2-0ubuntu0.6.06.19_i386.deb\n Size/MD5: 77288 ad80ca6edfc486db896d9eb779e0f650\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.2.2-0ubuntu0.6.06.19_i386.deb\n Size/MD5: 25744 1d533c0ab57482330ae306a7891ec6ff\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.2.2-0ubuntu0.6.06.19_i386.deb\n Size/MD5: 123508 83db482d3738e3ffcc3bfbee0cc33721\n\n powerpc architecture (Apple Macintosh G3/G4/G5):\n\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.2.2-0ubuntu0.6.06.19_powerpc.deb\n Size/MD5: 40476 37b383d15aacfd39dae5300cf032bbd1\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.2.2-0ubuntu0.6.06.19_powerpc.deb\n Size/MD5: 89508 0f77ab8e581be995daab715e3dd7abc3\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.2-0ubuntu0.6.06.19_powerpc.deb\n Size/MD5: 2310060 47807a4cd2146d7a209a2a189c2b8cb3\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.2.2-0ubuntu0.6.06.19_powerpc.deb\n Size/MD5: 6100 ea6cc5c9d5f9bed2541300fe56597e78\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.2.2-0ubuntu0.6.06.19_powerpc.deb\n Size/MD5: 79802 b1a45ff6919450143c754a1ff36e9060\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.2.2-0ubuntu0.6.06.19_powerpc.deb\n Size/MD5: 25742 1f563fdffe4e8bd058bedf9460e88e4c\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.2.2-0ubuntu0.6.06.19_powerpc.deb\n Size/MD5: 129252 330ddedb5d53bae2ba5c7752e18fcfa6\n\n sparc architecture (Sun SPARC/UltraSPARC):\n\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.2.2-0ubuntu0.6.06.19_sparc.deb\n Size/MD5: 35384 8ed75eb174931274c38d13af2fb7c112\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.2.2-0ubuntu0.6.06.19_sparc.deb\n Size/MD5: 78676 ddd3a0a2cb9352db14eb335413b08f46\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.2-0ubuntu0.6.06.19_sparc.deb\n Size/MD5: 2298378 da734c1436bd698bec5f919f75d28ed5\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.2.2-0ubuntu0.6.06.19_sparc.deb\n Size/MD5: 6096 e1848071c118342cd2c4bb2cb3ca2ce9\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.2.2-0ubuntu0.6.06.19_sparc.deb\n Size/MD5: 77080 aacd50b0ac685df76f63d312727604d9\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.2.2-0ubuntu0.6.06.19_sparc.deb\n Size/MD5: 25752 05b0ee318bdfa19b7de919ed6754b410\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.2.2-0ubuntu0.6.06.19_sparc.deb\n Size/MD5: 124994 c16e6c9aaca61f227d1c3940d93002da\n\nUpdated packages for Ubuntu 8.04 LTS:\n\n Source archives:\n\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.3.7-1ubuntu3.11.diff.gz\n Size/MD5: 152646 c20cc845d61bec4c777a623bdd3a6043\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.3.7-1ubuntu3.11.dsc\n Size/MD5: 1444 f04fc7976a0a92b58e57ff27631efab0\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.3.7.orig.tar.gz\n Size/MD5: 4700333 383e556d9841475847da6076c88da467\n\n Architecture independent packages:\n\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-common_1.3.7-1ubuntu3.11_all.deb\n Size/MD5: 1144560 7b4f2abb608fa6c442994caa8c47e110\n\n amd64 architecture (Athlon64, Opteron, EM64T Xeon):\n\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.3.7-1ubuntu3.11_amd64.deb\n Size/MD5: 37526 a9d6ecea3143d1335dc31815cf75dbd5\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.3.7-1ubuntu3.11_amd64.deb\n Size/MD5: 90076 042ae92e8d94ae9d2482952b2e99df5a\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.3.7-1ubuntu3.11_amd64.deb\n Size/MD5: 1890142 14da569119511e5f51b320cfc79506d1\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.3.7-1ubuntu3.11_amd64.deb\n Size/MD5: 60796 60488f0471f8c9bc173c03320bb789b2\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.3.7-1ubuntu3.11_amd64.deb\n Size/MD5: 50214 47f4d3a00e8f761452a020a09a7384b4\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.3.7-1ubuntu3.11_amd64.deb\n Size/MD5: 345354 e963afb3e1275ddf97b68284e40372ea\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.3.7-1ubuntu3.11_amd64.deb\n Size/MD5: 179228 f33a66c1ac3967328f17297b1749b53b\n\n i386 architecture (x86 compatible Intel/AMD):\n\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.3.7-1ubuntu3.11_i386.deb\n Size/MD5: 36950 df31639f3490ff68d09f8029cec8924f\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.3.7-1ubuntu3.11_i386.deb\n Size/MD5: 88546 b9ea8e8c14ed2d0f8ecfe137fdf6454a\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.3.7-1ubuntu3.11_i386.deb\n Size/MD5: 1872422 9b0e8cce7f3ac6f029d1d9722e98a213\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.3.7-1ubuntu3.11_i386.deb\n Size/MD5: 60092 9e5eb97dd1cebd0229863029e4ca8f78\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.3.7-1ubuntu3.11_i386.deb\n Size/MD5: 49858 34a9fac10b0722657d2ca8ef56848f8d\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.3.7-1ubuntu3.11_i386.deb\n Size/MD5: 339688 c898e4f9f0dca3101a03dd02111a10f4\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.3.7-1ubuntu3.11_i386.deb\n Size/MD5: 176154 6a9ab1e5e19cadb5c7252502fc027de7\n\n lpia architecture (Low Power Intel Architecture):\n\n http://ports.ubuntu.com/pool/main/c/cupsys/cupsys-bsd_1.3.7-1ubuntu3.11_lpia.deb\n Size/MD5: 36672 f41063e4a148dc8899ebef34e6cbfb3c\n http://ports.ubuntu.com/pool/main/c/cupsys/cupsys-client_1.3.7-1ubuntu3.11_lpia.deb\n Size/MD5: 88846 4b68211c70b5bb7e656254da22bbd318\n http://ports.ubuntu.com/pool/main/c/cupsys/cupsys_1.3.7-1ubuntu3.11_lpia.deb\n Size/MD5: 1874024 d6476f29b2979d242c8ff37d2241a61b\n http://ports.ubuntu.com/pool/main/c/cupsys/libcupsimage2-dev_1.3.7-1ubuntu3.11_lpia.deb\n Size/MD5: 60494 320b2a5fdfebf2c40a0710adff97036d\n http://ports.ubuntu.com/pool/main/c/cupsys/libcupsimage2_1.3.7-1ubuntu3.11_lpia.deb\n Size/MD5: 50816 3c56d3f411c40dedf3b6436b30b54b9a\n http://ports.ubuntu.com/pool/main/c/cupsys/libcupsys2-dev_1.3.7-1ubuntu3.11_lpia.deb\n Size/MD5: 337320 79b5fb2771ca47c968f5abf93b91202c\n http://ports.ubuntu.com/pool/main/c/cupsys/libcupsys2_1.3.7-1ubuntu3.11_lpia.deb\n Size/MD5: 174996 0bcdda8df4f857444adca2943fd3c170\n\n powerpc architecture (Apple Macintosh G3/G4/G5):\n\n http://ports.ubuntu.com/pool/main/c/cupsys/cupsys-bsd_1.3.7-1ubuntu3.11_powerpc.deb\n Size/MD5: 46938 ad94ebf4867859a982bb89477eab7ea4\n http://ports.ubuntu.com/pool/main/c/cupsys/cupsys-client_1.3.7-1ubuntu3.11_powerpc.deb\n Size/MD5: 110644 a281f4e5aa21d689540f919d5ee3fa5d\n http://ports.ubuntu.com/pool/main/c/cupsys/cupsys_1.3.7-1ubuntu3.11_powerpc.deb\n Size/MD5: 1958650 0e52cf6cd29c14ff0f2cc3212c552b99\n http://ports.ubuntu.com/pool/main/c/cupsys/libcupsimage2-dev_1.3.7-1ubuntu3.11_powerpc.deb\n Size/MD5: 59936 4091d328dee9d0deba5661fc5e762f1c\n http://ports.ubuntu.com/pool/main/c/cupsys/libcupsimage2_1.3.7-1ubuntu3.11_powerpc.deb\n Size/MD5: 54924 4fcf6eb1050a0eeee9854126fee0a79e\n http://ports.ubuntu.com/pool/main/c/cupsys/libcupsys2-dev_1.3.7-1ubuntu3.11_powerpc.deb\n Size/MD5: 342064 8d4b8d42acc54c66da52949ea44fd553\n http://ports.ubuntu.com/pool/main/c/cupsys/libcupsys2_1.3.7-1ubuntu3.11_powerpc.deb\n Size/MD5: 184954 42c1c793307f1cc4d18d522ae80f0270\n\n sparc architecture (Sun SPARC/UltraSPARC):\n\n http://ports.ubuntu.com/pool/main/c/cupsys/cupsys-bsd_1.3.7-1ubuntu3.11_sparc.deb\n Size/MD5: 38036 e62ae6e8d6d291f9ed605c555d158718\n http://ports.ubuntu.com/pool/main/c/cupsys/cupsys-client_1.3.7-1ubuntu3.11_sparc.deb\n Size/MD5: 91032 0eeec008bd95aebc2cf01b29dc21c908\n http://ports.ubuntu.com/pool/main/c/cupsys/cupsys_1.3.7-1ubuntu3.11_sparc.deb\n Size/MD5: 1907984 55de2e9030db5aa551bce341684870dc\n http://ports.ubuntu.com/pool/main/c/cupsys/libcupsimage2-dev_1.3.7-1ubuntu3.11_sparc.deb\n Size/MD5: 57832 b053dd502dd903723e8d6a77ce0b1c2b\n http://ports.ubuntu.com/pool/main/c/cupsys/libcupsimage2_1.3.7-1ubuntu3.11_sparc.deb\n Size/MD5: 48216 1def563a1d36813e430550ff75cf8d5e\n http://ports.ubuntu.com/pool/main/c/cupsys/libcupsys2-dev_1.3.7-1ubuntu3.11_sparc.deb\n Size/MD5: 341820 abc71448985875caa6210132ecf46b93\n http://ports.ubuntu.com/pool/main/c/cupsys/libcupsys2_1.3.7-1ubuntu3.11_sparc.deb\n Size/MD5: 174938 f91384db37267deab1639718fe3b8c34\n\nUpdated packages for Ubuntu 9.04:\n\n Source archives:\n\n http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups_1.3.9-17ubuntu3.9.diff.gz\n Size/MD5: 347764 2955695161c0ce780898d42714dba9c8\n http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups_1.3.9-17ubuntu3.9.dsc\n Size/MD5: 1995 00cc768af9e65ccaaed74d7c4352e86d\n http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups_1.3.9.orig.tar.gz\n Size/MD5: 4809771 e6f2d90491ed050e5ff2104b617b88ea\n\n Architecture independent packages:\n\n http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-common_1.3.9-17ubuntu3.9_all.deb\n Size/MD5: 1165952 144fdfb5ea034f6f0efa02c8d36f5667\n http://security.ubuntu.com/ubuntu/pool/main/c/cups/cupsys-dbg_1.3.9-17ubuntu3.9_all.deb\n Size/MD5: 61232 dfdb0322c17e7e1b747ba8f9db12a498\n http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsys2-dev_1.3.9-17ubuntu3.9_all.deb\n Size/MD5: 61240 06126e6e2f7caf9e7fd2f124daf3396c\n http://security.ubuntu.com/ubuntu/pool/universe/c/cups/cupsys-bsd_1.3.9-17ubuntu3.9_all.deb\n Size/MD5: 61226 808e56e373bc060585483194bcfac4a7\n http://security.ubuntu.com/ubuntu/pool/universe/c/cups/cupsys-client_1.3.9-17ubuntu3.9_all.deb\n Size/MD5: 61230 17df573a12aca59fb662736b11cb5a89\n http://security.ubuntu.com/ubuntu/pool/universe/c/cups/cupsys-common_1.3.9-17ubuntu3.9_all.deb\n Size/MD5: 4518 b33fc896433f2122e19187140ff848bf\n http://security.ubuntu.com/ubuntu/pool/universe/c/cups/cupsys_1.3.9-17ubuntu3.9_all.deb\n Size/MD5: 61218 521cc3faadf974588bd059da948ffd46\n http://security.ubuntu.com/ubuntu/pool/universe/c/cups/libcupsys2_1.3.9-17ubuntu3.9_all.deb\n Size/MD5: 61230 5d435cb91fe17f9603d67ac58cf00ebd\n\n amd64 architecture (Athlon64, Opteron, EM64T Xeon):\n\n http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-bsd_1.3.9-17ubuntu3.9_amd64.deb\n Size/MD5: 37304 456a29fc3e6e4a6a12afb28cf070d153\n http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-client_1.3.9-17ubuntu3.9_amd64.deb\n Size/MD5: 119754 3a3546041387ada93c1f834570d0b7db\n http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-dbg_1.3.9-17ubuntu3.9_amd64.deb\n Size/MD5: 1675558 fd25a667614137c16bfa36e8c4bcf772\n http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups_1.3.9-17ubuntu3.9_amd64.deb\n Size/MD5: 2178564 f1799dbcec836870692ecaa40b254f8b\n http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcups2-dev_1.3.9-17ubuntu3.9_amd64.deb\n Size/MD5: 352570 5ac8c911b9b70ba35f4054ae5fff6857\n http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcups2_1.3.9-17ubuntu3.9_amd64.deb\n Size/MD5: 178584 8f72778104c3015920601f7d39ec58ca\n http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsimage2-dev_1.3.9-17ubuntu3.9_amd64.deb\n Size/MD5: 61264 cc1633d90a82496ea55beb87d9e4282a\n http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsimage2_1.3.9-17ubuntu3.9_amd64.deb\n Size/MD5: 52218 ef2c76e51468c29f16868f9b65a1d986\n\n i386 architecture (x86 compatible Intel/AMD):\n\n http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-bsd_1.3.9-17ubuntu3.9_i386.deb\n Size/MD5: 36230 3469935b69c38df8cc889905082f6170\n http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-client_1.3.9-17ubuntu3.9_i386.deb\n Size/MD5: 115268 2c97947d64499af1488d7147aabd1272\n http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-dbg_1.3.9-17ubuntu3.9_i386.deb\n Size/MD5: 1533088 e0c1e8945bcf28c325313ecc8675819b\n http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups_1.3.9-17ubuntu3.9_i386.deb\n Size/MD5: 2144702 03fd75f8698031522c9483663deaddf4\n http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcups2-dev_1.3.9-17ubuntu3.9_i386.deb\n Size/MD5: 346396 a89110547944785464731b47fadf5ef9\n http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcups2_1.3.9-17ubuntu3.9_i386.deb\n Size/MD5: 175170 470d2d69e5df366ca7d359b86c4693b3\n http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsimage2-dev_1.3.9-17ubuntu3.9_i386.deb\n Size/MD5: 60498 7a2cb2739132e79a1fa70c0983d6bda0\n http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsimage2_1.3.9-17ubuntu3.9_i386.deb\n Size/MD5: 51542 60e03d1de616cc7d9fd5deccfba7e73f\n\n lpia architecture (Low Power Intel Architecture):\n\n http://ports.ubuntu.com/pool/main/c/cups/cups-bsd_1.3.9-17ubuntu3.9_lpia.deb\n Size/MD5: 36028 95dd554290394bba340e1b9ed0eeca22\n http://ports.ubuntu.com/pool/main/c/cups/cups-client_1.3.9-17ubuntu3.9_lpia.deb\n Size/MD5: 114518 7cdf8bfff996881b0ff38122507d24f8\n http://ports.ubuntu.com/pool/main/c/cups/cups-dbg_1.3.9-17ubuntu3.9_lpia.deb\n Size/MD5: 1562414 99f96dacc52fb8ab31879dc8d917eed3\n http://ports.ubuntu.com/pool/main/c/cups/cups_1.3.9-17ubuntu3.9_lpia.deb\n Size/MD5: 2141504 666f44d2a5057b47b0926b8fbc0ff9ce\n http://ports.ubuntu.com/pool/main/c/cups/libcups2-dev_1.3.9-17ubuntu3.9_lpia.deb\n Size/MD5: 343356 43f548744343771bfccc97e0965767e5\n http://ports.ubuntu.com/pool/main/c/cups/libcups2_1.3.9-17ubuntu3.9_lpia.deb\n Size/MD5: 173468 495c1181694e597d3e2ee9b7879f63b4\n http://ports.ubuntu.com/pool/main/c/cups/libcupsimage2-dev_1.3.9-17ubuntu3.9_lpia.deb\n Size/MD5: 60670 59cb79251da624cf56788a6ebbdd1854\n http://ports.ubuntu.com/pool/main/c/cups/libcupsimage2_1.3.9-17ubuntu3.9_lpia.deb\n Size/MD5: 52342 8b1039fde9779991586c0861bde5d692\n\n powerpc architecture (Apple Macintosh G3/G4/G5):\n\n http://ports.ubuntu.com/pool/main/c/cups/cups-bsd_1.3.9-17ubuntu3.9_powerpc.deb\n Size/MD5: 43570 1bfc6992664c3dcf9ac9853ab5b6f62f\n http://ports.ubuntu.com/pool/main/c/cups/cups-client_1.3.9-17ubuntu3.9_powerpc.deb\n Size/MD5: 138118 56c93d7803d01c16a39e9fbe917e3a98\n http://ports.ubuntu.com/pool/main/c/cups/cups-dbg_1.3.9-17ubuntu3.9_powerpc.deb\n Size/MD5: 1649586 223b30bbc9f4d0e25c327eb10bf364ec\n http://ports.ubuntu.com/pool/main/c/cups/cups_1.3.9-17ubuntu3.9_powerpc.deb\n Size/MD5: 2266484 6abc3509cdcf34e481d74adb7b939ec2\n http://ports.ubuntu.com/pool/main/c/cups/libcups2-dev_1.3.9-17ubuntu3.9_powerpc.deb\n Size/MD5: 348324 d36b5c40f196d505735fe367a7a2380a\n http://ports.ubuntu.com/pool/main/c/cups/libcups2_1.3.9-17ubuntu3.9_powerpc.deb\n Size/MD5: 183986 555915a89c0a514dcb6e77486a9112ed\n http://ports.ubuntu.com/pool/main/c/cups/libcupsimage2-dev_1.3.9-17ubuntu3.9_powerpc.deb\n Size/MD5: 61310 1c61fe881255b71f6264119f319f24b3\n http://ports.ubuntu.com/pool/main/c/cups/libcupsimage2_1.3.9-17ubuntu3.9_powerpc.deb\n Size/MD5: 57406 ab4fb5ea4040929b5ec38abad5f38cfb\n\n sparc architecture (Sun SPARC/UltraSPARC):\n\n http://ports.ubuntu.com/pool/main/c/cups/cups-bsd_1.3.9-17ubuntu3.9_sparc.deb\n Size/MD5: 37208 6046757ca4fe9b690247c34fe009b8ea\n http://ports.ubuntu.com/pool/main/c/cups/cups-client_1.3.9-17ubuntu3.9_sparc.deb\n Size/MD5: 117494 0a21aaee253debec63b21c20dfda20bd\n http://ports.ubuntu.com/pool/main/c/cups/cups-dbg_1.3.9-17ubuntu3.9_sparc.deb\n Size/MD5: 1477080 6d03ce62f445559aeac03429e66cf9bb\n http://ports.ubuntu.com/pool/main/c/cups/cups_1.3.9-17ubuntu3.9_sparc.deb\n Size/MD5: 2211336 6ea40676d2b68ab7e75e4e81d79493c5\n http://ports.ubuntu.com/pool/main/c/cups/libcups2-dev_1.3.9-17ubuntu3.9_sparc.deb\n Size/MD5: 345154 da2107d40cbf1f8575995dddb031ac25\n http://ports.ubuntu.com/pool/main/c/cups/libcups2_1.3.9-17ubuntu3.9_sparc.deb\n Size/MD5: 170956 d17a5b8ce2609a9a73b8b49af592d31d\n http://ports.ubuntu.com/pool/main/c/cups/libcupsimage2-dev_1.3.9-17ubuntu3.9_sparc.deb\n Size/MD5: 57854 9978193eaa21591bcbda0103bd2d7420\n http://ports.ubuntu.com/pool/main/c/cups/libcupsimage2_1.3.9-17ubuntu3.9_sparc.deb\n Size/MD5: 49696 e9933a11538063753748ab7a29ddf48b\n\nUpdated packages for Ubuntu 9.10:\n\n Source archives:\n\n http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups_1.4.1-5ubuntu2.6.diff.gz\n Size/MD5: 430803 9896ab093cf6c3ef71a80e0c37e4b7aa\n http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups_1.4.1-5ubuntu2.6.dsc\n Size/MD5: 2273 893689e77881954b258ddb7107aa699e\n http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups_1.4.1.orig.tar.gz\n Size/MD5: 5287327 4dc8f431ef50752dfd61d9d4959abd06\n\n Architecture independent packages:\n\n http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-common_1.4.1-5ubuntu2.6_all.deb\n Size/MD5: 1420352 27ce929720fc629fed288754a91ce13b\n http://security.ubuntu.com/ubuntu/pool/main/c/cups/cupsys-dbg_1.4.1-5ubuntu2.6_all.deb\n Size/MD5: 69858 388fcac30796d5907253d647b12d7969\n http://security.ubuntu.com/ubuntu/pool/universe/c/cups/cupsddk_1.4.1-5ubuntu2.6_all.deb\n Size/MD5: 69822 3cf78e179ad70f3273abfc1263664266\n http://security.ubuntu.com/ubuntu/pool/universe/c/cups/cupsys-bsd_1.4.1-5ubuntu2.6_all.deb\n Size/MD5: 69854 97bd4ac6413bb46ab53861a581113f0a\n http://security.ubuntu.com/ubuntu/pool/universe/c/cups/cupsys-client_1.4.1-5ubuntu2.6_all.deb\n Size/MD5: 69854 b391fa9c83fbf3009e56df2746ab94d2\n http://security.ubuntu.com/ubuntu/pool/universe/c/cups/cupsys-common_1.4.1-5ubuntu2.6_all.deb\n Size/MD5: 4544 57b5675c9659d18d88a113f55a2176f9\n http://security.ubuntu.com/ubuntu/pool/universe/c/cups/cupsys_1.4.1-5ubuntu2.6_all.deb\n Size/MD5: 69842 7aff9ca2dc796cb3604221265e9b2747\n\n amd64 architecture (Athlon64, Opteron, EM64T Xeon):\n\n http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-bsd_1.4.1-5ubuntu2.6_amd64.deb\n Size/MD5: 36714 b7a8d6d23214b4d0cbc888888a48e335\n http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-client_1.4.1-5ubuntu2.6_amd64.deb\n Size/MD5: 120262 8dfd957d0cc33ffaaf32072079907ee1\n http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-dbg_1.4.1-5ubuntu2.6_amd64.deb\n Size/MD5: 90150 3233d3c9c94c0f262f00f4b71d7a81d5\n http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups_1.4.1-5ubuntu2.6_amd64.deb\n Size/MD5: 1909664 73ed914b62e3c9e04dcaec55b543407d\n http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcups2-dev_1.4.1-5ubuntu2.6_amd64.deb\n Size/MD5: 210802 f23c0fdafcfd0fad270f8afa3a937c31\n http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcups2_1.4.1-5ubuntu2.6_amd64.deb\n Size/MD5: 219530 3c472155e2f3471ddb68a50b6661aa42\n http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupscgi1-dev_1.4.1-5ubuntu2.6_amd64.deb\n Size/MD5: 103906 a77f22491afdfd65c60fe01ba8660673\n http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupscgi1_1.4.1-5ubuntu2.6_amd64.deb\n Size/MD5: 33134 5d3ba0a39217678739e2c7812512d28c\n http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsdriver1-dev_1.4.1-5ubuntu2.6_amd64.deb\n Size/MD5: 90504 fe988efeb10d537670c25ad298c58eb7\n http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsdriver1_1.4.1-5ubuntu2.6_amd64.deb\n Size/MD5: 22188 6316c51f52a01de4b3011411db62a5b7\n http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsimage2-dev_1.4.1-5ubuntu2.6_amd64.deb\n Size/MD5: 61528 5b4718cdfd4387c0d7114f2580c8254b\n http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsimage2_1.4.1-5ubuntu2.6_amd64.deb\n Size/MD5: 53152 4013a5f53425a382b45889fe73f6f3a9\n http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsmime1-dev_1.4.1-5ubuntu2.6_amd64.deb\n Size/MD5: 81518 f81f9bcdd2faf8a7f9ba6fefe4f8cdc2\n http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsmime1_1.4.1-5ubuntu2.6_amd64.deb\n Size/MD5: 15490 e4228a982cf71ae48ee2af86325b45ac\n http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsppdc1-dev_1.4.1-5ubuntu2.6_amd64.deb\n Size/MD5: 143326 b8a0420a543914c8299e340a5723ba1d\n http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsppdc1_1.4.1-5ubuntu2.6_amd64.deb\n Size/MD5: 60108 fa27048727ffbbb4e58ba9ee6ccaadeb\n http://security.ubuntu.com/ubuntu/pool/universe/c/cups/cups-ppdc_1.4.1-5ubuntu2.6_amd64.deb\n Size/MD5: 34522 851e93d20f1315beb56cf357956c5f2a\n\n i386 architecture (x86 compatible Intel/AMD):\n\n http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-bsd_1.4.1-5ubuntu2.6_i386.deb\n Size/MD5: 35484 3a0b604fdbf0106ca6886eee07968dff\n http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-client_1.4.1-5ubuntu2.6_i386.deb\n Size/MD5: 115306 688d22b75b84a4b0ef3ed89306f653bf\n http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-dbg_1.4.1-5ubuntu2.6_i386.deb\n Size/MD5: 89220 4b4a76a3551a6c934975aa040289a3d4\n http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups_1.4.1-5ubuntu2.6_i386.deb\n Size/MD5: 1867674 564568d5ec8164e9ee916dc41951d660\n http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcups2-dev_1.4.1-5ubuntu2.6_i386.deb\n Size/MD5: 199732 6617d9b279c98755836e6ce614978924\n http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcups2_1.4.1-5ubuntu2.6_i386.deb\n Size/MD5: 213492 2c15204d6c3c638327b812a76259c33a\n http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupscgi1-dev_1.4.1-5ubuntu2.6_i386.deb\n Size/MD5: 102998 80bcbfadf15cb8f0b578362352fc461f\n http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupscgi1_1.4.1-5ubuntu2.6_i386.deb\n Size/MD5: 32872 2cb6e24ce760d286b1e4ce2e7dc9275c\n http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsdriver1-dev_1.4.1-5ubuntu2.6_i386.deb\n Size/MD5: 90720 5c967305feec17ac2c2715ca3a553263\n http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsdriver1_1.4.1-5ubuntu2.6_i386.deb\n Size/MD5: 22070 d77fc0c0f4db9f7e907f658be56f9c42\n http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsimage2-dev_1.4.1-5ubuntu2.6_i386.deb\n Size/MD5: 60316 88f1d9c994bfc4ac28381aa8ca28585e\n http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsimage2_1.4.1-5ubuntu2.6_i386.deb\n Size/MD5: 52414 b8598a149d3a8f8b3d0cb79f12633dea\n http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsmime1-dev_1.4.1-5ubuntu2.6_i386.deb\n Size/MD5: 81432 e2eba2bb5cd587421404445bf4cb3c36\n http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsmime1_1.4.1-5ubuntu2.6_i386.deb\n Size/MD5: 15202 531427f9f7e56220142b4e51233daf01\n http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsppdc1-dev_1.4.1-5ubuntu2.6_i386.deb\n Size/MD5: 141908 70047df2efe6271a7f0fe81be26e898b\n http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsppdc1_1.4.1-5ubuntu2.6_i386.deb\n Size/MD5: 61440 287af16b51cbf417374964ce1faaa9a0\n http://security.ubuntu.com/ubuntu/pool/universe/c/cups/cups-ppdc_1.4.1-5ubuntu2.6_i386.deb\n Size/MD5: 32818 67c42e8a46deb780a4ea43679a8f7b1b\n\n lpia architecture (Low Power Intel Architecture):\n\n http://ports.ubuntu.com/pool/main/c/cups/cups-bsd_1.4.1-5ubuntu2.6_lpia.deb\n Size/MD5: 35444 43e9a036f2cb42db2e2894edfef0afda\n http://ports.ubuntu.com/pool/main/c/cups/cups-client_1.4.1-5ubuntu2.6_lpia.deb\n Size/MD5: 115172 a7a25b4d3d2c988a06dee38802fd2e0b\n http://ports.ubuntu.com/pool/main/c/cups/cups-dbg_1.4.1-5ubuntu2.6_lpia.deb\n Size/MD5: 89146 d45d7185a76bd44f3e11a2f52b87f1fd\n http://ports.ubuntu.com/pool/main/c/cups/cups_1.4.1-5ubuntu2.6_lpia.deb\n Size/MD5: 1865278 622d02b7fdcfd8ad0c7ab5e4758dc29c\n http://ports.ubuntu.com/pool/main/c/cups/libcups2-dev_1.4.1-5ubuntu2.6_lpia.deb\n Size/MD5: 197074 b109e960fb1cfd95ecc65cdcb106bc97\n http://ports.ubuntu.com/pool/main/c/cups/libcups2_1.4.1-5ubuntu2.6_lpia.deb\n Size/MD5: 212098 185440c848f158c3f1ea8a00096454e6\n http://ports.ubuntu.com/pool/main/c/cups/libcupscgi1-dev_1.4.1-5ubuntu2.6_lpia.deb\n Size/MD5: 102282 ff45f4229a289f1d3a5eadf0dfa1f6d7\n http://ports.ubuntu.com/pool/main/c/cups/libcupscgi1_1.4.1-5ubuntu2.6_lpia.deb\n Size/MD5: 32662 51fff11adcbf03ff5c6c4344231f40f4\n http://ports.ubuntu.com/pool/main/c/cups/libcupsdriver1-dev_1.4.1-5ubuntu2.6_lpia.deb\n Size/MD5: 90140 2025394e060c7ac4135fb3197c82e2aa\n http://ports.ubuntu.com/pool/main/c/cups/libcupsdriver1_1.4.1-5ubuntu2.6_lpia.deb\n Size/MD5: 21772 94c88b2f892a3ca17071da2e1d3f57de\n http://ports.ubuntu.com/pool/main/c/cups/libcupsimage2-dev_1.4.1-5ubuntu2.6_lpia.deb\n Size/MD5: 59952 b6e1c63ff6dcf6fae5ddf41e83bf2b39\n http://ports.ubuntu.com/pool/main/c/cups/libcupsimage2_1.4.1-5ubuntu2.6_lpia.deb\n Size/MD5: 52580 2733ad91569bb1b7018966ac2316d6b3\n http://ports.ubuntu.com/pool/main/c/cups/libcupsmime1-dev_1.4.1-5ubuntu2.6_lpia.deb\n Size/MD5: 81372 71e31f4d06b1de5ede2c8186e60292fb\n http://ports.ubuntu.com/pool/main/c/cups/libcupsmime1_1.4.1-5ubuntu2.6_lpia.deb\n Size/MD5: 15308 f81a0425d623423089f99b429a15e916\n http://ports.ubuntu.com/pool/main/c/cups/libcupsppdc1-dev_1.4.1-5ubuntu2.6_lpia.deb\n Size/MD5: 142212 ec10060804a0e9747a65322cdb456ea0\n http://ports.ubuntu.com/pool/main/c/cups/libcupsppdc1_1.4.1-5ubuntu2.6_lpia.deb\n Size/MD5: 62670 e9f0de51cdf2665eaeb9699f4440d4b3\n http://ports.ubuntu.com/pool/universe/c/cups/cups-ppdc_1.4.1-5ubuntu2.6_lpia.deb\n Size/MD5: 33272 5cb032354f73c1f3b549b9bf4ba034b3\n\n powerpc architecture (Apple Macintosh G3/G4/G5):\n\n http://ports.ubuntu.com/pool/main/c/cups/cups-bsd_1.4.1-5ubuntu2.6_powerpc.deb\n Size/MD5: 37002 98296fbdb2c48a660ec17b0c4a4f3c90\n http://ports.ubuntu.com/pool/main/c/cups/cups-client_1.4.1-5ubuntu2.6_powerpc.deb\n Size/MD5: 121666 bba9834fa00e775df09cf0f0488f7f9a\n http://ports.ubuntu.com/pool/main/c/cups/cups-dbg_1.4.1-5ubuntu2.6_powerpc.deb\n Size/MD5: 89800 d19794e77bb85ad268c3d2bc2bfa1f31\n http://ports.ubuntu.com/pool/main/c/cups/cups_1.4.1-5ubuntu2.6_powerpc.deb\n Size/MD5: 1931086 acb1d07a0d0a2dc17fba7683ec52e16b\n http://ports.ubuntu.com/pool/main/c/cups/libcups2-dev_1.4.1-5ubuntu2.6_powerpc.deb\n Size/MD5: 203926 83542c3ef9602299bfb8302ed77290e7\n http://ports.ubuntu.com/pool/main/c/cups/libcups2_1.4.1-5ubuntu2.6_powerpc.deb\n Size/MD5: 224070 6ed170661f54e7fa50f61a69a904ec21\n http://ports.ubuntu.com/pool/main/c/cups/libcupscgi1-dev_1.4.1-5ubuntu2.6_powerpc.deb\n Size/MD5: 103042 8966b98ea957fbb8b92a4678317fddae\n http://ports.ubuntu.com/pool/main/c/cups/libcupscgi1_1.4.1-5ubuntu2.6_powerpc.deb\n Size/MD5: 35072 b1aa40b4d141f00000864f0a87a795f3\n http://ports.ubuntu.com/pool/main/c/cups/libcupsdriver1-dev_1.4.1-5ubuntu2.6_powerpc.deb\n Size/MD5: 89920 f1f371d9914166ec1af92bf5706253f0\n http://ports.ubuntu.com/pool/main/c/cups/libcupsdriver1_1.4.1-5ubuntu2.6_powerpc.deb\n Size/MD5: 22332 87366d86919da7b07046b73a1b276471\n http://ports.ubuntu.com/pool/main/c/cups/libcupsimage2-dev_1.4.1-5ubuntu2.6_powerpc.deb\n Size/MD5: 60622 d5dfb6d846e1b6f3935071d78da667ba\n http://ports.ubuntu.com/pool/main/c/cups/libcupsimage2_1.4.1-5ubuntu2.6_powerpc.deb\n Size/MD5: 55370 b598355d538a5202a38c1286b8cf9cb8\n http://ports.ubuntu.com/pool/main/c/cups/libcupsmime1-dev_1.4.1-5ubuntu2.6_powerpc.deb\n Size/MD5: 81882 96dca3856de634bbd9596a6fc7afa9c6\n http://ports.ubuntu.com/pool/main/c/cups/libcupsmime1_1.4.1-5ubuntu2.6_powerpc.deb\n Size/MD5: 15792 ada89970388879b889ce3ce23f0786e9\n http://ports.ubuntu.com/pool/main/c/cups/libcupsppdc1-dev_1.4.1-5ubuntu2.6_powerpc.deb\n Size/MD5: 141460 54b03efb38851fc77a7c32217d89a838\n http://ports.ubuntu.com/pool/main/c/cups/libcupsppdc1_1.4.1-5ubuntu2.6_powerpc.deb\n Size/MD5: 64954 75bb84b2f2aed56705323657a98c94c6\n http://ports.ubuntu.com/pool/universe/c/cups/cups-ppdc_1.4.1-5ubuntu2.6_powerpc.deb\n Size/MD5: 34788 3b21946edb4a3f5b5a53941a97c7902b\n\n sparc architecture (Sun SPARC/UltraSPARC):\n\n http://ports.ubuntu.com/pool/main/c/cups/cups-bsd_1.4.1-5ubuntu2.6_sparc.deb\n Size/MD5: 36050 40e9f13fcb68ae0f7b780ddffa930569\n http://ports.ubuntu.com/pool/main/c/cups/cups-client_1.4.1-5ubuntu2.6_sparc.deb\n Size/MD5: 117802 69758c023939b53c735884c8bb3da729\n http://ports.ubuntu.com/pool/main/c/cups/cups-dbg_1.4.1-5ubuntu2.6_sparc.deb\n Size/MD5: 89654 d38e699a47d22475311fbc9f72835462\n http://ports.ubuntu.com/pool/main/c/cups/cups_1.4.1-5ubuntu2.6_sparc.deb\n Size/MD5: 1954398 385300918a21dc44de8f253ee2f28eaf\n http://ports.ubuntu.com/pool/main/c/cups/libcups2-dev_1.4.1-5ubuntu2.6_sparc.deb\n Size/MD5: 201862 dcf93f4fd26767ca13dd8562244fcf1b\n http://ports.ubuntu.com/pool/main/c/cups/libcups2_1.4.1-5ubuntu2.6_sparc.deb\n Size/MD5: 211164 700260b08f51811acc2a051b24378125\n http://ports.ubuntu.com/pool/main/c/cups/libcupscgi1-dev_1.4.1-5ubuntu2.6_sparc.deb\n Size/MD5: 104686 dea3e49233b35c05ceb73d2c6cb377c2\n http://ports.ubuntu.com/pool/main/c/cups/libcupscgi1_1.4.1-5ubuntu2.6_sparc.deb\n Size/MD5: 32990 05ea0b382be4213b3a5a56cea510f2ef\n http://ports.ubuntu.com/pool/main/c/cups/libcupsdriver1-dev_1.4.1-5ubuntu2.6_sparc.deb\n Size/MD5: 90114 8e30914034d660780c8023500e6ffc3f\n http://ports.ubuntu.com/pool/main/c/cups/libcupsdriver1_1.4.1-5ubuntu2.6_sparc.deb\n Size/MD5: 21388 3924468f70aa5cd4ba7000414fdf0688\n http://ports.ubuntu.com/pool/main/c/cups/libcupsimage2-dev_1.4.1-5ubuntu2.6_sparc.deb\n Size/MD5: 58154 093eb825804bc6d172335e1a73f9afb6\n http://ports.ubuntu.com/pool/main/c/cups/libcupsimage2_1.4.1-5ubuntu2.6_sparc.deb\n Size/MD5: 50288 47b1de9dede6755e934512df997031d9\n http://ports.ubuntu.com/pool/main/c/cups/libcupsmime1-dev_1.4.1-5ubuntu2.6_sparc.deb\n Size/MD5: 80642 f0c36f2b152a9c5834f871a9e3ba534a\n http://ports.ubuntu.com/pool/main/c/cups/libcupsmime1_1.4.1-5ubuntu2.6_sparc.deb\n Size/MD5: 14382 74976d5c3d9d2e5f84c63b3d95df8dad\n http://ports.ubuntu.com/pool/main/c/cups/libcupsppdc1-dev_1.4.1-5ubuntu2.6_sparc.deb\n Size/MD5: 144596 8c8e872d9a7fc3461cd3295c47c46da4\n http://ports.ubuntu.com/pool/main/c/cups/libcupsppdc1_1.4.1-5ubuntu2.6_sparc.deb\n Size/MD5: 61448 f654d799a55faf5c5bbbc6d111d17e0e\n http://ports.ubuntu.com/pool/universe/c/cups/cups-ppdc_1.4.1-5ubuntu2.6_sparc.deb\n Size/MD5: 33862 426ade2e9fa86473091f0722f60b2e3a\n\nUpdated packages for Ubuntu 10.04:\n\n Source archives:\n\n http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups_1.4.3-1ubuntu1.2.diff.gz\n Size/MD5: 496671 585b5a839d9ec546a9534330a76c0964\n http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups_1.4.3-1ubuntu1.2.dsc\n Size/MD5: 2273 167a7ea0e055786fe2e5f74c03b92294\n http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups_1.4.3.orig.tar.gz\n Size/MD5: 5367387 947aefd4849d0da93b5a8a99673f62b2\n\n Architecture independent packages:\n\n http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-common_1.4.3-1ubuntu1.2_all.deb\n Size/MD5: 1463434 ab433df67ddd32bf49adbe3e16ba82c4\n http://security.ubuntu.com/ubuntu/pool/main/c/cups/cupsys-dbg_1.4.3-1ubuntu1.2_all.deb\n Size/MD5: 73442 8dad2edf6d46f76dcb52db201016947d\n http://security.ubuntu.com/ubuntu/pool/universe/c/cups/cupsddk_1.4.3-1ubuntu1.2_all.deb\n Size/MD5: 73402 db5a399abfcb69136bdd86554d1ab636\n http://security.ubuntu.com/ubuntu/pool/universe/c/cups/cupsys-bsd_1.4.3-1ubuntu1.2_all.deb\n Size/MD5: 73432 9fb3a058c65da62706a80d9484010eef\n http://security.ubuntu.com/ubuntu/pool/universe/c/cups/cupsys-client_1.4.3-1ubuntu1.2_all.deb\n Size/MD5: 73438 dab3b5e2ff47294536789a858bb9a3b3\n http://security.ubuntu.com/ubuntu/pool/universe/c/cups/cupsys-common_1.4.3-1ubuntu1.2_all.deb\n Size/MD5: 4552 e0c4a0047f7ec0268315afaa85caf9b0\n http://security.ubuntu.com/ubuntu/pool/universe/c/cups/cupsys_1.4.3-1ubuntu1.2_all.deb\n Size/MD5: 73424 ced4b61fab69b55277de4b5a29b7017d\n\n amd64 architecture (Athlon64, Opteron, EM64T Xeon):\n\n http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-bsd_1.4.3-1ubuntu1.2_amd64.deb\n Size/MD5: 44774 d9e37725367f31858091bdf5b168d881\n http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-client_1.4.3-1ubuntu1.2_amd64.deb\n Size/MD5: 140618 94b07ecdeac71ffd4ccd6417ba744a98\n http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-dbg_1.4.3-1ubuntu1.2_amd64.deb\n Size/MD5: 93886 7a2163f56c74b490b1c1a3a6c10d0cf4\n http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups_1.4.3-1ubuntu1.2_amd64.deb\n Size/MD5: 1973830 125e1409b54622ebcd8c0557efc004ab\n http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcups2-dev_1.4.3-1ubuntu1.2_amd64.deb\n Size/MD5: 212968 d6ab1b998818ba99f18b1e633666c13f\n http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcups2_1.4.3-1ubuntu1.2_amd64.deb\n Size/MD5: 223550 2c887f725f30a5e1d9aa2c20d6268337\n http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupscgi1-dev_1.4.3-1ubuntu1.2_amd64.deb\n Size/MD5: 107780 ec510ebb54127d6567d5b585321733d4\n http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupscgi1_1.4.3-1ubuntu1.2_amd64.deb\n Size/MD5: 33114 5ccf1df923f97a7ab3f0dcb56f9c7294\n http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsdriver1-dev_1.4.3-1ubuntu1.2_amd64.deb\n Size/MD5: 94168 f3fb3af8004fcb81ef04220e6a66d7f2\n http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsdriver1_1.4.3-1ubuntu1.2_amd64.deb\n Size/MD5: 22086 cf810510c3b376d69b13f37398aacc1a\n http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsimage2-dev_1.4.3-1ubuntu1.2_amd64.deb\n Size/MD5: 61438 882621ff9d056e9ac830ea5627bc0c93\n http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsimage2_1.4.3-1ubuntu1.2_amd64.deb\n Size/MD5: 53094 09ed3cb267e2e3b8bcbe208ea7a0ad02\n http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsmime1-dev_1.4.3-1ubuntu1.2_amd64.deb\n Size/MD5: 85296 3557d7e7ba9cdc196a6040eea6cd7272\n http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsmime1_1.4.3-1ubuntu1.2_amd64.deb\n Size/MD5: 15444 ea9e1ce52141169dd6c64f2633c195a4\n http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsppdc1-dev_1.4.3-1ubuntu1.2_amd64.deb\n Size/MD5: 147096 e85555341ed2031d26c921dc77ed7503\n http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsppdc1_1.4.3-1ubuntu1.2_amd64.deb\n Size/MD5: 59990 9ba72110aead42b48c679562e4b55af0\n http://security.ubuntu.com/ubuntu/pool/universe/c/cups/cups-ppdc_1.4.3-1ubuntu1.2_amd64.deb\n Size/MD5: 34596 3d41e6ee5ab5bc0abd355c5625c36091\n\n i386 architecture (x86 compatible Intel/AMD):\n\n http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-bsd_1.4.3-1ubuntu1.2_i386.deb\n Size/MD5: 43346 6de1a8c71528e1ec1014a5331309e8bd\n http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-client_1.4.3-1ubuntu1.2_i386.deb\n Size/MD5: 135836 9bee4520bf4ca64466a08a51b426088a\n http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-dbg_1.4.3-1ubuntu1.2_i386.deb\n Size/MD5: 92978 9397ab013a3ee9f18378b30b40d924ce\n http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups_1.4.3-1ubuntu1.2_i386.deb\n Size/MD5: 1928108 558ae105b117bd0ba98580b0db10de45\n http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcups2-dev_1.4.3-1ubuntu1.2_i386.deb\n Size/MD5: 202544 8bcf1d8fcafe878a6c3728ea448966e5\n http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcups2_1.4.3-1ubuntu1.2_i386.deb\n Size/MD5: 217726 7d8eddc54dc065a4a7d277c908e83f3e\n http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupscgi1-dev_1.4.3-1ubuntu1.2_i386.deb\n Size/MD5: 106934 441cd88aabbaa2a57adb57daebfd13c1\n http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupscgi1_1.4.3-1ubuntu1.2_i386.deb\n Size/MD5: 32950 fe896ca272249efb52cc3325c959b956\n http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsdriver1-dev_1.4.3-1ubuntu1.2_i386.deb\n Size/MD5: 94304 20dd13df8749e1e3b17053288b768146\n http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsdriver1_1.4.3-1ubuntu1.2_i386.deb\n Size/MD5: 21780 8c493eed360e1c996dacf20a993a4457\n http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsimage2-dev_1.4.3-1ubuntu1.2_i386.deb\n Size/MD5: 60196 8937ce7e76d479a3be672ed8287a7675\n http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsimage2_1.4.3-1ubuntu1.2_i386.deb\n Size/MD5: 52268 ca080db4912f21a37e496999506a4e12\n http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsmime1-dev_1.4.3-1ubuntu1.2_i386.deb\n Size/MD5: 85238 d9ded4b415c370cff8cf2c1a9c6b403a\n http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsmime1_1.4.3-1ubuntu1.2_i386.deb\n Size/MD5: 15138 c18676b7afb412704b384d02a9f764a0\n http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsppdc1-dev_1.4.3-1ubuntu1.2_i386.deb\n Size/MD5: 145604 c3f0c1d386de11db2c83b29ce61d747e\n http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsppdc1_1.4.3-1ubuntu1.2_i386.deb\n Size/MD5: 61266 9350be23632e0bb41bacdf493916f1e5\n http://security.ubuntu.com/ubuntu/pool/universe/c/cups/cups-ppdc_1.4.3-1ubuntu1.2_i386.deb\n Size/MD5: 32894 588a8edd7a8cef5ad2312c6b2a466d41\n\n powerpc architecture (Apple Macintosh G3/G4/G5):\n\n http://ports.ubuntu.com/pool/main/c/cups/cups-bsd_1.4.3-1ubuntu1.2_powerpc.deb\n Size/MD5: 44800 b5b282e36f232b95a4221a19c58e4d80\n http://ports.ubuntu.com/pool/main/c/cups/cups-client_1.4.3-1ubuntu1.2_powerpc.deb\n Size/MD5: 142152 c7959ec969f56a4c8061a9115e3fb9d0\n http://ports.ubuntu.com/pool/main/c/cups/cups-dbg_1.4.3-1ubuntu1.2_powerpc.deb\n Size/MD5: 93536 31ab6658804a9d5b8e165f7182522792\n http://ports.ubuntu.com/pool/main/c/cups/cups_1.4.3-1ubuntu1.2_powerpc.deb\n Size/MD5: 1992826 720559a8b6b13a49cb8de64599dc0d0c\n http://ports.ubuntu.com/pool/main/c/cups/libcups2-dev_1.4.3-1ubuntu1.2_powerpc.deb\n Size/MD5: 206536 c0792eccffa336a078847fc1570f1847\n http://ports.ubuntu.com/pool/main/c/cups/libcups2_1.4.3-1ubuntu1.2_powerpc.deb\n Size/MD5: 228182 7336ad247af6f88cf383738429859a03\n http://ports.ubuntu.com/pool/main/c/cups/libcupscgi1-dev_1.4.3-1ubuntu1.2_powerpc.deb\n Size/MD5: 107032 aa51ce9c4d8b97a4be4c4604c1ece7dd\n http://ports.ubuntu.com/pool/main/c/cups/libcupscgi1_1.4.3-1ubuntu1.2_powerpc.deb\n Size/MD5: 35034 5ad9a33558ab86fe168d1778367f5614\n http://ports.ubuntu.com/pool/main/c/cups/libcupsdriver1-dev_1.4.3-1ubuntu1.2_powerpc.deb\n Size/MD5: 93706 46fab84fdbe699e3bf89ac4d7a7a5f21\n http://ports.ubuntu.com/pool/main/c/cups/libcupsdriver1_1.4.3-1ubuntu1.2_powerpc.deb\n Size/MD5: 22244 4427366e73d2ed6b756290bbbe89f33e\n http://ports.ubuntu.com/pool/main/c/cups/libcupsimage2-dev_1.4.3-1ubuntu1.2_powerpc.deb\n Size/MD5: 60546 b5561e25ff9d7a625079a4a92b97eeeb\n http://ports.ubuntu.com/pool/main/c/cups/libcupsimage2_1.4.3-1ubuntu1.2_powerpc.deb\n Size/MD5: 55298 7564d5317f23a06dd984e7a011f7d4a3\n http://ports.ubuntu.com/pool/main/c/cups/libcupsmime1-dev_1.4.3-1ubuntu1.2_powerpc.deb\n Size/MD5: 85702 e50cfac0de465610de321b6a247294ad\n http://ports.ubuntu.com/pool/main/c/cups/libcupsmime1_1.4.3-1ubuntu1.2_powerpc.deb\n Size/MD5: 15702 b530dc6e40497cdd17cb2eef7fc86f35\n http://ports.ubuntu.com/pool/main/c/cups/libcupsppdc1-dev_1.4.3-1ubuntu1.2_powerpc.deb\n Size/MD5: 145258 3e1d1f46e3a3a978073cb7134660dca8\n http://ports.ubuntu.com/pool/main/c/cups/libcupsppdc1_1.4.3-1ubuntu1.2_powerpc.deb\n Size/MD5: 64908 91d9e1374bca739f621f52ff824cb967\n http://ports.ubuntu.com/pool/universe/c/cups/cups-ppdc_1.4.3-1ubuntu1.2_powerpc.deb\n Size/MD5: 34770 300740d181959eaa050dd38e8d7f5b95\n\n sparc architecture (Sun SPARC/UltraSPARC):\n\n http://ports.ubuntu.com/pool/main/c/cups/cups-bsd_1.4.3-1ubuntu1.2_sparc.deb\n Size/MD5: 44076 8e8b983418cfe367c386a581948e62d1\n http://ports.ubuntu.com/pool/main/c/cups/cups-client_1.4.3-1ubuntu1.2_sparc.deb\n Size/MD5: 140914 b937ab49f26f53b13dbacfa1b1755b5e\n http://ports.ubuntu.com/pool/main/c/cups/cups-dbg_1.4.3-1ubuntu1.2_sparc.deb\n Size/MD5: 93224 9b81849a723629db064aada33a669605\n http://ports.ubuntu.com/pool/main/c/cups/cups_1.4.3-1ubuntu1.2_sparc.deb\n Size/MD5: 2042588 76638c4d1cc937a4d3038d6ca56c017c\n http://ports.ubuntu.com/pool/main/c/cups/libcups2-dev_1.4.3-1ubuntu1.2_sparc.deb\n Size/MD5: 210178 e1f8624cc98825259447a8f3cfccab43\n http://ports.ubuntu.com/pool/main/c/cups/libcups2_1.4.3-1ubuntu1.2_sparc.deb\n Size/MD5: 220154 d2692b4767b48e7960007762babdfd4d\n http://ports.ubuntu.com/pool/main/c/cups/libcupscgi1-dev_1.4.3-1ubuntu1.2_sparc.deb\n Size/MD5: 109484 ee657ed269651dad0e97742db63b3fa6\n http://ports.ubuntu.com/pool/main/c/cups/libcupscgi1_1.4.3-1ubuntu1.2_sparc.deb\n Size/MD5: 33836 49d880a15f6c4c92dc37ef7c9a3e94ed\n http://ports.ubuntu.com/pool/main/c/cups/libcupsdriver1-dev_1.4.3-1ubuntu1.2_sparc.deb\n Size/MD5: 94740 807e344de7057bf78fdbe6d16c8160fe\n http://ports.ubuntu.com/pool/main/c/cups/libcupsdriver1_1.4.3-1ubuntu1.2_sparc.deb\n Size/MD5: 22060 285f1d26a014fcaba9c52a8a204f4a8e\n http://ports.ubuntu.com/pool/main/c/cups/libcupsimage2-dev_1.4.3-1ubuntu1.2_sparc.deb\n Size/MD5: 59236 f2769fd0e05f40416fafb3b8b4e71fd3\n http://ports.ubuntu.com/pool/main/c/cups/libcupsimage2_1.4.3-1ubuntu1.2_sparc.deb\n Size/MD5: 51354 0dacc2034f6a772bf1a35c4390bd707b\n http://ports.ubuntu.com/pool/main/c/cups/libcupsmime1-dev_1.4.3-1ubuntu1.2_sparc.deb\n Size/MD5: 84742 42f204443d66552e20b05f431a37c9b6\n http://ports.ubuntu.com/pool/main/c/cups/libcupsmime1_1.4.3-1ubuntu1.2_sparc.deb\n Size/MD5: 14596 7bc50be13da6d36c7a8b1ef77ea2c64c\n http://ports.ubuntu.com/pool/main/c/cups/libcupsppdc1-dev_1.4.3-1ubuntu1.2_sparc.deb\n Size/MD5: 150882 f51782127f098c8431b4c08ad9084a08\n http://ports.ubuntu.com/pool/main/c/cups/libcupsppdc1_1.4.3-1ubuntu1.2_sparc.deb\n Size/MD5: 62864 470e0fe33fae056cb349cba8f291552a\n http://ports.ubuntu.com/pool/universe/c/cups/cups-ppdc_1.4.3-1ubuntu1.2_sparc.deb\n Size/MD5: 34536 d7f328a90189cac65cda36e18bac2391\n\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2010-0540"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001645"
},
{
"db": "BID",
"id": "40889"
},
{
"db": "VULHUB",
"id": "VHN-43145"
},
{
"db": "PACKETSTORM",
"id": "95855"
},
{
"db": "PACKETSTORM",
"id": "98814"
},
{
"db": "PACKETSTORM",
"id": "95852"
},
{
"db": "PACKETSTORM",
"id": "90942"
},
{
"db": "PACKETSTORM",
"id": "114577"
},
{
"db": "PACKETSTORM",
"id": "90900"
},
{
"db": "PACKETSTORM",
"id": "95860"
}
],
"trust": 2.61
},
"exploit_availability": {
"_id": null,
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-43145",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-43145"
}
]
},
"external_ids": {
"_id": null,
"data": [
{
"db": "NVD",
"id": "CVE-2010-0540",
"trust": 3.5
},
{
"db": "SECUNIA",
"id": "40220",
"trust": 2.7
},
{
"db": "VUPEN",
"id": "ADV-2010-1481",
"trust": 2.5
},
{
"db": "SECTRACK",
"id": "1024122",
"trust": 1.9
},
{
"db": "BID",
"id": "40871",
"trust": 1.7
},
{
"db": "BID",
"id": "40889",
"trust": 1.2
},
{
"db": "SECUNIA",
"id": "43521",
"trust": 1.1
},
{
"db": "VUPEN",
"id": "ADV-2011-0535",
"trust": 1.1
},
{
"db": "VUPEN",
"id": "ADV-2010-1524",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001645",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201006-280",
"trust": 0.7
},
{
"db": "APPLE",
"id": "APPLE-SA-2010-06-15-1",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "95860",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "90900",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "95852",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "95855",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-43145",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "98814",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "90942",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "114577",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-43145"
},
{
"db": "BID",
"id": "40889"
},
{
"db": "PACKETSTORM",
"id": "95855"
},
{
"db": "PACKETSTORM",
"id": "98814"
},
{
"db": "PACKETSTORM",
"id": "95852"
},
{
"db": "PACKETSTORM",
"id": "90942"
},
{
"db": "PACKETSTORM",
"id": "114577"
},
{
"db": "PACKETSTORM",
"id": "90900"
},
{
"db": "PACKETSTORM",
"id": "95860"
},
{
"db": "CNNVD",
"id": "CNNVD-201006-280"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001645"
},
{
"db": "NVD",
"id": "CVE-2010-0540"
}
]
},
"id": "VAR-201006-0051",
"iot": {
"_id": null,
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-43145"
}
],
"trust": 0.01
},
"last_update_date": "2026-04-10T23:36:13.997000Z",
"patch": {
"_id": null,
"data": [
{
"title": "HT4188",
"trust": 0.8,
"url": "http://support.apple.com/kb/HT4188"
},
{
"title": "HT4188",
"trust": 0.8,
"url": "http://support.apple.com/kb/HT4188?viewlocale=ja_JP"
},
{
"title": "cups-1.3.7-18.4.0.1.AXS3",
"trust": 0.8,
"url": "https://tsn.miraclelinux.com/tsn_local/index.php?m=errata\u0026a=detail\u0026eid=1058"
},
{
"title": "STR #3498",
"trust": 0.8,
"url": "http://www.cups.org/str.php?L3498"
},
{
"title": "L596",
"trust": 0.8,
"url": "http://www.cups.org/articles.php?L596"
},
{
"title": "2070",
"trust": 0.8,
"url": "http://www.miraclelinux.com/support/index.php?q=node/99\u0026errata_id=2070"
},
{
"title": "RHSA-2010:0490",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/RHSA-2010-0490.html"
},
{
"title": "cross_site_request_forgery_csrf",
"trust": 0.8,
"url": "http://blogs.sun.com/security/entry/cross_site_request_forgery_csrf"
},
{
"title": "TLSA-2010-25",
"trust": 0.8,
"url": "http://www.turbolinux.co.jp/security/2010/TLSA-2010-25j.txt"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2010-001645"
}
]
},
"problemtype_data": {
"_id": null,
"data": [
{
"problemtype": "CWE-352",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-43145"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001645"
},
{
"db": "NVD",
"id": "CVE-2010-0540"
}
]
},
"references": {
"_id": null,
"data": [
{
"trust": 2.5,
"url": "http://secunia.com/advisories/40220"
},
{
"trust": 2.5,
"url": "http://www.vupen.com/english/advisories/2010/1481"
},
{
"trust": 1.9,
"url": "http://www.securitytracker.com/id?1024122"
},
{
"trust": 1.8,
"url": "http://support.apple.com/kb/ht4188"
},
{
"trust": 1.7,
"url": "http://lists.apple.com/archives/security-announce/2010//jun/msg00001.html"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/40871"
},
{
"trust": 1.4,
"url": "http://cups.org/articles.php?l596"
},
{
"trust": 1.2,
"url": "http://security.gentoo.org/glsa/glsa-201207-10.xml"
},
{
"trust": 1.1,
"url": "http://cups.org/str.php?l3498"
},
{
"trust": 1.1,
"url": "http://www.debian.org/security/2011/dsa-2176"
},
{
"trust": 1.1,
"url": "http://www.mandriva.com/security/advisories?name=mdvsa-2010:232"
},
{
"trust": 1.1,
"url": "http://www.mandriva.com/security/advisories?name=mdvsa-2010:233"
},
{
"trust": 1.1,
"url": "http://www.mandriva.com/security/advisories?name=mdvsa-2010:234"
},
{
"trust": 1.1,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a10382"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/43521"
},
{
"trust": 1.1,
"url": "http://www.vupen.com/english/advisories/2011/0535"
},
{
"trust": 1.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0540"
},
{
"trust": 0.9,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2010-0540"
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/40889"
},
{
"trust": 0.8,
"url": "http://www.vupen.com/english/advisories/2010/1524"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0540"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-2941"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-1748"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0542"
},
{
"trust": 0.4,
"url": "http://secunia.com/"
},
{
"trust": 0.4,
"url": "http://lists.grok.org.uk/full-disclosure-charter.html"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-2431"
},
{
"trust": 0.3,
"url": "http://www.apple.com/macosx/"
},
{
"trust": 0.3,
"url": "http://support.avaya.com/css/p8/documents/100091916"
},
{
"trust": 0.3,
"url": "http://blogs.sun.com/security/entry/cross_site_request_forgery_csrf"
},
{
"trust": 0.3,
"url": "http://www.mandriva.com/security/"
},
{
"trust": 0.3,
"url": "http://www.mandriva.com/security/advisories"
},
{
"trust": 0.3,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2941"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3553"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-2432"
},
{
"trust": 0.2,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2431"
},
{
"trust": 0.2,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1748"
},
{
"trust": 0.2,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0542"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-5183"
},
{
"trust": 0.1,
"url": "http://www.debian.org/security/faq"
},
{
"trust": 0.1,
"url": "http://www.debian.org/security/"
},
{
"trust": 0.1,
"url": "http://store.mandriva.com/product_info.php?cpath=149\u0026products_id=490"
},
{
"trust": 0.1,
"url": "http://secunia.com/products/corporate/evm/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/40220/"
},
{
"trust": 0.1,
"url": "http://www.gnucitizen.org/blog/apple-further-locks-down-cups-cve-2010-0540/"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=40220"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/corporate/webinars/"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/personal/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/40220/#comments"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
},
{
"trust": 0.1,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2009-3553"
},
{
"trust": 0.1,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2010-0302"
},
{
"trust": 0.1,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2010-0542"
},
{
"trust": 0.1,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2010-1748"
},
{
"trust": 0.1,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2010-2431"
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-3170"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2010-0393"
},
{
"trust": 0.1,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2010-2941"
},
{
"trust": 0.1,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-3170"
},
{
"trust": 0.1,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2010-2432"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0302"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0393"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/c/cups/libcupsppdc1_1.4.3-1ubuntu1.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/c/cupsys/libcupsimage2_1.3.7-1ubuntu3.11_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.2.2-0ubuntu0.6.06.19_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/c/cups/cups-dbg_1.4.3-1ubuntu1.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.2.2-0ubuntu0.6.06.19_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-common_1.4.3-1ubuntu1.2_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsdriver1_1.4.3-1ubuntu1.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/c/cupsys/libcupsimage2-dev_1.3.7-1ubuntu3.11_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.2-0ubuntu0.6.06.19_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/c/cups/cups_1.4.3-1ubuntu1.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/c/cups/libcupsimage2_1.3.9-17ubuntu3.9_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsppdc1-dev_1.4.1-5ubuntu2.6_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.2.2-0ubuntu0.6.06.19_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups_1.4.3-1ubuntu1.2.dsc"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/c/cupsys/cupsys_1.3.7-1ubuntu3.11_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-client_1.3.9-17ubuntu3.9_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/c/cups/cupsys-client_1.4.3-1ubuntu1.2_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-common_1.3.7-1ubuntu3.11_all.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/c/cups/libcups2-dev_1.3.9-17ubuntu3.9_lpia.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/c/cups/cups-bsd_1.4.1-5ubuntu2.6_lpia.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/c/cups/cups-dbg_1.4.1-5ubuntu2.6_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/c/cups/libcupsdriver1_1.4.1-5ubuntu2.6_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/c/cups/libcupscgi1_1.4.3-1ubuntu1.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/c/cups/libcups2_1.4.3-1ubuntu1.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/c/cups/cupsys-client_1.4.1-5ubuntu2.6_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.2-0ubuntu0.6.06.19_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/c/cupsys/cupsys_1.3.7-1ubuntu3.11_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcups2-dev_1.4.1-5ubuntu2.6_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/c/cups/cupsddk_1.4.1-5ubuntu2.6_all.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/c/cups/cups-bsd_1.3.9-17ubuntu3.9_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/c/cupsys/libcupsys2-dev_1.3.7-1ubuntu3.11_lpia.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/universe/c/cups/cups-ppdc_1.4.3-1ubuntu1.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcups2_1.3.9-17ubuntu3.9_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-common_1.4.1-5ubuntu2.6_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.2.2-0ubuntu0.6.06.19_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupscgi1_1.4.1-5ubuntu2.6_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.2.2-0ubuntu0.6.06.19_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/c/cups/libcupsdriver1_1.4.1-5ubuntu2.6_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.2.2-0ubuntu0.6.06.19_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/c/cups/libcupsimage2-dev_1.4.1-5ubuntu2.6_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.2.2-0ubuntu0.6.06.19_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/c/cups/cups_1.3.9-17ubuntu3.9_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/c/cups/cups-bsd_1.4.1-5ubuntu2.6_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/c/cups/libcups2_1.4.1-5ubuntu2.6_lpia.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/c/cups/libcupsdriver1-dev_1.4.1-5ubuntu2.6_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsimage2-dev_1.4.3-1ubuntu1.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-bsd_1.4.1-5ubuntu2.6_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/c/cups/cups-bsd_1.4.1-5ubuntu2.6_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsimage2_1.4.1-5ubuntu2.6_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/c/cups/libcupsimage2-dev_1.4.3-1ubuntu1.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsimage2-dev_1.3.9-17ubuntu3.9_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-client_1.4.1-5ubuntu2.6_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsppdc1_1.4.1-5ubuntu2.6_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/c/cups/cupsys-common_1.4.3-1ubuntu1.2_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupscgi1-dev_1.4.3-1ubuntu1.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.3.7-1ubuntu3.11_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/c/cups/libcupsmime1-dev_1.4.3-1ubuntu1.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/c/cups/libcupsdriver1-dev_1.4.1-5ubuntu2.6_lpia.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/c/cups/libcupsmime1-dev_1.4.3-1ubuntu1.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupscgi1_1.4.3-1ubuntu1.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/c/cups/libcupsmime1_1.4.1-5ubuntu2.6_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcups2_1.4.3-1ubuntu1.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/c/cups/libcupsimage2_1.4.1-5ubuntu2.6_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsimage2-dev_1.4.1-5ubuntu2.6_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-dbg_1.3.9-17ubuntu3.9_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/c/cupsys/libcupsimage2-dev_1.3.7-1ubuntu3.11_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.2-0ubuntu0.6.06.19.dsc"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/c/cups/libcups2_1.3.9-17ubuntu3.9_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-client_1.4.1-5ubuntu2.6_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/c/cups/cups_1.4.1-5ubuntu2.6_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsmime1-dev_1.4.3-1ubuntu1.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/c/cups/cups-client_1.4.3-1ubuntu1.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcups2_1.4.3-1ubuntu1.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/c/cups/cups-bsd_1.4.3-1ubuntu1.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.2.2-0ubuntu0.6.06.19_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/c/cups/libcups2_1.3.9-17ubuntu3.9_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/c/cups/libcupsppdc1-dev_1.4.3-1ubuntu1.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.2.2-0ubuntu0.6.06.19_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsmime1-dev_1.4.1-5ubuntu2.6_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.3.7-1ubuntu3.11_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cups/cupsys-dbg_1.4.1-5ubuntu2.6_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/c/cups/cupsys-client_1.3.9-17ubuntu3.9_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups_1.3.9-17ubuntu3.9.dsc"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/c/cups/cups-ppdc_1.4.3-1ubuntu1.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-bsd_1.4.3-1ubuntu1.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/c/cups/libcups2-dev_1.3.9-17ubuntu3.9_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/c/cupsys/cupsys-bsd_1.3.7-1ubuntu3.11_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsmime1_1.4.1-5ubuntu2.6_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/c/cups/libcupsimage2_1.4.3-1ubuntu1.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/c/cups/libcupsimage2-dev_1.4.1-5ubuntu2.6_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.2-0ubuntu0.6.06.19.diff.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups_1.3.9-17ubuntu3.9.diff.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-dbg_1.4.3-1ubuntu1.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/c/cupsys/libcupsimage2_1.3.7-1ubuntu3.11_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/c/cups/cupsys_1.4.1-5ubuntu2.6_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsmime1_1.4.1-5ubuntu2.6_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/c/cups/libcups2_1.4.1-5ubuntu2.6_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.3.7-1ubuntu3.11_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.3.7-1ubuntu3.11_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-dbg_1.4.1-5ubuntu2.6_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-client_1.4.3-1ubuntu1.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/c/cups/cups-dbg_1.4.3-1ubuntu1.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-bsd_1.4.3-1ubuntu1.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.2.2-0ubuntu0.6.06.19_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.2.2-0ubuntu0.6.06.19_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/c/cups/cups-dbg_1.4.1-5ubuntu2.6_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/c/cups/cups-ppdc_1.4.3-1ubuntu1.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.3.7-1ubuntu3.11_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.3.7.orig.tar.gz"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/c/cups/libcupscgi1-dev_1.4.1-5ubuntu2.6_lpia.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/c/cups/cups_1.4.1-5ubuntu2.6_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsys2-dev_1.3.9-17ubuntu3.9_all.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/c/cupsys/cupsys-bsd_1.3.7-1ubuntu3.11_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/c/cups/cups-client_1.4.3-1ubuntu1.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/c/cups/cupsys_1.3.9-17ubuntu3.9_all.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/c/cups/libcupsimage2-dev_1.3.9-17ubuntu3.9_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/c/cups/libcupsdriver1_1.4.1-5ubuntu2.6_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/c/cups/libcups2-dev_1.4.1-5ubuntu2.6_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/c/cups/cupsys-bsd_1.4.1-5ubuntu2.6_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsmime1_1.4.3-1ubuntu1.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups_1.3.9-17ubuntu3.9_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsdriver1-dev_1.4.1-5ubuntu2.6_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/c/cups/libcupsimage2_1.4.1-5ubuntu2.6_lpia.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/c/cups/libcupsmime1-dev_1.4.1-5ubuntu2.6_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/c/cups/cups-bsd_1.3.9-17ubuntu3.9_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsdriver1-dev_1.4.3-1ubuntu1.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/c/cupsys/libcupsys2_1.3.7-1ubuntu3.11_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsppdc1_1.4.3-1ubuntu1.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/c/cups/libcupsimage2-dev_1.3.9-17ubuntu3.9_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-dbg_1.4.1-5ubuntu2.6_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.2.2-0ubuntu0.6.06.19_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/c/cups/libcupscgi1-dev_1.4.1-5ubuntu2.6_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.2.2-0ubuntu0.6.06.19_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsimage2_1.4.3-1ubuntu1.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/c/cups/libcupsppdc1-dev_1.4.3-1ubuntu1.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/c/cups/cups-dbg_1.3.9-17ubuntu3.9_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsmime1-dev_1.4.3-1ubuntu1.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups_1.4.1-5ubuntu2.6.diff.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsdriver1_1.4.1-5ubuntu2.6_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/c/cupsys/cupsys-bsd_1.3.7-1ubuntu3.11_lpia.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/c/cups/libcupsmime1_1.4.3-1ubuntu1.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/c/cups/cups-client_1.4.1-5ubuntu2.6_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcups2-dev_1.4.3-1ubuntu1.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/c/cups/libcupsppdc1_1.4.1-5ubuntu2.6_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-client_1.3.9-17ubuntu3.9_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsdriver1_1.4.3-1ubuntu1.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.3.7-1ubuntu3.11_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-client_1.4.3-1ubuntu1.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/c/cups/libcupscgi1_1.4.3-1ubuntu1.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsimage2_1.4.3-1ubuntu1.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/universe/c/cups/cups-ppdc_1.4.1-5ubuntu2.6_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/c/cups/cups-client_1.3.9-17ubuntu3.9_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/c/cupsys/cupsys-client_1.3.7-1ubuntu3.11_lpia.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/c/cups/libcupsppdc1_1.4.1-5ubuntu2.6_lpia.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/c/cupsys/cupsys-client_1.3.7-1ubuntu3.11_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups_1.4.1-5ubuntu2.6_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/c/cups/libcupsdriver1_1.4.3-1ubuntu1.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/c/cups/cups-client_1.3.9-17ubuntu3.9_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupscgi1_1.4.1-5ubuntu2.6_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.3.7-1ubuntu3.11_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.3.7-1ubuntu3.11_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.2.2-0ubuntu0.6.06.19_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/c/cups/libcupsimage2-dev_1.4.1-5ubuntu2.6_lpia.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/c/cups/cups-dbg_1.3.9-17ubuntu3.9_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsimage2_1.4.1-5ubuntu2.6_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/c/cupsys/cupsys_1.3.7-1ubuntu3.11_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsppdc1_1.4.1-5ubuntu2.6_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/c/cups/libcupsdriver1-dev_1.4.3-1ubuntu1.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-bsd_1.4.1-5ubuntu2.6_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/c/cups/libcupsimage2-dev_1.3.9-17ubuntu3.9_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.3.7-1ubuntu3.11_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/c/cups/libcupscgi1_1.4.1-5ubuntu2.6_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/c/cups/libcupscgi1-dev_1.4.1-5ubuntu2.6_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/c/cups/cups_1.4.3-1ubuntu1.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/c/cups/libcups2_1.4.1-5ubuntu2.6_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcups2_1.3.9-17ubuntu3.9_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-dbg_1.4.3-1ubuntu1.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.2.2-0ubuntu0.6.06.19_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcups2-dev_1.4.3-1ubuntu1.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsppdc1-dev_1.4.3-1ubuntu1.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.2.2-0ubuntu0.6.06.19_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.3.7-1ubuntu3.11_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/c/cupsys/libcupsys2-dev_1.3.7-1ubuntu3.11_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/c/cups/libcups2-dev_1.4.3-1ubuntu1.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/c/cups/cups-ppdc_1.4.1-5ubuntu2.6_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/c/cups/libcupscgi1_1.4.1-5ubuntu2.6_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups_1.4.3-1ubuntu1.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.3.7-1ubuntu3.11.diff.gz"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/c/cupsys/libcupsys2-dev_1.3.7-1ubuntu3.11_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.3.7-1ubuntu3.11_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsimage2-dev_1.3.9-17ubuntu3.9_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/c/cups/cupsys_1.4.3-1ubuntu1.2_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups_1.3.9-17ubuntu3.9_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/c/cups/cupsys-bsd_1.3.9-17ubuntu3.9_all.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/c/cups/libcupscgi1_1.4.1-5ubuntu2.6_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.2-0ubuntu0.6.06.19_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/c/cups/libcupscgi1-dev_1.4.3-1ubuntu1.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/c/cupsys/libcupsys2_1.3.7-1ubuntu3.11_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups_1.3.9.orig.tar.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupscgi1-dev_1.4.3-1ubuntu1.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/c/cups/libcupscgi1-dev_1.4.3-1ubuntu1.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.3.7-1ubuntu3.11.dsc"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcups2_1.4.1-5ubuntu2.6_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/c/cups/libcupsmime1-dev_1.4.1-5ubuntu2.6_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsdriver1-dev_1.4.1-5ubuntu2.6_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcups2_1.4.1-5ubuntu2.6_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/c/cups/libcupsmime1_1.4.1-5ubuntu2.6_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsimage2_1.3.9-17ubuntu3.9_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsimage2_1.3.9-17ubuntu3.9_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/c/cups/libcups2_1.4.3-1ubuntu1.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-gnutls10_1.2.2-0ubuntu0.6.06.19_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsdriver1-dev_1.4.3-1ubuntu1.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.2.2-0ubuntu0.6.06.19_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/c/cupsys/libcupsimage2_1.3.7-1ubuntu3.11_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/c/cups/libcupsppdc1-dev_1.4.1-5ubuntu2.6_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups_1.4.1-5ubuntu2.6_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsppdc1-dev_1.4.1-5ubuntu2.6_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups_1.4.1-5ubuntu2.6.dsc"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/c/cups/libcups2-dev_1.3.9-17ubuntu3.9_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupscgi1-dev_1.4.1-5ubuntu2.6_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/c/cups/libcupsdriver1-dev_1.4.1-5ubuntu2.6_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/c/cups/libcups2-dev_1.4.1-5ubuntu2.6_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/c/cups/cupsddk_1.4.3-1ubuntu1.2_all.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/c/cups/cups-client_1.4.1-5ubuntu2.6_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/c/cups/libcupsimage2_1.4.1-5ubuntu2.6_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsmime1-dev_1.4.1-5ubuntu2.6_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.2.2-0ubuntu0.6.06.19_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/c/cups/cupsys-common_1.4.1-5ubuntu2.6_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-dbg_1.3.9-17ubuntu3.9_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/c/cups/libcupsimage2_1.4.3-1ubuntu1.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/universe/c/cups/cups-ppdc_1.4.1-5ubuntu2.6_lpia.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/c/cups/libcupsdriver1_1.4.3-1ubuntu1.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/c/cups/libcups2-dev_1.4.3-1ubuntu1.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/universe/c/cups/cups-ppdc_1.4.3-1ubuntu1.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/c/cups/libcupsimage2-dev_1.4.3-1ubuntu1.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.2.2-0ubuntu0.6.06.19_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-bsd_1.3.9-17ubuntu3.9_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/universe/c/cups/cups-ppdc_1.4.1-5ubuntu2.6_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/c/cupsys/libcupsys2_1.3.7-1ubuntu3.11_lpia.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/c/cups/cups-bsd_1.3.9-17ubuntu3.9_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups_1.4.1.orig.tar.gz"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/c/cupsys/cupsys-client_1.3.7-1ubuntu3.11_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/c/cups/libcupsimage2_1.3.9-17ubuntu3.9_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.2.2-0ubuntu0.6.06.19_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/c/cups/libcupsmime1_1.4.1-5ubuntu2.6_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.3.7-1ubuntu3.11_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/c/cups/cups_1.3.9-17ubuntu3.9_lpia.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/c/cups/cups-dbg_1.3.9-17ubuntu3.9_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cups/cupsys-dbg_1.3.9-17ubuntu3.9_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupscgi1-dev_1.4.1-5ubuntu2.6_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/c/cups/cups_1.4.1-5ubuntu2.6_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cups/cupsys-dbg_1.4.3-1ubuntu1.2_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsppdc1_1.4.3-1ubuntu1.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/c/cups/cups-ppdc_1.4.1-5ubuntu2.6_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.3.7-1ubuntu3.11_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.2-0ubuntu0.6.06.19_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.2.2-0ubuntu0.6.06.19_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups_1.4.3-1ubuntu1.2.diff.gz"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/c/cups/cups-client_1.3.9-17ubuntu3.9_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/c/cups/cupsys-bsd_1.4.3-1ubuntu1.2_all.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/c/cups/libcupsmime1_1.4.3-1ubuntu1.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/c/cups/libcupsppdc1_1.4.3-1ubuntu1.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/c/cups/libcupsppdc1-dev_1.4.1-5ubuntu2.6_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/c/cups/cupsys-common_1.3.9-17ubuntu3.9_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcups2-dev_1.3.9-17ubuntu3.9_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/c/cups/cups_1.3.9-17ubuntu3.9_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.2.2-0ubuntu0.6.06.19_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.2.2-0ubuntu0.6.06.19_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/c/cups/cups-bsd_1.4.3-1ubuntu1.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-common_1.3.9-17ubuntu3.9_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.2.orig.tar.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcups2-dev_1.4.1-5ubuntu2.6_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/c/cups/libcupsppdc1_1.4.1-5ubuntu2.6_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups_1.4.3.orig.tar.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupscgi1_1.4.3-1ubuntu1.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/c/cups/libcups2-dev_1.4.1-5ubuntu2.6_lpia.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/c/cups/libcups2_1.3.9-17ubuntu3.9_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcups2-dev_1.3.9-17ubuntu3.9_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups_1.4.3-1ubuntu1.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/c/cups/cups-dbg_1.4.1-5ubuntu2.6_lpia.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/c/cups/libcupsmime1-dev_1.4.1-5ubuntu2.6_lpia.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/c/cups/libcupsimage2_1.3.9-17ubuntu3.9_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsppdc1-dev_1.4.3-1ubuntu1.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/c/cups/libcupsdriver1-dev_1.4.3-1ubuntu1.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/c/cups/cups-client_1.4.1-5ubuntu2.6_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-bsd_1.3.9-17ubuntu3.9_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsmime1_1.4.3-1ubuntu1.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/c/cups/libcupsys2_1.3.9-17ubuntu3.9_all.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/c/cups/libcupsppdc1-dev_1.4.1-5ubuntu2.6_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/c/cupsys/libcupsimage2-dev_1.3.7-1ubuntu3.11_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.3.7-1ubuntu3.11_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsimage2-dev_1.4.1-5ubuntu2.6_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.2.2-0ubuntu0.6.06.19_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsimage2-dev_1.4.3-1ubuntu1.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsdriver1_1.4.1-5ubuntu2.6_i386.deb"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-43145"
},
{
"db": "BID",
"id": "40889"
},
{
"db": "PACKETSTORM",
"id": "95855"
},
{
"db": "PACKETSTORM",
"id": "98814"
},
{
"db": "PACKETSTORM",
"id": "95852"
},
{
"db": "PACKETSTORM",
"id": "90942"
},
{
"db": "PACKETSTORM",
"id": "114577"
},
{
"db": "PACKETSTORM",
"id": "90900"
},
{
"db": "PACKETSTORM",
"id": "95860"
},
{
"db": "CNNVD",
"id": "CNNVD-201006-280"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001645"
},
{
"db": "NVD",
"id": "CVE-2010-0540"
}
]
},
"sources": {
"_id": null,
"data": [
{
"db": "VULHUB",
"id": "VHN-43145",
"ident": null
},
{
"db": "BID",
"id": "40889",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "95855",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "98814",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "95852",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "90942",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "114577",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "90900",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "95860",
"ident": null
},
{
"db": "CNNVD",
"id": "CNNVD-201006-280",
"ident": null
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001645",
"ident": null
},
{
"db": "NVD",
"id": "CVE-2010-0540",
"ident": null
}
]
},
"sources_release_date": {
"_id": null,
"data": [
{
"date": "2010-06-17T00:00:00",
"db": "VULHUB",
"id": "VHN-43145",
"ident": null
},
{
"date": "2010-06-15T00:00:00",
"db": "BID",
"id": "40889",
"ident": null
},
{
"date": "2010-11-16T01:25:14",
"db": "PACKETSTORM",
"id": "95855",
"ident": null
},
{
"date": "2011-03-02T03:30:00",
"db": "PACKETSTORM",
"id": "98814",
"ident": null
},
{
"date": "2010-11-16T01:04:27",
"db": "PACKETSTORM",
"id": "95852",
"ident": null
},
{
"date": "2010-06-24T15:47:15",
"db": "PACKETSTORM",
"id": "90942",
"ident": null
},
{
"date": "2012-07-10T13:46:02",
"db": "PACKETSTORM",
"id": "114577",
"ident": null
},
{
"date": "2010-06-23T05:44:30",
"db": "PACKETSTORM",
"id": "90900",
"ident": null
},
{
"date": "2010-11-16T01:29:48",
"db": "PACKETSTORM",
"id": "95860",
"ident": null
},
{
"date": "2010-06-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201006-280",
"ident": null
},
{
"date": "2010-07-08T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2010-001645",
"ident": null
},
{
"date": "2010-06-17T16:30:01.327000",
"db": "NVD",
"id": "CVE-2010-0540",
"ident": null
}
]
},
"sources_update_date": {
"_id": null,
"data": [
{
"date": "2017-09-19T00:00:00",
"db": "VULHUB",
"id": "VHN-43145",
"ident": null
},
{
"date": "2015-05-07T17:16:00",
"db": "BID",
"id": "40889",
"ident": null
},
{
"date": "2010-06-21T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201006-280",
"ident": null
},
{
"date": "2011-03-31T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2010-001645",
"ident": null
},
{
"date": "2025-04-11T00:51:21.963000",
"db": "NVD",
"id": "CVE-2010-0540",
"ident": null
}
]
},
"threat_type": {
"_id": null,
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "95855"
},
{
"db": "PACKETSTORM",
"id": "90900"
},
{
"db": "CNNVD",
"id": "CNNVD-201006-280"
}
],
"trust": 0.8
},
"title": {
"_id": null,
"data": "Apple Mac OS X Run on CUPS Vulnerable to cross-site request forgery",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2010-001645"
}
],
"trust": 0.8
},
"type": {
"_id": null,
"data": "cross-site request forgery",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201006-280"
}
],
"trust": 0.6
}
}
VAR-201410-1418
Vulnerability from variot - Updated: 2026-04-10 23:34The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other products, uses nondeterministic CBC padding, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, aka the "POODLE" issue. OpenSSL is prone to an information disclosure vulnerability. An attacker can exploit this issue to perform man-in-the-middle attacks and obtain sensitive information. Successful exploits will lead to other attacks. The following versions are vulnerable: OpenSSL 0.9.8 prior to 0.9.8zc OpenSSL 1.0.0 prior to 1.0.0o OpenSSL 1.0.1 prior to 1.0.1j. SSL protocol is the abbreviation of Secure Socket Layer protocol (Secure Socket Layer) developed by Netscape, which provides security and data integrity guarantee for Internet communication. The vulnerability is caused by the program's use of non-deterministic CBC padding. OpenSSL Security Advisory [15 Oct 2014] =======================================
SRTP Memory Leak (CVE-2014-3513)
Severity: High
A flaw in the DTLS SRTP extension parsing code allows an attacker, who sends a carefully crafted handshake message, to cause OpenSSL to fail to free up to 64k of memory causing a memory leak. This could be exploited in a Denial Of Service attack. This issue affects OpenSSL 1.0.1 server implementations for both SSL/TLS and DTLS regardless of whether SRTP is used or configured. Implementations of OpenSSL that have been compiled with OPENSSL_NO_SRTP defined are not affected.
This issue was reported to OpenSSL on 26th September 2014, based on an original issue and patch developed by the LibreSSL project. Further analysis of the issue was performed by the OpenSSL team.
The fix was developed by the OpenSSL team.
Session Ticket Memory Leak (CVE-2014-3567)
Severity: Medium
When an OpenSSL SSL/TLS/DTLS server receives a session ticket the integrity of that ticket is first verified. In the event of a session ticket integrity check failing, OpenSSL will fail to free memory causing a memory leak. By sending a large number of invalid session tickets an attacker could exploit this issue in a Denial Of Service attack.
This issue was reported to OpenSSL on 8th October 2014.
The fix was developed by Stephen Henson of the OpenSSL core team.
SSL 3.0 Fallback protection
Severity: Medium
OpenSSL has added support for TLS_FALLBACK_SCSV to allow applications to block the ability for a MITM attacker to force a protocol downgrade.
Some client applications (such as browsers) will reconnect using a downgraded protocol to work around interoperability bugs in older servers. This could be exploited by an active man-in-the-middle to downgrade connections to SSL 3.0 even if both sides of the connection support higher protocols. SSL 3.0 contains a number of weaknesses including POODLE (CVE-2014-3566).
https://tools.ietf.org/html/draft-ietf-tls-downgrade-scsv-00 https://www.openssl.org/~bodo/ssl-poodle.pdf
Support for TLS_FALLBACK_SCSV was developed by Adam Langley and Bodo Moeller.
Build option no-ssl3 is incomplete (CVE-2014-3568)
Severity: Low
When OpenSSL is configured with "no-ssl3" as a build option, servers could accept and complete a SSL 3.0 handshake, and clients could be configured to send them.
This issue was reported to OpenSSL by Akamai Technologies on 14th October 2014.
The fix was developed by Akamai and the OpenSSL team.
References
URL for this Security Advisory: https://www.openssl.org/news/secadv_20141015.txt
Note: the online version of the advisory may be updated with additional details over time.
For details of OpenSSL severity classifications please see: https://www.openssl.org/about/secpolicy.html
. The following firmware versions of Virtual Connect (VC) are impacted:
HPE BladeSystem c-Class Virtual Connect (VC) Firmware 4.30 through VC 4.45 HPE BladeSystem c-Class Virtual Connect (VC) Firmware 3.62 through VC 4.21
Note: Firmware versions 3.62 through 4.21 are not impacted by CVE-2016-0800, CVE-2015-3194, CVE-2014-3566, CVE-2015-0705, CVE-2016-0799, and CVE-2016-2842. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201507-14
https://security.gentoo.org/
Severity: Normal Title: Oracle JRE/JDK: Multiple vulnerabilities Date: July 10, 2015 Bugs: #537214 ID: 201507-14
Synopsis
Multiple vulnerabilities have been found in Oracle JRE/JDK, allowing both local and remote attackers to compromise various Java components. Please review the CVE identifiers referenced below for details.
Impact
An context-dependent attacker may be able to influence the confidentiality, integrity, and availability of Java applications/runtime.
Workaround
There is no workaround at this time.
Resolution
All Oracle JRE 8 users should upgrade to the latest stable version:
emerge --sync
emerge --ask --oneshot --verbose ">=dev-java/oracle-jre-bin-1.8.0.31
All Oracle JDK 8 users should upgrade to the latest stable version:
emerge --sync
emerge --ask --oneshot --verbose ">=dev-java/oracle-jdk-bin-1.8.0.31
All Oracle JRE 7 users should upgrade to the latest version:
emerge --sync
emerge --ask --oneshot --verbose ">=dev-java/oracle-jre-bin-1.7.0.76
All Oracle JDK 7 users should upgrade to the latest stable version:
emerge --sync
emerge --ask --oneshot --verbose ">=dev-java/oracle-jdk-bin-1.7.0.76
References
[ 1 ] CVE-2014-3566
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-3566
[ 2 ] CVE-2014-6549
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-6549
[ 3 ] CVE-2014-6585
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-6585
[ 4 ] CVE-2014-6587
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-6587
[ 5 ] CVE-2014-6591
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-6591
[ 6 ] CVE-2014-6593
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-6593
[ 7 ] CVE-2014-6601
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-6601
[ 8 ] CVE-2015-0383
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0383
[ 9 ] CVE-2015-0395
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0395
[ 10 ] CVE-2015-0400
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0400
[ 11 ] CVE-2015-0403
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0403
[ 12 ] CVE-2015-0406
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0406
[ 13 ] CVE-2015-0407
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0407
[ 14 ] CVE-2015-0408
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0408
[ 15 ] CVE-2015-0410
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0410
[ 16 ] CVE-2015-0412
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0412
[ 17 ] CVE-2015-0413
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0413
[ 18 ] CVE-2015-0421
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0421
Availability
This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:
https://security.gentoo.org/glsa/201507-14
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users' machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
https://bugs.gentoo.org.
License
Copyright 2015 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).
The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
.
HP CMS: UCMDB Browser all supported versions. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
=====================================================================
Red Hat Security Advisory
Synopsis: Critical: java-1.7.0-ibm security update
Advisory ID: RHSA-2014:1876-01
Product: Red Hat Enterprise Linux Supplementary
Advisory URL: https://rhn.redhat.com/errata/RHSA-2014-1876.html
Issue date: 2014-11-19
CVE Names: CVE-2014-3065 CVE-2014-3566 CVE-2014-4288
CVE-2014-6456 CVE-2014-6457 CVE-2014-6458
CVE-2014-6476 CVE-2014-6492 CVE-2014-6493
CVE-2014-6502 CVE-2014-6503 CVE-2014-6506
CVE-2014-6511 CVE-2014-6512 CVE-2014-6515
CVE-2014-6527 CVE-2014-6531 CVE-2014-6532
CVE-2014-6558
=====================================================================
- Summary:
Updated java-1.7.0-ibm packages that fix several security issues are now
available for Red Hat Enterprise Linux 5 Supplementary.
Red Hat Product Security has rated this update as having Critical security
impact. Common Vulnerability Scoring System (CVSS) base scores, which give
detailed severity ratings, are available for each vulnerability from the
CVE links in the References section.
- Relevant releases/architectures:
Red Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64
Red Hat Enterprise Linux Server Supplementary (v. 5) - i386, ppc, s390x, x86_64
- Description:
IBM Java SE version 7 includes the IBM Java Runtime Environment and the IBM
Java Software Development Kit.
This update fixes several vulnerabilities in the IBM Java Runtime
Environment and the IBM Java Software Development Kit. Detailed
vulnerability descriptions are linked from the IBM Security alerts
page, listed in the References section. (CVE-2014-3065, CVE-2014-3566,
CVE-2014-4288, CVE-2014-6456, CVE-2014-6457, CVE-2014-6458, CVE-2014-6476,
CVE-2014-6492, CVE-2014-6493, CVE-2014-6502, CVE-2014-6503, CVE-2014-6506,
CVE-2014-6511, CVE-2014-6512, CVE-2014-6515, CVE-2014-6527, CVE-2014-6531,
CVE-2014-6532, CVE-2014-6558)
The CVE-2014-6512 issue was discovered by Florian Weimer of Red Hat
Product Security.
Note: With this update, the IBM SDK now disables the SSL 3.0 protocol to
address the CVE-2014-3566 issue (also known as POODLE). Refer to the IBM
article linked to in the References section for additional details about
this change and instructions on how to re-enable SSL 3.0 support if needed.
All users of java-1.7.0-ibm are advised to upgrade to these updated
packages, containing the IBM Java SE 7 SR8 release. All running instances
of IBM Java must be restarted for the update to take effect.
- Solution:
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
https://access.redhat.com/articles/11258
- Bugs fixed (https://bugzilla.redhat.com/):
1071210 - CVE-2014-6512 OpenJDK: DatagramSocket connected socket missing source check (Libraries, 8039509)
1150155 - CVE-2014-6506 OpenJDK: insufficient permission checks when setting resource bundle on system logger (Libraries, 8041564)
1150651 - CVE-2014-6531 OpenJDK: insufficient ResourceBundle name check (Libraries, 8044274)
1150669 - CVE-2014-6502 OpenJDK: LogRecord use of incorrect CL when loading ResourceBundle (Libraries, 8042797)
1151046 - CVE-2014-6457 OpenJDK: Triple Handshake attack against TLS/SSL connections (JSSE, 8037066)
1151063 - CVE-2014-6558 OpenJDK: CipherInputStream incorrect exception handling (Security, 8037846)
1151517 - CVE-2014-6511 ICU: Layout Engine ContextualSubstitution missing boundary checks (JDK 2D, 8041540)
1152756 - CVE-2014-6532 Oracle JDK: unspecified vulnerability fixed in 6u85, 7u71 and 8u25 (Deployment)
1152757 - CVE-2014-6503 Oracle JDK: unspecified vulnerability fixed in 6u85, 7u71 and 8u25 (Deployment)
1152758 - CVE-2014-6456 Oracle JDK: unspecified vulnerability fixed in 7u71 and 8u25 (Deployment)
1152759 - CVE-2014-6492 Oracle JDK: unspecified vulnerability fixed in 6u85, 7u71 and 8u25 (Deployment)
1152760 - CVE-2014-6493 Oracle JDK: unspecified vulnerability fixed in 6u85, 7u71 and 8u25 (Deployment)
1152761 - CVE-2014-4288 Oracle JDK: unspecified vulnerability fixed in 6u85, 7u71 and 8u25 (Deployment)
1152763 - CVE-2014-6458 Oracle JDK: unspecified vulnerability fixed in 6u85, 7u71 and 8u25 (Deployment)
1152765 - CVE-2014-6476 Oracle JDK: unspecified vulnerability fixed in 7u71 and 8u25 (Deployment)
1152766 - CVE-2014-6515 Oracle JDK: unspecified vulnerability fixed in 6u85, 7u71 and 8u25 (Deployment)
1152767 - CVE-2014-6527 Oracle JDK: unspecified vulnerability fixed in 7u71 and 8u25 (Deployment)
1152789 - CVE-2014-3566 SSL/TLS: Padding Oracle On Downgraded Legacy Encryption attack
1162554 - CVE-2014-3065 IBM JDK: privilege escalation via shared class cache
- Package List:
Red Hat Enterprise Linux Desktop Supplementary (v. 5):
i386:
java-1.7.0-ibm-1.7.0.8.0-1jpp.1.el5.i386.rpm
java-1.7.0-ibm-demo-1.7.0.8.0-1jpp.1.el5.i386.rpm
java-1.7.0-ibm-devel-1.7.0.8.0-1jpp.1.el5.i386.rpm
java-1.7.0-ibm-jdbc-1.7.0.8.0-1jpp.1.el5.i386.rpm
java-1.7.0-ibm-plugin-1.7.0.8.0-1jpp.1.el5.i386.rpm
java-1.7.0-ibm-src-1.7.0.8.0-1jpp.1.el5.i386.rpm
x86_64:
java-1.7.0-ibm-1.7.0.8.0-1jpp.1.el5.i386.rpm
java-1.7.0-ibm-1.7.0.8.0-1jpp.1.el5.x86_64.rpm
java-1.7.0-ibm-demo-1.7.0.8.0-1jpp.1.el5.i386.rpm
java-1.7.0-ibm-demo-1.7.0.8.0-1jpp.1.el5.x86_64.rpm
java-1.7.0-ibm-devel-1.7.0.8.0-1jpp.1.el5.i386.rpm
java-1.7.0-ibm-devel-1.7.0.8.0-1jpp.1.el5.x86_64.rpm
java-1.7.0-ibm-jdbc-1.7.0.8.0-1jpp.1.el5.i386.rpm
java-1.7.0-ibm-jdbc-1.7.0.8.0-1jpp.1.el5.x86_64.rpm
java-1.7.0-ibm-plugin-1.7.0.8.0-1jpp.1.el5.i386.rpm
java-1.7.0-ibm-plugin-1.7.0.8.0-1jpp.1.el5.x86_64.rpm
java-1.7.0-ibm-src-1.7.0.8.0-1jpp.1.el5.i386.rpm
java-1.7.0-ibm-src-1.7.0.8.0-1jpp.1.el5.x86_64.rpm
Red Hat Enterprise Linux Server Supplementary (v. 5):
i386:
java-1.7.0-ibm-1.7.0.8.0-1jpp.1.el5.i386.rpm
java-1.7.0-ibm-demo-1.7.0.8.0-1jpp.1.el5.i386.rpm
java-1.7.0-ibm-devel-1.7.0.8.0-1jpp.1.el5.i386.rpm
java-1.7.0-ibm-jdbc-1.7.0.8.0-1jpp.1.el5.i386.rpm
java-1.7.0-ibm-plugin-1.7.0.8.0-1jpp.1.el5.i386.rpm
java-1.7.0-ibm-src-1.7.0.8.0-1jpp.1.el5.i386.rpm
ppc:
java-1.7.0-ibm-1.7.0.8.0-1jpp.1.el5.ppc.rpm
java-1.7.0-ibm-1.7.0.8.0-1jpp.1.el5.ppc64.rpm
java-1.7.0-ibm-demo-1.7.0.8.0-1jpp.1.el5.ppc.rpm
java-1.7.0-ibm-demo-1.7.0.8.0-1jpp.1.el5.ppc64.rpm
java-1.7.0-ibm-devel-1.7.0.8.0-1jpp.1.el5.ppc.rpm
java-1.7.0-ibm-devel-1.7.0.8.0-1jpp.1.el5.ppc64.rpm
java-1.7.0-ibm-jdbc-1.7.0.8.0-1jpp.1.el5.ppc.rpm
java-1.7.0-ibm-jdbc-1.7.0.8.0-1jpp.1.el5.ppc64.rpm
java-1.7.0-ibm-plugin-1.7.0.8.0-1jpp.1.el5.ppc.rpm
java-1.7.0-ibm-src-1.7.0.8.0-1jpp.1.el5.ppc.rpm
java-1.7.0-ibm-src-1.7.0.8.0-1jpp.1.el5.ppc64.rpm
s390x:
java-1.7.0-ibm-1.7.0.8.0-1jpp.1.el5.s390.rpm
java-1.7.0-ibm-1.7.0.8.0-1jpp.1.el5.s390x.rpm
java-1.7.0-ibm-demo-1.7.0.8.0-1jpp.1.el5.s390.rpm
java-1.7.0-ibm-demo-1.7.0.8.0-1jpp.1.el5.s390x.rpm
java-1.7.0-ibm-devel-1.7.0.8.0-1jpp.1.el5.s390.rpm
java-1.7.0-ibm-devel-1.7.0.8.0-1jpp.1.el5.s390x.rpm
java-1.7.0-ibm-jdbc-1.7.0.8.0-1jpp.1.el5.s390.rpm
java-1.7.0-ibm-jdbc-1.7.0.8.0-1jpp.1.el5.s390x.rpm
java-1.7.0-ibm-src-1.7.0.8.0-1jpp.1.el5.s390.rpm
java-1.7.0-ibm-src-1.7.0.8.0-1jpp.1.el5.s390x.rpm
x86_64:
java-1.7.0-ibm-1.7.0.8.0-1jpp.1.el5.i386.rpm
java-1.7.0-ibm-1.7.0.8.0-1jpp.1.el5.x86_64.rpm
java-1.7.0-ibm-demo-1.7.0.8.0-1jpp.1.el5.i386.rpm
java-1.7.0-ibm-demo-1.7.0.8.0-1jpp.1.el5.x86_64.rpm
java-1.7.0-ibm-devel-1.7.0.8.0-1jpp.1.el5.i386.rpm
java-1.7.0-ibm-devel-1.7.0.8.0-1jpp.1.el5.x86_64.rpm
java-1.7.0-ibm-jdbc-1.7.0.8.0-1jpp.1.el5.i386.rpm
java-1.7.0-ibm-jdbc-1.7.0.8.0-1jpp.1.el5.x86_64.rpm
java-1.7.0-ibm-plugin-1.7.0.8.0-1jpp.1.el5.i386.rpm
java-1.7.0-ibm-plugin-1.7.0.8.0-1jpp.1.el5.x86_64.rpm
java-1.7.0-ibm-src-1.7.0.8.0-1jpp.1.el5.i386.rpm
java-1.7.0-ibm-src-1.7.0.8.0-1jpp.1.el5.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/
- References:
https://access.redhat.com/security/cve/CVE-2014-3065
https://access.redhat.com/security/cve/CVE-2014-3566
https://access.redhat.com/security/cve/CVE-2014-4288
https://access.redhat.com/security/cve/CVE-2014-6456
https://access.redhat.com/security/cve/CVE-2014-6457
https://access.redhat.com/security/cve/CVE-2014-6458
https://access.redhat.com/security/cve/CVE-2014-6476
https://access.redhat.com/security/cve/CVE-2014-6492
https://access.redhat.com/security/cve/CVE-2014-6493
https://access.redhat.com/security/cve/CVE-2014-6502
https://access.redhat.com/security/cve/CVE-2014-6503
https://access.redhat.com/security/cve/CVE-2014-6506
https://access.redhat.com/security/cve/CVE-2014-6511
https://access.redhat.com/security/cve/CVE-2014-6512
https://access.redhat.com/security/cve/CVE-2014-6515
https://access.redhat.com/security/cve/CVE-2014-6527
https://access.redhat.com/security/cve/CVE-2014-6531
https://access.redhat.com/security/cve/CVE-2014-6532
https://access.redhat.com/security/cve/CVE-2014-6558
https://access.redhat.com/security/updates/classification/#critical
https://www.ibm.com/developerworks/java/jdk/alerts/
https://www-01.ibm.com/support/docview.wss?uid=swg21688165
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact
details at https://access.redhat.com/security/team/contact/
Copyright 2014 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iD8DBQFUbOWGXlSAg2UNWIIRAhPmAJ96YO5JFEg4GS1MkDIeXQkRxbN0hACgoUiY
ehbScogUJnSordhBH11LgWQ=
=ko7F
-----END PGP SIGNATURE-----
--
RHSA-announce mailing list
RHSA-announce@redhat.com
https://www.redhat.com/mailman/listinfo/rhsa-announce
.
ftp://ssl098zc:Secure12@ftp.usa.hp.com
User name: ssl098zc Password: (NOTE: Case sensitive) Secure12
HP-UX Release
HP-UX OpenSSL version
B.11.11 (11i v1)
A.00.09.08zc.001_HP-UX_B.11.11_32+64.depot
B.11.23 (11i v2)
A.00.09.08zc.002_HP-UX_B.11.23_IA-PA.depot
B.11.31 (11i v3)
A.00.09.08zc.003_HP-UX_B.11.31_IA-PA.depot
MANUAL ACTIONS: Yes - Update
Install OpenSSL A.00.09.08zc or subsequent
PRODUCT SPECIFIC INFORMATION
HP-UX Software Assistant: HP-UX Software Assistant is an enhanced application
that replaces HP-UX Security Patch Check. It analyzes all Security Bulletins
issued by HP and lists recommended actions that may apply to a specific HP-UX
system. It can also download patches and create a depot automatically. For
more information see: https://www.hp.com/go/swa
The following text is for use by the HP-UX Software Assistant.
The update is available from HPE Software Depot: https://h20392.www2.hpe.com/
portal/swdepot/displayProductInfo.do?productNumber=HPVPRhttps://www.hpe.com
Note: HPE recommends customers using OV4VC 7.8.1 and earlier should upgrade
to OV4VC 7.8.2. This addresses all SSL security vulnerabilities reported
through March 28, 2016. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04496538
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c04496538
Version: 1
HPSBGN03164 rev.1 - HP IceWall SSO Dfw, SSO Certd and MCRP running OpenSSL,
Remote Disclosure of Information
NOTICE: The information in this Security Bulletin should be acted upon as
soon as possible.
Release Date: 2014-11-10
Last Updated: 2014-11-10
Potential Security Impact: Remote disclosure of information
Source: Hewlett-Packard Company, HP Software Security Response Team
VULNERABILITY SUMMARY
A potential security vulnerability has been identified with HP IceWall SSO
Dfw , SSO Certd, and MCRP running OpenSSL.
This is the SSLv3 vulnerability known as "Padding Oracle on Downgraded Legacy
Encryption" or "Poodle", which could be exploited remotely resulting in
disclosure of information..
References: CVE-2014-3566 (SSRT101789)
SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed.
- HP IceWall MCRP v2.1, v3.0
- HP IceWall SSO Dfw v8.0, v8.0 R1, v8.0 R2, v8.0 R3, and v10.0
- HP IceWall SSO Certd v8.0R3 with DB plugin patch 2 and v10.0
BACKGROUND
CVSS 2.0 Base Metrics
Reference Base Vector Base Score
CVE-2014-3566 (AV:N/AC:M/Au:N/C:P/I:N/A:N) 4.3
===========================================================
Information on CVSS is documented
in HP Customer Notice: HPSN-2008-002
RESOLUTION
HP recommends the following software updates and workaround instructions to
resolve this vulnerability for HP IceWall SSO Dfw, SSO Certd, and MCRP.
The software updates are available at:
http://www.hp.com/jp/icewall_patchaccess
Notes:
- There are no updates or mitigations for MCRP 2.1 and Dfw
8.0/8.0R1/8.0R2/8.0R3.
- HP recommends updating these older versions to the latest versions and
patches and then following the WORKAROUND INSTRUCTIONS below.
- The WORKAROUND INSTRUCTIONS should be followed after applying the
following updates.
Software Update Versions
HP IceWall MCRP 3.0 Patch release 1
HP IceWall SSO Dfw 10.0 Patch release 7
Note: Both software update versions provide the use of TLSv1 which is not
vulnerable and available for each supported platform.
WORKAROUND INSTRUCTIONS
HP recommends the following information to protect against potential risk
for the following HP IceWall products.
HP IceWall SSO Dfw and MCRP
- If possible, do not use the SHOST setting which allows IceWall SSO
Dfw or MCRP to use SSL/TLS protocol to back-end web servers.
- The following steps should be applied if SSL/TLS protocol to back-end
web servers must be used:
o For MCRP: apply MCRP patch release 1
o For Dfw: apply Dfw patch release 7 or later
o Set SSL_PROTOCOL parameter to TLSv1
HP IceWall SSO Certd
- For Certd version 10.0 and 8.0R3: apply DB plugin patch release 2
- If possible, do not use the LDAPSSL setting which allows IceWall SSO
Certd to connect to the LDAP server using SSL/TLS protocol.
- If SSL/TLS protocol must be used to LDAP server, configure the LDAP
server to use only TLSv1 as a mitigation for the vulnerability. For example,
on an OpenLDAP server (slapd), Set the TLSProtocolMin parameter.
Note: The HP IceWall product is only available in Japan.
HISTORY
Version:1 (rev.1) - 10 November 2014 Initial release
Third Party Security Patches: Third party security patches that are to be
installed on systems running HP software products should be applied in
accordance with the customer's patch management policy.
Support: For issues about implementing the recommendations of this Security
Bulletin, contact normal HP Services support channel. For other issues about
the content of this Security Bulletin, send e-mail to security-alert@hp.com.
Report: To report a potential security vulnerability with any HP supported
product, send Email to: security-alert@hp.com
Subscribe: To initiate a subscription to receive future HP Security Bulletin
alerts via Email:
http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins
Security Bulletin Archive: A list of recently released Security Bulletins is
available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/secBullArchive/
Software Product Category: The Software Product Category is represented in
the title by the two characters following HPSB.
3C = 3COM
3P = 3rd Party Software
GN = HP General Software
HF = HP Hardware and Firmware
MP = MPE/iX
MU = Multi-Platform Software
NS = NonStop Servers
OV = OpenVMS
PI = Printing and Imaging
PV = ProCurve
ST = Storage Software
TU = Tru64 UNIX
UX = HP-UX
Copyright 2014 Hewlett-Packard Development Company, L.P.
Hewlett-Packard Company shall not be liable for technical or editorial errors
or omissions contained herein. The information provided is provided "as is"
without warranty of any kind. To the extent permitted by law, neither HP or
its affiliates, subcontractors or suppliers will be liable for
incidental,special or consequential damages including downtime cost; lost
profits; damages relating to the procurement of substitute products or
services; or damages for loss of data, or software restoration. The
information in this document is subject to change without notice.
Hewlett-Packard Company and the names of Hewlett-Packard products referenced
herein are trademarks of Hewlett-Packard Company in the United States and
other countries. Other product and company names mentioned herein may be
trademarks of their respective owners.
HP SiteScope 11.1x
HP SiteScope 11.2x
Important note: HP SiteScope is impacted if and only if it is configured to
work over secure channel (HTTPS). This protocol is now disabled by default.
For the oldstable distribution (wheezy), this problem has been fixed
in version 1.4.31-4+deb7u4.
We recommend that you upgrade your lighttpd packages
Show details on source website
{
"affected_products": {
"_id": null,
"data": [
{
"_id": null,
"model": "aix",
"scope": "eq",
"trust": 1.3,
"vendor": "ibm",
"version": "6.1"
},
{
"_id": null,
"model": "aix",
"scope": "eq",
"trust": 1.3,
"vendor": "ibm",
"version": "5.3"
},
{
"_id": null,
"model": "aix",
"scope": "eq",
"trust": 1.3,
"vendor": "ibm",
"version": "7.1"
},
{
"_id": null,
"model": "suse linux enterprise software development kit",
"scope": "eq",
"trust": 1.0,
"vendor": "novell",
"version": "11.0"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8u"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8o"
},
{
"_id": null,
"model": "opensuse",
"scope": "eq",
"trust": 1.0,
"vendor": "opensuse",
"version": "12.3"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8w"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0d"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1f"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "2.2.1.9"
},
{
"_id": null,
"model": "suse linux enterprise server",
"scope": "eq",
"trust": 1.0,
"vendor": "novell",
"version": "11.0"
},
{
"_id": null,
"model": "netbsd",
"scope": "eq",
"trust": 1.0,
"vendor": "netbsd",
"version": "6.0.5"
},
{
"_id": null,
"model": "enterprise linux server supplementary",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.0"
},
{
"_id": null,
"model": "suse linux enterprise server",
"scope": "eq",
"trust": 1.0,
"vendor": "novell",
"version": "12.0"
},
{
"_id": null,
"model": "enterprise linux server",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.0"
},
{
"_id": null,
"model": "enterprise linux server supplementary",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "6.0"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8x"
},
{
"_id": null,
"model": "fedora",
"scope": "eq",
"trust": 1.0,
"vendor": "fedoraproject",
"version": "21"
},
{
"_id": null,
"model": "enterprise linux desktop supplementary",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "5.0"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8za"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0b"
},
{
"_id": null,
"model": "fedora",
"scope": "eq",
"trust": 1.0,
"vendor": "fedoraproject",
"version": "19"
},
{
"_id": null,
"model": "enterprise linux server",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "6.0"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0m"
},
{
"_id": null,
"model": "opensuse",
"scope": "eq",
"trust": 1.0,
"vendor": "opensuse",
"version": "13.1"
},
{
"_id": null,
"model": "netbsd",
"scope": "eq",
"trust": 1.0,
"vendor": "netbsd",
"version": "6.0.1"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8p"
},
{
"_id": null,
"model": "netbsd",
"scope": "eq",
"trust": 1.0,
"vendor": "netbsd",
"version": "5.1.2"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "debian",
"version": "8.0"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "2.2.1.0"
},
{
"_id": null,
"model": "database",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "11.2.0.4"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "2.2.1.7"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "5"
},
{
"_id": null,
"model": "enterprise linux workstation",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.0"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8d"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1b"
},
{
"_id": null,
"model": "netbsd",
"scope": "eq",
"trust": 1.0,
"vendor": "netbsd",
"version": "6.0.4"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8z"
},
{
"_id": null,
"model": "netbsd",
"scope": "eq",
"trust": 1.0,
"vendor": "netbsd",
"version": "6.1.5"
},
{
"_id": null,
"model": "mac os x",
"scope": "lte",
"trust": 1.0,
"vendor": "apple",
"version": "10.10.1"
},
{
"_id": null,
"model": "enterprise linux workstation",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "6.0"
},
{
"_id": null,
"model": "netbsd",
"scope": "eq",
"trust": 1.0,
"vendor": "netbsd",
"version": "6.1"
},
{
"_id": null,
"model": "suse linux enterprise desktop",
"scope": "eq",
"trust": 1.0,
"vendor": "novell",
"version": "12.0"
},
{
"_id": null,
"model": "suse linux enterprise desktop",
"scope": "eq",
"trust": 1.0,
"vendor": "novell",
"version": "10.0"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8v"
},
{
"_id": null,
"model": "netbsd",
"scope": "eq",
"trust": 1.0,
"vendor": "netbsd",
"version": "6.1.3"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "2.2.0.12"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1h"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "2.2.1.3"
},
{
"_id": null,
"model": "mageia",
"scope": "eq",
"trust": 1.0,
"vendor": "mageia",
"version": "3.0"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0j"
},
{
"_id": null,
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.0"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "2.2.2.5"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8zb"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1e"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "2.2.1.4"
},
{
"_id": null,
"model": "netbsd",
"scope": "eq",
"trust": 1.0,
"vendor": "netbsd",
"version": "5.1"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8e"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "2.2.0.11"
},
{
"_id": null,
"model": "netbsd",
"scope": "eq",
"trust": 1.0,
"vendor": "netbsd",
"version": "6.0.3"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8q"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0f"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0n"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1i"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8f"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "2.2.0.10"
},
{
"_id": null,
"model": "netbsd",
"scope": "eq",
"trust": 1.0,
"vendor": "netbsd",
"version": "6.0"
},
{
"_id": null,
"model": "suse linux enterprise software development kit",
"scope": "eq",
"trust": 1.0,
"vendor": "novell",
"version": "12.0"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "2.2.1.5"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "2.2.2.3"
},
{
"_id": null,
"model": "enterprise linux workstation supplementary",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.0"
},
{
"_id": null,
"model": "suse linux enterprise desktop",
"scope": "eq",
"trust": 1.0,
"vendor": "novell",
"version": "9.0"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8g"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8l"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0e"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "2.2.3.0"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8k"
},
{
"_id": null,
"model": "netbsd",
"scope": "eq",
"trust": 1.0,
"vendor": "netbsd",
"version": "5.1.4"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "debian",
"version": "7.0"
},
{
"_id": null,
"model": "enterprise linux workstation supplementary",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "6.0"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8i"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "2.2.2.2"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0k"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8a"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1d"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "2.2.3.2"
},
{
"_id": null,
"model": "netbsd",
"scope": "eq",
"trust": 1.0,
"vendor": "netbsd",
"version": "6.0.6"
},
{
"_id": null,
"model": "enterprise linux desktop supplementary",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "6.0"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1c"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8r"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8t"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "2.2.2.4"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0g"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8m"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1g"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "2.2.0.13"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8n"
},
{
"_id": null,
"model": "enterprise linux server supplementary",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "5.0"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8j"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0h"
},
{
"_id": null,
"model": "netbsd",
"scope": "eq",
"trust": 1.0,
"vendor": "netbsd",
"version": "6.1.4"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "2.2.3.4"
},
{
"_id": null,
"model": "netbsd",
"scope": "eq",
"trust": 1.0,
"vendor": "netbsd",
"version": "5.1.3"
},
{
"_id": null,
"model": "suse linux enterprise desktop",
"scope": "eq",
"trust": 1.0,
"vendor": "novell",
"version": "11.0"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8c"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0a"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "2.2.3.3"
},
{
"_id": null,
"model": "netbsd",
"scope": "eq",
"trust": 1.0,
"vendor": "netbsd",
"version": "5.2.1"
},
{
"_id": null,
"model": "mageia",
"scope": "eq",
"trust": 1.0,
"vendor": "mageia",
"version": "4.0"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8b"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8s"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "2.2.2.0"
},
{
"_id": null,
"model": "database",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "12.1.0.2"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0l"
},
{
"_id": null,
"model": "netbsd",
"scope": "eq",
"trust": 1.0,
"vendor": "netbsd",
"version": "5.2"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8h"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8y"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "2.2.1.1"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "2.2.1.6"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "2.2.3.1"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "2.2.1.8"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0c"
},
{
"_id": null,
"model": "netbsd",
"scope": "eq",
"trust": 1.0,
"vendor": "netbsd",
"version": "6.1.2"
},
{
"_id": null,
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "6.0"
},
{
"_id": null,
"model": "netbsd",
"scope": "eq",
"trust": 1.0,
"vendor": "netbsd",
"version": "5.2.2"
},
{
"_id": null,
"model": "netbsd",
"scope": "eq",
"trust": 1.0,
"vendor": "netbsd",
"version": "6.1.1"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0i"
},
{
"_id": null,
"model": "fedora",
"scope": "eq",
"trust": 1.0,
"vendor": "fedoraproject",
"version": "20"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1a"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "2.2.2.1"
},
{
"_id": null,
"model": "netbsd",
"scope": "eq",
"trust": 1.0,
"vendor": "netbsd",
"version": "5.1.1"
},
{
"_id": null,
"model": "netbsd",
"scope": "eq",
"trust": 1.0,
"vendor": "netbsd",
"version": "6.0.2"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.6,
"vendor": "hp",
"version": "6.1"
},
{
"_id": null,
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.1"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.17"
},
{
"_id": null,
"model": "tv",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.2"
},
{
"_id": null,
"model": "windows vista service pack",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "20"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.12"
},
{
"_id": null,
"model": "project openssl 0.9.8f",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "fortigate",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "4.3.6"
},
{
"_id": null,
"model": "integrated lights out",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "21.16"
},
{
"_id": null,
"model": "project openssl 1.0.0d",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "tivoli provisioning manager for os deployment 5.1.fix pack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3"
},
{
"_id": null,
"model": "websphere mq",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.1.0"
},
{
"_id": null,
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.8.780"
},
{
"_id": null,
"model": "project openssl 1.0.1a",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.7"
},
{
"_id": null,
"model": "tv",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.1"
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.11"
},
{
"_id": null,
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"_id": null,
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2.1"
},
{
"_id": null,
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.0.1"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.1"
},
{
"_id": null,
"model": "meeting exchange sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.1"
},
{
"_id": null,
"model": "project openssl k",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"_id": null,
"model": "rational software architect",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5"
},
{
"_id": null,
"model": "project openssl 1.0.0g",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.5"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.1"
},
{
"_id": null,
"model": "unified contact center enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1"
},
{
"_id": null,
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.2.10"
},
{
"_id": null,
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0"
},
{
"_id": null,
"model": "websphere mq",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.1.1"
},
{
"_id": null,
"model": "phaser",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "78000"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.1.3"
},
{
"_id": null,
"model": "hat enterprise linux supplementary server",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5"
},
{
"_id": null,
"model": "version control agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.1.0.842"
},
{
"_id": null,
"model": "hat enterprise linux hpc node",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.4"
},
{
"_id": null,
"model": "aura communication manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.3"
},
{
"_id": null,
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "tivoli provisioning manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1"
},
{
"_id": null,
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0"
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.5"
},
{
"_id": null,
"model": "web interface",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "4.0"
},
{
"_id": null,
"model": "ace appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "47100"
},
{
"_id": null,
"model": "aura system platform sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "project openssl 0.9.8w",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "aura session manager sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.8"
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.15"
},
{
"_id": null,
"model": "operations agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "11.0"
},
{
"_id": null,
"model": "nexus",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "70000"
},
{
"_id": null,
"model": "wireless location appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "open source",
"scope": "eq",
"trust": 0.3,
"vendor": "asterisk",
"version": "1.8.3.1"
},
{
"_id": null,
"model": "project openssl 0.9.8m",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.6"
},
{
"_id": null,
"model": "project openssl j",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"_id": null,
"model": "meeting exchange sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.0"
},
{
"_id": null,
"model": "aura application server sip core",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "53002.0"
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.0.37"
},
{
"_id": null,
"model": "meeting exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.0.0.52"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.7.2"
},
{
"_id": null,
"model": "meeting exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "ip office application server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "8.0"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.5"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.4"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.6"
},
{
"_id": null,
"model": "hat enterprise linux server supplementary",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3"
},
{
"_id": null,
"model": "tivoli directory server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.4"
},
{
"_id": null,
"model": "tivoli storage productivity center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2.1"
},
{
"_id": null,
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.0.2"
},
{
"_id": null,
"model": "aura messaging",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.2"
},
{
"_id": null,
"model": "websphere process server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.4"
},
{
"_id": null,
"model": "commonstore for lotus domino",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.4"
},
{
"_id": null,
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.2.7"
},
{
"_id": null,
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"_id": null,
"model": "web interface",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "3.0"
},
{
"_id": null,
"model": "project openssl 0.9.8r",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "project openssl 0.9.8n",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.3.2"
},
{
"_id": null,
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.2.0.820"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.5"
},
{
"_id": null,
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.1"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.4"
},
{
"_id": null,
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.1.1"
},
{
"_id": null,
"model": "project openssl beta4",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0.0"
},
{
"_id": null,
"model": "rational policy tester",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5"
},
{
"_id": null,
"model": "websphere lombardi edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.0"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.1"
},
{
"_id": null,
"model": "hat enterprise linux desktop optional",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.2"
},
{
"_id": null,
"model": "project openssl beta5",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0.0"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.23"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.3"
},
{
"_id": null,
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.3.1"
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.0.13"
},
{
"_id": null,
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.2"
},
{
"_id": null,
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.2.6"
},
{
"_id": null,
"model": "tv",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.3"
},
{
"_id": null,
"model": "meeting exchange sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.0"
},
{
"_id": null,
"model": "project openssl 0.9.8p",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.0"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.15"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.1.1"
},
{
"_id": null,
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.2.1.830"
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.31"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.14"
},
{
"_id": null,
"model": "web experience factory",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0"
},
{
"_id": null,
"model": "network collector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "linux ia-64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "tv",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.0"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.2"
},
{
"_id": null,
"model": "esxi",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.0"
},
{
"_id": null,
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.0.2"
},
{
"_id": null,
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.2"
},
{
"_id": null,
"model": "networks sa2000",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "0"
},
{
"_id": null,
"model": "hat enterprise linux server optional",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.9"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.13"
},
{
"_id": null,
"model": "directory pro",
"scope": "eq",
"trust": 0.3,
"vendor": "cosmicperl",
"version": "10.0.3"
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.15"
},
{
"_id": null,
"model": "version control agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.7.770"
},
{
"_id": null,
"model": "meeting exchange sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.03"
},
{
"_id": null,
"model": "web interface",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "4.5.1"
},
{
"_id": null,
"model": "tivoli storage productivity center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2.1.185"
},
{
"_id": null,
"model": "aura messaging",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.1"
},
{
"_id": null,
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.1"
},
{
"_id": null,
"model": "project openssl 0.9.8q",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.8"
},
{
"_id": null,
"model": "aura session manager sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"_id": null,
"model": "networks sa6500 fips",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "0"
},
{
"_id": null,
"model": "windows server sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2003x64"
},
{
"_id": null,
"model": "iq",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"_id": null,
"model": "aura presence services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"_id": null,
"model": "websphere mq",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0"
},
{
"_id": null,
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.0"
},
{
"_id": null,
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.10.800"
},
{
"_id": null,
"model": "ssl for openvms",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1.4-453"
},
{
"_id": null,
"model": "windows server r2 for x64-based systems sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2008"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.0"
},
{
"_id": null,
"model": "tv",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.4"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.1.5"
},
{
"_id": null,
"model": "project openssl 1.0.1c",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.1"
},
{
"_id": null,
"model": "cics transaction gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.7.4"
},
{
"_id": null,
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.3.5"
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.17"
},
{
"_id": null,
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8v"
},
{
"_id": null,
"model": "websphere lombardi edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.7"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.1"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.5"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.0.1"
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.27"
},
{
"_id": null,
"model": "hat enterprise linux desktop supplementary",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"_id": null,
"model": "windows server for x64-based systems sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2008"
},
{
"_id": null,
"model": "project openssl 0.9.8g",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "meeting exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.0"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.3"
},
{
"_id": null,
"model": "version control agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.5"
},
{
"_id": null,
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.1.2"
},
{
"_id": null,
"model": "meeting exchange sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"_id": null,
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.2.0.860"
},
{
"_id": null,
"model": "lotus domino",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.2"
},
{
"_id": null,
"model": "project openssl beta2",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0"
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.13"
},
{
"_id": null,
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.2.1"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.6"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.0"
},
{
"_id": null,
"model": "runtimes for java technology",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0"
},
{
"_id": null,
"model": "linux mips",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "hp-ux b.11.11",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.19"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.8"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6"
},
{
"_id": null,
"model": "networks sa6000 fips",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "0"
},
{
"_id": null,
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.0.0.840"
},
{
"_id": null,
"model": "tv",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "1.0"
},
{
"_id": null,
"model": "hat enterprise linux desktop supplementary client",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5"
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0"
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.25"
},
{
"_id": null,
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"_id": null,
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.5"
},
{
"_id": null,
"model": "aura system manager sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"_id": null,
"model": "tivoli provisioning manager for os deployment",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1.116"
},
{
"_id": null,
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.0.1"
},
{
"_id": null,
"model": "project openssl 0.9.8l",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.3.740"
},
{
"_id": null,
"model": "rational software architect",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.5.2"
},
{
"_id": null,
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1.6"
},
{
"_id": null,
"model": "windows server itanium sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2003"
},
{
"_id": null,
"model": "ediscovery analyzer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.3"
},
{
"_id": null,
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.2.1"
},
{
"_id": null,
"model": "project openssl h",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"_id": null,
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.3"
},
{
"_id": null,
"model": "aura session manager sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"_id": null,
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.2.5"
},
{
"_id": null,
"model": "hat enterprise linux workstation supplementary",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"_id": null,
"model": "project openssl i",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"_id": null,
"model": "project openssl 1.0.0i",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "web interface",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "5.0.2"
},
{
"_id": null,
"model": "meeting exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.1"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.2"
},
{
"_id": null,
"model": "hp-ux b.11.23",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "tivoli directory server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0"
},
{
"_id": null,
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.1"
},
{
"_id": null,
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.3"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0"
},
{
"_id": null,
"model": "web interface",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "5.1"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.9"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5"
},
{
"_id": null,
"model": "tivoli provisioning manager for os deployment intirim fix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.133"
},
{
"_id": null,
"model": "iq",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.1.1"
},
{
"_id": null,
"model": "network automation",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "9.10"
},
{
"_id": null,
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2.3"
},
{
"_id": null,
"model": "project openssl 1.0.0e",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "rational method composer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2"
},
{
"_id": null,
"model": "project openssl beta1",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0"
},
{
"_id": null,
"model": "meeting exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"_id": null,
"model": "aura communication manager utility services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.4"
},
{
"_id": null,
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"_id": null,
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"_id": null,
"model": "tivoli directory server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.3"
},
{
"_id": null,
"model": "version control agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.4"
},
{
"_id": null,
"model": "sitescope",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "11.1"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.1"
},
{
"_id": null,
"model": "project openssl c",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"_id": null,
"model": "ssl for openvms",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1.4"
},
{
"_id": null,
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.2.2.835"
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.0.1"
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.0.35"
},
{
"_id": null,
"model": "hat enterprise linux desktop client",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5"
},
{
"_id": null,
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8x"
},
{
"_id": null,
"model": "communication server 1000m",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "2.1"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.1.4"
},
{
"_id": null,
"model": "websphere mq",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.1.3"
},
{
"_id": null,
"model": "tivoli directory server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.2"
},
{
"_id": null,
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"_id": null,
"model": "project openssl 0.9.8t",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.0.39"
},
{
"_id": null,
"model": "tivoli netcool/omnibus",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.3"
},
{
"_id": null,
"model": "websphere mq",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.1.4"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.2"
},
{
"_id": null,
"model": "communication server 1000m signaling server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.3"
},
{
"_id": null,
"model": "lotus domino",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.6"
},
{
"_id": null,
"model": "hat enterprise linux hpc node optional",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"_id": null,
"model": "communication server 1000e",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "tivoli netcool performance manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.1"
},
{
"_id": null,
"model": "network automation",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "9.0"
},
{
"_id": null,
"model": "project openssl 1.0.0c",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "forticlient",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "2.0"
},
{
"_id": null,
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.5.760"
},
{
"_id": null,
"model": "web interface",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "4.6"
},
{
"_id": null,
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.1"
},
{
"_id": null,
"model": "fortigate",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "4.3.5"
},
{
"_id": null,
"model": "rational software architect",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.3"
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.4.27"
},
{
"_id": null,
"model": "phaser",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "67000"
},
{
"_id": null,
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "telepresence video communication server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6"
},
{
"_id": null,
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0"
},
{
"_id": null,
"model": "websphere mq",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.1.2"
},
{
"_id": null,
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.10"
},
{
"_id": null,
"model": "project openssl 1.0.0f",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "windows for 32-bit systems sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "7"
},
{
"_id": null,
"model": "windows server for itanium-based systems sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2008"
},
{
"_id": null,
"model": "project openssl d",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"_id": null,
"model": "windows for x64-based systems sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "7"
},
{
"_id": null,
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.1"
},
{
"_id": null,
"model": "tivoli management framework",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1.1"
},
{
"_id": null,
"model": "web interface",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "5.0.1"
},
{
"_id": null,
"model": "windows server sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2003"
},
{
"_id": null,
"model": "tivoli provisioning manager for os deployment",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1.0.2"
},
{
"_id": null,
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.1.730"
},
{
"_id": null,
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.1"
},
{
"_id": null,
"model": "tivoli provisioning manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1.0.2"
},
{
"_id": null,
"model": "project openssl 1.0.0j",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "project openssl 1.0.0b",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.21"
},
{
"_id": null,
"model": "aura presence services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "sitescope",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "11.10"
},
{
"_id": null,
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.6"
},
{
"_id": null,
"model": "windows server for 32-bit systems sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2008"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.0"
},
{
"_id": null,
"model": "tivoli business service manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2.1"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.11"
},
{
"_id": null,
"model": "operations agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "11.01"
},
{
"_id": null,
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.2"
},
{
"_id": null,
"model": "aura system manager sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "network node manager i",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "9.03"
},
{
"_id": null,
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0.1"
},
{
"_id": null,
"model": "aura system manager sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"_id": null,
"model": "hp-ux b.11.31",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.2"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.7"
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.19"
},
{
"_id": null,
"model": "linux s/390",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "communication server 1000m signaling server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.0"
},
{
"_id": null,
"model": "aura experience portal",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "project openssl beta3",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0"
},
{
"_id": null,
"model": "ipad",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "0"
},
{
"_id": null,
"model": "communication server 1000e",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.0"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.5"
},
{
"_id": null,
"model": "hat enterprise linux hpc node supplementary",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.3"
},
{
"_id": null,
"model": "web interface",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "5.0"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.7.3"
},
{
"_id": null,
"model": "websphere mq",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.1.5"
},
{
"_id": null,
"model": "aura session manager sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.3.4"
},
{
"_id": null,
"model": "hat enterprise linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"_id": null,
"model": "tivoli provisioning manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1.1"
},
{
"_id": null,
"model": "hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "11.31"
},
{
"_id": null,
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.1"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.11"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.7.1"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.2"
},
{
"_id": null,
"model": "web interface",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "2.0"
},
{
"_id": null,
"model": "aura session manager sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"_id": null,
"model": "lotus domino",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1"
},
{
"_id": null,
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.2.8"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.03"
},
{
"_id": null,
"model": "performance manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "9.00"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.0.4"
},
{
"_id": null,
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "aura presence services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.1"
},
{
"_id": null,
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.1"
},
{
"_id": null,
"model": "centos",
"scope": "eq",
"trust": 0.3,
"vendor": "centos",
"version": "5"
},
{
"_id": null,
"model": "proactive contact",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.0"
},
{
"_id": null,
"model": "network analysis module",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "ip office application server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "8.1"
},
{
"_id": null,
"model": "web experience factory",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.1"
},
{
"_id": null,
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.17"
},
{
"_id": null,
"model": "network node manager i",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "9.02"
},
{
"_id": null,
"model": "rational software architect",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0"
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.19"
},
{
"_id": null,
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.2"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.0"
},
{
"_id": null,
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.1"
},
{
"_id": null,
"model": "hat enterprise linux workstation optional",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"_id": null,
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.4"
},
{
"_id": null,
"model": "network node manager i",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "9.00"
},
{
"_id": null,
"model": "cics transaction gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.9"
},
{
"_id": null,
"model": "tivoli provisioning manager for os deployment",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1.3"
},
{
"_id": null,
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.2"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.8"
},
{
"_id": null,
"model": "web interface",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "5.4"
},
{
"_id": null,
"model": "lotus domino",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0"
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.2"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.2"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.8"
},
{
"_id": null,
"model": "ipod touch",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "0"
},
{
"_id": null,
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.3.3"
},
{
"_id": null,
"model": "communication server 1000e signaling server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "11.11"
},
{
"_id": null,
"model": "aura messaging",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.4"
},
{
"_id": null,
"model": "project openssl 0.9.8o",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.7"
},
{
"_id": null,
"model": "project openssl e",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"_id": null,
"model": "aura system platform sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"_id": null,
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2.2"
},
{
"_id": null,
"model": "hat enterprise linux server",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "13.0"
},
{
"_id": null,
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.1"
},
{
"_id": null,
"model": "centos",
"scope": "eq",
"trust": 0.3,
"vendor": "centos",
"version": "6"
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0"
},
{
"_id": null,
"model": "runtimes for java technology",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0"
},
{
"_id": null,
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2.1"
},
{
"_id": null,
"model": "aura communication manager utility services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.2.9"
},
{
"_id": null,
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "2.0"
},
{
"_id": null,
"model": "tivoli provisioning manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1.1.1"
},
{
"_id": null,
"model": "hat enterprise linux workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"_id": null,
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"_id": null,
"model": "tivoli common reporting",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1"
},
{
"_id": null,
"model": "project openssl 0.9.8s",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "aura communication manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.1"
},
{
"_id": null,
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.1.0.841"
},
{
"_id": null,
"model": "enterprise linux desktop workstation client",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"_id": null,
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"_id": null,
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2"
},
{
"_id": null,
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.1"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.6"
},
{
"_id": null,
"model": "communication server 1000e signaling server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.5"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.2"
},
{
"_id": null,
"model": "iphone",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "0"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.1"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.7"
},
{
"_id": null,
"model": "linux ia-32",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "13.37"
},
{
"_id": null,
"model": "web interface",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "5.3"
},
{
"_id": null,
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.4"
},
{
"_id": null,
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.5"
},
{
"_id": null,
"model": "iq",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5"
},
{
"_id": null,
"model": "emergency responder",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.021"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.1"
},
{
"_id": null,
"model": "mds",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9000"
},
{
"_id": null,
"model": "communication server 1000m",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.5"
},
{
"_id": null,
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.2"
},
{
"_id": null,
"model": "communication server 1000e signaling server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.0"
},
{
"_id": null,
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.7.770"
},
{
"_id": null,
"model": "aura communication manager utility services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"_id": null,
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.0"
},
{
"_id": null,
"model": "iq",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.1"
},
{
"_id": null,
"model": "hat enterprise linux server",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"_id": null,
"model": "nexus",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "30000"
},
{
"_id": null,
"model": "tv",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.0"
},
{
"_id": null,
"model": "communication server 1000m signaling server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.5"
},
{
"_id": null,
"model": "asset manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.0"
},
{
"_id": null,
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.4.750"
},
{
"_id": null,
"model": "aura application server sip core",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "53002.1"
},
{
"_id": null,
"model": "tv",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "2.1"
},
{
"_id": null,
"model": "communication server 1000e",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.5"
},
{
"_id": null,
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.2.2"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.2"
},
{
"_id": null,
"model": "project openssl 1.0.0a",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "communication server 1000m",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.0"
},
{
"_id": null,
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.9.790"
}
],
"sources": [
{
"db": "BID",
"id": "70574"
},
{
"db": "NVD",
"id": "CVE-2014-3566"
}
]
},
"credits": {
"_id": null,
"data": "HP",
"sources": [
{
"db": "PACKETSTORM",
"id": "137294"
},
{
"db": "PACKETSTORM",
"id": "129266"
},
{
"db": "PACKETSTORM",
"id": "130334"
},
{
"db": "PACKETSTORM",
"id": "128921"
},
{
"db": "PACKETSTORM",
"id": "136577"
},
{
"db": "PACKETSTORM",
"id": "129071"
},
{
"db": "PACKETSTORM",
"id": "129065"
}
],
"trust": 0.7
},
"cve": "CVE-2014-3566",
"cvss": {
"_id": null,
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CVE-2014-3566",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.1,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "VHN-71506",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 3.4,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"exploitabilityScore": 1.6,
"id": "CVE-2014-3566",
"impactScore": 1.4,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N",
"version": "3.1"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2014-3566",
"trust": 1.0,
"value": "LOW"
},
{
"author": "VULHUB",
"id": "VHN-71506",
"trust": 0.1,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2014-3566",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-71506"
},
{
"db": "VULMON",
"id": "CVE-2014-3566"
},
{
"db": "NVD",
"id": "CVE-2014-3566"
}
]
},
"description": {
"_id": null,
"data": "The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other products, uses nondeterministic CBC padding, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, aka the \"POODLE\" issue. OpenSSL is prone to an information disclosure vulnerability. \nAn attacker can exploit this issue to perform man-in-the-middle attacks and obtain sensitive information. Successful exploits will lead to other attacks. \nThe following versions are vulnerable:\nOpenSSL 0.9.8 prior to 0.9.8zc\nOpenSSL 1.0.0 prior to 1.0.0o\nOpenSSL 1.0.1 prior to 1.0.1j. SSL protocol is the abbreviation of Secure Socket Layer protocol (Secure Socket Layer) developed by Netscape, which provides security and data integrity guarantee for Internet communication. The vulnerability is caused by the program\u0027s use of non-deterministic CBC padding. OpenSSL Security Advisory [15 Oct 2014]\n=======================================\n\nSRTP Memory Leak (CVE-2014-3513)\n================================\n\nSeverity: High\n\nA flaw in the DTLS SRTP extension parsing code allows an attacker, who\nsends a carefully crafted handshake message, to cause OpenSSL to fail\nto free up to 64k of memory causing a memory leak. This could be\nexploited in a Denial Of Service attack. This issue affects OpenSSL\n1.0.1 server implementations for both SSL/TLS and DTLS regardless of\nwhether SRTP is used or configured. Implementations of OpenSSL that\nhave been compiled with OPENSSL_NO_SRTP defined are not affected. \n\nThis issue was reported to OpenSSL on 26th September 2014, based on an original\nissue and patch developed by the LibreSSL project. Further analysis of the issue\nwas performed by the OpenSSL team. \n\nThe fix was developed by the OpenSSL team. \n\n\nSession Ticket Memory Leak (CVE-2014-3567)\n==========================================\n\nSeverity: Medium\n\nWhen an OpenSSL SSL/TLS/DTLS server receives a session ticket the\nintegrity of that ticket is first verified. In the event of a session\nticket integrity check failing, OpenSSL will fail to free memory\ncausing a memory leak. By sending a large number of invalid session\ntickets an attacker could exploit this issue in a Denial Of Service\nattack. \n\nThis issue was reported to OpenSSL on 8th October 2014. \n\nThe fix was developed by Stephen Henson of the OpenSSL core team. \n\n\nSSL 3.0 Fallback protection\n===========================\n\nSeverity: Medium\n\nOpenSSL has added support for TLS_FALLBACK_SCSV to allow applications\nto block the ability for a MITM attacker to force a protocol\ndowngrade. \n\nSome client applications (such as browsers) will reconnect using a\ndowngraded protocol to work around interoperability bugs in older\nservers. This could be exploited by an active man-in-the-middle to\ndowngrade connections to SSL 3.0 even if both sides of the connection\nsupport higher protocols. SSL 3.0 contains a number of weaknesses\nincluding POODLE (CVE-2014-3566). \n\nhttps://tools.ietf.org/html/draft-ietf-tls-downgrade-scsv-00\nhttps://www.openssl.org/~bodo/ssl-poodle.pdf\n\nSupport for TLS_FALLBACK_SCSV was developed by Adam Langley and Bodo Moeller. \n\n\nBuild option no-ssl3 is incomplete (CVE-2014-3568)\n==================================================\n\nSeverity: Low\n\nWhen OpenSSL is configured with \"no-ssl3\" as a build option, servers\ncould accept and complete a SSL 3.0 handshake, and clients could be\nconfigured to send them. \n\nThis issue was reported to OpenSSL by Akamai Technologies on 14th October 2014. \n\nThe fix was developed by Akamai and the OpenSSL team. \n\n\nReferences\n==========\n\nURL for this Security Advisory:\nhttps://www.openssl.org/news/secadv_20141015.txt\n\nNote: the online version of the advisory may be updated with additional\ndetails over time. \n\nFor details of OpenSSL severity classifications please see:\nhttps://www.openssl.org/about/secpolicy.html\n\n. \nThe following firmware versions of Virtual Connect (VC) are impacted:\n\nHPE BladeSystem c-Class Virtual Connect (VC) Firmware 4.30 through VC 4.45\nHPE BladeSystem c-Class Virtual Connect (VC) Firmware 3.62 through VC 4.21\n\nNote: Firmware versions 3.62 through 4.21 are not impacted by CVE-2016-0800,\nCVE-2015-3194, CVE-2014-3566, CVE-2015-0705, CVE-2016-0799, and\nCVE-2016-2842. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 201507-14\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n https://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: Normal\n Title: Oracle JRE/JDK: Multiple vulnerabilities\n Date: July 10, 2015\n Bugs: #537214\n ID: 201507-14\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nMultiple vulnerabilities have been found in Oracle JRE/JDK, allowing\nboth local and remote attackers to compromise various Java components. Please\nreview the CVE identifiers referenced below for details. \n\nImpact\n======\n\nAn context-dependent attacker may be able to influence the\nconfidentiality, integrity, and availability of Java\napplications/runtime. \n\nWorkaround\n==========\n\nThere is no workaround at this time. \n\nResolution\n==========\n\nAll Oracle JRE 8 users should upgrade to the latest stable version:\n\u003ccode\u003e\n# emerge --sync\n# emerge --ask --oneshot --verbose \"\u003e=dev-java/oracle-jre-bin-1.8.0.31\n\nAll Oracle JDK 8 users should upgrade to the latest stable version:\n\u003ccode\u003e\n# emerge --sync\n# emerge --ask --oneshot --verbose \"\u003e=dev-java/oracle-jdk-bin-1.8.0.31\n\nAll Oracle JRE 7 users should upgrade to the latest version:\n\u003ccode\u003e\n# emerge --sync\n# emerge --ask --oneshot --verbose \"\u003e=dev-java/oracle-jre-bin-1.7.0.76\n\nAll Oracle JDK 7 users should upgrade to the latest stable version:\n\u003ccode\u003e\n# emerge --sync\n# emerge --ask --oneshot --verbose \"\u003e=dev-java/oracle-jdk-bin-1.7.0.76\n\nReferences\n==========\n\n[ 1 ] CVE-2014-3566\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-3566\n[ 2 ] CVE-2014-6549\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-6549\n[ 3 ] CVE-2014-6585\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-6585\n[ 4 ] CVE-2014-6587\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-6587\n[ 5 ] CVE-2014-6591\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-6591\n[ 6 ] CVE-2014-6593\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-6593\n[ 7 ] CVE-2014-6601\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-6601\n[ 8 ] CVE-2015-0383\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0383\n[ 9 ] CVE-2015-0395\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0395\n[ 10 ] CVE-2015-0400\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0400\n[ 11 ] CVE-2015-0403\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0403\n[ 12 ] CVE-2015-0406\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0406\n[ 13 ] CVE-2015-0407\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0407\n[ 14 ] CVE-2015-0408\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0408\n[ 15 ] CVE-2015-0410\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0410\n[ 16 ] CVE-2015-0412\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0412\n[ 17 ] CVE-2015-0413\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0413\n[ 18 ] CVE-2015-0421\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0421\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n https://security.gentoo.org/glsa/201507-14\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2015 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n. \n\n HP CMS: UCMDB Browser all supported versions. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=====================================================================\n Red Hat Security Advisory\n\nSynopsis: Critical: java-1.7.0-ibm security update\nAdvisory ID: RHSA-2014:1876-01\nProduct: Red Hat Enterprise Linux Supplementary\nAdvisory URL: https://rhn.redhat.com/errata/RHSA-2014-1876.html\nIssue date: 2014-11-19\nCVE Names: CVE-2014-3065 CVE-2014-3566 CVE-2014-4288 \n CVE-2014-6456 CVE-2014-6457 CVE-2014-6458 \n CVE-2014-6476 CVE-2014-6492 CVE-2014-6493 \n CVE-2014-6502 CVE-2014-6503 CVE-2014-6506 \n CVE-2014-6511 CVE-2014-6512 CVE-2014-6515 \n CVE-2014-6527 CVE-2014-6531 CVE-2014-6532 \n CVE-2014-6558 \n=====================================================================\n\n1. Summary:\n\nUpdated java-1.7.0-ibm packages that fix several security issues are now\navailable for Red Hat Enterprise Linux 5 Supplementary. \n\nRed Hat Product Security has rated this update as having Critical security\nimpact. Common Vulnerability Scoring System (CVSS) base scores, which give\ndetailed severity ratings, are available for each vulnerability from the\nCVE links in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64\nRed Hat Enterprise Linux Server Supplementary (v. 5) - i386, ppc, s390x, x86_64\n\n3. Description:\n\nIBM Java SE version 7 includes the IBM Java Runtime Environment and the IBM\nJava Software Development Kit. \n\nThis update fixes several vulnerabilities in the IBM Java Runtime\nEnvironment and the IBM Java Software Development Kit. Detailed\nvulnerability descriptions are linked from the IBM Security alerts\npage, listed in the References section. (CVE-2014-3065, CVE-2014-3566,\nCVE-2014-4288, CVE-2014-6456, CVE-2014-6457, CVE-2014-6458, CVE-2014-6476,\nCVE-2014-6492, CVE-2014-6493, CVE-2014-6502, CVE-2014-6503, CVE-2014-6506,\nCVE-2014-6511, CVE-2014-6512, CVE-2014-6515, CVE-2014-6527, CVE-2014-6531,\nCVE-2014-6532, CVE-2014-6558)\n\nThe CVE-2014-6512 issue was discovered by Florian Weimer of Red Hat\nProduct Security. \n\nNote: With this update, the IBM SDK now disables the SSL 3.0 protocol to\naddress the CVE-2014-3566 issue (also known as POODLE). Refer to the IBM\narticle linked to in the References section for additional details about\nthis change and instructions on how to re-enable SSL 3.0 support if needed. \n\nAll users of java-1.7.0-ibm are advised to upgrade to these updated\npackages, containing the IBM Java SE 7 SR8 release. All running instances\nof IBM Java must be restarted for the update to take effect. \n\n4. Solution:\n\nBefore applying this update, make sure all previously released errata\nrelevant to your system have been applied. \n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/articles/11258\n\n5. Bugs fixed (https://bugzilla.redhat.com/):\n\n1071210 - CVE-2014-6512 OpenJDK: DatagramSocket connected socket missing source check (Libraries, 8039509)\n1150155 - CVE-2014-6506 OpenJDK: insufficient permission checks when setting resource bundle on system logger (Libraries, 8041564)\n1150651 - CVE-2014-6531 OpenJDK: insufficient ResourceBundle name check (Libraries, 8044274)\n1150669 - CVE-2014-6502 OpenJDK: LogRecord use of incorrect CL when loading ResourceBundle (Libraries, 8042797)\n1151046 - CVE-2014-6457 OpenJDK: Triple Handshake attack against TLS/SSL connections (JSSE, 8037066)\n1151063 - CVE-2014-6558 OpenJDK: CipherInputStream incorrect exception handling (Security, 8037846)\n1151517 - CVE-2014-6511 ICU: Layout Engine ContextualSubstitution missing boundary checks (JDK 2D, 8041540)\n1152756 - CVE-2014-6532 Oracle JDK: unspecified vulnerability fixed in 6u85, 7u71 and 8u25 (Deployment)\n1152757 - CVE-2014-6503 Oracle JDK: unspecified vulnerability fixed in 6u85, 7u71 and 8u25 (Deployment)\n1152758 - CVE-2014-6456 Oracle JDK: unspecified vulnerability fixed in 7u71 and 8u25 (Deployment)\n1152759 - CVE-2014-6492 Oracle JDK: unspecified vulnerability fixed in 6u85, 7u71 and 8u25 (Deployment)\n1152760 - CVE-2014-6493 Oracle JDK: unspecified vulnerability fixed in 6u85, 7u71 and 8u25 (Deployment)\n1152761 - CVE-2014-4288 Oracle JDK: unspecified vulnerability fixed in 6u85, 7u71 and 8u25 (Deployment)\n1152763 - CVE-2014-6458 Oracle JDK: unspecified vulnerability fixed in 6u85, 7u71 and 8u25 (Deployment)\n1152765 - CVE-2014-6476 Oracle JDK: unspecified vulnerability fixed in 7u71 and 8u25 (Deployment)\n1152766 - CVE-2014-6515 Oracle JDK: unspecified vulnerability fixed in 6u85, 7u71 and 8u25 (Deployment)\n1152767 - CVE-2014-6527 Oracle JDK: unspecified vulnerability fixed in 7u71 and 8u25 (Deployment)\n1152789 - CVE-2014-3566 SSL/TLS: Padding Oracle On Downgraded Legacy Encryption attack\n1162554 - CVE-2014-3065 IBM JDK: privilege escalation via shared class cache\n\n6. Package List:\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 5):\n\ni386:\njava-1.7.0-ibm-1.7.0.8.0-1jpp.1.el5.i386.rpm\njava-1.7.0-ibm-demo-1.7.0.8.0-1jpp.1.el5.i386.rpm\njava-1.7.0-ibm-devel-1.7.0.8.0-1jpp.1.el5.i386.rpm\njava-1.7.0-ibm-jdbc-1.7.0.8.0-1jpp.1.el5.i386.rpm\njava-1.7.0-ibm-plugin-1.7.0.8.0-1jpp.1.el5.i386.rpm\njava-1.7.0-ibm-src-1.7.0.8.0-1jpp.1.el5.i386.rpm\n\nx86_64:\njava-1.7.0-ibm-1.7.0.8.0-1jpp.1.el5.i386.rpm\njava-1.7.0-ibm-1.7.0.8.0-1jpp.1.el5.x86_64.rpm\njava-1.7.0-ibm-demo-1.7.0.8.0-1jpp.1.el5.i386.rpm\njava-1.7.0-ibm-demo-1.7.0.8.0-1jpp.1.el5.x86_64.rpm\njava-1.7.0-ibm-devel-1.7.0.8.0-1jpp.1.el5.i386.rpm\njava-1.7.0-ibm-devel-1.7.0.8.0-1jpp.1.el5.x86_64.rpm\njava-1.7.0-ibm-jdbc-1.7.0.8.0-1jpp.1.el5.i386.rpm\njava-1.7.0-ibm-jdbc-1.7.0.8.0-1jpp.1.el5.x86_64.rpm\njava-1.7.0-ibm-plugin-1.7.0.8.0-1jpp.1.el5.i386.rpm\njava-1.7.0-ibm-plugin-1.7.0.8.0-1jpp.1.el5.x86_64.rpm\njava-1.7.0-ibm-src-1.7.0.8.0-1jpp.1.el5.i386.rpm\njava-1.7.0-ibm-src-1.7.0.8.0-1jpp.1.el5.x86_64.rpm\n\nRed Hat Enterprise Linux Server Supplementary (v. 5):\n\ni386:\njava-1.7.0-ibm-1.7.0.8.0-1jpp.1.el5.i386.rpm\njava-1.7.0-ibm-demo-1.7.0.8.0-1jpp.1.el5.i386.rpm\njava-1.7.0-ibm-devel-1.7.0.8.0-1jpp.1.el5.i386.rpm\njava-1.7.0-ibm-jdbc-1.7.0.8.0-1jpp.1.el5.i386.rpm\njava-1.7.0-ibm-plugin-1.7.0.8.0-1jpp.1.el5.i386.rpm\njava-1.7.0-ibm-src-1.7.0.8.0-1jpp.1.el5.i386.rpm\n\nppc:\njava-1.7.0-ibm-1.7.0.8.0-1jpp.1.el5.ppc.rpm\njava-1.7.0-ibm-1.7.0.8.0-1jpp.1.el5.ppc64.rpm\njava-1.7.0-ibm-demo-1.7.0.8.0-1jpp.1.el5.ppc.rpm\njava-1.7.0-ibm-demo-1.7.0.8.0-1jpp.1.el5.ppc64.rpm\njava-1.7.0-ibm-devel-1.7.0.8.0-1jpp.1.el5.ppc.rpm\njava-1.7.0-ibm-devel-1.7.0.8.0-1jpp.1.el5.ppc64.rpm\njava-1.7.0-ibm-jdbc-1.7.0.8.0-1jpp.1.el5.ppc.rpm\njava-1.7.0-ibm-jdbc-1.7.0.8.0-1jpp.1.el5.ppc64.rpm\njava-1.7.0-ibm-plugin-1.7.0.8.0-1jpp.1.el5.ppc.rpm\njava-1.7.0-ibm-src-1.7.0.8.0-1jpp.1.el5.ppc.rpm\njava-1.7.0-ibm-src-1.7.0.8.0-1jpp.1.el5.ppc64.rpm\n\ns390x:\njava-1.7.0-ibm-1.7.0.8.0-1jpp.1.el5.s390.rpm\njava-1.7.0-ibm-1.7.0.8.0-1jpp.1.el5.s390x.rpm\njava-1.7.0-ibm-demo-1.7.0.8.0-1jpp.1.el5.s390.rpm\njava-1.7.0-ibm-demo-1.7.0.8.0-1jpp.1.el5.s390x.rpm\njava-1.7.0-ibm-devel-1.7.0.8.0-1jpp.1.el5.s390.rpm\njava-1.7.0-ibm-devel-1.7.0.8.0-1jpp.1.el5.s390x.rpm\njava-1.7.0-ibm-jdbc-1.7.0.8.0-1jpp.1.el5.s390.rpm\njava-1.7.0-ibm-jdbc-1.7.0.8.0-1jpp.1.el5.s390x.rpm\njava-1.7.0-ibm-src-1.7.0.8.0-1jpp.1.el5.s390.rpm\njava-1.7.0-ibm-src-1.7.0.8.0-1jpp.1.el5.s390x.rpm\n\nx86_64:\njava-1.7.0-ibm-1.7.0.8.0-1jpp.1.el5.i386.rpm\njava-1.7.0-ibm-1.7.0.8.0-1jpp.1.el5.x86_64.rpm\njava-1.7.0-ibm-demo-1.7.0.8.0-1jpp.1.el5.i386.rpm\njava-1.7.0-ibm-demo-1.7.0.8.0-1jpp.1.el5.x86_64.rpm\njava-1.7.0-ibm-devel-1.7.0.8.0-1jpp.1.el5.i386.rpm\njava-1.7.0-ibm-devel-1.7.0.8.0-1jpp.1.el5.x86_64.rpm\njava-1.7.0-ibm-jdbc-1.7.0.8.0-1jpp.1.el5.i386.rpm\njava-1.7.0-ibm-jdbc-1.7.0.8.0-1jpp.1.el5.x86_64.rpm\njava-1.7.0-ibm-plugin-1.7.0.8.0-1jpp.1.el5.i386.rpm\njava-1.7.0-ibm-plugin-1.7.0.8.0-1jpp.1.el5.x86_64.rpm\njava-1.7.0-ibm-src-1.7.0.8.0-1jpp.1.el5.i386.rpm\njava-1.7.0-ibm-src-1.7.0.8.0-1jpp.1.el5.x86_64.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. References:\n\nhttps://access.redhat.com/security/cve/CVE-2014-3065\nhttps://access.redhat.com/security/cve/CVE-2014-3566\nhttps://access.redhat.com/security/cve/CVE-2014-4288\nhttps://access.redhat.com/security/cve/CVE-2014-6456\nhttps://access.redhat.com/security/cve/CVE-2014-6457\nhttps://access.redhat.com/security/cve/CVE-2014-6458\nhttps://access.redhat.com/security/cve/CVE-2014-6476\nhttps://access.redhat.com/security/cve/CVE-2014-6492\nhttps://access.redhat.com/security/cve/CVE-2014-6493\nhttps://access.redhat.com/security/cve/CVE-2014-6502\nhttps://access.redhat.com/security/cve/CVE-2014-6503\nhttps://access.redhat.com/security/cve/CVE-2014-6506\nhttps://access.redhat.com/security/cve/CVE-2014-6511\nhttps://access.redhat.com/security/cve/CVE-2014-6512\nhttps://access.redhat.com/security/cve/CVE-2014-6515\nhttps://access.redhat.com/security/cve/CVE-2014-6527\nhttps://access.redhat.com/security/cve/CVE-2014-6531\nhttps://access.redhat.com/security/cve/CVE-2014-6532\nhttps://access.redhat.com/security/cve/CVE-2014-6558\nhttps://access.redhat.com/security/updates/classification/#critical\nhttps://www.ibm.com/developerworks/java/jdk/alerts/\nhttps://www-01.ibm.com/support/docview.wss?uid=swg21688165\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2014 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niD8DBQFUbOWGXlSAg2UNWIIRAhPmAJ96YO5JFEg4GS1MkDIeXQkRxbN0hACgoUiY\nehbScogUJnSordhBH11LgWQ=\n=ko7F\n-----END PGP SIGNATURE-----\n\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n. \n\nftp://ssl098zc:Secure12@ftp.usa.hp.com\n\nUser name: ssl098zc Password: (NOTE: Case sensitive) Secure12\n\nHP-UX Release\n HP-UX OpenSSL version\n\nB.11.11 (11i v1)\n A.00.09.08zc.001_HP-UX_B.11.11_32+64.depot\n\nB.11.23 (11i v2)\n A.00.09.08zc.002_HP-UX_B.11.23_IA-PA.depot\n\nB.11.31 (11i v3)\n A.00.09.08zc.003_HP-UX_B.11.31_IA-PA.depot\n\nMANUAL ACTIONS: Yes - Update\n\nInstall OpenSSL A.00.09.08zc or subsequent\n\nPRODUCT SPECIFIC INFORMATION\n\nHP-UX Software Assistant: HP-UX Software Assistant is an enhanced application\nthat replaces HP-UX Security Patch Check. It analyzes all Security Bulletins\nissued by HP and lists recommended actions that may apply to a specific HP-UX\nsystem. It can also download patches and create a depot automatically. For\nmore information see: https://www.hp.com/go/swa\n\nThe following text is for use by the HP-UX Software Assistant. \n\nThe update is available from HPE Software Depot: https://h20392.www2.hpe.com/\nportal/swdepot/displayProductInfo.do?productNumber=HPVPRhttps://www.hpe.com\n\nNote: HPE recommends customers using OV4VC 7.8.1 and earlier should upgrade\nto OV4VC 7.8.2. This addresses all SSL security vulnerabilities reported\nthrough March 28, 2016. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\nNote: the current version of the following document is available here:\nhttps://h20564.www2.hp.com/portal/site/hpsc/public/kb/\ndocDisplay?docId=emr_na-c04496538\n\nSUPPORT COMMUNICATION - SECURITY BULLETIN\n\nDocument ID: c04496538\nVersion: 1\n\nHPSBGN03164 rev.1 - HP IceWall SSO Dfw, SSO Certd and MCRP running OpenSSL,\nRemote Disclosure of Information\n\nNOTICE: The information in this Security Bulletin should be acted upon as\nsoon as possible. \n\nRelease Date: 2014-11-10\nLast Updated: 2014-11-10\n\nPotential Security Impact: Remote disclosure of information\n\nSource: Hewlett-Packard Company, HP Software Security Response Team\n\nVULNERABILITY SUMMARY\nA potential security vulnerability has been identified with HP IceWall SSO\nDfw , SSO Certd, and MCRP running OpenSSL. \n\nThis is the SSLv3 vulnerability known as \"Padding Oracle on Downgraded Legacy\nEncryption\" or \"Poodle\", which could be exploited remotely resulting in\ndisclosure of information.. \n\nReferences: CVE-2014-3566 (SSRT101789)\n\nSUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. \n\n - HP IceWall MCRP v2.1, v3.0\n - HP IceWall SSO Dfw v8.0, v8.0 R1, v8.0 R2, v8.0 R3, and v10.0\n - HP IceWall SSO Certd v8.0R3 with DB plugin patch 2 and v10.0\n\nBACKGROUND\n\nCVSS 2.0 Base Metrics\n===========================================================\n Reference Base Vector Base Score\nCVE-2014-3566 (AV:N/AC:M/Au:N/C:P/I:N/A:N) 4.3\n===========================================================\n Information on CVSS is documented\n in HP Customer Notice: HPSN-2008-002\n\nRESOLUTION\n\nHP recommends the following software updates and workaround instructions to\nresolve this vulnerability for HP IceWall SSO Dfw, SSO Certd, and MCRP. \n\n The software updates are available at:\n\n http://www.hp.com/jp/icewall_patchaccess\n\n Notes:\n\n - There are no updates or mitigations for MCRP 2.1 and Dfw\n8.0/8.0R1/8.0R2/8.0R3. \n - HP recommends updating these older versions to the latest versions and\npatches and then following the WORKAROUND INSTRUCTIONS below. \n - The WORKAROUND INSTRUCTIONS should be followed after applying the\nfollowing updates. \n\n Software Update Versions\n\n HP IceWall MCRP 3.0 Patch release 1\n\n HP IceWall SSO Dfw 10.0 Patch release 7\n\n Note: Both software update versions provide the use of TLSv1 which is not\nvulnerable and available for each supported platform. \n\nWORKAROUND INSTRUCTIONS\n\n HP recommends the following information to protect against potential risk\nfor the following HP IceWall products. \n\n HP IceWall SSO Dfw and MCRP\n\n - If possible, do not use the SHOST setting which allows IceWall SSO\nDfw or MCRP to use SSL/TLS protocol to back-end web servers. \n\n - The following steps should be applied if SSL/TLS protocol to back-end\nweb servers must be used:\n\n o For MCRP: apply MCRP patch release 1\n o For Dfw: apply Dfw patch release 7 or later\n o Set SSL_PROTOCOL parameter to TLSv1\n\n HP IceWall SSO Certd\n\n - For Certd version 10.0 and 8.0R3: apply DB plugin patch release 2\n\n - If possible, do not use the LDAPSSL setting which allows IceWall SSO\nCertd to connect to the LDAP server using SSL/TLS protocol. \n\n - If SSL/TLS protocol must be used to LDAP server, configure the LDAP\nserver to use only TLSv1 as a mitigation for the vulnerability. For example,\non an OpenLDAP server (slapd), Set the TLSProtocolMin parameter. \n\nNote: The HP IceWall product is only available in Japan. \n\nHISTORY\nVersion:1 (rev.1) - 10 November 2014 Initial release\n\nThird Party Security Patches: Third party security patches that are to be\ninstalled on systems running HP software products should be applied in\naccordance with the customer\u0027s patch management policy. \n\nSupport: For issues about implementing the recommendations of this Security\nBulletin, contact normal HP Services support channel. For other issues about\nthe content of this Security Bulletin, send e-mail to security-alert@hp.com. \n\nReport: To report a potential security vulnerability with any HP supported\nproduct, send Email to: security-alert@hp.com\n\nSubscribe: To initiate a subscription to receive future HP Security Bulletin\nalerts via Email:\nhttp://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins\n\nSecurity Bulletin Archive: A list of recently released Security Bulletins is\navailable here:\nhttps://h20564.www2.hp.com/portal/site/hpsc/public/kb/secBullArchive/\n\nSoftware Product Category: The Software Product Category is represented in\nthe title by the two characters following HPSB. \n\n3C = 3COM\n3P = 3rd Party Software\nGN = HP General Software\nHF = HP Hardware and Firmware\nMP = MPE/iX\nMU = Multi-Platform Software\nNS = NonStop Servers\nOV = OpenVMS\nPI = Printing and Imaging\nPV = ProCurve\nST = Storage Software\nTU = Tru64 UNIX\nUX = HP-UX\n\nCopyright 2014 Hewlett-Packard Development Company, L.P. \nHewlett-Packard Company shall not be liable for technical or editorial errors\nor omissions contained herein. The information provided is provided \"as is\"\nwithout warranty of any kind. To the extent permitted by law, neither HP or\nits affiliates, subcontractors or suppliers will be liable for\nincidental,special or consequential damages including downtime cost; lost\nprofits; damages relating to the procurement of substitute products or\nservices; or damages for loss of data, or software restoration. The\ninformation in this document is subject to change without notice. \nHewlett-Packard Company and the names of Hewlett-Packard products referenced\nherein are trademarks of Hewlett-Packard Company in the United States and\nother countries. Other product and company names mentioned herein may be\ntrademarks of their respective owners. \n\nHP SiteScope 11.1x\nHP SiteScope 11.2x\n\nImportant note: HP SiteScope is impacted if and only if it is configured to\nwork over secure channel (HTTPS). This protocol is now disabled by default. \n\nFor the oldstable distribution (wheezy), this problem has been fixed\nin version 1.4.31-4+deb7u4. \n\nWe recommend that you upgrade your lighttpd packages",
"sources": [
{
"db": "NVD",
"id": "CVE-2014-3566"
},
{
"db": "BID",
"id": "70574"
},
{
"db": "VULHUB",
"id": "VHN-71506"
},
{
"db": "VULMON",
"id": "CVE-2014-3566"
},
{
"db": "PACKETSTORM",
"id": "169664"
},
{
"db": "PACKETSTORM",
"id": "137294"
},
{
"db": "PACKETSTORM",
"id": "132641"
},
{
"db": "PACKETSTORM",
"id": "129266"
},
{
"db": "PACKETSTORM",
"id": "129178"
},
{
"db": "PACKETSTORM",
"id": "130334"
},
{
"db": "PACKETSTORM",
"id": "128921"
},
{
"db": "PACKETSTORM",
"id": "136577"
},
{
"db": "PACKETSTORM",
"id": "129071"
},
{
"db": "PACKETSTORM",
"id": "129065"
},
{
"db": "PACKETSTORM",
"id": "135908"
}
],
"trust": 2.34
},
"exploit_availability": {
"_id": null,
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-71506",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-71506"
}
]
},
"external_ids": {
"_id": null,
"data": [
{
"db": "NVD",
"id": "CVE-2014-3566",
"trust": 2.6
},
{
"db": "BID",
"id": "70574",
"trust": 1.4
},
{
"db": "ICS CERT",
"id": "ICSMA-18-058-02",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "61130",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "61995",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "60792",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "61019",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "61316",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "61827",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "61782",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "60056",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "61810",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "61819",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "61825",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "60206",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "61303",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "61359",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "61345",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "59627",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "60859",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "61926",
"trust": 1.1
},
{
"db": "SECTRACK",
"id": "1031120",
"trust": 1.1
},
{
"db": "SECTRACK",
"id": "1031106",
"trust": 1.1
},
{
"db": "SECTRACK",
"id": "1031124",
"trust": 1.1
},
{
"db": "SECTRACK",
"id": "1031091",
"trust": 1.1
},
{
"db": "SECTRACK",
"id": "1031095",
"trust": 1.1
},
{
"db": "SECTRACK",
"id": "1031088",
"trust": 1.1
},
{
"db": "SECTRACK",
"id": "1031093",
"trust": 1.1
},
{
"db": "SECTRACK",
"id": "1031105",
"trust": 1.1
},
{
"db": "SECTRACK",
"id": "1031094",
"trust": 1.1
},
{
"db": "SECTRACK",
"id": "1031087",
"trust": 1.1
},
{
"db": "SECTRACK",
"id": "1031090",
"trust": 1.1
},
{
"db": "SECTRACK",
"id": "1031107",
"trust": 1.1
},
{
"db": "SECTRACK",
"id": "1031132",
"trust": 1.1
},
{
"db": "SECTRACK",
"id": "1031085",
"trust": 1.1
},
{
"db": "SECTRACK",
"id": "1031039",
"trust": 1.1
},
{
"db": "SECTRACK",
"id": "1031096",
"trust": 1.1
},
{
"db": "SECTRACK",
"id": "1031131",
"trust": 1.1
},
{
"db": "SECTRACK",
"id": "1031029",
"trust": 1.1
},
{
"db": "SECTRACK",
"id": "1031123",
"trust": 1.1
},
{
"db": "SECTRACK",
"id": "1031086",
"trust": 1.1
},
{
"db": "SECTRACK",
"id": "1031130",
"trust": 1.1
},
{
"db": "SECTRACK",
"id": "1031092",
"trust": 1.1
},
{
"db": "SECTRACK",
"id": "1031089",
"trust": 1.1
},
{
"db": "USCERT",
"id": "TA14-290A",
"trust": 1.1
},
{
"db": "MCAFEE",
"id": "SB10091",
"trust": 1.1
},
{
"db": "MCAFEE",
"id": "SB10104",
"trust": 1.1
},
{
"db": "MCAFEE",
"id": "SB10090",
"trust": 1.1
},
{
"db": "CERT/CC",
"id": "VU#577193",
"trust": 1.1
},
{
"db": "JUNIPER",
"id": "JSA10705",
"trust": 1.1
},
{
"db": "PACKETSTORM",
"id": "128921",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "129065",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "129266",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "132641",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "136577",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "130334",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "129071",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "135908",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "131009",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "130184",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "131051",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "128838",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "130217",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "130296",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "129150",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "132084",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "132573",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "131354",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "128969",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "132469",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "128669",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "128866",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "129265",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "129217",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "136599",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "133640",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "129263",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "129614",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "130759",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "131011",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "139063",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "128863",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "130332",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "128730",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "130298",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "131690",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "128770",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "130125",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "128732",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "128733",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "130816",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "129528",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "130052",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "129294",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "132470",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "133836",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "129242",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "129401",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "130304",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "130549",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "129427",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "130085",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "131008",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "137652",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "130046",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "130086",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "128769",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "130141",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "131535",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "130181",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "133368",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "132942",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "130070",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "129318",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "132965",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "131790",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "130818",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "130817",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "128771",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "130050",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "133600",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "130072",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "129120",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "129426",
"trust": 0.1
},
{
"db": "CNNVD",
"id": "CNNVD-201410-267",
"trust": 0.1
},
{
"db": "SEEBUG",
"id": "SSVID-92692",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-71506",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2014-3566",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "169664",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "137294",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "129178",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-71506"
},
{
"db": "VULMON",
"id": "CVE-2014-3566"
},
{
"db": "BID",
"id": "70574"
},
{
"db": "PACKETSTORM",
"id": "169664"
},
{
"db": "PACKETSTORM",
"id": "137294"
},
{
"db": "PACKETSTORM",
"id": "132641"
},
{
"db": "PACKETSTORM",
"id": "129266"
},
{
"db": "PACKETSTORM",
"id": "129178"
},
{
"db": "PACKETSTORM",
"id": "130334"
},
{
"db": "PACKETSTORM",
"id": "128921"
},
{
"db": "PACKETSTORM",
"id": "136577"
},
{
"db": "PACKETSTORM",
"id": "129071"
},
{
"db": "PACKETSTORM",
"id": "129065"
},
{
"db": "PACKETSTORM",
"id": "135908"
},
{
"db": "NVD",
"id": "CVE-2014-3566"
}
]
},
"id": "VAR-201410-1418",
"iot": {
"_id": null,
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-71506"
}
],
"trust": 0.5931986333333333
},
"last_update_date": "2026-04-10T23:34:59.740000Z",
"patch": {
"_id": null,
"data": [
{
"title": "Debian Security Advisories: DSA-3489-1 lighttpd -- security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=dcb828f6dad683ea0da76b6c62cde0ea"
},
{
"title": "HP: SUPPORT COMMUNICATION- SECURITY BULLETIN\nHPSBPI03360 rev.5 - HP LaserJet Printers and MFPs, HP OfficeJet Printers and MFPs, and HP JetDirect Networking cards using OpenSSL, Remote Disclosure of Information",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=hp_bulletin\u0026qid=4545b8bd124b33fa1434a34c59003fd5"
},
{
"title": "HP: HPSBPI03360 rev.5 - HP LaserJet Printers and MFPs, HP OfficeJet Printers and MFPs, and HP JetDirect Networking cards using OpenSSL, Remote Disclosure of Information",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=hp_bulletin\u0026qid=HPSBPI03360"
},
{
"title": "Debian CVElist Bug Report Logs: Not possible to disable SSLv3",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs\u0026qid=cd46735759deed658e1e15bd89794f91"
},
{
"title": "Amazon Linux AMI: ALAS-2014-426",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami\u0026qid=ALAS-2014-426"
},
{
"title": "Red Hat: CVE-2014-3566",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database\u0026qid=CVE-2014-3566"
},
{
"title": "Amazon Linux AMI: ALAS-2014-429",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami\u0026qid=ALAS-2014-429"
},
{
"title": "HP: SUPPORT COMMUNICATION- SECURITY BULLETIN\nHPSBPI03360 rev.5 - HP LaserJet Printers and MFPs, HP OfficeJet Printers and MFPs, and HP JetDirect Networking cards using OpenSSL, Remote Disclosure of Information",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=hp_bulletin\u0026qid=9e10ca91834a4f14416f4e75e776c6b6"
},
{
"title": "Red Hat: Important: java-1.6.0-openjdk security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20150085 - Security Advisory"
},
{
"title": "Red Hat: Critical: java-1.7.0-openjdk security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20150067 - Security Advisory"
},
{
"title": "Debian Security Advisories: DSA-3253-1 pound -- security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=ad76a2fc91623114f1aaa478b7ecbe12"
},
{
"title": "Red Hat: Important: java-1.7.0-openjdk security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20150068 - Security Advisory"
},
{
"title": "Red Hat: Important: java-1.8.0-openjdk security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20150069 - Security Advisory"
},
{
"title": "Red Hat: Critical: java-1.7.0-oracle security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20150079 - Security Advisory"
},
{
"title": "Red Hat: Important: java-1.6.0-sun security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20150086 - Security Advisory"
},
{
"title": "Debian Security Advisories: DSA-3053-1 openssl -- security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=89bdef3607a7448566a930eca0e94cb3"
},
{
"title": "Symantec Security Advisories: SA83 : SSL v3 Poodle Attack",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=symantec_security_advisories\u0026qid=3703d1b5dc42da47d311d20afe00de22"
},
{
"title": "Red Hat: Critical: java-1.8.0-oracle security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20150080 - Security Advisory"
},
{
"title": "Cisco: SSL-TLS Implementations Cipher Block Chaining Padding Information Disclosure Vulnerability",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts\u0026qid=Cisco-SA-20141211-CVE-2014-8730"
},
{
"title": "Debian CVElist Bug Report Logs: asterisk: CVE-2014-9374",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs\u0026qid=5ec9c01ff2551bc64f61573dcb290621"
},
{
"title": "Citrix Security Bulletins: CVE-2014-3566 - Citrix Security Advisory for SSLv3 Protocol Flaw",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=citrix_security_bulletins\u0026qid=510bf83b7458a7704870eecdfadf5704"
},
{
"title": "Debian CVElist Bug Report Logs: CVE-2014-8418 CVE-2014-8412 CVE-2014-8414 CVE-2014-8417",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs\u0026qid=ea75db152315222e9fc0490c8b65fb98"
},
{
"title": "Tenable Security Advisories: [R6] SSLv3 Protocol Vulnerability Affects Tenable Products (POODLE)",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=tenable_security_advisories\u0026qid=TNS-2014-09"
},
{
"title": "Ubuntu Security Notice: openjdk-7 vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-2487-1"
},
{
"title": "Debian Security Advisories: DSA-3144-1 openjdk-7 -- security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=d750da8121d006282839ec576885794b"
},
{
"title": "Red Hat: Low: Red Hat Satellite IBM Java Runtime security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20150264 - Security Advisory"
},
{
"title": "Debian Security Advisories: DSA-3147-1 openjdk-6 -- security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=f0587b999035ec3e03b0795bc92b0a31"
},
{
"title": "Ubuntu Security Notice: openjdk-6 vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-2486-1"
},
{
"title": "Amazon Linux AMI: ALAS-2015-480",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami\u0026qid=ALAS-2015-480"
},
{
"title": "Amazon Linux AMI: ALAS-2015-471",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami\u0026qid=ALAS-2015-471"
},
{
"title": "Huawei Security Advisories: Huawei PSIRT: Technical Analysis Report Regarding Finite State Supply Chain Assessment",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=huawei_security_advisories\u0026qid=73885f997edba4cefdd6ba9030e87bdc"
},
{
"title": "mangy-beast",
"trust": 0.1,
"url": "https://github.com/ashmastaflash/mangy-beast "
},
{
"title": "BASH_froggPoodler",
"trust": 0.1,
"url": "https://github.com/FroggDev/BASH_froggPoodler "
},
{
"title": "lacework-kaholo-autoremediation",
"trust": 0.1,
"url": "https://github.com/automatecloud/lacework-kaholo-autoremediation "
},
{
"title": "bouncer",
"trust": 0.1,
"url": "https://github.com/ggrandes/bouncer "
},
{
"title": "voipnowpatches",
"trust": 0.1,
"url": "https://github.com/4psa/voipnowpatches "
},
{
"title": "ric13351",
"trust": 0.1,
"url": "https://github.com/bjayesh/ric13351 "
},
{
"title": "squeeze-lighttpd-poodle",
"trust": 0.1,
"url": "https://github.com/matjohns/squeeze-lighttpd-poodle "
},
{
"title": "poodle_check",
"trust": 0.1,
"url": "https://github.com/rameezts/poodle_check "
},
{
"title": "poodle_protector",
"trust": 0.1,
"url": "https://github.com/stdevel/poodle_protector "
},
{
"title": "bouncer",
"trust": 0.1,
"url": "https://github.com/TechPorter20/bouncer "
},
{
"title": "aws_poodle_fix",
"trust": 0.1,
"url": "https://github.com/rvaralda/aws_poodle_fix "
},
{
"title": "dnsmanagerpatches",
"trust": 0.1,
"url": "https://github.com/4psa/dnsmanagerpatches "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/Wanderwille/13.01 "
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2014-3566"
}
]
},
"problemtype_data": {
"_id": null,
"data": [
{
"problemtype": "CWE-310",
"trust": 1.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-71506"
},
{
"db": "NVD",
"id": "CVE-2014-3566"
}
]
},
"references": {
"_id": null,
"data": [
{
"trust": 1.2,
"url": "https://security.gentoo.org/glsa/201507-14"
},
{
"trust": 1.2,
"url": "http://rhn.redhat.com/errata/rhsa-2014-1876.html"
},
{
"trust": 1.2,
"url": "https://www-01.ibm.com/support/docview.wss?uid=swg21688165"
},
{
"trust": 1.2,
"url": "https://www.openssl.org/news/secadv_20141015.txt"
},
{
"trust": 1.2,
"url": "https://www.openssl.org/~bodo/ssl-poodle.pdf"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1031029"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1031039"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1031085"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1031086"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1031087"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1031088"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1031089"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1031090"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1031091"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1031092"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1031093"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1031094"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1031095"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1031096"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1031105"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1031106"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1031107"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1031120"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1031123"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1031124"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1031130"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1031131"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1031132"
},
{
"trust": 1.1,
"url": "http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20141015-poodle"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/59627"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/60056"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/60206"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/60792"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/60859"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/61019"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/61130"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/61303"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/61316"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/61345"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/61359"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/61782"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/61810"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/61819"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/61825"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/61827"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/61926"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/61995"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/bid/70574"
},
{
"trust": 1.1,
"url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html"
},
{
"trust": 1.1,
"url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0103.html"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/archive/1/533724/100/0/threaded"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/archive/1/533747"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/archive/1/533746"
},
{
"trust": 1.1,
"url": "http://lists.apple.com/archives/security-announce/2015/jan/msg00003.html"
},
{
"trust": 1.1,
"url": "http://lists.apple.com/archives/security-announce/2015/sep/msg00002.html"
},
{
"trust": 1.1,
"url": "http://www.debian.org/security/2014/dsa-3053"
},
{
"trust": 1.1,
"url": "http://www.debian.org/security/2015/dsa-3144"
},
{
"trust": 1.1,
"url": "http://www.debian.org/security/2015/dsa-3147"
},
{
"trust": 1.1,
"url": "http://www.debian.org/security/2015/dsa-3253"
},
{
"trust": 1.1,
"url": "http://www.debian.org/security/2016/dsa-3489"
},
{
"trust": 1.1,
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-november/142330.html"
},
{
"trust": 1.1,
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-october/141158.html"
},
{
"trust": 1.1,
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-october/141114.html"
},
{
"trust": 1.1,
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-october/169374.html"
},
{
"trust": 1.1,
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-october/169361.html"
},
{
"trust": 1.1,
"url": "https://security.gentoo.org/glsa/201606-11"
},
{
"trust": 1.1,
"url": "http://h20564.www2.hp.com/hpsc/doc/public/display?docid=emr_na-c04583581"
},
{
"trust": 1.1,
"url": "http://www.mandriva.com/security/advisories?name=mdvsa-2014:203"
},
{
"trust": 1.1,
"url": "http://www.mandriva.com/security/advisories?name=mdvsa-2015:062"
},
{
"trust": 1.1,
"url": "ftp://ftp.netbsd.org/pub/netbsd/security/advisories/netbsd-sa2014-015.txt.asc"
},
{
"trust": 1.1,
"url": "http://rhn.redhat.com/errata/rhsa-2014-1652.html"
},
{
"trust": 1.1,
"url": "http://rhn.redhat.com/errata/rhsa-2014-1653.html"
},
{
"trust": 1.1,
"url": "http://rhn.redhat.com/errata/rhsa-2014-1692.html"
},
{
"trust": 1.1,
"url": "http://rhn.redhat.com/errata/rhsa-2014-1877.html"
},
{
"trust": 1.1,
"url": "http://rhn.redhat.com/errata/rhsa-2014-1880.html"
},
{
"trust": 1.1,
"url": "http://rhn.redhat.com/errata/rhsa-2014-1881.html"
},
{
"trust": 1.1,
"url": "http://rhn.redhat.com/errata/rhsa-2014-1882.html"
},
{
"trust": 1.1,
"url": "http://rhn.redhat.com/errata/rhsa-2014-1920.html"
},
{
"trust": 1.1,
"url": "http://rhn.redhat.com/errata/rhsa-2014-1948.html"
},
{
"trust": 1.1,
"url": "http://rhn.redhat.com/errata/rhsa-2015-0068.html"
},
{
"trust": 1.1,
"url": "http://rhn.redhat.com/errata/rhsa-2015-0079.html"
},
{
"trust": 1.1,
"url": "http://rhn.redhat.com/errata/rhsa-2015-0080.html"
},
{
"trust": 1.1,
"url": "http://rhn.redhat.com/errata/rhsa-2015-0085.html"
},
{
"trust": 1.1,
"url": "http://rhn.redhat.com/errata/rhsa-2015-0086.html"
},
{
"trust": 1.1,
"url": "http://rhn.redhat.com/errata/rhsa-2015-0264.html"
},
{
"trust": 1.1,
"url": "http://rhn.redhat.com/errata/rhsa-2015-0698.html"
},
{
"trust": 1.1,
"url": "http://rhn.redhat.com/errata/rhsa-2015-1545.html"
},
{
"trust": 1.1,
"url": "http://rhn.redhat.com/errata/rhsa-2015-1546.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-11/msg00001.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-11/msg00003.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-11/msg00021.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-12/msg00002.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00024.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00026.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00027.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00033.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00036.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00018.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00027.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00066.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00000.html"
},
{
"trust": 1.1,
"url": "http://www.us-cert.gov/ncas/alerts/ta14-290a"
},
{
"trust": 1.1,
"url": "http://www.ubuntu.com/usn/usn-2486-1"
},
{
"trust": 1.1,
"url": "http://www.ubuntu.com/usn/usn-2487-1"
},
{
"trust": 1.1,
"url": "http://www.kb.cert.org/vuls/id/577193"
},
{
"trust": 1.1,
"url": "https://lists.apache.org/thread.html/rc774278135816e7afc943dc9fc78eb0764f2c84a2b96470a0187315c%40%3ccommits.cxf.apache.org%3e"
},
{
"trust": 1.1,
"url": "https://lists.apache.org/thread.html/r36e44ffc1a9b365327df62cdfaabe85b9a5637de102cea07d79b2dbf%40%3ccommits.cxf.apache.org%3e"
},
{
"trust": 1.1,
"url": "https://lists.apache.org/thread.html/rff42cfa5e7d75b7c1af0e37589140a8f1999e578a75738740b244bd4%40%3ccommits.cxf.apache.org%3e"
},
{
"trust": 1.1,
"url": "https://lists.apache.org/thread.html/rd49aabd984ed540c8ff7916d4d79405f3fa311d2fdbcf9ed307839a6%40%3ccommits.cxf.apache.org%3e"
},
{
"trust": 1.1,
"url": "https://lists.apache.org/thread.html/rec7160382badd3ef4ad017a22f64a266c7188b9ba71394f0d321e2d4%40%3ccommits.cxf.apache.org%3e"
},
{
"trust": 1.1,
"url": "https://lists.apache.org/thread.html/rfb87e0bf3995e7d560afeed750fac9329ff5f1ad49da365129b7f89e%40%3ccommits.cxf.apache.org%3e"
},
{
"trust": 1.1,
"url": "http://advisories.mageia.org/mgasa-2014-0416.html"
},
{
"trust": 1.1,
"url": "http://aix.software.ibm.com/aix/efixes/security/openssl_advisory11.asc"
},
{
"trust": 1.1,
"url": "http://askubuntu.com/questions/537196/how-do-i-patch-workaround-sslv3-poodle-vulnerability-cve-2014-3566"
},
{
"trust": 1.1,
"url": "http://blog.cryptographyengineering.com/2014/10/attack-of-week-poodle.html"
},
{
"trust": 1.1,
"url": "http://blog.nodejs.org/2014/10/23/node-v0-10-33-stable/"
},
{
"trust": 1.1,
"url": "http://blogs.technet.com/b/msrc/archive/2014/10/14/security-advisory-3009008-released.aspx"
},
{
"trust": 1.1,
"url": "http://docs.ipswitch.com/moveit/dmz82/releasenotes/moveitreleasenotes82.pdf"
},
{
"trust": 1.1,
"url": "http://downloads.asterisk.org/pub/security/ast-2014-011.html"
},
{
"trust": 1.1,
"url": "http://googleonlinesecurity.blogspot.com/2014/10/this-poodle-bites-exploiting-ssl-30.html"
},
{
"trust": 1.1,
"url": "http://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c04779034"
},
{
"trust": 1.1,
"url": "http://people.canonical.com/~ubuntu-security/cve/2014/cve-2014-3566.html"
},
{
"trust": 1.1,
"url": "http://support.apple.com/ht204244"
},
{
"trust": 1.1,
"url": "http://support.citrix.com/article/ctx200238"
},
{
"trust": 1.1,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3t1021431"
},
{
"trust": 1.1,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3t1021439"
},
{
"trust": 1.1,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686997"
},
{
"trust": 1.1,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21687172"
},
{
"trust": 1.1,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21687611"
},
{
"trust": 1.1,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21688283"
},
{
"trust": 1.1,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21692299"
},
{
"trust": 1.1,
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html"
},
{
"trust": 1.1,
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html"
},
{
"trust": 1.1,
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html"
},
{
"trust": 1.1,
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html"
},
{
"trust": 1.1,
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
},
{
"trust": 1.1,
"url": "http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html"
},
{
"trust": 1.1,
"url": "http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html"
},
{
"trust": 1.1,
"url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html"
},
{
"trust": 1.1,
"url": "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html"
},
{
"trust": 1.1,
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html"
},
{
"trust": 1.1,
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html"
},
{
"trust": 1.1,
"url": "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/security/advisories/vmsa-2015-0003.html"
},
{
"trust": 1.1,
"url": "http://www.websense.com/support/article/kbarticle/vulnerabilities-resolved-in-triton-apx-version-8-0"
},
{
"trust": 1.1,
"url": "http://www1.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-405500.htm"
},
{
"trust": 1.1,
"url": "https://access.redhat.com/articles/1232123"
},
{
"trust": 1.1,
"url": "https://blog.mozilla.org/security/2014/10/14/the-poodle-attack-and-the-end-of-ssl-3-0/"
},
{
"trust": 1.1,
"url": "https://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_openssl6"
},
{
"trust": 1.1,
"url": "https://bto.bluecoat.com/security-advisory/sa83"
},
{
"trust": 1.1,
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1076983"
},
{
"trust": 1.1,
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1152789"
},
{
"trust": 1.1,
"url": "https://devcentral.f5.com/articles/cve-2014-3566-removing-sslv3-from-big-ip"
},
{
"trust": 1.1,
"url": "https://github.com/mpgn/poodle-poc"
},
{
"trust": 1.1,
"url": "https://groups.google.com/forum/#%21topic/docker-user/oym0i3xshju"
},
{
"trust": 1.1,
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04819635"
},
{
"trust": 1.1,
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c05068681"
},
{
"trust": 1.1,
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c05157667"
},
{
"trust": 1.1,
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c05301946"
},
{
"trust": 1.1,
"url": "https://ics-cert.us-cert.gov/advisories/icsma-18-058-02"
},
{
"trust": 1.1,
"url": "https://puppet.com/security/cve/poodle-sslv3-vulnerability"
},
{
"trust": 1.1,
"url": "https://security.netapp.com/advisory/ntap-20141015-0001/"
},
{
"trust": 1.1,
"url": "https://support.apple.com/ht205217"
},
{
"trust": 1.1,
"url": "https://support.apple.com/kb/ht6527"
},
{
"trust": 1.1,
"url": "https://support.apple.com/kb/ht6529"
},
{
"trust": 1.1,
"url": "https://support.apple.com/kb/ht6531"
},
{
"trust": 1.1,
"url": "https://support.apple.com/kb/ht6535"
},
{
"trust": 1.1,
"url": "https://support.apple.com/kb/ht6536"
},
{
"trust": 1.1,
"url": "https://support.apple.com/kb/ht6541"
},
{
"trust": 1.1,
"url": "https://support.apple.com/kb/ht6542"
},
{
"trust": 1.1,
"url": "https://support.citrix.com/article/ctx216642"
},
{
"trust": 1.1,
"url": "https://support.lenovo.com/product_security/poodle"
},
{
"trust": 1.1,
"url": "https://support.lenovo.com/us/en/product_security/poodle"
},
{
"trust": 1.1,
"url": "https://technet.microsoft.com/library/security/3009008.aspx"
},
{
"trust": 1.1,
"url": "https://www.arista.com/en/support/advisories-notices/security-advisories/1015-security-advisory-7"
},
{
"trust": 1.1,
"url": "https://www.cloudera.com/documentation/other/security-bulletins/topics/csb_topic_1.html"
},
{
"trust": 1.1,
"url": "https://www.dfranke.us/posts/2014-10-14-how-poodle-happened.html"
},
{
"trust": 1.1,
"url": "https://www.elastic.co/blog/logstash-1-4-3-released"
},
{
"trust": 1.1,
"url": "https://www.imperialviolet.org/2014/10/14/poodle.html"
},
{
"trust": 1.1,
"url": "https://www.suse.com/support/kb/doc.php?id=7015773"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00008.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00001.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00011.html"
},
{
"trust": 1.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-3566"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=141628688425177\u0026w=2"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=141879378918327\u0026w=2"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=142624719706349\u0026w=2"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=142805027510172\u0026w=2"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=142660345230545\u0026w=2"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=141697638231025\u0026w=2"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=143558192010071\u0026w=2"
},
{
"trust": 1.0,
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=sb10104"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=142804214608580\u0026w=2"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=142103967620673\u0026w=2"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=142496355704097\u0026w=2"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=142624590206005\u0026w=2"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=142721830231196\u0026w=2"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=142607790919348\u0026w=2"
},
{
"trust": 1.0,
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=sb10091"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=142546741516006\u0026w=2"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=142350298616097\u0026w=2"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=142357976805598\u0026w=2"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=142495837901899\u0026w=2"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=141703183219781\u0026w=2"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=141577087123040\u0026w=2"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=143039249603103\u0026w=2"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=141813976718456\u0026w=2"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=141576815022399\u0026w=2"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=openssl-dev\u0026m=141333049205629\u0026w=2"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=141450973807288\u0026w=2"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=141775427104070\u0026w=2"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=143290437727362\u0026w=2"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=141715130023061\u0026w=2"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=142350196615714\u0026w=2"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=145983526810210\u0026w=2"
},
{
"trust": 1.0,
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=sb10090"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=142296755107581\u0026w=2"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=143558137709884\u0026w=2"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=143290583027876\u0026w=2"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=141814011518700\u0026w=2"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=142791032306609\u0026w=2"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=141694355519663\u0026w=2"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=141477196830952\u0026w=2"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=142350743917559\u0026w=2"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=141697676231104\u0026w=2"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=141577350823734\u0026w=2"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=142624679706236\u0026w=2"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=144101915224472\u0026w=2"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=142624619906067"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=143101048219218\u0026w=2"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=144294141001552\u0026w=2"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=144251162130364\u0026w=2"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=141620103726640\u0026w=2"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=142721887231400\u0026w=2"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=141450452204552\u0026w=2"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=142962817202793\u0026w=2"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=142354438527235\u0026w=2"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=142740155824959\u0026w=2"
},
{
"trust": 1.0,
"url": "https://templatelab.com/ssl-poodle/"
},
{
"trust": 1.0,
"url": "http://kb.juniper.net/infocenter/index?page=content\u0026id=jsa10705"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=142624619906067\u0026w=2"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=143628269912142\u0026w=2"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=143290522027658\u0026w=2"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=143290371927178\u0026w=2"
},
{
"trust": 0.5,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/"
},
{
"trust": 0.5,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/secbullarchive/"
},
{
"trust": 0.5,
"url": "http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-3567"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-3568"
},
{
"trust": 0.2,
"url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_n"
},
{
"trust": 0.2,
"url": "http://www.hpe.com/support/security_bulletin_archive"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0800"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-2842"
},
{
"trust": 0.2,
"url": "http://www.hpe.com/support/subscriber_choice"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0799"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=141577350823734\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=141576815022399\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=141620103726640\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=141697638231025\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=141703183219781\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=141697676231104\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=141775427104070\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=141814011518700\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=141715130023061\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=141813976718456\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=142118135300698\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=142296755107581\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=142354438527235\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=142350743917559\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=142350196615714\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=142350298616097\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=142357976805598\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=142962817202793\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=143290371927178\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=144294141001552\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=145983526810210\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=141450973807288\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=142721887231400\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=142660345230545\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=142804214608580\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=141450452204552\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=141628688425177\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=141577087123040\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=141694355519663\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=141879378918327\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=143290583027876\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=143628269912142\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=143039249603103\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=142624619906067\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=142495837901899\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=143290522027658\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=142624719706349\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=143290437727362\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=142624590206005\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=142624679706236\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=142740155824959\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=142721830231196\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=142791032306609\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=144101915224472\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=142103967620673\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=143558137709884\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=143558192010071\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=142805027510172\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=142546741516006\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=144251162130364\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=141477196830952\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=143101048219218\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=142496355704097\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=142624619906067"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=142607790919348\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=openssl-dev\u0026amp;m=141333049205629\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://kb.juniper.net/infocenter/index?page=content\u0026amp;id=jsa10705"
},
{
"trust": 0.1,
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026amp;id=sb10090"
},
{
"trust": 0.1,
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026amp;id=sb10091"
},
{
"trust": 0.1,
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026amp;id=sb10104"
},
{
"trust": 0.1,
"url": "https://tools.ietf.org/html/draft-ietf-tls-downgrade-scsv-00"
},
{
"trust": 0.1,
"url": "https://www.openssl.org/about/secpolicy.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-3513"
},
{
"trust": 0.1,
"url": "http://h20564.www2.hpe.com/hpsc/swd/public"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-3194"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-0705"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-5161"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-1789"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-5600"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-1791"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-0412"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-6549"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-0403"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-0395"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-0407"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-0406"
},
{
"trust": 0.1,
"url": "https://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-6593"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-0383"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-6585"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-6549"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-6587"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-0413"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-6601"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-6591"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-6585"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-6591"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-6593"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-0421"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-6587"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-0406"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-0410"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-3566"
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-6601"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-0403"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-0408"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-0412"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-0413"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-0410"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-0408"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-0400"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-0400"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-0407"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-0421"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-0383"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-0395"
},
{
"trust": 0.1,
"url": "https://softwaresupport.hp.com/group/softwaresupport/search-result/-/facets"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2014-6531"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2014-6532"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-6511"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/updates/classification/#critical"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-6558"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2014-6457"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-3065"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2014-6493"
},
{
"trust": 0.1,
"url": "https://www.ibm.com/developerworks/java/jdk/alerts/"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2014-4288"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2014-6503"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-4288"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-6532"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/articles/11258"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-6457"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2014-6512"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-6531"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/team/contact/"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2014-3566"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2014-6511"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2014-3065"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2014-6458"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-6527"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-6502"
},
{
"trust": 0.1,
"url": "https://bugzilla.redhat.com/):"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-6493"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-6503"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2014-6492"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2014-6502"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-6476"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-6506"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2014-6558"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2014-6476"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-6515"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2014-6506"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2014-6456"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2014-6515"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/team/key/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-6456"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2014-6527"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-6458"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-6492"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-6512"
},
{
"trust": 0.1,
"url": "https://www.hp.com/go/swa"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0705"
},
{
"trust": 0.1,
"url": "https://www.hpe.com"
},
{
"trust": 0.1,
"url": "https://h20392.www2.hpe.com/"
},
{
"trust": 0.1,
"url": "http://www.hp.com/jp/icewall_patchaccess"
},
{
"trust": 0.1,
"url": "https://softwaresupport.hp.com/group/softwaresupport/search-result/-/facetsea"
},
{
"trust": 0.1,
"url": "https://www.debian.org/security/"
},
{
"trust": 0.1,
"url": "https://www.debian.org/security/faq"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-71506"
},
{
"db": "PACKETSTORM",
"id": "169664"
},
{
"db": "PACKETSTORM",
"id": "137294"
},
{
"db": "PACKETSTORM",
"id": "132641"
},
{
"db": "PACKETSTORM",
"id": "129266"
},
{
"db": "PACKETSTORM",
"id": "129178"
},
{
"db": "PACKETSTORM",
"id": "130334"
},
{
"db": "PACKETSTORM",
"id": "128921"
},
{
"db": "PACKETSTORM",
"id": "136577"
},
{
"db": "PACKETSTORM",
"id": "129071"
},
{
"db": "PACKETSTORM",
"id": "129065"
},
{
"db": "PACKETSTORM",
"id": "135908"
},
{
"db": "NVD",
"id": "CVE-2014-3566"
}
]
},
"sources": {
"_id": null,
"data": [
{
"db": "VULHUB",
"id": "VHN-71506",
"ident": null
},
{
"db": "VULMON",
"id": "CVE-2014-3566",
"ident": null
},
{
"db": "BID",
"id": "70574",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "169664",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "137294",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "132641",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "129266",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "129178",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "130334",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "128921",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "136577",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "129071",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "129065",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "135908",
"ident": null
},
{
"db": "NVD",
"id": "CVE-2014-3566",
"ident": null
}
]
},
"sources_release_date": {
"_id": null,
"data": [
{
"date": "2014-10-15T00:00:00",
"db": "VULHUB",
"id": "VHN-71506",
"ident": null
},
{
"date": "2014-10-15T00:00:00",
"db": "VULMON",
"id": "CVE-2014-3566",
"ident": null
},
{
"date": "2014-10-14T00:00:00",
"db": "BID",
"id": "70574",
"ident": null
},
{
"date": "2014-10-15T12:12:12",
"db": "PACKETSTORM",
"id": "169664",
"ident": null
},
{
"date": "2016-06-02T16:22:00",
"db": "PACKETSTORM",
"id": "137294",
"ident": null
},
{
"date": "2015-07-10T15:43:42",
"db": "PACKETSTORM",
"id": "132641",
"ident": null
},
{
"date": "2014-11-26T15:08:22",
"db": "PACKETSTORM",
"id": "129266",
"ident": null
},
{
"date": "2014-11-20T16:18:57",
"db": "PACKETSTORM",
"id": "129178",
"ident": null
},
{
"date": "2015-02-10T17:43:07",
"db": "PACKETSTORM",
"id": "130334",
"ident": null
},
{
"date": "2014-10-31T23:08:29",
"db": "PACKETSTORM",
"id": "128921",
"ident": null
},
{
"date": "2016-04-06T13:28:14",
"db": "PACKETSTORM",
"id": "136577",
"ident": null
},
{
"date": "2014-11-12T18:14:00",
"db": "PACKETSTORM",
"id": "129071",
"ident": null
},
{
"date": "2014-11-12T18:13:12",
"db": "PACKETSTORM",
"id": "129065",
"ident": null
},
{
"date": "2016-02-24T23:59:00",
"db": "PACKETSTORM",
"id": "135908",
"ident": null
},
{
"date": "2014-10-15T00:55:02.137000",
"db": "NVD",
"id": "CVE-2014-3566",
"ident": null
}
]
},
"sources_update_date": {
"_id": null,
"data": [
{
"date": "2023-02-13T00:00:00",
"db": "VULHUB",
"id": "VHN-71506",
"ident": null
},
{
"date": "2023-09-12T00:00:00",
"db": "VULMON",
"id": "CVE-2014-3566",
"ident": null
},
{
"date": "2015-11-03T18:53:00",
"db": "BID",
"id": "70574",
"ident": null
},
{
"date": "2025-04-12T10:46:40.837000",
"db": "NVD",
"id": "CVE-2014-3566",
"ident": null
}
]
},
"threat_type": {
"_id": null,
"data": "network",
"sources": [
{
"db": "BID",
"id": "70574"
}
],
"trust": 0.3
},
"title": {
"_id": null,
"data": "OpenSSL CVE-2014-3566 Man In The Middle Information Disclosure Vulnerability",
"sources": [
{
"db": "BID",
"id": "70574"
}
],
"trust": 0.3
},
"type": {
"_id": null,
"data": "Design Error",
"sources": [
{
"db": "BID",
"id": "70574"
}
],
"trust": 0.3
}
}
VAR-201710-1433
Vulnerability from variot - Updated: 2026-04-10 23:34Heap-based buffer overflow in dnsmasq before 2.78 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted DNS response. Dnsmasq versions 2.77 and earlier contains multiple vulnerabilities. dnsmasq Exists in a buffer error vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state.
Ubuntu Security Notice USN-3430-3 January 04, 2018
dnsmasq regression
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 12.04 ESM
Summary:
USN-3430-2 introduced regression in Dnsmasq.
Software Description: - dnsmasq: Small caching DNS proxy and DHCP/TFTP server
Details:
USN-3430-2 fixed several vulnerabilities. The update introduced a new regression that breaks DNS resolution. This update addresses the problem.
We apologize for the inconvenience.
Original advisory details:
Felix Wilhelm, Fermin J. Serna, Gabriel Campana and Kevin Hamacher discovered that Dnsmasq incorrectly handled DNS requests. (CVE-2017-14491)
Felix Wilhelm, Fermin J. (CVE-2017-14492)
Felix Wilhelm, Fermin J. Serna, Gabriel Campana and Kevin Hamacher discovered that Dnsmasq incorrectly handled DHCPv6 requests. (CVE-2017-14493)
Felix Wilhelm, Fermin J. Serna, Gabriel Campana and Kevin Hamacher discovered that Dnsmasq incorrectly handled DHCPv6 packets. (CVE-2017-14494)
Felix Wilhelm, Fermin J. Serna, Gabriel Campana and Kevin Hamacher discovered that Dnsmasq incorrectly handled DNS requests. A remote attacker could use this issue to cause Dnsmasq to consume memory, resulting in a denial of service. (CVE-2017-14495)
Felix Wilhelm, Fermin J. Serna, Gabriel Campana and Kevin Hamacher discovered that Dnsmasq incorrectly handled DNS requests. (CVE-2017-14496)
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 12.04 ESM: dnsmasq=C2=A02.59-4ubuntu0.4 dnsmasq-base2.59-4ubuntu0.4 dnsmasq-utils2.59-4ubuntu0.4
After a standard system update you need to reboot your computer to make all the necessary changes. 7.3) - ppc64, ppc64le, s390x, x86_64
-
This issue only affected configurations using one of these options: enable-ra, ra-only, slaac, ra-names, ra-advrouter, or ra-stateless. (CVE-2017-14493)
-
An information leak was found in dnsmasq in the DHCPv6 relay code. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
===================================================================== Red Hat Security Advisory
Synopsis: Critical: dnsmasq security update Advisory ID: RHSA-2017:2839-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2017:2839 Issue date: 2017-10-02 CVE Names: CVE-2017-14491 =====================================================================
- Summary:
An update for dnsmasq is now available for Red Hat Enterprise Linux 6.2 Advanced Update Support, Red Hat Enterprise Linux 6.4 Advanced Update Support, Red Hat Enterprise Linux 6.5 Advanced Update Support, Red Hat Enterprise Linux 6.5 Telco Extended Update Support, Red Hat Enterprise Linux 6.6 Advanced Update Support, Red Hat Enterprise Linux 6.6 Telco Extended Update Support, and Red Hat Enterprise Linux 6.7 Extended Update Support.
Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
- Relevant releases/architectures:
Red Hat Enterprise Linux HPC Node EUS (v. 6.7) - x86_64 Red Hat Enterprise Linux HPC Node Optional EUS (v. 6.7) - x86_64 Red Hat Enterprise Linux Server AUS (v. 6.2) - x86_64 Red Hat Enterprise Linux Server AUS (v. 6.4) - x86_64 Red Hat Enterprise Linux Server AUS (v. 6.5) - x86_64 Red Hat Enterprise Linux Server AUS (v. 6.6) - x86_64 Red Hat Enterprise Linux Server EUS (v. 6.7) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server Optional AUS (v. 6.4) - x86_64 Red Hat Enterprise Linux Server Optional AUS (v. 6.5) - x86_64 Red Hat Enterprise Linux Server Optional AUS (v. 6.6) - x86_64 Red Hat Enterprise Linux Server Optional EUS (v. 6.7) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server Optional TUS (v. 6.5) - x86_64 Red Hat Enterprise Linux Server Optional TUS (v. 6.6) - x86_64 Red Hat Enterprise Linux Server TUS (v. 6.5) - x86_64 Red Hat Enterprise Linux Server TUS (v. 6.6) - x86_64
- Description:
The dnsmasq packages contain Dnsmasq, a lightweight DNS (Domain Name Server) forwarder and DHCP (Dynamic Host Configuration Protocol) server.
Security Fix(es):
- A heap buffer overflow was found in dnsmasq in the code responsible for building DNS replies. (CVE-2017-14491)
Red Hat would like to thank Felix Wilhelm (Google Security Team), Fermin J. Serna (Google Security Team), Gabriel Campana (Google Security Team), Kevin Hamacher (Google Security Team), and Ron Bowes (Google Security Team) for reporting this issue.
- Solution:
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
- Bugs fixed (https://bugzilla.redhat.com/):
1495409 - CVE-2017-14491 dnsmasq: heap overflow in the code responsible for building DNS replies
- Package List:
Red Hat Enterprise Linux HPC Node EUS (v. 6.7):
Source: dnsmasq-2.48-16.el6_7.1.src.rpm
x86_64: dnsmasq-2.48-16.el6_7.1.x86_64.rpm dnsmasq-debuginfo-2.48-16.el6_7.1.x86_64.rpm
Red Hat Enterprise Linux HPC Node Optional EUS (v. 6.7):
x86_64: dnsmasq-debuginfo-2.48-16.el6_7.1.x86_64.rpm dnsmasq-utils-2.48-16.el6_7.1.x86_64.rpm
Red Hat Enterprise Linux Server AUS (v. 6.2):
Source: dnsmasq-2.48-5.el6_2.2.src.rpm
x86_64: dnsmasq-2.48-5.el6_2.2.x86_64.rpm dnsmasq-debuginfo-2.48-5.el6_2.2.x86_64.rpm
Red Hat Enterprise Linux Server AUS (v. 6.4):
Source: dnsmasq-2.48-13.el6_4.1.src.rpm
x86_64: dnsmasq-2.48-13.el6_4.1.x86_64.rpm dnsmasq-debuginfo-2.48-13.el6_4.1.x86_64.rpm
Red Hat Enterprise Linux Server AUS (v. 6.5):
Source: dnsmasq-2.48-13.el6_5.1.src.rpm
x86_64: dnsmasq-2.48-13.el6_5.1.x86_64.rpm dnsmasq-debuginfo-2.48-13.el6_5.1.x86_64.rpm
Red Hat Enterprise Linux Server TUS (v. 6.5):
Source: dnsmasq-2.48-13.el6_5.1.src.rpm
x86_64: dnsmasq-2.48-13.el6_5.1.x86_64.rpm dnsmasq-debuginfo-2.48-13.el6_5.1.x86_64.rpm
Red Hat Enterprise Linux Server AUS (v. 6.6):
Source: dnsmasq-2.48-14.el6_6.1.src.rpm
x86_64: dnsmasq-2.48-14.el6_6.1.x86_64.rpm dnsmasq-debuginfo-2.48-14.el6_6.1.x86_64.rpm
Red Hat Enterprise Linux Server TUS (v. 6.6):
Source: dnsmasq-2.48-14.el6_6.1.src.rpm
x86_64: dnsmasq-2.48-14.el6_6.1.x86_64.rpm dnsmasq-debuginfo-2.48-14.el6_6.1.x86_64.rpm
Red Hat Enterprise Linux Server EUS (v. 6.7):
Source: dnsmasq-2.48-16.el6_7.1.src.rpm
i386: dnsmasq-2.48-16.el6_7.1.i686.rpm dnsmasq-debuginfo-2.48-16.el6_7.1.i686.rpm
ppc64: dnsmasq-2.48-16.el6_7.1.ppc64.rpm dnsmasq-debuginfo-2.48-16.el6_7.1.ppc64.rpm
s390x: dnsmasq-2.48-16.el6_7.1.s390x.rpm dnsmasq-debuginfo-2.48-16.el6_7.1.s390x.rpm
x86_64: dnsmasq-2.48-16.el6_7.1.x86_64.rpm dnsmasq-debuginfo-2.48-16.el6_7.1.x86_64.rpm
Red Hat Enterprise Linux Server Optional AUS (v. 6.4):
Source: dnsmasq-2.48-13.el6_4.1.src.rpm
x86_64: dnsmasq-debuginfo-2.48-13.el6_4.1.x86_64.rpm dnsmasq-utils-2.48-13.el6_4.1.x86_64.rpm
Red Hat Enterprise Linux Server Optional AUS (v. 6.5):
Source: dnsmasq-2.48-13.el6_5.1.src.rpm
x86_64: dnsmasq-debuginfo-2.48-13.el6_5.1.x86_64.rpm dnsmasq-utils-2.48-13.el6_5.1.x86_64.rpm
Red Hat Enterprise Linux Server Optional TUS (v. 6.5):
Source: dnsmasq-2.48-13.el6_5.1.src.rpm
x86_64: dnsmasq-debuginfo-2.48-13.el6_5.1.x86_64.rpm dnsmasq-utils-2.48-13.el6_5.1.x86_64.rpm
Red Hat Enterprise Linux Server Optional AUS (v. 6.6):
x86_64: dnsmasq-debuginfo-2.48-14.el6_6.1.x86_64.rpm dnsmasq-utils-2.48-14.el6_6.1.x86_64.rpm
Red Hat Enterprise Linux Server Optional TUS (v. 6.6):
x86_64: dnsmasq-debuginfo-2.48-14.el6_6.1.x86_64.rpm dnsmasq-utils-2.48-14.el6_6.1.x86_64.rpm
Red Hat Enterprise Linux Server Optional EUS (v. 6.7):
i386: dnsmasq-debuginfo-2.48-16.el6_7.1.i686.rpm dnsmasq-utils-2.48-16.el6_7.1.i686.rpm
ppc64: dnsmasq-debuginfo-2.48-16.el6_7.1.ppc64.rpm dnsmasq-utils-2.48-16.el6_7.1.ppc64.rpm
s390x: dnsmasq-debuginfo-2.48-16.el6_7.1.s390x.rpm dnsmasq-utils-2.48-16.el6_7.1.s390x.rpm
x86_64: dnsmasq-debuginfo-2.48-16.el6_7.1.x86_64.rpm dnsmasq-utils-2.48-16.el6_7.1.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/
- References:
https://access.redhat.com/security/cve/CVE-2017-14491 https://access.redhat.com/security/updates/classification/#critical https://access.redhat.com/security/vulnerabilities/3199382
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2017 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iD8DBQFZ0nLUXlSAg2UNWIIRAn39AKDCsn16dEmmA7DazjU2IOpWLIFp8QCeODoG 7t7GGwkabW2pC2Wcr35n/G8= =S/6b -----END PGP SIGNATURE-----
-- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce . - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201710-27
https://security.gentoo.org/
Severity: Normal Title: Dnsmasq: Multiple vulnerabilities Date: October 23, 2017 Bugs: #632692 ID: 201710-27
Synopsis
Multiple vulnerabilities have been found in Dnsmasq, the worst of which may allow remote attackers to execute arbitrary code.
Affected packages
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 net-dns/dnsmasq < 2.78 >= 2.78
Description
Multiple vulnerabilities have been discovered in Dnsmasq.
Workaround
There is no known workaround at this time.
Resolution
All Dnsmasq users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=net-dns/dnsmasq-2.78"
References
[ 1 ] CVE-2017-14491 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-14491 [ 2 ] CVE-2017-14492 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-14492 [ 3 ] CVE-2017-14493 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-14493 [ 4 ] CVE-2017-14494 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-14494 [ 5 ] CVE-2017-14495 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-14495 [ 6 ] CVE-2017-14496 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-14496
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
https://security.gentoo.org/glsa/201710-27
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2017 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
Show details on source website{
"affected_products": {
"_id": null,
"data": [
{
"_id": null,
"model": "diskstation manager",
"scope": "eq",
"trust": 1.0,
"vendor": "synology",
"version": "6.1"
},
{
"_id": null,
"model": "enterprise linux workstation",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.0"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "debian",
"version": "9.0"
},
{
"_id": null,
"model": "arubaos",
"scope": "lt",
"trust": 1.0,
"vendor": "arubanetworks",
"version": "8.1.0.4"
},
{
"_id": null,
"model": "arubaos",
"scope": "gte",
"trust": 1.0,
"vendor": "arubanetworks",
"version": "6.5.3.0"
},
{
"_id": null,
"model": "linux enterprise server",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "11"
},
{
"_id": null,
"model": "eos",
"scope": "lt",
"trust": 1.0,
"vendor": "arista",
"version": "4.17.8m"
},
{
"_id": null,
"model": "linux for tegra",
"scope": "lt",
"trust": 1.0,
"vendor": "nvidia",
"version": "r21.6"
},
{
"_id": null,
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "14.04"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "debian",
"version": "7.0"
},
{
"_id": null,
"model": "scalance m-800",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "5.0"
},
{
"_id": null,
"model": "arubaos",
"scope": "lt",
"trust": 1.0,
"vendor": "arubanetworks",
"version": "6.5.4.2"
},
{
"_id": null,
"model": "arubaos",
"scope": "gte",
"trust": 1.0,
"vendor": "arubanetworks",
"version": "6.5.4.0"
},
{
"_id": null,
"model": "enterprise linux workstation",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "6.0"
},
{
"_id": null,
"model": "leap",
"scope": "eq",
"trust": 1.0,
"vendor": "opensuse",
"version": "42.2"
},
{
"_id": null,
"model": "enterprise linux server",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "6.0"
},
{
"_id": null,
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "12.04"
},
{
"_id": null,
"model": "eos",
"scope": "gte",
"trust": 1.0,
"vendor": "arista",
"version": "4.18"
},
{
"_id": null,
"model": "arubaos",
"scope": "lt",
"trust": 1.0,
"vendor": "arubanetworks",
"version": "6.3.1.25"
},
{
"_id": null,
"model": "eos",
"scope": "gte",
"trust": 1.0,
"vendor": "arista",
"version": "4.17"
},
{
"_id": null,
"model": "linux enterprise debuginfo",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "11"
},
{
"_id": null,
"model": "arubaos",
"scope": "lt",
"trust": 1.0,
"vendor": "arubanetworks",
"version": "6.5.1.9"
},
{
"_id": null,
"model": "eos",
"scope": "lte",
"trust": 1.0,
"vendor": "arista",
"version": "4.15"
},
{
"_id": null,
"model": "diskstation manager",
"scope": "eq",
"trust": 1.0,
"vendor": "synology",
"version": "6.0"
},
{
"_id": null,
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "17.04"
},
{
"_id": null,
"model": "eos",
"scope": "lte",
"trust": 1.0,
"vendor": "arista",
"version": "4.18.4.2f"
},
{
"_id": null,
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.0"
},
{
"_id": null,
"model": "arubaos",
"scope": "gte",
"trust": 1.0,
"vendor": "arubanetworks",
"version": "8.1.0.0"
},
{
"_id": null,
"model": "ruggedcom rm1224",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "5.0"
},
{
"_id": null,
"model": "arubaos",
"scope": "gte",
"trust": 1.0,
"vendor": "arubanetworks",
"version": "6.4.4.0"
},
{
"_id": null,
"model": "diskstation manager",
"scope": "eq",
"trust": 1.0,
"vendor": "synology",
"version": "5.2"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "debian",
"version": "8.0"
},
{
"_id": null,
"model": "linux enterprise server",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "12"
},
{
"_id": null,
"model": "geforce experience",
"scope": "lt",
"trust": 1.0,
"vendor": "nvidia",
"version": "3.10.0.55"
},
{
"_id": null,
"model": "router manager",
"scope": "eq",
"trust": 1.0,
"vendor": "synology",
"version": "1.1"
},
{
"_id": null,
"model": "honor v9 play",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "jimmy-al00ac00b135"
},
{
"_id": null,
"model": "dnsmasq",
"scope": "lte",
"trust": 1.0,
"vendor": "thekelleys",
"version": "2.77"
},
{
"_id": null,
"model": "arubaos",
"scope": "lt",
"trust": 1.0,
"vendor": "arubanetworks",
"version": "6.4.4.16"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "debian",
"version": "7.1"
},
{
"_id": null,
"model": "linux for tegra",
"scope": "lt",
"trust": 1.0,
"vendor": "nvidia",
"version": "r24.2.2"
},
{
"_id": null,
"model": "arubaos",
"scope": "gte",
"trust": 1.0,
"vendor": "arubanetworks",
"version": "6.3.1"
},
{
"_id": null,
"model": "geforce experience",
"scope": "gte",
"trust": 1.0,
"vendor": "nvidia",
"version": "3.0"
},
{
"_id": null,
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "16.04"
},
{
"_id": null,
"model": "arubaos",
"scope": "gte",
"trust": 1.0,
"vendor": "arubanetworks",
"version": "6.5.0.0"
},
{
"_id": null,
"model": "eos",
"scope": "gte",
"trust": 1.0,
"vendor": "arista",
"version": "4.16"
},
{
"_id": null,
"model": "scalance w1750d",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "6.5.1.5"
},
{
"_id": null,
"model": "scalance s615",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "5.0"
},
{
"_id": null,
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "6.0"
},
{
"_id": null,
"model": "eos",
"scope": "lt",
"trust": 1.0,
"vendor": "arista",
"version": "4.16.13m"
},
{
"_id": null,
"model": "leap",
"scope": "eq",
"trust": 1.0,
"vendor": "opensuse",
"version": "42.3"
},
{
"_id": null,
"model": "arubaos",
"scope": "lt",
"trust": 1.0,
"vendor": "arubanetworks",
"version": "6.5.3.3"
},
{
"_id": null,
"model": "enterprise linux server",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.0"
},
{
"_id": null,
"model": "linux enterprise point of sale",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "11"
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ruckus",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "technicolor",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "dnsmasq",
"version": null
},
{
"_id": null,
"model": "ubuntu",
"scope": null,
"trust": 0.8,
"vendor": "canonical",
"version": null
},
{
"_id": null,
"model": "red hat enterprise linux server",
"scope": null,
"trust": 0.8,
"vendor": "\u30ec\u30c3\u30c9\u30cf\u30c3\u30c8",
"version": null
},
{
"_id": null,
"model": "red hat enterprise linux workstation",
"scope": null,
"trust": 0.8,
"vendor": "\u30ec\u30c3\u30c9\u30cf\u30c3\u30c8",
"version": null
},
{
"_id": null,
"model": "red hat enterprise linux desktop",
"scope": null,
"trust": 0.8,
"vendor": "\u30ec\u30c3\u30c9\u30cf\u30c3\u30c8",
"version": null
},
{
"_id": null,
"model": "leap",
"scope": null,
"trust": 0.8,
"vendor": "opensuse",
"version": null
},
{
"_id": null,
"model": "gnu/linux",
"scope": null,
"trust": 0.8,
"vendor": "debian",
"version": null
},
{
"_id": null,
"model": "dnsmasq",
"scope": null,
"trust": 0.8,
"vendor": "thekelleys",
"version": null
},
{
"_id": null,
"model": "dnsmasq",
"scope": "eq",
"trust": 0.6,
"vendor": "thekelleys",
"version": "2.77"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#973527"
},
{
"db": "CNNVD",
"id": "CNNVD-201709-747"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-008618"
},
{
"db": "NVD",
"id": "CVE-2017-14491"
}
]
},
"credits": {
"_id": null,
"data": "Gabriel Campana, Kevin Hamacher and Ron Bowes of the Google Security Team,Felix Wilhelm, Fermin J. Serna",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201709-747"
}
],
"trust": 0.6
},
"cve": "CVE-2017-14491",
"cvss": {
"_id": null,
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2017-14491",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 1.9,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2017-14491",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 9.8,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2017-14491",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2017-14491",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "NVD",
"id": "CVE-2017-14491",
"trust": 0.8,
"value": "Critical"
},
{
"author": "CNNVD",
"id": "CNNVD-201709-747",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULMON",
"id": "CVE-2017-14491",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2017-14491"
},
{
"db": "CNNVD",
"id": "CNNVD-201709-747"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-008618"
},
{
"db": "NVD",
"id": "CVE-2017-14491"
}
]
},
"description": {
"_id": null,
"data": "Heap-based buffer overflow in dnsmasq before 2.78 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted DNS response. Dnsmasq versions 2.77 and earlier contains multiple vulnerabilities. dnsmasq Exists in a buffer error vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. \n===========================================================================\nUbuntu Security Notice USN-3430-3\nJanuary 04, 2018\n\ndnsmasq regression\n===========================================================================\n\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 12.04 ESM\n\nSummary:\n\nUSN-3430-2 introduced regression in Dnsmasq. \n\nSoftware Description:\n- dnsmasq: Small caching DNS proxy and DHCP/TFTP server\n\nDetails:\n\nUSN-3430-2 fixed several vulnerabilities. The update introduced a new\nregression that breaks DNS resolution. This update addresses the\nproblem. \n\nWe apologize for the inconvenience. \n\nOriginal advisory details:\n\nFelix Wilhelm, Fermin J. Serna, Gabriel Campana and Kevin Hamacher\ndiscovered that Dnsmasq incorrectly handled DNS requests. \n(CVE-2017-14491)\n\nFelix Wilhelm, Fermin J. (CVE-2017-14492)\n\nFelix Wilhelm, Fermin J. Serna, Gabriel Campana and Kevin Hamacher\ndiscovered that Dnsmasq incorrectly handled DHCPv6 requests. \n(CVE-2017-14493)\n\nFelix Wilhelm, Fermin J. Serna, Gabriel Campana and Kevin Hamacher\ndiscovered that Dnsmasq incorrectly handled DHCPv6 packets. (CVE-2017-14494)\n\nFelix Wilhelm, Fermin J. Serna, Gabriel Campana and Kevin Hamacher\ndiscovered that Dnsmasq incorrectly handled DNS requests. A remote\nattacker could use this issue to cause Dnsmasq to consume memory,\nresulting in a denial of service. (CVE-2017-14495)\n\nFelix Wilhelm, Fermin J. Serna, Gabriel Campana and Kevin Hamacher\ndiscovered that Dnsmasq incorrectly handled DNS requests. (CVE-2017-14496)\n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 12.04 ESM:\n dnsmasq=C2=A02.59-4ubuntu0.4\n dnsmasq-base2.59-4ubuntu0.4\n dnsmasq-utils2.59-4ubuntu0.4\n\nAfter a standard system update you need to reboot your computer to make\nall the necessary changes. 7.3) - ppc64, ppc64le, s390x, x86_64\n\n3. This issue only affected\nconfigurations using one of these options: enable-ra, ra-only, slaac,\nra-names, ra-advrouter, or ra-stateless. (CVE-2017-14493)\n\n* An information leak was found in dnsmasq in the DHCPv6 relay code. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=====================================================================\n Red Hat Security Advisory\n\nSynopsis: Critical: dnsmasq security update\nAdvisory ID: RHSA-2017:2839-01\nProduct: Red Hat Enterprise Linux\nAdvisory URL: https://access.redhat.com/errata/RHSA-2017:2839\nIssue date: 2017-10-02\nCVE Names: CVE-2017-14491 \n=====================================================================\n\n1. Summary:\n\nAn update for dnsmasq is now available for Red Hat Enterprise Linux 6.2\nAdvanced Update Support, Red Hat Enterprise Linux 6.4 Advanced Update\nSupport, Red Hat Enterprise Linux 6.5 Advanced Update Support, Red Hat\nEnterprise Linux 6.5 Telco Extended Update Support, Red Hat Enterprise\nLinux 6.6 Advanced Update Support, Red Hat Enterprise Linux 6.6 Telco\nExtended Update Support, and Red Hat Enterprise Linux 6.7 Extended Update\nSupport. \n\nRed Hat Product Security has rated this update as having a security impact\nof Critical. A Common Vulnerability Scoring System (CVSS) base score, which\ngives a detailed severity rating, is available for each vulnerability from\nthe CVE link(s) in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux HPC Node EUS (v. 6.7) - x86_64\nRed Hat Enterprise Linux HPC Node Optional EUS (v. 6.7) - x86_64\nRed Hat Enterprise Linux Server AUS (v. 6.2) - x86_64\nRed Hat Enterprise Linux Server AUS (v. 6.4) - x86_64\nRed Hat Enterprise Linux Server AUS (v. 6.5) - x86_64\nRed Hat Enterprise Linux Server AUS (v. 6.6) - x86_64\nRed Hat Enterprise Linux Server EUS (v. 6.7) - i386, ppc64, s390x, x86_64\nRed Hat Enterprise Linux Server Optional AUS (v. 6.4) - x86_64\nRed Hat Enterprise Linux Server Optional AUS (v. 6.5) - x86_64\nRed Hat Enterprise Linux Server Optional AUS (v. 6.6) - x86_64\nRed Hat Enterprise Linux Server Optional EUS (v. 6.7) - i386, ppc64, s390x, x86_64\nRed Hat Enterprise Linux Server Optional TUS (v. 6.5) - x86_64\nRed Hat Enterprise Linux Server Optional TUS (v. 6.6) - x86_64\nRed Hat Enterprise Linux Server TUS (v. 6.5) - x86_64\nRed Hat Enterprise Linux Server TUS (v. 6.6) - x86_64\n\n3. Description:\n\nThe dnsmasq packages contain Dnsmasq, a lightweight DNS (Domain Name\nServer) forwarder and DHCP (Dynamic Host Configuration Protocol) server. \n\nSecurity Fix(es):\n\n* A heap buffer overflow was found in dnsmasq in the code responsible for\nbuilding DNS replies. \n(CVE-2017-14491)\n\nRed Hat would like to thank Felix Wilhelm (Google Security Team), Fermin J. \nSerna (Google Security Team), Gabriel Campana (Google Security Team), Kevin\nHamacher (Google Security Team), and Ron Bowes (Google Security Team) for\nreporting this issue. \n\n4. Solution:\n\nFor details on how to apply this update, which includes the changes\ndescribed in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\n5. Bugs fixed (https://bugzilla.redhat.com/):\n\n1495409 - CVE-2017-14491 dnsmasq: heap overflow in the code responsible for building DNS replies\n\n6. Package List:\n\nRed Hat Enterprise Linux HPC Node EUS (v. 6.7):\n\nSource:\ndnsmasq-2.48-16.el6_7.1.src.rpm\n\nx86_64:\ndnsmasq-2.48-16.el6_7.1.x86_64.rpm\ndnsmasq-debuginfo-2.48-16.el6_7.1.x86_64.rpm\n\nRed Hat Enterprise Linux HPC Node Optional EUS (v. 6.7):\n\nx86_64:\ndnsmasq-debuginfo-2.48-16.el6_7.1.x86_64.rpm\ndnsmasq-utils-2.48-16.el6_7.1.x86_64.rpm\n\nRed Hat Enterprise Linux Server AUS (v. 6.2):\n\nSource:\ndnsmasq-2.48-5.el6_2.2.src.rpm\n\nx86_64:\ndnsmasq-2.48-5.el6_2.2.x86_64.rpm\ndnsmasq-debuginfo-2.48-5.el6_2.2.x86_64.rpm\n\nRed Hat Enterprise Linux Server AUS (v. 6.4):\n\nSource:\ndnsmasq-2.48-13.el6_4.1.src.rpm\n\nx86_64:\ndnsmasq-2.48-13.el6_4.1.x86_64.rpm\ndnsmasq-debuginfo-2.48-13.el6_4.1.x86_64.rpm\n\nRed Hat Enterprise Linux Server AUS (v. 6.5):\n\nSource:\ndnsmasq-2.48-13.el6_5.1.src.rpm\n\nx86_64:\ndnsmasq-2.48-13.el6_5.1.x86_64.rpm\ndnsmasq-debuginfo-2.48-13.el6_5.1.x86_64.rpm\n\nRed Hat Enterprise Linux Server TUS (v. 6.5):\n\nSource:\ndnsmasq-2.48-13.el6_5.1.src.rpm\n\nx86_64:\ndnsmasq-2.48-13.el6_5.1.x86_64.rpm\ndnsmasq-debuginfo-2.48-13.el6_5.1.x86_64.rpm\n\nRed Hat Enterprise Linux Server AUS (v. 6.6):\n\nSource:\ndnsmasq-2.48-14.el6_6.1.src.rpm\n\nx86_64:\ndnsmasq-2.48-14.el6_6.1.x86_64.rpm\ndnsmasq-debuginfo-2.48-14.el6_6.1.x86_64.rpm\n\nRed Hat Enterprise Linux Server TUS (v. 6.6):\n\nSource:\ndnsmasq-2.48-14.el6_6.1.src.rpm\n\nx86_64:\ndnsmasq-2.48-14.el6_6.1.x86_64.rpm\ndnsmasq-debuginfo-2.48-14.el6_6.1.x86_64.rpm\n\nRed Hat Enterprise Linux Server EUS (v. 6.7):\n\nSource:\ndnsmasq-2.48-16.el6_7.1.src.rpm\n\ni386:\ndnsmasq-2.48-16.el6_7.1.i686.rpm\ndnsmasq-debuginfo-2.48-16.el6_7.1.i686.rpm\n\nppc64:\ndnsmasq-2.48-16.el6_7.1.ppc64.rpm\ndnsmasq-debuginfo-2.48-16.el6_7.1.ppc64.rpm\n\ns390x:\ndnsmasq-2.48-16.el6_7.1.s390x.rpm\ndnsmasq-debuginfo-2.48-16.el6_7.1.s390x.rpm\n\nx86_64:\ndnsmasq-2.48-16.el6_7.1.x86_64.rpm\ndnsmasq-debuginfo-2.48-16.el6_7.1.x86_64.rpm\n\nRed Hat Enterprise Linux Server Optional AUS (v. 6.4):\n\nSource:\ndnsmasq-2.48-13.el6_4.1.src.rpm\n\nx86_64:\ndnsmasq-debuginfo-2.48-13.el6_4.1.x86_64.rpm\ndnsmasq-utils-2.48-13.el6_4.1.x86_64.rpm\n\nRed Hat Enterprise Linux Server Optional AUS (v. 6.5):\n\nSource:\ndnsmasq-2.48-13.el6_5.1.src.rpm\n\nx86_64:\ndnsmasq-debuginfo-2.48-13.el6_5.1.x86_64.rpm\ndnsmasq-utils-2.48-13.el6_5.1.x86_64.rpm\n\nRed Hat Enterprise Linux Server Optional TUS (v. 6.5):\n\nSource:\ndnsmasq-2.48-13.el6_5.1.src.rpm\n\nx86_64:\ndnsmasq-debuginfo-2.48-13.el6_5.1.x86_64.rpm\ndnsmasq-utils-2.48-13.el6_5.1.x86_64.rpm\n\nRed Hat Enterprise Linux Server Optional AUS (v. 6.6):\n\nx86_64:\ndnsmasq-debuginfo-2.48-14.el6_6.1.x86_64.rpm\ndnsmasq-utils-2.48-14.el6_6.1.x86_64.rpm\n\nRed Hat Enterprise Linux Server Optional TUS (v. 6.6):\n\nx86_64:\ndnsmasq-debuginfo-2.48-14.el6_6.1.x86_64.rpm\ndnsmasq-utils-2.48-14.el6_6.1.x86_64.rpm\n\nRed Hat Enterprise Linux Server Optional EUS (v. 6.7):\n\ni386:\ndnsmasq-debuginfo-2.48-16.el6_7.1.i686.rpm\ndnsmasq-utils-2.48-16.el6_7.1.i686.rpm\n\nppc64:\ndnsmasq-debuginfo-2.48-16.el6_7.1.ppc64.rpm\ndnsmasq-utils-2.48-16.el6_7.1.ppc64.rpm\n\ns390x:\ndnsmasq-debuginfo-2.48-16.el6_7.1.s390x.rpm\ndnsmasq-utils-2.48-16.el6_7.1.s390x.rpm\n\nx86_64:\ndnsmasq-debuginfo-2.48-16.el6_7.1.x86_64.rpm\ndnsmasq-utils-2.48-16.el6_7.1.x86_64.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. References:\n\nhttps://access.redhat.com/security/cve/CVE-2017-14491\nhttps://access.redhat.com/security/updates/classification/#critical\nhttps://access.redhat.com/security/vulnerabilities/3199382\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2017 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niD8DBQFZ0nLUXlSAg2UNWIIRAn39AKDCsn16dEmmA7DazjU2IOpWLIFp8QCeODoG\n7t7GGwkabW2pC2Wcr35n/G8=\n=S/6b\n-----END PGP SIGNATURE-----\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 201710-27\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n https://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: Normal\n Title: Dnsmasq: Multiple vulnerabilities\n Date: October 23, 2017\n Bugs: #632692\n ID: 201710-27\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nMultiple vulnerabilities have been found in Dnsmasq, the worst of which\nmay allow remote attackers to execute arbitrary code. \n\nAffected packages\n=================\n\n -------------------------------------------------------------------\n Package / Vulnerable / Unaffected\n -------------------------------------------------------------------\n 1 net-dns/dnsmasq \u003c 2.78 \u003e= 2.78 \n\nDescription\n===========\n\nMultiple vulnerabilities have been discovered in Dnsmasq. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll Dnsmasq users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=net-dns/dnsmasq-2.78\"\n\nReferences\n==========\n\n[ 1 ] CVE-2017-14491\n https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-14491\n[ 2 ] CVE-2017-14492\n https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-14492\n[ 3 ] CVE-2017-14493\n https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-14493\n[ 4 ] CVE-2017-14494\n https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-14494\n[ 5 ] CVE-2017-14495\n https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-14495\n[ 6 ] CVE-2017-14496\n https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-14496\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n https://security.gentoo.org/glsa/201710-27\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2017 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-14491"
},
{
"db": "CERT/CC",
"id": "VU#973527"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-008618"
},
{
"db": "VULMON",
"id": "CVE-2017-14491"
},
{
"db": "PACKETSTORM",
"id": "145652"
},
{
"db": "PACKETSTORM",
"id": "144474"
},
{
"db": "PACKETSTORM",
"id": "144477"
},
{
"db": "PACKETSTORM",
"id": "144469"
},
{
"db": "PACKETSTORM",
"id": "144481"
},
{
"db": "PACKETSTORM",
"id": "144482"
},
{
"db": "PACKETSTORM",
"id": "144706"
},
{
"db": "PACKETSTORM",
"id": "144472"
}
],
"trust": 3.15
},
"exploit_availability": {
"_id": null,
"data": [
{
"reference": "https://vulmon.com/exploitdetails?qidtp=exploitdb\u0026qid=42941",
"trust": 0.1,
"type": "exploit"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2017-14491"
}
]
},
"external_ids": {
"_id": null,
"data": [
{
"db": "NVD",
"id": "CVE-2017-14491",
"trust": 4.1
},
{
"db": "CERT/CC",
"id": "VU#973527",
"trust": 3.3
},
{
"db": "BID",
"id": "101085",
"trust": 1.7
},
{
"db": "BID",
"id": "101977",
"trust": 1.7
},
{
"db": "SECTRACK",
"id": "1039474",
"trust": 1.7
},
{
"db": "SIEMENS",
"id": "SSA-689071",
"trust": 1.7
},
{
"db": "PACKETSTORM",
"id": "144480",
"trust": 1.7
},
{
"db": "EXPLOIT-DB",
"id": "42941",
"trust": 1.7
},
{
"db": "ICS CERT",
"id": "ICSA-17-332-01",
"trust": 1.4
},
{
"db": "ICS CERT",
"id": "ICSA-24-074-07",
"trust": 0.8
},
{
"db": "JVN",
"id": "JVNVU93453933",
"trust": 0.8
},
{
"db": "JVN",
"id": "JVNVU93656033",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2017-008618",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201709-747",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2017-14491",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "145652",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "144474",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "144477",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "144469",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "144481",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "144482",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "144706",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "144472",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#973527"
},
{
"db": "VULMON",
"id": "CVE-2017-14491"
},
{
"db": "PACKETSTORM",
"id": "145652"
},
{
"db": "PACKETSTORM",
"id": "144474"
},
{
"db": "PACKETSTORM",
"id": "144477"
},
{
"db": "PACKETSTORM",
"id": "144469"
},
{
"db": "PACKETSTORM",
"id": "144481"
},
{
"db": "PACKETSTORM",
"id": "144482"
},
{
"db": "PACKETSTORM",
"id": "144706"
},
{
"db": "PACKETSTORM",
"id": "144472"
},
{
"db": "CNNVD",
"id": "CNNVD-201709-747"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-008618"
},
{
"db": "NVD",
"id": "CVE-2017-14491"
}
]
},
"id": "VAR-201710-1433",
"iot": {
"_id": null,
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.4630627775
},
"last_update_date": "2026-04-10T23:34:02.101000Z",
"patch": {
"_id": null,
"data": [
{
"title": "Multiple\u00a0Critical\u00a0and\u00a0Important\u00a0vulnerabilities",
"trust": 0.8,
"url": "https://usn.ubuntu.com/usn/USN-3430-1/"
},
{
"title": "Dnsmasq Buffer error vulnerability fix",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=92843"
},
{
"title": "Red Hat: Critical: dnsmasq security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20172838 - Security Advisory"
},
{
"title": "Red Hat: Critical: dnsmasq security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20172841 - Security Advisory"
},
{
"title": "Red Hat: Critical: dnsmasq security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20172840 - Security Advisory"
},
{
"title": "Red Hat: Critical: dnsmasq security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20172839 - Security Advisory"
},
{
"title": "Red Hat: Critical: dnsmasq security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20172837 - Security Advisory"
},
{
"title": "Red Hat: Critical: dnsmasq security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20172836 - Security Advisory"
},
{
"title": "Debian CVElist Bug Report Logs: dnsmasq: CVE-2017-13704: Size parameter overflow via large DNS query",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs\u0026qid=fa8aad66cae5df51d49e1cdce2fe4a42"
},
{
"title": "Arch Linux Issues: ",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=arch_linux_issues\u0026qid=CVE-2017-14491"
},
{
"title": "Ubuntu Security Notice: dnsmasq vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-3430-2"
},
{
"title": "Ubuntu Security Notice: dnsmasq regression",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-3430-3"
},
{
"title": "Ubuntu Security Notice: dnsmasq vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-3430-1"
},
{
"title": "Debian Security Advisories: DSA-3989-1 dnsmasq -- security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=5c18698ecfe74c7de381531f8ed44dcf"
},
{
"title": "Siemens Security Advisories: Siemens Security Advisory",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories\u0026qid=7f490a104360d6f65bee18ec7bfa18a3"
},
{
"title": "Amazon Linux 2: ALAS2-2019-1251",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux2\u0026qid=ALAS2-2019-1251"
},
{
"title": "Arch Linux Advisories: [ASA-201710-1] dnsmasq: multiple issues",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=arch_linux_advisories\u0026qid=ASA-201710-1"
},
{
"title": "Amazon Linux AMI: ALAS-2017-907",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami\u0026qid=ALAS-2017-907"
},
{
"title": "Oracle VM Server for x86 Bulletins: Oracle VM Server for x86 Bulletin - October 2017",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_vm_server_for_x86_bulletins\u0026qid=b1921e7bf61366a1d7f889a7cdefa932"
},
{
"title": "Oracle Solaris Third Party Bulletins: Oracle Solaris Third Party Bulletin - October 2017",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_solaris_third_party_bulletins\u0026qid=6283337cd31f81f24d445925f2138c0e"
},
{
"title": "Oracle Linux Bulletins: Oracle Linux Bulletin - October 2017",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_linux_bulletins\u0026qid=7251d5e5f2b1771951980ad7cfde50ba"
},
{
"title": "Kubernetes setup on Amazon AWS using Kops and Ansible",
"trust": 0.1,
"url": "https://github.com/suhaad79/aws-k8s-kops-ansible "
},
{
"title": "Kubernetes setup on Amazon AWS using Kops and Ansible",
"trust": 0.1,
"url": "https://github.com/calvinkkd/aws-k8s-kkd-ansible "
},
{
"title": "Kubernetes setup on Amazon AWS using Kops and Ansible",
"trust": 0.1,
"url": "https://github.com/simonelle/aws-k8s-kops-ansible "
},
{
"title": "Kubernetes setup on Amazon AWS using Kops and Ansible",
"trust": 0.1,
"url": "https://github.com/scholzj/aws-k8s-kops-ansible "
},
{
"title": "Kubernetes setup on Amazon AWS using Kops and Ansible",
"trust": 0.1,
"url": "https://github.com/bisiman2/aws-k8s-kops-ansible "
},
{
"title": "Kubernetes setup on Amazon AWS using Kops and Ansible",
"trust": 0.1,
"url": "https://github.com/honey336/-aws-k8s-kops-ansible "
},
{
"title": "Kubernetes setup on Amazon AWS using Kops and Ansible -1\naws-k8s-kops-ansible\naws-k8s-kops-ansible\naws-k8s-kops-ansible\naws-k8s-kops-ansible",
"trust": 0.1,
"url": "https://github.com/Andreadote/aws-k8s-kops-ansible "
},
{
"title": "Kubernetes setup on Amazon AWS using Kops and Ansible",
"trust": 0.1,
"url": "https://github.com/RavitejaAdepudi/KopsCluster "
},
{
"title": "Kubernetes setup on Amazon AWS using Kops and Ansible",
"trust": 0.1,
"url": "https://github.com/lorerunner/devops_kubenerates_aws "
},
{
"title": "Kaosagnt\u0027s Ansible Everyday Utils",
"trust": 0.1,
"url": "https://github.com/kaosagnt/ansible-everyday "
},
{
"title": "Awesome CVE PoC",
"trust": 0.1,
"url": "https://github.com/xbl3/awesome-cve-poc_qazbnm456 "
},
{
"title": "Awesome CVE PoC",
"trust": 0.1,
"url": "https://github.com/lnick2023/nicenice "
},
{
"title": "Awesome CVE PoC",
"trust": 0.1,
"url": "https://github.com/qazbnm456/awesome-cve-poc "
},
{
"title": "Threatpost",
"trust": 0.1,
"url": "https://threatpost.com/google-warns-of-dos-and-rce-bugs-in-dnsmasq/128238/"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2017-14491"
},
{
"db": "CNNVD",
"id": "CNNVD-201709-747"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-008618"
}
]
},
"problemtype_data": {
"_id": null,
"data": [
{
"problemtype": "CWE-787",
"trust": 1.0
},
{
"problemtype": "Buffer error (CWE-119) [NVD evaluation ]",
"trust": 0.8
},
{
"problemtype": " Heap-based buffer overflow (CWE-122) [IPA evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-008618"
},
{
"db": "NVD",
"id": "CVE-2017-14491"
}
]
},
"references": {
"_id": null,
"data": [
{
"trust": 3.2,
"url": "https://www.kb.cert.org/vuls/id/973527"
},
{
"trust": 2.9,
"url": "http://www.securityfocus.com/bid/101085"
},
{
"trust": 2.8,
"url": "https://www.debian.org/security/2017/dsa-3989"
},
{
"trust": 2.5,
"url": "https://security.googleblog.com/2017/10/behind-masq-yet-more-dns-and-dhcp.html"
},
{
"trust": 2.2,
"url": "https://access.redhat.com/security/vulnerabilities/3199382"
},
{
"trust": 1.9,
"url": "https://access.redhat.com/errata/rhsa-2017:2838"
},
{
"trust": 1.9,
"url": "http://www.ubuntu.com/usn/usn-3430-1"
},
{
"trust": 1.8,
"url": "https://www.exploit-db.com/exploits/42941/"
},
{
"trust": 1.8,
"url": "https://access.redhat.com/errata/rhsa-2017:2841"
},
{
"trust": 1.8,
"url": "https://access.redhat.com/errata/rhsa-2017:2840"
},
{
"trust": 1.8,
"url": "https://access.redhat.com/errata/rhsa-2017:2839"
},
{
"trust": 1.8,
"url": "https://access.redhat.com/errata/rhsa-2017:2837"
},
{
"trust": 1.8,
"url": "https://security.gentoo.org/glsa/201710-27"
},
{
"trust": 1.8,
"url": "http://www.ubuntu.com/usn/usn-3430-3"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id/1039474"
},
{
"trust": 1.7,
"url": "http://thekelleys.org.uk/dnsmasq/changelog"
},
{
"trust": 1.7,
"url": "https://access.redhat.com/errata/rhsa-2017:2836"
},
{
"trust": 1.7,
"url": "http://www.ubuntu.com/usn/usn-3430-2"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00006.html"
},
{
"trust": 1.7,
"url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4561"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/101977"
},
{
"trust": 1.7,
"url": "https://www.synology.com/support/security/synology_sa_17_59_dnsmasq"
},
{
"trust": 1.7,
"url": "http://www.arubanetworks.com/assets/alert/aruba-psa-2017-005.txt"
},
{
"trust": 1.7,
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-689071.pdf"
},
{
"trust": 1.7,
"url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4560"
},
{
"trust": 1.7,
"url": "https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2017-449/"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00005.html"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00004.html"
},
{
"trust": 1.7,
"url": "https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2017-449"
},
{
"trust": 1.7,
"url": "http://packetstormsecurity.com/files/144480/dnsmasq-2-byte-heap-based-overflow.html"
},
{
"trust": 1.7,
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171103-01-dnsmasq-en"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00003.html"
},
{
"trust": 1.7,
"url": "https://www.arista.com/en/support/advisories-notices/security-advisories/3577-security-advisory-30"
},
{
"trust": 1.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-14491"
},
{
"trust": 1.4,
"url": "http://www.thekelleys.org.uk/dnsmasq/doc.html"
},
{
"trust": 1.4,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-17-332-01"
},
{
"trust": 1.1,
"url": "http://thekelleys.org.uk/gitweb/?p=dnsmasq.git%3ba=commit%3bh=0549c73b7ea6b22a3c49beb4d432f185a81efcbc"
},
{
"trust": 1.1,
"url": "https://www.mail-archive.com/dnsmasq-discuss%40lists.thekelleys.org.uk/msg11665.html"
},
{
"trust": 1.1,
"url": "https://www.mail-archive.com/dnsmasq-discuss%40lists.thekelleys.org.uk/msg11664.html"
},
{
"trust": 1.1,
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5mmpcjoyppl4b5rby4u425pwg7eetdtd/"
},
{
"trust": 1.1,
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/yxrz2w6tv6nlujc5nofbsg6pzsmdtypv/"
},
{
"trust": 1.1,
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/527knn34rn2sb6mbjg7cksebwye3tjeb/"
},
{
"trust": 1.1,
"url": "https://access.redhat.com/security/cve/cve-2017-14491"
},
{
"trust": 0.8,
"url": "https://www.ruckuswireless.com/security"
},
{
"trust": 0.8,
"url": "https://www.zyxel.com/support/announcement_dnsmasq_vulnerabilities.shtml"
},
{
"trust": 0.8,
"url": "http://jvn.jp/vu/jvnvu93453933/index.html"
},
{
"trust": 0.8,
"url": "https://jvn.jp/vu/jvnvu93656033/index.html"
},
{
"trust": 0.8,
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-074-07"
},
{
"trust": 0.7,
"url": "https://access.redhat.com/security/cve/cve-2017-14493"
},
{
"trust": 0.7,
"url": "https://access.redhat.com/security/cve/cve-2017-14494"
},
{
"trust": 0.7,
"url": "https://access.redhat.com/security/cve/cve-2017-14492"
},
{
"trust": 0.6,
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5mmpcjoyppl4b5rby4u425pwg7eetdtd/"
},
{
"trust": 0.6,
"url": "https://github.com/google/security-research-pocs/blob/master/vulnerabilities/dnsmasq/cve-2017-14496.py"
},
{
"trust": 0.6,
"url": "https://access.redhat.com/security/cve/cve-2017-14496"
},
{
"trust": 0.6,
"url": "https://access.redhat.com/security/cve/cve-2017-14495"
},
{
"trust": 0.6,
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1495409bug1495409"
},
{
"trust": 0.6,
"url": "https://access.redhat.com/security/cve/cve-2017-13704"
},
{
"trust": 0.6,
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1495510"
},
{
"trust": 0.6,
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1495416"
},
{
"trust": 0.6,
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1495415"
},
{
"trust": 0.6,
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1495412"
},
{
"trust": 0.6,
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1495411"
},
{
"trust": 0.6,
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1495410"
},
{
"trust": 0.6,
"url": "https://source.android.com/security/bulletin/2017-10-01"
},
{
"trust": 0.6,
"url": "http://www.slackware.com/security/viewer.php?l=slackware-security\u0026y=2017\u0026m=slackware-security.601472"
},
{
"trust": 0.6,
"url": "https://github.com/kubernetes/kubernetes/blob/master/changelog.md"
},
{
"trust": 0.6,
"url": "https://github.com/google/security-research-pocs/blob/master/vulnerabilities/dnsmasq/cve-2017-14495.py"
},
{
"trust": 0.6,
"url": "https://github.com/google/security-research-pocs/blob/master/vulnerabilities/dnsmasq/cve-2017-14494.py"
},
{
"trust": 0.6,
"url": "https://github.com/google/security-research-pocs/blob/master/vulnerabilities/dnsmasq/cve-2017-14493.py"
},
{
"trust": 0.6,
"url": "https://github.com/google/security-research-pocs/blob/master/vulnerabilities/dnsmasq/cve-2017-14492.py"
},
{
"trust": 0.6,
"url": "https://github.com/google/security-research-pocs/blob/master/vulnerabilities/dnsmasq/cve-2017-14491.py"
},
{
"trust": 0.6,
"url": "http://www.thekelleys.org.uk/dnsmasq/changelog"
},
{
"trust": 0.6,
"url": "https://www.mail-archive.com/dnsmasq-discuss@lists.thekelleys.org.uk/msg11665.html"
},
{
"trust": 0.6,
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/527knn34rn2sb6mbjg7cksebwye3tjeb/"
},
{
"trust": 0.6,
"url": "http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=0549c73b7ea6b22a3c49beb4d432f185a81efcbc"
},
{
"trust": 0.6,
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/yxrz2w6tv6nlujc5nofbsg6pzsmdtypv/"
},
{
"trust": 0.6,
"url": "https://www.mail-archive.com/dnsmasq-discuss@lists.thekelleys.org.uk/msg11664.html"
},
{
"trust": 0.6,
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-17-332-01"
},
{
"trust": 0.5,
"url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.5,
"url": "https://access.redhat.com/security/team/contact/"
},
{
"trust": 0.5,
"url": "https://bugzilla.redhat.com/):"
},
{
"trust": 0.5,
"url": "https://access.redhat.com/security/team/key/"
},
{
"trust": 0.5,
"url": "https://access.redhat.com/security/updates/classification/#critical"
},
{
"trust": 0.5,
"url": "https://access.redhat.com/articles/11258"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-14494"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-14492"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-14493"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-14496"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-14495"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/787.html"
},
{
"trust": 0.1,
"url": "https://github.com/suhaad79/aws-k8s-kops-ansible"
},
{
"trust": 0.1,
"url": "https://github.com/scholzj/aws-k8s-kops-ansible"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://launchpad.net/bugs/1741262"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/dnsmasq/2.76-5ubuntu0.1"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/dnsmasq/2.75-1ubuntu0.16.04.3"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/dnsmasq/2.68-1ubuntu0.2"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/nvd.cfm?cvename=cve-2017-14495"
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/nvd.cfm?cvename=cve-2017-14493"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/nvd.cfm?cvename=cve-2017-14492"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/nvd.cfm?cvename=cve-2017-14491"
},
{
"trust": 0.1,
"url": "https://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/nvd.cfm?cvename=cve-2017-14496"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/nvd.cfm?cvename=cve-2017-14494"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#973527"
},
{
"db": "VULMON",
"id": "CVE-2017-14491"
},
{
"db": "PACKETSTORM",
"id": "145652"
},
{
"db": "PACKETSTORM",
"id": "144474"
},
{
"db": "PACKETSTORM",
"id": "144477"
},
{
"db": "PACKETSTORM",
"id": "144469"
},
{
"db": "PACKETSTORM",
"id": "144481"
},
{
"db": "PACKETSTORM",
"id": "144482"
},
{
"db": "PACKETSTORM",
"id": "144706"
},
{
"db": "PACKETSTORM",
"id": "144472"
},
{
"db": "CNNVD",
"id": "CNNVD-201709-747"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-008618"
},
{
"db": "NVD",
"id": "CVE-2017-14491"
}
]
},
"sources": {
"_id": null,
"data": [
{
"db": "CERT/CC",
"id": "VU#973527",
"ident": null
},
{
"db": "VULMON",
"id": "CVE-2017-14491",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "145652",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "144474",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "144477",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "144469",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "144481",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "144482",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "144706",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "144472",
"ident": null
},
{
"db": "CNNVD",
"id": "CNNVD-201709-747",
"ident": null
},
{
"db": "JVNDB",
"id": "JVNDB-2017-008618",
"ident": null
},
{
"db": "NVD",
"id": "CVE-2017-14491",
"ident": null
}
]
},
"sources_release_date": {
"_id": null,
"data": [
{
"date": "2017-10-02T00:00:00",
"db": "CERT/CC",
"id": "VU#973527",
"ident": null
},
{
"date": "2017-10-04T00:00:00",
"db": "VULMON",
"id": "CVE-2017-14491",
"ident": null
},
{
"date": "2018-01-04T17:50:40",
"db": "PACKETSTORM",
"id": "145652",
"ident": null
},
{
"date": "2017-10-02T08:55:00",
"db": "PACKETSTORM",
"id": "144474",
"ident": null
},
{
"date": "2017-10-02T11:11:00",
"db": "PACKETSTORM",
"id": "144477",
"ident": null
},
{
"date": "2017-10-02T13:13:00",
"db": "PACKETSTORM",
"id": "144469",
"ident": null
},
{
"date": "2017-10-03T05:18:12",
"db": "PACKETSTORM",
"id": "144481",
"ident": null
},
{
"date": "2017-10-03T05:18:27",
"db": "PACKETSTORM",
"id": "144482",
"ident": null
},
{
"date": "2017-10-23T13:54:05",
"db": "PACKETSTORM",
"id": "144706",
"ident": null
},
{
"date": "2017-10-02T08:33:00",
"db": "PACKETSTORM",
"id": "144472",
"ident": null
},
{
"date": "2017-09-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201709-747",
"ident": null
},
{
"date": "2017-10-24T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-008618",
"ident": null
},
{
"date": "2017-10-04T01:29:02.870000",
"db": "NVD",
"id": "CVE-2017-14491",
"ident": null
}
]
},
"sources_update_date": {
"_id": null,
"data": [
{
"date": "2018-02-02T00:00:00",
"db": "CERT/CC",
"id": "VU#973527",
"ident": null
},
{
"date": "2023-11-07T00:00:00",
"db": "VULMON",
"id": "CVE-2017-14491",
"ident": null
},
{
"date": "2022-04-24T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201709-747",
"ident": null
},
{
"date": "2024-03-22T07:54:00",
"db": "JVNDB",
"id": "JVNDB-2017-008618",
"ident": null
},
{
"date": "2025-04-20T01:37:25.860000",
"db": "NVD",
"id": "CVE-2017-14491",
"ident": null
}
]
},
"threat_type": {
"_id": null,
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "145652"
},
{
"db": "PACKETSTORM",
"id": "144469"
},
{
"db": "PACKETSTORM",
"id": "144706"
},
{
"db": "CNNVD",
"id": "CNNVD-201709-747"
}
],
"trust": 0.9
},
"title": {
"_id": null,
"data": "Dnsmasq contains multiple vulnerabilities",
"sources": [
{
"db": "CERT/CC",
"id": "VU#973527"
}
],
"trust": 0.8
},
"type": {
"_id": null,
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201709-747"
}
],
"trust": 0.6
}
}
VAR-200810-0144
Vulnerability from variot - Updated: 2026-04-10 23:33Heap-based buffer overflow in the read_rle16 function in imagetops in CUPS before 1.3.9 allows remote attackers to execute arbitrary code via an SGI image with malformed Run Length Encoded (RLE) data containing a small image and a large row count. CUPS is prone to multiple heap-based buffer-overflow vulnerabilities because it fails to perform adequate boundary checks on user-supplied data before using it to allocate memory buffers. Remote attackers can exploit these issues to execute arbitrary code within the context of the affected application. Failed exploit attempts will likely cause a denial-of-service condition. Note that local attackers may also exploit these vulnerabilities to elevate privileges. Successful remote exploits may require printer sharing to be enabled on the vulnerable system. These issues affect versions prior to CUPS 1.3.9. It is based on the Internet Printing Protocol and provides most PostScript and raster printer services. The cause of the vulnerability is that the read_rle16() function does not correctly validate the value of the line read from the file and uses this value to control how many 16-bit integers are stored in the heap buffer. If a small graphics dimension and a large number of lines are provided, it will May trigger a heap overflow. =========================================================== Ubuntu Security Notice USN-656-1 October 15, 2008 cupsys vulnerabilities CVE-2008-1722, CVE-2008-3639, CVE-2008-3640, CVE-2008-3641 ===========================================================
A security issue affects the following Ubuntu releases:
Ubuntu 6.06 LTS Ubuntu 7.04 Ubuntu 7.10 Ubuntu 8.04 LTS
This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu.
The problem can be corrected by upgrading your system to the following package versions:
Ubuntu 6.06 LTS: cupsys 1.2.2-0ubuntu0.6.06.11
Ubuntu 7.04: cupsys 1.2.8-0ubuntu8.6
Ubuntu 7.10: cupsys 1.3.2-1ubuntu7.8
Ubuntu 8.04 LTS: cupsys 1.3.7-1ubuntu3.1
In general, a standard system upgrade is sufficient to effect the necessary changes.
Details follow:
It was discovered that the SGI image filter in CUPS did not perform proper bounds checking. If a user or automated system were tricked into opening a crafted SGI image, an attacker could cause a denial of service. (CVE-2008-3639)
It was discovered that the texttops filter in CUPS did not properly validate page metrics. If a user or automated system were tricked into opening a crafted text file, an attacker could cause a denial of service. (CVE-2008-3640)
It was discovered that the HP-GL filter in CUPS did not properly check for invalid pen parameters. If a user or automated system were tricked into opening a crafted HP-GL or HP-GL/2 file, a remote attacker could cause a denial of service or execute arbitrary code with user privileges. In Ubuntu 7.10 and 8.04 LTS, attackers would be isolated by the AppArmor CUPS profile. (CVE-2008-3641)
NOTE: The previous update for CUPS on Ubuntu 6.06 LTS did not have the the fix for CVE-2008-1722 applied. This update includes fixes for the problem. We apologize for the inconvenience.
Updated packages for Ubuntu 6.06 LTS:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.2-0ubuntu0.6.06.11.diff.gz
Size/MD5: 102981 403c1494b264696702f055fc5cdcc60d
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.2-0ubuntu0.6.06.11.dsc
Size/MD5: 1052 cc47231c220e8d0e1659cf83d9e08445
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.2.orig.tar.gz
Size/MD5: 4070384 2c99b8aa4c8dc25c8a84f9c06aa52e3e
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-gnutls10_1.2.2-0ubuntu0.6.06.11_all.deb
Size/MD5: 994 8b094f8389b70e0153d7bbfcd23ed912
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.2.2-0ubuntu0.6.06.11_amd64.deb
Size/MD5: 36226 ddea26501964356559ee3a11124acd8b
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.2.2-0ubuntu0.6.06.11_amd64.deb
Size/MD5: 81902 670924b1b9a36db787e3b4cc6a7f1782
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.2-0ubuntu0.6.06.11_amd64.deb
Size/MD5: 2286676 455fe7748b3ab167658bb5b42ef0363a
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.2.2-0ubuntu0.6.06.11_amd64.deb
Size/MD5: 6086 dc0bd3799366e32503466ba4588fc4df
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.2.2-0ubuntu0.6.06.11_amd64.deb
Size/MD5: 77226 31e781bf2c8f0f4140799b21b9d0484a
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.2.2-0ubuntu0.6.06.11_amd64.deb
Size/MD5: 25742 6812b0831f37474b50607e4c6eb83fe5
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.2.2-0ubuntu0.6.06.11_amd64.deb
Size/MD5: 129960 88a0b954c9f50df6aa37824b3da7041b
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.2.2-0ubuntu0.6.06.11_i386.deb
Size/MD5: 34768 d04de29dfcca09a4dc70a385e8a0766b
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.2.2-0ubuntu0.6.06.11_i386.deb
Size/MD5: 77974 efed93511d0ee579706e5cf538378dbd
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.2-0ubuntu0.6.06.11_i386.deb
Size/MD5: 2253974 30ac219c7cd66460df6fa2b76c147ae8
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.2.2-0ubuntu0.6.06.11_i386.deb
Size/MD5: 6090 648459c3b58ddaf1fc646c8cd476e9f8
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.2.2-0ubuntu0.6.06.11_i386.deb
Size/MD5: 76350 d044f4fa44a792c81bca198f44687a1e
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.2.2-0ubuntu0.6.06.11_i386.deb
Size/MD5: 25740 4c97e6e30f95bd3c3a32c761db4f5183
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.2.2-0ubuntu0.6.06.11_i386.deb
Size/MD5: 122178 7298a6d762d2edbe6fd107656932f32a
powerpc architecture (Apple Macintosh G3/G4/G5):
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.2.2-0ubuntu0.6.06.11_powerpc.deb
Size/MD5: 40468 24cf01572a6f790296c1accba097352c
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.2.2-0ubuntu0.6.06.11_powerpc.deb
Size/MD5: 89528 0172b346d78458df1a6cd91a371b3b67
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.2-0ubuntu0.6.06.11_powerpc.deb
Size/MD5: 2301292 f1a755a88fde554fdabbfb8081a88e52
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.2.2-0ubuntu0.6.06.11_powerpc.deb
Size/MD5: 6098 f3e962ddc060712ed3ba78bb5625d5e4
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.2.2-0ubuntu0.6.06.11_powerpc.deb
Size/MD5: 79004 de095980afadd9352e5d7e92600d75b5
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.2.2-0ubuntu0.6.06.11_powerpc.deb
Size/MD5: 25744 21a4d908ae8de551cda885d4835d69c0
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.2.2-0ubuntu0.6.06.11_powerpc.deb
Size/MD5: 127932 6e50fa3fa4185c781551e5744331f20b
sparc architecture (Sun SPARC/UltraSPARC):
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.2.2-0ubuntu0.6.06.11_sparc.deb
Size/MD5: 35392 ede504cfaaf1e068c68b3fa759777098
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.2.2-0ubuntu0.6.06.11_sparc.deb
Size/MD5: 78712 49f458e339846bcc2eb9ffdc482de5be
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.2-0ubuntu0.6.06.11_sparc.deb
Size/MD5: 2287588 864ab74a020db94ab2acc1283720a05c
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.2.2-0ubuntu0.6.06.11_sparc.deb
Size/MD5: 6092 58c6f56f79c35af1b0ca47eaeedd7ea3
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.2.2-0ubuntu0.6.06.11_sparc.deb
Size/MD5: 76262 759f3df1a04440d71ae6634109045bf6
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.2.2-0ubuntu0.6.06.11_sparc.deb
Size/MD5: 25740 8bbdc7b4842df909bdfb95b96fd9f884
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.2.2-0ubuntu0.6.06.11_sparc.deb
Size/MD5: 123662 4c4f4a4faae61a0c3901c63fe58bbf26
Updated packages for Ubuntu 7.04:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.8-0ubuntu8.6.diff.gz
Size/MD5: 160216 80696d47933857b9665da1492f9a801b
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.8-0ubuntu8.6.dsc
Size/MD5: 1143 0dbd641692767f4e2e5b7f390c412a9f
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.8.orig.tar.gz
Size/MD5: 4293194 107affe95fcf1cd4aaed4a5c73f4b91f
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-common_1.2.8-0ubuntu8.6_all.deb
Size/MD5: 926804 41e6c60357740e668198976afcce6bd1
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.2.8-0ubuntu8.6_amd64.deb
Size/MD5: 37404 2d7cb4cb3bfeeeb5af3db756f1a0a5be
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.2.8-0ubuntu8.6_amd64.deb
Size/MD5: 83230 361cd5ffca4125245798312c3a9c7eaa
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.8-0ubuntu8.6_amd64.deb
Size/MD5: 1638902 a502a4f981385dcba50ed5b6fc8fe969
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.2.8-0ubuntu8.6_amd64.deb
Size/MD5: 56598 a9f413ff725abe42af63312ea6e826e7
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.2.8-0ubuntu8.6_amd64.deb
Size/MD5: 104860 7bfc0e70546baa2c98421a9dd7a373e6
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.2.8-0ubuntu8.6_amd64.deb
Size/MD5: 144852 9d30fa04e2aa415fb126188aa4d32349
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.2.8-0ubuntu8.6_amd64.deb
Size/MD5: 182728 0ed6d4f8c813e2c36bcaa7b7ca98ccad
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.2.8-0ubuntu8.6_i386.deb
Size/MD5: 36712 014d51e184b4435a28c1e820455fb0a1
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.2.8-0ubuntu8.6_i386.deb
Size/MD5: 80752 4d29ca2e6d3de00e3a10c55c677c8cd6
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.8-0ubuntu8.6_i386.deb
Size/MD5: 1621450 551c9d7c9836efe7a927a609699976ad
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.2.8-0ubuntu8.6_i386.deb
Size/MD5: 55720 b70e3b3a1c86aa782a42fcf1a40ff197
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.2.8-0ubuntu8.6_i386.deb
Size/MD5: 104592 ececfa4f50e077d5049116a47cc44965
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.2.8-0ubuntu8.6_i386.deb
Size/MD5: 139320 b5c4606316c175feac7dd9a8f78acc56
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.2.8-0ubuntu8.6_i386.deb
Size/MD5: 179030 b2bb50b90caac66408739e67ecc9fdb5
powerpc architecture (Apple Macintosh G3/G4/G5):
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.2.8-0ubuntu8.6_powerpc.deb
Size/MD5: 46766 ad2b053736a2165b39f1749b7e3409e0
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.2.8-0ubuntu8.6_powerpc.deb
Size/MD5: 101094 bea4c45325710b1e2d5e67dceb7853bb
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.8-0ubuntu8.6_powerpc.deb
Size/MD5: 1696124 7e3469aa52e2de4e93352e44f7623305
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.2.8-0ubuntu8.6_powerpc.deb
Size/MD5: 56398 47755a89a609e4401d70f6adcfcfb9a5
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.2.8-0ubuntu8.6_powerpc.deb
Size/MD5: 110478 94a5f78770c410fce9a0c88a187fe9c4
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.2.8-0ubuntu8.6_powerpc.deb
Size/MD5: 141178 69f22a6730b291c9df2b0541c07223d6
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.2.8-0ubuntu8.6_powerpc.deb
Size/MD5: 188650 634498a8eb5ab4c75eab74e1655234b1
sparc architecture (Sun SPARC/UltraSPARC):
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.2.8-0ubuntu8.6_sparc.deb
Size/MD5: 37778 cde58d9fa7d256698ef6ba128b16a799
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.2.8-0ubuntu8.6_sparc.deb
Size/MD5: 83740 072c6f65496619d5808c542d3a2ebe97
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.8-0ubuntu8.6_sparc.deb
Size/MD5: 1659626 a5b6c19a436e9737af44cbaee93d093c
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.2.8-0ubuntu8.6_sparc.deb
Size/MD5: 54928 5a8347021b82084600e0d08971cb41a3
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.2.8-0ubuntu8.6_sparc.deb
Size/MD5: 104156 ca7b062c097aa7f92a9085615fc3e828
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.2.8-0ubuntu8.6_sparc.deb
Size/MD5: 141756 299acfe9e1964d21e7ba2fc3a390ded8
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.2.8-0ubuntu8.6_sparc.deb
Size/MD5: 178292 02e3059c98fb42cb83173e0b3a08d469
Updated packages for Ubuntu 7.10:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.3.2-1ubuntu7.8.diff.gz
Size/MD5: 128977 cc7a79b80d0cc2caa8f9c5aea2f9397b
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.3.2-1ubuntu7.8.dsc
Size/MD5: 1218 4f603d11b93e600bd82009983bc88580
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.3.2.orig.tar.gz
Size/MD5: 4848424 9e3e1dee4d872fdff0682041198d3d73
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-common_1.3.2-1ubuntu7.8_all.deb
Size/MD5: 1080404 6419c157fd22fcfb2e1563ccced2fcae
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.3.2-1ubuntu7.8_amd64.deb
Size/MD5: 37204 88b05a4cbb9f5714951edade3dd0609b
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.3.2-1ubuntu7.8_amd64.deb
Size/MD5: 89506 cb352043a1985e24614dc27ffa5ded01
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.3.2-1ubuntu7.8_amd64.deb
Size/MD5: 2034890 3a2c4daded2923691da8fe3f60d93f3e
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.3.2-1ubuntu7.8_amd64.deb
Size/MD5: 60020 5007c193bb8416754a9d7e7ad09c4808
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.3.2-1ubuntu7.8_amd64.deb
Size/MD5: 46884 9a2fd628887a01cc2fcb49131ec8ed0f
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.3.2-1ubuntu7.8_amd64.deb
Size/MD5: 152014 7a9debd353faa26803f0e8707a97697a
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.3.2-1ubuntu7.8_amd64.deb
Size/MD5: 186418 13e510e27e1025732d203a933ded8ade
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.3.2-1ubuntu7.8_i386.deb
Size/MD5: 36486 05cb382029ccb2285530af9de662b686
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.3.2-1ubuntu7.8_i386.deb
Size/MD5: 86494 80b08f6080ed3c46e4fc954da05d9e6d
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.3.2-1ubuntu7.8_i386.deb
Size/MD5: 2018384 16b0a7b694a38e4616fce6415116a7e9
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.3.2-1ubuntu7.8_i386.deb
Size/MD5: 58882 8572d274d06e1a650d2d5199ea5dcf6f
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.3.2-1ubuntu7.8_i386.deb
Size/MD5: 46280 158a4aef965ef1c697c5c7aef53f9e90
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.3.2-1ubuntu7.8_i386.deb
Size/MD5: 145692 36b5af34074b13e44e2d2ae5f76fa6fc
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.3.2-1ubuntu7.8_i386.deb
Size/MD5: 183190 fe12de8de5a779538844e2aecd5ccedb
lpia architecture (Low Power Intel Architecture):
http://ports.ubuntu.com/pool/main/c/cupsys/cupsys-bsd_1.3.2-1ubuntu7.8_lpia.deb
Size/MD5: 36570 f73b632b59630a2727e45be083730c23
http://ports.ubuntu.com/pool/main/c/cupsys/cupsys-client_1.3.2-1ubuntu7.8_lpia.deb
Size/MD5: 88054 07cfc2fdf8615471278b10550f713a3e
http://ports.ubuntu.com/pool/main/c/cupsys/cupsys_1.3.2-1ubuntu7.8_lpia.deb
Size/MD5: 2020696 d97dab5d5a099884f7bca77dd118233a
http://ports.ubuntu.com/pool/main/c/cupsys/libcupsimage2-dev_1.3.2-1ubuntu7.8_lpia.deb
Size/MD5: 59624 d582e3100eaf68e9b10585ca6ce0a078
http://ports.ubuntu.com/pool/main/c/cupsys/libcupsimage2_1.3.2-1ubuntu7.8_lpia.deb
Size/MD5: 47662 a2e2c5cc101d720249efd108b1a724ca
http://ports.ubuntu.com/pool/main/c/cupsys/libcupsys2-dev_1.3.2-1ubuntu7.8_lpia.deb
Size/MD5: 142426 8e91390ca3bb0bd98ab7a43017e38a90
http://ports.ubuntu.com/pool/main/c/cupsys/libcupsys2_1.3.2-1ubuntu7.8_lpia.deb
Size/MD5: 181382 0806d0e1be2fdb48b873ea977107b759
powerpc architecture (Apple Macintosh G3/G4/G5):
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.3.2-1ubuntu7.8_powerpc.deb
Size/MD5: 46502 1f2a7db4dd6dfc7910a9c84f28425537
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.3.2-1ubuntu7.8_powerpc.deb
Size/MD5: 107736 9a34baee6e8356d911d637e52fcb0747
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.3.2-1ubuntu7.8_powerpc.deb
Size/MD5: 2099614 b0f8237ccff1e54e070645e79e085794
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.3.2-1ubuntu7.8_powerpc.deb
Size/MD5: 59494 c3c1a6f415dacee7b5f0e63e0f83ca6c
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.3.2-1ubuntu7.8_powerpc.deb
Size/MD5: 51856 91fcaca5686ce2070e654699b60514f4
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.3.2-1ubuntu7.8_powerpc.deb
Size/MD5: 146952 205fedd96bd614314b2e9ecb18e78f53
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.3.2-1ubuntu7.8_powerpc.deb
Size/MD5: 192204 0033c62b251a505fb7d80b5b8c96f6b6
sparc architecture (Sun SPARC/UltraSPARC):
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.3.2-1ubuntu7.8_sparc.deb
Size/MD5: 37558 f568ceabe0e419d263b75a5c852eb10a
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.3.2-1ubuntu7.8_sparc.deb
Size/MD5: 89606 d916d0d9478082000a0f698347613387
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.3.2-1ubuntu7.8_sparc.deb
Size/MD5: 2061026 a1b9da985d3d0211790f170443e74ac9
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.3.2-1ubuntu7.8_sparc.deb
Size/MD5: 58098 dc5d816068b451c8926dd06a25e1715b
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.3.2-1ubuntu7.8_sparc.deb
Size/MD5: 45572 9976f70a905893735ee445cca7ecda7f
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.3.2-1ubuntu7.8_sparc.deb
Size/MD5: 148486 48954d641e131708913530887d28c064
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.3.2-1ubuntu7.8_sparc.deb
Size/MD5: 182218 074755797d588b92f7030c0a9562cb67
Updated packages for Ubuntu 8.04 LTS:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.3.7-1ubuntu3.1.diff.gz
Size/MD5: 133549 8146f7a668701caad4379707ccedf538
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.3.7-1ubuntu3.1.dsc
Size/MD5: 1433 de3ffa5e20bdbc0bd61cf543cc2d351f
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.3.7.orig.tar.gz
Size/MD5: 4700333 383e556d9841475847da6076c88da467
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-common_1.3.7-1ubuntu3.1_all.deb
Size/MD5: 1143834 7230e79bb0d6a1435f3ce0de114e1ad3
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.3.7-1ubuntu3.1_amd64.deb
Size/MD5: 37530 0362fc9c1260486e4d1dcccca8dc60a3
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.3.7-1ubuntu3.1_amd64.deb
Size/MD5: 89982 9a1ac844025f66fb85357e1807256331
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.3.7-1ubuntu3.1_amd64.deb
Size/MD5: 1880646 233fbeadff826a6b6f22347559fe8bf5
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.3.7-1ubuntu3.1_amd64.deb
Size/MD5: 60892 98a65443be4d97fb1de2f8580dd67e40
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.3.7-1ubuntu3.1_amd64.deb
Size/MD5: 50356 89ca2e97385912ebf2ffe8a0871610d5
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.3.7-1ubuntu3.1_amd64.deb
Size/MD5: 344926 631f297ea0a13321c61ee211d65fceab
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.3.7-1ubuntu3.1_amd64.deb
Size/MD5: 177500 8dd137567dbc9644bda3b0a799cb2f6a
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.3.7-1ubuntu3.1_i386.deb
Size/MD5: 36952 deba752b21bdf04393626cf35ebb79eb
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.3.7-1ubuntu3.1_i386.deb
Size/MD5: 88408 2e76b5856bde6afe82da9a6b03a98026
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.3.7-1ubuntu3.1_i386.deb
Size/MD5: 1862954 aaa0817cb6b67729276e799275ad3346
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.3.7-1ubuntu3.1_i386.deb
Size/MD5: 60090 b37d935af9661002730cd5cb2b3f11d3
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.3.7-1ubuntu3.1_i386.deb
Size/MD5: 49838 a1d85e18616340eed3778b5286890c08
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.3.7-1ubuntu3.1_i386.deb
Size/MD5: 339344 f3d29993795e7172667356c8d255f296
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.3.7-1ubuntu3.1_i386.deb
Size/MD5: 174354 b1d7b741729749c6a3249fbcd0babe56
lpia architecture (Low Power Intel Architecture):
http://ports.ubuntu.com/pool/main/c/cupsys/cupsys-bsd_1.3.7-1ubuntu3.1_lpia.deb
Size/MD5: 36676 c46beddd8f227e1ee0b1c9a80d41b19a
http://ports.ubuntu.com/pool/main/c/cupsys/cupsys-client_1.3.7-1ubuntu3.1_lpia.deb
Size/MD5: 88734 c8b70c2665734c45caa22ae41f60b486
http://ports.ubuntu.com/pool/main/c/cupsys/cupsys_1.3.7-1ubuntu3.1_lpia.deb
Size/MD5: 1865262 27de39c2fbe2471f11b7756b5bc02cc3
http://ports.ubuntu.com/pool/main/c/cupsys/libcupsimage2-dev_1.3.7-1ubuntu3.1_lpia.deb
Size/MD5: 60540 b54c6711e74c55777f0e509f642c42f0
http://ports.ubuntu.com/pool/main/c/cupsys/libcupsimage2_1.3.7-1ubuntu3.1_lpia.deb
Size/MD5: 50860 64989632d1f49f5d25209bb9a68809d5
http://ports.ubuntu.com/pool/main/c/cupsys/libcupsys2-dev_1.3.7-1ubuntu3.1_lpia.deb
Size/MD5: 337020 ca60ea21ad93aca447e1ae04e0ad818f
http://ports.ubuntu.com/pool/main/c/cupsys/libcupsys2_1.3.7-1ubuntu3.1_lpia.deb
Size/MD5: 173276 6e0af5026f452171993817fbd6e6b4e7
powerpc architecture (Apple Macintosh G3/G4/G5):
http://ports.ubuntu.com/pool/main/c/cupsys/cupsys-bsd_1.3.7-1ubuntu3.1_powerpc.deb
Size/MD5: 46932 d8e051bd4e95f28090036d7087437127
http://ports.ubuntu.com/pool/main/c/cupsys/cupsys-client_1.3.7-1ubuntu3.1_powerpc.deb
Size/MD5: 110808 44e0741ccd8b9edab092b835c6831aca
http://ports.ubuntu.com/pool/main/c/cupsys/cupsys_1.3.7-1ubuntu3.1_powerpc.deb
Size/MD5: 1949134 0facca356ce9e5ffdacffde23d0713e3
http://ports.ubuntu.com/pool/main/c/cupsys/libcupsimage2-dev_1.3.7-1ubuntu3.1_powerpc.deb
Size/MD5: 59924 367a29bd4545906374eb27c511d33658
http://ports.ubuntu.com/pool/main/c/cupsys/libcupsimage2_1.3.7-1ubuntu3.1_powerpc.deb
Size/MD5: 54940 d762741ddd48f75e0e54ffd0efc45645
http://ports.ubuntu.com/pool/main/c/cupsys/libcupsys2-dev_1.3.7-1ubuntu3.1_powerpc.deb
Size/MD5: 341670 0958081b22a680ccf1f30abc36c06054
http://ports.ubuntu.com/pool/main/c/cupsys/libcupsys2_1.3.7-1ubuntu3.1_powerpc.deb
Size/MD5: 183238 e303094f36fcc1af0ac40321411bd90a
sparc architecture (Sun SPARC/UltraSPARC):
http://ports.ubuntu.com/pool/main/c/cupsys/cupsys-bsd_1.3.7-1ubuntu3.1_sparc.deb
Size/MD5: 38028 a8ee904a732a7392314b9b4f2faf5557
http://ports.ubuntu.com/pool/main/c/cupsys/cupsys-client_1.3.7-1ubuntu3.1_sparc.deb
Size/MD5: 91034 832edccd7ed2eec51759bbcce97536b1
http://ports.ubuntu.com/pool/main/c/cupsys/cupsys_1.3.7-1ubuntu3.1_sparc.deb
Size/MD5: 1897904 31192c6d2b5a6dca4eaf065c541795fc
http://ports.ubuntu.com/pool/main/c/cupsys/libcupsimage2-dev_1.3.7-1ubuntu3.1_sparc.deb
Size/MD5: 57856 398dadf7e1ee5075e4d3e2a4766b4580
http://ports.ubuntu.com/pool/main/c/cupsys/libcupsimage2_1.3.7-1ubuntu3.1_sparc.deb
Size/MD5: 48242 cc45265b41fd932d084a6bce9888e67f
http://ports.ubuntu.com/pool/main/c/cupsys/libcupsys2-dev_1.3.7-1ubuntu3.1_sparc.deb
Size/MD5: 341388 9411fb065604b882530faf47a0a85d4e
http://ports.ubuntu.com/pool/main/c/cupsys/libcupsys2_1.3.7-1ubuntu3.1_sparc.deb
Size/MD5: 173184 4a5e9e3508932262eefe3b08f94019d0
.
CVE-2008-3640
It was discovered that an integer overflow in the Postscript
conversion tool "texttops" may lead to the execution of arbitrary
code.
For the stable distribution (etch), these problems have been fixed in version 1.2.7-4etch5.
For the unstable distribution (sid) and the upcoming stable distribution (lenny), these problems have been fixed in version 1.3.8-1lenny2 of the source package cups.
We recommend that you upgrade your cupsys package.
Upgrade instructions
wget url will fetch the file for you dpkg -i file.deb will install the referenced file.
If you are using the apt-get package manager, use the line for sources.list as given below:
apt-get update will update the internal database apt-get upgrade will install corrected packages
You may use an automated update by adding the resources from the footer to the proper configuration.
Debian GNU/Linux 4.0 alias etch
Stable updates are available for alpha, amd64, arm, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.
Source archives:
http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7.orig.tar.gz Size/MD5 checksum: 4214272 c9ba33356e5bb93efbcf77b6e142e498 http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4etch5.diff.gz Size/MD5 checksum: 108662 eab5aa097eaf3e802b4c6f1c60da9a03 http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4etch5.dsc Size/MD5 checksum: 1084 5fc7ea9d5c6434a9f2a45e3d7652b0fe
Architecture independent packages:
http://security.debian.org/pool/updates/main/c/cupsys/cupsys-common_1.2.7-4etch5_all.deb Size/MD5 checksum: 893832 0e7571a4a56cef8f099ba9300ed7330d http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-gnutls10_1.2.7-4etch5_all.deb Size/MD5 checksum: 46072 63a75f9fe31312a42725a786164f7762
alpha architecture (DEC Alpha)
http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4etch5_alpha.deb Size/MD5 checksum: 39310 8dad5588b86a4e1191025015d8e0c5be http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4etch5_alpha.deb Size/MD5 checksum: 1092376 35c1cd14d3f26fefafbebf1a76983740 http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4etch5_alpha.deb Size/MD5 checksum: 85906 1d07dcf128e7b78992560b2794be29d4 http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4etch5_alpha.deb Size/MD5 checksum: 183726 06377f48f1ee358c494f30f9ab213e6b http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4etch5_alpha.deb Size/MD5 checksum: 1614540 e87b439635e9b7f7c1fa1c6db2f7291c http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4etch5_alpha.deb Size/MD5 checksum: 95570 8638b199a8adb989254cbe88ab11bb7d http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4etch5_alpha.deb Size/MD5 checksum: 175262 08dbbe7e941af9c28f39107f907c618a http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4etch5_alpha.deb Size/MD5 checksum: 72690 1c099120f9fdcb334d8699b6238c0883
amd64 architecture (AMD x86_64 (AMD64))
http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4etch5_amd64.deb Size/MD5 checksum: 142538 4f9183a690ac21a220771db117b1bcea http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4etch5_amd64.deb Size/MD5 checksum: 162520 f04bafe61b0e06d21b67441916a4df2a http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4etch5_amd64.deb Size/MD5 checksum: 36356 eea9b0c14ac248313264474f4a103478 http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4etch5_amd64.deb Size/MD5 checksum: 53022 f864e06d82bd0769e7c73d20aa6c3366 http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4etch5_amd64.deb Size/MD5 checksum: 80708 9e8a7d08f6762753005bc2ac7ac04db7 http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4etch5_amd64.deb Size/MD5 checksum: 86264 3784680669a08745d6c766213e3d60f3 http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4etch5_amd64.deb Size/MD5 checksum: 1576062 c5f275763d3cd0bec5e448965780ea0b http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4etch5_amd64.deb Size/MD5 checksum: 1088040 106654a5c5a746e5bd1043ca4309deae
arm architecture (ARM)
http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4etch5_arm.deb Size/MD5 checksum: 132042 b1da3e68e04c68712a7f2ecebbea59d3 http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4etch5_arm.deb Size/MD5 checksum: 1026238 e776ce47912d97de7758029cddf18c41 http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4etch5_arm.deb Size/MD5 checksum: 155174 2203ae0043e540bb4c083c3f302294a9 http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4etch5_arm.deb Size/MD5 checksum: 78908 a60d8486ab41fe7064d84fdf1c057ce5 http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4etch5_arm.deb Size/MD5 checksum: 48742 9c6f61fb9c5af3f1496c249eb79542ce http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4etch5_arm.deb Size/MD5 checksum: 1569620 943fdc257cdf387c1a161adff88623bd http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4etch5_arm.deb Size/MD5 checksum: 85468 3e9d699071d741d86c5e2fbcc91a5241 http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4etch5_arm.deb Size/MD5 checksum: 35940 0bb609f5c990c932c0fed843bb659062
hppa architecture (HP PA RISC)
http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4etch5_hppa.deb Size/MD5 checksum: 84800 df6569c3eaad919b7f7768a75277838f http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4etch5_hppa.deb Size/MD5 checksum: 91988 08040e0dcc8cc99298d40aa370be50cc http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4etch5_hppa.deb Size/MD5 checksum: 1624214 e5d55a0aeacee0d85d7899018725b3d3 http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4etch5_hppa.deb Size/MD5 checksum: 153956 e11bfd3cb812f0892238a676a3453967 http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4etch5_hppa.deb Size/MD5 checksum: 171790 5b483d2f739ed456d94cf28047b2b2f5 http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4etch5_hppa.deb Size/MD5 checksum: 39548 181a14e58af274287bf02f8a758b70b5 http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4etch5_hppa.deb Size/MD5 checksum: 57398 715a6f4bb1b68b8a384a85ac384de668 http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4etch5_hppa.deb Size/MD5 checksum: 1032836 e1d9158ff6134678b976331566db0076
i386 architecture (Intel ia32)
http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4etch5_i386.deb Size/MD5 checksum: 999302 2ccf6ae0ef6f3d3dd56e484ba2199313 http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4etch5_i386.deb Size/MD5 checksum: 160638 f22f7da23cd3dea82d49cc9900d62512 http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4etch5_i386.deb Size/MD5 checksum: 138276 392028f61da2c29dcab1ffe3b4fe072f http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4etch5_i386.deb Size/MD5 checksum: 1548856 e1e04e47f556586eb83aff005d4870d2 http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4etch5_i386.deb Size/MD5 checksum: 36474 9bea3cd926f04da508b6a714f0a1daac http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4etch5_i386.deb Size/MD5 checksum: 86776 f3188eafaa1bd01a7b92d9403aab03a1 http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4etch5_i386.deb Size/MD5 checksum: 79878 ba1ed2b707101da54b3990b33ee1d877 http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4etch5_i386.deb Size/MD5 checksum: 53276 346cdebc7980089b28610ceb30f65519
ia64 architecture (Intel ia64)
http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4etch5_ia64.deb Size/MD5 checksum: 106226 829b2e5f435c8fb5eee03513654ee12f http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4etch5_ia64.deb Size/MD5 checksum: 106998 08fcec24b8c165542d986a1fd174ddd3 http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4etch5_ia64.deb Size/MD5 checksum: 46336 32d29b5c2986070f5d5b909864952dc3 http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4etch5_ia64.deb Size/MD5 checksum: 1771030 e7b261b4627ee20a3083a4f18a382e24 http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4etch5_ia64.deb Size/MD5 checksum: 192370 576e218a37e677170e9201946f24da5a http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4etch5_ia64.deb Size/MD5 checksum: 1108310 bdee8fbcfd10ba2847ab81ced8e9cc73 http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4etch5_ia64.deb Size/MD5 checksum: 204232 d5eb2138a8584813643dfe4e39d2fefb http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4etch5_ia64.deb Size/MD5 checksum: 74224 846a87584f78285569aee9c037b677d9
mipsel architecture (MIPS (Little Endian))
http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4etch5_mipsel.deb Size/MD5 checksum: 158560 74bc73b9eb3c7494ce762f7beb9ab4cd http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4etch5_mipsel.deb Size/MD5 checksum: 1553460 cd35f3de34290840be09b1b10729d7b3 http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4etch5_mipsel.deb Size/MD5 checksum: 150900 150e5405933cef2a8cf9147d88c9a4fb http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4etch5_mipsel.deb Size/MD5 checksum: 57860 2b7cdd4399e2893d2df0b5568d766239 http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4etch5_mipsel.deb Size/MD5 checksum: 86996 d4776eace76cb37f72557a44d053a677 http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4etch5_mipsel.deb Size/MD5 checksum: 1085494 429194a44228d669ecfa2acdeadf55e6 http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4etch5_mipsel.deb Size/MD5 checksum: 36058 f28b3f705fd293fc82a256d571119452 http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4etch5_mipsel.deb Size/MD5 checksum: 77448 4a9be71b3fc25253b1e77c2594e7f508
powerpc architecture (PowerPC)
http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4etch5_powerpc.deb Size/MD5 checksum: 51880 d1b872415002b54aba1ef54833cd5564 http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4etch5_powerpc.deb Size/MD5 checksum: 90008 fe2be6aba034693532a01b653781f501 http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4etch5_powerpc.deb Size/MD5 checksum: 1576600 d954a84710f9671d34eca72922f8d1d8 http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4etch5_powerpc.deb Size/MD5 checksum: 136868 ee633edb72a9d6d74481d9fe17d887d5 http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4etch5_powerpc.deb Size/MD5 checksum: 1143388 320529a907596704df487d89978e1948 http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4etch5_powerpc.deb Size/MD5 checksum: 41296 8e0fed6ae1645411f4daa52842ead589 http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4etch5_powerpc.deb Size/MD5 checksum: 163206 d0fc59550e27b346adb422e4d82cecaf http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4etch5_powerpc.deb Size/MD5 checksum: 88476 dfe47fbfeef0a714d6397ec9467165af
s390 architecture (IBM S/390)
http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4etch5_s390.deb Size/MD5 checksum: 1037260 a151e36916ffd7eae88e6b82cc0c08d7 http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4etch5_s390.deb Size/MD5 checksum: 37420 b095022e25c603ee57748795c4ec423b http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4etch5_s390.deb Size/MD5 checksum: 82338 3417e5562b6aa064ab5d3d11f15a69fb http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4etch5_s390.deb Size/MD5 checksum: 87928 6eea10e5b223fbd5f5a8d524bb03ab8e http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4etch5_s390.deb Size/MD5 checksum: 1587330 8b66abd7e3156f3beeaa27fbd971cbde http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4etch5_s390.deb Size/MD5 checksum: 166710 10f172f4c48ab9981d7c48564a2142a4 http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4etch5_s390.deb Size/MD5 checksum: 144932 3955c00c6293f7aec0a7cb9edb28a16d http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4etch5_s390.deb Size/MD5 checksum: 52524 b4e639621d58f91a8ec32043534c008f
sparc architecture (Sun SPARC/UltraSPARC)
http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4etch5_sparc.deb Size/MD5 checksum: 51826 8e3613f9041774f1dd42586782780fb5 http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4etch5_sparc.deb Size/MD5 checksum: 159434 d2352f19b51feab43fc17b5e3f17bb2b http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4etch5_sparc.deb Size/MD5 checksum: 138734 8b53d144485267cb99ec8a32262446e8 http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4etch5_sparc.deb Size/MD5 checksum: 1577758 748b77d9e54a363d46cd61548e72df7c http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4etch5_sparc.deb Size/MD5 checksum: 996834 0ad8037cbb3959581a0aeb29eb84a853 http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4etch5_sparc.deb Size/MD5 checksum: 85790 16bf4ce2378a68fc9b0ce4052e463e5d http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4etch5_sparc.deb Size/MD5 checksum: 36062 426fe5dbac939828393d99e561abf0e3 http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4etch5_sparc.deb Size/MD5 checksum: 78608 f469105c5d9f121c333d5e4ac315c7be
These files will probably be moved into the stable distribution on its next update.
For apt-get: deb http://security.debian.org/ stable/updates main For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main Mailing list: debian-security-announce@lists.debian.org Package info: `apt-cache show ' and http://packages.debian.org/ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux)
iEYEARECAAYFAkj8vewACgkQXm3vHE4uylo3VQCfe5/oLteemHII7TUL80ybcnZd REIAn1hdR3STx867KCMafAi58O1fia05 =T/kw -----END PGP SIGNATURE----- . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Mandriva Linux Security Advisory MDVSA-2008:211 http://www.mandriva.com/security/
Package : cups Date : October 10, 2008 Affected: 2007.1, 2008.0, 2008.1, 2009.0, Corporate 3.0, Corporate 4.0
Problem Description:
A buffer overflow in the SGI image format decoding routines used by the CUPS image converting filter imagetops was discovered.
An integer overflow flaw leading to a heap buffer overflow was found in the Text-to-PostScript texttops filter.
Finally, an insufficient buffer bounds checking flaw was found in the HP-GL/2-to-PostScript hpgltops filter.
The updated packages have been patched to prevent this issue; for Mandriva Linux 2009.0 the latest CUPS version (1.3.9) is provided that corrects these issues and also provides other bug fixes.
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3639 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3640 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3641
Updated Packages:
Mandriva Linux 2007.1: d8041b477aac8897e465fd7885c4f046 2007.1/i586/cups-1.2.10-2.8mdv2007.1.i586.rpm 85169e175683eee33f38c3dc6dca555d 2007.1/i586/cups-common-1.2.10-2.8mdv2007.1.i586.rpm 3838db5f9b5313587335232f4bdfadb7 2007.1/i586/cups-serial-1.2.10-2.8mdv2007.1.i586.rpm 4dac70286d0aaa55d0c585c4e485f4d6 2007.1/i586/libcups2-1.2.10-2.8mdv2007.1.i586.rpm 2647b541d7a80ea194d6cc4983342e14 2007.1/i586/libcups2-devel-1.2.10-2.8mdv2007.1.i586.rpm 5bf9cba238150a77016869b2b600e0bd 2007.1/i586/php-cups-1.2.10-2.8mdv2007.1.i586.rpm 3762b10d3a6b962ec6932856d635a119 2007.1/SRPMS/cups-1.2.10-2.8mdv2007.1.src.rpm
Mandriva Linux 2007.1/X86_64: 27098b09dc01c70600c55572cb928422 2007.1/x86_64/cups-1.2.10-2.8mdv2007.1.x86_64.rpm fbd01859759af3a2e32244cfff7aaa33 2007.1/x86_64/cups-common-1.2.10-2.8mdv2007.1.x86_64.rpm 4197004f7a59cc90d8d51f8ff34e2997 2007.1/x86_64/cups-serial-1.2.10-2.8mdv2007.1.x86_64.rpm 6cc45d922f07d379db0de2e08eb1589e 2007.1/x86_64/lib64cups2-1.2.10-2.8mdv2007.1.x86_64.rpm d7443db8a26f27b41c32c95dee129437 2007.1/x86_64/lib64cups2-devel-1.2.10-2.8mdv2007.1.x86_64.rpm eca467e20954fea23fd050ee41d2ca4a 2007.1/x86_64/php-cups-1.2.10-2.8mdv2007.1.x86_64.rpm 3762b10d3a6b962ec6932856d635a119 2007.1/SRPMS/cups-1.2.10-2.8mdv2007.1.src.rpm
Mandriva Linux 2008.0: 837c0714eef677dfcdb1befc56012db5 2008.0/i586/cups-1.3.6-1.3mdv2008.0.i586.rpm cb8d17edacf1dc1dc5915fbb35745d9a 2008.0/i586/cups-common-1.3.6-1.3mdv2008.0.i586.rpm 635eb3405a6b5a4b93ca6373207093df 2008.0/i586/cups-serial-1.3.6-1.3mdv2008.0.i586.rpm 59939c1a2a730a0887750bafb4cabee1 2008.0/i586/libcups2-1.3.6-1.3mdv2008.0.i586.rpm 6183d24df353f4e8082374951636a657 2008.0/i586/libcups2-devel-1.3.6-1.3mdv2008.0.i586.rpm 0f1df17bf9cc86bb607ef28d4b29c6b2 2008.0/i586/php-cups-1.3.6-1.3mdv2008.0.i586.rpm 68ac87937182de901cece9b93ba700fa 2008.0/SRPMS/cups-1.3.6-1.3mdv2008.0.src.rpm
Mandriva Linux 2008.0/X86_64: 5b73d5bfebbc66f8a56922c7b943f351 2008.0/x86_64/cups-1.3.6-1.3mdv2008.0.x86_64.rpm a41d07d80c38b30ee5357b25f7b828ab 2008.0/x86_64/cups-common-1.3.6-1.3mdv2008.0.x86_64.rpm 34d6d4eb79b1ee5a9235843398301646 2008.0/x86_64/cups-serial-1.3.6-1.3mdv2008.0.x86_64.rpm 3157dcaafb55463d8ad149d99e4d0c55 2008.0/x86_64/lib64cups2-1.3.6-1.3mdv2008.0.x86_64.rpm 78b5f7fcedbbbef9c2318977b5f50264 2008.0/x86_64/lib64cups2-devel-1.3.6-1.3mdv2008.0.x86_64.rpm 082094f0923f72890f6dbb47eb9072b4 2008.0/x86_64/php-cups-1.3.6-1.3mdv2008.0.x86_64.rpm 68ac87937182de901cece9b93ba700fa 2008.0/SRPMS/cups-1.3.6-1.3mdv2008.0.src.rpm
Mandriva Linux 2008.1: c22f4c131005e05768b0c45e931015c7 2008.1/i586/cups-1.3.6-5.2mdv2008.1.i586.rpm 8f1ad7b01f0d48aa920cb2378f5fce0a 2008.1/i586/cups-common-1.3.6-5.2mdv2008.1.i586.rpm 763dfee5def4727b34769298beb5c9fe 2008.1/i586/cups-serial-1.3.6-5.2mdv2008.1.i586.rpm dadd48446b97869372535fb2ef02a471 2008.1/i586/libcups2-1.3.6-5.2mdv2008.1.i586.rpm cf48ae8c17120d7d83b638f432620797 2008.1/i586/libcups2-devel-1.3.6-5.2mdv2008.1.i586.rpm 33d7dcb6b32e58bc38e847f827447b54 2008.1/i586/php-cups-1.3.6-5.2mdv2008.1.i586.rpm 25997a30a1fbc24e4a1a5017d15ac526 2008.1/SRPMS/cups-1.3.6-5.2mdv2008.1.src.rpm
Mandriva Linux 2008.1/X86_64: 3804ff0deea819d375cdee86b1d98bf4 2008.1/x86_64/cups-1.3.6-5.2mdv2008.1.x86_64.rpm 9f8550ffbb7778636b18c33c6854e163 2008.1/x86_64/cups-common-1.3.6-5.2mdv2008.1.x86_64.rpm 077652b9f481f72873b6e94a0f54fe17 2008.1/x86_64/cups-serial-1.3.6-5.2mdv2008.1.x86_64.rpm 569bcdcf971b564d3ad3cec8b6281fec 2008.1/x86_64/lib64cups2-1.3.6-5.2mdv2008.1.x86_64.rpm 05ce67f5f2bf9f27b69963bbc0ba3f6e 2008.1/x86_64/lib64cups2-devel-1.3.6-5.2mdv2008.1.x86_64.rpm 8a48fbfa84679702c496744f394ac4f6 2008.1/x86_64/php-cups-1.3.6-5.2mdv2008.1.x86_64.rpm 25997a30a1fbc24e4a1a5017d15ac526 2008.1/SRPMS/cups-1.3.6-5.2mdv2008.1.src.rpm
Mandriva Linux 2009.0: 3480a3533f163c8559254c7dc7dccca4 2009.0/i586/cups-1.3.9-0.1mdv2009.0.i586.rpm 2eda3ae527a0d6477bf2f52f57f37297 2009.0/i586/cups-common-1.3.9-0.1mdv2009.0.i586.rpm 1b0849a0dcd6cc52debfdc23ca347e60 2009.0/i586/cups-serial-1.3.9-0.1mdv2009.0.i586.rpm 9ef6a24d1e8155bea9e7e148252dc4e7 2009.0/i586/libcups2-1.3.9-0.1mdv2009.0.i586.rpm 2a8be000df9a71f506a039e58faaf1b4 2009.0/i586/libcups2-devel-1.3.9-0.1mdv2009.0.i586.rpm 7f04461fd982b387144f73612b3cbd86 2009.0/i586/php-cups-1.3.9-0.1mdv2009.0.i586.rpm 1c16860c6f7af958cb6744dd60ffd63e 2009.0/SRPMS/cups-1.3.9-0.1mdv2009.0.src.rpm
Mandriva Linux 2009.0/X86_64: 926221e97b7c4c52562468b26066f049 2009.0/x86_64/cups-1.3.9-0.1mdv2009.0.x86_64.rpm 96abb10e235084a80cd17c79cc31a360 2009.0/x86_64/cups-common-1.3.9-0.1mdv2009.0.x86_64.rpm cb817300fa6d8c9b40a0f8a01572d691 2009.0/x86_64/cups-serial-1.3.9-0.1mdv2009.0.x86_64.rpm d56cea0645b26b668f9b8a66f2dc090f 2009.0/x86_64/lib64cups2-1.3.9-0.1mdv2009.0.x86_64.rpm f4a04369ad8d202d87ea49a3da4ab67c 2009.0/x86_64/lib64cups2-devel-1.3.9-0.1mdv2009.0.x86_64.rpm 85124180f179ae504ad2f27ef814683d 2009.0/x86_64/php-cups-1.3.9-0.1mdv2009.0.x86_64.rpm 1c16860c6f7af958cb6744dd60ffd63e 2009.0/SRPMS/cups-1.3.9-0.1mdv2009.0.src.rpm
Corporate 3.0: d235e680a70a94ce2c32a556a1fea6d5 corporate/3.0/i586/cups-1.1.20-5.19.C30mdk.i586.rpm eccffd52489f0aca14a11b6b88a5c59f corporate/3.0/i586/cups-common-1.1.20-5.19.C30mdk.i586.rpm 743aad40e707a1c6ec8de19e6ba19668 corporate/3.0/i586/cups-serial-1.1.20-5.19.C30mdk.i586.rpm 931bd82e26396ef7109369893e8fb740 corporate/3.0/i586/libcups2-1.1.20-5.19.C30mdk.i586.rpm 007b156ceb1f78c107a05bba499f544d corporate/3.0/i586/libcups2-devel-1.1.20-5.19.C30mdk.i586.rpm 685d93ef91df7b10faefae3d9c8a2e20 corporate/3.0/SRPMS/cups-1.1.20-5.19.C30mdk.src.rpm
Corporate 3.0/X86_64: c57219da87ef50832e74efbfd3471f64 corporate/3.0/x86_64/cups-1.1.20-5.19.C30mdk.x86_64.rpm 6f9772a800e70f1e3766d76de8dcf6e3 corporate/3.0/x86_64/cups-common-1.1.20-5.19.C30mdk.x86_64.rpm e1221063527caed05a6e94f9cebed9ab corporate/3.0/x86_64/cups-serial-1.1.20-5.19.C30mdk.x86_64.rpm a0b15b24cfc995a7a769c1e87d53a696 corporate/3.0/x86_64/lib64cups2-1.1.20-5.19.C30mdk.x86_64.rpm aaabff95ac9a30ff1d9ce224612bcb50 corporate/3.0/x86_64/lib64cups2-devel-1.1.20-5.19.C30mdk.x86_64.rpm 685d93ef91df7b10faefae3d9c8a2e20 corporate/3.0/SRPMS/cups-1.1.20-5.19.C30mdk.src.rpm
Corporate 4.0: 56f3e394ac8e4b4e7d423c7989d2e6af corporate/4.0/i586/cups-1.2.4-0.10.20060mlcs4.i586.rpm dcb4425723e63a2d094305cde05890f3 corporate/4.0/i586/cups-common-1.2.4-0.10.20060mlcs4.i586.rpm 348427ebb4f1f1f530c3c129850de957 corporate/4.0/i586/cups-serial-1.2.4-0.10.20060mlcs4.i586.rpm d0a8052949416c5ba260b48596cbf415 corporate/4.0/i586/libcups2-1.2.4-0.10.20060mlcs4.i586.rpm ab7637abe249e4369cf39d37113ba37f corporate/4.0/i586/libcups2-devel-1.2.4-0.10.20060mlcs4.i586.rpm 86af12b21de1212e72286e9b2db23caa corporate/4.0/i586/php-cups-1.2.4-0.10.20060mlcs4.i586.rpm 5a7d0a19238e8b654821bb87355f9f27 corporate/4.0/SRPMS/cups-1.2.4-0.10.20060mlcs4.src.rpm
Corporate 4.0/X86_64: 59784628a2385248e8d71c1476773071 corporate/4.0/x86_64/cups-1.2.4-0.10.20060mlcs4.x86_64.rpm a7933ad29b9a77973fcf7feb02c381b9 corporate/4.0/x86_64/cups-common-1.2.4-0.10.20060mlcs4.x86_64.rpm 26da08a5da63053f418e47792cf26280 corporate/4.0/x86_64/cups-serial-1.2.4-0.10.20060mlcs4.x86_64.rpm 0614662f2661171ade097e562a94c635 corporate/4.0/x86_64/lib64cups2-1.2.4-0.10.20060mlcs4.x86_64.rpm a899db16ce3db8ec71aaef67a6650616 corporate/4.0/x86_64/lib64cups2-devel-1.2.4-0.10.20060mlcs4.x86_64.rpm 9e3dc91c4390d7ba60ca26dcc095b8d8 corporate/4.0/x86_64/php-cups-1.2.4-0.10.20060mlcs4.x86_64.rpm 5a7d0a19238e8b654821bb87355f9f27 corporate/4.0/SRPMS/cups-1.2.4-0.10.20060mlcs4.src.rpm
To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandriva Linux at:
http://www.mandriva.com/security/advisories
If you want to report vulnerabilities, please contact
security_(at)_mandriva.com
Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux)
iD8DBQFI8DeJmqjQ0CJFipgRAmbxAKCxSRvJTtancZ/puQkgifGbRQnZIQCg6Bum EnuxPIlaIiQWBIjMSk4WWoo= =aMXC -----END PGP SIGNATURE-----
Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ . - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 200812-11
http://security.gentoo.org/
Severity: High
Title: CUPS: Multiple vulnerabilities
Date: December 10, 2008
Bugs: #238976, #249727
ID: 200812-11
Synopsis
Several remotely exploitable bugs have been found in CUPS, which allow remote execution of arbitrary code.
Background
CUPS is the Common Unix Printing System.
Affected packages
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 net-print/cups < 1.3.9-r1 >= 1.3.9-r1
Description
Several buffer overflows were found in:
-
The read_rle16 function in imagetops (CVE-2008-3639, found by regenrecht, reported via ZDI)
-
The WriteProlog function in texttops (CVE-2008-3640, found by regenrecht, reported via ZDI)
-
The Hewlett-Packard Graphics Language (HPGL) filter (CVE-2008-3641, found by regenrecht, reported via iDefense)
-
The _cupsImageReadPNG function (CVE-2008-5286, reported by iljavs)
Impact
A remote attacker could send specially crafted input to a vulnerable server, resulting in the remote execution of arbitrary code with the privileges of the user running the server.
Workaround
None this time.
Resolution
All CUPS users should upgrade to the latest version.
# emerge --sync
# emerge --ask --oneshot --verbose ">=net-print/cups-1.3.9-r1"
References
[ 1 ] CVE-2008-3639
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3639
[ 2 ] CVE-2008-3640
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3640
[ 3 ] CVE-2008-3641
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3641
[ 4 ] CVE-2008-5286
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5286
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-200812-11.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at http://bugs.gentoo.org.
License
Copyright 2008 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
. ----------------------------------------------------------------------
Secunia Network Software Inspector 2.0 (NSI) - Public Beta
15 days left of beta period.
The 1st generation of the Secunia Network Software Inspector (NSI) has been available for corporate users for almost 1 year and its been a tremendous success.
The 2nd generation Secunia NSI is built on the same technology as the award winning Secunia PSI, which has already been downloaded and installed on more than 400,000 computers world wide.
Learn more / Download (instant access): http://secunia.com/network_software_inspector_2/
TITLE: CUPS PNG Filter Integer Overflow Vulnerability
SECUNIA ADVISORY ID: SA29809
VERIFY ADVISORY: http://secunia.com/advisories/29809/
CRITICAL: Moderately critical
IMPACT: System access
WHERE:
From local network
SOFTWARE: CUPS 1.x http://secunia.com/product/921/
DESCRIPTION: Thomas Pollet has reported a vulnerability in CUPS, which potentially can be exploited by malicious people to compromise a vulnerable system.
The vulnerability is caused due to two integer overflow errors in filter/image-png.c when processing PNG files. These can be exploited to cause a heap-based buffer overflow via overly large width and height PNG fields.
Successful exploitation may allow execution of arbitrary code.
The vulnerability is reported in version 1.3.7. Other versions may also be affected.
SOLUTION: Fixed in the SVN repository.
Restrict access to trusted users only.
PROVIDED AND/OR DISCOVERED BY: Thomas Pollet
ORIGINAL ADVISORY: http://www.cups.org/str.php?L2790
About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{
"affected_products": {
"_id": null,
"data": [
{
"_id": null,
"model": "cups",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "1.3.6"
},
{
"_id": null,
"model": "cups",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "1.3.3"
},
{
"_id": null,
"model": "cups",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "1.3.7"
},
{
"_id": null,
"model": "cups",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "1.3.2"
},
{
"_id": null,
"model": "cups",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "1.3"
},
{
"_id": null,
"model": "cups",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "1.3.5"
},
{
"_id": null,
"model": "cups",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "1.3.4"
},
{
"_id": null,
"model": "cups",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.1.18"
},
{
"_id": null,
"model": "cups",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.3.1"
},
{
"_id": null,
"model": "cups",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.1.10-1"
},
{
"_id": null,
"model": "cups",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.1.20"
},
{
"_id": null,
"model": "cups",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.1.7"
},
{
"_id": null,
"model": "cups",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.1.5"
},
{
"_id": null,
"model": "cups",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.2.5"
},
{
"_id": null,
"model": "cups",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.1.9"
},
{
"_id": null,
"model": "cups",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.1.6-3"
},
{
"_id": null,
"model": "cups",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.2.12"
},
{
"_id": null,
"model": "cups",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.1.10"
},
{
"_id": null,
"model": "cups",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.1"
},
{
"_id": null,
"model": "cups",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.1.9-1"
},
{
"_id": null,
"model": "cups",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.2.11"
},
{
"_id": null,
"model": "cups",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.2.3"
},
{
"_id": null,
"model": "cups",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.2.2"
},
{
"_id": null,
"model": "cups",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.1.5-2"
},
{
"_id": null,
"model": "cups",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.1.4"
},
{
"_id": null,
"model": "cups",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.1.21"
},
{
"_id": null,
"model": "cups",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.1.1"
},
{
"_id": null,
"model": "cups",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.1.12"
},
{
"_id": null,
"model": "cups",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.1.8"
},
{
"_id": null,
"model": "cups",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.2.0"
},
{
"_id": null,
"model": "cups",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.2.8"
},
{
"_id": null,
"model": "cups",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.1.17"
},
{
"_id": null,
"model": "cups",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.1.2"
},
{
"_id": null,
"model": "cups",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.2.6"
},
{
"_id": null,
"model": "cups",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.1.15"
},
{
"_id": null,
"model": "cups",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.1.16"
},
{
"_id": null,
"model": "cups",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.1.3"
},
{
"_id": null,
"model": "cups",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.1.13"
},
{
"_id": null,
"model": "cups",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.1.6-2"
},
{
"_id": null,
"model": "cups",
"scope": "lte",
"trust": 1.0,
"vendor": "apple",
"version": "1.3.8"
},
{
"_id": null,
"model": "cups",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.2.7"
},
{
"_id": null,
"model": "cups",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.3.0"
},
{
"_id": null,
"model": "cups",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.1.14"
},
{
"_id": null,
"model": "cups",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.1.5-1"
},
{
"_id": null,
"model": "cups",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.1.6-1"
},
{
"_id": null,
"model": "cups",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.1.19"
},
{
"_id": null,
"model": "cups",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.2.4"
},
{
"_id": null,
"model": "cups",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.1.23"
},
{
"_id": null,
"model": "cups",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.2.10"
},
{
"_id": null,
"model": "cups",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.2"
},
{
"_id": null,
"model": "cups",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.2.1"
},
{
"_id": null,
"model": "cups",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.2.9"
},
{
"_id": null,
"model": "cups",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.1.22"
},
{
"_id": null,
"model": "cups",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.1.6"
},
{
"_id": null,
"model": "cups",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.1.11"
},
{
"_id": null,
"model": "cups",
"scope": "lt",
"trust": 0.8,
"vendor": "cups",
"version": "1.3.9"
},
{
"_id": null,
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "3 (x86)"
},
{
"_id": null,
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "3 (x86-64)"
},
{
"_id": null,
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "3.0"
},
{
"_id": null,
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "3.0 (x86-64)"
},
{
"_id": null,
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "4.0"
},
{
"_id": null,
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "4.0 (x86-64)"
},
{
"_id": null,
"model": "turbolinux appliance server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "1.0 (hosting)"
},
{
"_id": null,
"model": "turbolinux appliance server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "1.0 (workgroup)"
},
{
"_id": null,
"model": "turbolinux appliance server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "2.0"
},
{
"_id": null,
"model": "turbolinux appliance server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "3.0"
},
{
"_id": null,
"model": "turbolinux appliance server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "3.0 (x64)"
},
{
"_id": null,
"model": "turbolinux client",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "2008"
},
{
"_id": null,
"model": "turbolinux fuji",
"scope": null,
"trust": 0.8,
"vendor": "turbo linux",
"version": null
},
{
"_id": null,
"model": "turbolinux multimedia",
"scope": null,
"trust": 0.8,
"vendor": "turbo linux",
"version": null
},
{
"_id": null,
"model": "turbolinux personal",
"scope": null,
"trust": 0.8,
"vendor": "turbo linux",
"version": null
},
{
"_id": null,
"model": "turbolinux server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "10"
},
{
"_id": null,
"model": "turbolinux server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "10 (x64)"
},
{
"_id": null,
"model": "turbolinux server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "11"
},
{
"_id": null,
"model": "turbolinux server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "11 (x64)"
},
{
"_id": null,
"model": "wizpy",
"scope": null,
"trust": 0.8,
"vendor": "turbo linux",
"version": null
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3 (as)"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3 (es)"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3 (ws)"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 (as)"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 (es)"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 (ws)"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5 (server)"
},
{
"_id": null,
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3.0"
},
{
"_id": null,
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4.0"
},
{
"_id": null,
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5.0 (client)"
},
{
"_id": null,
"model": "rhel desktop workstation",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5 (client)"
},
{
"_id": null,
"model": "cups",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "1.3.8"
},
{
"_id": null,
"model": "software products cups",
"scope": "eq",
"trust": 0.3,
"vendor": "easy",
"version": "1.1.10"
},
{
"_id": null,
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.3"
},
{
"_id": null,
"model": "opensolaris build snv 95",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "software products cups",
"scope": "eq",
"trust": 0.3,
"vendor": "easy",
"version": "1.1.4"
},
{
"_id": null,
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "11x64"
},
{
"_id": null,
"model": "software products cups",
"scope": "eq",
"trust": 0.3,
"vendor": "easy",
"version": "1.1.21"
},
{
"_id": null,
"model": "opensolaris build snv 93",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "rpath",
"version": "1"
},
{
"_id": null,
"model": "corporate server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "4.0"
},
{
"_id": null,
"model": "linux lts powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"_id": null,
"model": "appliance server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "3.0"
},
{
"_id": null,
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "11"
},
{
"_id": null,
"model": "software products cups",
"scope": "eq",
"trust": 0.3,
"vendor": "easy",
"version": "1.1.4-5"
},
{
"_id": null,
"model": "messaging storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"_id": null,
"model": "software products cups",
"scope": "eq",
"trust": 0.3,
"vendor": "easy",
"version": "1.3.5"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "pardus",
"version": "20080"
},
{
"_id": null,
"model": "personal",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"_id": null,
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"_id": null,
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"_id": null,
"model": "software products cups",
"scope": "eq",
"trust": 0.3,
"vendor": "easy",
"version": "1.1.4-2"
},
{
"_id": null,
"model": "appliance server hosting edition",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "1.0"
},
{
"_id": null,
"model": "software products cups",
"scope": "eq",
"trust": 0.3,
"vendor": "easy",
"version": "1.1.14"
},
{
"_id": null,
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "7.04"
},
{
"_id": null,
"model": "linux lts amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "8.04"
},
{
"_id": null,
"model": "software products cups",
"scope": "eq",
"trust": 0.3,
"vendor": "easy",
"version": "1.1.15"
},
{
"_id": null,
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2007.1"
},
{
"_id": null,
"model": "linux lts powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "8.04"
},
{
"_id": null,
"model": "proactive contact",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.0"
},
{
"_id": null,
"model": "enterprise linux desktop client",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"_id": null,
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "7.04"
},
{
"_id": null,
"model": "software products cups",
"scope": "eq",
"trust": 0.3,
"vendor": "easy",
"version": "1.2.10"
},
{
"_id": null,
"model": "opensolaris build snv 101a",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "opensolaris build snv 99",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "software products cups",
"scope": "eq",
"trust": 0.3,
"vendor": "easy",
"version": "1.1.13"
},
{
"_id": null,
"model": "linux lts i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"_id": null,
"model": "linux enterprise server sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"_id": null,
"model": "messaging storage server mm3.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"_id": null,
"model": "opensolaris build snv 87",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "messaging storage server",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"_id": null,
"model": "opensolaris build snv 88",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "4.0"
},
{
"_id": null,
"model": "messaging storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"_id": null,
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2008.0"
},
{
"_id": null,
"model": "proactive contact",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "0"
},
{
"_id": null,
"model": "linux lts sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "8.04"
},
{
"_id": null,
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2008.1"
},
{
"_id": null,
"model": "linux lts amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"_id": null,
"model": "appliance server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "2.0"
},
{
"_id": null,
"model": "software products cups rc5",
"scope": "eq",
"trust": 0.3,
"vendor": "easy",
"version": "1.1.19"
},
{
"_id": null,
"model": "linux lts i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "8.04"
},
{
"_id": null,
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2007.1"
},
{
"_id": null,
"model": "linux lpia",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "7.10"
},
{
"_id": null,
"model": "opensolaris build snv 100",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "linux enterprise desktop sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"_id": null,
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2009.0"
},
{
"_id": null,
"model": "software products cups",
"scope": "eq",
"trust": 0.3,
"vendor": "easy",
"version": "1.1.4-3"
},
{
"_id": null,
"model": "software products cups",
"scope": "eq",
"trust": 0.3,
"vendor": "easy",
"version": "1.1.22"
},
{
"_id": null,
"model": "linux alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "4.0"
},
{
"_id": null,
"model": "linux ia-32",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "4.0"
},
{
"_id": null,
"model": "software products cups",
"scope": "eq",
"trust": 0.3,
"vendor": "easy",
"version": "1.1.18"
},
{
"_id": null,
"model": "linux mipsel",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "4.0"
},
{
"_id": null,
"model": "linux mips",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "4.0"
},
{
"_id": null,
"model": "software products cups",
"scope": "eq",
"trust": 0.3,
"vendor": "easy",
"version": "1.2.8"
},
{
"_id": null,
"model": "linux enterprise server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"_id": null,
"model": "desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4.0"
},
{
"_id": null,
"model": "software products cups",
"scope": "eq",
"trust": 0.3,
"vendor": "easy",
"version": "1.1.12"
},
{
"_id": null,
"model": "fuji",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "0"
},
{
"_id": null,
"model": "linux enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "8"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "12.1"
},
{
"_id": null,
"model": "linux enterprise desktop sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"_id": null,
"model": "appliance platform linux service",
"scope": "eq",
"trust": 0.3,
"vendor": "rpath",
"version": "2"
},
{
"_id": null,
"model": "corporate server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "3.0"
},
{
"_id": null,
"model": "message networking",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"_id": null,
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "7.10"
},
{
"_id": null,
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "11.0"
},
{
"_id": null,
"model": "linux lts sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"_id": null,
"model": "corporate server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "4.0"
},
{
"_id": null,
"model": "appliance server workgroup edition",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "1.0"
},
{
"_id": null,
"model": "linux s/390",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "4.0"
},
{
"_id": null,
"model": "opensolaris build snv 96",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "software products cups rc1",
"scope": "eq",
"trust": 0.3,
"vendor": "easy",
"version": "1.1.22"
},
{
"_id": null,
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "4.0"
},
{
"_id": null,
"model": "message networking",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"_id": null,
"model": "software products cups",
"scope": "eq",
"trust": 0.3,
"vendor": "easy",
"version": "1.3.3"
},
{
"_id": null,
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"_id": null,
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "7.10"
},
{
"_id": null,
"model": "appliance platform linux service",
"scope": "eq",
"trust": 0.3,
"vendor": "rpath",
"version": "1"
},
{
"_id": null,
"model": "software products cups",
"scope": "eq",
"trust": 0.3,
"vendor": "easy",
"version": "1.3.6"
},
{
"_id": null,
"model": "linux lts lpia",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "8.04"
},
{
"_id": null,
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10.0"
},
{
"_id": null,
"model": "software products cups",
"scope": "eq",
"trust": 0.3,
"vendor": "easy",
"version": "1.2.9"
},
{
"_id": null,
"model": "enterprise linux server",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"_id": null,
"model": "opensolaris build snv 91",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "opensolaris build snv 89",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "novell linux pos",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9"
},
{
"_id": null,
"model": "messaging storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.0"
},
{
"_id": null,
"model": "message networking mn",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"_id": null,
"model": "wizpy",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "0"
},
{
"_id": null,
"model": "open-enterprise-server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "0"
},
{
"_id": null,
"model": "enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"_id": null,
"model": "enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"_id": null,
"model": "linux enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "9"
},
{
"_id": null,
"model": "software products cups",
"scope": "ne",
"trust": 0.3,
"vendor": "easy",
"version": "1.3.9"
},
{
"_id": null,
"model": "opensolaris build snv 94",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "software products cups",
"scope": "eq",
"trust": 0.3,
"vendor": "easy",
"version": "1.1.6"
},
{
"_id": null,
"model": "opensolaris build snv 101",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "linux m68k",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "4.0"
},
{
"_id": null,
"model": "software products cups",
"scope": "eq",
"trust": 0.3,
"vendor": "easy",
"version": "1.2.12"
},
{
"_id": null,
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "4.0"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "4.0"
},
{
"_id": null,
"model": "software products cups",
"scope": "eq",
"trust": 0.3,
"vendor": "easy",
"version": "1.1.17"
},
{
"_id": null,
"model": "novell linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.0"
},
{
"_id": null,
"model": "voice portal",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.0"
},
{
"_id": null,
"model": "opensolaris build snv 90",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "7.10"
},
{
"_id": null,
"model": "software products cups",
"scope": "eq",
"trust": 0.3,
"vendor": "easy",
"version": "1.2.4"
},
{
"_id": null,
"model": "software products cups",
"scope": "eq",
"trust": 0.3,
"vendor": "easy",
"version": "1.1.1"
},
{
"_id": null,
"model": "linux ia-64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "4.0"
},
{
"_id": null,
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.2"
},
{
"_id": null,
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2008.1"
},
{
"_id": null,
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "4.0"
},
{
"_id": null,
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"_id": null,
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"_id": null,
"model": "software products cups",
"scope": "eq",
"trust": 0.3,
"vendor": "easy",
"version": "1.3.2"
},
{
"_id": null,
"model": "desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3.0"
},
{
"_id": null,
"model": "software products cups",
"scope": "eq",
"trust": 0.3,
"vendor": "easy",
"version": "1.1.23"
},
{
"_id": null,
"model": "software products cups",
"scope": "eq",
"trust": 0.3,
"vendor": "easy",
"version": "1.1.20"
},
{
"_id": null,
"model": "software products cups",
"scope": "eq",
"trust": 0.3,
"vendor": "easy",
"version": "1.0.4"
},
{
"_id": null,
"model": "linux hppa",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "4.0"
},
{
"_id": null,
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "7.10"
},
{
"_id": null,
"model": "appliance server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "3.0x64"
},
{
"_id": null,
"model": "enterprise linux desktop workstation client",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"_id": null,
"model": "client",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "2008"
},
{
"_id": null,
"model": "proactive contact",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.0"
},
{
"_id": null,
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2008.0"
},
{
"_id": null,
"model": "intuity audix lx",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"_id": null,
"model": "software products cups",
"scope": "eq",
"trust": 0.3,
"vendor": "easy",
"version": "1.2.2"
},
{
"_id": null,
"model": "opensolaris build snv 102",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "corporate server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "3.0"
},
{
"_id": null,
"model": "software products cups",
"scope": "eq",
"trust": 0.3,
"vendor": "easy",
"version": "1.3.7"
},
{
"_id": null,
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "7.04"
},
{
"_id": null,
"model": "software products cups",
"scope": "eq",
"trust": 0.3,
"vendor": "easy",
"version": "1.0.4-8"
},
{
"_id": null,
"model": "messaging storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.0"
},
{
"_id": null,
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10.0.0x64"
},
{
"_id": null,
"model": "software products cups",
"scope": "eq",
"trust": 0.3,
"vendor": "easy",
"version": "1.1.7"
},
{
"_id": null,
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2009.0"
},
{
"_id": null,
"model": "software products cups rc1",
"scope": "eq",
"trust": 0.3,
"vendor": "easy",
"version": "1.1.23"
},
{
"_id": null,
"model": "software products cups",
"scope": "eq",
"trust": 0.3,
"vendor": "easy",
"version": "1.1.16"
},
{
"_id": null,
"model": "software products cups",
"scope": "eq",
"trust": 0.3,
"vendor": "easy",
"version": "1.1.19"
},
{
"_id": null,
"model": "multimedia",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"_id": null,
"model": "opensolaris build snv 92",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "rpath",
"version": "2"
},
{
"_id": null,
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "7.04"
}
],
"sources": [
{
"db": "BID",
"id": "31690"
},
{
"db": "CNNVD",
"id": "CNNVD-200810-190"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-001827"
},
{
"db": "NVD",
"id": "CVE-2008-3639"
}
]
},
"configurations": {
"_id": null,
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:cups:cups",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:misc:miraclelinux_asianux_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:turbolinux:turbolinux_appliance_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:turbolinux:turbolinux_client",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:turbolinux:turbolinux_fuji",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:turbolinux:turbolinux_multimedia",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:turbolinux:turbolinux_personal",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:turbolinux:turbolinux_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:turbolinux:turbolinux_wizpy",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:redhat:enterprise_linux",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:redhat:enterprise_linux_desktop",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:redhat:rhel_desktop_workstation",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2008-001827"
}
]
},
"credits": {
"_id": null,
"data": "regenrecht",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200810-190"
}
],
"trust": 0.6
},
"cve": "CVE-2008-3639",
"cvss": {
"_id": null,
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2008-3639",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-33764",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2008-3639",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2008-3639",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-200810-190",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-33764",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-33764"
},
{
"db": "CNNVD",
"id": "CNNVD-200810-190"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-001827"
},
{
"db": "NVD",
"id": "CVE-2008-3639"
}
]
},
"description": {
"_id": null,
"data": "Heap-based buffer overflow in the read_rle16 function in imagetops in CUPS before 1.3.9 allows remote attackers to execute arbitrary code via an SGI image with malformed Run Length Encoded (RLE) data containing a small image and a large row count. CUPS is prone to multiple heap-based buffer-overflow vulnerabilities because it fails to perform adequate boundary checks on user-supplied data before using it to allocate memory buffers. \nRemote attackers can exploit these issues to execute arbitrary code within the context of the affected application. Failed exploit attempts will likely cause a denial-of-service condition. Note that local attackers may also exploit these vulnerabilities to elevate privileges. \nSuccessful remote exploits may require printer sharing to be enabled on the vulnerable system. \nThese issues affect versions prior to CUPS 1.3.9. It is based on the Internet Printing Protocol and provides most PostScript and raster printer services. The cause of the vulnerability is that the read_rle16() function does not correctly validate the value of the line read from the file and uses this value to control how many 16-bit integers are stored in the heap buffer. If a small graphics dimension and a large number of lines are provided, it will May trigger a heap overflow. ===========================================================\nUbuntu Security Notice USN-656-1 October 15, 2008\ncupsys vulnerabilities\nCVE-2008-1722, CVE-2008-3639, CVE-2008-3640, CVE-2008-3641\n===========================================================\n\nA security issue affects the following Ubuntu releases:\n\nUbuntu 6.06 LTS\nUbuntu 7.04\nUbuntu 7.10\nUbuntu 8.04 LTS\n\nThis advisory also applies to the corresponding versions of\nKubuntu, Edubuntu, and Xubuntu. \n\nThe problem can be corrected by upgrading your system to the\nfollowing package versions:\n\nUbuntu 6.06 LTS:\n cupsys 1.2.2-0ubuntu0.6.06.11\n\nUbuntu 7.04:\n cupsys 1.2.8-0ubuntu8.6\n\nUbuntu 7.10:\n cupsys 1.3.2-1ubuntu7.8\n\nUbuntu 8.04 LTS:\n cupsys 1.3.7-1ubuntu3.1\n\nIn general, a standard system upgrade is sufficient to effect the\nnecessary changes. \n\nDetails follow:\n\nIt was discovered that the SGI image filter in CUPS did not perform\nproper bounds checking. If a user or automated system were tricked\ninto opening a crafted SGI image, an attacker could cause a denial\nof service. (CVE-2008-3639)\n\nIt was discovered that the texttops filter in CUPS did not properly\nvalidate page metrics. If a user or automated system were tricked into\nopening a crafted text file, an attacker could cause a denial of\nservice. (CVE-2008-3640)\n\nIt was discovered that the HP-GL filter in CUPS did not properly check\nfor invalid pen parameters. If a user or automated system were tricked\ninto opening a crafted HP-GL or HP-GL/2 file, a remote attacker could\ncause a denial of service or execute arbitrary code with user\nprivileges. In Ubuntu 7.10 and 8.04 LTS, attackers would be isolated by\nthe AppArmor CUPS profile. (CVE-2008-3641)\n\nNOTE: The previous update for CUPS on Ubuntu 6.06 LTS did not have the\nthe fix for CVE-2008-1722 applied. This update includes fixes for the\nproblem. We apologize for the inconvenience. \n\n\nUpdated packages for Ubuntu 6.06 LTS:\n\n Source archives:\n\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.2-0ubuntu0.6.06.11.diff.gz\n Size/MD5: 102981 403c1494b264696702f055fc5cdcc60d\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.2-0ubuntu0.6.06.11.dsc\n Size/MD5: 1052 cc47231c220e8d0e1659cf83d9e08445\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.2.orig.tar.gz\n Size/MD5: 4070384 2c99b8aa4c8dc25c8a84f9c06aa52e3e\n\n Architecture independent packages:\n\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-gnutls10_1.2.2-0ubuntu0.6.06.11_all.deb\n Size/MD5: 994 8b094f8389b70e0153d7bbfcd23ed912\n\n amd64 architecture (Athlon64, Opteron, EM64T Xeon):\n\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.2.2-0ubuntu0.6.06.11_amd64.deb\n Size/MD5: 36226 ddea26501964356559ee3a11124acd8b\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.2.2-0ubuntu0.6.06.11_amd64.deb\n Size/MD5: 81902 670924b1b9a36db787e3b4cc6a7f1782\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.2-0ubuntu0.6.06.11_amd64.deb\n Size/MD5: 2286676 455fe7748b3ab167658bb5b42ef0363a\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.2.2-0ubuntu0.6.06.11_amd64.deb\n Size/MD5: 6086 dc0bd3799366e32503466ba4588fc4df\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.2.2-0ubuntu0.6.06.11_amd64.deb\n Size/MD5: 77226 31e781bf2c8f0f4140799b21b9d0484a\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.2.2-0ubuntu0.6.06.11_amd64.deb\n Size/MD5: 25742 6812b0831f37474b50607e4c6eb83fe5\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.2.2-0ubuntu0.6.06.11_amd64.deb\n Size/MD5: 129960 88a0b954c9f50df6aa37824b3da7041b\n\n i386 architecture (x86 compatible Intel/AMD):\n\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.2.2-0ubuntu0.6.06.11_i386.deb\n Size/MD5: 34768 d04de29dfcca09a4dc70a385e8a0766b\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.2.2-0ubuntu0.6.06.11_i386.deb\n Size/MD5: 77974 efed93511d0ee579706e5cf538378dbd\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.2-0ubuntu0.6.06.11_i386.deb\n Size/MD5: 2253974 30ac219c7cd66460df6fa2b76c147ae8\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.2.2-0ubuntu0.6.06.11_i386.deb\n Size/MD5: 6090 648459c3b58ddaf1fc646c8cd476e9f8\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.2.2-0ubuntu0.6.06.11_i386.deb\n Size/MD5: 76350 d044f4fa44a792c81bca198f44687a1e\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.2.2-0ubuntu0.6.06.11_i386.deb\n Size/MD5: 25740 4c97e6e30f95bd3c3a32c761db4f5183\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.2.2-0ubuntu0.6.06.11_i386.deb\n Size/MD5: 122178 7298a6d762d2edbe6fd107656932f32a\n\n powerpc architecture (Apple Macintosh G3/G4/G5):\n\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.2.2-0ubuntu0.6.06.11_powerpc.deb\n Size/MD5: 40468 24cf01572a6f790296c1accba097352c\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.2.2-0ubuntu0.6.06.11_powerpc.deb\n Size/MD5: 89528 0172b346d78458df1a6cd91a371b3b67\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.2-0ubuntu0.6.06.11_powerpc.deb\n Size/MD5: 2301292 f1a755a88fde554fdabbfb8081a88e52\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.2.2-0ubuntu0.6.06.11_powerpc.deb\n Size/MD5: 6098 f3e962ddc060712ed3ba78bb5625d5e4\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.2.2-0ubuntu0.6.06.11_powerpc.deb\n Size/MD5: 79004 de095980afadd9352e5d7e92600d75b5\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.2.2-0ubuntu0.6.06.11_powerpc.deb\n Size/MD5: 25744 21a4d908ae8de551cda885d4835d69c0\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.2.2-0ubuntu0.6.06.11_powerpc.deb\n Size/MD5: 127932 6e50fa3fa4185c781551e5744331f20b\n\n sparc architecture (Sun SPARC/UltraSPARC):\n\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.2.2-0ubuntu0.6.06.11_sparc.deb\n Size/MD5: 35392 ede504cfaaf1e068c68b3fa759777098\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.2.2-0ubuntu0.6.06.11_sparc.deb\n Size/MD5: 78712 49f458e339846bcc2eb9ffdc482de5be\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.2-0ubuntu0.6.06.11_sparc.deb\n Size/MD5: 2287588 864ab74a020db94ab2acc1283720a05c\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.2.2-0ubuntu0.6.06.11_sparc.deb\n Size/MD5: 6092 58c6f56f79c35af1b0ca47eaeedd7ea3\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.2.2-0ubuntu0.6.06.11_sparc.deb\n Size/MD5: 76262 759f3df1a04440d71ae6634109045bf6\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.2.2-0ubuntu0.6.06.11_sparc.deb\n Size/MD5: 25740 8bbdc7b4842df909bdfb95b96fd9f884\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.2.2-0ubuntu0.6.06.11_sparc.deb\n Size/MD5: 123662 4c4f4a4faae61a0c3901c63fe58bbf26\n\nUpdated packages for Ubuntu 7.04:\n\n Source archives:\n\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.8-0ubuntu8.6.diff.gz\n Size/MD5: 160216 80696d47933857b9665da1492f9a801b\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.8-0ubuntu8.6.dsc\n Size/MD5: 1143 0dbd641692767f4e2e5b7f390c412a9f\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.8.orig.tar.gz\n Size/MD5: 4293194 107affe95fcf1cd4aaed4a5c73f4b91f\n\n Architecture independent packages:\n\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-common_1.2.8-0ubuntu8.6_all.deb\n Size/MD5: 926804 41e6c60357740e668198976afcce6bd1\n\n amd64 architecture (Athlon64, Opteron, EM64T Xeon):\n\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.2.8-0ubuntu8.6_amd64.deb\n Size/MD5: 37404 2d7cb4cb3bfeeeb5af3db756f1a0a5be\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.2.8-0ubuntu8.6_amd64.deb\n Size/MD5: 83230 361cd5ffca4125245798312c3a9c7eaa\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.8-0ubuntu8.6_amd64.deb\n Size/MD5: 1638902 a502a4f981385dcba50ed5b6fc8fe969\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.2.8-0ubuntu8.6_amd64.deb\n Size/MD5: 56598 a9f413ff725abe42af63312ea6e826e7\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.2.8-0ubuntu8.6_amd64.deb\n Size/MD5: 104860 7bfc0e70546baa2c98421a9dd7a373e6\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.2.8-0ubuntu8.6_amd64.deb\n Size/MD5: 144852 9d30fa04e2aa415fb126188aa4d32349\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.2.8-0ubuntu8.6_amd64.deb\n Size/MD5: 182728 0ed6d4f8c813e2c36bcaa7b7ca98ccad\n\n i386 architecture (x86 compatible Intel/AMD):\n\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.2.8-0ubuntu8.6_i386.deb\n Size/MD5: 36712 014d51e184b4435a28c1e820455fb0a1\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.2.8-0ubuntu8.6_i386.deb\n Size/MD5: 80752 4d29ca2e6d3de00e3a10c55c677c8cd6\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.8-0ubuntu8.6_i386.deb\n Size/MD5: 1621450 551c9d7c9836efe7a927a609699976ad\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.2.8-0ubuntu8.6_i386.deb\n Size/MD5: 55720 b70e3b3a1c86aa782a42fcf1a40ff197\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.2.8-0ubuntu8.6_i386.deb\n Size/MD5: 104592 ececfa4f50e077d5049116a47cc44965\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.2.8-0ubuntu8.6_i386.deb\n Size/MD5: 139320 b5c4606316c175feac7dd9a8f78acc56\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.2.8-0ubuntu8.6_i386.deb\n Size/MD5: 179030 b2bb50b90caac66408739e67ecc9fdb5\n\n powerpc architecture (Apple Macintosh G3/G4/G5):\n\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.2.8-0ubuntu8.6_powerpc.deb\n Size/MD5: 46766 ad2b053736a2165b39f1749b7e3409e0\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.2.8-0ubuntu8.6_powerpc.deb\n Size/MD5: 101094 bea4c45325710b1e2d5e67dceb7853bb\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.8-0ubuntu8.6_powerpc.deb\n Size/MD5: 1696124 7e3469aa52e2de4e93352e44f7623305\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.2.8-0ubuntu8.6_powerpc.deb\n Size/MD5: 56398 47755a89a609e4401d70f6adcfcfb9a5\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.2.8-0ubuntu8.6_powerpc.deb\n Size/MD5: 110478 94a5f78770c410fce9a0c88a187fe9c4\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.2.8-0ubuntu8.6_powerpc.deb\n Size/MD5: 141178 69f22a6730b291c9df2b0541c07223d6\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.2.8-0ubuntu8.6_powerpc.deb\n Size/MD5: 188650 634498a8eb5ab4c75eab74e1655234b1\n\n sparc architecture (Sun SPARC/UltraSPARC):\n\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.2.8-0ubuntu8.6_sparc.deb\n Size/MD5: 37778 cde58d9fa7d256698ef6ba128b16a799\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.2.8-0ubuntu8.6_sparc.deb\n Size/MD5: 83740 072c6f65496619d5808c542d3a2ebe97\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.8-0ubuntu8.6_sparc.deb\n Size/MD5: 1659626 a5b6c19a436e9737af44cbaee93d093c\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.2.8-0ubuntu8.6_sparc.deb\n Size/MD5: 54928 5a8347021b82084600e0d08971cb41a3\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.2.8-0ubuntu8.6_sparc.deb\n Size/MD5: 104156 ca7b062c097aa7f92a9085615fc3e828\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.2.8-0ubuntu8.6_sparc.deb\n Size/MD5: 141756 299acfe9e1964d21e7ba2fc3a390ded8\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.2.8-0ubuntu8.6_sparc.deb\n Size/MD5: 178292 02e3059c98fb42cb83173e0b3a08d469\n\nUpdated packages for Ubuntu 7.10:\n\n Source archives:\n\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.3.2-1ubuntu7.8.diff.gz\n Size/MD5: 128977 cc7a79b80d0cc2caa8f9c5aea2f9397b\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.3.2-1ubuntu7.8.dsc\n Size/MD5: 1218 4f603d11b93e600bd82009983bc88580\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.3.2.orig.tar.gz\n Size/MD5: 4848424 9e3e1dee4d872fdff0682041198d3d73\n\n Architecture independent packages:\n\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-common_1.3.2-1ubuntu7.8_all.deb\n Size/MD5: 1080404 6419c157fd22fcfb2e1563ccced2fcae\n\n amd64 architecture (Athlon64, Opteron, EM64T Xeon):\n\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.3.2-1ubuntu7.8_amd64.deb\n Size/MD5: 37204 88b05a4cbb9f5714951edade3dd0609b\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.3.2-1ubuntu7.8_amd64.deb\n Size/MD5: 89506 cb352043a1985e24614dc27ffa5ded01\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.3.2-1ubuntu7.8_amd64.deb\n Size/MD5: 2034890 3a2c4daded2923691da8fe3f60d93f3e\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.3.2-1ubuntu7.8_amd64.deb\n Size/MD5: 60020 5007c193bb8416754a9d7e7ad09c4808\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.3.2-1ubuntu7.8_amd64.deb\n Size/MD5: 46884 9a2fd628887a01cc2fcb49131ec8ed0f\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.3.2-1ubuntu7.8_amd64.deb\n Size/MD5: 152014 7a9debd353faa26803f0e8707a97697a\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.3.2-1ubuntu7.8_amd64.deb\n Size/MD5: 186418 13e510e27e1025732d203a933ded8ade\n\n i386 architecture (x86 compatible Intel/AMD):\n\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.3.2-1ubuntu7.8_i386.deb\n Size/MD5: 36486 05cb382029ccb2285530af9de662b686\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.3.2-1ubuntu7.8_i386.deb\n Size/MD5: 86494 80b08f6080ed3c46e4fc954da05d9e6d\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.3.2-1ubuntu7.8_i386.deb\n Size/MD5: 2018384 16b0a7b694a38e4616fce6415116a7e9\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.3.2-1ubuntu7.8_i386.deb\n Size/MD5: 58882 8572d274d06e1a650d2d5199ea5dcf6f\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.3.2-1ubuntu7.8_i386.deb\n Size/MD5: 46280 158a4aef965ef1c697c5c7aef53f9e90\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.3.2-1ubuntu7.8_i386.deb\n Size/MD5: 145692 36b5af34074b13e44e2d2ae5f76fa6fc\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.3.2-1ubuntu7.8_i386.deb\n Size/MD5: 183190 fe12de8de5a779538844e2aecd5ccedb\n\n lpia architecture (Low Power Intel Architecture):\n\n http://ports.ubuntu.com/pool/main/c/cupsys/cupsys-bsd_1.3.2-1ubuntu7.8_lpia.deb\n Size/MD5: 36570 f73b632b59630a2727e45be083730c23\n http://ports.ubuntu.com/pool/main/c/cupsys/cupsys-client_1.3.2-1ubuntu7.8_lpia.deb\n Size/MD5: 88054 07cfc2fdf8615471278b10550f713a3e\n http://ports.ubuntu.com/pool/main/c/cupsys/cupsys_1.3.2-1ubuntu7.8_lpia.deb\n Size/MD5: 2020696 d97dab5d5a099884f7bca77dd118233a\n http://ports.ubuntu.com/pool/main/c/cupsys/libcupsimage2-dev_1.3.2-1ubuntu7.8_lpia.deb\n Size/MD5: 59624 d582e3100eaf68e9b10585ca6ce0a078\n http://ports.ubuntu.com/pool/main/c/cupsys/libcupsimage2_1.3.2-1ubuntu7.8_lpia.deb\n Size/MD5: 47662 a2e2c5cc101d720249efd108b1a724ca\n http://ports.ubuntu.com/pool/main/c/cupsys/libcupsys2-dev_1.3.2-1ubuntu7.8_lpia.deb\n Size/MD5: 142426 8e91390ca3bb0bd98ab7a43017e38a90\n http://ports.ubuntu.com/pool/main/c/cupsys/libcupsys2_1.3.2-1ubuntu7.8_lpia.deb\n Size/MD5: 181382 0806d0e1be2fdb48b873ea977107b759\n\n powerpc architecture (Apple Macintosh G3/G4/G5):\n\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.3.2-1ubuntu7.8_powerpc.deb\n Size/MD5: 46502 1f2a7db4dd6dfc7910a9c84f28425537\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.3.2-1ubuntu7.8_powerpc.deb\n Size/MD5: 107736 9a34baee6e8356d911d637e52fcb0747\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.3.2-1ubuntu7.8_powerpc.deb\n Size/MD5: 2099614 b0f8237ccff1e54e070645e79e085794\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.3.2-1ubuntu7.8_powerpc.deb\n Size/MD5: 59494 c3c1a6f415dacee7b5f0e63e0f83ca6c\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.3.2-1ubuntu7.8_powerpc.deb\n Size/MD5: 51856 91fcaca5686ce2070e654699b60514f4\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.3.2-1ubuntu7.8_powerpc.deb\n Size/MD5: 146952 205fedd96bd614314b2e9ecb18e78f53\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.3.2-1ubuntu7.8_powerpc.deb\n Size/MD5: 192204 0033c62b251a505fb7d80b5b8c96f6b6\n\n sparc architecture (Sun SPARC/UltraSPARC):\n\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.3.2-1ubuntu7.8_sparc.deb\n Size/MD5: 37558 f568ceabe0e419d263b75a5c852eb10a\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.3.2-1ubuntu7.8_sparc.deb\n Size/MD5: 89606 d916d0d9478082000a0f698347613387\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.3.2-1ubuntu7.8_sparc.deb\n Size/MD5: 2061026 a1b9da985d3d0211790f170443e74ac9\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.3.2-1ubuntu7.8_sparc.deb\n Size/MD5: 58098 dc5d816068b451c8926dd06a25e1715b\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.3.2-1ubuntu7.8_sparc.deb\n Size/MD5: 45572 9976f70a905893735ee445cca7ecda7f\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.3.2-1ubuntu7.8_sparc.deb\n Size/MD5: 148486 48954d641e131708913530887d28c064\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.3.2-1ubuntu7.8_sparc.deb\n Size/MD5: 182218 074755797d588b92f7030c0a9562cb67\n\nUpdated packages for Ubuntu 8.04 LTS:\n\n Source archives:\n\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.3.7-1ubuntu3.1.diff.gz\n Size/MD5: 133549 8146f7a668701caad4379707ccedf538\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.3.7-1ubuntu3.1.dsc\n Size/MD5: 1433 de3ffa5e20bdbc0bd61cf543cc2d351f\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.3.7.orig.tar.gz\n Size/MD5: 4700333 383e556d9841475847da6076c88da467\n\n Architecture independent packages:\n\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-common_1.3.7-1ubuntu3.1_all.deb\n Size/MD5: 1143834 7230e79bb0d6a1435f3ce0de114e1ad3\n\n amd64 architecture (Athlon64, Opteron, EM64T Xeon):\n\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.3.7-1ubuntu3.1_amd64.deb\n Size/MD5: 37530 0362fc9c1260486e4d1dcccca8dc60a3\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.3.7-1ubuntu3.1_amd64.deb\n Size/MD5: 89982 9a1ac844025f66fb85357e1807256331\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.3.7-1ubuntu3.1_amd64.deb\n Size/MD5: 1880646 233fbeadff826a6b6f22347559fe8bf5\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.3.7-1ubuntu3.1_amd64.deb\n Size/MD5: 60892 98a65443be4d97fb1de2f8580dd67e40\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.3.7-1ubuntu3.1_amd64.deb\n Size/MD5: 50356 89ca2e97385912ebf2ffe8a0871610d5\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.3.7-1ubuntu3.1_amd64.deb\n Size/MD5: 344926 631f297ea0a13321c61ee211d65fceab\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.3.7-1ubuntu3.1_amd64.deb\n Size/MD5: 177500 8dd137567dbc9644bda3b0a799cb2f6a\n\n i386 architecture (x86 compatible Intel/AMD):\n\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.3.7-1ubuntu3.1_i386.deb\n Size/MD5: 36952 deba752b21bdf04393626cf35ebb79eb\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.3.7-1ubuntu3.1_i386.deb\n Size/MD5: 88408 2e76b5856bde6afe82da9a6b03a98026\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.3.7-1ubuntu3.1_i386.deb\n Size/MD5: 1862954 aaa0817cb6b67729276e799275ad3346\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.3.7-1ubuntu3.1_i386.deb\n Size/MD5: 60090 b37d935af9661002730cd5cb2b3f11d3\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.3.7-1ubuntu3.1_i386.deb\n Size/MD5: 49838 a1d85e18616340eed3778b5286890c08\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.3.7-1ubuntu3.1_i386.deb\n Size/MD5: 339344 f3d29993795e7172667356c8d255f296\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.3.7-1ubuntu3.1_i386.deb\n Size/MD5: 174354 b1d7b741729749c6a3249fbcd0babe56\n\n lpia architecture (Low Power Intel Architecture):\n\n http://ports.ubuntu.com/pool/main/c/cupsys/cupsys-bsd_1.3.7-1ubuntu3.1_lpia.deb\n Size/MD5: 36676 c46beddd8f227e1ee0b1c9a80d41b19a\n http://ports.ubuntu.com/pool/main/c/cupsys/cupsys-client_1.3.7-1ubuntu3.1_lpia.deb\n Size/MD5: 88734 c8b70c2665734c45caa22ae41f60b486\n http://ports.ubuntu.com/pool/main/c/cupsys/cupsys_1.3.7-1ubuntu3.1_lpia.deb\n Size/MD5: 1865262 27de39c2fbe2471f11b7756b5bc02cc3\n http://ports.ubuntu.com/pool/main/c/cupsys/libcupsimage2-dev_1.3.7-1ubuntu3.1_lpia.deb\n Size/MD5: 60540 b54c6711e74c55777f0e509f642c42f0\n http://ports.ubuntu.com/pool/main/c/cupsys/libcupsimage2_1.3.7-1ubuntu3.1_lpia.deb\n Size/MD5: 50860 64989632d1f49f5d25209bb9a68809d5\n http://ports.ubuntu.com/pool/main/c/cupsys/libcupsys2-dev_1.3.7-1ubuntu3.1_lpia.deb\n Size/MD5: 337020 ca60ea21ad93aca447e1ae04e0ad818f\n http://ports.ubuntu.com/pool/main/c/cupsys/libcupsys2_1.3.7-1ubuntu3.1_lpia.deb\n Size/MD5: 173276 6e0af5026f452171993817fbd6e6b4e7\n\n powerpc architecture (Apple Macintosh G3/G4/G5):\n\n http://ports.ubuntu.com/pool/main/c/cupsys/cupsys-bsd_1.3.7-1ubuntu3.1_powerpc.deb\n Size/MD5: 46932 d8e051bd4e95f28090036d7087437127\n http://ports.ubuntu.com/pool/main/c/cupsys/cupsys-client_1.3.7-1ubuntu3.1_powerpc.deb\n Size/MD5: 110808 44e0741ccd8b9edab092b835c6831aca\n http://ports.ubuntu.com/pool/main/c/cupsys/cupsys_1.3.7-1ubuntu3.1_powerpc.deb\n Size/MD5: 1949134 0facca356ce9e5ffdacffde23d0713e3\n http://ports.ubuntu.com/pool/main/c/cupsys/libcupsimage2-dev_1.3.7-1ubuntu3.1_powerpc.deb\n Size/MD5: 59924 367a29bd4545906374eb27c511d33658\n http://ports.ubuntu.com/pool/main/c/cupsys/libcupsimage2_1.3.7-1ubuntu3.1_powerpc.deb\n Size/MD5: 54940 d762741ddd48f75e0e54ffd0efc45645\n http://ports.ubuntu.com/pool/main/c/cupsys/libcupsys2-dev_1.3.7-1ubuntu3.1_powerpc.deb\n Size/MD5: 341670 0958081b22a680ccf1f30abc36c06054\n http://ports.ubuntu.com/pool/main/c/cupsys/libcupsys2_1.3.7-1ubuntu3.1_powerpc.deb\n Size/MD5: 183238 e303094f36fcc1af0ac40321411bd90a\n\n sparc architecture (Sun SPARC/UltraSPARC):\n\n http://ports.ubuntu.com/pool/main/c/cupsys/cupsys-bsd_1.3.7-1ubuntu3.1_sparc.deb\n Size/MD5: 38028 a8ee904a732a7392314b9b4f2faf5557\n http://ports.ubuntu.com/pool/main/c/cupsys/cupsys-client_1.3.7-1ubuntu3.1_sparc.deb\n Size/MD5: 91034 832edccd7ed2eec51759bbcce97536b1\n http://ports.ubuntu.com/pool/main/c/cupsys/cupsys_1.3.7-1ubuntu3.1_sparc.deb\n Size/MD5: 1897904 31192c6d2b5a6dca4eaf065c541795fc\n http://ports.ubuntu.com/pool/main/c/cupsys/libcupsimage2-dev_1.3.7-1ubuntu3.1_sparc.deb\n Size/MD5: 57856 398dadf7e1ee5075e4d3e2a4766b4580\n http://ports.ubuntu.com/pool/main/c/cupsys/libcupsimage2_1.3.7-1ubuntu3.1_sparc.deb\n Size/MD5: 48242 cc45265b41fd932d084a6bce9888e67f\n http://ports.ubuntu.com/pool/main/c/cupsys/libcupsys2-dev_1.3.7-1ubuntu3.1_sparc.deb\n Size/MD5: 341388 9411fb065604b882530faf47a0a85d4e\n http://ports.ubuntu.com/pool/main/c/cupsys/libcupsys2_1.3.7-1ubuntu3.1_sparc.deb\n Size/MD5: 173184 4a5e9e3508932262eefe3b08f94019d0\n\n\n. \n\nCVE-2008-3640\n\n It was discovered that an integer overflow in the Postscript\n conversion tool \"texttops\" may lead to the execution of arbitrary\n code. \n\nFor the stable distribution (etch), these problems have been fixed in\nversion 1.2.7-4etch5. \n\nFor the unstable distribution (sid) and the upcoming stable distribution\n(lenny), these problems have been fixed in version 1.3.8-1lenny2 of\nthe source package cups. \n\nWe recommend that you upgrade your cupsys package. \n\nUpgrade instructions\n- --------------------\n\nwget url\n will fetch the file for you\ndpkg -i file.deb\n will install the referenced file. \n\nIf you are using the apt-get package manager, use the line for\nsources.list as given below:\n\napt-get update\n will update the internal database\napt-get upgrade\n will install corrected packages\n\nYou may use an automated update by adding the resources from the\nfooter to the proper configuration. \n\n\nDebian GNU/Linux 4.0 alias etch\n- -------------------------------\n\nStable updates are available for alpha, amd64, arm, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc. \n\nSource archives:\n\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7.orig.tar.gz\n Size/MD5 checksum: 4214272 c9ba33356e5bb93efbcf77b6e142e498\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4etch5.diff.gz\n Size/MD5 checksum: 108662 eab5aa097eaf3e802b4c6f1c60da9a03\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4etch5.dsc\n Size/MD5 checksum: 1084 5fc7ea9d5c6434a9f2a45e3d7652b0fe\n\nArchitecture independent packages:\n\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys-common_1.2.7-4etch5_all.deb\n Size/MD5 checksum: 893832 0e7571a4a56cef8f099ba9300ed7330d\n http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-gnutls10_1.2.7-4etch5_all.deb\n Size/MD5 checksum: 46072 63a75f9fe31312a42725a786164f7762\n\nalpha architecture (DEC Alpha)\n\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4etch5_alpha.deb\n Size/MD5 checksum: 39310 8dad5588b86a4e1191025015d8e0c5be\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4etch5_alpha.deb\n Size/MD5 checksum: 1092376 35c1cd14d3f26fefafbebf1a76983740\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4etch5_alpha.deb\n Size/MD5 checksum: 85906 1d07dcf128e7b78992560b2794be29d4\n http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4etch5_alpha.deb\n Size/MD5 checksum: 183726 06377f48f1ee358c494f30f9ab213e6b\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4etch5_alpha.deb\n Size/MD5 checksum: 1614540 e87b439635e9b7f7c1fa1c6db2f7291c\n http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4etch5_alpha.deb\n Size/MD5 checksum: 95570 8638b199a8adb989254cbe88ab11bb7d\n http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4etch5_alpha.deb\n Size/MD5 checksum: 175262 08dbbe7e941af9c28f39107f907c618a\n http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4etch5_alpha.deb\n Size/MD5 checksum: 72690 1c099120f9fdcb334d8699b6238c0883\n\namd64 architecture (AMD x86_64 (AMD64))\n\n http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4etch5_amd64.deb\n Size/MD5 checksum: 142538 4f9183a690ac21a220771db117b1bcea\n http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4etch5_amd64.deb\n Size/MD5 checksum: 162520 f04bafe61b0e06d21b67441916a4df2a\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4etch5_amd64.deb\n Size/MD5 checksum: 36356 eea9b0c14ac248313264474f4a103478\n http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4etch5_amd64.deb\n Size/MD5 checksum: 53022 f864e06d82bd0769e7c73d20aa6c3366\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4etch5_amd64.deb\n Size/MD5 checksum: 80708 9e8a7d08f6762753005bc2ac7ac04db7\n http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4etch5_amd64.deb\n Size/MD5 checksum: 86264 3784680669a08745d6c766213e3d60f3\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4etch5_amd64.deb\n Size/MD5 checksum: 1576062 c5f275763d3cd0bec5e448965780ea0b\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4etch5_amd64.deb\n Size/MD5 checksum: 1088040 106654a5c5a746e5bd1043ca4309deae\n\narm architecture (ARM)\n\n http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4etch5_arm.deb\n Size/MD5 checksum: 132042 b1da3e68e04c68712a7f2ecebbea59d3\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4etch5_arm.deb\n Size/MD5 checksum: 1026238 e776ce47912d97de7758029cddf18c41\n http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4etch5_arm.deb\n Size/MD5 checksum: 155174 2203ae0043e540bb4c083c3f302294a9\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4etch5_arm.deb\n Size/MD5 checksum: 78908 a60d8486ab41fe7064d84fdf1c057ce5\n http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4etch5_arm.deb\n Size/MD5 checksum: 48742 9c6f61fb9c5af3f1496c249eb79542ce\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4etch5_arm.deb\n Size/MD5 checksum: 1569620 943fdc257cdf387c1a161adff88623bd\n http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4etch5_arm.deb\n Size/MD5 checksum: 85468 3e9d699071d741d86c5e2fbcc91a5241\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4etch5_arm.deb\n Size/MD5 checksum: 35940 0bb609f5c990c932c0fed843bb659062\n\nhppa architecture (HP PA RISC)\n\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4etch5_hppa.deb\n Size/MD5 checksum: 84800 df6569c3eaad919b7f7768a75277838f\n http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4etch5_hppa.deb\n Size/MD5 checksum: 91988 08040e0dcc8cc99298d40aa370be50cc\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4etch5_hppa.deb\n Size/MD5 checksum: 1624214 e5d55a0aeacee0d85d7899018725b3d3\n http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4etch5_hppa.deb\n Size/MD5 checksum: 153956 e11bfd3cb812f0892238a676a3453967\n http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4etch5_hppa.deb\n Size/MD5 checksum: 171790 5b483d2f739ed456d94cf28047b2b2f5\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4etch5_hppa.deb\n Size/MD5 checksum: 39548 181a14e58af274287bf02f8a758b70b5\n http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4etch5_hppa.deb\n Size/MD5 checksum: 57398 715a6f4bb1b68b8a384a85ac384de668\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4etch5_hppa.deb\n Size/MD5 checksum: 1032836 e1d9158ff6134678b976331566db0076\n\ni386 architecture (Intel ia32)\n\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4etch5_i386.deb\n Size/MD5 checksum: 999302 2ccf6ae0ef6f3d3dd56e484ba2199313\n http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4etch5_i386.deb\n Size/MD5 checksum: 160638 f22f7da23cd3dea82d49cc9900d62512\n http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4etch5_i386.deb\n Size/MD5 checksum: 138276 392028f61da2c29dcab1ffe3b4fe072f\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4etch5_i386.deb\n Size/MD5 checksum: 1548856 e1e04e47f556586eb83aff005d4870d2\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4etch5_i386.deb\n Size/MD5 checksum: 36474 9bea3cd926f04da508b6a714f0a1daac\n http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4etch5_i386.deb\n Size/MD5 checksum: 86776 f3188eafaa1bd01a7b92d9403aab03a1\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4etch5_i386.deb\n Size/MD5 checksum: 79878 ba1ed2b707101da54b3990b33ee1d877\n http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4etch5_i386.deb\n Size/MD5 checksum: 53276 346cdebc7980089b28610ceb30f65519\n\nia64 architecture (Intel ia64)\n\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4etch5_ia64.deb\n Size/MD5 checksum: 106226 829b2e5f435c8fb5eee03513654ee12f\n http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4etch5_ia64.deb\n Size/MD5 checksum: 106998 08fcec24b8c165542d986a1fd174ddd3\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4etch5_ia64.deb\n Size/MD5 checksum: 46336 32d29b5c2986070f5d5b909864952dc3\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4etch5_ia64.deb\n Size/MD5 checksum: 1771030 e7b261b4627ee20a3083a4f18a382e24\n http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4etch5_ia64.deb\n Size/MD5 checksum: 192370 576e218a37e677170e9201946f24da5a\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4etch5_ia64.deb\n Size/MD5 checksum: 1108310 bdee8fbcfd10ba2847ab81ced8e9cc73\n http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4etch5_ia64.deb\n Size/MD5 checksum: 204232 d5eb2138a8584813643dfe4e39d2fefb\n http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4etch5_ia64.deb\n Size/MD5 checksum: 74224 846a87584f78285569aee9c037b677d9\n\nmipsel architecture (MIPS (Little Endian))\n\n http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4etch5_mipsel.deb\n Size/MD5 checksum: 158560 74bc73b9eb3c7494ce762f7beb9ab4cd\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4etch5_mipsel.deb\n Size/MD5 checksum: 1553460 cd35f3de34290840be09b1b10729d7b3\n http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4etch5_mipsel.deb\n Size/MD5 checksum: 150900 150e5405933cef2a8cf9147d88c9a4fb\n http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4etch5_mipsel.deb\n Size/MD5 checksum: 57860 2b7cdd4399e2893d2df0b5568d766239\n http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4etch5_mipsel.deb\n Size/MD5 checksum: 86996 d4776eace76cb37f72557a44d053a677\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4etch5_mipsel.deb\n Size/MD5 checksum: 1085494 429194a44228d669ecfa2acdeadf55e6\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4etch5_mipsel.deb\n Size/MD5 checksum: 36058 f28b3f705fd293fc82a256d571119452\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4etch5_mipsel.deb\n Size/MD5 checksum: 77448 4a9be71b3fc25253b1e77c2594e7f508\n\npowerpc architecture (PowerPC)\n\n http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4etch5_powerpc.deb\n Size/MD5 checksum: 51880 d1b872415002b54aba1ef54833cd5564\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4etch5_powerpc.deb\n Size/MD5 checksum: 90008 fe2be6aba034693532a01b653781f501\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4etch5_powerpc.deb\n Size/MD5 checksum: 1576600 d954a84710f9671d34eca72922f8d1d8\n http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4etch5_powerpc.deb\n Size/MD5 checksum: 136868 ee633edb72a9d6d74481d9fe17d887d5\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4etch5_powerpc.deb\n Size/MD5 checksum: 1143388 320529a907596704df487d89978e1948\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4etch5_powerpc.deb\n Size/MD5 checksum: 41296 8e0fed6ae1645411f4daa52842ead589\n http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4etch5_powerpc.deb\n Size/MD5 checksum: 163206 d0fc59550e27b346adb422e4d82cecaf\n http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4etch5_powerpc.deb\n Size/MD5 checksum: 88476 dfe47fbfeef0a714d6397ec9467165af\n\ns390 architecture (IBM S/390)\n\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4etch5_s390.deb\n Size/MD5 checksum: 1037260 a151e36916ffd7eae88e6b82cc0c08d7\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4etch5_s390.deb\n Size/MD5 checksum: 37420 b095022e25c603ee57748795c4ec423b\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4etch5_s390.deb\n Size/MD5 checksum: 82338 3417e5562b6aa064ab5d3d11f15a69fb\n http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4etch5_s390.deb\n Size/MD5 checksum: 87928 6eea10e5b223fbd5f5a8d524bb03ab8e\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4etch5_s390.deb\n Size/MD5 checksum: 1587330 8b66abd7e3156f3beeaa27fbd971cbde\n http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4etch5_s390.deb\n Size/MD5 checksum: 166710 10f172f4c48ab9981d7c48564a2142a4\n http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4etch5_s390.deb\n Size/MD5 checksum: 144932 3955c00c6293f7aec0a7cb9edb28a16d\n http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4etch5_s390.deb\n Size/MD5 checksum: 52524 b4e639621d58f91a8ec32043534c008f\n\nsparc architecture (Sun SPARC/UltraSPARC)\n\n http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4etch5_sparc.deb\n Size/MD5 checksum: 51826 8e3613f9041774f1dd42586782780fb5\n http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4etch5_sparc.deb\n Size/MD5 checksum: 159434 d2352f19b51feab43fc17b5e3f17bb2b\n http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4etch5_sparc.deb\n Size/MD5 checksum: 138734 8b53d144485267cb99ec8a32262446e8\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4etch5_sparc.deb\n Size/MD5 checksum: 1577758 748b77d9e54a363d46cd61548e72df7c\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4etch5_sparc.deb\n Size/MD5 checksum: 996834 0ad8037cbb3959581a0aeb29eb84a853\n http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4etch5_sparc.deb\n Size/MD5 checksum: 85790 16bf4ce2378a68fc9b0ce4052e463e5d\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4etch5_sparc.deb\n Size/MD5 checksum: 36062 426fe5dbac939828393d99e561abf0e3\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4etch5_sparc.deb\n Size/MD5 checksum: 78608 f469105c5d9f121c333d5e4ac315c7be\n\n\n These files will probably be moved into the stable distribution on\n its next update. \n\n- ---------------------------------------------------------------------------------\nFor apt-get: deb http://security.debian.org/ stable/updates main\nFor dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main\nMailing list: debian-security-announce@lists.debian.org\nPackage info: `apt-cache show \u003cpkg\u003e\u0027 and http://packages.debian.org/\u003cpkg\u003e\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.9 (GNU/Linux)\n\niEYEARECAAYFAkj8vewACgkQXm3vHE4uylo3VQCfe5/oLteemHII7TUL80ybcnZd\nREIAn1hdR3STx867KCMafAi58O1fia05\n=T/kw\n-----END PGP SIGNATURE-----\n. \n-----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n _______________________________________________________________________\n\n Mandriva Linux Security Advisory MDVSA-2008:211\n http://www.mandriva.com/security/\n _______________________________________________________________________\n\n Package : cups\n Date : October 10, 2008\n Affected: 2007.1, 2008.0, 2008.1, 2009.0, Corporate 3.0, Corporate 4.0\n _______________________________________________________________________\n\n Problem Description:\n\n A buffer overflow in the SGI image format decoding routines used by the\n CUPS image converting filter imagetops was discovered. \n \n An integer overflow flaw leading to a heap buffer overflow was found\n in the Text-to-PostScript texttops filter. \n \n Finally, an insufficient buffer bounds checking flaw was found in\n the HP-GL/2-to-PostScript hpgltops filter. \n \n The updated packages have been patched to prevent this issue; for\n Mandriva Linux 2009.0 the latest CUPS version (1.3.9) is provided\n that corrects these issues and also provides other bug fixes. \n _______________________________________________________________________\n\n References:\n\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3639\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3640\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3641\n _______________________________________________________________________\n\n Updated Packages:\n\n Mandriva Linux 2007.1:\n d8041b477aac8897e465fd7885c4f046 2007.1/i586/cups-1.2.10-2.8mdv2007.1.i586.rpm\n 85169e175683eee33f38c3dc6dca555d 2007.1/i586/cups-common-1.2.10-2.8mdv2007.1.i586.rpm\n 3838db5f9b5313587335232f4bdfadb7 2007.1/i586/cups-serial-1.2.10-2.8mdv2007.1.i586.rpm\n 4dac70286d0aaa55d0c585c4e485f4d6 2007.1/i586/libcups2-1.2.10-2.8mdv2007.1.i586.rpm\n 2647b541d7a80ea194d6cc4983342e14 2007.1/i586/libcups2-devel-1.2.10-2.8mdv2007.1.i586.rpm\n 5bf9cba238150a77016869b2b600e0bd 2007.1/i586/php-cups-1.2.10-2.8mdv2007.1.i586.rpm \n 3762b10d3a6b962ec6932856d635a119 2007.1/SRPMS/cups-1.2.10-2.8mdv2007.1.src.rpm\n\n Mandriva Linux 2007.1/X86_64:\n 27098b09dc01c70600c55572cb928422 2007.1/x86_64/cups-1.2.10-2.8mdv2007.1.x86_64.rpm\n fbd01859759af3a2e32244cfff7aaa33 2007.1/x86_64/cups-common-1.2.10-2.8mdv2007.1.x86_64.rpm\n 4197004f7a59cc90d8d51f8ff34e2997 2007.1/x86_64/cups-serial-1.2.10-2.8mdv2007.1.x86_64.rpm\n 6cc45d922f07d379db0de2e08eb1589e 2007.1/x86_64/lib64cups2-1.2.10-2.8mdv2007.1.x86_64.rpm\n d7443db8a26f27b41c32c95dee129437 2007.1/x86_64/lib64cups2-devel-1.2.10-2.8mdv2007.1.x86_64.rpm\n eca467e20954fea23fd050ee41d2ca4a 2007.1/x86_64/php-cups-1.2.10-2.8mdv2007.1.x86_64.rpm \n 3762b10d3a6b962ec6932856d635a119 2007.1/SRPMS/cups-1.2.10-2.8mdv2007.1.src.rpm\n\n Mandriva Linux 2008.0:\n 837c0714eef677dfcdb1befc56012db5 2008.0/i586/cups-1.3.6-1.3mdv2008.0.i586.rpm\n cb8d17edacf1dc1dc5915fbb35745d9a 2008.0/i586/cups-common-1.3.6-1.3mdv2008.0.i586.rpm\n 635eb3405a6b5a4b93ca6373207093df 2008.0/i586/cups-serial-1.3.6-1.3mdv2008.0.i586.rpm\n 59939c1a2a730a0887750bafb4cabee1 2008.0/i586/libcups2-1.3.6-1.3mdv2008.0.i586.rpm\n 6183d24df353f4e8082374951636a657 2008.0/i586/libcups2-devel-1.3.6-1.3mdv2008.0.i586.rpm\n 0f1df17bf9cc86bb607ef28d4b29c6b2 2008.0/i586/php-cups-1.3.6-1.3mdv2008.0.i586.rpm \n 68ac87937182de901cece9b93ba700fa 2008.0/SRPMS/cups-1.3.6-1.3mdv2008.0.src.rpm\n\n Mandriva Linux 2008.0/X86_64:\n 5b73d5bfebbc66f8a56922c7b943f351 2008.0/x86_64/cups-1.3.6-1.3mdv2008.0.x86_64.rpm\n a41d07d80c38b30ee5357b25f7b828ab 2008.0/x86_64/cups-common-1.3.6-1.3mdv2008.0.x86_64.rpm\n 34d6d4eb79b1ee5a9235843398301646 2008.0/x86_64/cups-serial-1.3.6-1.3mdv2008.0.x86_64.rpm\n 3157dcaafb55463d8ad149d99e4d0c55 2008.0/x86_64/lib64cups2-1.3.6-1.3mdv2008.0.x86_64.rpm\n 78b5f7fcedbbbef9c2318977b5f50264 2008.0/x86_64/lib64cups2-devel-1.3.6-1.3mdv2008.0.x86_64.rpm\n 082094f0923f72890f6dbb47eb9072b4 2008.0/x86_64/php-cups-1.3.6-1.3mdv2008.0.x86_64.rpm \n 68ac87937182de901cece9b93ba700fa 2008.0/SRPMS/cups-1.3.6-1.3mdv2008.0.src.rpm\n\n Mandriva Linux 2008.1:\n c22f4c131005e05768b0c45e931015c7 2008.1/i586/cups-1.3.6-5.2mdv2008.1.i586.rpm\n 8f1ad7b01f0d48aa920cb2378f5fce0a 2008.1/i586/cups-common-1.3.6-5.2mdv2008.1.i586.rpm\n 763dfee5def4727b34769298beb5c9fe 2008.1/i586/cups-serial-1.3.6-5.2mdv2008.1.i586.rpm\n dadd48446b97869372535fb2ef02a471 2008.1/i586/libcups2-1.3.6-5.2mdv2008.1.i586.rpm\n cf48ae8c17120d7d83b638f432620797 2008.1/i586/libcups2-devel-1.3.6-5.2mdv2008.1.i586.rpm\n 33d7dcb6b32e58bc38e847f827447b54 2008.1/i586/php-cups-1.3.6-5.2mdv2008.1.i586.rpm \n 25997a30a1fbc24e4a1a5017d15ac526 2008.1/SRPMS/cups-1.3.6-5.2mdv2008.1.src.rpm\n\n Mandriva Linux 2008.1/X86_64:\n 3804ff0deea819d375cdee86b1d98bf4 2008.1/x86_64/cups-1.3.6-5.2mdv2008.1.x86_64.rpm\n 9f8550ffbb7778636b18c33c6854e163 2008.1/x86_64/cups-common-1.3.6-5.2mdv2008.1.x86_64.rpm\n 077652b9f481f72873b6e94a0f54fe17 2008.1/x86_64/cups-serial-1.3.6-5.2mdv2008.1.x86_64.rpm\n 569bcdcf971b564d3ad3cec8b6281fec 2008.1/x86_64/lib64cups2-1.3.6-5.2mdv2008.1.x86_64.rpm\n 05ce67f5f2bf9f27b69963bbc0ba3f6e 2008.1/x86_64/lib64cups2-devel-1.3.6-5.2mdv2008.1.x86_64.rpm\n 8a48fbfa84679702c496744f394ac4f6 2008.1/x86_64/php-cups-1.3.6-5.2mdv2008.1.x86_64.rpm \n 25997a30a1fbc24e4a1a5017d15ac526 2008.1/SRPMS/cups-1.3.6-5.2mdv2008.1.src.rpm\n\n Mandriva Linux 2009.0:\n 3480a3533f163c8559254c7dc7dccca4 2009.0/i586/cups-1.3.9-0.1mdv2009.0.i586.rpm\n 2eda3ae527a0d6477bf2f52f57f37297 2009.0/i586/cups-common-1.3.9-0.1mdv2009.0.i586.rpm\n 1b0849a0dcd6cc52debfdc23ca347e60 2009.0/i586/cups-serial-1.3.9-0.1mdv2009.0.i586.rpm\n 9ef6a24d1e8155bea9e7e148252dc4e7 2009.0/i586/libcups2-1.3.9-0.1mdv2009.0.i586.rpm\n 2a8be000df9a71f506a039e58faaf1b4 2009.0/i586/libcups2-devel-1.3.9-0.1mdv2009.0.i586.rpm\n 7f04461fd982b387144f73612b3cbd86 2009.0/i586/php-cups-1.3.9-0.1mdv2009.0.i586.rpm \n 1c16860c6f7af958cb6744dd60ffd63e 2009.0/SRPMS/cups-1.3.9-0.1mdv2009.0.src.rpm\n\n Mandriva Linux 2009.0/X86_64:\n 926221e97b7c4c52562468b26066f049 2009.0/x86_64/cups-1.3.9-0.1mdv2009.0.x86_64.rpm\n 96abb10e235084a80cd17c79cc31a360 2009.0/x86_64/cups-common-1.3.9-0.1mdv2009.0.x86_64.rpm\n cb817300fa6d8c9b40a0f8a01572d691 2009.0/x86_64/cups-serial-1.3.9-0.1mdv2009.0.x86_64.rpm\n d56cea0645b26b668f9b8a66f2dc090f 2009.0/x86_64/lib64cups2-1.3.9-0.1mdv2009.0.x86_64.rpm\n f4a04369ad8d202d87ea49a3da4ab67c 2009.0/x86_64/lib64cups2-devel-1.3.9-0.1mdv2009.0.x86_64.rpm\n 85124180f179ae504ad2f27ef814683d 2009.0/x86_64/php-cups-1.3.9-0.1mdv2009.0.x86_64.rpm \n 1c16860c6f7af958cb6744dd60ffd63e 2009.0/SRPMS/cups-1.3.9-0.1mdv2009.0.src.rpm\n\n Corporate 3.0:\n d235e680a70a94ce2c32a556a1fea6d5 corporate/3.0/i586/cups-1.1.20-5.19.C30mdk.i586.rpm\n eccffd52489f0aca14a11b6b88a5c59f corporate/3.0/i586/cups-common-1.1.20-5.19.C30mdk.i586.rpm\n 743aad40e707a1c6ec8de19e6ba19668 corporate/3.0/i586/cups-serial-1.1.20-5.19.C30mdk.i586.rpm\n 931bd82e26396ef7109369893e8fb740 corporate/3.0/i586/libcups2-1.1.20-5.19.C30mdk.i586.rpm\n 007b156ceb1f78c107a05bba499f544d corporate/3.0/i586/libcups2-devel-1.1.20-5.19.C30mdk.i586.rpm \n 685d93ef91df7b10faefae3d9c8a2e20 corporate/3.0/SRPMS/cups-1.1.20-5.19.C30mdk.src.rpm\n\n Corporate 3.0/X86_64:\n c57219da87ef50832e74efbfd3471f64 corporate/3.0/x86_64/cups-1.1.20-5.19.C30mdk.x86_64.rpm\n 6f9772a800e70f1e3766d76de8dcf6e3 corporate/3.0/x86_64/cups-common-1.1.20-5.19.C30mdk.x86_64.rpm\n e1221063527caed05a6e94f9cebed9ab corporate/3.0/x86_64/cups-serial-1.1.20-5.19.C30mdk.x86_64.rpm\n a0b15b24cfc995a7a769c1e87d53a696 corporate/3.0/x86_64/lib64cups2-1.1.20-5.19.C30mdk.x86_64.rpm\n aaabff95ac9a30ff1d9ce224612bcb50 corporate/3.0/x86_64/lib64cups2-devel-1.1.20-5.19.C30mdk.x86_64.rpm \n 685d93ef91df7b10faefae3d9c8a2e20 corporate/3.0/SRPMS/cups-1.1.20-5.19.C30mdk.src.rpm\n\n Corporate 4.0:\n 56f3e394ac8e4b4e7d423c7989d2e6af corporate/4.0/i586/cups-1.2.4-0.10.20060mlcs4.i586.rpm\n dcb4425723e63a2d094305cde05890f3 corporate/4.0/i586/cups-common-1.2.4-0.10.20060mlcs4.i586.rpm\n 348427ebb4f1f1f530c3c129850de957 corporate/4.0/i586/cups-serial-1.2.4-0.10.20060mlcs4.i586.rpm\n d0a8052949416c5ba260b48596cbf415 corporate/4.0/i586/libcups2-1.2.4-0.10.20060mlcs4.i586.rpm\n ab7637abe249e4369cf39d37113ba37f corporate/4.0/i586/libcups2-devel-1.2.4-0.10.20060mlcs4.i586.rpm\n 86af12b21de1212e72286e9b2db23caa corporate/4.0/i586/php-cups-1.2.4-0.10.20060mlcs4.i586.rpm \n 5a7d0a19238e8b654821bb87355f9f27 corporate/4.0/SRPMS/cups-1.2.4-0.10.20060mlcs4.src.rpm\n\n Corporate 4.0/X86_64:\n 59784628a2385248e8d71c1476773071 corporate/4.0/x86_64/cups-1.2.4-0.10.20060mlcs4.x86_64.rpm\n a7933ad29b9a77973fcf7feb02c381b9 corporate/4.0/x86_64/cups-common-1.2.4-0.10.20060mlcs4.x86_64.rpm\n 26da08a5da63053f418e47792cf26280 corporate/4.0/x86_64/cups-serial-1.2.4-0.10.20060mlcs4.x86_64.rpm\n 0614662f2661171ade097e562a94c635 corporate/4.0/x86_64/lib64cups2-1.2.4-0.10.20060mlcs4.x86_64.rpm\n a899db16ce3db8ec71aaef67a6650616 corporate/4.0/x86_64/lib64cups2-devel-1.2.4-0.10.20060mlcs4.x86_64.rpm\n 9e3dc91c4390d7ba60ca26dcc095b8d8 corporate/4.0/x86_64/php-cups-1.2.4-0.10.20060mlcs4.x86_64.rpm \n 5a7d0a19238e8b654821bb87355f9f27 corporate/4.0/SRPMS/cups-1.2.4-0.10.20060mlcs4.src.rpm\n _______________________________________________________________________\n\n To upgrade automatically use MandrivaUpdate or urpmi. The verification\n of md5 checksums and GPG signatures is performed automatically for you. \n\n All packages are signed by Mandriva for security. You can obtain the\n GPG public key of the Mandriva Security Team by executing:\n\n gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98\n\n You can view other update advisories for Mandriva Linux at:\n\n http://www.mandriva.com/security/advisories\n\n If you want to report vulnerabilities, please contact\n\n security_(at)_mandriva.com\n _______________________________________________________________________\n\n Type Bits/KeyID Date User ID\n pub 1024D/22458A98 2000-07-10 Mandriva Security Team\n \u003csecurity*mandriva.com\u003e\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.9 (GNU/Linux)\n\niD8DBQFI8DeJmqjQ0CJFipgRAmbxAKCxSRvJTtancZ/puQkgifGbRQnZIQCg6Bum\nEnuxPIlaIiQWBIjMSk4WWoo=\n=aMXC\n-----END PGP SIGNATURE-----\n\n_______________________________________________\nFull-Disclosure - We believe in it. \nCharter: http://lists.grok.org.uk/full-disclosure-charter.html\nHosted and sponsored by Secunia - http://secunia.com/\n. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 200812-11\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n http://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: High\n Title: CUPS: Multiple vulnerabilities\n Date: December 10, 2008\n Bugs: #238976, #249727\n ID: 200812-11\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nSeveral remotely exploitable bugs have been found in CUPS, which allow\nremote execution of arbitrary code. \n\nBackground\n==========\n\nCUPS is the Common Unix Printing System. \n\nAffected packages\n=================\n\n -------------------------------------------------------------------\n Package / Vulnerable / Unaffected\n -------------------------------------------------------------------\n 1 net-print/cups \u003c 1.3.9-r1 \u003e= 1.3.9-r1\n\nDescription\n===========\n\nSeveral buffer overflows were found in:\n\n* The read_rle16 function in imagetops (CVE-2008-3639, found by\n regenrecht, reported via ZDI)\n\n* The WriteProlog function in texttops (CVE-2008-3640, found by\n regenrecht, reported via ZDI)\n\n* The Hewlett-Packard Graphics Language (HPGL) filter (CVE-2008-3641,\n found by regenrecht, reported via iDefense)\n\n* The _cupsImageReadPNG function (CVE-2008-5286, reported by iljavs)\n\nImpact\n======\n\nA remote attacker could send specially crafted input to a vulnerable\nserver, resulting in the remote execution of arbitrary code with the\nprivileges of the user running the server. \n\nWorkaround\n==========\n\nNone this time. \n\nResolution\n==========\n\nAll CUPS users should upgrade to the latest version. \n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=net-print/cups-1.3.9-r1\"\n\nReferences\n==========\n\n [ 1 ] CVE-2008-3639\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3639\n [ 2 ] CVE-2008-3640\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3640\n [ 3 ] CVE-2008-3641\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3641\n [ 4 ] CVE-2008-5286\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5286\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-200812-11.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttp://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2008 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n\n\n. ----------------------------------------------------------------------\n\nSecunia Network Software Inspector 2.0 (NSI) - Public Beta\n\n15 days left of beta period. \n\nThe 1st generation of the Secunia Network Software Inspector (NSI)\nhas been available for corporate users for almost 1 year and its been\na tremendous success. \n\nThe 2nd generation Secunia NSI is built on the same technology as the\naward winning Secunia PSI, which has already been downloaded and\ninstalled on more than 400,000 computers world wide. \n\nLearn more / Download (instant access):\nhttp://secunia.com/network_software_inspector_2/\n\n----------------------------------------------------------------------\n\nTITLE:\nCUPS PNG Filter Integer Overflow Vulnerability\n\nSECUNIA ADVISORY ID:\nSA29809\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/29809/\n\nCRITICAL:\nModerately critical\n\nIMPACT:\nSystem access\n\nWHERE:\n\u003eFrom local network\n\nSOFTWARE:\nCUPS 1.x\nhttp://secunia.com/product/921/\n\nDESCRIPTION:\nThomas Pollet has reported a vulnerability in CUPS, which potentially\ncan be exploited by malicious people to compromise a vulnerable\nsystem. \n\nThe vulnerability is caused due to two integer overflow errors in\nfilter/image-png.c when processing PNG files. These can be exploited\nto cause a heap-based buffer overflow via overly large width and\nheight PNG fields. \n\nSuccessful exploitation may allow execution of arbitrary code. \n\nThe vulnerability is reported in version 1.3.7. Other versions may\nalso be affected. \n\nSOLUTION:\nFixed in the SVN repository. \n\nRestrict access to trusted users only. \n\nPROVIDED AND/OR DISCOVERED BY:\nThomas Pollet\n\nORIGINAL ADVISORY:\nhttp://www.cups.org/str.php?L2790\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2008-3639"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-001827"
},
{
"db": "BID",
"id": "31690"
},
{
"db": "VULHUB",
"id": "VHN-33764"
},
{
"db": "PACKETSTORM",
"id": "70974"
},
{
"db": "PACKETSTORM",
"id": "71087"
},
{
"db": "PACKETSTORM",
"id": "70839"
},
{
"db": "PACKETSTORM",
"id": "72870"
},
{
"db": "PACKETSTORM",
"id": "65539"
}
],
"trust": 2.43
},
"exploit_availability": {
"_id": null,
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-33764",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-33764"
}
]
},
"external_ids": {
"_id": null,
"data": [
{
"db": "NVD",
"id": "CVE-2008-3639",
"trust": 3.2
},
{
"db": "BID",
"id": "31690",
"trust": 2.8
},
{
"db": "SECUNIA",
"id": "32226",
"trust": 2.5
},
{
"db": "SECUNIA",
"id": "32084",
"trust": 2.5
},
{
"db": "SECTRACK",
"id": "1021033",
"trust": 2.5
},
{
"db": "SECUNIA",
"id": "32316",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "33111",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "33085",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "32284",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "32292",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2008-2782",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2008-3401",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2009-1568",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "32331",
"trust": 1.1
},
{
"db": "JVNDB",
"id": "JVNDB-2008-001827",
"trust": 0.8
},
{
"db": "XF",
"id": "16",
"trust": 0.6
},
{
"db": "XF",
"id": "45789",
"trust": 0.6
},
{
"db": "REDHAT",
"id": "RHSA-2008:0937",
"trust": 0.6
},
{
"db": "GENTOO",
"id": "GLSA-200812-11",
"trust": 0.6
},
{
"db": "SUSE",
"id": "SUSE-SR:2008:021",
"trust": 0.6
},
{
"db": "UBUNTU",
"id": "USN-656-1",
"trust": 0.6
},
{
"db": "IDEFENSE",
"id": "20081009 MULTIPLE VENDOR CUPS SGI IMAGETOPS HEAP OVERFLOW VULNERABILITY",
"trust": 0.6
},
{
"db": "SUNALERT",
"id": "261088",
"trust": 0.6
},
{
"db": "FEDORA",
"id": "FEDORA-2008-8801",
"trust": 0.6
},
{
"db": "FEDORA",
"id": "FEDORA-2008-8844",
"trust": 0.6
},
{
"db": "DEBIAN",
"id": "DSA-1656",
"trust": 0.6
},
{
"db": "MANDRIVA",
"id": "MDVSA-2008:211",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-200810-190",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "70839",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "72870",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "71087",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-33764",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "70974",
"trust": 0.1
},
{
"db": "SECUNIA",
"id": "29809",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "65539",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-33764"
},
{
"db": "BID",
"id": "31690"
},
{
"db": "PACKETSTORM",
"id": "70974"
},
{
"db": "PACKETSTORM",
"id": "71087"
},
{
"db": "PACKETSTORM",
"id": "70839"
},
{
"db": "PACKETSTORM",
"id": "72870"
},
{
"db": "PACKETSTORM",
"id": "65539"
},
{
"db": "CNNVD",
"id": "CNNVD-200810-190"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-001827"
},
{
"db": "NVD",
"id": "CVE-2008-3639"
}
]
},
"id": "VAR-200810-0144",
"iot": {
"_id": null,
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-33764"
}
],
"trust": 0.01
},
"last_update_date": "2026-04-10T23:33:23.023000Z",
"patch": {
"_id": null,
"data": [
{
"title": "cups-1.2.4-11.18.2.1AXS3",
"trust": 0.8,
"url": "https://tsn.miraclelinux.com/tsn_local/index.php?m=errata\u0026a=detail\u0026eid=354"
},
{
"title": "STR #2918",
"trust": 0.8,
"url": "http://www.cups.org/str.php?L2918"
},
{
"title": "1352",
"trust": 0.8,
"url": "http://www.miraclelinux.com/update/linux/list.php?errata_id=1352"
},
{
"title": "RHSA-2008:0937",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/RHSA-2008-0937.html"
},
{
"title": "TLSA-2008-43",
"trust": 0.8,
"url": "http://www.turbolinux.com/security/2008/TLSA-2008-43.txt"
},
{
"title": "RHSA-2008:0937",
"trust": 0.8,
"url": "http://www.jp.redhat.com/support/errata/RHSA/RHSA-2008-0937J.html"
},
{
"title": "TLSA-2008-43",
"trust": 0.8,
"url": "http://www.turbolinux.co.jp/security/2008/TLSA-2008-43j.txt"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2008-001827"
}
]
},
"problemtype_data": {
"_id": null,
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-33764"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-001827"
},
{
"db": "NVD",
"id": "CVE-2008-3639"
}
]
},
"references": {
"_id": null,
"data": [
{
"trust": 2.5,
"url": "http://www.securityfocus.com/bid/31690"
},
{
"trust": 2.5,
"url": "http://www.securitytracker.com/id?1021033"
},
{
"trust": 2.5,
"url": "http://secunia.com/advisories/32084"
},
{
"trust": 2.5,
"url": "http://secunia.com/advisories/32226"
},
{
"trust": 2.0,
"url": "http://support.avaya.com/elmodocs2/security/asa-2008-470.htm"
},
{
"trust": 2.0,
"url": "http://www.cups.org/articles.php?l575"
},
{
"trust": 2.0,
"url": "http://www.cups.org/str.php?l2918"
},
{
"trust": 2.0,
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=753"
},
{
"trust": 1.7,
"url": "http://www.debian.org/security/2008/dsa-1656"
},
{
"trust": 1.7,
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-october/msg00331.html"
},
{
"trust": 1.7,
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-october/msg00380.html"
},
{
"trust": 1.7,
"url": "http://www.gentoo.org/security/en/glsa/glsa-200812-11.xml"
},
{
"trust": 1.7,
"url": "http://www.mandriva.com/security/advisories?name=mdvsa-2008:211"
},
{
"trust": 1.7,
"url": "http://www.redhat.com/support/errata/rhsa-2008-0937.html"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/32284"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/32292"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/32316"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/33085"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/33111"
},
{
"trust": 1.7,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-261088-1"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00006.html"
},
{
"trust": 1.7,
"url": "http://www.vupen.com/english/advisories/2009/1568"
},
{
"trust": 1.4,
"url": "http://www.frsirt.com/english/advisories/2008/2782"
},
{
"trust": 1.1,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a11464"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/32331"
},
{
"trust": 1.1,
"url": "https://usn.ubuntu.com/656-1/"
},
{
"trust": 1.1,
"url": "http://www.vupen.com/english/advisories/2008/2782"
},
{
"trust": 1.1,
"url": "http://www.vupen.com/english/advisories/2008/3401"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45789"
},
{
"trust": 1.0,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-3639"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2008-3639"
},
{
"trust": 0.6,
"url": "http://xforce.iss.net/xforce/xfdb/45789"
},
{
"trust": 0.6,
"url": "http://www.ubuntulinux.org/support/documentation/usn/usn-656-1"
},
{
"trust": 0.6,
"url": "http://www.frsirt.com/english/advisories/2008/3401"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-3639"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-3641"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-3640"
},
{
"trust": 0.3,
"url": "http://www.cups.org"
},
{
"trust": 0.3,
"url": "/archive/1/498013"
},
{
"trust": 0.3,
"url": "msg://bugtraq/490f6e44.4060802@idefense.com"
},
{
"trust": 0.3,
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=752"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-261088-1"
},
{
"trust": 0.3,
"url": "http://www.cups.org/str.php?l2919"
},
{
"trust": 0.2,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-3640"
},
{
"trust": 0.2,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-3641"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/c/cupsys/cupsys-bsd_1.3.7-1ubuntu3.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.3.2-1ubuntu7.8_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-gnutls10_1.2.2-0ubuntu0.6.06.11_all.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/c/cupsys/cupsys_1.3.7-1ubuntu3.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.3.2-1ubuntu7.8_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.2.2-0ubuntu0.6.06.11_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/c/cupsys/libcupsimage2_1.3.7-1ubuntu3.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.2.2-0ubuntu0.6.06.11_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.2.8-0ubuntu8.6_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.3.2-1ubuntu7.8.diff.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.2.8-0ubuntu8.6_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/c/cupsys/cupsys-client_1.3.7-1ubuntu3.1_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.3.7-1ubuntu3.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.2.2-0ubuntu0.6.06.11_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.3.2-1ubuntu7.8_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.2.2-0ubuntu0.6.06.11_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/c/cupsys/libcupsys2_1.3.7-1ubuntu3.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.3.2-1ubuntu7.8_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.3.2-1ubuntu7.8_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/c/cupsys/cupsys-client_1.3.7-1ubuntu3.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.8-0ubuntu8.6_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.2.8-0ubuntu8.6_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/c/cupsys/libcupsimage2-dev_1.3.7-1ubuntu3.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.3.7-1ubuntu3.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/c/cupsys/libcupsys2-dev_1.3.7-1ubuntu3.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.2.8-0ubuntu8.6_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/c/cupsys/cupsys_1.3.2-1ubuntu7.8_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.3.7-1ubuntu3.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/c/cupsys/cupsys_1.3.7-1ubuntu3.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.2.8-0ubuntu8.6_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.3.2-1ubuntu7.8_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.3.2-1ubuntu7.8_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.3.2-1ubuntu7.8_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.2.8-0ubuntu8.6_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/c/cupsys/cupsys-bsd_1.3.7-1ubuntu3.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.2.2-0ubuntu0.6.06.11_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.3.2-1ubuntu7.8_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.8-0ubuntu8.6_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.2.2-0ubuntu0.6.06.11_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.3.7-1ubuntu3.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.3.7.orig.tar.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.8.orig.tar.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.3.7-1ubuntu3.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.3.7-1ubuntu3.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.8-0ubuntu8.6.diff.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.3.2-1ubuntu7.8.dsc"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/c/cupsys/libcupsys2_1.3.7-1ubuntu3.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.2.2-0ubuntu0.6.06.11_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.3.2-1ubuntu7.8_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.2.2-0ubuntu0.6.06.11_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.8-0ubuntu8.6.dsc"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.3.2-1ubuntu7.8_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.2.2-0ubuntu0.6.06.11_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.2.2-0ubuntu0.6.06.11_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.3.7-1ubuntu3.1.diff.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.2.8-0ubuntu8.6_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.2.8-0ubuntu8.6_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.3.2-1ubuntu7.8_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.3.7-1ubuntu3.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.3.7-1ubuntu3.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.2-0ubuntu0.6.06.11_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.2.2-0ubuntu0.6.06.11_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.3.2-1ubuntu7.8_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.2.2-0ubuntu0.6.06.11_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-common_1.3.2-1ubuntu7.8_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.2.2-0ubuntu0.6.06.11_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.2.8-0ubuntu8.6_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.2.2-0ubuntu0.6.06.11_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.8-0ubuntu8.6_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/c/cupsys/libcupsys2-dev_1.3.7-1ubuntu3.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.2-0ubuntu0.6.06.11_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/c/cupsys/libcupsimage2-dev_1.3.2-1ubuntu7.8_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.3.2-1ubuntu7.8_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.2.8-0ubuntu8.6_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/c/cupsys/cupsys_1.3.7-1ubuntu3.1_lpia.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/c/cupsys/libcupsys2-dev_1.3.2-1ubuntu7.8_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.2.8-0ubuntu8.6_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.3.2-1ubuntu7.8_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.3.2-1ubuntu7.8_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.2.8-0ubuntu8.6_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.3.2-1ubuntu7.8_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.2.8-0ubuntu8.6_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.2.2-0ubuntu0.6.06.11_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.2.2-0ubuntu0.6.06.11_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.2.2-0ubuntu0.6.06.11_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.2.8-0ubuntu8.6_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/c/cupsys/libcupsimage2-dev_1.3.7-1ubuntu3.1_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.3.2-1ubuntu7.8_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.8-0ubuntu8.6_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/c/cupsys/libcupsimage2-dev_1.3.7-1ubuntu3.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.3.7-1ubuntu3.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.2.8-0ubuntu8.6_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.2.8-0ubuntu8.6_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.3.7-1ubuntu3.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/c/cupsys/libcupsys2-dev_1.3.7-1ubuntu3.1_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.2-0ubuntu0.6.06.11_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.2.2-0ubuntu0.6.06.11_i386.deb"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-1722"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.2.2-0ubuntu0.6.06.11_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.2.8-0ubuntu8.6_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.2.8-0ubuntu8.6_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.2.8-0ubuntu8.6_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.3.7-1ubuntu3.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/c/cupsys/libcupsys2_1.3.7-1ubuntu3.1_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-common_1.2.8-0ubuntu8.6_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.2-0ubuntu0.6.06.11.dsc"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/c/cupsys/cupsys-client_1.3.2-1ubuntu7.8_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.3.2-1ubuntu7.8_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.2.8-0ubuntu8.6_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.3.2-1ubuntu7.8_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.2.2-0ubuntu0.6.06.11_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/c/cupsys/cupsys-bsd_1.3.2-1ubuntu7.8_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.3.2-1ubuntu7.8_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.3.7-1ubuntu3.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.3.2-1ubuntu7.8_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.3.2.orig.tar.gz"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/c/cupsys/libcupsys2_1.3.2-1ubuntu7.8_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.3.2-1ubuntu7.8_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.3.7-1ubuntu3.1.dsc"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.2-0ubuntu0.6.06.11_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.2.8-0ubuntu8.6_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.3.2-1ubuntu7.8_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/c/cupsys/libcupsimage2_1.3.7-1ubuntu3.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.3.2-1ubuntu7.8_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.2.2-0ubuntu0.6.06.11_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/c/cupsys/libcupsimage2_1.3.2-1ubuntu7.8_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.3.7-1ubuntu3.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.2.8-0ubuntu8.6_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.3.2-1ubuntu7.8_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.2.orig.tar.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.2.8-0ubuntu8.6_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/c/cupsys/cupsys-bsd_1.3.7-1ubuntu3.1_lpia.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/c/cupsys/cupsys-client_1.3.7-1ubuntu3.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/c/cupsys/libcupsimage2_1.3.7-1ubuntu3.1_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-common_1.3.7-1ubuntu3.1_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.3.2-1ubuntu7.8_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.2-0ubuntu0.6.06.11.diff.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.2.8-0ubuntu8.6_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.3.7-1ubuntu3.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.2.2-0ubuntu0.6.06.11_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.2.2-0ubuntu0.6.06.11_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.2.2-0ubuntu0.6.06.11_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.3.2-1ubuntu7.8_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4etch5_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4etch5_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4etch5_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4etch5_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4etch5_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4etch5_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4etch5_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4etch5_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4etch5_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4etch5_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4etch5_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4etch5_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4etch5_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4etch5_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4etch5_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4etch5_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4etch5_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4etch5_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4etch5_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4etch5_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4etch5_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4etch5_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4etch5_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4etch5_alpha.deb"
},
{
"trust": 0.1,
"url": "http://www.debian.org/security/faq"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4etch5_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4etch5_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4etch5_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4etch5_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4etch5_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4etch5_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4etch5_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4etch5_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4etch5_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4etch5_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4etch5_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4etch5_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4etch5_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4etch5_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4etch5_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4etch5_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4etch5_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4etch5.diff.gz"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4etch5.dsc"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4etch5_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4etch5_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4etch5_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4etch5_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4etch5_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4etch5_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4etch5_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4etch5_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4etch5_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4etch5_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4etch5_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4etch5_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4etch5_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4etch5_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4etch5_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4etch5_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4etch5_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-gnutls10_1.2.7-4etch5_all.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/"
},
{
"trust": 0.1,
"url": "http://www.debian.org/security/"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7.orig.tar.gz"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4etch5_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4etch5_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4etch5_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4etch5_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4etch5_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4etch5_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4etch5_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4etch5_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4etch5_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4etch5_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4etch5_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4etch5_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/cupsys-common_1.2.7-4etch5_all.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4etch5_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4etch5_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4etch5_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4etch5_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4etch5_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4etch5_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4etch5_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4etch5_i386.deb"
},
{
"trust": 0.1,
"url": "http://packages.debian.org/\u003cpkg\u003e"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4etch5_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4etch5_arm.deb"
},
{
"trust": 0.1,
"url": "http://www.mandriva.com/security/"
},
{
"trust": 0.1,
"url": "http://secunia.com/"
},
{
"trust": 0.1,
"url": "http://www.mandriva.com/security/advisories"
},
{
"trust": 0.1,
"url": "http://lists.grok.org.uk/full-disclosure-charter.html"
},
{
"trust": 0.1,
"url": "http://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-5286"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-5286"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/glsa/glsa-200812-11.xml"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "http://secunia.com/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/921/"
},
{
"trust": 0.1,
"url": "http://secunia.com/network_software_inspector_2/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/29809/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://www.cups.org/str.php?l2790"
},
{
"trust": 0.1,
"url": "http://secunia.com/about_secunia_advisories/"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-33764"
},
{
"db": "BID",
"id": "31690"
},
{
"db": "PACKETSTORM",
"id": "70974"
},
{
"db": "PACKETSTORM",
"id": "71087"
},
{
"db": "PACKETSTORM",
"id": "70839"
},
{
"db": "PACKETSTORM",
"id": "72870"
},
{
"db": "PACKETSTORM",
"id": "65539"
},
{
"db": "CNNVD",
"id": "CNNVD-200810-190"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-001827"
},
{
"db": "NVD",
"id": "CVE-2008-3639"
}
]
},
"sources": {
"_id": null,
"data": [
{
"db": "VULHUB",
"id": "VHN-33764",
"ident": null
},
{
"db": "BID",
"id": "31690",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "70974",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "71087",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "70839",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "72870",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "65539",
"ident": null
},
{
"db": "CNNVD",
"id": "CNNVD-200810-190",
"ident": null
},
{
"db": "JVNDB",
"id": "JVNDB-2008-001827",
"ident": null
},
{
"db": "NVD",
"id": "CVE-2008-3639",
"ident": null
}
]
},
"sources_release_date": {
"_id": null,
"data": [
{
"date": "2008-10-14T00:00:00",
"db": "VULHUB",
"id": "VHN-33764",
"ident": null
},
{
"date": "2008-10-09T00:00:00",
"db": "BID",
"id": "31690",
"ident": null
},
{
"date": "2008-10-16T00:26:26",
"db": "PACKETSTORM",
"id": "70974",
"ident": null
},
{
"date": "2008-10-21T00:23:21",
"db": "PACKETSTORM",
"id": "71087",
"ident": null
},
{
"date": "2008-10-11T19:00:49",
"db": "PACKETSTORM",
"id": "70839",
"ident": null
},
{
"date": "2008-12-10T23:04:12",
"db": "PACKETSTORM",
"id": "72870",
"ident": null
},
{
"date": "2008-04-15T23:22:47",
"db": "PACKETSTORM",
"id": "65539",
"ident": null
},
{
"date": "2008-10-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200810-190",
"ident": null
},
{
"date": "2008-11-11T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2008-001827",
"ident": null
},
{
"date": "2008-10-14T21:10:35.580000",
"db": "NVD",
"id": "CVE-2008-3639",
"ident": null
}
]
},
"sources_update_date": {
"_id": null,
"data": [
{
"date": "2018-10-03T00:00:00",
"db": "VULHUB",
"id": "VHN-33764",
"ident": null
},
{
"date": "2015-04-13T22:01:00",
"db": "BID",
"id": "31690",
"ident": null
},
{
"date": "2009-06-19T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200810-190",
"ident": null
},
{
"date": "2008-12-25T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2008-001827",
"ident": null
},
{
"date": "2025-04-09T00:30:58.490000",
"db": "NVD",
"id": "CVE-2008-3639",
"ident": null
}
]
},
"threat_type": {
"_id": null,
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "70974"
},
{
"db": "PACKETSTORM",
"id": "72870"
},
{
"db": "CNNVD",
"id": "CNNVD-200810-190"
}
],
"trust": 0.8
},
"title": {
"_id": null,
"data": "CUPS of imagetops In SGI Buffer overflow vulnerability in image processing",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2008-001827"
}
],
"trust": 0.8
},
"type": {
"_id": null,
"data": "buffer overflow",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200810-190"
}
],
"trust": 0.6
}
}
VAR-201502-0366
Vulnerability from variot - Updated: 2026-04-10 23:30named in ISC BIND 9.7.0 through 9.9.6 before 9.9.6-P2 and 9.10.x before 9.10.1-P2, when DNSSEC validation and the managed-keys feature are enabled, allows remote attackers to cause a denial of service (assertion failure and daemon exit, or daemon crash) by triggering an incorrect trust-anchor management scenario in which no key is ready for use. ISC BIND 9 Under certain conditions in the management of trust anchors named Service termination (DoS) Vulnerabilities exist. ISC The advisory states that: CVE-2015-1349: A Problem with Trust Anchor Management Can Cause named to Crash https://kb.isc.org/article/AA-01235/ "BIND servers which are configured to perform DNSSEC validation and which are using managed-keys (which occurs implicitly when using "dnssec-validation auto;" or "dnssec-lookaside auto;") may terminate with an assertion failure when encountering all of the following conditions in a managed trust anchor: a key which was previously trusted is now flagged as revoked; there are no other trusted keys available; there is a standby key, but it is not trusted yet This situation results in termination of the named process and denial of service to clients, and can occur in two circumstances: during an improperly-managed key rollover for one of the managed trust anchors (e.g., during a botched root key rollover), or *when deliberately triggered by an attacker, under specific and limited circumstances. ISC has demonstrated a proof-of-concept of this attack; however, the complexity of the attack is very high unless the attacker has a specific network relationship to the BIND server which is targeted"Service disruption by a remote third party (DoS) There is a possibility of being attacked. ISC BIND is prone to a remote denial-of-service vulnerability. Attackers can exploit this issue to crash the affected application, denying service to legitimate users. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
===================================================================== Red Hat Security Advisory
Synopsis: Moderate: bind security update Advisory ID: RHSA-2015:0672-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2015-0672.html Issue date: 2015-03-10 CVE Names: CVE-2015-1349 =====================================================================
- Summary:
Updated bind packages that fix one security issue are now available for Red Hat Enterprise Linux 6 and 7.
Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section.
- Relevant releases/architectures:
Red Hat Enterprise Linux Client (v. 7) - noarch, x86_64 Red Hat Enterprise Linux Client Optional (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode (v. 7) - noarch, x86_64 Red Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64 Red Hat Enterprise Linux Desktop (v. 6) - i386, x86_64 Red Hat Enterprise Linux Desktop Optional (v. 6) - i386, x86_64 Red Hat Enterprise Linux HPC Node (v. 6) - x86_64 Red Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64 Red Hat Enterprise Linux Server (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server (v. 7) - noarch, ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 7) - ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation (v. 7) - noarch, x86_64 Red Hat Enterprise Linux Workstation Optional (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Optional (v. 7) - x86_64
- Description:
The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly.
A flaw was found in the way BIND handled trust anchor management. (CVE-2015-1349)
Red Hat would like to thank ISC for reporting this issue.
All bind users are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. After installing the update, the BIND daemon (named) will be restarted automatically.
- Solution:
Before applying this update, make sure all previously released errata relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
- Package List:
Red Hat Enterprise Linux Desktop (v. 6):
Source: bind-9.8.2-0.30.rc1.el6_6.2.src.rpm
i386: bind-debuginfo-9.8.2-0.30.rc1.el6_6.2.i686.rpm bind-libs-9.8.2-0.30.rc1.el6_6.2.i686.rpm bind-utils-9.8.2-0.30.rc1.el6_6.2.i686.rpm
x86_64: bind-debuginfo-9.8.2-0.30.rc1.el6_6.2.i686.rpm bind-debuginfo-9.8.2-0.30.rc1.el6_6.2.x86_64.rpm bind-libs-9.8.2-0.30.rc1.el6_6.2.i686.rpm bind-libs-9.8.2-0.30.rc1.el6_6.2.x86_64.rpm bind-utils-9.8.2-0.30.rc1.el6_6.2.x86_64.rpm
Red Hat Enterprise Linux Desktop Optional (v. 6):
i386: bind-9.8.2-0.30.rc1.el6_6.2.i686.rpm bind-chroot-9.8.2-0.30.rc1.el6_6.2.i686.rpm bind-debuginfo-9.8.2-0.30.rc1.el6_6.2.i686.rpm bind-devel-9.8.2-0.30.rc1.el6_6.2.i686.rpm bind-sdb-9.8.2-0.30.rc1.el6_6.2.i686.rpm
x86_64: bind-9.8.2-0.30.rc1.el6_6.2.x86_64.rpm bind-chroot-9.8.2-0.30.rc1.el6_6.2.x86_64.rpm bind-debuginfo-9.8.2-0.30.rc1.el6_6.2.i686.rpm bind-debuginfo-9.8.2-0.30.rc1.el6_6.2.x86_64.rpm bind-devel-9.8.2-0.30.rc1.el6_6.2.i686.rpm bind-devel-9.8.2-0.30.rc1.el6_6.2.x86_64.rpm bind-sdb-9.8.2-0.30.rc1.el6_6.2.x86_64.rpm
Red Hat Enterprise Linux HPC Node (v. 6):
Source: bind-9.8.2-0.30.rc1.el6_6.2.src.rpm
x86_64: bind-debuginfo-9.8.2-0.30.rc1.el6_6.2.i686.rpm bind-debuginfo-9.8.2-0.30.rc1.el6_6.2.x86_64.rpm bind-libs-9.8.2-0.30.rc1.el6_6.2.i686.rpm bind-libs-9.8.2-0.30.rc1.el6_6.2.x86_64.rpm bind-utils-9.8.2-0.30.rc1.el6_6.2.x86_64.rpm
Red Hat Enterprise Linux HPC Node Optional (v. 6):
x86_64: bind-9.8.2-0.30.rc1.el6_6.2.x86_64.rpm bind-chroot-9.8.2-0.30.rc1.el6_6.2.x86_64.rpm bind-debuginfo-9.8.2-0.30.rc1.el6_6.2.i686.rpm bind-debuginfo-9.8.2-0.30.rc1.el6_6.2.x86_64.rpm bind-devel-9.8.2-0.30.rc1.el6_6.2.i686.rpm bind-devel-9.8.2-0.30.rc1.el6_6.2.x86_64.rpm bind-sdb-9.8.2-0.30.rc1.el6_6.2.x86_64.rpm
Red Hat Enterprise Linux Server (v. 6):
Source: bind-9.8.2-0.30.rc1.el6_6.2.src.rpm
i386: bind-9.8.2-0.30.rc1.el6_6.2.i686.rpm bind-chroot-9.8.2-0.30.rc1.el6_6.2.i686.rpm bind-debuginfo-9.8.2-0.30.rc1.el6_6.2.i686.rpm bind-libs-9.8.2-0.30.rc1.el6_6.2.i686.rpm bind-utils-9.8.2-0.30.rc1.el6_6.2.i686.rpm
ppc64: bind-9.8.2-0.30.rc1.el6_6.2.ppc64.rpm bind-chroot-9.8.2-0.30.rc1.el6_6.2.ppc64.rpm bind-debuginfo-9.8.2-0.30.rc1.el6_6.2.ppc.rpm bind-debuginfo-9.8.2-0.30.rc1.el6_6.2.ppc64.rpm bind-libs-9.8.2-0.30.rc1.el6_6.2.ppc.rpm bind-libs-9.8.2-0.30.rc1.el6_6.2.ppc64.rpm bind-utils-9.8.2-0.30.rc1.el6_6.2.ppc64.rpm
s390x: bind-9.8.2-0.30.rc1.el6_6.2.s390x.rpm bind-chroot-9.8.2-0.30.rc1.el6_6.2.s390x.rpm bind-debuginfo-9.8.2-0.30.rc1.el6_6.2.s390.rpm bind-debuginfo-9.8.2-0.30.rc1.el6_6.2.s390x.rpm bind-libs-9.8.2-0.30.rc1.el6_6.2.s390.rpm bind-libs-9.8.2-0.30.rc1.el6_6.2.s390x.rpm bind-utils-9.8.2-0.30.rc1.el6_6.2.s390x.rpm
x86_64: bind-9.8.2-0.30.rc1.el6_6.2.x86_64.rpm bind-chroot-9.8.2-0.30.rc1.el6_6.2.x86_64.rpm bind-debuginfo-9.8.2-0.30.rc1.el6_6.2.i686.rpm bind-debuginfo-9.8.2-0.30.rc1.el6_6.2.x86_64.rpm bind-libs-9.8.2-0.30.rc1.el6_6.2.i686.rpm bind-libs-9.8.2-0.30.rc1.el6_6.2.x86_64.rpm bind-utils-9.8.2-0.30.rc1.el6_6.2.x86_64.rpm
Red Hat Enterprise Linux Server Optional (v. 6):
i386: bind-debuginfo-9.8.2-0.30.rc1.el6_6.2.i686.rpm bind-devel-9.8.2-0.30.rc1.el6_6.2.i686.rpm bind-sdb-9.8.2-0.30.rc1.el6_6.2.i686.rpm
ppc64: bind-debuginfo-9.8.2-0.30.rc1.el6_6.2.ppc.rpm bind-debuginfo-9.8.2-0.30.rc1.el6_6.2.ppc64.rpm bind-devel-9.8.2-0.30.rc1.el6_6.2.ppc.rpm bind-devel-9.8.2-0.30.rc1.el6_6.2.ppc64.rpm bind-sdb-9.8.2-0.30.rc1.el6_6.2.ppc64.rpm
s390x: bind-debuginfo-9.8.2-0.30.rc1.el6_6.2.s390.rpm bind-debuginfo-9.8.2-0.30.rc1.el6_6.2.s390x.rpm bind-devel-9.8.2-0.30.rc1.el6_6.2.s390.rpm bind-devel-9.8.2-0.30.rc1.el6_6.2.s390x.rpm bind-sdb-9.8.2-0.30.rc1.el6_6.2.s390x.rpm
x86_64: bind-debuginfo-9.8.2-0.30.rc1.el6_6.2.i686.rpm bind-debuginfo-9.8.2-0.30.rc1.el6_6.2.x86_64.rpm bind-devel-9.8.2-0.30.rc1.el6_6.2.i686.rpm bind-devel-9.8.2-0.30.rc1.el6_6.2.x86_64.rpm bind-sdb-9.8.2-0.30.rc1.el6_6.2.x86_64.rpm
Red Hat Enterprise Linux Workstation (v. 6):
Source: bind-9.8.2-0.30.rc1.el6_6.2.src.rpm
i386: bind-9.8.2-0.30.rc1.el6_6.2.i686.rpm bind-chroot-9.8.2-0.30.rc1.el6_6.2.i686.rpm bind-debuginfo-9.8.2-0.30.rc1.el6_6.2.i686.rpm bind-libs-9.8.2-0.30.rc1.el6_6.2.i686.rpm bind-utils-9.8.2-0.30.rc1.el6_6.2.i686.rpm
x86_64: bind-9.8.2-0.30.rc1.el6_6.2.x86_64.rpm bind-chroot-9.8.2-0.30.rc1.el6_6.2.x86_64.rpm bind-debuginfo-9.8.2-0.30.rc1.el6_6.2.i686.rpm bind-debuginfo-9.8.2-0.30.rc1.el6_6.2.x86_64.rpm bind-libs-9.8.2-0.30.rc1.el6_6.2.i686.rpm bind-libs-9.8.2-0.30.rc1.el6_6.2.x86_64.rpm bind-utils-9.8.2-0.30.rc1.el6_6.2.x86_64.rpm
Red Hat Enterprise Linux Workstation Optional (v. 6):
i386: bind-debuginfo-9.8.2-0.30.rc1.el6_6.2.i686.rpm bind-devel-9.8.2-0.30.rc1.el6_6.2.i686.rpm bind-sdb-9.8.2-0.30.rc1.el6_6.2.i686.rpm
x86_64: bind-debuginfo-9.8.2-0.30.rc1.el6_6.2.i686.rpm bind-debuginfo-9.8.2-0.30.rc1.el6_6.2.x86_64.rpm bind-devel-9.8.2-0.30.rc1.el6_6.2.i686.rpm bind-devel-9.8.2-0.30.rc1.el6_6.2.x86_64.rpm bind-sdb-9.8.2-0.30.rc1.el6_6.2.x86_64.rpm
Red Hat Enterprise Linux Client (v. 7):
Source: bind-9.9.4-18.el7_1.1.src.rpm
noarch: bind-license-9.9.4-18.el7_1.1.noarch.rpm
x86_64: bind-debuginfo-9.9.4-18.el7_1.1.i686.rpm bind-debuginfo-9.9.4-18.el7_1.1.x86_64.rpm bind-libs-9.9.4-18.el7_1.1.i686.rpm bind-libs-9.9.4-18.el7_1.1.x86_64.rpm bind-libs-lite-9.9.4-18.el7_1.1.i686.rpm bind-libs-lite-9.9.4-18.el7_1.1.x86_64.rpm bind-utils-9.9.4-18.el7_1.1.x86_64.rpm
Red Hat Enterprise Linux Client Optional (v. 7):
x86_64: bind-9.9.4-18.el7_1.1.x86_64.rpm bind-chroot-9.9.4-18.el7_1.1.x86_64.rpm bind-debuginfo-9.9.4-18.el7_1.1.i686.rpm bind-debuginfo-9.9.4-18.el7_1.1.x86_64.rpm bind-devel-9.9.4-18.el7_1.1.i686.rpm bind-devel-9.9.4-18.el7_1.1.x86_64.rpm bind-lite-devel-9.9.4-18.el7_1.1.i686.rpm bind-lite-devel-9.9.4-18.el7_1.1.x86_64.rpm bind-sdb-9.9.4-18.el7_1.1.x86_64.rpm bind-sdb-chroot-9.9.4-18.el7_1.1.x86_64.rpm
Red Hat Enterprise Linux ComputeNode (v. 7):
Source: bind-9.9.4-18.el7_1.1.src.rpm
noarch: bind-license-9.9.4-18.el7_1.1.noarch.rpm
x86_64: bind-debuginfo-9.9.4-18.el7_1.1.i686.rpm bind-debuginfo-9.9.4-18.el7_1.1.x86_64.rpm bind-libs-9.9.4-18.el7_1.1.i686.rpm bind-libs-9.9.4-18.el7_1.1.x86_64.rpm bind-libs-lite-9.9.4-18.el7_1.1.i686.rpm bind-libs-lite-9.9.4-18.el7_1.1.x86_64.rpm bind-utils-9.9.4-18.el7_1.1.x86_64.rpm
Red Hat Enterprise Linux ComputeNode Optional (v. 7):
x86_64: bind-9.9.4-18.el7_1.1.x86_64.rpm bind-chroot-9.9.4-18.el7_1.1.x86_64.rpm bind-debuginfo-9.9.4-18.el7_1.1.i686.rpm bind-debuginfo-9.9.4-18.el7_1.1.x86_64.rpm bind-devel-9.9.4-18.el7_1.1.i686.rpm bind-devel-9.9.4-18.el7_1.1.x86_64.rpm bind-lite-devel-9.9.4-18.el7_1.1.i686.rpm bind-lite-devel-9.9.4-18.el7_1.1.x86_64.rpm bind-sdb-9.9.4-18.el7_1.1.x86_64.rpm bind-sdb-chroot-9.9.4-18.el7_1.1.x86_64.rpm
Red Hat Enterprise Linux Server (v. 7):
Source: bind-9.9.4-18.el7_1.1.src.rpm
noarch: bind-license-9.9.4-18.el7_1.1.noarch.rpm
ppc64: bind-9.9.4-18.el7_1.1.ppc64.rpm bind-chroot-9.9.4-18.el7_1.1.ppc64.rpm bind-debuginfo-9.9.4-18.el7_1.1.ppc.rpm bind-debuginfo-9.9.4-18.el7_1.1.ppc64.rpm bind-libs-9.9.4-18.el7_1.1.ppc.rpm bind-libs-9.9.4-18.el7_1.1.ppc64.rpm bind-libs-lite-9.9.4-18.el7_1.1.ppc.rpm bind-libs-lite-9.9.4-18.el7_1.1.ppc64.rpm bind-utils-9.9.4-18.el7_1.1.ppc64.rpm
s390x: bind-9.9.4-18.el7_1.1.s390x.rpm bind-chroot-9.9.4-18.el7_1.1.s390x.rpm bind-debuginfo-9.9.4-18.el7_1.1.s390.rpm bind-debuginfo-9.9.4-18.el7_1.1.s390x.rpm bind-libs-9.9.4-18.el7_1.1.s390.rpm bind-libs-9.9.4-18.el7_1.1.s390x.rpm bind-libs-lite-9.9.4-18.el7_1.1.s390.rpm bind-libs-lite-9.9.4-18.el7_1.1.s390x.rpm bind-utils-9.9.4-18.el7_1.1.s390x.rpm
x86_64: bind-9.9.4-18.el7_1.1.x86_64.rpm bind-chroot-9.9.4-18.el7_1.1.x86_64.rpm bind-debuginfo-9.9.4-18.el7_1.1.i686.rpm bind-debuginfo-9.9.4-18.el7_1.1.x86_64.rpm bind-libs-9.9.4-18.el7_1.1.i686.rpm bind-libs-9.9.4-18.el7_1.1.x86_64.rpm bind-libs-lite-9.9.4-18.el7_1.1.i686.rpm bind-libs-lite-9.9.4-18.el7_1.1.x86_64.rpm bind-utils-9.9.4-18.el7_1.1.x86_64.rpm
Red Hat Enterprise Linux Server (v. 7):
Source: bind-9.9.4-18.ael7b_1.1.src.rpm
noarch: bind-license-9.9.4-18.ael7b_1.1.noarch.rpm
ppc64le: bind-9.9.4-18.ael7b_1.1.ppc64le.rpm bind-chroot-9.9.4-18.ael7b_1.1.ppc64le.rpm bind-debuginfo-9.9.4-18.ael7b_1.1.ppc64le.rpm bind-libs-9.9.4-18.ael7b_1.1.ppc64le.rpm bind-libs-lite-9.9.4-18.ael7b_1.1.ppc64le.rpm bind-utils-9.9.4-18.ael7b_1.1.ppc64le.rpm
Red Hat Enterprise Linux Server Optional (v. 7):
ppc64: bind-debuginfo-9.9.4-18.el7_1.1.ppc.rpm bind-debuginfo-9.9.4-18.el7_1.1.ppc64.rpm bind-devel-9.9.4-18.el7_1.1.ppc.rpm bind-devel-9.9.4-18.el7_1.1.ppc64.rpm bind-lite-devel-9.9.4-18.el7_1.1.ppc.rpm bind-lite-devel-9.9.4-18.el7_1.1.ppc64.rpm bind-sdb-9.9.4-18.el7_1.1.ppc64.rpm bind-sdb-chroot-9.9.4-18.el7_1.1.ppc64.rpm
s390x: bind-debuginfo-9.9.4-18.el7_1.1.s390.rpm bind-debuginfo-9.9.4-18.el7_1.1.s390x.rpm bind-devel-9.9.4-18.el7_1.1.s390.rpm bind-devel-9.9.4-18.el7_1.1.s390x.rpm bind-lite-devel-9.9.4-18.el7_1.1.s390.rpm bind-lite-devel-9.9.4-18.el7_1.1.s390x.rpm bind-sdb-9.9.4-18.el7_1.1.s390x.rpm bind-sdb-chroot-9.9.4-18.el7_1.1.s390x.rpm
x86_64: bind-debuginfo-9.9.4-18.el7_1.1.i686.rpm bind-debuginfo-9.9.4-18.el7_1.1.x86_64.rpm bind-devel-9.9.4-18.el7_1.1.i686.rpm bind-devel-9.9.4-18.el7_1.1.x86_64.rpm bind-lite-devel-9.9.4-18.el7_1.1.i686.rpm bind-lite-devel-9.9.4-18.el7_1.1.x86_64.rpm bind-sdb-9.9.4-18.el7_1.1.x86_64.rpm bind-sdb-chroot-9.9.4-18.el7_1.1.x86_64.rpm
Red Hat Enterprise Linux Server Optional (v. 7):
ppc64le: bind-debuginfo-9.9.4-18.ael7b_1.1.ppc64le.rpm bind-devel-9.9.4-18.ael7b_1.1.ppc64le.rpm bind-lite-devel-9.9.4-18.ael7b_1.1.ppc64le.rpm bind-sdb-9.9.4-18.ael7b_1.1.ppc64le.rpm bind-sdb-chroot-9.9.4-18.ael7b_1.1.ppc64le.rpm
Red Hat Enterprise Linux Workstation (v. 7):
Source: bind-9.9.4-18.el7_1.1.src.rpm
noarch: bind-license-9.9.4-18.el7_1.1.noarch.rpm
x86_64: bind-9.9.4-18.el7_1.1.x86_64.rpm bind-chroot-9.9.4-18.el7_1.1.x86_64.rpm bind-debuginfo-9.9.4-18.el7_1.1.i686.rpm bind-debuginfo-9.9.4-18.el7_1.1.x86_64.rpm bind-libs-9.9.4-18.el7_1.1.i686.rpm bind-libs-9.9.4-18.el7_1.1.x86_64.rpm bind-libs-lite-9.9.4-18.el7_1.1.i686.rpm bind-libs-lite-9.9.4-18.el7_1.1.x86_64.rpm bind-utils-9.9.4-18.el7_1.1.x86_64.rpm
Red Hat Enterprise Linux Workstation Optional (v. 7):
x86_64: bind-debuginfo-9.9.4-18.el7_1.1.i686.rpm bind-debuginfo-9.9.4-18.el7_1.1.x86_64.rpm bind-devel-9.9.4-18.el7_1.1.i686.rpm bind-devel-9.9.4-18.el7_1.1.x86_64.rpm bind-lite-devel-9.9.4-18.el7_1.1.i686.rpm bind-lite-devel-9.9.4-18.el7_1.1.x86_64.rpm bind-sdb-9.9.4-18.el7_1.1.x86_64.rpm bind-sdb-chroot-9.9.4-18.el7_1.1.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/
- References:
https://access.redhat.com/security/cve/CVE-2015-1349 https://access.redhat.com/security/updates/classification/#moderate
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2015 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iD8DBQFU/7nhXlSAg2UNWIIRArKUAJ9WX/XGIY2BbVU1+km5wJAaBaPytQCdGBnW 7ZfcyFEskWi6YX7JcLMs9Fg= =dWCz -----END PGP SIGNATURE-----
-- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce .
Release Date: 2015-07-17 Last Updated: 2015-07-17
Potential Security Impact: Remote Denial of Service (DoS)
Source: Hewlett-Packard Company, HP Software Security Response Team
VULNERABILITY SUMMARY A potential security vulnerability has been identified with HP-UX running BIND. This vulnerability could be exploited remotely to create a Denial of Service (DoS).
References:
CVE-2015-1349 CVE-2015-4620 SSRT101976
SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. HP-UX B.11.31 running BIND 9.7.3 prior to C.9.7.3.7.0
HP-UX B.11.31 running BIND 9.9.4 prior to C.9.9.4.3.0
BACKGROUND
CVSS 2.0 Base Metrics
Reference Base Vector Base Score CVE-2015-1349 (AV:N/AC:H/Au:N/C:N/I:N/A:C) 5.4 CVE-2015-4620 (AV:N/AC:L/Au:N/C:N/I:N/A:C) 7.8 =========================================================== Information on CVSS is documented in HP Customer Notice: HPSN-2008-002
RESOLUTION
HP has provided updated versions of the BIND service to resolve this vulnerability.
BIND 9.7.3 for HP-UX Release Depot Name Download location
B.11.31 (PA and IA) HP_UX_11.31_HPUX-NameServer_C.9.7.3.7.0_HP-UX_B.11.31_IA_PA.depot https://h20392.www2.hp.com/portal/swdepot/displayProductInfo.do?productNumbe r=BIND
BIND 9.9.4 for HP-UX Release Depot Name Download location
B.11.31 (PA and IA) HP_UX_11.31_HPUX-NameServer_C.9.9.4.3.0_HP-UX_B.11.31_IA_PA.depot https://h20392.www2.hp.com/portal/swdepot/displayProductInfo.do?productNumbe r=BIND
MANUAL ACTIONS: Yes - Update Download and install the software update
PRODUCT SPECIFIC INFORMATION HP-UX Software Assistant: HP-UX Software Assistant is an enhanced application that replaces HP-UX Security Patch Check. It analyzes all Security Bulletins issued by HP and lists recommended actions that may apply to a specific HP-UX system. It can also download patches and create a depot automatically. For more information see: https://www.hp.com/go/swa
The following text is for use by the HP-UX Software Assistant.
AFFECTED VERSIONS
For BIND 9.7.3 HP-UX B.11.31 ================== NameService.BIND-AUX NameService.BIND-RUN action: install revision C.9.7.3.7.0 or subsequent
For BIND 9.9.4 HP-UX B.11.31 ================== NameService.BIND-AUX NameService.BIND-RUN action: install revision C.9.9.4.3.0 or subsequent
END AFFECTED VERSIONS
HISTORY Version:1 (rev.1) - 17 July 2015 Initial release
Third Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy.
Support: For issues about implementing the recommendations of this Security Bulletin, contact normal HP Services support channel. For other issues about the content of this Security Bulletin, send e-mail to security-alert@hp.com.
Report: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com
Subscribe: To initiate a subscription to receive future HP Security Bulletin alerts via Email: http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins
Security Bulletin Archive: A list of recently released Security Bulletins is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/secBullArchive/
Software Product Category: The Software Product Category is represented in the title by the two characters following HPSB.
3C = 3COM 3P = 3rd Party Software GN = HP General Software HF = HP Hardware and Firmware MP = MPE/iX MU = Multi-Platform Software NS = NonStop Servers OV = OpenVMS PI = Printing and Imaging PV = ProCurve ST = Storage Software TU = Tru64 UNIX UX = HP-UX
Copyright 2015 Hewlett-Packard Development Company, L.P. Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. This can lead to resource exhaustion and denial of service (up to and including termination of the named server process) (CVE-2014-8500).
Jan-Piet Mens discovered that the BIND DNS server would crash when processing an invalid DNSSEC key rollover, either due to an error on the zone operator's part, or due to interference with network traffic by an attacker. This issue affects configurations with the directives "dnssec-lookaside auto;" (as enabled in the Mandriva default configuration) or "dnssec-validation auto;" (CVE-2015-1349).
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8500 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1349 http://advisories.mageia.org/MGASA-2014-0524.html http://advisories.mageia.org/MGASA-2015-0082.html
Updated Packages:
Mandriva Business Server 2/X86_64: a2cf83873b09b47275d0030063a236c8 mbs2/x86_64/bind-9.10.1.P2-7.mbs2.x86_64.rpm 83d97de0884ef84b933cb06bfbbce24a mbs2/x86_64/bind-devel-9.10.1.P2-7.mbs2.x86_64.rpm 633a8a160c3be4dda5f134550288df8f mbs2/x86_64/bind-doc-9.10.1.P2-7.mbs2.noarch.rpm 40760cee0f0c97261b80d159ab60cb32 mbs2/x86_64/bind-sdb-9.10.1.P2-7.mbs2.x86_64.rpm ec17a87a3d0e50c4a1c33c84adc0c08b mbs2/x86_64/bind-utils-9.10.1.P2-7.mbs2.x86_64.rpm 95f44b351208cfcbf15108dc707b0f21 mbs2/SRPMS/bind-9.10.1.P2-7.mbs2.src.rpm
To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. You can obtain the GPG public key of the Mandriva Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandriva Linux at:
http://www.mandriva.com/en/support/security/advisories/
If you want to report vulnerabilities, please contact
security_(at)_mandriva.com
Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux)
iD8DBQFVGDuOmqjQ0CJFipgRAqQsAJ9YWfOhd3JZjB1DstzQh7xCT2fJWQCfYwBx FGoDrVNSJeks4jEO5ZrIaN8= =0F9B -----END PGP SIGNATURE----- .
For the stable distribution (wheezy), this problem has been fixed in version 1:9.8.4.dfsg.P1-6+nmu2+deb7u4. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512
============================================================================= FreeBSD-SA-15:05.bind Security Advisory The FreeBSD Project
Topic: BIND remote denial of service vulnerability
Category: contrib Module: bind Announced: 2015-02-25 Credits: ISC Affects: FreeBSD 8.x and FreeBSD 9.x. Corrected: 2015-02-18 22:20:19 UTC (stable/9, 9.3-STABLE) 2015-02-25 05:56:54 UTC (releng/9.3, 9.3-RELEASE-p10) 2015-02-18 22:29:52 UTC (stable/8, 8.4-STABLE) 2015-02-25 05:56:54 UTC (releng/8.4, 8.4-RELEASE-p24) CVE Name: CVE-2015-1349
For general information regarding FreeBSD Security Advisories, including descriptions of the fields above, security branches, and the following sections, please visit .
II. Problem Description
BIND servers which are configured to perform DNSSEC validation and which are using managed keys (which occurs implicitly when using "dnssec-validation auto;" or "dnssec-lookaside auto;") may exhibit unpredictable behavior due to the use of an improperly initialized variable.
III.
IV. Workaround
Only systems that runs BIND, including recursive resolvers and authoritative servers that performs DNSSEC validation and using managed-keys are affected.
This issue can be worked around by not using "auto" for the dnssec-validation or dnssec-lookaside options and do not configure a managed-keys statement. Note that in order to do DNSSEC validation with this workaround one would have to configure an explicit trusted-keys statement with the appropriate keys.
V. Solution
Perform one of the following:
1) Upgrade your vulnerable system to a supported FreeBSD stable or release / security branch (releng) dated after the correction date.
2) To update your vulnerable system via a binary patch:
Systems running a RELEASE version of FreeBSD on the i386 or amd64 platforms can be updated via the freebsd-update(8) utility:
freebsd-update fetch
freebsd-update install
3) To update your vulnerable system via a source code patch:
The following patches have been verified to apply to the applicable FreeBSD release branches.
a) Download the relevant patch from the location below, and verify the detached PGP signature using your PGP utility.
fetch https://security.FreeBSD.org/patches/SA-15:05/bind.patch
fetch https://security.FreeBSD.org/patches/SA-15:05/bind.patch.asc
gpg --verify bind.patch.asc
b) Apply the patch. Execute the following commands as root:
cd /usr/src
patch < /path/to/patch
c) Recompile the operating system using buildworld and installworld as described in .
Restart the applicable daemons, or reboot the system.
VI. Correction details
The following list contains the correction revision numbers for each affected branch.
Branch/path Revision
stable/8/ r278973 releng/8.4/ r279265 stable/9/ r278972 releng/9.3/ r279265
To see which files were modified by a particular revision, run the following command, replacing NNNNNN with the revision number, on a machine with Subversion installed:
svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base
Or visit the following URL, replacing NNNNNN with the revision number:
VII. ============================================================================ Ubuntu Security Notice USN-2503-1 February 18, 2015
bind9 vulnerability
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 14.10
- Ubuntu 14.04 LTS
- Ubuntu 12.04 LTS
Summary:
Bind could be made to crash if it received specially crafted network traffic.
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 14.10: bind9 1:9.9.5.dfsg-4.3ubuntu0.2
Ubuntu 14.04 LTS: bind9 1:9.9.5.dfsg-3ubuntu0.2
Ubuntu 12.04 LTS: bind9 1:9.8.1.dfsg.P1-4ubuntu0.10
In general, a standard system update will make all the necessary changes. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201510-01
https://security.gentoo.org/
Severity: Normal Title: BIND: Denial of Service Date: October 18, 2015 Bugs: #540640, #553584, #556150, #559462 ID: 201510-01
Synopsis
A vulnerability in BIND could lead to a Denial of Service condition.
Affected packages
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 net-dns/bind < 9.10.2_p4 >= 9.10.2_p4
Description
A vulnerability has been discovered in BIND's named utility leading to a Denial of Service condition.
Workaround
There is no known workaround at this time.
Resolution
All BIND users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=net-dns/bind-9.10.2_p4"
References
[ 1 ] CVE-2015-1349 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-1349 [ 2 ] CVE-2015-4620 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-4620 [ 3 ] CVE-2015-5477 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5477 [ 4 ] CVE-2015-5722 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5722 [ 5 ] CVE-2015-5986 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5986
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
https://security.gentoo.org/glsa/201510-01
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2015 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
Show details on source website{
"affected_products": {
"_id": null,
"data": [
{
"_id": null,
"model": "bind",
"scope": "eq",
"trust": 1.6,
"vendor": "isc",
"version": "9.8.3"
},
{
"_id": null,
"model": "bind",
"scope": "eq",
"trust": 1.6,
"vendor": "isc",
"version": "9.8.1"
},
{
"_id": null,
"model": "bind",
"scope": "eq",
"trust": 1.6,
"vendor": "isc",
"version": "9.7.6"
},
{
"_id": null,
"model": "bind",
"scope": "eq",
"trust": 1.6,
"vendor": "isc",
"version": "9.9.0"
},
{
"_id": null,
"model": "bind",
"scope": "eq",
"trust": 1.6,
"vendor": "isc",
"version": "9.8.0"
},
{
"_id": null,
"model": "bind",
"scope": "eq",
"trust": 1.3,
"vendor": "isc",
"version": "9.7.1"
},
{
"_id": null,
"model": "bind",
"scope": "eq",
"trust": 1.3,
"vendor": "isc",
"version": "9.7.0"
},
{
"_id": null,
"model": "bind",
"scope": "eq",
"trust": 1.0,
"vendor": "isc",
"version": "9.7.5"
},
{
"_id": null,
"model": "bind",
"scope": "eq",
"trust": 1.0,
"vendor": "isc",
"version": "9.7.7"
},
{
"_id": null,
"model": "bind",
"scope": "eq",
"trust": 1.0,
"vendor": "isc",
"version": "9.10.0"
},
{
"_id": null,
"model": "bind",
"scope": "eq",
"trust": 1.0,
"vendor": "isc",
"version": "9.7.3"
},
{
"_id": null,
"model": "bind",
"scope": "eq",
"trust": 1.0,
"vendor": "isc",
"version": "9.10.2"
},
{
"_id": null,
"model": "bind",
"scope": "eq",
"trust": 1.0,
"vendor": "isc",
"version": "9.9.5"
},
{
"_id": null,
"model": "bind",
"scope": "eq",
"trust": 1.0,
"vendor": "isc",
"version": "9.9.3"
},
{
"_id": null,
"model": "bind",
"scope": "eq",
"trust": 1.0,
"vendor": "isc",
"version": "9.8.2"
},
{
"_id": null,
"model": "bind",
"scope": "eq",
"trust": 1.0,
"vendor": "isc",
"version": "9.9.4"
},
{
"_id": null,
"model": "bind",
"scope": "eq",
"trust": 1.0,
"vendor": "isc",
"version": "9.7.2"
},
{
"_id": null,
"model": "bind",
"scope": "eq",
"trust": 1.0,
"vendor": "isc",
"version": "9.9.1"
},
{
"_id": null,
"model": "bind",
"scope": "eq",
"trust": 1.0,
"vendor": "isc",
"version": "9.8.5"
},
{
"_id": null,
"model": "bind",
"scope": "eq",
"trust": 1.0,
"vendor": "isc",
"version": "9.9.6"
},
{
"_id": null,
"model": "bind",
"scope": "eq",
"trust": 1.0,
"vendor": "isc",
"version": "9.7.4"
},
{
"_id": null,
"model": "bind",
"scope": "eq",
"trust": 1.0,
"vendor": "isc",
"version": "9.9.2"
},
{
"_id": null,
"model": "bind",
"scope": "eq",
"trust": 1.0,
"vendor": "isc",
"version": "9.10.1"
},
{
"_id": null,
"model": "bind",
"scope": "eq",
"trust": 1.0,
"vendor": "isc",
"version": "9.9.7"
},
{
"_id": null,
"model": "bind",
"scope": "eq",
"trust": 1.0,
"vendor": "isc",
"version": "9.8.6"
},
{
"_id": null,
"model": "bind",
"scope": "eq",
"trust": 1.0,
"vendor": "isc",
"version": "9.8.4"
},
{
"_id": null,
"model": "bind",
"scope": "lte",
"trust": 0.8,
"vendor": "isc",
"version": "9.7.0 from 9.10.1-p1"
},
{
"_id": null,
"model": "macos server",
"scope": "lt",
"trust": 0.8,
"vendor": "apple",
"version": "5.0.3 (os x yosemite v10.10.5 or later )"
},
{
"_id": null,
"model": "bind",
"scope": "eq",
"trust": 0.6,
"vendor": "isc",
"version": "9.7.0b1"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "14.10"
},
{
"_id": null,
"model": "linux lts",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "14.04"
},
{
"_id": null,
"model": "linux lts i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "12.04"
},
{
"_id": null,
"model": "linux lts amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "12.04"
},
{
"_id": null,
"model": "opensuse evergreen",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11.4"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "14.1"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "14.0"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "13.37"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "13.1"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "13.0"
},
{
"_id": null,
"model": "enterprise linux workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7"
},
{
"_id": null,
"model": "enterprise linux workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"_id": null,
"model": "enterprise linux server eus 6.6.z",
"scope": null,
"trust": 0.3,
"vendor": "redhat",
"version": null
},
{
"_id": null,
"model": "enterprise linux server",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7"
},
{
"_id": null,
"model": "enterprise linux server",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"_id": null,
"model": "enterprise linux hpc node",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7"
},
{
"_id": null,
"model": "enterprise linux hpc node",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"_id": null,
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7"
},
{
"_id": null,
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.2"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6"
},
{
"_id": null,
"model": "business server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "1x8664"
},
{
"_id": null,
"model": "business server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "1"
},
{
"_id": null,
"model": "northstar controller application",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "2.1.0"
},
{
"_id": null,
"model": "bind 9.7.1-p2",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"_id": null,
"model": "bind p1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.7.1"
},
{
"_id": null,
"model": "bind p2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.7.0"
},
{
"_id": null,
"model": "powerkvm",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1"
},
{
"_id": null,
"model": "i",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2"
},
{
"_id": null,
"model": "hp-ux b.11.31",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"_id": null,
"model": "9.3-release-p9",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.3-release-p6",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.3-release-p5",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.3-release-p3",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.3-release-p2",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.3-release-p1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.3-rc3-p1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.3-rc2-p1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.3-rc2",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.3-rc1-p2",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.3-rc",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.3-prerelease",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.3-beta3-p2",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.3-beta1-p2",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.3-beta1-p1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.3-beta1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "9.3"
},
{
"_id": null,
"model": "9.2-stable",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.2-releng",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.2-release-p9",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.2-release-p8",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.2-release-p7",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.2-release-p5",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.2-release-p4",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.2-release-p3",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.2-release-p16",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.2-release-p15",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.2-release-p13",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.2-release-p12",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.2-release-p11",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.2-release-p10",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.2-rc3-p1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.2-rc2-p2",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.2-rc2",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.2-rc1-p2",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.2-rc1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "rc2",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "9.2"
},
{
"_id": null,
"model": "rc1",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "9.2"
},
{
"_id": null,
"model": "prerelease",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "9.2"
},
{
"_id": null,
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "9.2"
},
{
"_id": null,
"model": "9.1-stable",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.1-releng",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.1-release-p7",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.1-release-p3",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.1-release-p23",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.1-release-p22",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.1-release-p20",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.1-release-p19",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.1-release-p18",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.1-release-p17",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.1-release-p16",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.1-release-p15",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.1-release-p14",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.1-release-p12",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.1-release-p11",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.1-release-p10",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.1-release-p1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.1-rc2",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.1-rc1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.1--releng",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "release-p5",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "9.1"
},
{
"_id": null,
"model": "release-p4",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "9.1"
},
{
"_id": null,
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "9.1"
},
{
"_id": null,
"model": "9.0-stable",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.0-releng",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.0-release-p6",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.0-release",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.0-rc3",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.0-rc1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.0--releng",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "9.0"
},
{
"_id": null,
"model": "8.4-releng",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "8.4-release-p9",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "8.4-release-p8",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "8.4-release-p7",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "8.4-release-p4",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "8.4-release-p23",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "8.4-release-p20",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "8.4-release-p19",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "8.4-release-p17",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "8.4-release-p16",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "8.4-release-p15",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "8.4-release-p14",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "8.4-release-p13",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "8.4-release-p12",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "8.4-release-p11",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "8.4-rc2-p1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "8.4-rc1-p1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "8.4-prerelease",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "8.4-beta1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "8.4"
},
{
"_id": null,
"model": "8.3-stable",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "8.3-releng",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "8.3-release-p8",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "8.3-release-p6",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "8.3-release-p16",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "8.3-release-p15",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "8.3-release-p14",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "8.3-release-p11",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "8.3"
},
{
"_id": null,
"model": "8.2-stable",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "8.2-release-p2",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "8.2-release-p1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "8.2-release",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "release -p3",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "8.2-"
},
{
"_id": null,
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "8.2"
},
{
"_id": null,
"model": "8.1-stable",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "8.1-releng",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "8.1-release-p5",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "8.1-release-p4",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "8.1-release-p1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "8.1-release",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "8.1-prerelease",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "8.1"
},
{
"_id": null,
"model": "8.0-stable",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "8.0-release",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "8.0-rc1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "-release-p5",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "8.0"
},
{
"_id": null,
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "8.0"
},
{
"_id": null,
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "linux s/390",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "linux mips",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "linux ia-64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "linux ia-32",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "centos",
"scope": "eq",
"trust": 0.3,
"vendor": "centos",
"version": "6"
},
{
"_id": null,
"model": "session border controller for enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3.0"
},
{
"_id": null,
"model": "one-x client enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "ip office server edition",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "9.0"
},
{
"_id": null,
"model": "ip office server edition",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "8.1"
},
{
"_id": null,
"model": "ip office server edition",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "8.0"
},
{
"_id": null,
"model": "ip office application server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "9.0"
},
{
"_id": null,
"model": "ip office application server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "8.0"
},
{
"_id": null,
"model": "cms",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "17.0"
},
{
"_id": null,
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "aura experience portal",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.0"
},
{
"_id": null,
"model": "aura experience portal",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "aura conferencing",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "8.0"
},
{
"_id": null,
"model": "aura conferencing",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.0"
},
{
"_id": null,
"model": "aura collaboration environment",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.0"
},
{
"_id": null,
"model": "aura collaboration environment",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x4.1.5"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x3.2.2"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x3.2.1"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x3.1.2"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x4.1"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x4.0"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x3.2"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x3.0"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.10.5"
},
{
"_id": null,
"model": "northstar controller application service pack",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": "2.1.01"
},
{
"_id": null,
"model": "9.3-stable",
"scope": "ne",
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.3-release-p10",
"scope": "ne",
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "8.4-stable",
"scope": "ne",
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "8.4-release-p24",
"scope": "ne",
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "mac os server",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "x5.0.3"
}
],
"sources": [
{
"db": "BID",
"id": "72673"
},
{
"db": "CNNVD",
"id": "CNNVD-201502-414"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-001534"
},
{
"db": "NVD",
"id": "CVE-2015-1349"
}
]
},
"configurations": {
"_id": null,
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:isc:bind",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:apple:os_x_server",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-001534"
}
]
},
"credits": {
"_id": null,
"data": "Jan-Piet Mens",
"sources": [
{
"db": "BID",
"id": "72673"
}
],
"trust": 0.3
},
"cve": "CVE-2015-1349",
"cvss": {
"_id": null,
"data": [
{
"cvssV2": [
{
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 5.4,
"confidentialityImpact": "NONE",
"exploitabilityScore": 4.9,
"id": "CVE-2015-1349",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:H/Au:N/C:N/I:N/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2015-1349",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2015-1349",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-201502-414",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201502-414"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-001534"
},
{
"db": "NVD",
"id": "CVE-2015-1349"
}
]
},
"description": {
"_id": null,
"data": "named in ISC BIND 9.7.0 through 9.9.6 before 9.9.6-P2 and 9.10.x before 9.10.1-P2, when DNSSEC validation and the managed-keys feature are enabled, allows remote attackers to cause a denial of service (assertion failure and daemon exit, or daemon crash) by triggering an incorrect trust-anchor management scenario in which no key is ready for use. ISC BIND 9 Under certain conditions in the management of trust anchors named Service termination (DoS) Vulnerabilities exist. ISC The advisory states that: CVE-2015-1349: A Problem with Trust Anchor Management Can Cause named to Crash https://kb.isc.org/article/AA-01235/ \"BIND servers which are configured to perform DNSSEC validation and which are using managed-keys (which occurs implicitly when using \"dnssec-validation auto;\" or \"dnssec-lookaside auto;\") may terminate with an assertion failure when encountering all of the following conditions in a managed trust anchor: *a key which was previously trusted is now flagged as revoked; *there are no other trusted keys available; *there is a standby key, but it is not trusted yet This situation results in termination of the named process and denial of service to clients, and can occur in two circumstances: *during an improperly-managed key rollover for one of the managed trust anchors (e.g., during a botched root key rollover), or *when deliberately triggered by an attacker, under specific and limited circumstances. ISC has demonstrated a proof-of-concept of this attack; however, the complexity of the attack is very high unless the attacker has a specific network relationship to the BIND server which is targeted\"Service disruption by a remote third party (DoS) There is a possibility of being attacked. ISC BIND is prone to a remote denial-of-service vulnerability. \nAttackers can exploit this issue to crash the affected application, denying service to legitimate users. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=====================================================================\n Red Hat Security Advisory\n\nSynopsis: Moderate: bind security update\nAdvisory ID: RHSA-2015:0672-01\nProduct: Red Hat Enterprise Linux\nAdvisory URL: https://rhn.redhat.com/errata/RHSA-2015-0672.html\nIssue date: 2015-03-10\nCVE Names: CVE-2015-1349 \n=====================================================================\n\n1. Summary:\n\nUpdated bind packages that fix one security issue are now available for Red\nHat Enterprise Linux 6 and 7. \n\nRed Hat Product Security has rated this update as having Moderate security\nimpact. A Common Vulnerability Scoring System (CVSS) base score, which\ngives a detailed severity rating, is available from the CVE link in the\nReferences section. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux Client (v. 7) - noarch, x86_64\nRed Hat Enterprise Linux Client Optional (v. 7) - x86_64\nRed Hat Enterprise Linux ComputeNode (v. 7) - noarch, x86_64\nRed Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64\nRed Hat Enterprise Linux Desktop (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Desktop Optional (v. 6) - i386, x86_64\nRed Hat Enterprise Linux HPC Node (v. 6) - x86_64\nRed Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64\nRed Hat Enterprise Linux Server (v. 6) - i386, ppc64, s390x, x86_64\nRed Hat Enterprise Linux Server (v. 7) - noarch, ppc64, ppc64le, s390x, x86_64\nRed Hat Enterprise Linux Server Optional (v. 6) - i386, ppc64, s390x, x86_64\nRed Hat Enterprise Linux Server Optional (v. 7) - ppc64, ppc64le, s390x, x86_64\nRed Hat Enterprise Linux Workstation (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Workstation (v. 7) - noarch, x86_64\nRed Hat Enterprise Linux Workstation Optional (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Workstation Optional (v. 7) - x86_64\n\n3. Description:\n\nThe Berkeley Internet Name Domain (BIND) is an implementation of the Domain\nName System (DNS) protocols. BIND includes a DNS server (named); a resolver\nlibrary (routines for applications to use when interfacing with DNS); and\ntools for verifying that the DNS server is operating correctly. \n\nA flaw was found in the way BIND handled trust anchor management. (CVE-2015-1349)\n\nRed Hat would like to thank ISC for reporting this issue. \n\nAll bind users are advised to upgrade to these updated packages, which\ncontain a backported patch to correct this issue. After installing the\nupdate, the BIND daemon (named) will be restarted automatically. \n\n4. Solution:\n\nBefore applying this update, make sure all previously released errata\nrelevant to your system have been applied. \n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258\n\n5. Package List:\n\nRed Hat Enterprise Linux Desktop (v. 6):\n\nSource:\nbind-9.8.2-0.30.rc1.el6_6.2.src.rpm\n\ni386:\nbind-debuginfo-9.8.2-0.30.rc1.el6_6.2.i686.rpm\nbind-libs-9.8.2-0.30.rc1.el6_6.2.i686.rpm\nbind-utils-9.8.2-0.30.rc1.el6_6.2.i686.rpm\n\nx86_64:\nbind-debuginfo-9.8.2-0.30.rc1.el6_6.2.i686.rpm\nbind-debuginfo-9.8.2-0.30.rc1.el6_6.2.x86_64.rpm\nbind-libs-9.8.2-0.30.rc1.el6_6.2.i686.rpm\nbind-libs-9.8.2-0.30.rc1.el6_6.2.x86_64.rpm\nbind-utils-9.8.2-0.30.rc1.el6_6.2.x86_64.rpm\n\nRed Hat Enterprise Linux Desktop Optional (v. 6):\n\ni386:\nbind-9.8.2-0.30.rc1.el6_6.2.i686.rpm\nbind-chroot-9.8.2-0.30.rc1.el6_6.2.i686.rpm\nbind-debuginfo-9.8.2-0.30.rc1.el6_6.2.i686.rpm\nbind-devel-9.8.2-0.30.rc1.el6_6.2.i686.rpm\nbind-sdb-9.8.2-0.30.rc1.el6_6.2.i686.rpm\n\nx86_64:\nbind-9.8.2-0.30.rc1.el6_6.2.x86_64.rpm\nbind-chroot-9.8.2-0.30.rc1.el6_6.2.x86_64.rpm\nbind-debuginfo-9.8.2-0.30.rc1.el6_6.2.i686.rpm\nbind-debuginfo-9.8.2-0.30.rc1.el6_6.2.x86_64.rpm\nbind-devel-9.8.2-0.30.rc1.el6_6.2.i686.rpm\nbind-devel-9.8.2-0.30.rc1.el6_6.2.x86_64.rpm\nbind-sdb-9.8.2-0.30.rc1.el6_6.2.x86_64.rpm\n\nRed Hat Enterprise Linux HPC Node (v. 6):\n\nSource:\nbind-9.8.2-0.30.rc1.el6_6.2.src.rpm\n\nx86_64:\nbind-debuginfo-9.8.2-0.30.rc1.el6_6.2.i686.rpm\nbind-debuginfo-9.8.2-0.30.rc1.el6_6.2.x86_64.rpm\nbind-libs-9.8.2-0.30.rc1.el6_6.2.i686.rpm\nbind-libs-9.8.2-0.30.rc1.el6_6.2.x86_64.rpm\nbind-utils-9.8.2-0.30.rc1.el6_6.2.x86_64.rpm\n\nRed Hat Enterprise Linux HPC Node Optional (v. 6):\n\nx86_64:\nbind-9.8.2-0.30.rc1.el6_6.2.x86_64.rpm\nbind-chroot-9.8.2-0.30.rc1.el6_6.2.x86_64.rpm\nbind-debuginfo-9.8.2-0.30.rc1.el6_6.2.i686.rpm\nbind-debuginfo-9.8.2-0.30.rc1.el6_6.2.x86_64.rpm\nbind-devel-9.8.2-0.30.rc1.el6_6.2.i686.rpm\nbind-devel-9.8.2-0.30.rc1.el6_6.2.x86_64.rpm\nbind-sdb-9.8.2-0.30.rc1.el6_6.2.x86_64.rpm\n\nRed Hat Enterprise Linux Server (v. 6):\n\nSource:\nbind-9.8.2-0.30.rc1.el6_6.2.src.rpm\n\ni386:\nbind-9.8.2-0.30.rc1.el6_6.2.i686.rpm\nbind-chroot-9.8.2-0.30.rc1.el6_6.2.i686.rpm\nbind-debuginfo-9.8.2-0.30.rc1.el6_6.2.i686.rpm\nbind-libs-9.8.2-0.30.rc1.el6_6.2.i686.rpm\nbind-utils-9.8.2-0.30.rc1.el6_6.2.i686.rpm\n\nppc64:\nbind-9.8.2-0.30.rc1.el6_6.2.ppc64.rpm\nbind-chroot-9.8.2-0.30.rc1.el6_6.2.ppc64.rpm\nbind-debuginfo-9.8.2-0.30.rc1.el6_6.2.ppc.rpm\nbind-debuginfo-9.8.2-0.30.rc1.el6_6.2.ppc64.rpm\nbind-libs-9.8.2-0.30.rc1.el6_6.2.ppc.rpm\nbind-libs-9.8.2-0.30.rc1.el6_6.2.ppc64.rpm\nbind-utils-9.8.2-0.30.rc1.el6_6.2.ppc64.rpm\n\ns390x:\nbind-9.8.2-0.30.rc1.el6_6.2.s390x.rpm\nbind-chroot-9.8.2-0.30.rc1.el6_6.2.s390x.rpm\nbind-debuginfo-9.8.2-0.30.rc1.el6_6.2.s390.rpm\nbind-debuginfo-9.8.2-0.30.rc1.el6_6.2.s390x.rpm\nbind-libs-9.8.2-0.30.rc1.el6_6.2.s390.rpm\nbind-libs-9.8.2-0.30.rc1.el6_6.2.s390x.rpm\nbind-utils-9.8.2-0.30.rc1.el6_6.2.s390x.rpm\n\nx86_64:\nbind-9.8.2-0.30.rc1.el6_6.2.x86_64.rpm\nbind-chroot-9.8.2-0.30.rc1.el6_6.2.x86_64.rpm\nbind-debuginfo-9.8.2-0.30.rc1.el6_6.2.i686.rpm\nbind-debuginfo-9.8.2-0.30.rc1.el6_6.2.x86_64.rpm\nbind-libs-9.8.2-0.30.rc1.el6_6.2.i686.rpm\nbind-libs-9.8.2-0.30.rc1.el6_6.2.x86_64.rpm\nbind-utils-9.8.2-0.30.rc1.el6_6.2.x86_64.rpm\n\nRed Hat Enterprise Linux Server Optional (v. 6):\n\ni386:\nbind-debuginfo-9.8.2-0.30.rc1.el6_6.2.i686.rpm\nbind-devel-9.8.2-0.30.rc1.el6_6.2.i686.rpm\nbind-sdb-9.8.2-0.30.rc1.el6_6.2.i686.rpm\n\nppc64:\nbind-debuginfo-9.8.2-0.30.rc1.el6_6.2.ppc.rpm\nbind-debuginfo-9.8.2-0.30.rc1.el6_6.2.ppc64.rpm\nbind-devel-9.8.2-0.30.rc1.el6_6.2.ppc.rpm\nbind-devel-9.8.2-0.30.rc1.el6_6.2.ppc64.rpm\nbind-sdb-9.8.2-0.30.rc1.el6_6.2.ppc64.rpm\n\ns390x:\nbind-debuginfo-9.8.2-0.30.rc1.el6_6.2.s390.rpm\nbind-debuginfo-9.8.2-0.30.rc1.el6_6.2.s390x.rpm\nbind-devel-9.8.2-0.30.rc1.el6_6.2.s390.rpm\nbind-devel-9.8.2-0.30.rc1.el6_6.2.s390x.rpm\nbind-sdb-9.8.2-0.30.rc1.el6_6.2.s390x.rpm\n\nx86_64:\nbind-debuginfo-9.8.2-0.30.rc1.el6_6.2.i686.rpm\nbind-debuginfo-9.8.2-0.30.rc1.el6_6.2.x86_64.rpm\nbind-devel-9.8.2-0.30.rc1.el6_6.2.i686.rpm\nbind-devel-9.8.2-0.30.rc1.el6_6.2.x86_64.rpm\nbind-sdb-9.8.2-0.30.rc1.el6_6.2.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation (v. 6):\n\nSource:\nbind-9.8.2-0.30.rc1.el6_6.2.src.rpm\n\ni386:\nbind-9.8.2-0.30.rc1.el6_6.2.i686.rpm\nbind-chroot-9.8.2-0.30.rc1.el6_6.2.i686.rpm\nbind-debuginfo-9.8.2-0.30.rc1.el6_6.2.i686.rpm\nbind-libs-9.8.2-0.30.rc1.el6_6.2.i686.rpm\nbind-utils-9.8.2-0.30.rc1.el6_6.2.i686.rpm\n\nx86_64:\nbind-9.8.2-0.30.rc1.el6_6.2.x86_64.rpm\nbind-chroot-9.8.2-0.30.rc1.el6_6.2.x86_64.rpm\nbind-debuginfo-9.8.2-0.30.rc1.el6_6.2.i686.rpm\nbind-debuginfo-9.8.2-0.30.rc1.el6_6.2.x86_64.rpm\nbind-libs-9.8.2-0.30.rc1.el6_6.2.i686.rpm\nbind-libs-9.8.2-0.30.rc1.el6_6.2.x86_64.rpm\nbind-utils-9.8.2-0.30.rc1.el6_6.2.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation Optional (v. 6):\n\ni386:\nbind-debuginfo-9.8.2-0.30.rc1.el6_6.2.i686.rpm\nbind-devel-9.8.2-0.30.rc1.el6_6.2.i686.rpm\nbind-sdb-9.8.2-0.30.rc1.el6_6.2.i686.rpm\n\nx86_64:\nbind-debuginfo-9.8.2-0.30.rc1.el6_6.2.i686.rpm\nbind-debuginfo-9.8.2-0.30.rc1.el6_6.2.x86_64.rpm\nbind-devel-9.8.2-0.30.rc1.el6_6.2.i686.rpm\nbind-devel-9.8.2-0.30.rc1.el6_6.2.x86_64.rpm\nbind-sdb-9.8.2-0.30.rc1.el6_6.2.x86_64.rpm\n\nRed Hat Enterprise Linux Client (v. 7):\n\nSource:\nbind-9.9.4-18.el7_1.1.src.rpm\n\nnoarch:\nbind-license-9.9.4-18.el7_1.1.noarch.rpm\n\nx86_64:\nbind-debuginfo-9.9.4-18.el7_1.1.i686.rpm\nbind-debuginfo-9.9.4-18.el7_1.1.x86_64.rpm\nbind-libs-9.9.4-18.el7_1.1.i686.rpm\nbind-libs-9.9.4-18.el7_1.1.x86_64.rpm\nbind-libs-lite-9.9.4-18.el7_1.1.i686.rpm\nbind-libs-lite-9.9.4-18.el7_1.1.x86_64.rpm\nbind-utils-9.9.4-18.el7_1.1.x86_64.rpm\n\nRed Hat Enterprise Linux Client Optional (v. 7):\n\nx86_64:\nbind-9.9.4-18.el7_1.1.x86_64.rpm\nbind-chroot-9.9.4-18.el7_1.1.x86_64.rpm\nbind-debuginfo-9.9.4-18.el7_1.1.i686.rpm\nbind-debuginfo-9.9.4-18.el7_1.1.x86_64.rpm\nbind-devel-9.9.4-18.el7_1.1.i686.rpm\nbind-devel-9.9.4-18.el7_1.1.x86_64.rpm\nbind-lite-devel-9.9.4-18.el7_1.1.i686.rpm\nbind-lite-devel-9.9.4-18.el7_1.1.x86_64.rpm\nbind-sdb-9.9.4-18.el7_1.1.x86_64.rpm\nbind-sdb-chroot-9.9.4-18.el7_1.1.x86_64.rpm\n\nRed Hat Enterprise Linux ComputeNode (v. 7):\n\nSource:\nbind-9.9.4-18.el7_1.1.src.rpm\n\nnoarch:\nbind-license-9.9.4-18.el7_1.1.noarch.rpm\n\nx86_64:\nbind-debuginfo-9.9.4-18.el7_1.1.i686.rpm\nbind-debuginfo-9.9.4-18.el7_1.1.x86_64.rpm\nbind-libs-9.9.4-18.el7_1.1.i686.rpm\nbind-libs-9.9.4-18.el7_1.1.x86_64.rpm\nbind-libs-lite-9.9.4-18.el7_1.1.i686.rpm\nbind-libs-lite-9.9.4-18.el7_1.1.x86_64.rpm\nbind-utils-9.9.4-18.el7_1.1.x86_64.rpm\n\nRed Hat Enterprise Linux ComputeNode Optional (v. 7):\n\nx86_64:\nbind-9.9.4-18.el7_1.1.x86_64.rpm\nbind-chroot-9.9.4-18.el7_1.1.x86_64.rpm\nbind-debuginfo-9.9.4-18.el7_1.1.i686.rpm\nbind-debuginfo-9.9.4-18.el7_1.1.x86_64.rpm\nbind-devel-9.9.4-18.el7_1.1.i686.rpm\nbind-devel-9.9.4-18.el7_1.1.x86_64.rpm\nbind-lite-devel-9.9.4-18.el7_1.1.i686.rpm\nbind-lite-devel-9.9.4-18.el7_1.1.x86_64.rpm\nbind-sdb-9.9.4-18.el7_1.1.x86_64.rpm\nbind-sdb-chroot-9.9.4-18.el7_1.1.x86_64.rpm\n\nRed Hat Enterprise Linux Server (v. 7):\n\nSource:\nbind-9.9.4-18.el7_1.1.src.rpm\n\nnoarch:\nbind-license-9.9.4-18.el7_1.1.noarch.rpm\n\nppc64:\nbind-9.9.4-18.el7_1.1.ppc64.rpm\nbind-chroot-9.9.4-18.el7_1.1.ppc64.rpm\nbind-debuginfo-9.9.4-18.el7_1.1.ppc.rpm\nbind-debuginfo-9.9.4-18.el7_1.1.ppc64.rpm\nbind-libs-9.9.4-18.el7_1.1.ppc.rpm\nbind-libs-9.9.4-18.el7_1.1.ppc64.rpm\nbind-libs-lite-9.9.4-18.el7_1.1.ppc.rpm\nbind-libs-lite-9.9.4-18.el7_1.1.ppc64.rpm\nbind-utils-9.9.4-18.el7_1.1.ppc64.rpm\n\ns390x:\nbind-9.9.4-18.el7_1.1.s390x.rpm\nbind-chroot-9.9.4-18.el7_1.1.s390x.rpm\nbind-debuginfo-9.9.4-18.el7_1.1.s390.rpm\nbind-debuginfo-9.9.4-18.el7_1.1.s390x.rpm\nbind-libs-9.9.4-18.el7_1.1.s390.rpm\nbind-libs-9.9.4-18.el7_1.1.s390x.rpm\nbind-libs-lite-9.9.4-18.el7_1.1.s390.rpm\nbind-libs-lite-9.9.4-18.el7_1.1.s390x.rpm\nbind-utils-9.9.4-18.el7_1.1.s390x.rpm\n\nx86_64:\nbind-9.9.4-18.el7_1.1.x86_64.rpm\nbind-chroot-9.9.4-18.el7_1.1.x86_64.rpm\nbind-debuginfo-9.9.4-18.el7_1.1.i686.rpm\nbind-debuginfo-9.9.4-18.el7_1.1.x86_64.rpm\nbind-libs-9.9.4-18.el7_1.1.i686.rpm\nbind-libs-9.9.4-18.el7_1.1.x86_64.rpm\nbind-libs-lite-9.9.4-18.el7_1.1.i686.rpm\nbind-libs-lite-9.9.4-18.el7_1.1.x86_64.rpm\nbind-utils-9.9.4-18.el7_1.1.x86_64.rpm\n\nRed Hat Enterprise Linux Server (v. 7):\n\nSource:\nbind-9.9.4-18.ael7b_1.1.src.rpm\n\nnoarch:\nbind-license-9.9.4-18.ael7b_1.1.noarch.rpm\n\nppc64le:\nbind-9.9.4-18.ael7b_1.1.ppc64le.rpm\nbind-chroot-9.9.4-18.ael7b_1.1.ppc64le.rpm\nbind-debuginfo-9.9.4-18.ael7b_1.1.ppc64le.rpm\nbind-libs-9.9.4-18.ael7b_1.1.ppc64le.rpm\nbind-libs-lite-9.9.4-18.ael7b_1.1.ppc64le.rpm\nbind-utils-9.9.4-18.ael7b_1.1.ppc64le.rpm\n\nRed Hat Enterprise Linux Server Optional (v. 7):\n\nppc64:\nbind-debuginfo-9.9.4-18.el7_1.1.ppc.rpm\nbind-debuginfo-9.9.4-18.el7_1.1.ppc64.rpm\nbind-devel-9.9.4-18.el7_1.1.ppc.rpm\nbind-devel-9.9.4-18.el7_1.1.ppc64.rpm\nbind-lite-devel-9.9.4-18.el7_1.1.ppc.rpm\nbind-lite-devel-9.9.4-18.el7_1.1.ppc64.rpm\nbind-sdb-9.9.4-18.el7_1.1.ppc64.rpm\nbind-sdb-chroot-9.9.4-18.el7_1.1.ppc64.rpm\n\ns390x:\nbind-debuginfo-9.9.4-18.el7_1.1.s390.rpm\nbind-debuginfo-9.9.4-18.el7_1.1.s390x.rpm\nbind-devel-9.9.4-18.el7_1.1.s390.rpm\nbind-devel-9.9.4-18.el7_1.1.s390x.rpm\nbind-lite-devel-9.9.4-18.el7_1.1.s390.rpm\nbind-lite-devel-9.9.4-18.el7_1.1.s390x.rpm\nbind-sdb-9.9.4-18.el7_1.1.s390x.rpm\nbind-sdb-chroot-9.9.4-18.el7_1.1.s390x.rpm\n\nx86_64:\nbind-debuginfo-9.9.4-18.el7_1.1.i686.rpm\nbind-debuginfo-9.9.4-18.el7_1.1.x86_64.rpm\nbind-devel-9.9.4-18.el7_1.1.i686.rpm\nbind-devel-9.9.4-18.el7_1.1.x86_64.rpm\nbind-lite-devel-9.9.4-18.el7_1.1.i686.rpm\nbind-lite-devel-9.9.4-18.el7_1.1.x86_64.rpm\nbind-sdb-9.9.4-18.el7_1.1.x86_64.rpm\nbind-sdb-chroot-9.9.4-18.el7_1.1.x86_64.rpm\n\nRed Hat Enterprise Linux Server Optional (v. 7):\n\nppc64le:\nbind-debuginfo-9.9.4-18.ael7b_1.1.ppc64le.rpm\nbind-devel-9.9.4-18.ael7b_1.1.ppc64le.rpm\nbind-lite-devel-9.9.4-18.ael7b_1.1.ppc64le.rpm\nbind-sdb-9.9.4-18.ael7b_1.1.ppc64le.rpm\nbind-sdb-chroot-9.9.4-18.ael7b_1.1.ppc64le.rpm\n\nRed Hat Enterprise Linux Workstation (v. 7):\n\nSource:\nbind-9.9.4-18.el7_1.1.src.rpm\n\nnoarch:\nbind-license-9.9.4-18.el7_1.1.noarch.rpm\n\nx86_64:\nbind-9.9.4-18.el7_1.1.x86_64.rpm\nbind-chroot-9.9.4-18.el7_1.1.x86_64.rpm\nbind-debuginfo-9.9.4-18.el7_1.1.i686.rpm\nbind-debuginfo-9.9.4-18.el7_1.1.x86_64.rpm\nbind-libs-9.9.4-18.el7_1.1.i686.rpm\nbind-libs-9.9.4-18.el7_1.1.x86_64.rpm\nbind-libs-lite-9.9.4-18.el7_1.1.i686.rpm\nbind-libs-lite-9.9.4-18.el7_1.1.x86_64.rpm\nbind-utils-9.9.4-18.el7_1.1.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation Optional (v. 7):\n\nx86_64:\nbind-debuginfo-9.9.4-18.el7_1.1.i686.rpm\nbind-debuginfo-9.9.4-18.el7_1.1.x86_64.rpm\nbind-devel-9.9.4-18.el7_1.1.i686.rpm\nbind-devel-9.9.4-18.el7_1.1.x86_64.rpm\nbind-lite-devel-9.9.4-18.el7_1.1.i686.rpm\nbind-lite-devel-9.9.4-18.el7_1.1.x86_64.rpm\nbind-sdb-9.9.4-18.el7_1.1.x86_64.rpm\nbind-sdb-chroot-9.9.4-18.el7_1.1.x86_64.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. References:\n\nhttps://access.redhat.com/security/cve/CVE-2015-1349\nhttps://access.redhat.com/security/updates/classification/#moderate\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2015 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niD8DBQFU/7nhXlSAg2UNWIIRArKUAJ9WX/XGIY2BbVU1+km5wJAaBaPytQCdGBnW\n7ZfcyFEskWi6YX7JcLMs9Fg=\n=dWCz\n-----END PGP SIGNATURE-----\n\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n. \n\nRelease Date: 2015-07-17\nLast Updated: 2015-07-17\n\nPotential Security Impact: Remote Denial of Service (DoS)\n\nSource: Hewlett-Packard Company, HP Software Security Response Team\n\nVULNERABILITY SUMMARY\nA potential security vulnerability has been identified with HP-UX running\nBIND. This vulnerability could be exploited remotely to create a Denial of\nService (DoS). \n\nReferences:\n\nCVE-2015-1349\nCVE-2015-4620\nSSRT101976\n\nSUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. \nHP-UX B.11.31 running BIND 9.7.3 prior to C.9.7.3.7.0\n\nHP-UX B.11.31 running BIND 9.9.4 prior to C.9.9.4.3.0\n\nBACKGROUND\n\nCVSS 2.0 Base Metrics\n===========================================================\n Reference Base Vector Base Score\nCVE-2015-1349 (AV:N/AC:H/Au:N/C:N/I:N/A:C) 5.4\nCVE-2015-4620 (AV:N/AC:L/Au:N/C:N/I:N/A:C) 7.8\n===========================================================\n Information on CVSS is documented\n in HP Customer Notice: HPSN-2008-002\n\nRESOLUTION\n\nHP has provided updated versions of the BIND service to resolve this\nvulnerability. \n\nBIND 9.7.3 for HP-UX Release\n Depot Name\n Download location\n\nB.11.31 (PA and IA)\n HP_UX_11.31_HPUX-NameServer_C.9.7.3.7.0_HP-UX_B.11.31_IA_PA.depot\n https://h20392.www2.hp.com/portal/swdepot/displayProductInfo.do?productNumbe\nr=BIND\n\nBIND 9.9.4 for HP-UX Release\n Depot Name\n Download location\n\nB.11.31 (PA and IA)\n HP_UX_11.31_HPUX-NameServer_C.9.9.4.3.0_HP-UX_B.11.31_IA_PA.depot\n https://h20392.www2.hp.com/portal/swdepot/displayProductInfo.do?productNumbe\nr=BIND\n\nMANUAL ACTIONS: Yes - Update\nDownload and install the software update\n\nPRODUCT SPECIFIC INFORMATION\nHP-UX Software Assistant: HP-UX Software Assistant is an enhanced application\nthat replaces HP-UX Security Patch Check. It analyzes all Security Bulletins\nissued by HP and lists recommended actions that may apply to a specific HP-UX\nsystem. It can also download patches and create a depot automatically. For\nmore information see: https://www.hp.com/go/swa\n\nThe following text is for use by the HP-UX Software Assistant. \n\nAFFECTED VERSIONS\n\nFor BIND 9.7.3\nHP-UX B.11.31\n==================\nNameService.BIND-AUX\nNameService.BIND-RUN\naction: install revision C.9.7.3.7.0 or subsequent\n\nFor BIND 9.9.4\nHP-UX B.11.31\n==================\nNameService.BIND-AUX\nNameService.BIND-RUN\naction: install revision C.9.9.4.3.0 or subsequent\n\nEND AFFECTED VERSIONS\n\nHISTORY\nVersion:1 (rev.1) - 17 July 2015 Initial release\n\nThird Party Security Patches: Third party security patches that are to be\ninstalled on systems running HP software products should be applied in\naccordance with the customer\u0027s patch management policy. \n\nSupport: For issues about implementing the recommendations of this Security\nBulletin, contact normal HP Services support channel. For other issues about\nthe content of this Security Bulletin, send e-mail to security-alert@hp.com. \n\nReport: To report a potential security vulnerability with any HP supported\nproduct, send Email to: security-alert@hp.com\n\nSubscribe: To initiate a subscription to receive future HP Security Bulletin\nalerts via Email:\nhttp://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins\n\nSecurity Bulletin Archive: A list of recently released Security Bulletins is\navailable here:\nhttps://h20564.www2.hp.com/portal/site/hpsc/public/kb/secBullArchive/\n\nSoftware Product Category: The Software Product Category is represented in\nthe title by the two characters following HPSB. \n\n3C = 3COM\n3P = 3rd Party Software\nGN = HP General Software\nHF = HP Hardware and Firmware\nMP = MPE/iX\nMU = Multi-Platform Software\nNS = NonStop Servers\nOV = OpenVMS\nPI = Printing and Imaging\nPV = ProCurve\nST = Storage Software\nTU = Tru64 UNIX\nUX = HP-UX\n\nCopyright 2015 Hewlett-Packard Development Company, L.P. \nHewlett-Packard Company shall not be liable for technical or editorial errors\nor omissions contained herein. The information provided is provided \"as is\"\nwithout warranty of any kind. To the extent permitted by law, neither HP or\nits affiliates, subcontractors or suppliers will be liable for\nincidental,special or consequential damages including downtime cost; lost\nprofits; damages relating to the procurement of substitute products or\nservices; or damages for loss of data, or software restoration. The\ninformation in this document is subject to change without notice. \nHewlett-Packard Company and the names of Hewlett-Packard products referenced\nherein are trademarks of Hewlett-Packard Company in the United States and\nother countries. Other product and company names mentioned herein may be\ntrademarks of their respective owners. This can\n lead to resource exhaustion and denial of service (up to and including\n termination of the named server process) (CVE-2014-8500). \n \n Jan-Piet Mens discovered that the BIND DNS server would crash when\n processing an invalid DNSSEC key rollover, either due to an error\n on the zone operator\u0026#039;s part, or due to interference with network\n traffic by an attacker. This issue affects configurations with the\n directives \u0026quot;dnssec-lookaside auto;\u0026quot; (as enabled in the Mandriva\n default configuration) or \u0026quot;dnssec-validation auto;\u0026quot; (CVE-2015-1349). \n _______________________________________________________________________\n\n References:\n\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8500\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1349\n http://advisories.mageia.org/MGASA-2014-0524.html\n http://advisories.mageia.org/MGASA-2015-0082.html\n _______________________________________________________________________\n\n Updated Packages:\n\n Mandriva Business Server 2/X86_64:\n a2cf83873b09b47275d0030063a236c8 mbs2/x86_64/bind-9.10.1.P2-7.mbs2.x86_64.rpm\n 83d97de0884ef84b933cb06bfbbce24a mbs2/x86_64/bind-devel-9.10.1.P2-7.mbs2.x86_64.rpm\n 633a8a160c3be4dda5f134550288df8f mbs2/x86_64/bind-doc-9.10.1.P2-7.mbs2.noarch.rpm\n 40760cee0f0c97261b80d159ab60cb32 mbs2/x86_64/bind-sdb-9.10.1.P2-7.mbs2.x86_64.rpm\n ec17a87a3d0e50c4a1c33c84adc0c08b mbs2/x86_64/bind-utils-9.10.1.P2-7.mbs2.x86_64.rpm \n 95f44b351208cfcbf15108dc707b0f21 mbs2/SRPMS/bind-9.10.1.P2-7.mbs2.src.rpm\n _______________________________________________________________________\n\n To upgrade automatically use MandrivaUpdate or urpmi. The verification\n of md5 checksums and GPG signatures is performed automatically for you. You can obtain the\n GPG public key of the Mandriva Security Team by executing:\n\n gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98\n\n You can view other update advisories for Mandriva Linux at:\n\n http://www.mandriva.com/en/support/security/advisories/\n\n If you want to report vulnerabilities, please contact\n\n security_(at)_mandriva.com\n _______________________________________________________________________\n\n Type Bits/KeyID Date User ID\n pub 1024D/22458A98 2000-07-10 Mandriva Security Team\n \u003csecurity*mandriva.com\u003e\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.12 (GNU/Linux)\n\niD8DBQFVGDuOmqjQ0CJFipgRAqQsAJ9YWfOhd3JZjB1DstzQh7xCT2fJWQCfYwBx\nFGoDrVNSJeks4jEO5ZrIaN8=\n=0F9B\n-----END PGP SIGNATURE-----\n. \n\nFor the stable distribution (wheezy), this problem has been fixed in\nversion 1:9.8.4.dfsg.P1-6+nmu2+deb7u4. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA512\n\n=============================================================================\nFreeBSD-SA-15:05.bind Security Advisory\n The FreeBSD Project\n\nTopic: BIND remote denial of service vulnerability\n\nCategory: contrib\nModule: bind\nAnnounced: 2015-02-25\nCredits: ISC\nAffects: FreeBSD 8.x and FreeBSD 9.x. \nCorrected: 2015-02-18 22:20:19 UTC (stable/9, 9.3-STABLE)\n 2015-02-25 05:56:54 UTC (releng/9.3, 9.3-RELEASE-p10)\n 2015-02-18 22:29:52 UTC (stable/8, 8.4-STABLE)\n 2015-02-25 05:56:54 UTC (releng/8.4, 8.4-RELEASE-p24)\nCVE Name: CVE-2015-1349\n\nFor general information regarding FreeBSD Security Advisories,\nincluding descriptions of the fields above, security branches, and the\nfollowing sections, please visit \u003cURL:https://security.FreeBSD.org/\u003e. \n\nII. Problem Description\n\nBIND servers which are configured to perform DNSSEC validation and which\nare using managed keys (which occurs implicitly when using\n\"dnssec-validation auto;\" or \"dnssec-lookaside auto;\") may exhibit\nunpredictable behavior due to the use of an improperly initialized\nvariable. \n\nIII. \n\nIV. Workaround\n\nOnly systems that runs BIND, including recursive resolvers and authoritative\nservers that performs DNSSEC validation and using managed-keys are affected. \n\nThis issue can be worked around by not using \"auto\" for the dnssec-validation\nor dnssec-lookaside options and do not configure a managed-keys statement. \nNote that in order to do DNSSEC validation with this workaround one would\nhave to configure an explicit trusted-keys statement with the appropriate\nkeys. \n\nV. Solution\n\nPerform one of the following:\n\n1) Upgrade your vulnerable system to a supported FreeBSD stable or\nrelease / security branch (releng) dated after the correction date. \n\n2) To update your vulnerable system via a binary patch:\n\nSystems running a RELEASE version of FreeBSD on the i386 or amd64\nplatforms can be updated via the freebsd-update(8) utility:\n\n# freebsd-update fetch\n# freebsd-update install\n\n3) To update your vulnerable system via a source code patch:\n\nThe following patches have been verified to apply to the applicable\nFreeBSD release branches. \n\na) Download the relevant patch from the location below, and verify the\ndetached PGP signature using your PGP utility. \n\n# fetch https://security.FreeBSD.org/patches/SA-15:05/bind.patch\n# fetch https://security.FreeBSD.org/patches/SA-15:05/bind.patch.asc\n# gpg --verify bind.patch.asc\n\nb) Apply the patch. Execute the following commands as root:\n\n# cd /usr/src\n# patch \u003c /path/to/patch\n\nc) Recompile the operating system using buildworld and installworld as\ndescribed in \u003cURL:https://www.FreeBSD.org/handbook/makeworld.html\u003e. \n\nRestart the applicable daemons, or reboot the system. \n\nVI. Correction details\n\nThe following list contains the correction revision numbers for each\naffected branch. \n\nBranch/path Revision\n- -------------------------------------------------------------------------\nstable/8/ r278973\nreleng/8.4/ r279265\nstable/9/ r278972\nreleng/9.3/ r279265\n- -------------------------------------------------------------------------\n\nTo see which files were modified by a particular revision, run the\nfollowing command, replacing NNNNNN with the revision number, on a\nmachine with Subversion installed:\n\n# svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base\n\nOr visit the following URL, replacing NNNNNN with the revision number:\n\n\u003cURL:https://svnweb.freebsd.org/base?view=revision\u0026revision=NNNNNN\u003e\n\nVII. ============================================================================\nUbuntu Security Notice USN-2503-1\nFebruary 18, 2015\n\nbind9 vulnerability\n============================================================================\n\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 14.10\n- Ubuntu 14.04 LTS\n- Ubuntu 12.04 LTS\n\nSummary:\n\nBind could be made to crash if it received specially crafted network\ntraffic. \n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 14.10:\n bind9 1:9.9.5.dfsg-4.3ubuntu0.2\n\nUbuntu 14.04 LTS:\n bind9 1:9.9.5.dfsg-3ubuntu0.2\n\nUbuntu 12.04 LTS:\n bind9 1:9.8.1.dfsg.P1-4ubuntu0.10\n\nIn general, a standard system update will make all the necessary changes. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 201510-01\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n https://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: Normal\n Title: BIND: Denial of Service\n Date: October 18, 2015\n Bugs: #540640, #553584, #556150, #559462\n ID: 201510-01\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nA vulnerability in BIND could lead to a Denial of Service condition. \n\nAffected packages\n=================\n\n -------------------------------------------------------------------\n Package / Vulnerable / Unaffected\n -------------------------------------------------------------------\n 1 net-dns/bind \u003c 9.10.2_p4 \u003e= 9.10.2_p4 \n\nDescription\n===========\n\nA vulnerability has been discovered in BIND\u0027s named utility leading to\na Denial of Service condition. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll BIND users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=net-dns/bind-9.10.2_p4\"\n\nReferences\n==========\n\n[ 1 ] CVE-2015-1349\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-1349\n[ 2 ] CVE-2015-4620\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-4620\n[ 3 ] CVE-2015-5477\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5477\n[ 4 ] CVE-2015-5722\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5722\n[ 5 ] CVE-2015-5986\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5986\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n https://security.gentoo.org/glsa/201510-01\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2015 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2015-1349"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-001534"
},
{
"db": "BID",
"id": "72673"
},
{
"db": "PACKETSTORM",
"id": "130646"
},
{
"db": "PACKETSTORM",
"id": "130758"
},
{
"db": "PACKETSTORM",
"id": "132752"
},
{
"db": "PACKETSTORM",
"id": "131222"
},
{
"db": "PACKETSTORM",
"id": "130451"
},
{
"db": "PACKETSTORM",
"id": "130558"
},
{
"db": "PACKETSTORM",
"id": "130446"
},
{
"db": "PACKETSTORM",
"id": "134008"
}
],
"trust": 2.61
},
"external_ids": {
"_id": null,
"data": [
{
"db": "NVD",
"id": "CVE-2015-1349",
"trust": 3.5
},
{
"db": "ISC",
"id": "AA-01235",
"trust": 2.0
},
{
"db": "JUNIPER",
"id": "JSA10783",
"trust": 1.3
},
{
"db": "MCAFEE",
"id": "SB10116",
"trust": 1.0
},
{
"db": "JVN",
"id": "JVNVU99970459",
"trust": 0.8
},
{
"db": "JVN",
"id": "JVNVU93982119",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2015-001534",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201502-414",
"trust": 0.6
},
{
"db": "BID",
"id": "72673",
"trust": 0.3
},
{
"db": "PACKETSTORM",
"id": "130646",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "130758",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "132752",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "131222",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "130451",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "130558",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "130446",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "134008",
"trust": 0.1
}
],
"sources": [
{
"db": "BID",
"id": "72673"
},
{
"db": "PACKETSTORM",
"id": "130646"
},
{
"db": "PACKETSTORM",
"id": "130758"
},
{
"db": "PACKETSTORM",
"id": "132752"
},
{
"db": "PACKETSTORM",
"id": "131222"
},
{
"db": "PACKETSTORM",
"id": "130451"
},
{
"db": "PACKETSTORM",
"id": "130558"
},
{
"db": "PACKETSTORM",
"id": "130446"
},
{
"db": "PACKETSTORM",
"id": "134008"
},
{
"db": "CNNVD",
"id": "CNNVD-201502-414"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-001534"
},
{
"db": "NVD",
"id": "CVE-2015-1349"
}
]
},
"id": "VAR-201502-0366",
"iot": {
"_id": null,
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.59105265
},
"last_update_date": "2026-04-10T23:30:42.934000Z",
"patch": {
"_id": null,
"data": [
{
"title": "APPLE-SA-2015-09-16-4 OS X Server 5.0.3",
"trust": 0.8,
"url": "http://lists.apple.com/archives/security-announce/2015/Sep/msg00004.html"
},
{
"title": "HT205219",
"trust": 0.8,
"url": "https://support.apple.com/en-us/HT205219"
},
{
"title": "HT205219",
"trust": 0.8,
"url": "http://support.apple.com/ja-jp/HT205219"
},
{
"title": "HPSBUX03379",
"trust": 0.8,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=143740940810833\u0026amp;w=2"
},
{
"title": "CVE-2015-1349: A Problem with Trust Anchor Management Can Cause named to Crash",
"trust": 0.8,
"url": "https://kb.isc.org/article/AA-01235/"
},
{
"title": "SB10116",
"trust": 0.8,
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10116"
},
{
"title": "Bug 1193820",
"trust": 0.8,
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1193820"
},
{
"title": "RHSA-2015:0672",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/RHSA-2015-0672.html"
},
{
"title": "BIND9.9.7.x86",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=54140"
},
{
"title": "bind-9.10.2",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=54143"
},
{
"title": "BIND9.10.2.x86",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=54142"
},
{
"title": "bind-9.9.7",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=54141"
}
],
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201502-414"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-001534"
}
]
},
"problemtype_data": {
"_id": null,
"data": [
{
"problemtype": "CWE-399",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-001534"
},
{
"db": "NVD",
"id": "CVE-2015-1349"
}
]
},
"references": {
"_id": null,
"data": [
{
"trust": 2.0,
"url": "http://advisories.mageia.org/mgasa-2015-0082.html"
},
{
"trust": 1.9,
"url": "https://kb.isc.org/article/aa-01235"
},
{
"trust": 1.7,
"url": "http://www.ubuntu.com/usn/usn-2503-1"
},
{
"trust": 1.4,
"url": "http://rhn.redhat.com/errata/rhsa-2015-0672.html"
},
{
"trust": 1.1,
"url": "https://security.gentoo.org/glsa/201510-01"
},
{
"trust": 1.0,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-1349"
},
{
"trust": 1.0,
"url": "https://kb.juniper.net/jsa10783"
},
{
"trust": 1.0,
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-march/150905.html"
},
{
"trust": 1.0,
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1193820"
},
{
"trust": 1.0,
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00013.html"
},
{
"trust": 1.0,
"url": "http://www.mandriva.com/security/advisories?name=mdvsa-2015:054"
},
{
"trust": 1.0,
"url": "http://lists.opensuse.org/opensuse-updates/2015-07/msg00038.html"
},
{
"trust": 1.0,
"url": "http://www.mandriva.com/security/advisories?name=mdvsa-2015:165"
},
{
"trust": 1.0,
"url": "http://lists.apple.com/archives/security-announce/2015/sep/msg00004.html"
},
{
"trust": 1.0,
"url": "https://support.apple.com/ht205219"
},
{
"trust": 1.0,
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=sb10116"
},
{
"trust": 1.0,
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00050.html"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=143740940810833\u0026w=2"
},
{
"trust": 1.0,
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-march/150904.html"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-1349"
},
{
"trust": 0.8,
"url": "http://jprs.jp/tech/security/2015-02-19-bind9-vuln-managed-trust-anchors.html"
},
{
"trust": 0.8,
"url": "http://jvn.jp/vu/jvnvu93982119/"
},
{
"trust": 0.8,
"url": "http://jvn.jp/vu/jvnvu99970459/index.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-1349"
},
{
"trust": 0.3,
"url": "http://seclists.org/bugtraq/2015/feb/145"
},
{
"trust": 0.3,
"url": "http://www.isc.org/products/bind/"
},
{
"trust": 0.3,
"url": "http://seclists.org/bugtraq/2015/jul/96"
},
{
"trust": 0.3,
"url": "https://kb.juniper.net/infocenter/index?page=content\u0026id=jsa10783\u0026cat=sirt_1\u0026actp=list"
},
{
"trust": 0.3,
"url": "https://downloads.avaya.com/css/p8/documents/101009291"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=nas8n1020682"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3t1022295"
},
{
"trust": 0.3,
"url": "http://seclists.org/bugtraq/2015/apr/158"
},
{
"trust": 0.2,
"url": "http://www.mandriva.com/en/support/security/"
},
{
"trust": 0.2,
"url": "http://www.mandriva.com/en/support/security/advisories/"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-4620"
},
{
"trust": 0.2,
"url": "http://www.debian.org/security/"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.1,
"url": "https://bugzilla.redhat.com/):"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/team/key/"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/articles/11258"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2015-1349"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/team/contact/"
},
{
"trust": 0.1,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/"
},
{
"trust": 0.1,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/secbullarchive/"
},
{
"trust": 0.1,
"url": "http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins"
},
{
"trust": 0.1,
"url": "https://h20392.www2.hp.com/portal/swdepot/displayproductinfo.do?productnumbe"
},
{
"trust": 0.1,
"url": "https://www.hp.com/go/swa"
},
{
"trust": 0.1,
"url": "http://advisories.mageia.org/mgasa-2014-0524.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-8500"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-8500"
},
{
"trust": 0.1,
"url": "http://www.debian.org/security/faq"
},
{
"trust": 0.1,
"url": "https://www.freebsd.org/handbook/makeworld.html\u003e."
},
{
"trust": 0.1,
"url": "https://security.freebsd.org/\u003e."
},
{
"trust": 0.1,
"url": "https://security.freebsd.org/advisories/freebsd-sa-15:05.bind.asc\u003e"
},
{
"trust": 0.1,
"url": "https://security.freebsd.org/patches/sa-15:05/bind.patch.asc"
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-1349\u003e"
},
{
"trust": 0.1,
"url": "https://security.freebsd.org/patches/sa-15:05/bind.patch"
},
{
"trust": 0.1,
"url": "https://svnweb.freebsd.org/base?view=revision\u0026revision=nnnnnn\u003e"
},
{
"trust": 0.1,
"url": "https://kb.isc.org/article/aa-01235\u003e"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/bind9/1:9.8.1.dfsg.p1-4ubuntu0.10"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/bind9/1:9.9.5.dfsg-3ubuntu0.2"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/bind9/1:9.9.5.dfsg-4.3ubuntu0.2"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-4620"
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-5986"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-5477"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-5722"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-5722"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-5477"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-5986"
},
{
"trust": 0.1,
"url": "https://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-1349"
}
],
"sources": [
{
"db": "BID",
"id": "72673"
},
{
"db": "PACKETSTORM",
"id": "130646"
},
{
"db": "PACKETSTORM",
"id": "130758"
},
{
"db": "PACKETSTORM",
"id": "132752"
},
{
"db": "PACKETSTORM",
"id": "131222"
},
{
"db": "PACKETSTORM",
"id": "130451"
},
{
"db": "PACKETSTORM",
"id": "130558"
},
{
"db": "PACKETSTORM",
"id": "130446"
},
{
"db": "PACKETSTORM",
"id": "134008"
},
{
"db": "CNNVD",
"id": "CNNVD-201502-414"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-001534"
},
{
"db": "NVD",
"id": "CVE-2015-1349"
}
]
},
"sources": {
"_id": null,
"data": [
{
"db": "BID",
"id": "72673",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "130646",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "130758",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "132752",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "131222",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "130451",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "130558",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "130446",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "134008",
"ident": null
},
{
"db": "CNNVD",
"id": "CNNVD-201502-414",
"ident": null
},
{
"db": "JVNDB",
"id": "JVNDB-2015-001534",
"ident": null
},
{
"db": "NVD",
"id": "CVE-2015-1349",
"ident": null
}
]
},
"sources_release_date": {
"_id": null,
"data": [
{
"date": "2015-02-18T00:00:00",
"db": "BID",
"id": "72673",
"ident": null
},
{
"date": "2015-03-04T18:22:22",
"db": "PACKETSTORM",
"id": "130646",
"ident": null
},
{
"date": "2015-03-11T16:04:19",
"db": "PACKETSTORM",
"id": "130758",
"ident": null
},
{
"date": "2015-07-20T19:49:16",
"db": "PACKETSTORM",
"id": "132752",
"ident": null
},
{
"date": "2015-03-31T16:02:39",
"db": "PACKETSTORM",
"id": "131222",
"ident": null
},
{
"date": "2015-02-19T16:34:38",
"db": "PACKETSTORM",
"id": "130451",
"ident": null
},
{
"date": "2015-02-26T17:25:28",
"db": "PACKETSTORM",
"id": "130558",
"ident": null
},
{
"date": "2015-02-18T22:42:55",
"db": "PACKETSTORM",
"id": "130446",
"ident": null
},
{
"date": "2015-10-18T21:06:41",
"db": "PACKETSTORM",
"id": "134008",
"ident": null
},
{
"date": "2015-02-26T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201502-414",
"ident": null
},
{
"date": "2015-02-20T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-001534",
"ident": null
},
{
"date": "2015-02-19T03:01:22.287000",
"db": "NVD",
"id": "CVE-2015-1349",
"ident": null
}
]
},
"sources_update_date": {
"_id": null,
"data": [
{
"date": "2017-04-18T01:05:00",
"db": "BID",
"id": "72673",
"ident": null
},
{
"date": "2015-02-26T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201502-414",
"ident": null
},
{
"date": "2015-10-05T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-001534",
"ident": null
},
{
"date": "2025-04-12T10:46:40.837000",
"db": "NVD",
"id": "CVE-2015-1349",
"ident": null
}
]
},
"threat_type": {
"_id": null,
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "130758"
},
{
"db": "PACKETSTORM",
"id": "130558"
},
{
"db": "PACKETSTORM",
"id": "130446"
},
{
"db": "CNNVD",
"id": "CNNVD-201502-414"
}
],
"trust": 0.9
},
"title": {
"_id": null,
"data": "ISC BIND 9 Service operation interruption (DoS) Vulnerabilities",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-001534"
}
],
"trust": 0.8
},
"type": {
"_id": null,
"data": "resource management error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201502-414"
}
],
"trust": 0.6
}
}
VAR-201605-0076
Vulnerability from variot - Updated: 2026-04-10 23:29Integer overflow in the EVP_EncryptUpdate function in crypto/evp/evp_enc.c in OpenSSL before 1.0.1t and 1.0.2 before 1.0.2h allows remote attackers to cause a denial of service (heap memory corruption) via a large amount of data. OpenSSL is prone to an integer-overflow vulnerability. An attacker can exploit this issue to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts will likely result in denial-of-service conditions. Following product versions are affected: OpenSSL versions 1.0.2 prior to 1.0.2h are vulnerable. OpenSSL versions 1.0.1 prior to 1.0.1t are vulnerable. OpenSSL Security Advisory [3rd May 2016] ========================================
Memory corruption in the ASN.1 encoder (CVE-2016-2108)
Severity: High
This issue affected versions of OpenSSL prior to April 2015. The bug causing the vulnerability was fixed on April 18th 2015, and released as part of the June 11th 2015 security releases. The security impact of the bug was not known at the time.
In previous versions of OpenSSL, ASN.1 encoding the value zero represented as a negative integer can cause a buffer underflow with an out-of-bounds write in i2c_ASN1_INTEGER. The ASN.1 parser does not normally create "negative zeroes" when parsing ASN.1 input, and therefore, an attacker cannot trigger this bug.
However, a second, independent bug revealed that the ASN.1 parser (specifically, d2i_ASN1_TYPE) can misinterpret a large universal tag as a negative zero value. Large universal tags are not present in any common ASN.1 structures (such as X509) but are accepted as part of ANY structures.
Therefore, if an application deserializes untrusted ASN.1 structures containing an ANY field, and later reserializes them, an attacker may be able to trigger an out-of-bounds write. This has been shown to cause memory corruption that is potentially exploitable with some malloc implementations.
Applications that parse and re-encode X509 certificates are known to be vulnerable. Applications that verify RSA signatures on X509 certificates may also be vulnerable; however, only certificates with valid signatures trigger ASN.1 re-encoding and hence the bug. Specifically, since OpenSSL's default TLS X509 chain verification code verifies the certificate chain from root to leaf, TLS handshakes could only be targeted with valid certificates issued by trusted Certification Authorities.
OpenSSL 1.0.2 users should upgrade to 1.0.2c OpenSSL 1.0.1 users should upgrade to 1.0.1o
This vulnerability is a combination of two bugs, neither of which individually has security impact. The first bug (mishandling of negative zero integers) was reported to OpenSSL by Huzaifa Sidhpurwala (Red Hat) and independently by Hanno Böck in April 2015. The second issue (mishandling of large universal tags) was found using libFuzzer, and reported on the public issue tracker on March 1st 2016. The fact that these two issues combined present a security vulnerability was reported by David Benjamin (Google) on March 31st 2016. The fixes were developed by Steve Henson of the OpenSSL development team, and David Benjamin. The OpenSSL team would also like to thank Mark Brand and Ian Beer from the Google Project Zero team for their careful analysis of the impact.
The fix for the "negative zero" memory corruption bug can be identified by commits
3661bb4e7934668bd99ca777ea8b30eedfafa871 (1.0.2) and 32d3b0f52f77ce86d53f38685336668d47c5bdfe (1.0.1)
Padding oracle in AES-NI CBC MAC check (CVE-2016-2107)
Severity: High
A MITM attacker can use a padding oracle attack to decrypt traffic when the connection uses an AES CBC cipher and the server support AES-NI.
This issue was introduced as part of the fix for Lucky 13 padding attack (CVE-2013-0169). The padding check was rewritten to be in constant time by making sure that always the same bytes are read and compared against either the MAC or padding bytes. But it no longer checked that there was enough data to have both the MAC and padding bytes.
OpenSSL 1.0.2 users should upgrade to 1.0.2h OpenSSL 1.0.1 users should upgrade to 1.0.1t
This issue was reported to OpenSSL on 13th of April 2016 by Juraj Somorovsky using TLS-Attacker. The fix was developed by Kurt Roeckx of the OpenSSL development team.
EVP_EncodeUpdate overflow (CVE-2016-2105)
Severity: Low
An overflow can occur in the EVP_EncodeUpdate() function which is used for Base64 encoding of binary data.
Internally to OpenSSL the EVP_EncodeUpdate() function is primarly used by the PEM_write_bio family of functions. These are mainly used within the OpenSSL command line applications. These internal uses are not considered vulnerable because all calls are bounded with length checks so no overflow is possible. User applications that call these APIs directly with large amounts of untrusted data may be vulnerable. (Note: Initial analysis suggested that the PEM_write_bio were vulnerable, and this is reflected in the patch commit message. This is no longer believed to be the case).
OpenSSL 1.0.2 users should upgrade to 1.0.2h OpenSSL 1.0.1 users should upgrade to 1.0.1t
This issue was reported to OpenSSL on 3rd March 2016 by Guido Vranken. The fix was developed by Matt Caswell of the OpenSSL development team.
EVP_EncryptUpdate overflow (CVE-2016-2106)
Severity: Low
An overflow can occur in the EVP_EncryptUpdate() function. Following an analysis of all OpenSSL internal usage of the EVP_EncryptUpdate() function all usage is one of two forms. The first form is where the EVP_EncryptUpdate() call is known to be the first called function after an EVP_EncryptInit(), and therefore that specific call must be safe. The second form is where the length passed to EVP_EncryptUpdate() can be seen from the code to be some small value and therefore there is no possibility of an overflow. Since all instances are one of these two forms, it is believed that there can be no overflows in internal code due to this problem. It should be noted that EVP_DecryptUpdate() can call EVP_EncryptUpdate() in certain code paths. Also EVP_CipherUpdate() is a synonym for EVP_EncryptUpdate(). All instances of these calls have also been analysed too and it is believed there are no instances in internal usage where an overflow could occur.
This could still represent a security issue for end user code that calls this function directly.
OpenSSL 1.0.2 users should upgrade to 1.0.2h OpenSSL 1.0.1 users should upgrade to 1.0.1t
This issue was reported to OpenSSL on 3rd March 2016 by Guido Vranken. The fix was developed by Matt Caswell of the OpenSSL development team.
ASN.1 BIO excessive memory allocation (CVE-2016-2109)
Severity: Low
When ASN.1 data is read from a BIO using functions such as d2i_CMS_bio() a short invalid encoding can casuse allocation of large amounts of memory potentially consuming excessive resources or exhausting memory.
Any application parsing untrusted data through d2i BIO functions is affected. The memory based functions such as d2i_X509() are not affected. Since the memory based functions are used by the TLS library, TLS applications are not affected.
OpenSSL 1.0.2 users should upgrade to 1.0.2h OpenSSL 1.0.1 users should upgrade to 1.0.1t
This issue was reported to OpenSSL on 4th April 2016 by Brian Carpenter. The fix was developed by Stephen Henson of the OpenSSL development team.
EBCDIC overread (CVE-2016-2176)
Severity: Low
ASN1 Strings that are over 1024 bytes can cause an overread in applications using the X509_NAME_oneline() function on EBCDIC systems. This could result in arbitrary stack data being returned in the buffer.
OpenSSL 1.0.2 users should upgrade to 1.0.2h OpenSSL 1.0.1 users should upgrade to 1.0.1t
This issue was reported to OpenSSL on 5th March 2016 by Guido Vranken. The fix was developed by Matt Caswell of the OpenSSL development team.
Note
As per our previous announcements and our Release Strategy (https://www.openssl.org/policies/releasestrat.html), support for OpenSSL version 1.0.1 will cease on 31st December 2016. No security updates for that version will be provided after that date. Users of 1.0.1 are advised to upgrade.
Support for versions 0.9.8 and 1.0.0 ended on 31st December 2015. Those versions are no longer receiving security updates.
References
URL for this Security Advisory: https://www.openssl.org/news/secadv/20160503.txt
Note: the online version of the advisory may be updated with additional details over time.
For details of OpenSSL severity classifications please see: https://www.openssl.org/policies/secpolicy.html . Corrected: 2016-05-03 18:54:20 UTC (stable/10, 10.3-STABLE) 2016-05-04 15:25:47 UTC (releng/10.3, 10.3-RELEASE-p2) 2016-05-04 15:26:23 UTC (releng/10.2, 10.2-RELEASE-p16) 2016-05-04 15:27:09 UTC (releng/10.1, 10.1-RELEASE-p33) 2016-05-04 06:53:02 UTC (stable/9, 9.3-STABLE) 2016-05-04 15:27:09 UTC (releng/9.3, 9.3-RELEASE-p41) CVE Name: CVE-2016-2105, CVE-2016-2106, CVE-2016-2107, CVE-2016-2109, CVE-2016-2176
For general information regarding FreeBSD Security Advisories, including descriptions of the fields above, security branches, and the following sections, please visit . Background
FreeBSD includes software from the OpenSSL Project.
II. [CVE-2016-2176] FreeBSD does not run on any EBCDIC systems and therefore is not affected.
III.
IV. Workaround
No workaround is available.
V. Solution
Perform one of the following:
1) Upgrade your vulnerable system to a supported FreeBSD stable or release / security branch (releng) dated after the correction date.
Restart all daemons that use the library, or reboot the system.
2) To update your vulnerable system via a binary patch:
Systems running a RELEASE version of FreeBSD on the i386 or amd64 platforms can be updated via the freebsd-update(8) utility:
freebsd-update fetch
freebsd-update install
Restart all daemons that use the library, or reboot the system.
3) To update your vulnerable system via a source code patch:
The following patches have been verified to apply to the applicable FreeBSD release branches.
a) Download the relevant patch from the location below, and verify the detached PGP signature using your PGP utility.
[FreeBSD 10.x]
fetch https://security.FreeBSD.org/patches/SA-16:17/openssl-10.patch
fetch https://security.FreeBSD.org/patches/SA-16:17/openssl-10.patch.asc
gpg --verify openssl-10.patch.asc
[FreeBSD 9.3]
fetch https://security.FreeBSD.org/patches/SA-16:17/openssl-9.patc
fetch https://security.FreeBSD.org/patches/SA-16:17/openssl-9.patch.asc
gpg --verify openssl-9.patch.asc
b) Apply the patch. Execute the following commands as root:
cd /usr/src
patch < /path/to/patch
c) Recompile the operating system using buildworld and installworld as described in .
Restart all daemons that use the library, or reboot the system.
VI. Correction details
The following list contains the correction revision numbers for each affected branch.
Branch/path Revision
stable/9/ r299053 releng/9.3/ r299068 stable/10/ r298999 releng/10.1/ r299068 releng/10.2/ r299067 releng/10.3/ r299066
To see which files were modified by a particular revision, run the following command, replacing NNNNNN with the revision number, on a machine with Subversion installed:
svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base
Or visit the following URL, replacing NNNNNN with the revision number:
VII. 6) - i386, x86_64
- -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
===================================================================== Red Hat Security Advisory
Synopsis: Important: openssl security update Advisory ID: RHSA-2016:0722-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2016-0722.html Issue date: 2016-05-09 CVE Names: CVE-2016-0799 CVE-2016-2105 CVE-2016-2106 CVE-2016-2107 CVE-2016-2108 CVE-2016-2109 CVE-2016-2842 =====================================================================
- Summary:
An update for openssl is now available for Red Hat Enterprise Linux 7. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
- Relevant releases/architectures:
Red Hat Enterprise Linux Client (v. 7) - x86_64 Red Hat Enterprise Linux Client Optional (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64 Red Hat Enterprise Linux Server (v. 7) - ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 7) - ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 7) - x86_64 Red Hat Enterprise Linux Workstation Optional (v. 7) - x86_64
- Description:
OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols, as well as a full-strength general-purpose cryptography library.
Security Fix(es):
-
A flaw was found in the way OpenSSL encoded certain ASN.1 data structures. (CVE-2016-2105, CVE-2016-2106)
-
It was discovered that OpenSSL leaked timing information when decrypting TLS/SSL and DTLS protocol encrypted records when the connection used the AES CBC cipher suite and the server supported AES-NI. A remote attacker could possibly use this flaw to retrieve plain text from encrypted packets by using a TLS/SSL or DTLS server as a padding oracle. (CVE-2016-0799, CVE-2016-2842)
-
A denial of service flaw was found in the way OpenSSL parsed certain ASN.1-encoded data from BIO (OpenSSL's I/O abstraction) inputs. (CVE-2016-2109)
Red Hat would like to thank the OpenSSL project for reporting CVE-2016-2108, CVE-2016-2842, CVE-2016-2105, CVE-2016-2106, CVE-2016-2107, and CVE-2016-0799. Upstream acknowledges Huzaifa Sidhpurwala (Red Hat), Hanno Böck, and David Benjamin (Google) as the original reporters of CVE-2016-2108; Guido Vranken as the original reporter of CVE-2016-2842, CVE-2016-2105, CVE-2016-2106, and CVE-2016-0799; and Juraj Somorovsky as the original reporter of CVE-2016-2107.
- Solution:
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
For the update to take effect, all services linked to the OpenSSL library must be restarted, or the system rebooted.
- Package List:
Red Hat Enterprise Linux Client (v. 7):
Source: openssl-1.0.1e-51.el7_2.5.src.rpm
x86_64: openssl-1.0.1e-51.el7_2.5.x86_64.rpm openssl-debuginfo-1.0.1e-51.el7_2.5.i686.rpm openssl-debuginfo-1.0.1e-51.el7_2.5.x86_64.rpm openssl-libs-1.0.1e-51.el7_2.5.i686.rpm openssl-libs-1.0.1e-51.el7_2.5.x86_64.rpm
Red Hat Enterprise Linux Client Optional (v. 7):
x86_64: openssl-debuginfo-1.0.1e-51.el7_2.5.i686.rpm openssl-debuginfo-1.0.1e-51.el7_2.5.x86_64.rpm openssl-devel-1.0.1e-51.el7_2.5.i686.rpm openssl-devel-1.0.1e-51.el7_2.5.x86_64.rpm openssl-perl-1.0.1e-51.el7_2.5.x86_64.rpm openssl-static-1.0.1e-51.el7_2.5.i686.rpm openssl-static-1.0.1e-51.el7_2.5.x86_64.rpm
Red Hat Enterprise Linux ComputeNode (v. 7):
Source: openssl-1.0.1e-51.el7_2.5.src.rpm
x86_64: openssl-1.0.1e-51.el7_2.5.x86_64.rpm openssl-debuginfo-1.0.1e-51.el7_2.5.i686.rpm openssl-debuginfo-1.0.1e-51.el7_2.5.x86_64.rpm openssl-libs-1.0.1e-51.el7_2.5.i686.rpm openssl-libs-1.0.1e-51.el7_2.5.x86_64.rpm
Red Hat Enterprise Linux ComputeNode Optional (v. 7):
x86_64: openssl-debuginfo-1.0.1e-51.el7_2.5.i686.rpm openssl-debuginfo-1.0.1e-51.el7_2.5.x86_64.rpm openssl-devel-1.0.1e-51.el7_2.5.i686.rpm openssl-devel-1.0.1e-51.el7_2.5.x86_64.rpm openssl-perl-1.0.1e-51.el7_2.5.x86_64.rpm openssl-static-1.0.1e-51.el7_2.5.i686.rpm openssl-static-1.0.1e-51.el7_2.5.x86_64.rpm
Red Hat Enterprise Linux Server (v. 7):
Source: openssl-1.0.1e-51.el7_2.5.src.rpm
ppc64: openssl-1.0.1e-51.el7_2.5.ppc64.rpm openssl-debuginfo-1.0.1e-51.el7_2.5.ppc.rpm openssl-debuginfo-1.0.1e-51.el7_2.5.ppc64.rpm openssl-devel-1.0.1e-51.el7_2.5.ppc.rpm openssl-devel-1.0.1e-51.el7_2.5.ppc64.rpm openssl-libs-1.0.1e-51.el7_2.5.ppc.rpm openssl-libs-1.0.1e-51.el7_2.5.ppc64.rpm
ppc64le: openssl-1.0.1e-51.el7_2.5.ppc64le.rpm openssl-debuginfo-1.0.1e-51.el7_2.5.ppc64le.rpm openssl-devel-1.0.1e-51.el7_2.5.ppc64le.rpm openssl-libs-1.0.1e-51.el7_2.5.ppc64le.rpm
s390x: openssl-1.0.1e-51.el7_2.5.s390x.rpm openssl-debuginfo-1.0.1e-51.el7_2.5.s390.rpm openssl-debuginfo-1.0.1e-51.el7_2.5.s390x.rpm openssl-devel-1.0.1e-51.el7_2.5.s390.rpm openssl-devel-1.0.1e-51.el7_2.5.s390x.rpm openssl-libs-1.0.1e-51.el7_2.5.s390.rpm openssl-libs-1.0.1e-51.el7_2.5.s390x.rpm
x86_64: openssl-1.0.1e-51.el7_2.5.x86_64.rpm openssl-debuginfo-1.0.1e-51.el7_2.5.i686.rpm openssl-debuginfo-1.0.1e-51.el7_2.5.x86_64.rpm openssl-devel-1.0.1e-51.el7_2.5.i686.rpm openssl-devel-1.0.1e-51.el7_2.5.x86_64.rpm openssl-libs-1.0.1e-51.el7_2.5.i686.rpm openssl-libs-1.0.1e-51.el7_2.5.x86_64.rpm
Red Hat Enterprise Linux Server Optional (v. 7):
ppc64: openssl-debuginfo-1.0.1e-51.el7_2.5.ppc.rpm openssl-debuginfo-1.0.1e-51.el7_2.5.ppc64.rpm openssl-perl-1.0.1e-51.el7_2.5.ppc64.rpm openssl-static-1.0.1e-51.el7_2.5.ppc.rpm openssl-static-1.0.1e-51.el7_2.5.ppc64.rpm
ppc64le: openssl-debuginfo-1.0.1e-51.el7_2.5.ppc64le.rpm openssl-perl-1.0.1e-51.el7_2.5.ppc64le.rpm openssl-static-1.0.1e-51.el7_2.5.ppc64le.rpm
s390x: openssl-debuginfo-1.0.1e-51.el7_2.5.s390.rpm openssl-debuginfo-1.0.1e-51.el7_2.5.s390x.rpm openssl-perl-1.0.1e-51.el7_2.5.s390x.rpm openssl-static-1.0.1e-51.el7_2.5.s390.rpm openssl-static-1.0.1e-51.el7_2.5.s390x.rpm
x86_64: openssl-debuginfo-1.0.1e-51.el7_2.5.i686.rpm openssl-debuginfo-1.0.1e-51.el7_2.5.x86_64.rpm openssl-perl-1.0.1e-51.el7_2.5.x86_64.rpm openssl-static-1.0.1e-51.el7_2.5.i686.rpm openssl-static-1.0.1e-51.el7_2.5.x86_64.rpm
Red Hat Enterprise Linux Workstation (v. 7):
Source: openssl-1.0.1e-51.el7_2.5.src.rpm
x86_64: openssl-1.0.1e-51.el7_2.5.x86_64.rpm openssl-debuginfo-1.0.1e-51.el7_2.5.i686.rpm openssl-debuginfo-1.0.1e-51.el7_2.5.x86_64.rpm openssl-devel-1.0.1e-51.el7_2.5.i686.rpm openssl-devel-1.0.1e-51.el7_2.5.x86_64.rpm openssl-libs-1.0.1e-51.el7_2.5.i686.rpm openssl-libs-1.0.1e-51.el7_2.5.x86_64.rpm
Red Hat Enterprise Linux Workstation Optional (v. 7):
x86_64: openssl-debuginfo-1.0.1e-51.el7_2.5.i686.rpm openssl-debuginfo-1.0.1e-51.el7_2.5.x86_64.rpm openssl-perl-1.0.1e-51.el7_2.5.x86_64.rpm openssl-static-1.0.1e-51.el7_2.5.i686.rpm openssl-static-1.0.1e-51.el7_2.5.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/
- References:
https://access.redhat.com/security/cve/CVE-2016-0799 https://access.redhat.com/security/cve/CVE-2016-2105 https://access.redhat.com/security/cve/CVE-2016-2106 https://access.redhat.com/security/cve/CVE-2016-2107 https://access.redhat.com/security/cve/CVE-2016-2108 https://access.redhat.com/security/cve/CVE-2016-2109 https://access.redhat.com/security/cve/CVE-2016-2842 https://access.redhat.com/security/updates/classification/#important
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2016 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iD8DBQFXMFlTXlSAg2UNWIIRAhYAAJ0T9Ib2vXUa5te34i6fphHrbe0HlwCfePy5 WjaK8x9OaI0FgbWyfxvwq6o= =jHjh -----END PGP SIGNATURE-----
-- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce. This could lead to a heap corruption. This could lead to a heap corruption.
CVE-2016-2108
David Benjamin from Google discovered that two separate bugs in the
ASN.1 encoder, related to handling of negative zero integer values
and large universal tags, could lead to an out-of-bounds write.
For the unstable distribution (sid), these problems have been fixed in version 1.0.2h-1. Description:
Red Hat JBoss Enterprise Application Platform 6 is a platform for Java applications based on JBoss Application Server 7.
This release includes bug fixes and enhancements, as well as a new release of OpenSSL that addresses a number of outstanding security flaws. For further information, see the knowledge base article linked to in the References section. The JBoss server process must be restarted for the update to take effect. (CVE-2016-2108)
-
Multiple flaws were found in the way httpd parsed HTTP requests and responses using chunked transfer encoding. A remote attacker could use these flaws to create a specially crafted request, which httpd would decode differently from an HTTP proxy software in front of it, possibly leading to HTTP request smuggling attacks. (CVE-2015-3195)
-
A flaw was found in the way the TLS protocol composes the Diffie-Hellman exchange (for both export and non-export grade cipher suites). An attacker could use this flaw to downgrade a DHE connection to use export-grade key sizes, which could then be broken by sufficient pre-computation. This can lead to a passive man-in-the-middle attack in which the attacker is able to decrypt all traffic. (CVE-2016-2106)
-
It was discovered that it is possible to remotely Segfault Apache http server with a specially crafted string sent to the mod_cluster via service messages (MCMP). (CVE-2016-2109)
-
It was discovered that specifying configuration with a JVMRoute path longer than 80 characters will cause segmentation fault leading to a server crash. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
Note: the current version of the following document is available here: https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c05320149
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c05320149 Version: 1
HPSBMU03653 rev.1 - HPE System Management Homepage (SMH), Remote Arbitrary Code Execution, Cross-Site Scripting (XSS), Denial of Service (DoS), Unauthorized Disclosure of Information
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2016-10-26 Last Updated: 2016-10-26
Potential Security Impact: Remote: Arbitrary Code Execution, Cross-Site Scripting (XSS), Denial of Service (DoS), Unauthorized Disclosure of Information
Source: Hewlett Packard Enterprise, Product Security Response Team
VULNERABILITY SUMMARY Multiple potential security vulnerabilities have been identified in HPE System Management Homepage (SMH) on Windows and Linux. The vulnerabilities could be remotely exploited using man-in-the-middle (MITM) attacks resulting in cross-site scripting (XSS), arbitrary code execution, Denial of Service (DoS), and/or unauthorized disclosure of information.
References:
- CVE-2016-2107 - OpenSSL, Unauthorized disclosure of information
- CVE-2016-2106 - OpenSSL, Denial of Service (DoS)
- CVE-2016-2109 - OpenSSL, Denial of Service (DoS)
- CVE-2016-2105 - OpenSSL, Denial of Service (DoS)
- CVE-2016-3739 - cURL and libcurl, Remote code execution
- CVE-2016-5388 - "HTTPoxy", Apache Tomcat
- CVE-2016-5387 - "HTTPoxy", Apache HTTP Server
- CVE-2016-5385 - "HTTPoxy", PHP
- CVE-2016-4543 - PHP, multiple impact
- CVE-2016-4071 - PHP, multiple impact
- CVE-2016-4072 - PHP, multiple impact
- CVE-2016-4542 - PHP, multiple impact
- CVE-2016-4541 - PHP, multiple impact
- CVE-2016-4540 - PHP, multiple impact
- CVE-2016-4539 - PHP, multiple impact
- CVE-2016-4538 - PHP, multiple impact
- CVE-2016-4537 - PHP, multiple impact
- CVE-2016-4343 - PHP, multiple impact
- CVE-2016-4342 - PHP, multiple impact
- CVE-2016-4070 - PHP, Denial of Service (DoS)
- CVE-2016-4393 - PSRT110263, XSS vulnerability
- CVE-2016-4394 - PSRT110263, HSTS vulnerability
- CVE-2016-4395 - ZDI-CAN-3722, PSRT110115, Buffer Overflow
- CVE-2016-4396 - ZDI-CAN-3730, PSRT110116, Buffer Overflow
- PSRT110145
- PSRT110263
- PSRT110115
- PSRT110116
SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed.
- HPE System Management Homepage - all versions prior to v7.6
BACKGROUND
CVSS Base Metrics ================= Reference, CVSS V3 Score/Vector, CVSS V2 Score/Vector
CVE-2016-2105
7.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
5.0 (AV:N/AC:L/Au:N/C:N/I:N/A:P)
CVE-2016-2106
7.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
5.0 (AV:N/AC:L/Au:N/C:N/I:N/A:P)
CVE-2016-2107
5.9 CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
2.6 (AV:N/AC:H/Au:N/C:P/I:N/A:N)
CVE-2016-2109
7.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.8 (AV:N/AC:L/Au:N/C:N/I:N/A:C)
CVE-2016-3739
5.3 CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N
2.6 (AV:N/AC:H/Au:N/C:N/I:P/A:N)
CVE-2016-4070
7.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
5.0 (AV:N/AC:L/Au:N/C:N/I:N/A:P)
CVE-2016-4071
9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)
CVE-2016-4072
9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)
CVE-2016-4342
8.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
8.3 (AV:N/AC:M/Au:N/C:P/I:P/A:C)
CVE-2016-4343
9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)
CVE-2016-4393
4.2 CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N
4.9 (AV:N/AC:M/Au:S/C:P/I:P/A:N)
CVE-2016-4394
6.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L
5.8 (AV:N/AC:M/Au:N/C:N/I:P/A:P)
CVE-2016-4395
7.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
7.8 (AV:N/AC:L/Au:N/C:N/I:C/A:N)
CVE-2016-4396
7.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
7.8 (AV:N/AC:L/Au:N/C:N/I:C/A:N)
CVE-2016-4537
9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)
CVE-2016-4538
9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)
CVE-2016-4539
9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)
CVE-2016-4540
9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)
CVE-2016-4541
9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)
CVE-2016-4542
9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)
CVE-2016-4543
9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)
CVE-2016-5385
8.1 CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
5.1 (AV:N/AC:H/Au:N/C:P/I:P/A:P)
CVE-2016-5387
8.1 CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
5.1 (AV:N/AC:H/Au:N/C:P/I:P/A:P)
CVE-2016-5388
8.1 CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
5.1 (AV:N/AC:H/Au:N/C:P/I:P/A:P)
Information on CVSS is documented in
HPE Customer Notice HPSN-2008-002 here:
https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c01345499
- Hewlett Packard Enterprise thanks Tenable Network Security for working with Trend Micro's Zero Day Initiative (ZDI) for reporting CVE-2016-4395 and CVE-2016-4396 to security-alert@hpe.com
RESOLUTION
HPE has made the following software updates available to resolve the vulnerabilities for the impacted versions of System Management Homepage (SMH).
Please download and install HPE System Management Homepage (SMH) v7.6.0 from the following locations:
HISTORY Version:1 (rev.1) - 26 October 2016 Initial release
Third Party Security Patches: Third party security patches that are to be installed on systems running Hewlett Packard Enterprise (HPE) software products should be applied in accordance with the customer's patch management policy.
Support: For issues about implementing the recommendations of this Security Bulletin, contact normal HPE Services support channel. For other issues about the content of this Security Bulletin, send e-mail to security-alert@hpe.com.
Report: To report a potential security vulnerability for any HPE supported product: Web form: https://www.hpe.com/info/report-security-vulnerability Email: security-alert@hpe.com
Subscribe: To initiate a subscription to receive future HPE Security Bulletin alerts via Email: http://www.hpe.com/support/Subscriber_Choice
Security Bulletin Archive: A list of recently released Security Bulletins is available here: http://www.hpe.com/support/Security_Bulletin_Archive
Software Product Category: The Software Product Category is represented in the title by the two characters following HPSB.
3C = 3COM 3P = 3rd Party Software GN = HPE General Software HF = HPE Hardware and Firmware MU = Multi-Platform Software NS = NonStop Servers OV = OpenVMS PV = ProCurve ST = Storage Software UX = HP-UX
Copyright 2016 Hewlett Packard Enterprise
Hewlett Packard Enterprise shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett Packard Enterprise and the names of Hewlett Packard Enterprise products referenced herein are trademarks of Hewlett Packard Enterprise in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512
APPLE-SA-2016-07-18-1 OS X El Capitan v10.11.6 and Security Update 2016-004
OS X El Capitan v10.11.6 and Security Update 2016-004 is now available and addresses the following:
apache_mod_php
Available for:
OS X Yosemite v10.10.5 and OS X El Capitan v10.11 and later
Impact: A remote attacker may be able to execute arbitrary code
Description: Multiple issues existed in PHP versions prior to
5.5.36. These were addressed by updating PHP to version 5.5.36.
CVE-2016-4650
Audio Available for: OS X El Capitan v10.11 and later Impact: A local user may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed through improved memory handling. CVE-2016-4647 : Juwei Lin (@fuzzerDOTcn) of Trend Micro
Audio Available for: OS X El Capitan v10.11 and later Impact: A local user may be able to determine kernel memory layout Description: An out-of-bounds read was addressed through improved input validation. CVE-2016-4648 : Juwei Lin(@fuzzerDOTcn) of Trend Micro
Audio Available for: OS X El Capitan v10.11 and later Impact: Parsing a maliciously crafted audio file may lead to the disclosure of user information Description: An out-of-bounds read was addressed through improved bounds checking. CVE-2016-4646 : Steven Seeley of Source Incite working with Trend Micro's Zero Day Initiative
Audio Available for: OS X El Capitan v10.11 and later Impact: A local user may be able to cause a system denial of service Description: A null pointer dereference was addressed through improved input validation. CVE-2016-4649 : Juwei Lin(@fuzzerDOTcn) of Trend Micro
bsdiff Available for: OS X El Capitan v10.11 and later Impact: A local attacker may be able to cause unexpected application termination or arbitrary code execution Description: An integer overflow existed in bspatch. This issue was addressed through improved bounds checking. CVE-2014-9862 : an anonymous researcher
CFNetwork Available for: OS X El Capitan v10.11 and later Impact: A local user may be able to view sensitive user information Description: A permissions issue existed in the handling of web browser cookies. This issue was addressed through improved restrictions. CVE-2016-4645 : Abhinav Bansal of Zscaler Inc.
CoreGraphics Available for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan v10.11 and later Impact: A remote attacker may be able to execute arbitrary code Description: A memory corruption issue was addressed through improved memory handling. CVE-2016-4637 : Tyler Bohan of Cisco Talos (talosintel.com /vulnerability-reports)
CoreGraphics Available for: OS X El Capitan v10.11 and later Impact: A local user may be able to elevate privileges Description: An out-of-bounds read issue existed that led to the disclosure of kernel memory. This was addressed through improved input validation. CVE-2016-4652 : Yubin Fu of Tencent KeenLab working with Trend Micro's Zero Day Initiative
FaceTime Available for: OS X El Capitan v10.11 and later Impact: An attacker in a privileged network position may be able to cause a relayed call to continue transmitting audio while appearing as if the call terminated Description: User interface inconsistencies existed in the handling of relayed calls. These issues were addressed through improved FaceTime display logic. CVE-2016-4635 : Martin Vigo
Graphics Drivers Available for: OS X El Capitan v10.11 and later Impact: A local user may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed through improved input validation. CVE-2016-4634 : Stefan Esser of SektionEins
ImageIO Available for: OS X El Capitan v10.11 and later Impact: A remote attacker may be able to cause a denial of service Description: A memory consumption issue was addressed through improved memory handling. CVE-2016-4632 : Evgeny Sidorov of Yandex
ImageIO Available for: OS X El Capitan v10.11 and later Impact: A remote attacker may be able to execute arbitrary code Description: Multiple memory corruption issues were addressed through improved memory handling. CVE-2016-4631 : Tyler Bohan of Cisco Talos (talosintel.com /vulnerability-reports)
ImageIO Available for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan v10.11 and later Impact: A remote attacker may be able to execute arbitrary code Description: Multiple memory corruption issues were addressed through improved memory handling. CVE-2016-4629 : Tyler Bohan of Cisco Talos (talosintel.com /vulnerability-reports) CVE-2016-4630 : Tyler Bohan of Cisco Talos (talosintel.com /vulnerability-reports)
Intel Graphics Driver Available for: OS X El Capitan v10.11 and later Impact: A malicious application may be able to execute arbitrary code with kernel privileges Description: Multiple memory corruption issues were addressed through improved memory handling. CVE-2016-4633 : an anonymous researcher
IOHIDFamily Available for: OS X El Capitan v10.11 and later Impact: A local user may be able to execute arbitrary code with kernel privileges Description: A null pointer dereference was addressed through improved input validation. CVE-2016-4626 : Stefan Esser of SektionEins
IOSurface Available for: OS X El Capitan v10.11 and later Impact: A local user may be able to execute arbitrary code with kernel privileges Description: A use-after-free was addressed through improved memory management. CVE-2016-4625 : Ian Beer of Google Project Zero
Kernel Available for: OS X El Capitan v10.11 and later Impact: A local user may be able to execute arbitrary code with kernel privileges Description: Multiple memory corruption issues were addressed through improved memory handling. CVE-2016-1863 : Ian Beer of Google Project Zero CVE-2016-1864 : Ju Zhu of Trend Micro CVE-2016-4582 : Shrek_wzw and Proteas of Qihoo 360 Nirvan Team
Kernel Available for: OS X El Capitan v10.11 and later Impact: A local user may be able to cause a system denial of service Description: A null pointer dereference was addressed through improved input validation. CVE-2016-1865 : CESG, Marco Grassi (@marcograss) of KeenLab (@keen_lab), Tencent
libc++abi Available for: OS X El Capitan v10.11 and later Impact: An application may be able to execute arbitrary code with root privileges Description: Multiple memory corruption issues were addressed through improved memory handling. CVE-2016-4621 : an anonymous researcher
libexpat Available for: OS X El Capitan v10.11 and later Impact: Processing maliciously crafted XML may lead to unexpected application termination or arbitrary code execution Description: Multiple memory corruption issues were addressed through improved memory handling. CVE-2016-0718 : Gustavo Grieco
LibreSSL Available for: OS X El Capitan v10.11 and later Impact: A remote attacker may be able to execute arbitrary code Description: Multiple issues existed in LibreSSL before 2.2.7. These were addressed by updating LibreSSL to version 2.2.7. CVE-2016-2108 : Huzaifa Sidhpurwala (Red Hat), Hanno Boeck, David Benjamin (Google) Mark Brand, Ian Beer of Google Project Zero CVE-2016-2109 : Brian Carpenter
libxml2 Available for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan v10.11 and later Impact: Parsing a maliciously crafted XML document may lead to disclosure of user information Description: An access issue existed in the parsing of maliciously crafted XML files. This issue was addressed through improved input validation. CVE-2016-4449 : Kostya Serebryany
libxml2 Available for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan v10.11 and later Impact: Multiple vulnerabilities in libxml2 Description: Multiple memory corruption issues were addressed through improved memory handling. CVE-2016-1836 : Wei Lei and Liu Yang of Nanyang Technological University CVE-2016-4447 : Wei Lei and Liu Yang of Nanyang Technological University CVE-2016-4448 : Apple CVE-2016-4483 : Gustavo Grieco CVE-2016-4614 : Nick Wellnhofe CVE-2016-4615 : Nick Wellnhofer CVE-2016-4616 : Michael Paddon CVE-2016-4619 : Hanno Boeck
libxslt Available for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan v10.11 and later Impact: Multiple vulnerabilities in libxslt Description: Multiple memory corruption issues were addressed through improved memory handling. CVE-2016-1684 : Nicolas GrA(c)goire CVE-2016-4607 : Nick Wellnhofer CVE-2016-4608 : Nicolas GrA(c)goire CVE-2016-4609 : Nick Wellnhofer CVE-2016-4610 : Nick Wellnhofer CVE-2016-4612 : Nicolas GrA(c)goire
Login Window Available for: OS X El Capitan v10.11 and later Impact: A malicious application may be able to execute arbitrary code leading to compromise of user information Description: A memory corruption issue was addressed through improved input validation. CVE-2016-4640 : Yubin Fu of Tencent KeenLab working with Trend Micro's Zero Day Initiative
Login Window Available for: OS X El Capitan v10.11 and later Impact: A malicious application may be able to execute arbitrary code leading to the compromise of user information Description: A type confusion issue was addressed through improved memory handling. CVE-2016-4641 : Yubin Fu of Tencent KeenLab working with Trend Micro's Zero Day Initiative
Login Window Available for: OS X El Capitan v10.11 and later Impact: A local user may be able to cause a denial of service Description: A memory initialization issue was addressed through improved memory handling. CVE-2016-4639 : Yubin Fu of Tencent KeenLab working with Trend Micro's Zero Day Initiative
Login Window Available for: OS X El Capitan v10.11 and later Impact: A malicious application may be able to gain root privileges Description: A type confusion issue was addressed through improved memory handling. CVE-2016-4638 : Yubin Fu of Tencent KeenLab working with Trend Micro's Zero Day Initiative
OpenSSL Available for: OS X El Capitan v10.11 and later Impact: A remote attacker may be able to execute arbitrary code Description: Multiple issues existed in OpenSSL. CVE-2016-2105 : Guido Vranken CVE-2016-2106 : Guido Vranken CVE-2016-2107 : Juraj Somorovsky CVE-2016-2108 : Huzaifa Sidhpurwala (Red Hat), Hanno Boeck, David Benjamin (Google), Mark Brand and Ian Beer of Google Project Zero CVE-2016-2109 : Brian Carpenter CVE-2016-2176 : Guido Vranken
QuickTime Available for: OS X El Capitan v10.11 and later Impact: Processing a maliciously crafted FlashPix Bitmap Image may lead to unexpected application termination or arbitrary code execution Description: Multiple memory corruption issues were addressed through improved memory handling. CVE-2016-4596 : Ke Liu of Tencent's Xuanwu Lab CVE-2016-4597 : Ke Liu of Tencent's Xuanwu Lab CVE-2016-4600 : Ke Liu of Tencent's Xuanwu Lab CVE-2016-4602 : Ke Liu of Tencent's Xuanwu Lab
QuickTime Available for: OS X El Capitan v10.11 and later Impact: Processing a maliciously crafted image may lead to arbitrary code execution Description: A memory corruption issue was addressed through improved input validation. CVE-2016-4598 : Ke Liu of Tencent's Xuanwu Lab
QuickTime Available for: OS X El Capitan v10.11 and later Impact: Processing a maliciously crafted SGI file may lead to arbitrary code execution Description: A memory corruption issue was addressed through improved input validation. CVE-2016-4601 : Ke Liu of Tencent's Xuanwu Lab
QuickTime Available for: OS X El Capitan v10.11 and later Impact: Processing a maliciously crafted Photoshop document may lead to unexpected application termination or arbitrary code execution Description: A memory corruption issue was addressed through improved input validation. CVE-2016-4599 : Ke Liu of Tencent's Xuanwu Lab
Safari Login AutoFill Available for: OS X El Capitan v10.11 and later Impact: A user's password may be visible on screen Description: An issue existed in Safari's password auto-fill. This issue was addressed through improved matching of form fields. CVE-2016-4595 : Jonathan Lewis from DeARX Services (PTY) LTD
Sandbox Profiles Available for: OS X El Capitan v10.11 and later Impact: A local application may be able to access the process list Description: An access issue existed with privileged API calls. This issue was addressed through additional restrictions. CVE-2016-4594 : Stefan Esser of SektionEins
Note: OS X El Capitan 10.11.6 includes the security content of Safari 9.1.2. For further details see https://support.apple.com/kb/HT206900
OS X El Capitan v10.11.6 and Security Update 2016-004 may be obtained from the Mac App Store or Apple's Software Downloads web site: http://www.apple.com/support/downloads/
Information will also be posted to the Apple Security Updates web site: http://support.apple.com/kb/HT201222
This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- Comment: GPGTools - https://gpgtools.org
iQIcBAEBCgAGBQJXjXAvAAoJEIOj74w0bLRG/5EP/2v9SJTrO+/4b3A1gqC1ch8y +cJ04tXRsO7rvjKT5nCylo30U0Sanz/bUbDx4559YS7/P/IyeyZVheaTJwK8wzEy pSOPpy35hUuVIw0/p4YsuHDThSBPFMmDljTxH7elkfuBV1lPSrCkyDXc0re2HxWV xj68zAxtM0jkkhgcxb2ApZSZVXhrjUZtbY0xEVOoWKKFwbMvKfx+4xSqunwQeS1u wevs1EbxfvsZbc3pG+xYcOonbegBzOy9aCvNO1Yv1zG+AYXC5ERMq1vk3PsWOTQN ZVY1I7mvCaEfvmjq2isRw8XYapAIKISDLwMKBSYrZDQFwPQLRi1VXxQZ67Kq1M3k ah04/lr0RIcoosIcBqxD2+1UAFjUzEUNFkYivjhuaeegN2QdL7Ujegf1QjdAt8lk mmKduxYUDOaRX50Kw7n14ZveJqzE1D5I6QSItaZ9M1vR60a7u91DSj9D87vbt1YC JM/Rvf/4vonp1NjwA2JQwCiZfYliBDdn9iiCl8mzxdsSRD/wXcZCs05nnKmKsCfc 55ET7IwdG3622lVheOJGQZuucwJiTn36zC11XVzZysQd/hLD5rUKUQNX1WOgZdzs xPsslXF5MWx9jcdyWVSWxDrN0sFk+GpQFQDuVozP60xuxqR3qQ0TXir2NP39uIF5 YozOGPQFmX0OviWCQsX6 =ng+m -----END PGP SIGNATURE----- .
The References section of this erratum contains a download link (you must log in to download the update). (CVE-2014-8176, CVE-2015-0209, CVE-2015-0286, CVE-2015-3194, CVE-2015-3195, CVE-2015-3196, CVE-2015-3216, CVE-2016-0702, CVE-2016-0705, CVE-2016-0797, CVE-2016-0799, CVE-2016-2105, CVE-2016-2106, CVE-2016-2107, CVE-2016-2108, CVE-2016-2109, CVE-2016-2177, CVE-2016-2178, CVE-2016-2842)
-
This update fixes several flaws in libxml2. (CVE-2016-1762, CVE-2016-1833, CVE-2016-1834, CVE-2016-1835, CVE-2016-1836, CVE-2016-1837, CVE-2016-1838, CVE-2016-1839, CVE-2016-1840, CVE-2016-3627, CVE-2016-3705, CVE-2016-4447, CVE-2016-4448, CVE-2016-4449, CVE-2016-4483)
-
This update fixes three flaws in curl. (CVE-2016-5419, CVE-2016-5420, CVE-2016-7141)
-
This update fixes two flaws in httpd. (CVE-2014-3523, CVE-2015-3185)
-
This update fixes two flaws in mod_cluster. (CVE-2016-4459, CVE-2016-8612)
-
A buffer overflow flaw when concatenating virtual host names and URIs was fixed in mod_jk. (CVE-2016-6808)
-
A memory leak flaw was fixed in expat.
After installing the updated packages, the httpd daemon will be restarted automatically. JIRA issues fixed (https://issues.jboss.org/):
JBCS-50 - CVE-2012-1148 CVE-2012-0876 expat: various flaws [jbews-3.0.0] JBCS-95 - CVE-2014-3523 httpd: WinNT MPM denial of service
6
Show details on source website{
"affected_products": {
"_id": null,
"data": [
{
"_id": null,
"model": "enterprise linux hpc node eus",
"scope": "eq",
"trust": 1.3,
"vendor": "redhat",
"version": "7.2"
},
{
"_id": null,
"model": "enterprise linux server aus",
"scope": "eq",
"trust": 1.3,
"vendor": "redhat",
"version": "7.2"
},
{
"_id": null,
"model": "enterprise linux server eus",
"scope": "eq",
"trust": 1.3,
"vendor": "redhat",
"version": "7.2"
},
{
"_id": null,
"model": "enterprise linux workstation",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "6.0"
},
{
"_id": null,
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.0"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.2d"
},
{
"_id": null,
"model": "enterprise linux server",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.0"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.2"
},
{
"_id": null,
"model": "enterprise linux server",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "6.0"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.2c"
},
{
"_id": null,
"model": "openssl",
"scope": "lte",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1s"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.2b"
},
{
"_id": null,
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "6.0"
},
{
"_id": null,
"model": "enterprise linux hpc node",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.0"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.2e"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.2f"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.2g"
},
{
"_id": null,
"model": "enterprise linux workstation",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.0"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.2a"
},
{
"_id": null,
"model": "enterprise linux hpc node",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "6.0"
},
{
"_id": null,
"model": "registered envelope service",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "telepresence video communication server",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "paging server",
"scope": "ne",
"trust": 0.6,
"vendor": "cisco",
"version": "11.5.1"
},
{
"_id": null,
"model": "nexus series switches 5.2 sv3",
"scope": "ne",
"trust": 0.6,
"vendor": "cisco",
"version": "1000v"
},
{
"_id": null,
"model": "network performance analytics",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "ironport encryption appliance",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "spa51x series ip phones",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "mate collector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "ata series analog terminal adaptor",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1900"
},
{
"_id": null,
"model": "video surveillance series ip cameras",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "30000"
},
{
"_id": null,
"model": "network health framework",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "telepresence server on virtual machine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"_id": null,
"model": "spa232d multi-line dect ata",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "cloud manager with openstack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2"
},
{
"_id": null,
"model": "show and share",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.2(1)"
},
{
"_id": null,
"model": "digital media manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.2.2.1"
},
{
"_id": null,
"model": "unified series ip phones",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "780011.5.2"
},
{
"_id": null,
"model": "power hmc",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.3.0.0"
},
{
"_id": null,
"model": "clean access manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "security access manager for web",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0"
},
{
"_id": null,
"model": "lancope stealthwatch flowcollector netflow",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6.8"
},
{
"_id": null,
"model": "emergency responder",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "10.5(3.10000.9)"
},
{
"_id": null,
"model": "hosted collaboration mediation fulfillment",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "10.6(3)"
},
{
"_id": null,
"model": "10.2-release-p8",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "cloud manager with openstack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1.0.3"
},
{
"_id": null,
"model": "proactive network operations center",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "telepresence server mr2",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "87104.2"
},
{
"_id": null,
"model": "websphere cast iron cloud integration",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.40"
},
{
"_id": null,
"model": "emergency responder",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.5"
},
{
"_id": null,
"model": "video distribution suite for internet streaming",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.3.2"
},
{
"_id": null,
"model": "digital media manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.2.2"
},
{
"_id": null,
"model": "peoplesoft enterprise peopletools",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "8.53"
},
{
"_id": null,
"model": "tivoli netcool system service monitor fp1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.0"
},
{
"_id": null,
"model": "mysql server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6"
},
{
"_id": null,
"model": "video surveillance media server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.11"
},
{
"_id": null,
"model": "project openssl 1.0.1e",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "lancope stealthwatch udp director",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6.8.2"
},
{
"_id": null,
"model": "nexus series blade switches 0.9.8zf",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4000"
},
{
"_id": null,
"model": "telepresence isdn link",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "1.1.6"
},
{
"_id": null,
"model": "security access manager for mobile",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.5"
},
{
"_id": null,
"model": "project openssl 1.0.2g",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "tivoli composite application manager for transactions",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.3.0.1"
},
{
"_id": null,
"model": "tandberg codian isdn gw",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "32400"
},
{
"_id": null,
"model": "telepresence sx series",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "7.3.7"
},
{
"_id": null,
"model": "project openssl 1.0.1a",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.5.1.6"
},
{
"_id": null,
"model": "unified intelligent contact management enterprise",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.51"
},
{
"_id": null,
"model": "security access manager for web",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.4"
},
{
"_id": null,
"model": "telepresence mcu",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "85100"
},
{
"_id": null,
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.5.1.131"
},
{
"_id": null,
"model": "unified workforce optimization",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "digital media manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.2.1"
},
{
"_id": null,
"model": "enterprise manager",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "12.1.4"
},
{
"_id": null,
"model": "cloud manager with openstack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1"
},
{
"_id": null,
"model": "lancope stealthwatch flowcollector netflow",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6.8.1"
},
{
"_id": null,
"model": "datapower gateways",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.0.2"
},
{
"_id": null,
"model": "mysql server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.26"
},
{
"_id": null,
"model": "mediasense 9.0",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "abyp-4tl-p",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"_id": null,
"model": "powerkvm",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1"
},
{
"_id": null,
"model": "cognos business intelligence interim fix",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "10.1.119"
},
{
"_id": null,
"model": "security network controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.1209"
},
{
"_id": null,
"model": "asr series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "50000"
},
{
"_id": null,
"model": "aspera shares",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "1.9.6"
},
{
"_id": null,
"model": "power hmc",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.4.0.0"
},
{
"_id": null,
"model": "10.1-release-p26",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "edge digital media player",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3400"
},
{
"_id": null,
"model": "enterprise content delivery system",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "2.6.8"
},
{
"_id": null,
"model": "cloud manager with openstack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2.0.2"
},
{
"_id": null,
"model": "prime collaboration assurance sp1",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.5"
},
{
"_id": null,
"model": "tivoli netcool system service monitors fp3",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.1"
},
{
"_id": null,
"model": "enterprise linux workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7"
},
{
"_id": null,
"model": "emergency responder",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "10.5(1)"
},
{
"_id": null,
"model": "security access manager for mobile",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.3"
},
{
"_id": null,
"model": "workload deployer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.16"
},
{
"_id": null,
"model": "unified contact center enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "unified ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "88310"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.5"
},
{
"_id": null,
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.0.11"
},
{
"_id": null,
"model": "intelligent automation for cloud",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "jabber guest",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "10.0(2)"
},
{
"_id": null,
"model": "security network controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.3361"
},
{
"_id": null,
"model": "10.1-release-p5",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "unified ip phones",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "69010"
},
{
"_id": null,
"model": "prime security manager",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "9.5.4.3"
},
{
"_id": null,
"model": "security proventia network active bypass",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.13-34"
},
{
"_id": null,
"model": "cognos business intelligence server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.1.1"
},
{
"_id": null,
"model": "im and presence service",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.5"
},
{
"_id": null,
"model": "ata analog telephone adaptor",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "1879.2.5"
},
{
"_id": null,
"model": "tivoli netcool system service monitors fp15",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.0"
},
{
"_id": null,
"model": "jabber guest",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "show and share",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5(2)"
},
{
"_id": null,
"model": "security access manager for web",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1.1"
},
{
"_id": null,
"model": "real-time compression appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1.2"
},
{
"_id": null,
"model": "tivoli composite application manager for transactions",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.4.0.1"
},
{
"_id": null,
"model": "cloud manager with openstack interim fix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2.0.3"
},
{
"_id": null,
"model": "prime license manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "ucs central 1.5",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "prime collaboration deployment",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.5"
},
{
"_id": null,
"model": "series ip phones vpn feature",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "8800-11.5.2"
},
{
"_id": null,
"model": "mobile foundation consumer edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.2.0.1"
},
{
"_id": null,
"model": "web security appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "security network controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.3394"
},
{
"_id": null,
"model": "cloud manager with openstack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1.0.2"
},
{
"_id": null,
"model": "visual quality experience server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "filenet system monitor",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.5"
},
{
"_id": null,
"model": "project openssl 1.0.1t",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "anyconnect secure mobility client for windows",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.3"
},
{
"_id": null,
"model": "content security management appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "10.1-release-p28",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "agent for openflow",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "flex system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.4.0"
},
{
"_id": null,
"model": "rational insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.1"
},
{
"_id": null,
"model": "cloud manager with openstack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1.0.1"
},
{
"_id": null,
"model": "image construction and composition tool",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.3.1.0"
},
{
"_id": null,
"model": "webex recording playback client",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "prime collaboration assurance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "asa next-generation firewall services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "9.3-release-p38",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "telepresence content server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "tandberg codian mse model",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "83200"
},
{
"_id": null,
"model": "mysql enterprise backup",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "3.10.1"
},
{
"_id": null,
"model": "local collector appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2.8"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.11.2"
},
{
"_id": null,
"model": "9.3-release-p10",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.3-release-p1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "digital media players series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "44000"
},
{
"_id": null,
"model": "mds series multilayer switches",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "90008.3"
},
{
"_id": null,
"model": "security proventia network active bypass",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.16-37"
},
{
"_id": null,
"model": "10.2-release-p13",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "nexus series switches 7.3.1nx",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5000"
},
{
"_id": null,
"model": "opensuse evergreen",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11.4"
},
{
"_id": null,
"model": "prime infrastructure standalone plug and play gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "spa50x series ip phones",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "webex meetings for blackberry",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "tivoli netcool system service monitors interim fix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.014-01"
},
{
"_id": null,
"model": "security identity manager virtual appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.3"
},
{
"_id": null,
"model": "lancope stealthwatch flowcollector sflow",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "project openssl 1.0.1g",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "media experience engines",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "3.5.1"
},
{
"_id": null,
"model": "exalogic infrastructure",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "2.0"
},
{
"_id": null,
"model": "cloud manager with openstack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3.0.4"
},
{
"_id": null,
"model": "telepresence integrator c series",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "7.3.7"
},
{
"_id": null,
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.5"
},
{
"_id": null,
"model": "anyconnect secure mobility client",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2"
},
{
"_id": null,
"model": "wide area application services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "mysql server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.7"
},
{
"_id": null,
"model": "datapower gateways",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.1.1"
},
{
"_id": null,
"model": "workload deployer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1"
},
{
"_id": null,
"model": "telepresence server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "87100"
},
{
"_id": null,
"model": "cloud manager with openstack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3.0.1"
},
{
"_id": null,
"model": "security proventia network active bypass",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.4-23"
},
{
"_id": null,
"model": "10.2-release-p14",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "10.1-release-p17",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "security proventia network active bypass",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.25-57"
},
{
"_id": null,
"model": "sterling connect:express for unix ifix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.4.6.1146-109"
},
{
"_id": null,
"model": "security proventia network active bypass",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.18-43"
},
{
"_id": null,
"model": "cloud manager with openstack interim fix",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1.0.5"
},
{
"_id": null,
"model": "workload deployer if12",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1.0.7"
},
{
"_id": null,
"model": "cognos business intelligence server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2.1"
},
{
"_id": null,
"model": "media services interface",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "nexus intercloud",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1000v0"
},
{
"_id": null,
"model": "media experience engines",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "3.5"
},
{
"_id": null,
"model": "power hmc",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.0.0"
},
{
"_id": null,
"model": "mediasense",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.1"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.11.1"
},
{
"_id": null,
"model": "ips",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "project openssl 1.0.1i",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "cloud manager with openstack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1.0.4.2"
},
{
"_id": null,
"model": "unified workforce optimization quality management sr3 es5",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.0"
},
{
"_id": null,
"model": "qradar",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1"
},
{
"_id": null,
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.0"
},
{
"_id": null,
"model": "meetingplace",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "2.7"
},
{
"_id": null,
"model": "pureapplication system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1.0.1"
},
{
"_id": null,
"model": "security identity manager virtual appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.2"
},
{
"_id": null,
"model": "commerce guided search",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "11.2"
},
{
"_id": null,
"model": "security network controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.913"
},
{
"_id": null,
"model": "unified attendant console advanced",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "prime access registrar",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "7.0.1.7"
},
{
"_id": null,
"model": "anyconnect secure mobility client for ios",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"_id": null,
"model": "webex messenger service ep1",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.9.9"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.11.3"
},
{
"_id": null,
"model": "tivoli provisioning manager for os deployment",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1"
},
{
"_id": null,
"model": "mediasense",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.5.1"
},
{
"_id": null,
"model": "unified ip phone 9.4.2sr3",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "8961"
},
{
"_id": null,
"model": "10.2-release-p9",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "unified wireless ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "project openssl 1.0.1s",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "10.1-release-p27",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "spa122 ata with router",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "1.4.5"
},
{
"_id": null,
"model": "media experience engines",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "sterling connect:express for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.4.6"
},
{
"_id": null,
"model": "security access manager for mobile",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.2"
},
{
"_id": null,
"model": "webex meeting center",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "3.9.1"
},
{
"_id": null,
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2"
},
{
"_id": null,
"model": "lancope stealthwatch flowcollector netflow",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6.8.2"
},
{
"_id": null,
"model": "webex node for mcs",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "3.12.9.8"
},
{
"_id": null,
"model": "jabber for android",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "video surveillance 4300e/4500e high-definition ip cameras",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "3.2.8"
},
{
"_id": null,
"model": "mysql server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.20"
},
{
"_id": null,
"model": "mobilefirst platform foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.3.0.0"
},
{
"_id": null,
"model": "10.2-release-p6",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "cloud manager with openstack interix fix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2.0.3"
},
{
"_id": null,
"model": "unified sip proxy",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "virtual security gateway for microsoft hyper-v",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5.2(1)"
},
{
"_id": null,
"model": "tandberg codian isdn gw",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "32100"
},
{
"_id": null,
"model": "unified attendant console premium edition",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "digital media players series 5.4 rb",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4300"
},
{
"_id": null,
"model": "security proventia network active bypass",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.11-28"
},
{
"_id": null,
"model": "security access manager for web",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1"
},
{
"_id": null,
"model": "qradar",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2"
},
{
"_id": null,
"model": "websphere cast iron cloud integration",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.31"
},
{
"_id": null,
"model": "mysql workbench",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.1.5"
},
{
"_id": null,
"model": "prime optical for sps",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "pureapplication system",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.1"
},
{
"_id": null,
"model": "abyp-2t-1s-1l-p-m",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"_id": null,
"model": "mds series multilayer switches",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "90006.2.17"
},
{
"_id": null,
"model": "websphere cast iron cloud integration",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.19"
},
{
"_id": null,
"model": "project openssl 1.0.1r",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "anyconnect secure mobility client for linux",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.3"
},
{
"_id": null,
"model": "vm server for",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "x863.3"
},
{
"_id": null,
"model": "power hmc",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.3.0.0"
},
{
"_id": null,
"model": "security access manager for web",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.03"
},
{
"_id": null,
"model": "aspera console",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1.1"
},
{
"_id": null,
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.5.0.997"
},
{
"_id": null,
"model": "anyconnect secure mobility client for os",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "x4.3"
},
{
"_id": null,
"model": "unified ip phone series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "79000"
},
{
"_id": null,
"model": "anyconnect secure mobility client for android",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.3"
},
{
"_id": null,
"model": "lancope stealthwatch flowsensor",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "connected analytics for collaboration 1.0.1q",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "jabber guest",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.0"
},
{
"_id": null,
"model": "abyp-2t-1s-1l-p",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"_id": null,
"model": "show and share",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.2(2)"
},
{
"_id": null,
"model": "lancope stealthwatch flowcollector sflow",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6.7.3"
},
{
"_id": null,
"model": "mmp server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "13.2"
},
{
"_id": null,
"model": "tivoli provisioning manager for images",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.19"
},
{
"_id": null,
"model": "security proventia network active bypass",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.30.0-13"
},
{
"_id": null,
"model": "commerce guided search",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "11.1"
},
{
"_id": null,
"model": "abyp-10g-2sr-2lr-1-p-m",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"_id": null,
"model": "tivoli provisioning manager for images build",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.20280.6"
},
{
"_id": null,
"model": "computer telephony integration object server",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.51"
},
{
"_id": null,
"model": "unified communications for microsoft lync",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "10.6.7"
},
{
"_id": null,
"model": "prime security manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.3.4.2-4"
},
{
"_id": null,
"model": "anyres live",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "datapower gateways",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.14"
},
{
"_id": null,
"model": "ons series multiservice provisioning platforms",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "1545410.6.1"
},
{
"_id": null,
"model": "telepresence isdn link",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "telepresence server",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "70104.4"
},
{
"_id": null,
"model": "packet tracer",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.2"
},
{
"_id": null,
"model": "openssh for gpfs for windows",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "3.5.0.31"
},
{
"_id": null,
"model": "agent for openflow",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "2.0.7"
},
{
"_id": null,
"model": "unified attendant console business edition",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "cloud manager with openstack interim fix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1.0.5"
},
{
"_id": null,
"model": "cognos business intelligence interim fix",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2.117"
},
{
"_id": null,
"model": "unified contact center enterprise",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.51"
},
{
"_id": null,
"model": "tandberg codian isdn gw",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "32200"
},
{
"_id": null,
"model": "show and share",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.2(3)"
},
{
"_id": null,
"model": "globalprotect agent",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "3.1.0"
},
{
"_id": null,
"model": "webex meetings for wp8",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0"
},
{
"_id": null,
"model": "peoplesoft enterprise peopletools",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "8.54"
},
{
"_id": null,
"model": "abyp-2t-2s-0l-p",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"_id": null,
"model": "linux ia-64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "powerkvm",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1"
},
{
"_id": null,
"model": "webex meetings for android",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "9.1"
},
{
"_id": null,
"model": "mds series multilayer switches 7.3.1nx",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "9000"
},
{
"_id": null,
"model": "mds series multilayer switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "90000"
},
{
"_id": null,
"model": "ios software and cisco ios xe software",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "16.3.1"
},
{
"_id": null,
"model": "tivoli common reporting",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1.0.2"
},
{
"_id": null,
"model": "webex meeting center",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "3.9.0.5"
},
{
"_id": null,
"model": "security proventia network active bypass",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.15-36"
},
{
"_id": null,
"model": "ace application control engine module",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "300"
},
{
"_id": null,
"model": "lancope stealthwatch flowsensor",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6.7.3"
},
{
"_id": null,
"model": "exalogic infrastructure",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.0"
},
{
"_id": null,
"model": "proventia network enterprise scanner",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.3"
},
{
"_id": null,
"model": "rational insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.1.4"
},
{
"_id": null,
"model": "tivoli provisioning manager for os deployment build",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1.1051.08"
},
{
"_id": null,
"model": "nac guest server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "local collector appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2.10"
},
{
"_id": null,
"model": "enterprise content delivery system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "mediasense",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "10.5(1)"
},
{
"_id": null,
"model": "email security appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "vm virtualbox",
"scope": "ne",
"trust": 0.3,
"vendor": "oracle",
"version": "5.0.22"
},
{
"_id": null,
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.1"
},
{
"_id": null,
"model": "cognos business intelligence server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2.11"
},
{
"_id": null,
"model": "mobile foundation consumer edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.2.0.0"
},
{
"_id": null,
"model": "prime collaboration deployment",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "webex meetings client hosted t31r1sp6",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "cloud manager with openstack interim fix1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3.0.6"
},
{
"_id": null,
"model": "9.3-release-p35",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "dx series ip phones",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "virtualization experience media engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "video surveillance series ip cameras",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "60002.8"
},
{
"_id": null,
"model": "nexus series switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3x000"
},
{
"_id": null,
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.0.18"
},
{
"_id": null,
"model": "packet tracer",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.3"
},
{
"_id": null,
"model": "unified sip proxy",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "10.0"
},
{
"_id": null,
"model": "mysql server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.7.12"
},
{
"_id": null,
"model": "aspera shares",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.9.3"
},
{
"_id": null,
"model": "abyp-0t-4s-0l-p",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"_id": null,
"model": "10.2-release-p10",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "pureapplication system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0.0.1"
},
{
"_id": null,
"model": "spa50x series ip phones",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "7.6.5"
},
{
"_id": null,
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7"
},
{
"_id": null,
"model": "abyp-4ts-p-m",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"_id": null,
"model": "emergency responder",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "8.5"
},
{
"_id": null,
"model": "ata series analog terminal adaptor",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "1901.3"
},
{
"_id": null,
"model": "commerce guided search",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "11.0"
},
{
"_id": null,
"model": "digital media players series 5.4 rb",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4400"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.11.4"
},
{
"_id": null,
"model": "virtualization experience media engine",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.5.1"
},
{
"_id": null,
"model": "abyp-10g-4lr-1-p",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"_id": null,
"model": "telepresence server on multiparty media",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3200"
},
{
"_id": null,
"model": "abyp-10g-4lr-1-p-m",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"_id": null,
"model": "video surveillance ptz ip cameras",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "2.8"
},
{
"_id": null,
"model": "9.3-release-p2",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "emergency responder",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "8.6"
},
{
"_id": null,
"model": "unified communications for microsoft lync",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "jabber software development kit",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "spa122 ata with router",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "10.1-release-p1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.3-stable",
"scope": "ne",
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "tivoli composite application manager for transactions if03",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.4.0.1"
},
{
"_id": null,
"model": "cloud manager with openstack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1.0.4"
},
{
"_id": null,
"model": "identity services engine",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2.1"
},
{
"_id": null,
"model": "commerce experience manager",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "11.2"
},
{
"_id": null,
"model": "linux x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "14.1"
},
{
"_id": null,
"model": "tivoli provisioning manager for os deployment build",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1.151.05"
},
{
"_id": null,
"model": "10.1-release-p9",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "webex meetings server",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "2.7"
},
{
"_id": null,
"model": "i",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.3"
},
{
"_id": null,
"model": "pureapplication system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1.2.2"
},
{
"_id": null,
"model": "mysql server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.21"
},
{
"_id": null,
"model": "unified communications manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "10.5(2.10000.5)"
},
{
"_id": null,
"model": "project openssl 1.0.1c",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "pureapplication system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1.1.0"
},
{
"_id": null,
"model": "telepresence mx series",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "7.3.7"
},
{
"_id": null,
"model": "pureapplication system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0"
},
{
"_id": null,
"model": "telepresence server on multiparty media",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "3204.4"
},
{
"_id": null,
"model": "lancope stealthwatch flowcollector sflow",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6.8"
},
{
"_id": null,
"model": "qradar siem/qrif/qrm/qvm patch",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.71"
},
{
"_id": null,
"model": "digital media players series 5.3 rb",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4300"
},
{
"_id": null,
"model": "security network controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.1768"
},
{
"_id": null,
"model": "telepresence profile series",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "7.3.7"
},
{
"_id": null,
"model": "websphere cast iron cloud integration",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.41"
},
{
"_id": null,
"model": "security access manager for mobile",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.1"
},
{
"_id": null,
"model": "openssh for gpfs for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.5"
},
{
"_id": null,
"model": "mac os",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "x10.11.6"
},
{
"_id": null,
"model": "abyp-0t-0s-4l-p-m",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"_id": null,
"model": "security access manager for web",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.5"
},
{
"_id": null,
"model": "project openssl 1.0.1f",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "nexus series switches 7.3.1nx",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "7000"
},
{
"_id": null,
"model": "jabber for android mr",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.6"
},
{
"_id": null,
"model": "project openssl 1.0.2a",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "abyp-4t-0s-0l-p-m",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"_id": null,
"model": "algo audit and compliance",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1"
},
{
"_id": null,
"model": "project openssl 1.0.2f",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "rational reporting for development intelligence",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0.5"
},
{
"_id": null,
"model": "connected grid router-cgos",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "security proventia network active bypass",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.2919"
},
{
"_id": null,
"model": "worklight enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.0.0"
},
{
"_id": null,
"model": "lancope stealthwatch smc",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "tivoli provisioning manager for images",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.0"
},
{
"_id": null,
"model": "telepresence server on virtual machine mr2",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2"
},
{
"_id": null,
"model": "anyconnect secure mobility client",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.3"
},
{
"_id": null,
"model": "unified ip phones",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "69450"
},
{
"_id": null,
"model": "nexus series switches",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "60008.3"
},
{
"_id": null,
"model": "mysql server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.15"
},
{
"_id": null,
"model": "security proventia network active bypass",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.30.2-9"
},
{
"_id": null,
"model": "abyp-0t-2s-2l-p",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"_id": null,
"model": "nexus series switches",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "70008.3"
},
{
"_id": null,
"model": "unified communications manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "10.0"
},
{
"_id": null,
"model": "cloud manager with openstack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3.0.2"
},
{
"_id": null,
"model": "webex meetings server ssl gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "-0"
},
{
"_id": null,
"model": "mysql server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.25"
},
{
"_id": null,
"model": "sterling connect:express for unix ifix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.4.6.1146-110"
},
{
"_id": null,
"model": "security access manager for mobile",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.4"
},
{
"_id": null,
"model": "messagesight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.2"
},
{
"_id": null,
"model": "prime network services controller",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "lancope stealthwatch flowcollector sflow",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6.8.1"
},
{
"_id": null,
"model": "ironport email security appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "9.3-release-p3",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "prime collaboration provisioning",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.2"
},
{
"_id": null,
"model": "sterling connect:express for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.5.0.12"
},
{
"_id": null,
"model": "sterling connect:express for unix ifix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.4.6.1146-113"
},
{
"_id": null,
"model": "lancope stealthwatch flowsensor",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6.8"
},
{
"_id": null,
"model": "security access manager for web",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1.3"
},
{
"_id": null,
"model": "spa30x series ip phones",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "security access manager for mobile",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1.2"
},
{
"_id": null,
"model": "security proventia network active bypass",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.30-12"
},
{
"_id": null,
"model": "webex meetings client on premises",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "-0"
},
{
"_id": null,
"model": "cloud manager with openstack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3.0.3"
},
{
"_id": null,
"model": "tivoli provisioning manager for os deployment",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.19"
},
{
"_id": null,
"model": "telepresence server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "70100"
},
{
"_id": null,
"model": "unified communications manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "10.3(1)"
},
{
"_id": null,
"model": "hosted collaboration mediation fulfillment",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "digital media manager",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5.4"
},
{
"_id": null,
"model": "rational reporting for development intelligence",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.2"
},
{
"_id": null,
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0.2"
},
{
"_id": null,
"model": "bm security identity governance and intelligence",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.1"
},
{
"_id": null,
"model": "security manager",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.12"
},
{
"_id": null,
"model": "mobilefirst platform foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.0"
},
{
"_id": null,
"model": "rational insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.1.7"
},
{
"_id": null,
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.5(.1.131)"
},
{
"_id": null,
"model": "project openssl 1.0.2d",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "10.3"
},
{
"_id": null,
"model": "prime access registrar",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "linux mips",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "onepk all-in-one vm",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "mediasense",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.1(1)"
},
{
"_id": null,
"model": "prime lan management solution",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "-0"
},
{
"_id": null,
"model": "algo audit and compliance if",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1.0.32"
},
{
"_id": null,
"model": "spa525g",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "cloud manager with openstack interim fix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3.0.4"
},
{
"_id": null,
"model": "lancope stealthwatch flowsensor",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6.8.1"
},
{
"_id": null,
"model": "9.3-release-p25",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "websphere cast iron cloud integration",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.0"
},
{
"_id": null,
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.0"
},
{
"_id": null,
"model": "abyp-0t-2s-2l-p-m",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"_id": null,
"model": "unified attendant console department edition",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "unified ip phone 9.4.2sr3",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "9971"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "14.1"
},
{
"_id": null,
"model": "security proventia network active bypass",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.29-9"
},
{
"_id": null,
"model": "series ip phones vpn feature",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "8800-0"
},
{
"_id": null,
"model": "nexus series switches 7.3.1dx",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6000"
},
{
"_id": null,
"model": "abyp-2t-0s-2l-p",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"_id": null,
"model": "spa112 2-port phone adapter",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "1.4.5"
},
{
"_id": null,
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.0.6"
},
{
"_id": null,
"model": "security network controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.3387"
},
{
"_id": null,
"model": "digital media manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.2.1.1"
},
{
"_id": null,
"model": "telepresence server mr2",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "70104.2"
},
{
"_id": null,
"model": "webex messenger service",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "7.20"
},
{
"_id": null,
"model": "abyp-10g-4sr-1-p-m",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"_id": null,
"model": "media experience engines",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "3.2"
},
{
"_id": null,
"model": "security access manager for web",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.0"
},
{
"_id": null,
"model": "10.3-stable",
"scope": "ne",
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "commerce guided search",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.1.4"
},
{
"_id": null,
"model": "enterprise manager",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "12.2.2"
},
{
"_id": null,
"model": "mysql enterprise backup",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "3.10"
},
{
"_id": null,
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.2"
},
{
"_id": null,
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1"
},
{
"_id": null,
"model": "connected grid router 15.6.2.15t",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "video distribution suite for internet streaming",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "digital media players series 5.4 rb",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4300"
},
{
"_id": null,
"model": "telepresence server on multiparty media mr2",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "3204.2"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5"
},
{
"_id": null,
"model": "tivoli provisioning manager for os deployment",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1.116"
},
{
"_id": null,
"model": "cloupia unified infrastructure controller",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "hosted collaboration mediation fulfillment",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.5:20"
},
{
"_id": null,
"model": "jabber for mac",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.7"
},
{
"_id": null,
"model": "flex system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.20"
},
{
"_id": null,
"model": "agent desktop for cisco unified contact center express",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.1"
},
{
"_id": null,
"model": "video surveillance series ip cameras",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "70000"
},
{
"_id": null,
"model": "telepresence server on multiparty media mr2",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "3104.2"
},
{
"_id": null,
"model": "adaptive security appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "nexus series switches",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "70006.2.17"
},
{
"_id": null,
"model": "digital media players series 5.3 rb",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4400"
},
{
"_id": null,
"model": "project openssl 1.0.1n",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "telepresence server on multiparty media",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3204.1"
},
{
"_id": null,
"model": "lancope stealthwatch smc",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6.7.3"
},
{
"_id": null,
"model": "packet tracer",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "7.0"
},
{
"_id": null,
"model": "network analysis module",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6.3.1"
},
{
"_id": null,
"model": "project openssl 1.0.1o",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "video surveillance series ip cameras",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "60000"
},
{
"_id": null,
"model": "unified wireless ip phone",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "1.5.1"
},
{
"_id": null,
"model": "anyconnect secure mobility client for windows",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"_id": null,
"model": "security access manager for web",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1.4"
},
{
"_id": null,
"model": "virtual security gateway vsg2",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "linux x86 64 -current",
"scope": null,
"trust": 0.3,
"vendor": "slackware",
"version": null
},
{
"_id": null,
"model": "workload deployer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.17"
},
{
"_id": null,
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "10.1"
},
{
"_id": null,
"model": "policy suite",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "14.0"
},
{
"_id": null,
"model": "webex meetings client on premises",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "-2.7"
},
{
"_id": null,
"model": "10.2-release-p12",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "spa51x series ip phones",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "7.6.5"
},
{
"_id": null,
"model": "peoplesoft enterprise peopletools",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "8.55"
},
{
"_id": null,
"model": "unified ip conference phone for third-party call control",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "88310"
},
{
"_id": null,
"model": "unified intelligence center",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.5.1"
},
{
"_id": null,
"model": "telepresence server on virtual machine",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.4"
},
{
"_id": null,
"model": "power hmc",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.9.0.0"
},
{
"_id": null,
"model": "common services platform collector",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "1.9.1"
},
{
"_id": null,
"model": "emergency responder",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "8.7"
},
{
"_id": null,
"model": "project openssl 1.0.2e",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "security access manager for web",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.2"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2"
},
{
"_id": null,
"model": "unified communications manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "10.5(3.10000.9)"
},
{
"_id": null,
"model": "hosted collaboration mediation fulfillment",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.5"
},
{
"_id": null,
"model": "project openssl 1.0.1q",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "dcm series 9900-digital content manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "9.3"
},
{
"_id": null,
"model": "websphere cast iron cloud integration",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.16"
},
{
"_id": null,
"model": "digital media manager",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5.3"
},
{
"_id": null,
"model": "anyconnect secure mobility client for ios",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2"
},
{
"_id": null,
"model": "pureapplication system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.0.0"
},
{
"_id": null,
"model": "tivoli provisioning manager for os deployment intirim fix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.133"
},
{
"_id": null,
"model": "telepresence sx series",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "8.1.2"
},
{
"_id": null,
"model": "lancope stealthwatch flowcollector sflow",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6.8.2"
},
{
"_id": null,
"model": "anyconnect secure mobility client for windows",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2"
},
{
"_id": null,
"model": "cognos business intelligence server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2.2"
},
{
"_id": null,
"model": "webex meetings client hosted",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "-0"
},
{
"_id": null,
"model": "webex meetings for wp8",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "rational insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.13"
},
{
"_id": null,
"model": "sterling connect:express for unix ifix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.4.6.1146-108"
},
{
"_id": null,
"model": "sterling connect:express for unix",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "1.5.0.13"
},
{
"_id": null,
"model": "show and share",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.2(2.1)"
},
{
"_id": null,
"model": "webex meetings for wp8",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "2.6.1"
},
{
"_id": null,
"model": "physical access control gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "wide area application services",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5.5.7"
},
{
"_id": null,
"model": "9.3-release-p24",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "webex messenger service",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "security privileged identity manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0"
},
{
"_id": null,
"model": "10.1-release-p19",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "mmp server",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "3.10"
},
{
"_id": null,
"model": "tivoli common reporting",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1.0.1"
},
{
"_id": null,
"model": "prime ip express",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "application and content networking system",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5.5.41"
},
{
"_id": null,
"model": "security access manager for web",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1.0"
},
{
"_id": null,
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3"
},
{
"_id": null,
"model": "mysql workbench",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.1.4"
},
{
"_id": null,
"model": "10.1-release-p30",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.3-release-p13",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "tivoli common reporting",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1.2.1"
},
{
"_id": null,
"model": "cloud manager with openstack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3"
},
{
"_id": null,
"model": "intelligent automation for cloud",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "0.9.8"
},
{
"_id": null,
"model": "cognos business intelligence",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.1.1"
},
{
"_id": null,
"model": "rational reporting for development intelligence",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.1"
},
{
"_id": null,
"model": "edge digital media player 1.6rb4 5",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "300"
},
{
"_id": null,
"model": "mds series multilayer switches 7.3.1dx",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "9000"
},
{
"_id": null,
"model": "unified ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "99510"
},
{
"_id": null,
"model": "abyp-10g-4sr-1-p",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"_id": null,
"model": "9.3-release-p36",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.6"
},
{
"_id": null,
"model": "unified ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "89450"
},
{
"_id": null,
"model": "digital media manager",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5.4.1"
},
{
"_id": null,
"model": "tivoli provisioning manager for os deployment build",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.20280.6"
},
{
"_id": null,
"model": "lancope stealthwatch flowsensor",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6.8.2"
},
{
"_id": null,
"model": "video surveillance series ip cameras",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "30002.8"
},
{
"_id": null,
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.0.10"
},
{
"_id": null,
"model": "emergency responder",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.2"
},
{
"_id": null,
"model": "rational insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.12"
},
{
"_id": null,
"model": "mysql server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.28"
},
{
"_id": null,
"model": "webex meeting center",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "rational insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.11"
},
{
"_id": null,
"model": "partner supporting service",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.0"
},
{
"_id": null,
"model": "datapower gateways",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.11"
},
{
"_id": null,
"model": "mysql server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.29"
},
{
"_id": null,
"model": "mobility services engine",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "8.0"
},
{
"_id": null,
"model": "edge digital media player",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "3401.2.0.20"
},
{
"_id": null,
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.1"
},
{
"_id": null,
"model": "abyp-0t-4s-0l-p-m",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"_id": null,
"model": "spa30x series ip phones",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "7.6.5"
},
{
"_id": null,
"model": "unified series ip phones",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "78000"
},
{
"_id": null,
"model": "datapower gateways",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.0.8"
},
{
"_id": null,
"model": "digital media players series 5.4 rb",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4400"
},
{
"_id": null,
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.0.13"
},
{
"_id": null,
"model": "10.2-release-p11",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "enterprise content management system monitor",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1"
},
{
"_id": null,
"model": "telepresence mcu",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "42000"
},
{
"_id": null,
"model": "security access manager for web",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0.1.0"
},
{
"_id": null,
"model": "socialminer",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "standalone rack server cimc",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.5"
},
{
"_id": null,
"model": "power hmc",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.2.0.0"
},
{
"_id": null,
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.0"
},
{
"_id": null,
"model": "spa112 2-port phone adapter",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "mysql enterprise backup",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "3.12.2"
},
{
"_id": null,
"model": "intracer",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "lancope stealthwatch smc",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6.8"
},
{
"_id": null,
"model": "jabber for apple ios",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.6.2"
},
{
"_id": null,
"model": "video surveillance series high-definition ip cameras",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "40002.4.7"
},
{
"_id": null,
"model": "video surveillance media server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.7"
},
{
"_id": null,
"model": "9.3-release-p33",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.11.5"
},
{
"_id": null,
"model": "tivoli provisioning manager for os deployment build",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1.1051.07"
},
{
"_id": null,
"model": "mq appliance m2001",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "mysql server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.24"
},
{
"_id": null,
"model": "telepresence mcu",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "84200"
},
{
"_id": null,
"model": "jabber for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "ironport email security appliance",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "10.5"
},
{
"_id": null,
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "10.2"
},
{
"_id": null,
"model": "anyconnect secure mobility client for linux",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"_id": null,
"model": "websphere cast iron cloud integration",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.112"
},
{
"_id": null,
"model": "spa525g",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "7.6.5"
},
{
"_id": null,
"model": "cloud manager with openstack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2.0.3"
},
{
"_id": null,
"model": "mmp server",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "3.9.0.5"
},
{
"_id": null,
"model": "9.3-release-p41",
"scope": "ne",
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "tivoli netcool system service monitors fp1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.1"
},
{
"_id": null,
"model": "telepresence integrator c series",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "8.1.2"
},
{
"_id": null,
"model": "lancope stealthwatch udp director",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "prime network registrar",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "cloud object store",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "3.8"
},
{
"_id": null,
"model": "anyconnect secure mobility client for android",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"_id": null,
"model": "cognos business intelligence fixpack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2.12"
},
{
"_id": null,
"model": "commerce experience manager",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.1.4"
},
{
"_id": null,
"model": "telepresence sx series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "10.1-release-p25",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "rational reporting for development intelligence",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0"
},
{
"_id": null,
"model": "enterprise content management system monitor",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2"
},
{
"_id": null,
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.5.1.5"
},
{
"_id": null,
"model": "registered envelope service",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0"
},
{
"_id": null,
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.1.0"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.4"
},
{
"_id": null,
"model": "lancope stealthwatch smc",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6.8.1"
},
{
"_id": null,
"model": "tivoli netcool system service monitors fp2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.1"
},
{
"_id": null,
"model": "cognos business intelligence",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2.1"
},
{
"_id": null,
"model": "tivoli netcool system service monitor fp14",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.0"
},
{
"_id": null,
"model": "rational insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1"
},
{
"_id": null,
"model": "unified ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "99710"
},
{
"_id": null,
"model": "telepresence content server",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "7.2"
},
{
"_id": null,
"model": "mediasense",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "8.5(4)"
},
{
"_id": null,
"model": "meetingplace",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "telepresence server on multiparty media",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "3104.4"
},
{
"_id": null,
"model": "security access manager for mobile",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1.4"
},
{
"_id": null,
"model": "security guardium",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.0"
},
{
"_id": null,
"model": "tivoli provisioning manager for os deployment",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1.0.2"
},
{
"_id": null,
"model": "anyconnect secure mobility client for linux",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2"
},
{
"_id": null,
"model": "cloud manager with openstack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3.0.6"
},
{
"_id": null,
"model": "mq appliance m2000",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "ata analog telephone adaptor",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1870"
},
{
"_id": null,
"model": "asa cx and prime security manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "universal small cell series",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "50003.5.12.21"
},
{
"_id": null,
"model": "project openssl 1.0.1m",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "13.1"
},
{
"_id": null,
"model": "expressway series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "rational reporting for development intelligence",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0"
},
{
"_id": null,
"model": "anyconnect secure mobility client for android",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2"
},
{
"_id": null,
"model": "mediasense",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "10.0(1)"
},
{
"_id": null,
"model": "nexus series switches",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "50007.3.1"
},
{
"_id": null,
"model": "mediasense",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "8.5(3)"
},
{
"_id": null,
"model": "tivoli common reporting",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.0"
},
{
"_id": null,
"model": "10.1-release-p6",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "security identity manager virtual appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.1.0"
},
{
"_id": null,
"model": "pureapplication system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1.0.2"
},
{
"_id": null,
"model": "edge digital media player",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3000"
},
{
"_id": null,
"model": "unified ip phone 9.4.2sr3",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "8945"
},
{
"_id": null,
"model": "security proventia network active bypass",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.18-49"
},
{
"_id": null,
"model": "unified communications manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "10.0(1.10000.12)"
},
{
"_id": null,
"model": "telepresence ex series",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "8.1.2"
},
{
"_id": null,
"model": "nexus series switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1000v0"
},
{
"_id": null,
"model": "tivoli common reporting",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1.3"
},
{
"_id": null,
"model": "digital media manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.2.3"
},
{
"_id": null,
"model": "rational insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.1.6"
},
{
"_id": null,
"model": "mate design",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0.1"
},
{
"_id": null,
"model": "security access manager for web",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0.0.1"
},
{
"_id": null,
"model": "rational insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.1.5"
},
{
"_id": null,
"model": "10.3-rc2",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "security proventia network active bypass",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.13-41"
},
{
"_id": null,
"model": "linux s/390",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "aspera console",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.1"
},
{
"_id": null,
"model": "linux x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "14.0"
},
{
"_id": null,
"model": "show and share",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "network admission control",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "unified communications for microsoft lync",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.6"
},
{
"_id": null,
"model": "identity services engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "rational reporting for development intelligence",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0.4"
},
{
"_id": null,
"model": "project openssl 1.0.1j",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "universal small cell series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "70003.4.2.0"
},
{
"_id": null,
"model": "10.1-release-p33",
"scope": "ne",
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "nexus series switches 7.3.1dx",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5000"
},
{
"_id": null,
"model": "telepresence conductor",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.3"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2"
},
{
"_id": null,
"model": "abyp-0t-0s-4l-p",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"_id": null,
"model": "unified attendant console standard",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "websphere cast iron cloud integration",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.115"
},
{
"_id": null,
"model": "tivoli composite application manager for transactions",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.4.0.0"
},
{
"_id": null,
"model": "security identity manager virtual appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.1.1"
},
{
"_id": null,
"model": "jazz reporting service",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0"
},
{
"_id": null,
"model": "connected grid routers",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "mate live",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "websphere cast iron cloud integration",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.13"
},
{
"_id": null,
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.5(.1.6)"
},
{
"_id": null,
"model": "commerce experience manager",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "11.1"
},
{
"_id": null,
"model": "telepresence integrator c series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "unified workforce optimization sr3 es5",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.0"
},
{
"_id": null,
"model": "project openssl 1.0.1d",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "security access manager for web",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1.2"
},
{
"_id": null,
"model": "unified communications manager 10.5 su3",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "jazz reporting service",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.2"
},
{
"_id": null,
"model": "security access manager for web",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0"
},
{
"_id": null,
"model": "aspera shares",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.9.4"
},
{
"_id": null,
"model": "abyp-2t-2s-0l-p-m",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"_id": null,
"model": "abyp-4tl-p-m",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"_id": null,
"model": "nac server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "lancope stealthwatch udp director",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6.7.3"
},
{
"_id": null,
"model": "application policy infrastructure controller",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "2.0(0.400)"
},
{
"_id": null,
"model": "security network controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.3381"
},
{
"_id": null,
"model": "security proventia network active bypass",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.9-34"
},
{
"_id": null,
"model": "enterprise manager",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "12.3.2"
},
{
"_id": null,
"model": "rational reporting for development intelligence",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0.3"
},
{
"_id": null,
"model": "abyp-4ts-p",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"_id": null,
"model": "digital media players series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "43000"
},
{
"_id": null,
"model": "workload deployer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.11"
},
{
"_id": null,
"model": "telepresence server on multiparty media",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3100"
},
{
"_id": null,
"model": "9.3-release-p31",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "security proventia network active bypass 0343c3c",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "mysql server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.23"
},
{
"_id": null,
"model": "cloud manager with openstack interim fix1",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3.0.6"
},
{
"_id": null,
"model": "unified ip phones 9.3 sr3",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6901"
},
{
"_id": null,
"model": "digital media manager",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5.3.6"
},
{
"_id": null,
"model": "security access manager for mobile",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1.3"
},
{
"_id": null,
"model": "unified communications manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "11.0(0.98000.225)"
},
{
"_id": null,
"model": "prime network",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "anyconnect secure mobility client for ios",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.3"
},
{
"_id": null,
"model": "prime performance manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "security access manager for web",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.02"
},
{
"_id": null,
"model": "prime collaboration provisioning",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "network analysis module",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "digital media manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0"
},
{
"_id": null,
"model": "websphere application server liberty profile",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.5"
},
{
"_id": null,
"model": "mysql server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.30"
},
{
"_id": null,
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.0.12"
},
{
"_id": null,
"model": "vm server for",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "x863.4"
},
{
"_id": null,
"model": "unity connection",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.5"
},
{
"_id": null,
"model": "telepresence video communication server",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "8.8"
},
{
"_id": null,
"model": "lancope stealthwatch flowcollector netflow",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "lancope stealthwatch smc",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6.8.2"
},
{
"_id": null,
"model": "unified communications manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "10.5(1.98991.13)"
},
{
"_id": null,
"model": "pureapplication system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1.2.0"
},
{
"_id": null,
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.0.16"
},
{
"_id": null,
"model": "enterprise linux server",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7"
},
{
"_id": null,
"model": "abyp-10g-2sr-2lr-1-p",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"_id": null,
"model": "prime optical for sps",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "10.6"
},
{
"_id": null,
"model": "telepresence mcu",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "45000"
},
{
"_id": null,
"model": "telepresence server",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "87104.4"
},
{
"_id": null,
"model": "power hmc",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.1.0.0"
},
{
"_id": null,
"model": "telepresence isdn gw",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "32410"
},
{
"_id": null,
"model": "aspera console",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.4"
},
{
"_id": null,
"model": "nexus series switches",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "50008.3"
},
{
"_id": null,
"model": "10.1-release-p31",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.0"
},
{
"_id": null,
"model": "tivoli netcool system service monitors interim fix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.12-04"
},
{
"_id": null,
"model": "pureapplication system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1.2.1"
},
{
"_id": null,
"model": "netflow generation appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "pureapplication system",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1.2.3"
},
{
"_id": null,
"model": "aspera shares",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.9.2"
},
{
"_id": null,
"model": "telepresence server on multiparty media",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3104.1"
},
{
"_id": null,
"model": "telepresence ex series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "webex meetings server ssl gateway",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "-2.7"
},
{
"_id": null,
"model": "telepresence server on virtual machine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "system management homepage",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "7.6"
},
{
"_id": null,
"model": "cloud manager with openstack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1.0.5"
},
{
"_id": null,
"model": "websphere cast iron cloud integration",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5"
},
{
"_id": null,
"model": "webex meetings for android",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "emergency responder",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "10.5(1.10000.5)"
},
{
"_id": null,
"model": "aspera console",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.6"
},
{
"_id": null,
"model": "tivoli composite application manager for transactions if37",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.3.0.1"
},
{
"_id": null,
"model": "rational reporting for development intelligence",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0.6"
},
{
"_id": null,
"model": "tivoli network manager ip edition fix pack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.94"
},
{
"_id": null,
"model": "security access manager for mobile",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.0"
},
{
"_id": null,
"model": "commerce experience manager",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "11.0"
},
{
"_id": null,
"model": "prime license manager",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.5"
},
{
"_id": null,
"model": "security network controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.3376"
},
{
"_id": null,
"model": "unified communications manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "messagesight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1"
},
{
"_id": null,
"model": "tivoli provisioning manager for os deployment",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1.3"
},
{
"_id": null,
"model": "security proventia network active bypass",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.18-42"
},
{
"_id": null,
"model": "video surveillance series ip cameras",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "70002.8"
},
{
"_id": null,
"model": "expressway series",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "8.8"
},
{
"_id": null,
"model": "abyp-4t-0s-0l-p",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"_id": null,
"model": "email security appliance",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "10.5"
},
{
"_id": null,
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "worklight enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.0.2"
},
{
"_id": null,
"model": "virtual security gateway for microsoft hyper-v vsg2",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.0.14"
},
{
"_id": null,
"model": "connected grid router cgos 15.6.2.15t",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "wide area application services",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6.2.3"
},
{
"_id": null,
"model": "9.3-release-p5",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "tivoli netcool system service monitors interim fix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.12-01"
},
{
"_id": null,
"model": "unified intelligent contact management enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "security identity manager virtual appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.1"
},
{
"_id": null,
"model": "nexus series switches 7.3.1nx",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6000"
},
{
"_id": null,
"model": "application and content networking system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "mmp server",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "3.9.1"
},
{
"_id": null,
"model": "project openssl 1.0.1k",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "9.3-release-p39",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "anyconnect secure mobility client for ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "sterling connect:express for unix ifix",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "1.4.6.1146-114"
},
{
"_id": null,
"model": "telepresence mx series",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "8.1.2"
},
{
"_id": null,
"model": "aspera console",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.5"
},
{
"_id": null,
"model": "mysql server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.16"
},
{
"_id": null,
"model": "spa232d multi-line dect ata",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "1.4.5"
},
{
"_id": null,
"model": "linux -current",
"scope": null,
"trust": 0.3,
"vendor": "slackware",
"version": null
},
{
"_id": null,
"model": "tivoli provisioning manager for images build",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.20290.1"
},
{
"_id": null,
"model": "project openssl 1.0.1b",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "telepresence profile series",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "8.1.2"
},
{
"_id": null,
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.13"
},
{
"_id": null,
"model": "anyconnect secure mobility client for os",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "x4.2"
},
{
"_id": null,
"model": "tivoli netcool system service monitors interim fix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.014-08"
},
{
"_id": null,
"model": "lancope stealthwatch udp director",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6.8"
},
{
"_id": null,
"model": "universal small cell series",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "70003.5.12.21"
},
{
"_id": null,
"model": "telepresence conductor",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "application policy infrastructure controller",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "jabber for mac",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "globalprotect agent",
"scope": "ne",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "3.1.1"
},
{
"_id": null,
"model": "dcm series 9900-digital content manager",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "19.0"
},
{
"_id": null,
"model": "image construction and composition tool",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.3.2.0"
},
{
"_id": null,
"model": "10.3-release-p1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "security access manager for mobile",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1"
},
{
"_id": null,
"model": "security access manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0"
},
{
"_id": null,
"model": "video surveillance 4300e/4500e high-definition ip cameras",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "security proventia network active bypass",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.1876"
},
{
"_id": null,
"model": "mediasense",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.0"
},
{
"_id": null,
"model": "10.3-release-p2",
"scope": "ne",
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "unified ip phone 9.4.2sr3",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "9951"
},
{
"_id": null,
"model": "local collector appliance",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2.12"
},
{
"_id": null,
"model": "i",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1"
},
{
"_id": null,
"model": "worklight enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.0.1"
},
{
"_id": null,
"model": "websphere cast iron cloud integration",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.32"
},
{
"_id": null,
"model": "pureapplication system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1.0.0"
},
{
"_id": null,
"model": "content security appliance updater servers",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "10.1-release-p29",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "connected analytics for collaboration",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "multicast manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "10.1-release-p23",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "lancope stealthwatch flowcollector netflow",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6.7.3"
},
{
"_id": null,
"model": "cognos business intelligence server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2"
},
{
"_id": null,
"model": "telepresence ex series",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "7.3.7"
},
{
"_id": null,
"model": "mac os security update",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "x2016"
},
{
"_id": null,
"model": "10.1-release-p16",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "jazz reporting service",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.1"
},
{
"_id": null,
"model": "digital media manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1"
},
{
"_id": null,
"model": "nexus series switches",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "50006.2.17"
},
{
"_id": null,
"model": "security proventia network active bypass",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.30.4-12"
},
{
"_id": null,
"model": "webex node for mcs",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "emergency responder 10.5",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "security identity manager virtual appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.0"
},
{
"_id": null,
"model": "qradar siem mr2 patch",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.113"
},
{
"_id": null,
"model": "unified communications manager session management edition",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "nexus",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "900012.0"
},
{
"_id": null,
"model": "lancope stealthwatch udp director",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6.8.1"
},
{
"_id": null,
"model": "9.3-release-p6",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "video surveillance ptz ip cameras",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "virtualization experience media engine",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.7(0)"
},
{
"_id": null,
"model": "telepresence serial gateway series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "i",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2"
},
{
"_id": null,
"model": "9.3-release-p9",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "aspera console",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.3"
},
{
"_id": null,
"model": "project openssl 1.0.2c",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "webex meetings server 2.5mr2",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "virtual security gateway for microsoft hyper-v",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "services analytic platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "jabber for apple ios",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.7"
},
{
"_id": null,
"model": "unified ip phone series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "79009.4(2)"
},
{
"_id": null,
"model": "unified ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "89610"
},
{
"_id": null,
"model": "nexus series switches",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "60006.2.17"
},
{
"_id": null,
"model": "workload deployer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.12"
},
{
"_id": null,
"model": "tivoli common reporting",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1.2"
},
{
"_id": null,
"model": "unified series ip conference phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "88310"
},
{
"_id": null,
"model": "video surveillance media server",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "7.9"
},
{
"_id": null,
"model": "unified communications manager",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.5"
},
{
"_id": null,
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1"
},
{
"_id": null,
"model": "agent for openflow",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "2.1.5"
},
{
"_id": null,
"model": "10.2-release-p16",
"scope": "ne",
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "mysql server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.27"
},
{
"_id": null,
"model": "project openssl 1.0.2h",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "virtual security gateway",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5.2(1)"
},
{
"_id": null,
"model": "unified attendant console enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "unified contact center express",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "linux ia-32",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "security network controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.3379"
},
{
"_id": null,
"model": "policy suite",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "10.0"
},
{
"_id": null,
"model": "tivoli provisioning manager for os deployment",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1"
},
{
"_id": null,
"model": "digital media manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.2"
},
{
"_id": null,
"model": "project openssl 1.0.2b",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "mysql server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.22"
},
{
"_id": null,
"model": "prime data center network manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "unified computing system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "unified communications manager session management edition",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.5"
},
{
"_id": null,
"model": "videoscape control suite",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "telepresence mcu",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "53000"
},
{
"_id": null,
"model": "prime access registrar",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "7.1"
},
{
"_id": null,
"model": "anyres live",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "9.4.5"
},
{
"_id": null,
"model": "flex system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.3.0"
},
{
"_id": null,
"model": "security access manager for mobile",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0"
},
{
"_id": null,
"model": "mobilefirst platform foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.0"
},
{
"_id": null,
"model": "9.3-release-p34",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "unified communications manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "10.0(1)"
},
{
"_id": null,
"model": "tivoli provisioning manager for images system edition build",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "x7.1.1.20290.1"
},
{
"_id": null,
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.10"
},
{
"_id": null,
"model": "jabber software development kit",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.7"
},
{
"_id": null,
"model": "unified contact center express",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.5.1"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3"
},
{
"_id": null,
"model": "webex meetings server mr1",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.5"
},
{
"_id": null,
"model": "telepresence mx series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.5.99.2"
},
{
"_id": null,
"model": "rational reporting for development intelligence",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0.1"
},
{
"_id": null,
"model": "jazz reporting service",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0"
},
{
"_id": null,
"model": "telepresence isdn gw mse",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "83210"
},
{
"_id": null,
"model": "telepresence profile series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "abyp-2t-0s-2l-p-m",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"_id": null,
"model": "visual quality experience tools server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "cloud manager with openstack interim fix",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2.0.3"
},
{
"_id": null,
"model": "prime access registrar",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "7.2"
},
{
"_id": null,
"model": "mysql enterprise backup",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.0.1"
},
{
"_id": null,
"model": "nexus series switches 7.3.1dx",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "7000"
},
{
"_id": null,
"model": "asa cx and cisco prime security manager",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "9.5.4.3"
},
{
"_id": null,
"model": "enterprise linux hpc node",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7"
},
{
"_id": null,
"model": "project openssl 1.0.1l",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "im and presence service",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "digital media manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.3"
},
{
"_id": null,
"model": "9.3-release-p29",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "firesight system software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "management appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "vm server for",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "x863.2"
},
{
"_id": null,
"model": "aspera console",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.2"
},
{
"_id": null,
"model": "tivoli provisioning manager for images system edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x7.1.1.0"
},
{
"_id": null,
"model": "unity connection",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.0.1"
},
{
"_id": null,
"model": "cloud object store",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "anyconnect secure mobility client for os",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "x4.0"
},
{
"_id": null,
"model": "project openssl 1.0.1h",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "unified communications manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "10.5(2.13900.9)"
},
{
"_id": null,
"model": "ip interoperability and collaboration system",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0"
},
{
"_id": null,
"model": "unified communications manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "10.5(0.98000.88)"
},
{
"_id": null,
"model": "cloud manager with openstack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2.0.1"
},
{
"_id": null,
"model": "project openssl 1.0.1p",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
}
],
"sources": [
{
"db": "BID",
"id": "89744"
},
{
"db": "NVD",
"id": "CVE-2016-2106"
}
]
},
"credits": {
"_id": null,
"data": "Red Hat",
"sources": [
{
"db": "PACKETSTORM",
"id": "136958"
},
{
"db": "PACKETSTORM",
"id": "136937"
},
{
"db": "PACKETSTORM",
"id": "139114"
},
{
"db": "PACKETSTORM",
"id": "139167"
},
{
"db": "PACKETSTORM",
"id": "139116"
},
{
"db": "PACKETSTORM",
"id": "140182"
}
],
"trust": 0.6
},
"cve": "CVE-2016-2106",
"cvss": {
"_id": null,
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CVE-2016-2106",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.1,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"id": "CVE-2016-2106",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2016-2106",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2016-2106",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2016-2106"
},
{
"db": "NVD",
"id": "CVE-2016-2106"
}
]
},
"description": {
"_id": null,
"data": "Integer overflow in the EVP_EncryptUpdate function in crypto/evp/evp_enc.c in OpenSSL before 1.0.1t and 1.0.2 before 1.0.2h allows remote attackers to cause a denial of service (heap memory corruption) via a large amount of data. OpenSSL is prone to an integer-overflow vulnerability. \nAn attacker can exploit this issue to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts will likely result in denial-of-service conditions. \nFollowing product versions are affected:\nOpenSSL versions 1.0.2 prior to 1.0.2h are vulnerable. \nOpenSSL versions 1.0.1 prior to 1.0.1t are vulnerable. OpenSSL Security Advisory [3rd May 2016]\n========================================\n\nMemory corruption in the ASN.1 encoder (CVE-2016-2108)\n======================================================\n\nSeverity: High\n\nThis issue affected versions of OpenSSL prior to April 2015. The bug\ncausing the vulnerability was fixed on April 18th 2015, and released\nas part of the June 11th 2015 security releases. The security impact\nof the bug was not known at the time. \n\nIn previous versions of OpenSSL, ASN.1 encoding the value zero\nrepresented as a negative integer can cause a buffer underflow\nwith an out-of-bounds write in i2c_ASN1_INTEGER. The ASN.1 parser does\nnot normally create \"negative zeroes\" when parsing ASN.1 input, and\ntherefore, an attacker cannot trigger this bug. \n\nHowever, a second, independent bug revealed that the ASN.1 parser\n(specifically, d2i_ASN1_TYPE) can misinterpret a large universal tag\nas a negative zero value. Large universal tags are not present in any\ncommon ASN.1 structures (such as X509) but are accepted as part of ANY\nstructures. \n\nTherefore, if an application deserializes untrusted ASN.1 structures\ncontaining an ANY field, and later reserializes them, an attacker may\nbe able to trigger an out-of-bounds write. This has been shown to\ncause memory corruption that is potentially exploitable with some\nmalloc implementations. \n\nApplications that parse and re-encode X509 certificates are known to\nbe vulnerable. Applications that verify RSA signatures on X509\ncertificates may also be vulnerable; however, only certificates with\nvalid signatures trigger ASN.1 re-encoding and hence the\nbug. Specifically, since OpenSSL\u0027s default TLS X509 chain verification\ncode verifies the certificate chain from root to leaf, TLS handshakes\ncould only be targeted with valid certificates issued by trusted\nCertification Authorities. \n\nOpenSSL 1.0.2 users should upgrade to 1.0.2c\nOpenSSL 1.0.1 users should upgrade to 1.0.1o\n\nThis vulnerability is a combination of two bugs, neither of which\nindividually has security impact. The first bug (mishandling of\nnegative zero integers) was reported to OpenSSL by Huzaifa Sidhpurwala\n(Red Hat) and independently by Hanno B\u00f6ck in April 2015. The second\nissue (mishandling of large universal tags) was found using libFuzzer,\nand reported on the public issue tracker on March 1st 2016. The fact\nthat these two issues combined present a security vulnerability was\nreported by David Benjamin (Google) on March 31st 2016. The fixes were\ndeveloped by Steve Henson of the OpenSSL development team, and David\nBenjamin. The OpenSSL team would also like to thank Mark Brand and\nIan Beer from the Google Project Zero team for their careful analysis\nof the impact. \n\nThe fix for the \"negative zero\" memory corruption bug can be\nidentified by commits\n\n3661bb4e7934668bd99ca777ea8b30eedfafa871 (1.0.2)\nand\n32d3b0f52f77ce86d53f38685336668d47c5bdfe (1.0.1)\n\nPadding oracle in AES-NI CBC MAC check (CVE-2016-2107)\n======================================================\n\nSeverity: High\n\nA MITM attacker can use a padding oracle attack to decrypt traffic\nwhen the connection uses an AES CBC cipher and the server support\nAES-NI. \n\nThis issue was introduced as part of the fix for Lucky 13 padding\nattack (CVE-2013-0169). The padding check was rewritten to be in\nconstant time by making sure that always the same bytes are read and\ncompared against either the MAC or padding bytes. But it no longer\nchecked that there was enough data to have both the MAC and padding\nbytes. \n\nOpenSSL 1.0.2 users should upgrade to 1.0.2h\nOpenSSL 1.0.1 users should upgrade to 1.0.1t\n\nThis issue was reported to OpenSSL on 13th of April 2016 by Juraj\nSomorovsky using TLS-Attacker. The fix was developed by Kurt Roeckx\nof the OpenSSL development team. \n\nEVP_EncodeUpdate overflow (CVE-2016-2105)\n=========================================\n\nSeverity: Low\n\nAn overflow can occur in the EVP_EncodeUpdate() function which is used for\nBase64 encoding of binary data. \n\nInternally to OpenSSL the EVP_EncodeUpdate() function is primarly used by the\nPEM_write_bio* family of functions. These are mainly used within the OpenSSL\ncommand line applications. These internal uses are not considered vulnerable\nbecause all calls are bounded with length checks so no overflow is possible. \nUser applications that call these APIs directly with large amounts of untrusted\ndata may be vulnerable. (Note: Initial analysis suggested that the\nPEM_write_bio* were vulnerable, and this is reflected in the patch commit\nmessage. This is no longer believed to be the case). \n\nOpenSSL 1.0.2 users should upgrade to 1.0.2h\nOpenSSL 1.0.1 users should upgrade to 1.0.1t\n\nThis issue was reported to OpenSSL on 3rd March 2016 by Guido Vranken. The\nfix was developed by Matt Caswell of the OpenSSL development team. \n\nEVP_EncryptUpdate overflow (CVE-2016-2106)\n==========================================\n\nSeverity: Low\n\nAn overflow can occur in the EVP_EncryptUpdate() function. Following an analysis of all OpenSSL internal\nusage of the EVP_EncryptUpdate() function all usage is one of two forms. \nThe first form is where the EVP_EncryptUpdate() call is known to be the first\ncalled function after an EVP_EncryptInit(), and therefore that specific call\nmust be safe. The second form is where the length passed to EVP_EncryptUpdate()\ncan be seen from the code to be some small value and therefore there is no\npossibility of an overflow. Since all instances are one of these two forms, it\nis believed that there can be no overflows in internal code due to this problem. \nIt should be noted that EVP_DecryptUpdate() can call EVP_EncryptUpdate() in\ncertain code paths. Also EVP_CipherUpdate() is a synonym for\nEVP_EncryptUpdate(). All instances of these calls have also been analysed too\nand it is believed there are no instances in internal usage where an overflow\ncould occur. \n\nThis could still represent a security issue for end user code that calls this\nfunction directly. \n\nOpenSSL 1.0.2 users should upgrade to 1.0.2h\nOpenSSL 1.0.1 users should upgrade to 1.0.1t\n\nThis issue was reported to OpenSSL on 3rd March 2016 by Guido Vranken. The\nfix was developed by Matt Caswell of the OpenSSL development team. \n\nASN.1 BIO excessive memory allocation (CVE-2016-2109)\n=====================================================\n\nSeverity: Low\n\nWhen ASN.1 data is read from a BIO using functions such as d2i_CMS_bio()\na short invalid encoding can casuse allocation of large amounts of memory\npotentially consuming excessive resources or exhausting memory. \n\nAny application parsing untrusted data through d2i BIO functions is affected. \nThe memory based functions such as d2i_X509() are *not* affected. Since the\nmemory based functions are used by the TLS library, TLS applications are not\naffected. \n\nOpenSSL 1.0.2 users should upgrade to 1.0.2h\nOpenSSL 1.0.1 users should upgrade to 1.0.1t\n\nThis issue was reported to OpenSSL on 4th April 2016 by Brian Carpenter. \nThe fix was developed by Stephen Henson of the OpenSSL development team. \n\nEBCDIC overread (CVE-2016-2176)\n===============================\n\nSeverity: Low\n\nASN1 Strings that are over 1024 bytes can cause an overread in applications\nusing the X509_NAME_oneline() function on EBCDIC systems. This could result in\narbitrary stack data being returned in the buffer. \n\nOpenSSL 1.0.2 users should upgrade to 1.0.2h\nOpenSSL 1.0.1 users should upgrade to 1.0.1t\n\nThis issue was reported to OpenSSL on 5th March 2016 by Guido Vranken. The\nfix was developed by Matt Caswell of the OpenSSL development team. \n\nNote\n====\n\nAs per our previous announcements and our Release Strategy\n(https://www.openssl.org/policies/releasestrat.html), support for OpenSSL\nversion 1.0.1 will cease on 31st December 2016. No security updates for that\nversion will be provided after that date. Users of 1.0.1 are advised to\nupgrade. \n\nSupport for versions 0.9.8 and 1.0.0 ended on 31st December 2015. Those\nversions are no longer receiving security updates. \n\nReferences\n==========\n\nURL for this Security Advisory:\nhttps://www.openssl.org/news/secadv/20160503.txt\n\nNote: the online version of the advisory may be updated with additional details\nover time. \n\nFor details of OpenSSL severity classifications please see:\nhttps://www.openssl.org/policies/secpolicy.html\n. \nCorrected: 2016-05-03 18:54:20 UTC (stable/10, 10.3-STABLE)\n 2016-05-04 15:25:47 UTC (releng/10.3, 10.3-RELEASE-p2)\n 2016-05-04 15:26:23 UTC (releng/10.2, 10.2-RELEASE-p16)\n 2016-05-04 15:27:09 UTC (releng/10.1, 10.1-RELEASE-p33)\n 2016-05-04 06:53:02 UTC (stable/9, 9.3-STABLE)\n 2016-05-04 15:27:09 UTC (releng/9.3, 9.3-RELEASE-p41)\nCVE Name: CVE-2016-2105, CVE-2016-2106, CVE-2016-2107, CVE-2016-2109,\n CVE-2016-2176\n\nFor general information regarding FreeBSD Security Advisories,\nincluding descriptions of the fields above, security branches, and the\nfollowing sections, please visit \u003cURL:https://security.FreeBSD.org/\u003e. Background\n\nFreeBSD includes software from the OpenSSL Project. \n\nII. [CVE-2016-2176]\nFreeBSD does not run on any EBCDIC systems and therefore is not affected. \n\nIII. \n\nIV. Workaround\n\nNo workaround is available. \n\nV. Solution\n\nPerform one of the following:\n\n1) Upgrade your vulnerable system to a supported FreeBSD stable or\nrelease / security branch (releng) dated after the correction date. \n\nRestart all daemons that use the library, or reboot the system. \n\n2) To update your vulnerable system via a binary patch:\n\nSystems running a RELEASE version of FreeBSD on the i386 or amd64\nplatforms can be updated via the freebsd-update(8) utility:\n\n# freebsd-update fetch\n# freebsd-update install\n\nRestart all daemons that use the library, or reboot the system. \n\n3) To update your vulnerable system via a source code patch:\n\nThe following patches have been verified to apply to the applicable\nFreeBSD release branches. \n\na) Download the relevant patch from the location below, and verify the\ndetached PGP signature using your PGP utility. \n\n[FreeBSD 10.x]\n# fetch https://security.FreeBSD.org/patches/SA-16:17/openssl-10.patch\n# fetch https://security.FreeBSD.org/patches/SA-16:17/openssl-10.patch.asc\n# gpg --verify openssl-10.patch.asc\n\n[FreeBSD 9.3]\n# fetch https://security.FreeBSD.org/patches/SA-16:17/openssl-9.patc\n# fetch https://security.FreeBSD.org/patches/SA-16:17/openssl-9.patch.asc\n# gpg --verify openssl-9.patch.asc\n\nb) Apply the patch. Execute the following commands as root:\n\n# cd /usr/src\n# patch \u003c /path/to/patch\n\nc) Recompile the operating system using buildworld and installworld as\ndescribed in \u003cURL:https://www.FreeBSD.org/handbook/makeworld.html\u003e. \n\nRestart all daemons that use the library, or reboot the system. \n\nVI. Correction details\n\nThe following list contains the correction revision numbers for each\naffected branch. \n\nBranch/path Revision\n- -------------------------------------------------------------------------\nstable/9/ r299053\nreleng/9.3/ r299068\nstable/10/ r298999\nreleng/10.1/ r299068\nreleng/10.2/ r299067\nreleng/10.3/ r299066\n- -------------------------------------------------------------------------\n\nTo see which files were modified by a particular revision, run the\nfollowing command, replacing NNNNNN with the revision number, on a\nmachine with Subversion installed:\n\n# svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base\n\nOr visit the following URL, replacing NNNNNN with the revision number:\n\n\u003cURL:https://svnweb.freebsd.org/base?view=revision\u0026revision=NNNNNN\u003e\n\nVII. 6) - i386, x86_64\n\n3. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=====================================================================\n Red Hat Security Advisory\n\nSynopsis: Important: openssl security update\nAdvisory ID: RHSA-2016:0722-01\nProduct: Red Hat Enterprise Linux\nAdvisory URL: https://rhn.redhat.com/errata/RHSA-2016-0722.html\nIssue date: 2016-05-09\nCVE Names: CVE-2016-0799 CVE-2016-2105 CVE-2016-2106 \n CVE-2016-2107 CVE-2016-2108 CVE-2016-2109 \n CVE-2016-2842 \n=====================================================================\n\n1. Summary:\n\nAn update for openssl is now available for Red Hat Enterprise Linux 7. A Common Vulnerability Scoring System (CVSS) base score,\nwhich gives a detailed severity rating, is available for each vulnerability\nfrom the CVE link(s) in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux Client (v. 7) - x86_64\nRed Hat Enterprise Linux Client Optional (v. 7) - x86_64\nRed Hat Enterprise Linux ComputeNode (v. 7) - x86_64\nRed Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64\nRed Hat Enterprise Linux Server (v. 7) - ppc64, ppc64le, s390x, x86_64\nRed Hat Enterprise Linux Server Optional (v. 7) - ppc64, ppc64le, s390x, x86_64\nRed Hat Enterprise Linux Workstation (v. 7) - x86_64\nRed Hat Enterprise Linux Workstation Optional (v. 7) - x86_64\n\n3. Description:\n\nOpenSSL is a toolkit that implements the Secure Sockets Layer (SSL) and\nTransport Layer Security (TLS) protocols, as well as a full-strength\ngeneral-purpose cryptography library. \n\nSecurity Fix(es):\n\n* A flaw was found in the way OpenSSL encoded certain ASN.1 data\nstructures. \n(CVE-2016-2105, CVE-2016-2106)\n\n* It was discovered that OpenSSL leaked timing information when decrypting\nTLS/SSL and DTLS protocol encrypted records when the connection used the\nAES CBC cipher suite and the server supported AES-NI. A remote attacker\ncould possibly use this flaw to retrieve plain text from encrypted packets\nby using a TLS/SSL or DTLS server as a padding oracle. \n(CVE-2016-0799, CVE-2016-2842)\n\n* A denial of service flaw was found in the way OpenSSL parsed certain\nASN.1-encoded data from BIO (OpenSSL\u0027s I/O abstraction) inputs. (CVE-2016-2109)\n\nRed Hat would like to thank the OpenSSL project for reporting\nCVE-2016-2108, CVE-2016-2842, CVE-2016-2105, CVE-2016-2106, CVE-2016-2107,\nand CVE-2016-0799. Upstream acknowledges Huzaifa Sidhpurwala (Red Hat),\nHanno B\u00f6ck, and David Benjamin (Google) as the original reporters of\nCVE-2016-2108; Guido Vranken as the original reporter of CVE-2016-2842,\nCVE-2016-2105, CVE-2016-2106, and CVE-2016-0799; and Juraj Somorovsky as\nthe original reporter of CVE-2016-2107. \n\n4. Solution:\n\nFor details on how to apply this update, which includes the changes\ndescribed in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor the update to take effect, all services linked to the OpenSSL library\nmust be restarted, or the system rebooted. \n\n5. Package List:\n\nRed Hat Enterprise Linux Client (v. 7):\n\nSource:\nopenssl-1.0.1e-51.el7_2.5.src.rpm\n\nx86_64:\nopenssl-1.0.1e-51.el7_2.5.x86_64.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.5.i686.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.5.x86_64.rpm\nopenssl-libs-1.0.1e-51.el7_2.5.i686.rpm\nopenssl-libs-1.0.1e-51.el7_2.5.x86_64.rpm\n\nRed Hat Enterprise Linux Client Optional (v. 7):\n\nx86_64:\nopenssl-debuginfo-1.0.1e-51.el7_2.5.i686.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.5.x86_64.rpm\nopenssl-devel-1.0.1e-51.el7_2.5.i686.rpm\nopenssl-devel-1.0.1e-51.el7_2.5.x86_64.rpm\nopenssl-perl-1.0.1e-51.el7_2.5.x86_64.rpm\nopenssl-static-1.0.1e-51.el7_2.5.i686.rpm\nopenssl-static-1.0.1e-51.el7_2.5.x86_64.rpm\n\nRed Hat Enterprise Linux ComputeNode (v. 7):\n\nSource:\nopenssl-1.0.1e-51.el7_2.5.src.rpm\n\nx86_64:\nopenssl-1.0.1e-51.el7_2.5.x86_64.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.5.i686.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.5.x86_64.rpm\nopenssl-libs-1.0.1e-51.el7_2.5.i686.rpm\nopenssl-libs-1.0.1e-51.el7_2.5.x86_64.rpm\n\nRed Hat Enterprise Linux ComputeNode Optional (v. 7):\n\nx86_64:\nopenssl-debuginfo-1.0.1e-51.el7_2.5.i686.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.5.x86_64.rpm\nopenssl-devel-1.0.1e-51.el7_2.5.i686.rpm\nopenssl-devel-1.0.1e-51.el7_2.5.x86_64.rpm\nopenssl-perl-1.0.1e-51.el7_2.5.x86_64.rpm\nopenssl-static-1.0.1e-51.el7_2.5.i686.rpm\nopenssl-static-1.0.1e-51.el7_2.5.x86_64.rpm\n\nRed Hat Enterprise Linux Server (v. 7):\n\nSource:\nopenssl-1.0.1e-51.el7_2.5.src.rpm\n\nppc64:\nopenssl-1.0.1e-51.el7_2.5.ppc64.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.5.ppc.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.5.ppc64.rpm\nopenssl-devel-1.0.1e-51.el7_2.5.ppc.rpm\nopenssl-devel-1.0.1e-51.el7_2.5.ppc64.rpm\nopenssl-libs-1.0.1e-51.el7_2.5.ppc.rpm\nopenssl-libs-1.0.1e-51.el7_2.5.ppc64.rpm\n\nppc64le:\nopenssl-1.0.1e-51.el7_2.5.ppc64le.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.5.ppc64le.rpm\nopenssl-devel-1.0.1e-51.el7_2.5.ppc64le.rpm\nopenssl-libs-1.0.1e-51.el7_2.5.ppc64le.rpm\n\ns390x:\nopenssl-1.0.1e-51.el7_2.5.s390x.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.5.s390.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.5.s390x.rpm\nopenssl-devel-1.0.1e-51.el7_2.5.s390.rpm\nopenssl-devel-1.0.1e-51.el7_2.5.s390x.rpm\nopenssl-libs-1.0.1e-51.el7_2.5.s390.rpm\nopenssl-libs-1.0.1e-51.el7_2.5.s390x.rpm\n\nx86_64:\nopenssl-1.0.1e-51.el7_2.5.x86_64.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.5.i686.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.5.x86_64.rpm\nopenssl-devel-1.0.1e-51.el7_2.5.i686.rpm\nopenssl-devel-1.0.1e-51.el7_2.5.x86_64.rpm\nopenssl-libs-1.0.1e-51.el7_2.5.i686.rpm\nopenssl-libs-1.0.1e-51.el7_2.5.x86_64.rpm\n\nRed Hat Enterprise Linux Server Optional (v. 7):\n\nppc64:\nopenssl-debuginfo-1.0.1e-51.el7_2.5.ppc.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.5.ppc64.rpm\nopenssl-perl-1.0.1e-51.el7_2.5.ppc64.rpm\nopenssl-static-1.0.1e-51.el7_2.5.ppc.rpm\nopenssl-static-1.0.1e-51.el7_2.5.ppc64.rpm\n\nppc64le:\nopenssl-debuginfo-1.0.1e-51.el7_2.5.ppc64le.rpm\nopenssl-perl-1.0.1e-51.el7_2.5.ppc64le.rpm\nopenssl-static-1.0.1e-51.el7_2.5.ppc64le.rpm\n\ns390x:\nopenssl-debuginfo-1.0.1e-51.el7_2.5.s390.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.5.s390x.rpm\nopenssl-perl-1.0.1e-51.el7_2.5.s390x.rpm\nopenssl-static-1.0.1e-51.el7_2.5.s390.rpm\nopenssl-static-1.0.1e-51.el7_2.5.s390x.rpm\n\nx86_64:\nopenssl-debuginfo-1.0.1e-51.el7_2.5.i686.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.5.x86_64.rpm\nopenssl-perl-1.0.1e-51.el7_2.5.x86_64.rpm\nopenssl-static-1.0.1e-51.el7_2.5.i686.rpm\nopenssl-static-1.0.1e-51.el7_2.5.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation (v. 7):\n\nSource:\nopenssl-1.0.1e-51.el7_2.5.src.rpm\n\nx86_64:\nopenssl-1.0.1e-51.el7_2.5.x86_64.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.5.i686.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.5.x86_64.rpm\nopenssl-devel-1.0.1e-51.el7_2.5.i686.rpm\nopenssl-devel-1.0.1e-51.el7_2.5.x86_64.rpm\nopenssl-libs-1.0.1e-51.el7_2.5.i686.rpm\nopenssl-libs-1.0.1e-51.el7_2.5.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation Optional (v. 7):\n\nx86_64:\nopenssl-debuginfo-1.0.1e-51.el7_2.5.i686.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.5.x86_64.rpm\nopenssl-perl-1.0.1e-51.el7_2.5.x86_64.rpm\nopenssl-static-1.0.1e-51.el7_2.5.i686.rpm\nopenssl-static-1.0.1e-51.el7_2.5.x86_64.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. References:\n\nhttps://access.redhat.com/security/cve/CVE-2016-0799\nhttps://access.redhat.com/security/cve/CVE-2016-2105\nhttps://access.redhat.com/security/cve/CVE-2016-2106\nhttps://access.redhat.com/security/cve/CVE-2016-2107\nhttps://access.redhat.com/security/cve/CVE-2016-2108\nhttps://access.redhat.com/security/cve/CVE-2016-2109\nhttps://access.redhat.com/security/cve/CVE-2016-2842\nhttps://access.redhat.com/security/updates/classification/#important\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2016 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niD8DBQFXMFlTXlSAg2UNWIIRAhYAAJ0T9Ib2vXUa5te34i6fphHrbe0HlwCfePy5\nWjaK8x9OaI0FgbWyfxvwq6o=\n=jHjh\n-----END PGP SIGNATURE-----\n\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce. This could lead to a heap corruption. \n This could lead to a heap corruption. \n\nCVE-2016-2108\n\n David Benjamin from Google discovered that two separate bugs in the\n ASN.1 encoder, related to handling of negative zero integer values\n and large universal tags, could lead to an out-of-bounds write. \n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 1.0.2h-1. Description:\n\nRed Hat JBoss Enterprise Application Platform 6 is a platform for Java\napplications based on JBoss Application Server 7. \n\nThis release includes bug fixes and enhancements, as well as a new release\nof OpenSSL that addresses a number of outstanding security flaws. For\nfurther information, see the knowledge base article linked to in the\nReferences section. The JBoss server process must be restarted for the update\nto take effect. \n(CVE-2016-2108)\n\n* Multiple flaws were found in the way httpd parsed HTTP requests and\nresponses using chunked transfer encoding. A remote attacker could use\nthese flaws to create a specially crafted request, which httpd would decode\ndifferently from an HTTP proxy software in front of it, possibly leading to\nHTTP request smuggling attacks. (CVE-2015-3195)\n\n* A flaw was found in the way the TLS protocol composes the Diffie-Hellman\nexchange (for both export and non-export grade cipher suites). An attacker\ncould use this flaw to downgrade a DHE connection to use export-grade key\nsizes, which could then be broken by sufficient pre-computation. This can\nlead to a passive man-in-the-middle attack in which the attacker is able to\ndecrypt all traffic. (CVE-2016-2106)\n\n* It was discovered that it is possible to remotely Segfault Apache http\nserver with a specially crafted string sent to the mod_cluster via service\nmessages (MCMP). (CVE-2016-2109)\n\n* It was discovered that specifying configuration with a JVMRoute path\nlonger than 80 characters will cause segmentation fault leading to a server\ncrash. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA256\n\nNote: the current version of the following document is available here:\nhttps://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c05320149\n\nSUPPORT COMMUNICATION - SECURITY BULLETIN\n\nDocument ID: c05320149\nVersion: 1\n\nHPSBMU03653 rev.1 - HPE System Management Homepage (SMH), Remote Arbitrary\nCode Execution, Cross-Site Scripting (XSS), Denial of Service (DoS),\nUnauthorized Disclosure of Information\n\nNOTICE: The information in this Security Bulletin should be acted upon as\nsoon as possible. \n\nRelease Date: 2016-10-26\nLast Updated: 2016-10-26\n\nPotential Security Impact: Remote: Arbitrary Code Execution, Cross-Site\nScripting (XSS), Denial of Service (DoS), Unauthorized Disclosure of\nInformation\n\nSource: Hewlett Packard Enterprise, Product Security Response Team\n\nVULNERABILITY SUMMARY\nMultiple potential security vulnerabilities have been identified in HPE\nSystem Management Homepage (SMH) on Windows and Linux. The vulnerabilities\ncould be remotely exploited using man-in-the-middle (MITM) attacks resulting\nin cross-site scripting (XSS), arbitrary code execution, Denial of Service\n(DoS), and/or unauthorized disclosure of information. \n\nReferences:\n\n - CVE-2016-2107 - OpenSSL, Unauthorized disclosure of information\n - CVE-2016-2106 - OpenSSL, Denial of Service (DoS)\n - CVE-2016-2109 - OpenSSL, Denial of Service (DoS)\n - CVE-2016-2105 - OpenSSL, Denial of Service (DoS)\n - CVE-2016-3739 - cURL and libcurl, Remote code execution\n - CVE-2016-5388 - \"HTTPoxy\", Apache Tomcat\n - CVE-2016-5387 - \"HTTPoxy\", Apache HTTP Server\n - CVE-2016-5385 - \"HTTPoxy\", PHP \n - CVE-2016-4543 - PHP, multiple impact\n - CVE-2016-4071 - PHP, multiple impact\n - CVE-2016-4072 - PHP, multiple impact\n - CVE-2016-4542 - PHP, multiple impact\n - CVE-2016-4541 - PHP, multiple impact\n - CVE-2016-4540 - PHP, multiple impact\n - CVE-2016-4539 - PHP, multiple impact\n - CVE-2016-4538 - PHP, multiple impact\n - CVE-2016-4537 - PHP, multiple impact\n - CVE-2016-4343 - PHP, multiple impact\n - CVE-2016-4342 - PHP, multiple impact\n - CVE-2016-4070 - PHP, Denial of Service (DoS)\n - CVE-2016-4393 - PSRT110263, XSS vulnerability\n - CVE-2016-4394 - PSRT110263, HSTS vulnerability\n - CVE-2016-4395 - ZDI-CAN-3722, PSRT110115, Buffer Overflow\n - CVE-2016-4396 - ZDI-CAN-3730, PSRT110116, Buffer Overflow\n - PSRT110145\n - PSRT110263\n - PSRT110115\n - PSRT110116\n\nSUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. \n\n - HPE System Management Homepage - all versions prior to v7.6\n\nBACKGROUND\n\n CVSS Base Metrics\n =================\n Reference, CVSS V3 Score/Vector, CVSS V2 Score/Vector\n\n CVE-2016-2105\n 7.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\n 5.0 (AV:N/AC:L/Au:N/C:N/I:N/A:P)\n\n CVE-2016-2106\n 7.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\n 5.0 (AV:N/AC:L/Au:N/C:N/I:N/A:P)\n\n CVE-2016-2107\n 5.9 CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N\n 2.6 (AV:N/AC:H/Au:N/C:P/I:N/A:N)\n\n CVE-2016-2109\n 7.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\n 7.8 (AV:N/AC:L/Au:N/C:N/I:N/A:C)\n\n CVE-2016-3739\n 5.3 CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N\n 2.6 (AV:N/AC:H/Au:N/C:N/I:P/A:N)\n\n CVE-2016-4070\n 7.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\n 5.0 (AV:N/AC:L/Au:N/C:N/I:N/A:P)\n\n CVE-2016-4071\n 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\n 7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)\n\n CVE-2016-4072\n 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\n 7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)\n\n CVE-2016-4342\n 8.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\n 8.3 (AV:N/AC:M/Au:N/C:P/I:P/A:C)\n\n CVE-2016-4343\n 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\n 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)\n\n CVE-2016-4393\n 4.2 CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N\n 4.9 (AV:N/AC:M/Au:S/C:P/I:P/A:N)\n\n CVE-2016-4394\n 6.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L\n 5.8 (AV:N/AC:M/Au:N/C:N/I:P/A:P)\n\n CVE-2016-4395\n 7.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N\n 7.8 (AV:N/AC:L/Au:N/C:N/I:C/A:N)\n\n CVE-2016-4396\n 7.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N\n 7.8 (AV:N/AC:L/Au:N/C:N/I:C/A:N)\n\n CVE-2016-4537\n 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\n 7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)\n\n CVE-2016-4538\n 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\n 7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)\n\n CVE-2016-4539\n 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\n 7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)\n\n CVE-2016-4540\n 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\n 7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)\n\n CVE-2016-4541\n 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\n 7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)\n\n CVE-2016-4542\n 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\n 7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)\n\n CVE-2016-4543\n 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\n 7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)\n\n CVE-2016-5385\n 8.1 CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H\n 5.1 (AV:N/AC:H/Au:N/C:P/I:P/A:P)\n\n CVE-2016-5387\n 8.1 CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H\n 5.1 (AV:N/AC:H/Au:N/C:P/I:P/A:P)\n\n CVE-2016-5388\n 8.1 CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H\n 5.1 (AV:N/AC:H/Au:N/C:P/I:P/A:P)\n\n Information on CVSS is documented in\n HPE Customer Notice HPSN-2008-002 here:\n\nhttps://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c01345499\n\n* Hewlett Packard Enterprise thanks Tenable Network Security for working with\nTrend Micro\u0027s Zero Day Initiative (ZDI) for reporting CVE-2016-4395 and\nCVE-2016-4396 to security-alert@hpe.com\n\nRESOLUTION\n\nHPE has made the following software updates available to resolve the\nvulnerabilities for the impacted versions of System Management Homepage\n(SMH). \n\nPlease download and install HPE System Management Homepage (SMH) v7.6.0 from\nthe following locations: \n\n* \u003chttps://www.hpe.com/us/en/product-catalog/detail/pip.344313.html\u003e\n\nHISTORY\nVersion:1 (rev.1) - 26 October 2016 Initial release\n\nThird Party Security Patches: Third party security patches that are to be\ninstalled on systems running Hewlett Packard Enterprise (HPE) software\nproducts should be applied in accordance with the customer\u0027s patch management\npolicy. \n\nSupport: For issues about implementing the recommendations of this Security\nBulletin, contact normal HPE Services support channel. For other issues about\nthe content of this Security Bulletin, send e-mail to security-alert@hpe.com. \n\nReport: To report a potential security vulnerability for any HPE supported\nproduct:\n Web form: https://www.hpe.com/info/report-security-vulnerability\n Email: security-alert@hpe.com\n\nSubscribe: To initiate a subscription to receive future HPE Security Bulletin\nalerts via Email: http://www.hpe.com/support/Subscriber_Choice\n\nSecurity Bulletin Archive: A list of recently released Security Bulletins is\navailable here: http://www.hpe.com/support/Security_Bulletin_Archive\n\nSoftware Product Category: The Software Product Category is represented in\nthe title by the two characters following HPSB. \n\n3C = 3COM\n3P = 3rd Party Software\nGN = HPE General Software\nHF = HPE Hardware and Firmware\nMU = Multi-Platform Software\nNS = NonStop Servers\nOV = OpenVMS\nPV = ProCurve\nST = Storage Software\nUX = HP-UX\n\nCopyright 2016 Hewlett Packard Enterprise\n\nHewlett Packard Enterprise shall not be liable for technical or editorial\nerrors or omissions contained herein. The information provided is provided\n\"as is\" without warranty of any kind. To the extent permitted by law, neither\nHP or its affiliates, subcontractors or suppliers will be liable for\nincidental,special or consequential damages including downtime cost; lost\nprofits; damages relating to the procurement of substitute products or\nservices; or damages for loss of data, or software restoration. The\ninformation in this document is subject to change without notice. Hewlett\nPackard Enterprise and the names of Hewlett Packard Enterprise products\nreferenced herein are trademarks of Hewlett Packard Enterprise in the United\nStates and other countries. Other product and company names mentioned herein\nmay be trademarks of their respective owners. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA512\n\nAPPLE-SA-2016-07-18-1 OS X El Capitan v10.11.6 and Security Update\n2016-004\n\nOS X El Capitan v10.11.6 and Security Update 2016-004 is now\navailable and addresses the following:\n\napache_mod_php\nAvailable for: \nOS X Yosemite v10.10.5 and OS X El Capitan v10.11 and later\nImpact: A remote attacker may be able to execute arbitrary code\nDescription: Multiple issues existed in PHP versions prior to\n5.5.36. These were addressed by updating PHP to version 5.5.36. \nCVE-2016-4650\n\nAudio\nAvailable for: OS X El Capitan v10.11 and later\nImpact: A local user may be able to execute arbitrary code with\nkernel privileges\nDescription: A memory corruption issue was addressed through\nimproved memory handling. \nCVE-2016-4647 : Juwei Lin (@fuzzerDOTcn) of Trend Micro\n\nAudio\nAvailable for: OS X El Capitan v10.11 and later\nImpact: A local user may be able to determine kernel memory layout\nDescription: An out-of-bounds read was addressed through improved\ninput validation. \nCVE-2016-4648 : Juwei Lin(@fuzzerDOTcn) of Trend Micro\n\nAudio\nAvailable for: OS X El Capitan v10.11 and later\nImpact: Parsing a maliciously crafted audio file may lead to the\ndisclosure of user information\nDescription: An out-of-bounds read was addressed through improved\nbounds checking. \nCVE-2016-4646 : Steven Seeley of Source Incite working with Trend\nMicro\u0027s Zero Day Initiative\n\nAudio\nAvailable for: OS X El Capitan v10.11 and later\nImpact: A local user may be able to cause a system denial of service\nDescription: A null pointer dereference was addressed through\nimproved input validation. \nCVE-2016-4649 : Juwei Lin(@fuzzerDOTcn) of Trend Micro\n\nbsdiff\nAvailable for: OS X El Capitan v10.11 and later\nImpact: A local attacker may be able to cause unexpected application\ntermination or arbitrary code execution\nDescription: An integer overflow existed in bspatch. This issue was\naddressed through improved bounds checking. \nCVE-2014-9862 : an anonymous researcher\n\nCFNetwork\nAvailable for: OS X El Capitan v10.11 and later\nImpact: A local user may be able to view sensitive user information\nDescription: A permissions issue existed in the handling of web\nbrowser cookies. This issue was addressed through improved\nrestrictions. \nCVE-2016-4645 : Abhinav Bansal of Zscaler Inc. \n\nCoreGraphics\nAvailable for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5,\nand OS X El Capitan v10.11 and later\nImpact: A remote attacker may be able to execute arbitrary code\nDescription: A memory corruption issue was addressed through\nimproved memory handling. \nCVE-2016-4637 : Tyler Bohan of Cisco Talos (talosintel.com\n/vulnerability-reports)\n\nCoreGraphics\nAvailable for: OS X El Capitan v10.11 and later\nImpact: A local user may be able to elevate privileges\nDescription: An out-of-bounds read issue existed that led to the\ndisclosure of kernel memory. This was addressed through improved\ninput validation. \nCVE-2016-4652 : Yubin Fu of Tencent KeenLab working with Trend\nMicro\u0027s Zero Day Initiative\n\nFaceTime\nAvailable for: OS X El Capitan v10.11 and later\nImpact: An attacker in a privileged network position may be able to\ncause a relayed call to continue transmitting audio while appearing\nas if the call terminated\nDescription: User interface inconsistencies existed in the handling\nof relayed calls. These issues were addressed through improved\nFaceTime display logic. \nCVE-2016-4635 : Martin Vigo\n\nGraphics Drivers\nAvailable for: OS X El Capitan v10.11 and later\nImpact: A local user may be able to execute arbitrary code with\nkernel privileges\nDescription: A memory corruption issue was addressed through\nimproved input validation. \nCVE-2016-4634 : Stefan Esser of SektionEins\n\nImageIO\nAvailable for: OS X El Capitan v10.11 and later\nImpact: A remote attacker may be able to cause a denial of service\nDescription: A memory consumption issue was addressed through\nimproved memory handling. \nCVE-2016-4632 : Evgeny Sidorov of Yandex\n\nImageIO\nAvailable for: OS X El Capitan v10.11 and later\nImpact: A remote attacker may be able to execute arbitrary code\nDescription: Multiple memory corruption issues were addressed\nthrough improved memory handling. \nCVE-2016-4631 : Tyler Bohan of Cisco Talos (talosintel.com\n/vulnerability-reports)\n\nImageIO\nAvailable for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5,\nand OS X El Capitan v10.11 and later\nImpact: A remote attacker may be able to execute arbitrary code\nDescription: Multiple memory corruption issues were addressed\nthrough improved memory handling. \nCVE-2016-4629 : Tyler Bohan of Cisco Talos (talosintel.com\n/vulnerability-reports)\nCVE-2016-4630 : Tyler Bohan of Cisco Talos (talosintel.com\n/vulnerability-reports)\n\nIntel Graphics Driver\nAvailable for: OS X El Capitan v10.11 and later\nImpact: A malicious application may be able to execute arbitrary\ncode with kernel privileges\nDescription: Multiple memory corruption issues were addressed\nthrough improved memory handling. \nCVE-2016-4633 : an anonymous researcher\n\nIOHIDFamily\nAvailable for: OS X El Capitan v10.11 and later\nImpact: A local user may be able to execute arbitrary code with\nkernel privileges\nDescription: A null pointer dereference was addressed through\nimproved input validation. \nCVE-2016-4626 : Stefan Esser of SektionEins\n\nIOSurface\nAvailable for: OS X El Capitan v10.11 and later\nImpact: A local user may be able to execute arbitrary code with\nkernel privileges\nDescription: A use-after-free was addressed through improved memory\nmanagement. \nCVE-2016-4625 : Ian Beer of Google Project Zero\n\nKernel\nAvailable for: OS X El Capitan v10.11 and later\nImpact: A local user may be able to execute arbitrary code with\nkernel privileges\nDescription: Multiple memory corruption issues were addressed\nthrough improved memory handling. \nCVE-2016-1863 : Ian Beer of Google Project Zero\nCVE-2016-1864 : Ju Zhu of Trend Micro\nCVE-2016-4582 : Shrek_wzw and Proteas of Qihoo 360 Nirvan Team\n\nKernel\nAvailable for: OS X El Capitan v10.11 and later\nImpact: A local user may be able to cause a system denial of service\nDescription: A null pointer dereference was addressed through\nimproved input validation. \nCVE-2016-1865 : CESG, Marco Grassi (@marcograss) of KeenLab\n(@keen_lab), Tencent\n\nlibc++abi\nAvailable for: OS X El Capitan v10.11 and later\nImpact: An application may be able to execute arbitrary code with\nroot privileges\nDescription: Multiple memory corruption issues were addressed\nthrough improved memory handling. \nCVE-2016-4621 : an anonymous researcher\n\nlibexpat\nAvailable for: OS X El Capitan v10.11 and later\nImpact: Processing maliciously crafted XML may lead to unexpected\napplication termination or arbitrary code execution\nDescription: Multiple memory corruption issues were addressed\nthrough improved memory handling. \nCVE-2016-0718 : Gustavo Grieco\n\nLibreSSL\nAvailable for: OS X El Capitan v10.11 and later\nImpact: A remote attacker may be able to execute arbitrary code\nDescription: Multiple issues existed in LibreSSL before 2.2.7. These\nwere addressed by updating LibreSSL to version 2.2.7. \nCVE-2016-2108 : Huzaifa Sidhpurwala (Red Hat), Hanno Boeck, David Benjamin (Google) Mark Brand,\nIan Beer of Google Project Zero\nCVE-2016-2109 : Brian Carpenter\n\nlibxml2\nAvailable for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5,\nand OS X El Capitan v10.11 and later\nImpact: Parsing a maliciously crafted XML document may lead to\ndisclosure of user information\nDescription: An access issue existed in the parsing of maliciously\ncrafted XML files. This issue was addressed through improved input\nvalidation. \nCVE-2016-4449 : Kostya Serebryany\n\nlibxml2\nAvailable for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5,\nand OS X El Capitan v10.11 and later\nImpact: Multiple vulnerabilities in libxml2\nDescription: Multiple memory corruption issues were addressed\nthrough improved memory handling. \nCVE-2016-1836 : Wei Lei and Liu Yang of Nanyang Technological\nUniversity\nCVE-2016-4447 : Wei Lei and Liu Yang of Nanyang Technological\nUniversity\nCVE-2016-4448 : Apple\nCVE-2016-4483 : Gustavo Grieco\nCVE-2016-4614 : Nick Wellnhofe\nCVE-2016-4615 : Nick Wellnhofer\nCVE-2016-4616 : Michael Paddon\nCVE-2016-4619 : Hanno Boeck\n\nlibxslt\nAvailable for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5,\nand OS X El Capitan v10.11 and later\nImpact: Multiple vulnerabilities in libxslt\nDescription: Multiple memory corruption issues were addressed\nthrough improved memory handling. \nCVE-2016-1684 : Nicolas GrA(c)goire\nCVE-2016-4607 : Nick Wellnhofer\nCVE-2016-4608 : Nicolas GrA(c)goire\nCVE-2016-4609 : Nick Wellnhofer\nCVE-2016-4610 : Nick Wellnhofer\nCVE-2016-4612 : Nicolas GrA(c)goire\n\nLogin Window\nAvailable for: OS X El Capitan v10.11 and later\nImpact: A malicious application may be able to execute arbitrary\ncode leading to compromise of user information\nDescription: A memory corruption issue was addressed through\nimproved input validation. \nCVE-2016-4640 : Yubin Fu of Tencent KeenLab working with Trend\nMicro\u0027s Zero Day Initiative\n\nLogin Window\nAvailable for: OS X El Capitan v10.11 and later\nImpact: A malicious application may be able to execute arbitrary\ncode leading to the compromise of user information\nDescription: A type confusion issue was addressed through improved\nmemory handling. \nCVE-2016-4641 : Yubin Fu of Tencent KeenLab working with Trend\nMicro\u0027s Zero Day Initiative\n\nLogin Window\nAvailable for: OS X El Capitan v10.11 and later\nImpact: A local user may be able to cause a denial of service\nDescription: A memory initialization issue was addressed through\nimproved memory handling. \nCVE-2016-4639 : Yubin Fu of Tencent KeenLab working with Trend\nMicro\u0027s Zero Day Initiative\n\nLogin Window\nAvailable for: OS X El Capitan v10.11 and later\nImpact: A malicious application may be able to gain root privileges\nDescription: A type confusion issue was addressed through improved\nmemory handling. \nCVE-2016-4638 : Yubin Fu of Tencent KeenLab working with Trend\nMicro\u0027s Zero Day Initiative\n\nOpenSSL\nAvailable for: OS X El Capitan v10.11 and later\nImpact: A remote attacker may be able to execute arbitrary code\nDescription: Multiple issues existed in OpenSSL. \nCVE-2016-2105 : Guido Vranken\nCVE-2016-2106 : Guido Vranken\nCVE-2016-2107 : Juraj Somorovsky\nCVE-2016-2108 : Huzaifa Sidhpurwala (Red Hat), Hanno Boeck, David Benjamin (Google), Mark Brand and Ian Beer of Google Project Zero\nCVE-2016-2109 : Brian Carpenter\nCVE-2016-2176 : Guido Vranken\n\nQuickTime\nAvailable for: OS X El Capitan v10.11 and later\nImpact: Processing a maliciously crafted FlashPix Bitmap Image may\nlead to unexpected application termination or arbitrary code\nexecution\nDescription: Multiple memory corruption issues were addressed\nthrough improved memory handling. \nCVE-2016-4596 : Ke Liu of Tencent\u0027s Xuanwu Lab\nCVE-2016-4597 : Ke Liu of Tencent\u0027s Xuanwu Lab\nCVE-2016-4600 : Ke Liu of Tencent\u0027s Xuanwu Lab\nCVE-2016-4602 : Ke Liu of Tencent\u0027s Xuanwu Lab\n\nQuickTime\nAvailable for: OS X El Capitan v10.11 and later\nImpact: Processing a maliciously crafted image may lead to arbitrary\ncode execution\nDescription: A memory corruption issue was addressed through\nimproved input validation. \nCVE-2016-4598 : Ke Liu of Tencent\u0027s Xuanwu Lab\n\nQuickTime\nAvailable for: OS X El Capitan v10.11 and later\nImpact: Processing a maliciously crafted SGI file may lead to\narbitrary code execution\nDescription: A memory corruption issue was addressed through\nimproved input validation. \nCVE-2016-4601 : Ke Liu of Tencent\u0027s Xuanwu Lab\n\nQuickTime\nAvailable for: OS X El Capitan v10.11 and later\nImpact: Processing a maliciously crafted Photoshop document may lead\nto unexpected application termination or arbitrary code execution\nDescription: A memory corruption issue was addressed through\nimproved input validation. \nCVE-2016-4599 : Ke Liu of Tencent\u0027s Xuanwu Lab\n\nSafari Login AutoFill\nAvailable for: OS X El Capitan v10.11 and later\nImpact: A user\u0027s password may be visible on screen\nDescription: An issue existed in Safari\u0027s password auto-fill. This\nissue was addressed through improved matching of form fields. \nCVE-2016-4595 : Jonathan Lewis from DeARX Services (PTY) LTD\n\nSandbox Profiles\nAvailable for: OS X El Capitan v10.11 and later\nImpact: A local application may be able to access the process list\nDescription: An access issue existed with privileged API calls. This\nissue was addressed through additional restrictions. \nCVE-2016-4594 : Stefan Esser of SektionEins\n\nNote: OS X El Capitan 10.11.6 includes the security content of Safari\n9.1.2. For further details see https://support.apple.com/kb/HT206900\n\n\nOS X El Capitan v10.11.6 and Security Update 2016-004 may be obtained\nfrom the Mac App Store or Apple\u0027s Software Downloads web site:\nhttp://www.apple.com/support/downloads/\n\nInformation will also be posted to the Apple Security Updates\nweb site: http://support.apple.com/kb/HT201222\n\nThis message is signed with Apple\u0027s Product Security PGP key,\nand details are available at:\nhttps://www.apple.com/support/security/pgp/\n-----BEGIN PGP SIGNATURE-----\nComment: GPGTools - https://gpgtools.org\n\niQIcBAEBCgAGBQJXjXAvAAoJEIOj74w0bLRG/5EP/2v9SJTrO+/4b3A1gqC1ch8y\n+cJ04tXRsO7rvjKT5nCylo30U0Sanz/bUbDx4559YS7/P/IyeyZVheaTJwK8wzEy\npSOPpy35hUuVIw0/p4YsuHDThSBPFMmDljTxH7elkfuBV1lPSrCkyDXc0re2HxWV\nxj68zAxtM0jkkhgcxb2ApZSZVXhrjUZtbY0xEVOoWKKFwbMvKfx+4xSqunwQeS1u\nwevs1EbxfvsZbc3pG+xYcOonbegBzOy9aCvNO1Yv1zG+AYXC5ERMq1vk3PsWOTQN\nZVY1I7mvCaEfvmjq2isRw8XYapAIKISDLwMKBSYrZDQFwPQLRi1VXxQZ67Kq1M3k\nah04/lr0RIcoosIcBqxD2+1UAFjUzEUNFkYivjhuaeegN2QdL7Ujegf1QjdAt8lk\nmmKduxYUDOaRX50Kw7n14ZveJqzE1D5I6QSItaZ9M1vR60a7u91DSj9D87vbt1YC\nJM/Rvf/4vonp1NjwA2JQwCiZfYliBDdn9iiCl8mzxdsSRD/wXcZCs05nnKmKsCfc\n55ET7IwdG3622lVheOJGQZuucwJiTn36zC11XVzZysQd/hLD5rUKUQNX1WOgZdzs\nxPsslXF5MWx9jcdyWVSWxDrN0sFk+GpQFQDuVozP60xuxqR3qQ0TXir2NP39uIF5\nYozOGPQFmX0OviWCQsX6\n=ng+m\n-----END PGP SIGNATURE-----\n. \n\nThe References section of this erratum contains a download link (you must\nlog in to download the update). (CVE-2014-8176,\nCVE-2015-0209, CVE-2015-0286, CVE-2015-3194, CVE-2015-3195, CVE-2015-3196,\nCVE-2015-3216, CVE-2016-0702, CVE-2016-0705, CVE-2016-0797, CVE-2016-0799,\nCVE-2016-2105, CVE-2016-2106, CVE-2016-2107, CVE-2016-2108, CVE-2016-2109,\nCVE-2016-2177, CVE-2016-2178, CVE-2016-2842)\n\n* This update fixes several flaws in libxml2. (CVE-2016-1762,\nCVE-2016-1833, CVE-2016-1834, CVE-2016-1835, CVE-2016-1836, CVE-2016-1837,\nCVE-2016-1838, CVE-2016-1839, CVE-2016-1840, CVE-2016-3627, CVE-2016-3705,\nCVE-2016-4447, CVE-2016-4448, CVE-2016-4449, CVE-2016-4483)\n\n* This update fixes three flaws in curl. (CVE-2016-5419, CVE-2016-5420,\nCVE-2016-7141)\n\n* This update fixes two flaws in httpd. (CVE-2014-3523, CVE-2015-3185)\n\n* This update fixes two flaws in mod_cluster. (CVE-2016-4459,\nCVE-2016-8612)\n\n* A buffer overflow flaw when concatenating virtual host names and URIs was\nfixed in mod_jk. (CVE-2016-6808)\n\n* A memory leak flaw was fixed in expat. \n\nAfter installing the updated packages, the httpd daemon will be restarted\nautomatically. JIRA issues fixed (https://issues.jboss.org/):\n\nJBCS-50 - CVE-2012-1148 CVE-2012-0876 expat: various flaws [jbews-3.0.0]\nJBCS-95 - CVE-2014-3523 httpd: WinNT MPM denial of service\n\n6",
"sources": [
{
"db": "NVD",
"id": "CVE-2016-2106"
},
{
"db": "BID",
"id": "89744"
},
{
"db": "VULMON",
"id": "CVE-2016-2106"
},
{
"db": "PACKETSTORM",
"id": "169652"
},
{
"db": "PACKETSTORM",
"id": "136919"
},
{
"db": "PACKETSTORM",
"id": "136958"
},
{
"db": "PACKETSTORM",
"id": "136937"
},
{
"db": "PACKETSTORM",
"id": "136893"
},
{
"db": "PACKETSTORM",
"id": "139114"
},
{
"db": "PACKETSTORM",
"id": "139379"
},
{
"db": "PACKETSTORM",
"id": "143513"
},
{
"db": "PACKETSTORM",
"id": "139167"
},
{
"db": "PACKETSTORM",
"id": "137958"
},
{
"db": "PACKETSTORM",
"id": "139116"
},
{
"db": "PACKETSTORM",
"id": "140182"
}
],
"trust": 2.34
},
"external_ids": {
"_id": null,
"data": [
{
"db": "NVD",
"id": "CVE-2016-2106",
"trust": 2.6
},
{
"db": "BID",
"id": "89744",
"trust": 1.4
},
{
"db": "PACKETSTORM",
"id": "136912",
"trust": 1.1
},
{
"db": "PULSESECURE",
"id": "SA40202",
"trust": 1.1
},
{
"db": "TENABLE",
"id": "TNS-2016-18",
"trust": 1.1
},
{
"db": "SIEMENS",
"id": "SSA-412672",
"trust": 1.1
},
{
"db": "SECTRACK",
"id": "1035721",
"trust": 1.1
},
{
"db": "MCAFEE",
"id": "SB10160",
"trust": 1.1
},
{
"db": "JUNIPER",
"id": "JSA10759",
"trust": 1.1
},
{
"db": "BID",
"id": "91787",
"trust": 1.1
},
{
"db": "ICS CERT",
"id": "ICSA-22-349-21",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2016-2106",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "169652",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "136919",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "136958",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "136937",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "136893",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "139114",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "139379",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "143513",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "139167",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "137958",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "139116",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "140182",
"trust": 0.1
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2016-2106"
},
{
"db": "BID",
"id": "89744"
},
{
"db": "PACKETSTORM",
"id": "169652"
},
{
"db": "PACKETSTORM",
"id": "136919"
},
{
"db": "PACKETSTORM",
"id": "136958"
},
{
"db": "PACKETSTORM",
"id": "136937"
},
{
"db": "PACKETSTORM",
"id": "136893"
},
{
"db": "PACKETSTORM",
"id": "139114"
},
{
"db": "PACKETSTORM",
"id": "139379"
},
{
"db": "PACKETSTORM",
"id": "143513"
},
{
"db": "PACKETSTORM",
"id": "139167"
},
{
"db": "PACKETSTORM",
"id": "137958"
},
{
"db": "PACKETSTORM",
"id": "139116"
},
{
"db": "PACKETSTORM",
"id": "140182"
},
{
"db": "NVD",
"id": "CVE-2016-2106"
}
]
},
"id": "VAR-201605-0076",
"iot": {
"_id": null,
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.4451234085714285
},
"last_update_date": "2026-04-10T23:29:41.728000Z",
"patch": {
"_id": null,
"data": [
{
"title": "The Register",
"trust": 0.2,
"url": "https://www.theregister.co.uk/2016/05/03/openssl_patches/"
},
{
"title": "Red Hat: Important: openssl security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20162073 - Security Advisory"
},
{
"title": "Red Hat: CVE-2016-2106",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database\u0026qid=CVE-2016-2106"
},
{
"title": "Ubuntu Security Notice: openssl vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-2959-1"
},
{
"title": "Debian Security Advisories: DSA-3566-1 openssl -- security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=055972eb84483959232c972f757685e0"
},
{
"title": "Amazon Linux AMI: ALAS-2016-695",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami\u0026qid=ALAS-2016-695"
},
{
"title": "Tenable Security Advisories: [R5] OpenSSL \u002720160503\u0027 Advisory Affects Tenable Products",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=tenable_security_advisories\u0026qid=TNS-2016-10"
},
{
"title": "Red Hat: Important: Red Hat JBoss Core Services Apache HTTP 2.4.23 Release",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20162957 - Security Advisory"
},
{
"title": "IBM: IBM Security Bulletin: Fabric OS firmware for Brocade 8Gb SAN Switch Module for BladeCenter is affected by vulnerabilities in OpenSSL and OpenSSH",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog\u0026qid=b7f5b1e7edcafce07f28205855d4db49"
},
{
"title": "Tenable Security Advisories: [R3] PVS 5.1.0 Fixes Multiple Third-party Library Vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=tenable_security_advisories\u0026qid=TNS-2016-13"
},
{
"title": "Symantec Security Advisories: SA123 : OpenSSL Vulnerabilities 3-May-2016",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=symantec_security_advisories\u0026qid=5d65f6765e60e5fe9e6998a5bde1aadc"
},
{
"title": "Forcepoint Security Advisories: CVE-2016-2105, 2106, 2107, 2108, 2109, 2176 -- Security Vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=forcepoint_security_advisories\u0026qid=01fd01e3d154696ffabfde89f4142310"
},
{
"title": "Oracle Linux Bulletins: Oracle Linux Bulletin - April 2016",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_linux_bulletins\u0026qid=83bbd91f8369c8f064e6d68dac68400f"
},
{
"title": "Oracle Linux Bulletins: Oracle Linux Bulletin - July 2016",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_linux_bulletins\u0026qid=0bd8c924b56aac98dda0f5b45f425f38"
},
{
"title": "Oracle Solaris Third Party Bulletins: Oracle Solaris Third Party Bulletin - April 2017",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_solaris_third_party_bulletins\u0026qid=a31bff03e9909229fd67996884614fdf"
},
{
"title": "Oracle: Oracle Critical Patch Update Advisory - July 2016",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=3a04485ebb79f7fbc2472bf9af5ce489"
},
{
"title": "Oracle: Oracle Critical Patch Update Advisory - April 2017",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=143b3fb255063c81571469eaa3cf0a87"
},
{
"title": "Tenable Security Advisories: [R7] LCE 4.8.1 Fixes Multiple Vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=tenable_security_advisories\u0026qid=TNS-2016-18"
},
{
"title": "Oracle VM Server for x86 Bulletins: Oracle VM Server for x86 Bulletin - July 2016",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_vm_server_for_x86_bulletins\u0026qid=6c15273f6bf4a785175f27073b98a1ce"
},
{
"title": "Oracle Solaris Third Party Bulletins: Oracle Solaris Third Party Bulletin - April 2016",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_solaris_third_party_bulletins\u0026qid=976a4da35d55283870dbb31b88a6c655"
},
{
"title": "Oracle: Oracle Critical Patch Update Advisory - October 2016",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=05aabe19d38058b7814ef5514aab4c0c"
},
{
"title": "Oracle: Oracle Critical Patch Update Advisory - January 2018",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=e2a7f287e9acc8c64ab3df71130bc64d"
},
{
"title": "Oracle Solaris Third Party Bulletins: Oracle Solaris Third Party Bulletin - July 2018",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_solaris_third_party_bulletins\u0026qid=586e6062440cdd312211d748e028164e"
},
{
"title": "Oracle: Oracle Critical Patch Update Advisory - July 2017",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=2f446a7e1ea263c0c3a365776c6713f2"
},
{
"title": "Oracle: Oracle Critical Patch Update Advisory - July 2018",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=5f8c525f1408011628af1792207b2099"
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/Live-Hack-CVE/CVE-2016-2106 "
},
{
"title": "alpine-cvecheck",
"trust": 0.1,
"url": "https://github.com/tomwillfixit/alpine-cvecheck "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/imhunterand/hackerone-publicy-disclosed "
},
{
"title": "satellite-host-cve",
"trust": 0.1,
"url": "https://github.com/RedHatSatellite/satellite-host-cve "
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2016-2106"
}
]
},
"problemtype_data": {
"_id": null,
"data": [
{
"problemtype": "CWE-189",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2016-2106"
}
]
},
"references": {
"_id": null,
"data": [
{
"trust": 1.6,
"url": "https://www.openssl.org/news/secadv/20160503.txt"
},
{
"trust": 1.5,
"url": "http://rhn.redhat.com/errata/rhsa-2016-0722.html"
},
{
"trust": 1.4,
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html"
},
{
"trust": 1.4,
"url": "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html"
},
{
"trust": 1.4,
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html"
},
{
"trust": 1.4,
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html"
},
{
"trust": 1.4,
"url": "http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20160504-openssl"
},
{
"trust": 1.2,
"url": "http://rhn.redhat.com/errata/rhsa-2016-0996.html"
},
{
"trust": 1.2,
"url": "http://rhn.redhat.com/errata/rhsa-2016-2957.html"
},
{
"trust": 1.2,
"url": "http://rhn.redhat.com/errata/rhsa-2016-2073.html"
},
{
"trust": 1.2,
"url": "http://rhn.redhat.com/errata/rhsa-2016-2056.html"
},
{
"trust": 1.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-2109"
},
{
"trust": 1.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-2106"
},
{
"trust": 1.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-2105"
},
{
"trust": 1.1,
"url": "https://kb.pulsesecure.net/articles/pulse_security_advisories/sa40202"
},
{
"trust": 1.1,
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=sb10160"
},
{
"trust": 1.1,
"url": "http://lists.apple.com/archives/security-announce/2016/jul/msg00000.html"
},
{
"trust": 1.1,
"url": "https://support.apple.com/ht206903"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/bid/91787"
},
{
"trust": 1.1,
"url": "http://rhn.redhat.com/errata/rhsa-2016-1650.html"
},
{
"trust": 1.1,
"url": "http://rhn.redhat.com/errata/rhsa-2016-1648.html"
},
{
"trust": 1.1,
"url": "http://rhn.redhat.com/errata/rhsa-2016-1649.html"
},
{
"trust": 1.1,
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html"
},
{
"trust": 1.1,
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
},
{
"trust": 1.1,
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c05320149"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/bid/89744"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00016.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00014.html"
},
{
"trust": 1.1,
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-may/184605.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00018.html"
},
{
"trust": 1.1,
"url": "https://www.freebsd.org/security/advisories/freebsd-sa-16:17.openssl.asc"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00010.html"
},
{
"trust": 1.1,
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-may/183457.html"
},
{
"trust": 1.1,
"url": "http://www.ubuntu.com/usn/usn-2959-1"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00036.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00015.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00017.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00001.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00013.html"
},
{
"trust": 1.1,
"url": "http://www.slackware.com/security/viewer.php?l=slackware-security\u0026y=2016\u0026m=slackware-security.542103"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00019.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00055.html"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1035721"
},
{
"trust": 1.1,
"url": "http://www.debian.org/security/2016/dsa-3566"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00030.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00011.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00008.html"
},
{
"trust": 1.1,
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-may/183607.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00029.html"
},
{
"trust": 1.1,
"url": "https://bto.bluecoat.com/security-advisory/sa123"
},
{
"trust": 1.1,
"url": "http://packetstormsecurity.com/files/136912/slackware-security-advisory-openssl-updates.html"
},
{
"trust": 1.1,
"url": "https://security.gentoo.org/glsa/201612-16"
},
{
"trust": 1.1,
"url": "http://kb.juniper.net/infocenter/index?page=content\u0026id=jsa10759"
},
{
"trust": 1.1,
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c05390722"
},
{
"trust": 1.1,
"url": "https://www.tenable.com/security/tns-2016-18"
},
{
"trust": 1.1,
"url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?doclocale=en_us\u0026docid=emr_na-hpesbhf03756en_us"
},
{
"trust": 1.1,
"url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?doclocale=en_us\u0026docid=emr_na-hpesbhf03765en_us"
},
{
"trust": 1.1,
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html"
},
{
"trust": 1.1,
"url": "https://security.netapp.com/advisory/ntap-20160504-0001/"
},
{
"trust": 1.1,
"url": "https://source.android.com/security/bulletin/pixel/2017-11-01"
},
{
"trust": 1.1,
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
},
{
"trust": 1.1,
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html"
},
{
"trust": 1.1,
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf"
},
{
"trust": 1.1,
"url": "https://git.openssl.org/?p=openssl.git%3ba=commit%3bh=3f3582139fbb259a1c3cbb0a25236500a409bf26"
},
{
"trust": 1.0,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-2108"
},
{
"trust": 1.0,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-2107"
},
{
"trust": 0.6,
"url": "https://access.redhat.com/security/cve/cve-2016-2109"
},
{
"trust": 0.6,
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"trust": 0.6,
"url": "https://access.redhat.com/security/cve/cve-2016-2106"
},
{
"trust": 0.6,
"url": "https://access.redhat.com/security/cve/cve-2016-2105"
},
{
"trust": 0.6,
"url": "https://access.redhat.com/security/team/contact/"
},
{
"trust": 0.6,
"url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.6,
"url": "https://bugzilla.redhat.com/):"
},
{
"trust": 0.6,
"url": "https://access.redhat.com/security/cve/cve-2016-2108"
},
{
"trust": 0.4,
"url": "https://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c05320149"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-2176"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/cve/cve-2016-2107"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0799"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/articles/11258"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/cve/cve-2016-2842"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/cve/cve-2016-0799"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/team/key/"
},
{
"trust": 0.3,
"url": "http://openssl.org/"
},
{
"trust": 0.3,
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1331536"
},
{
"trust": 0.3,
"url": "http://seclists.org/bugtraq/2016/may/25"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3t1023779"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3t1023814"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3t1024319"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3t1024507"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg2c1000158"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=nas8n1021361"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=nas8n1021376"
},
{
"trust": 0.3,
"url": "https://www.openssl.org/news/vulnerabilities.html"
},
{
"trust": 0.3,
"url": "https://securityadvisories.paloaltonetworks.com/home/detail/56?aspxautodetectcookiesupport=1"
},
{
"trust": 0.3,
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21987903"
},
{
"trust": 0.3,
"url": "https://support.asperasoft.com/hc/en-us/articles/229505687-security-bulletin-multiple-openssl-vulnerabilities-affect-ibm-aspera-shares-1-9-2-or-earlier-%20-ibm-aspera-console-3-0-6-or-earlier"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3t1024066"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21988007"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1s1009147"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21984323"
},
{
"trust": 0.3,
"url": "https://www-01.ibm.com/support/docview.wss?uid=swg21984483"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21984583"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21984609"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21984794"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21984920"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21984977"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21985736"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21986068"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21986123"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21986152"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21986260"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21986473"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21986506"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21986563"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21986564"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21986669"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21987671"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21987779"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21987968"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21988055"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21988071"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21988189"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21988350"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21988383"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21988976"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21989046"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21992493"
},
{
"trust": 0.3,
"url": "http://aix.software.ibm.com/aix/efixes/security/openssl_advisory20.asc"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-2842"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-3195"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2016-4459"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2015-3195"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/articles/2688611"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/solutions/222023"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-4459"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2015-4000"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-4000"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-3183"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2016-3110"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2015-3183"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-3110"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/jbossnetwork/restricted/listsoftware.html?product=appplatform\u0026downloadtype=securitypatches\u0026version=6.4"
},
{
"trust": 0.2,
"url": "http://www.hpe.com/support/security_bulletin_archive"
},
{
"trust": 0.2,
"url": "http://www.hpe.com/support/subscriber_choice"
},
{
"trust": 0.2,
"url": "https://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c01345499"
},
{
"trust": 0.2,
"url": "https://www.hpe.com/info/report-security-vulnerability"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-1836"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/189.html"
},
{
"trust": 0.1,
"url": "https://github.com/live-hack-cve/cve-2016-2106"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2016:2073"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://usn.ubuntu.com/2959-1/"
},
{
"trust": 0.1,
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-349-21"
},
{
"trust": 0.1,
"url": "http://tools.cisco.com/security/center/viewalert.x?alertid=49332"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0169"
},
{
"trust": 0.1,
"url": "https://www.openssl.org/policies/secpolicy.html"
},
{
"trust": 0.1,
"url": "https://www.openssl.org/policies/releasestrat.html),"
},
{
"trust": 0.1,
"url": "https://www.freebsd.org/handbook/makeworld.html\u003e."
},
{
"trust": 0.1,
"url": "https://security.freebsd.org/patches/sa-16:17/openssl-9.patch.asc"
},
{
"trust": 0.1,
"url": "https://security.freebsd.org/\u003e."
},
{
"trust": 0.1,
"url": "https://security.freebsd.org/patches/sa-16:17/openssl-9.patc"
},
{
"trust": 0.1,
"url": "https://security.freebsd.org/patches/sa-16:17/openssl-10.patch"
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-2105\u003e"
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-2106\u003e"
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-2176\u003e"
},
{
"trust": 0.1,
"url": "https://www.openssl.org/news/secadv/20160503.txt\u003e"
},
{
"trust": 0.1,
"url": "https://svnweb.freebsd.org/base?view=revision\u0026revision=nnnnnn\u003e"
},
{
"trust": 0.1,
"url": "https://security.freebsd.org/advisories/freebsd-sa-16:17.openssl.asc\u003e"
},
{
"trust": 0.1,
"url": "https://security.freebsd.org/patches/sa-16:17/openssl-10.patch.asc"
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-2109\u003e"
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-2107\u003e"
},
{
"trust": 0.1,
"url": "https://www.debian.org/security/faq"
},
{
"trust": 0.1,
"url": "https://www.debian.org/security/"
},
{
"trust": 0.1,
"url": "https://rhn.redhat.com/errata/rhsa-2016-2054.html"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/documentation/en-us/jboss_enterprise_application_platform/6.4/index.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-5387"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-4393"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-4396"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-4537"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-3739"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-4395"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-4542"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-4538"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-5385"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-4070"
},
{
"trust": 0.1,
"url": "https://www.hpe.com/us/en/product-catalog/detail/pip.344313.html\u003e"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-4072"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-4071"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-4343"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-4543"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-4541"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-4394"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-4539"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-4540"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-5388"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-4342"
},
{
"trust": 0.1,
"url": "https://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-hpesbhf03765en_us"
},
{
"trust": 0.1,
"url": "http://h20565.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-a00006123en_"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0718"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-4599"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-4601"
},
{
"trust": 0.1,
"url": "https://gpgtools.org"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-4449"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-4483"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-4600"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-1865"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-4597"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-4596"
},
{
"trust": 0.1,
"url": "http://www.apple.com/support/downloads/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-4447"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-1863"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-4582"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-4595"
},
{
"trust": 0.1,
"url": "https://www.apple.com/support/security/pgp/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-1864"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-9862"
},
{
"trust": 0.1,
"url": "http://support.apple.com/kb/ht201222"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-4607"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-4448"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-4598"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-1684"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-4602"
},
{
"trust": 0.1,
"url": "https://support.apple.com/kb/ht206900"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-4594"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/documentation/en/jboss-enterprise-application-platform/"
},
{
"trust": 0.1,
"url": "https://issues.jboss.org/):"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0705"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2015-3196"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-4448"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-3216"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0702"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0797"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2014-8176"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-6808"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-1835"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/documentation/en/red-hat-jboss-core-services-apache-http-server/version-2.4.23/apache-http-server-2423-release-notes/"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-3705"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-1838"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-3196"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-1839"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-3523"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-2177"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-4483"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2014-3523"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-8612"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-1148"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-1840"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0797"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-3185"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0705"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2015-3185"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2015-3194"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-1833"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/jbossnetwork/restricted/listsoftware.html?product=core.service.apachehttp\u0026downloadtype=distributions\u0026version=2.4.23"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-8176"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-1840"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-1836"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-1762"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-1835"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-4449"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2015-0286"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-1762"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-5420"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-2178"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-3194"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-0286"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-3627"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2012-1148"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-1837"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-1834"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-0209"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-1837"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-1839"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-5419"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2015-0209"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0702"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2015-3216"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-1838"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-1833"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-1834"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-4447"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-7141"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2016-2106"
},
{
"db": "BID",
"id": "89744"
},
{
"db": "PACKETSTORM",
"id": "169652"
},
{
"db": "PACKETSTORM",
"id": "136919"
},
{
"db": "PACKETSTORM",
"id": "136958"
},
{
"db": "PACKETSTORM",
"id": "136937"
},
{
"db": "PACKETSTORM",
"id": "136893"
},
{
"db": "PACKETSTORM",
"id": "139114"
},
{
"db": "PACKETSTORM",
"id": "139379"
},
{
"db": "PACKETSTORM",
"id": "143513"
},
{
"db": "PACKETSTORM",
"id": "139167"
},
{
"db": "PACKETSTORM",
"id": "137958"
},
{
"db": "PACKETSTORM",
"id": "139116"
},
{
"db": "PACKETSTORM",
"id": "140182"
},
{
"db": "NVD",
"id": "CVE-2016-2106"
}
]
},
"sources": {
"_id": null,
"data": [
{
"db": "VULMON",
"id": "CVE-2016-2106",
"ident": null
},
{
"db": "BID",
"id": "89744",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "169652",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "136919",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "136958",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "136937",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "136893",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "139114",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "139379",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "143513",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "139167",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "137958",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "139116",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "140182",
"ident": null
},
{
"db": "NVD",
"id": "CVE-2016-2106",
"ident": null
}
]
},
"sources_release_date": {
"_id": null,
"data": [
{
"date": "2016-05-05T00:00:00",
"db": "VULMON",
"id": "CVE-2016-2106",
"ident": null
},
{
"date": "2016-05-03T00:00:00",
"db": "BID",
"id": "89744",
"ident": null
},
{
"date": "2016-05-03T12:12:12",
"db": "PACKETSTORM",
"id": "169652",
"ident": null
},
{
"date": "2016-05-05T16:11:49",
"db": "PACKETSTORM",
"id": "136919",
"ident": null
},
{
"date": "2016-05-10T17:01:56",
"db": "PACKETSTORM",
"id": "136958",
"ident": null
},
{
"date": "2016-05-09T14:05:44",
"db": "PACKETSTORM",
"id": "136937",
"ident": null
},
{
"date": "2016-05-03T22:55:47",
"db": "PACKETSTORM",
"id": "136893",
"ident": null
},
{
"date": "2016-10-12T20:16:45",
"db": "PACKETSTORM",
"id": "139114",
"ident": null
},
{
"date": "2016-10-27T19:22:00",
"db": "PACKETSTORM",
"id": "139379",
"ident": null
},
{
"date": "2017-07-26T17:44:00",
"db": "PACKETSTORM",
"id": "143513",
"ident": null
},
{
"date": "2016-10-18T13:58:46",
"db": "PACKETSTORM",
"id": "139167",
"ident": null
},
{
"date": "2016-07-19T19:45:20",
"db": "PACKETSTORM",
"id": "137958",
"ident": null
},
{
"date": "2016-10-12T23:44:55",
"db": "PACKETSTORM",
"id": "139116",
"ident": null
},
{
"date": "2016-12-16T16:34:49",
"db": "PACKETSTORM",
"id": "140182",
"ident": null
},
{
"date": "2016-05-05T01:59:02.217000",
"db": "NVD",
"id": "CVE-2016-2106",
"ident": null
}
]
},
"sources_update_date": {
"_id": null,
"data": [
{
"date": "2023-11-07T00:00:00",
"db": "VULMON",
"id": "CVE-2016-2106",
"ident": null
},
{
"date": "2017-05-02T01:10:00",
"db": "BID",
"id": "89744",
"ident": null
},
{
"date": "2025-04-12T10:46:40.837000",
"db": "NVD",
"id": "CVE-2016-2106",
"ident": null
}
]
},
"threat_type": {
"_id": null,
"data": "network",
"sources": [
{
"db": "BID",
"id": "89744"
}
],
"trust": 0.3
},
"title": {
"_id": null,
"data": "OpenSSL CVE-2016-2106 Integer Overflow Vulnerability",
"sources": [
{
"db": "BID",
"id": "89744"
}
],
"trust": 0.3
},
"type": {
"_id": null,
"data": "Boundary Condition Error",
"sources": [
{
"db": "BID",
"id": "89744"
}
],
"trust": 0.3
}
}
VAR-201504-0147
Vulnerability from variot - Updated: 2026-04-10 23:26cURL and libcurl 7.10.6 through 7.41.0 does not properly re-use NTLM connections, which allows remote attackers to connect as other users via an unauthenticated request, a similar issue to CVE-2014-0015. cURL/libcURL is prone to a remote security-bypass vulnerability. An attacker can leverage this issue to bypass security restrictions and perform unauthorized actions. This may aid in further attacks. cURL/libcURL 7.10.6 through versions 7.41.0 are vulnerable. Both Haxx curl and libcurl are products of the Swedish company Haxx. curl is a set of file transfer tools that use URL syntax to work on the command line. libcurl is a free, open source client-side URL transfer library. ============================================================================ Ubuntu Security Notice USN-2591-1 April 30, 2015
curl vulnerabilities
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 15.04
- Ubuntu 14.10
- Ubuntu 14.04 LTS
- Ubuntu 12.04 LTS
Summary:
Several security issues were fixed in curl.
Software Description: - curl: HTTP, HTTPS, and FTP client and client libraries
Details:
Paras Sethia discovered that curl could incorrectly re-use NTLM HTTP credentials when subsequently connecting to the same host over HTTP. (CVE-2015-3143)
Hanno B=C3=B6ck discovered that curl incorrectly handled zero-length host names. If a user or automated system were tricked into using a specially crafted host name, an attacker could possibly use this issue to cause curl to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 14.10 and Ubuntu 15.04. If a user or automated system were tricked into parsing a specially crafted cookie, an attacker could possibly use this issue to cause curl to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 14.04 LTS, Ubuntu 14.10 and Ubuntu 15.04. (CVE-2015-3145)
Isaac Boukris discovered that when using Negotiate authenticated connections, curl could incorrectly authenticate the entire connection and not just specific HTTP requests. (CVE-2015-3148)
Yehezkel Horowitz and Oren Souroujon discovered that curl sent HTTP headers both to servers and proxies by default, contrary to expectations. This issue only affected Ubuntu 14.10 and Ubuntu 15.04. (CVE-2015-3153)
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 15.04: libcurl3 7.38.0-3ubuntu2.2 libcurl3-gnutls 7.38.0-3ubuntu2.2 libcurl3-nss 7.38.0-3ubuntu2.2
Ubuntu 14.10: libcurl3 7.37.1-1ubuntu3.4 libcurl3-gnutls 7.37.1-1ubuntu3.4 libcurl3-nss 7.37.1-1ubuntu3.4
Ubuntu 14.04 LTS: libcurl3 7.35.0-1ubuntu2.5 libcurl3-gnutls 7.35.0-1ubuntu2.5 libcurl3-nss 7.35.0-1ubuntu2.5
Ubuntu 12.04 LTS: libcurl3 7.22.0-3ubuntu4.14 libcurl3-gnutls 7.22.0-3ubuntu4.14 libcurl3-nss 7.22.0-3ubuntu4.14
In general, a standard system update will make all the necessary changes. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Note: the current version of the following document is available here: https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_n a-c04986859
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c04986859 Version: 1
HPSBHF03544 rev.1 - HPE iMC PLAT and other HP and H3C products using Comware 7 and cURL, Remote Unauthorized Access
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2016-02-19 Last Updated: 2016-02-19
Potential Security Impact: Remote Unauthorized Access
Source: Hewlett Packard Enterprise, Product Security Response Team
VULNERABILITY SUMMARY Potential security vulnerabilities in cURL and libcurl have been addressed with HPE iMC PLAT and other HP and H3C products using Comware 7. The vulnerabilities could be exploited remotely resulting in unauthorized access.
References:
- CVE-2015-3143
- CVE-2015-3148
- SSRT102110
- PSRT110028
SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. Please refer to the RESOLUTION below for a list of impacted products.
Note: all product versions are impacted prior to the fixed versions listed.
BACKGROUND
CVSS 2.0 Base Metrics
Reference Base Vector Base Score CVE-2015-3143 (AV:N/AC:L/Au:N/C:N/I:P/A:N) 5.0 CVE-2015-3148 (AV:N/AC:L/Au:N/C:N/I:P/A:N) 5.0 =========================================================== Information on CVSS is documented in HP Customer Notice: HPSN-2008-002
RESOLUTION HPE has released the following software updates to resolve the vulnerabilities in Comware 7 and iMC Plat.
COMWARE 7 Products
- 12500 (Comware 7) R7375
- HP Network Products
- JC085A HP A12518 Switch Chassis
- JC086A HP A12508 Switch Chassis
- JC652A HP 12508 DC Switch Chassis
- JC653A HP 12518 DC Switch Chassis
- JC654A HP 12504 AC Switch Chassis
- JC655A HP 12504 DC Switch Chassis
- JF430A HP A12518 Switch Chassis
- JF430B HP 12518 Switch Chassis
- JF430C HP 12518 AC Switch Chassis
- JF431A HP A12508 Switch Chassis
- JF431B HP 12508 Switch Chassis
- JF431C HP 12508 AC Switch Chassis
- JC072B HP 12500 Main Processing Unit
- JG497A HP 12500 MPU w/Comware V7 OS
- JG782A HP FF 12508E AC Switch Chassis
- JG783A HP FF 12508E DC Switch Chassis
- JG784A HP FF 12518E AC Switch Chassis
- JG785A HP FF 12518E DC Switch Chassis
- JG802A HP FF 12500E MPU
- JG836A HP FlexFabric 12518E AC Switch TAA-compliant Chassis
- JG834A HP FlexFabric 12508E AC Switch TAA-compliant Chassis
- JG835A HP FlexFabric 12508E DC Switch TAA-compliant Chassis
- JG837A HP FlexFabric 12518E DC Switch TAA-compliant Chassis
- JG803A HP FlexFabric 12500E TAA-compliant Main Processing Unit
- JG796A HP FlexFabric 12500 48-port 10GbE SFP+ FD Module
- JG790A HP FlexFabric 12500 16-port 40GbE QSFP+ FD Module
- JG794A HP FlexFabric 12500 40-port 10GbE SFP+ FG Module
- JG792A HP FlexFabric 12500 40-port 10GbE SFP+ FD Module
- JG788A HP FlexFabric 12500 4-port 100GbE CFP FG Module
- JG786A HP FlexFabric 12500 4-port 100GbE CFP FD Module
- JG797A HP FlexFabric 12500 48-port 10GbE SFP+ FD TAA-compliant Module
- JG791A HP FlexFabric 12500 16-port 40GbE QSFP+ FD TAA-compliant Module
- JG795A HP FlexFabric 12500 40-port 10GbE SFP+ FG TAA-compliant Module
- JG793A HP FlexFabric 12500 40-port 10GbE SFP+ FD TAA-compliant Module
- JG789A HP FlexFabric 12500 4-port 100GbE CFP FG TAA-compliant Module
- JG787A HP FlexFabric 12500 4-port 100GbE CFP FD TAA-compliant Module
- JG798A HP FlexFabric 12508E Fabric Module
- H3C Products
- H3C S12508 Routing Switch (AC-1) (0235A0GE)
- H3C S12518 Routing Switch (AC-1) (0235A0GF)
- H3C S12508 Chassis (0235A0E6)
- H3C S12508 Chassis (0235A38N)
- H3C S12518 Chassis (0235A0E7)
- H3C S12518 Chassis (0235A38M)
- H3C 12508 DC Switch Chassis (0235A38L)
- H3C 12518 DC Switch Chassis (0235A38K)
- 10500 (Comware 7) R7168
- HP Network Products
- JC611A HP 10508-V Switch Chassis
- JC612A HP 10508 Switch Chassis
- JC613A HP 10504 Switch Chassis
- JC748A HP 10512 Switch Chassis
- JG820A HP 10504 TAA Switch Chassis
- JG821A HP 10508 TAA Switch Chassis
- JG822A HP 10508-V TAA Switch Chassis
- JG823A HP 10512 TAA Switch Chassis
- JG496A HP 10500 Type A MPU w/Comware v7 OS
- JH198A HP 10500 Type D Main Processing Unit with Comware v7 Operating System
- JH191A HP 10500 44-port GbE(SFP,LC)/ 4-port 10GbE SFP+ (SFP+,LC) SE Module
- JH192A HP 10500 48-port Gig-T (RJ45) SE Module
- JH193A HP 10500 16-port 10GbE SFP+ (SFP+,LC) SF Module
- JH194A HP 10500 24-port 10GbE SFP+ (SFP+,LC) EC Module
- JH195A HP 10500 6-port 40GbE QSFP+ EC Module
- JH196A HP 10500 2-port 100GbE CFP EC Module
- JH197A HP 10500 48-port 10GbE SFP+ (SFP+,LC) SG Module
- 12900 (Comware 7) R1137
- HP Network Products
- JG619A HP FlexFabric 12910 Switch AC Chassis
- JG621A HP FlexFabric 12910 Main Processing Unit
- JG632A HP FlexFabric 12916 Switch AC Chassis
- JG634A HP FlexFabric 12916 Main Processing Unit
- JH104A HP FlexFabric 12900E Main Processing Unit
- JH114A HP FlexFabric 12910 TAA-compliant Main Processing Unit
- JH263A HP FlexFabric 12904E Main Processing Unit
- JH255A HP FlexFabric 12908E Switch Chassis
- JH262A HP FlexFabric 12904E Switch Chassis
- JH113A HP FlexFabric 12910 TAA-compliant Switch AC Chassis
- JH103A HP FlexFabric 12916E Switch Chassis
- 5900 (Comware 7) R2422P01
- HP Network Products
- JC772A HP 5900AF-48XG-4QSFP+ Switch
- JG336A HP 5900AF-48XGT-4QSFP+ Switch
- JG510A HP 5900AF-48G-4XG-2QSFP+ Switch
- JG554A HP 5900AF-48XG-4QSFP+ TAA Switch
- JG838A HP FF 5900CP-48XG-4QSFP+ Switch
- JH036A HP FlexFabric 5900CP 48XG 4QSFP+ TAA-Compliant
- JH037A HP 5900AF 48XGT 4QSFP+ TAA-Compliant Switch
- JH038A HP 5900AF 48G 4XG 2QSFP+ TAA-Compliant
- 5920 (Comware 7) R2422P01
- HP Network Products
- JG296A HP 5920AF-24XG Switch
- JG555A HP 5920AF-24XG TAA Switch
- MSR1000 (Comware 7) R0304P04
- HP Network Products
- JG875A HP MSR1002-4 AC Router
- JH060A HP MSR1003-8S AC Router
- MSR2000 (Comware 7) R0304P04
- HP Network Products
- JG411A HP MSR2003 AC Router
- JG734A HP MSR2004-24 AC Router
- JG735A HP MSR2004-48 Router
- JG866A HP MSR2003 TAA-compliant AC Router
- MSR3000 (Comware 7) R0304P04
- HP Network Products
- JG404A HP MSR3064 Router
- JG405A HP MSR3044 Router
- JG406A HP MSR3024 AC Router
- JG407A HP MSR3024 DC Router
- JG408A HP MSR3024 PoE Router
- JG409A HP MSR3012 AC Router
- JG410A HP MSR3012 DC Router
- JG861A HP MSR3024 TAA-compliant AC Router
- MSR4000 (Comware 7) R0304P04
- HP Network Products
- JG402A HP MSR4080 Router Chassis
- JG403A HP MSR4060 Router Chassis
- JG412A HP MSR4000 MPU-100 Main Processing Unit
- JG869A HP MSR4000 TAA-compliant MPU-100 Main Processing Unit
- VSR (Comware 7) E0321
- HP Network Products
- JG810AAE HP VSR1001 Virtual Services Router 60 Day Evaluation Software
- JG811AAE HP VSR1001 Comware 7 Virtual Services Router
- JG812AAE HP VSR1004 Comware 7 Virtual Services Router
- JG813AAE HP VSR1008 Comware 7 Virtual Services Router
- 7900 (Comware 7) R2137
- HP Network Products
- JG682A HP FlexFabric 7904 Switch Chassis
- JG841A HP FlexFabric 7910 Switch Chassis
- JG842A HP FlexFabric 7910 7.2Tbps Fabric / Main Processing Unit
- JH001A HP FlexFabric 7910 2.4Tbps Fabric / Main Processing Unit
- JH122A HP FlexFabric 7904 TAA-compliant Switch Chassis
- JH123A HP FlexFabric 7910 TAA-compliant Switch Chassis
- JH124A HP FlexFabric 7910 7.2Tbps TAA-compliant Fabric/Main Processing Unit
- JH125A HP FlexFabric 7910 2.4Tbps TAA-compliant Fabric/Main Processing Unit
- 5130 (Comware 7) R3109P09
- HP Network Products
- JG932A HP 5130-24G-4SFP+ EI Switch
- JG933A HP 5130-24G-SFP-4SFP+ EI Switch
- JG934A HP 5130-48G-4SFP+ EI Switch
- JG936A HP 5130-24G-PoE+-4SFP+ (370W) EI Switch
- JG937A HP 5130-48G-PoE+-4SFP+ (370W) EI Switch
- JG975A HP 5130-24G-4SFP+ EI Brazil Switch
- JG976A HP 5130-48G-4SFP+ EI Brazil Switch
- JG977A HP 5130-24G-PoE+-4SFP+ (370W) EI Brazil Switch
- JG978A HP 5130-48G-PoE+-4SFP+ (370W) EI Brazil Switch
- JG938A HP 5130-24G-2SFP+-2XGT EI Switch
- JG939A HP 5130-48G-2SFP+-2XGT EI Switch
- JG940A HP 5130-24G-PoE+-2SFP+-2XGT (370W) EI Switch
- JG941A HP 5130-48G-PoE+-2SFP+-2XGT (370W) EI Switch
- 5700 (Comware 7) R2422P01
- HP Network Products
- JG894A HP FlexFabric 5700-48G-4XG-2QSFP+ Switch
- JG895A HP FlexFabric 5700-48G-4XG-2QSFP+ TAA-compliant Switch
- JG896A HP FlexFabric 5700-40XG-2QSFP+ Switch
- JG897A HP FlexFabric 5700-40XG-2QSFP+ TAA-compliant Switch
- JG898A HP FlexFabric 5700-32XGT-8XG-2QSFP+ Switch
- JG899A HP FlexFabric 5700-32XGT-8XG-2QSFP+ TAA-compliant Switch
- 5930 (Comware 7) R2422P01
- HP Network Products
- JG726A HP FlexFabric 5930 32QSFP+ Switch
- JG727A HP FlexFabric 5930 32QSFP+ TAA-compliant Switch
- JH178A HP FlexFabric 5930 2QSFP+ 2-slot Switch
- JH179A HP FlexFabric 5930 4-slot Switch
- JH187A HP FlexFabric 5930 2QSFP+ 2-slot TAA-compliant Switch
- JH188A HP FlexFabric 5930 4-slot TAA-compliant Switch
- HSR6602 (Comware 7) R7103P05
- HP Network Products
- JG353A HP HSR6602-G Router
- JG354A HP HSR6602-XG Router
- JG776A HP HSR6602-G TAA-compliant Router
- JG777A HP HSR6602-XG TAA-compliant Router
- HSR6800 (Comware 7) R7103P05
- HP Network Products
- JG361A HP HSR6802 Router Chassis
- JG361B HP HSR6802 Router Chassis
- JG362A HP HSR6804 Router Chassis
- JG362B HP HSR6804 Router Chassis
- JG363A HP HSR6808 Router Chassis
- JG363B HP HSR6808 Router Chassis
- JG364A HP HSR6800 RSE-X2 Router Main Processing Unit
- JG779A HP HSR6800 RSE-X2 Router TAA-compliant Main Processing Unit
- JH075A) HP HSR6800 RSE-X3 Router Main Processing Unit
- 1950 R3109P09
- HP Network Products
- JG960A HP 1950-24G-4XG Switch
- JG961A HP 1950-48G-2SFP+-2XGT Switch
- JG962A HP 1950-24G-2SFP+-2XGT-PoE+(370W) Switch
- JG963A HP 1950-48G-2SFP+-2XGT-PoE+(370W) Switch
iMC
- iMC Plat iMC Plat 7.1 (E0303P13)
- HP Network Products
- JD125A HP IMC Std S/W Platform w/100-node
- JD126A HP IMC Ent S/W Platform w/100-node
- JD808A HP IMC Ent Platform w/100-node License
- JD814A HP A-IMC Enterprise Edition Software DVD Media
- JD815A HP IMC Std Platform w/100-node License
- JD816A HP A-IMC Standard Edition Software DVD Media
- JF288AAE HP Network Director to Intelligent Management Center Upgrade E-LTU
- JF289AAE HP Enterprise Management System to Intelligent Management Center Upgrade E-LTU
- JF377A HP IMC Std S/W Platform w/100-node Lic
- JF377AAE HP IMC Std S/W Pltfrm w/100-node E-LTU
- JF378A HP IMC Ent S/W Platform w/200-node Lic
- JF378AAE HP IMC Ent S/W Pltfrm w/200-node E-LTU
- JG546AAE HP IMC Basic SW Platform w/50-node E-LTU
- JG548AAE HP PCM+ to IMC Bsc Upgr w/50-node E-LTU
- JG549AAE HP PCM+ to IMC Std Upgr w/200-node E-LTU
- JG550AAE HP PMM to IMC Bsc WLM Upgr w/150AP E-LTU
- JG590AAE HP IMC Bsc WLAN Mgr SW Pltfm 50 AP E-LTU
- JG659AAE HP IMC Smart Connect VAE E-LTU
- JG660AAE HP IMC Smart Connect w/WLM VAE E-LTU
- JG747AAE HP IMC Std SW Plat w/ 50 Nodes E-LTU
- JG748AAE HP IMC Ent SW Plat w/ 50 Nodes E-LTU
- JG766AAE HP IMC SmCnct Vrtl Applnc SW E-LTU
- JG767AAE HP IMC SmCnct WSM Vrtl Applnc SW E-LTU
- JG768AAE HP PCM+ to IMC Std Upg w/ 200-node E-LTU
HISTORY Version:1 (rev.1) - 19 February 2016 Initial release
Third Party Security Patches: Third party security patches that are to be installed on systems running Hewlett Packard Enterprise (HPE) software products should be applied in accordance with the customer's patch management policy.
Support: For issues about implementing the recommendations of this Security Bulletin, contact normal HPE Services support channel. For other issues about the content of this Security Bulletin, send e-mail to security-alert@hpe.com.
Report: To report a potential security vulnerability with any HPE supported product, send Email to: security-alert@hpe.com
Subscribe: To initiate a subscription to receive future HPE Security Bulletin alerts via Email: http://www.hpe.com/support/Subscriber_Choice
Security Bulletin Archive: A list of recently released Security Bulletins is available here: http://www.hpe.com/support/Security_Bulletin_Archive
Software Product Category: The Software Product Category is represented in the title by the two characters following HPSB.
3C = 3COM 3P = 3rd Party Software GN = HPE General Software HF = HPE Hardware and Firmware MU = Multi-Platform Software NS = NonStop Servers OV = OpenVMS PV = ProCurve ST = Storage Software UX = HP-UX
Copyright 2016 Hewlett Packard Enterprise
Hewlett Packard Enterprise shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett Packard Enterprise and the names of Hewlett Packard Enterprise products referenced herein are trademarks of Hewlett Packard Enterprise in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. 7) - x86_64
-
(BZ#1154060)
-
TLS 1.1 and TLS 1.2 are no longer disabled by default in libcurl. (BZ#1170339)
-
FTP operations such as downloading files took a significantly long time to complete. Now, the FTP implementation in libcurl correctly sets blocking direction and estimated timeout for connections, resulting in faster FTP transfers. (BZ#1066065)
-
The libcurl library did not implement a non-blocking SSL handshake, which negatively affected performance of applications based on the libcurl multi API. The non-blocking SSL handshake has been implemented in libcurl, and the libcurl multi API now immediately returns the control back to the application whenever it cannot read or write data from or to the underlying network socket. (BZ#1091429)
-
The libcurl library used an unnecessarily long blocking delay for actions with no active file descriptors, even for short operations. Some actions, such as resolving a host name using /etc/hosts, took a long time to complete. The blocking code in libcurl has been modified so that the initial delay is short and gradually increases until an event occurs.
Here are the details from the Slackware 14.1 ChangeLog: +--------------------------+ patches/packages/curl-7.45.0-i486-1_slack14.1.txz: Upgraded. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3143 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3144 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3145 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3148 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3236 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3237 ( Security fix ) +--------------------------+
Where to find the new packages: +-----------------------------+
Thanks to the friendly folks at the OSU Open Source Lab (http://osuosl.org) for donating FTP and rsync hosting to the Slackware project! :-)
Also see the "Get Slack" section on http://slackware.com for additional mirror sites near you.
Updated package for Slackware 13.0: ftp://ftp.slackware.com/pub/slackware/slackware-13.0/patches/packages/curl-7.45.0-i486-1_slack13.0.txz
Updated package for Slackware x86_64 13.0: ftp://ftp.slackware.com/pub/slackware/slackware64-13.0/patches/packages/curl-7.45.0-x86_64-1_slack13.0.txz
Updated package for Slackware 13.1: ftp://ftp.slackware.com/pub/slackware/slackware-13.1/patches/packages/curl-7.45.0-i486-1_slack13.1.txz
Updated package for Slackware x86_64 13.1: ftp://ftp.slackware.com/pub/slackware/slackware64-13.1/patches/packages/curl-7.45.0-x86_64-1_slack13.1.txz
Updated package for Slackware 13.37: ftp://ftp.slackware.com/pub/slackware/slackware-13.37/patches/packages/curl-7.45.0-i486-1_slack13.37.txz
Updated package for Slackware x86_64 13.37: ftp://ftp.slackware.com/pub/slackware/slackware64-13.37/patches/packages/curl-7.45.0-x86_64-1_slack13.37.txz
Updated package for Slackware 14.0: ftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/curl-7.45.0-i486-1_slack14.0.txz
Updated package for Slackware x86_64 14.0: ftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/curl-7.45.0-x86_64-1_slack14.0.txz
Updated package for Slackware 14.1: ftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/curl-7.45.0-i486-1_slack14.1.txz
Updated package for Slackware x86_64 14.1: ftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/curl-7.45.0-x86_64-1_slack14.1.txz
Updated package for Slackware -current: ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/curl-7.45.0-i586-1.txz
Updated package for Slackware x86_64 -current: ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/curl-7.45.0-x86_64-1.txz
MD5 signatures: +-------------+
Slackware 13.0 package: e9307566f43c3c12ac72f12cea688741 curl-7.45.0-i486-1_slack13.0.txz
Slackware x86_64 13.0 package: 5fe5a7733ce969f8f468c6b03cf6b1f7 curl-7.45.0-x86_64-1_slack13.0.txz
Slackware 13.1 package: 9d3d5ccbae7284c84c4667885bf9fd0d curl-7.45.0-i486-1_slack13.1.txz
Slackware x86_64 13.1 package: 7e7f04d3de8d34b8b082729ceaa53ba9 curl-7.45.0-x86_64-1_slack13.1.txz
Slackware 13.37 package: 00bd418a8607ea74d1986c08d5358052 curl-7.45.0-i486-1_slack13.37.txz
Slackware x86_64 13.37 package: 23e7da7ab6846fed5d18b5f5399ac400 curl-7.45.0-x86_64-1_slack13.37.txz
Slackware 14.0 package: 76f010b92c755f16f19840723d845e21 curl-7.45.0-i486-1_slack14.0.txz
Slackware x86_64 14.0 package: daf0b67147a50e44d89f8852632fcdf7 curl-7.45.0-x86_64-1_slack14.0.txz
Slackware 14.1 package: 8c2a5796d4a4ce840a767423667eb97b curl-7.45.0-i486-1_slack14.1.txz
Slackware x86_64 14.1 package: 763157115101b63867217707ff4a9021 curl-7.45.0-x86_64-1_slack14.1.txz
Slackware -current package: 0c2d192aff4af6f74281a1d724d31ce3 n/curl-7.45.0-i586-1.txz
Slackware x86_64 -current package: 4791e2bb2afd43ec0642d94e22259e81 n/curl-7.45.0-x86_64-1.txz
Installation instructions: +------------------------+
Upgrade the package as root:
upgradepkg curl-7.45.0-i486-1_slack14.1.txz
+-----+
Slackware Linux Security Team http://slackware.com/gpg-key security@slackware.com
+------------------------------------------------------------------------+ | To leave the slackware-security mailing list: | +------------------------------------------------------------------------+ | Send an email to majordomo@slackware.com with this text in the body of | | the email message: | | | | unsubscribe slackware-security | | | | You will get a confirmation message back containing instructions to | | complete the process. Please do not reply to this email address. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
===================================================================== Red Hat Security Advisory
Synopsis: Moderate: curl security, bug fix, and enhancement update Advisory ID: RHSA-2015:1254-02 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2015-1254.html Issue date: 2015-07-22 Updated on: 2014-12-15 CVE Names: CVE-2014-3613 CVE-2014-3707 CVE-2014-8150 CVE-2015-3143 CVE-2015-3148 =====================================================================
- Summary:
Updated curl packages that fix multiple security issues, several bugs, and add two enhancements are now available for Red Hat Enterprise Linux 6.
Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.
- Relevant releases/architectures:
Red Hat Enterprise Linux Desktop (v. 6) - i386, x86_64 Red Hat Enterprise Linux Desktop Optional (v. 6) - i386, x86_64 Red Hat Enterprise Linux HPC Node (v. 6) - x86_64 Red Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64 Red Hat Enterprise Linux Server (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 6) - i386, x86_64
- Description:
The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP.
It was found that the libcurl library did not correctly handle partial literal IP addresses when parsing received HTTP cookies. An attacker able to trick a user into connecting to a malicious server could use this flaw to set the user's cookie to a crafted domain, making other cookie-related issues easier to exploit. (CVE-2014-3613)
A flaw was found in the way the libcurl library performed the duplication of connection handles. If an application set the CURLOPT_COPYPOSTFIELDS option for a handle, using the handle's duplicate could cause the application to crash or disclose a portion of its memory. (CVE-2014-3707)
It was discovered that the libcurl library failed to properly handle URLs with embedded end-of-line characters. An attacker able to make an application using libcurl to access a specially crafted URL via an HTTP proxy could use this flaw to inject additional headers to the request or construct additional requests. (CVE-2014-8150)
It was discovered that libcurl implemented aspects of the NTLM and Negotatiate authentication incorrectly. If an application uses libcurl and the affected mechanisms in a specifc way, certain requests to a previously NTLM-authenticated server could appears as sent by the wrong authenticated user. Additionally, the initial set of credentials for HTTP Negotiate-authenticated requests could be reused in subsequent requests, although a different set of credentials was specified. (CVE-2015-3143, CVE-2015-3148)
Red Hat would like to thank the cURL project for reporting these issues.
Bug fixes:
-
An out-of-protocol fallback to SSL version 3.0 (SSLv3.0) was available with libcurl. Attackers could abuse the fallback to force downgrade of the SSL version. The fallback has been removed from libcurl. Users requiring this functionality can explicitly enable SSLv3.0 through the libcurl API. (BZ#1154059)
-
A single upload transfer through the FILE protocol opened the destination file twice. If the inotify kernel subsystem monitored the file, two events were produced unnecessarily. The file is now opened only once per upload. (BZ#883002)
-
Utilities using libcurl for SCP/SFTP transfers could terminate unexpectedly when the system was running in FIPS mode. (BZ#1008178)
-
Using the "--retry" option with the curl utility could cause curl to terminate unexpectedly with a segmentation fault. Now, adding "--retry" no longer causes curl to crash. (BZ#1009455)
-
The "curl --trace-time" command did not use the correct local time when printing timestamps. Now, "curl --trace-time" works as expected. (BZ#1120196)
-
The valgrind utility could report dynamically allocated memory leaks on curl exit. Now, curl performs a global shutdown of the NetScape Portable Runtime (NSPR) library on exit, and valgrind no longer reports the memory leaks. (BZ#1146528)
-
Previously, libcurl returned an incorrect value of the CURLINFO_HEADER_SIZE field when a proxy server appended its own headers to the HTTP response. Now, the returned value is valid. (BZ#1161163)
Enhancements:
-
The "--tlsv1.0", "--tlsv1.1", and "--tlsv1.2" options are available for specifying the minor version of the TLS protocol to be negotiated by NSS. The "--tlsv1" option now negotiates the highest version of the TLS protocol supported by both the client and the server. (BZ#1012136)
-
It is now possible to explicitly enable or disable the ECC and the new AES cipher suites to be used for TLS. (BZ#1058767, BZ#1156422)
All curl users are advised to upgrade to these updated packages, which contain backported patches to correct these issues and add these enhancements.
- Solution:
Before applying this update, make sure all previously released errata relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
- Bugs fixed (https://bugzilla.redhat.com/):
835898 - Bug in DNS cache causes connections until restart of libcurl-using processes 883002 - curl used with file:// protocol opens and closes a destination file twice 997185 - sendrecv.c example incorrect type for sockfd 1008178 - curl scp download fails in fips mode 1011083 - CA certificate cannot be specified by nickname [documentation bug] 1011101 - manpage typos found using aspell 1058767 - curl does not support ECDSA certificates 1104160 - Link in curl man page is wrong 1136154 - CVE-2014-3613 curl: incorrect handling of IP addresses in cookie domain 1154059 - curl: Disable out-of-protocol fallback to SSL 3.0 1154747 - NTLM: ignore CURLOPT_FORBID_REUSE during NTLM HTTP auth 1154941 - CVE-2014-3707 curl: incorrect handle duplication after COPYPOSTFIELDS 1156422 - curl does not allow explicit control of DHE ciphers 1161163 - Response headers added by proxy servers missing in CURLINFO_HEADER_SIZE 1168137 - curl closes connection after HEAD request fails 1178692 - CVE-2014-8150 curl: URL request injection vulnerability in parseurlandfillconn() 1213306 - CVE-2015-3143 curl: re-using authenticated connection when unauthenticated 1213351 - CVE-2015-3148 curl: Negotiate not treated as connection-oriented
- Package List:
Red Hat Enterprise Linux Desktop (v. 6):
Source: curl-7.19.7-46.el6.src.rpm
i386: curl-7.19.7-46.el6.i686.rpm curl-debuginfo-7.19.7-46.el6.i686.rpm libcurl-7.19.7-46.el6.i686.rpm
x86_64: curl-7.19.7-46.el6.x86_64.rpm curl-debuginfo-7.19.7-46.el6.i686.rpm curl-debuginfo-7.19.7-46.el6.x86_64.rpm libcurl-7.19.7-46.el6.i686.rpm libcurl-7.19.7-46.el6.x86_64.rpm
Red Hat Enterprise Linux Desktop Optional (v. 6):
i386: curl-debuginfo-7.19.7-46.el6.i686.rpm libcurl-devel-7.19.7-46.el6.i686.rpm
x86_64: curl-debuginfo-7.19.7-46.el6.i686.rpm curl-debuginfo-7.19.7-46.el6.x86_64.rpm libcurl-devel-7.19.7-46.el6.i686.rpm libcurl-devel-7.19.7-46.el6.x86_64.rpm
Red Hat Enterprise Linux HPC Node (v. 6):
Source: curl-7.19.7-46.el6.src.rpm
x86_64: curl-7.19.7-46.el6.x86_64.rpm curl-debuginfo-7.19.7-46.el6.i686.rpm curl-debuginfo-7.19.7-46.el6.x86_64.rpm libcurl-7.19.7-46.el6.i686.rpm libcurl-7.19.7-46.el6.x86_64.rpm
Red Hat Enterprise Linux HPC Node Optional (v. 6):
x86_64: curl-debuginfo-7.19.7-46.el6.i686.rpm curl-debuginfo-7.19.7-46.el6.x86_64.rpm libcurl-devel-7.19.7-46.el6.i686.rpm libcurl-devel-7.19.7-46.el6.x86_64.rpm
Red Hat Enterprise Linux Server (v. 6):
Source: curl-7.19.7-46.el6.src.rpm
i386: curl-7.19.7-46.el6.i686.rpm curl-debuginfo-7.19.7-46.el6.i686.rpm libcurl-7.19.7-46.el6.i686.rpm libcurl-devel-7.19.7-46.el6.i686.rpm
ppc64: curl-7.19.7-46.el6.ppc64.rpm curl-debuginfo-7.19.7-46.el6.ppc.rpm curl-debuginfo-7.19.7-46.el6.ppc64.rpm libcurl-7.19.7-46.el6.ppc.rpm libcurl-7.19.7-46.el6.ppc64.rpm libcurl-devel-7.19.7-46.el6.ppc.rpm libcurl-devel-7.19.7-46.el6.ppc64.rpm
s390x: curl-7.19.7-46.el6.s390x.rpm curl-debuginfo-7.19.7-46.el6.s390.rpm curl-debuginfo-7.19.7-46.el6.s390x.rpm libcurl-7.19.7-46.el6.s390.rpm libcurl-7.19.7-46.el6.s390x.rpm libcurl-devel-7.19.7-46.el6.s390.rpm libcurl-devel-7.19.7-46.el6.s390x.rpm
x86_64: curl-7.19.7-46.el6.x86_64.rpm curl-debuginfo-7.19.7-46.el6.i686.rpm curl-debuginfo-7.19.7-46.el6.x86_64.rpm libcurl-7.19.7-46.el6.i686.rpm libcurl-7.19.7-46.el6.x86_64.rpm libcurl-devel-7.19.7-46.el6.i686.rpm libcurl-devel-7.19.7-46.el6.x86_64.rpm
Red Hat Enterprise Linux Workstation (v. 6):
Source: curl-7.19.7-46.el6.src.rpm
i386: curl-7.19.7-46.el6.i686.rpm curl-debuginfo-7.19.7-46.el6.i686.rpm libcurl-7.19.7-46.el6.i686.rpm libcurl-devel-7.19.7-46.el6.i686.rpm
x86_64: curl-7.19.7-46.el6.x86_64.rpm curl-debuginfo-7.19.7-46.el6.i686.rpm curl-debuginfo-7.19.7-46.el6.x86_64.rpm libcurl-7.19.7-46.el6.i686.rpm libcurl-7.19.7-46.el6.x86_64.rpm libcurl-devel-7.19.7-46.el6.i686.rpm libcurl-devel-7.19.7-46.el6.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/
- References:
https://access.redhat.com/security/cve/CVE-2014-3613 https://access.redhat.com/security/cve/CVE-2014-3707 https://access.redhat.com/security/cve/CVE-2014-8150 https://access.redhat.com/security/cve/CVE-2015-3143 https://access.redhat.com/security/cve/CVE-2015-3148 https://access.redhat.com/security/updates/classification/#moderate
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2014 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iD8DBQFVrzSJXlSAg2UNWIIRAnEiAJ9xqOogsAzooomZ4VeMgA+gUwEuTwCfTzMn emWApg/iYw5vIs3rWoqmU7A= =p+Xb -----END PGP SIGNATURE-----
-- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce .
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3143 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3148 http://advisories.mageia.org/MGASA-2015-0179.html
Updated Packages:
Mandriva Business Server 1/X86_64: fd3f4894f5c5215c29b84d70f2c6ada2 mbs1/x86_64/curl-7.24.0-3.9.mbs1.x86_64.rpm a00d0747b4d6ae22475948119a42efc4 mbs1/x86_64/curl-examples-7.24.0-3.9.mbs1.x86_64.rpm d5291ae320dd5766e4b981ff66b36e19 mbs1/x86_64/lib64curl4-7.24.0-3.9.mbs1.x86_64.rpm 62d5295190433ca4ff7d2cda746d6b16 mbs1/x86_64/lib64curl-devel-7.24.0-3.9.mbs1.x86_64.rpm 5bcf6538291f947870a9ccfe62c9ea6d mbs1/SRPMS/curl-7.24.0-3.9.mbs1.src.rpm
To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. You can obtain the GPG public key of the Mandriva Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandriva Linux at:
http://www.mandriva.com/en/support/security/advisories/
If you want to report vulnerabilities, please contact
security_(at)_mandriva.com
Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux)
iD8DBQFVRx8emqjQ0CJFipgRAsfvAJ9Sn2C56m2GSJfYRC+l1x9iUmoePwCeOcgv C0vndeaT5lGPwsIYy65q4r4= =GbzX -----END PGP SIGNATURE-----
Show details on source website{
"affected_products": {
"_id": null,
"data": [
{
"_id": null,
"model": "libcurl",
"scope": "eq",
"trust": 1.6,
"vendor": "haxx",
"version": "7.34.0"
},
{
"_id": null,
"model": "libcurl",
"scope": "eq",
"trust": 1.6,
"vendor": "haxx",
"version": "7.27.0"
},
{
"_id": null,
"model": "libcurl",
"scope": "eq",
"trust": 1.6,
"vendor": "haxx",
"version": "7.31.0"
},
{
"_id": null,
"model": "libcurl",
"scope": "eq",
"trust": 1.6,
"vendor": "haxx",
"version": "7.29.0"
},
{
"_id": null,
"model": "libcurl",
"scope": "eq",
"trust": 1.6,
"vendor": "haxx",
"version": "7.28.1"
},
{
"_id": null,
"model": "libcurl",
"scope": "eq",
"trust": 1.6,
"vendor": "haxx",
"version": "7.28.0"
},
{
"_id": null,
"model": "libcurl",
"scope": "eq",
"trust": 1.6,
"vendor": "haxx",
"version": "7.35.0"
},
{
"_id": null,
"model": "libcurl",
"scope": "eq",
"trust": 1.6,
"vendor": "haxx",
"version": "7.32.0"
},
{
"_id": null,
"model": "libcurl",
"scope": "eq",
"trust": 1.6,
"vendor": "haxx",
"version": "7.30.0"
},
{
"_id": null,
"model": "libcurl",
"scope": "eq",
"trust": 1.6,
"vendor": "haxx",
"version": "7.33.0"
},
{
"_id": null,
"model": "curl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.10.8"
},
{
"_id": null,
"model": "libcurl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.19.4"
},
{
"_id": null,
"model": "libcurl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.10.8"
},
{
"_id": null,
"model": "curl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.16.3"
},
{
"_id": null,
"model": "curl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.21.5"
},
{
"_id": null,
"model": "libcurl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.16.3"
},
{
"_id": null,
"model": "mac os x",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.10.0"
},
{
"_id": null,
"model": "curl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.22.0"
},
{
"_id": null,
"model": "libcurl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.21.5"
},
{
"_id": null,
"model": "libcurl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.22.0"
},
{
"_id": null,
"model": "curl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.15.1"
},
{
"_id": null,
"model": "curl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.39.0"
},
{
"_id": null,
"model": "curl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.18.2"
},
{
"_id": null,
"model": "libcurl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.15.1"
},
{
"_id": null,
"model": "curl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.16.1"
},
{
"_id": null,
"model": "curl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.15.2"
},
{
"_id": null,
"model": "curl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.13.2"
},
{
"_id": null,
"model": "curl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.18.1"
},
{
"_id": null,
"model": "curl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.19.2"
},
{
"_id": null,
"model": "curl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.16.2"
},
{
"_id": null,
"model": "curl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.24.0"
},
{
"_id": null,
"model": "curl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.34.0"
},
{
"_id": null,
"model": "curl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.41.0"
},
{
"_id": null,
"model": "libcurl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.15.2"
},
{
"_id": null,
"model": "libcurl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.16.1"
},
{
"_id": null,
"model": "libcurl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.13.2"
},
{
"_id": null,
"model": "libcurl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.18.1"
},
{
"_id": null,
"model": "libcurl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.19.2"
},
{
"_id": null,
"model": "libcurl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.16.2"
},
{
"_id": null,
"model": "libcurl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.24.0"
},
{
"_id": null,
"model": "libcurl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.41.0"
},
{
"_id": null,
"model": "curl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.38.0"
},
{
"_id": null,
"model": "curl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.21.7"
},
{
"_id": null,
"model": "curl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.15.3"
},
{
"_id": null,
"model": "libcurl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.38.0"
},
{
"_id": null,
"model": "libcurl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.21.7"
},
{
"_id": null,
"model": "libcurl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.36.0"
},
{
"_id": null,
"model": "libcurl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.21.6"
},
{
"_id": null,
"model": "mac os x",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.10.1"
},
{
"_id": null,
"model": "curl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.25.0"
},
{
"_id": null,
"model": "curl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.11.0"
},
{
"_id": null,
"model": "mac os x",
"scope": "lte",
"trust": 1.0,
"vendor": "apple",
"version": "10.9.5"
},
{
"_id": null,
"model": "curl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.21.1"
},
{
"_id": null,
"model": "libcurl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.12.2"
},
{
"_id": null,
"model": "curl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.31.0"
},
{
"_id": null,
"model": "libcurl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.11.0"
},
{
"_id": null,
"model": "libcurl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.25.0"
},
{
"_id": null,
"model": "curl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.12.3"
},
{
"_id": null,
"model": "libcurl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.21.1"
},
{
"_id": null,
"model": "curl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.29.0"
},
{
"_id": null,
"model": "curl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.14.0"
},
{
"_id": null,
"model": "libcurl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.12.3"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "debian",
"version": "7.0"
},
{
"_id": null,
"model": "libcurl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.37.0"
},
{
"_id": null,
"model": "libcurl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.14.0"
},
{
"_id": null,
"model": "curl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.17.1"
},
{
"_id": null,
"model": "curl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.28.1"
},
{
"_id": null,
"model": "curl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.15.5"
},
{
"_id": null,
"model": "libcurl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.17.1"
},
{
"_id": null,
"model": "curl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.19.3"
},
{
"_id": null,
"model": "libcurl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.15.5"
},
{
"_id": null,
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "12.04"
},
{
"_id": null,
"model": "libcurl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.19.3"
},
{
"_id": null,
"model": "curl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.21.2"
},
{
"_id": null,
"model": "libcurl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.18.2"
},
{
"_id": null,
"model": "curl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.20.1"
},
{
"_id": null,
"model": "curl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.10.7"
},
{
"_id": null,
"model": "libcurl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.21.2"
},
{
"_id": null,
"model": "curl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.16.0"
},
{
"_id": null,
"model": "curl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.20.0"
},
{
"_id": null,
"model": "libcurl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.20.1"
},
{
"_id": null,
"model": "libcurl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.10.7"
},
{
"_id": null,
"model": "curl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.17.0"
},
{
"_id": null,
"model": "libcurl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.16.0"
},
{
"_id": null,
"model": "libcurl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.20.0"
},
{
"_id": null,
"model": "curl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.37.1"
},
{
"_id": null,
"model": "libcurl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.17.0"
},
{
"_id": null,
"model": "curl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.19.5"
},
{
"_id": null,
"model": "libcurl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.37.1"
},
{
"_id": null,
"model": "curl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.19.6"
},
{
"_id": null,
"model": "curl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.19.7"
},
{
"_id": null,
"model": "mac os x",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.10.3"
},
{
"_id": null,
"model": "libcurl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.15.3"
},
{
"_id": null,
"model": "libcurl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.19.6"
},
{
"_id": null,
"model": "libcurl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.19.7"
},
{
"_id": null,
"model": "curl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.11.1"
},
{
"_id": null,
"model": "libcurl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.39"
},
{
"_id": null,
"model": "libcurl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.11.1"
},
{
"_id": null,
"model": "curl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.13.1"
},
{
"_id": null,
"model": "curl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.15.0"
},
{
"_id": null,
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "15.04"
},
{
"_id": null,
"model": "libcurl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.13.1"
},
{
"_id": null,
"model": "libcurl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.15.0"
},
{
"_id": null,
"model": "curl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.12.0"
},
{
"_id": null,
"model": "libcurl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.12.0"
},
{
"_id": null,
"model": "curl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.19.1"
},
{
"_id": null,
"model": "curl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.13.0"
},
{
"_id": null,
"model": "curl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.40.0"
},
{
"_id": null,
"model": "curl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.16.4"
},
{
"_id": null,
"model": "libcurl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.19.1"
},
{
"_id": null,
"model": "libcurl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.13.0"
},
{
"_id": null,
"model": "libcurl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.19.5"
},
{
"_id": null,
"model": "curl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.11.2"
},
{
"_id": null,
"model": "libcurl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.40.0"
},
{
"_id": null,
"model": "libcurl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.16.4"
},
{
"_id": null,
"model": "curl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.21.3"
},
{
"_id": null,
"model": "libcurl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.11.2"
},
{
"_id": null,
"model": "libcurl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.21.3"
},
{
"_id": null,
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "14.10"
},
{
"_id": null,
"model": "curl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.12.1"
},
{
"_id": null,
"model": "curl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.15.4"
},
{
"_id": null,
"model": "curl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.23.1"
},
{
"_id": null,
"model": "curl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.32.0"
},
{
"_id": null,
"model": "mac os x",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.10.4"
},
{
"_id": null,
"model": "curl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.21.0"
},
{
"_id": null,
"model": "curl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.26.0"
},
{
"_id": null,
"model": "libcurl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.12.1"
},
{
"_id": null,
"model": "libcurl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.15.4"
},
{
"_id": null,
"model": "libcurl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.23.1"
},
{
"_id": null,
"model": "libcurl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.21.0"
},
{
"_id": null,
"model": "libcurl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.26.0"
},
{
"_id": null,
"model": "curl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.19.0"
},
{
"_id": null,
"model": "mac os x",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.10.2"
},
{
"_id": null,
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "14.04"
},
{
"_id": null,
"model": "curl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.10.6"
},
{
"_id": null,
"model": "libcurl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.19.0"
},
{
"_id": null,
"model": "curl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.27.0"
},
{
"_id": null,
"model": "curl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.14.1"
},
{
"_id": null,
"model": "curl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.35.0"
},
{
"_id": null,
"model": "curl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.21.4"
},
{
"_id": null,
"model": "curl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.18.0"
},
{
"_id": null,
"model": "curl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.28.0"
},
{
"_id": null,
"model": "curl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.36.0"
},
{
"_id": null,
"model": "libcurl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.10.6"
},
{
"_id": null,
"model": "libcurl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.14.1"
},
{
"_id": null,
"model": "libcurl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.21.4"
},
{
"_id": null,
"model": "curl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.21.6"
},
{
"_id": null,
"model": "libcurl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.18.0"
},
{
"_id": null,
"model": "curl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.33.0"
},
{
"_id": null,
"model": "curl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.12.2"
},
{
"_id": null,
"model": "curl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.23.0"
},
{
"_id": null,
"model": "curl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.30.0"
},
{
"_id": null,
"model": "system management homepage",
"scope": "lte",
"trust": 1.0,
"vendor": "hp",
"version": "7.5.3.1"
},
{
"_id": null,
"model": "libcurl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.23.0"
},
{
"_id": null,
"model": "curl",
"scope": "eq",
"trust": 1.0,
"vendor": "haxx",
"version": "7.19.4"
},
{
"_id": null,
"model": "ubuntu",
"scope": null,
"trust": 0.8,
"vendor": "canonical",
"version": null
},
{
"_id": null,
"model": "gnu/linux",
"scope": "eq",
"trust": 0.8,
"vendor": "debian",
"version": "7.0"
},
{
"_id": null,
"model": "curl",
"scope": "eq",
"trust": 0.8,
"vendor": "haxx",
"version": "7.10.6 to 7.41.0"
},
{
"_id": null,
"model": "libcurl",
"scope": "eq",
"trust": 0.8,
"vendor": "haxx",
"version": "7.10.6 to 7.41.0"
},
{
"_id": null,
"model": "mac os x",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "10.10 to 10.10.4"
},
{
"_id": null,
"model": "comware",
"scope": null,
"trust": 0.8,
"vendor": "hewlett packard",
"version": null
},
{
"_id": null,
"model": "hpe intelligent management center plat",
"scope": null,
"trust": 0.8,
"vendor": "hewlett packard",
"version": null
},
{
"_id": null,
"model": "system management homepage",
"scope": null,
"trust": 0.8,
"vendor": "hewlett packard",
"version": null
},
{
"_id": null,
"model": "linux x86 64 -current",
"scope": null,
"trust": 0.3,
"vendor": "slackware",
"version": null
},
{
"_id": null,
"model": "linux x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "13.37"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "13.37"
},
{
"_id": null,
"model": "linux x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "13.1"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "13.1"
},
{
"_id": null,
"model": "linux x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "13.0"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "13.0"
},
{
"_id": null,
"model": "linux -current",
"scope": null,
"trust": 0.3,
"vendor": "slackware",
"version": null
},
{
"_id": null,
"model": "hat enterprise linux workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"_id": null,
"model": "hat enterprise linux server",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"_id": null,
"model": "hat enterprise linux hpc node optional",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"_id": null,
"model": "hat enterprise linux hpc node",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"_id": null,
"model": "hat enterprise linux desktop optional",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"_id": null,
"model": "hat enterprise linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "0"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.2"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6"
},
{
"_id": null,
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"_id": null,
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "linux s/390",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "linux mips",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "linux ia-64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "linux ia-32",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "stenberg curl",
"scope": "eq",
"trust": 0.3,
"vendor": "daniel",
"version": "7.20"
},
{
"_id": null,
"model": "stenberg curl",
"scope": "eq",
"trust": 0.3,
"vendor": "daniel",
"version": "7.19.6"
},
{
"_id": null,
"model": "stenberg curl",
"scope": "eq",
"trust": 0.3,
"vendor": "daniel",
"version": "7.19.5"
},
{
"_id": null,
"model": "stenberg curl",
"scope": "eq",
"trust": 0.3,
"vendor": "daniel",
"version": "7.19.4"
},
{
"_id": null,
"model": "stenberg curl",
"scope": "eq",
"trust": 0.3,
"vendor": "daniel",
"version": "7.19.3"
},
{
"_id": null,
"model": "stenberg curl",
"scope": "eq",
"trust": 0.3,
"vendor": "daniel",
"version": "7.19"
},
{
"_id": null,
"model": "stenberg curl",
"scope": "eq",
"trust": 0.3,
"vendor": "daniel",
"version": "7.18.1"
},
{
"_id": null,
"model": "stenberg curl",
"scope": "eq",
"trust": 0.3,
"vendor": "daniel",
"version": "7.18"
},
{
"_id": null,
"model": "stenberg curl",
"scope": "eq",
"trust": 0.3,
"vendor": "daniel",
"version": "7.17"
},
{
"_id": null,
"model": "stenberg curl",
"scope": "eq",
"trust": 0.3,
"vendor": "daniel",
"version": "7.16.4"
},
{
"_id": null,
"model": "stenberg curl",
"scope": "eq",
"trust": 0.3,
"vendor": "daniel",
"version": "7.15.5"
},
{
"_id": null,
"model": "stenberg curl",
"scope": "eq",
"trust": 0.3,
"vendor": "daniel",
"version": "7.15.3"
},
{
"_id": null,
"model": "stenberg curl",
"scope": "eq",
"trust": 0.3,
"vendor": "daniel",
"version": "7.15.2"
},
{
"_id": null,
"model": "stenberg curl",
"scope": "eq",
"trust": 0.3,
"vendor": "daniel",
"version": "7.15.1"
},
{
"_id": null,
"model": "stenberg curl",
"scope": "eq",
"trust": 0.3,
"vendor": "daniel",
"version": "7.15"
},
{
"_id": null,
"model": "stenberg curl",
"scope": "eq",
"trust": 0.3,
"vendor": "daniel",
"version": "7.14.1"
},
{
"_id": null,
"model": "stenberg curl",
"scope": "eq",
"trust": 0.3,
"vendor": "daniel",
"version": "7.14"
},
{
"_id": null,
"model": "stenberg curl",
"scope": "eq",
"trust": 0.3,
"vendor": "daniel",
"version": "7.13.2"
},
{
"_id": null,
"model": "stenberg curl",
"scope": "eq",
"trust": 0.3,
"vendor": "daniel",
"version": "7.13.1"
},
{
"_id": null,
"model": "stenberg curl",
"scope": "eq",
"trust": 0.3,
"vendor": "daniel",
"version": "7.13"
},
{
"_id": null,
"model": "stenberg curl",
"scope": "eq",
"trust": 0.3,
"vendor": "daniel",
"version": "7.12.3"
},
{
"_id": null,
"model": "stenberg curl",
"scope": "eq",
"trust": 0.3,
"vendor": "daniel",
"version": "7.12.2"
},
{
"_id": null,
"model": "stenberg curl",
"scope": "eq",
"trust": 0.3,
"vendor": "daniel",
"version": "7.12.1"
},
{
"_id": null,
"model": "stenberg curl",
"scope": "eq",
"trust": 0.3,
"vendor": "daniel",
"version": "7.12"
},
{
"_id": null,
"model": "stenberg curl",
"scope": "eq",
"trust": 0.3,
"vendor": "daniel",
"version": "7.11.2"
},
{
"_id": null,
"model": "stenberg curl",
"scope": "eq",
"trust": 0.3,
"vendor": "daniel",
"version": "7.11.1"
},
{
"_id": null,
"model": "stenberg curl",
"scope": "eq",
"trust": 0.3,
"vendor": "daniel",
"version": "7.11"
},
{
"_id": null,
"model": "stenberg curl",
"scope": "eq",
"trust": 0.3,
"vendor": "daniel",
"version": "7.10.8"
},
{
"_id": null,
"model": "stenberg curl",
"scope": "eq",
"trust": 0.3,
"vendor": "daniel",
"version": "7.10.7"
},
{
"_id": null,
"model": "stenberg curl",
"scope": "eq",
"trust": 0.3,
"vendor": "daniel",
"version": "7.10.6"
},
{
"_id": null,
"model": "stenberg curl",
"scope": "eq",
"trust": 0.3,
"vendor": "daniel",
"version": "7.24.0"
},
{
"_id": null,
"model": "stenberg curl",
"scope": "eq",
"trust": 0.3,
"vendor": "daniel",
"version": "7.23.1"
},
{
"_id": null,
"model": "stenberg curl",
"scope": "eq",
"trust": 0.3,
"vendor": "daniel",
"version": "7.21.7"
},
{
"_id": null,
"model": "stenberg curl",
"scope": "eq",
"trust": 0.3,
"vendor": "daniel",
"version": "7.21.6"
},
{
"_id": null,
"model": "stenberg curl",
"scope": "eq",
"trust": 0.3,
"vendor": "daniel",
"version": "7.20.2"
},
{
"_id": null,
"model": "stenberg curl",
"scope": "eq",
"trust": 0.3,
"vendor": "daniel",
"version": "7.20.1"
},
{
"_id": null,
"model": "stenberg curl",
"scope": "eq",
"trust": 0.3,
"vendor": "daniel",
"version": "7.16.3"
}
],
"sources": [
{
"db": "BID",
"id": "74299"
},
{
"db": "CNNVD",
"id": "CNNVD-201504-500"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002484"
},
{
"db": "NVD",
"id": "CVE-2015-3143"
}
]
},
"configurations": {
"_id": null,
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:canonical:ubuntu",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:debian:debian_linux",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:haxx:curl",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:haxx:libcurl",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:apple:mac_os_x",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hp:comware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hp:intelligent_management_center_platform",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hp:system_management_homepage",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-002484"
}
]
},
"credits": {
"_id": null,
"data": "Paras Sethia",
"sources": [
{
"db": "BID",
"id": "74299"
}
],
"trust": 0.3
},
"cve": "CVE-2015-3143",
"cvss": {
"_id": null,
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CVE-2015-3143",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.9,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "VHN-81104",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:N/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2015-3143",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2015-3143",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-201504-500",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-81104",
"trust": 0.1,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2015-3143",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-81104"
},
{
"db": "VULMON",
"id": "CVE-2015-3143"
},
{
"db": "CNNVD",
"id": "CNNVD-201504-500"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002484"
},
{
"db": "NVD",
"id": "CVE-2015-3143"
}
]
},
"description": {
"_id": null,
"data": "cURL and libcurl 7.10.6 through 7.41.0 does not properly re-use NTLM connections, which allows remote attackers to connect as other users via an unauthenticated request, a similar issue to CVE-2014-0015. cURL/libcURL is prone to a remote security-bypass vulnerability. \nAn attacker can leverage this issue to bypass security restrictions and perform unauthorized actions. This may aid in further attacks. \ncURL/libcURL 7.10.6 through versions 7.41.0 are vulnerable. Both Haxx curl and libcurl are products of the Swedish company Haxx. curl is a set of file transfer tools that use URL syntax to work on the command line. libcurl is a free, open source client-side URL transfer library. ============================================================================\nUbuntu Security Notice USN-2591-1\nApril 30, 2015\n\ncurl vulnerabilities\n============================================================================\n\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 15.04\n- Ubuntu 14.10\n- Ubuntu 14.04 LTS\n- Ubuntu 12.04 LTS\n\nSummary:\n\nSeveral security issues were fixed in curl. \n\nSoftware Description:\n- curl: HTTP, HTTPS, and FTP client and client libraries\n\nDetails:\n\nParas Sethia discovered that curl could incorrectly re-use NTLM HTTP\ncredentials when subsequently connecting to the same host over HTTP. \n(CVE-2015-3143)\n\nHanno B=C3=B6ck discovered that curl incorrectly handled zero-length host names. \nIf a user or automated system were tricked into using a specially crafted\nhost name, an attacker could possibly use this issue to cause curl to\ncrash, resulting in a denial of service, or possibly execute arbitrary\ncode. This issue only affected Ubuntu 14.10 and Ubuntu 15.04. \nIf a user or automated system were tricked into parsing a specially crafted\ncookie, an attacker could possibly use this issue to cause curl to crash,\nresulting in a denial of service, or possibly execute arbitrary code. This\nissue only affected Ubuntu 14.04 LTS, Ubuntu 14.10 and Ubuntu 15.04. \n(CVE-2015-3145)\n\nIsaac Boukris discovered that when using Negotiate authenticated\nconnections, curl could incorrectly authenticate the entire connection and\nnot just specific HTTP requests. (CVE-2015-3148)\n\nYehezkel Horowitz and Oren Souroujon discovered that curl sent HTTP headers\nboth to servers and proxies by default, contrary to expectations. This\nissue only affected Ubuntu 14.10 and Ubuntu 15.04. (CVE-2015-3153)\n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 15.04:\n libcurl3 7.38.0-3ubuntu2.2\n libcurl3-gnutls 7.38.0-3ubuntu2.2\n libcurl3-nss 7.38.0-3ubuntu2.2\n\nUbuntu 14.10:\n libcurl3 7.37.1-1ubuntu3.4\n libcurl3-gnutls 7.37.1-1ubuntu3.4\n libcurl3-nss 7.37.1-1ubuntu3.4\n\nUbuntu 14.04 LTS:\n libcurl3 7.35.0-1ubuntu2.5\n libcurl3-gnutls 7.35.0-1ubuntu2.5\n libcurl3-nss 7.35.0-1ubuntu2.5\n\nUbuntu 12.04 LTS:\n libcurl3 7.22.0-3ubuntu4.14\n libcurl3-gnutls 7.22.0-3ubuntu4.14\n libcurl3-nss 7.22.0-3ubuntu4.14\n\nIn general, a standard system update will make all the necessary changes. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\nNote: the current version of the following document is available here:\nhttps://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_n\na-c04986859\n\nSUPPORT COMMUNICATION - SECURITY BULLETIN\n\nDocument ID: c04986859\nVersion: 1\n\nHPSBHF03544 rev.1 - HPE iMC PLAT and other HP and H3C products using Comware\n7 and cURL, Remote Unauthorized Access\n\nNOTICE: The information in this Security Bulletin should be acted upon as\nsoon as possible. \n\nRelease Date: 2016-02-19\nLast Updated: 2016-02-19\n\nPotential Security Impact: Remote Unauthorized Access\n\nSource: Hewlett Packard Enterprise, Product Security Response Team\n\nVULNERABILITY SUMMARY\nPotential security vulnerabilities in cURL and libcurl have been addressed\nwith HPE iMC PLAT and other HP and H3C products using Comware 7. The\nvulnerabilities could be exploited remotely resulting in unauthorized access. \n\nReferences:\n\n - CVE-2015-3143\n - CVE-2015-3148\n - SSRT102110\n - PSRT110028\n\nSUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. \nPlease refer to the RESOLUTION\n below for a list of impacted products. \n\nNote: all product versions are impacted prior to the fixed versions listed. \n\nBACKGROUND\n\nCVSS 2.0 Base Metrics\n===========================================================\n Reference Base Vector Base Score\nCVE-2015-3143 (AV:N/AC:L/Au:N/C:N/I:P/A:N) 5.0\nCVE-2015-3148 (AV:N/AC:L/Au:N/C:N/I:P/A:N) 5.0\n===========================================================\n Information on CVSS is documented\n in HP Customer Notice: HPSN-2008-002\n\nRESOLUTION\nHPE has released the following software updates to resolve the\nvulnerabilities in Comware 7 and iMC Plat. \n\n**COMWARE 7 Products**\n\n + 12500 (Comware 7) R7375\n * HP Network Products\n - JC085A HP A12518 Switch Chassis\n - JC086A HP A12508 Switch Chassis\n - JC652A HP 12508 DC Switch Chassis\n - JC653A HP 12518 DC Switch Chassis\n - JC654A HP 12504 AC Switch Chassis\n - JC655A HP 12504 DC Switch Chassis\n - JF430A HP A12518 Switch Chassis\n - JF430B HP 12518 Switch Chassis\n - JF430C HP 12518 AC Switch Chassis\n - JF431A HP A12508 Switch Chassis\n - JF431B HP 12508 Switch Chassis\n - JF431C HP 12508 AC Switch Chassis\n - JC072B HP 12500 Main Processing Unit\n - JG497A HP 12500 MPU w/Comware V7 OS\n - JG782A HP FF 12508E AC Switch Chassis\n - JG783A HP FF 12508E DC Switch Chassis\n - JG784A HP FF 12518E AC Switch Chassis\n - JG785A HP FF 12518E DC Switch Chassis\n - JG802A HP FF 12500E MPU\n - JG836A HP FlexFabric 12518E AC Switch TAA-compliant Chassis\n - JG834A HP FlexFabric 12508E AC Switch TAA-compliant Chassis\n - JG835A HP FlexFabric 12508E DC Switch TAA-compliant Chassis\n - JG837A HP FlexFabric 12518E DC Switch TAA-compliant Chassis\n - JG803A HP FlexFabric 12500E TAA-compliant Main Processing Unit\n - JG796A HP FlexFabric 12500 48-port 10GbE SFP+ FD Module\n - JG790A HP FlexFabric 12500 16-port 40GbE QSFP+ FD Module\n - JG794A HP FlexFabric 12500 40-port 10GbE SFP+ FG Module\n - JG792A HP FlexFabric 12500 40-port 10GbE SFP+ FD Module\n - JG788A HP FlexFabric 12500 4-port 100GbE CFP FG Module\n - JG786A HP FlexFabric 12500 4-port 100GbE CFP FD Module\n - JG797A HP FlexFabric 12500 48-port 10GbE SFP+ FD TAA-compliant Module\n - JG791A HP FlexFabric 12500 16-port 40GbE QSFP+ FD TAA-compliant\nModule\n - JG795A HP FlexFabric 12500 40-port 10GbE SFP+ FG TAA-compliant Module\n - JG793A HP FlexFabric 12500 40-port 10GbE SFP+ FD TAA-compliant Module\n - JG789A HP FlexFabric 12500 4-port 100GbE CFP FG TAA-compliant Module\n - JG787A HP FlexFabric 12500 4-port 100GbE CFP FD TAA-compliant Module\n - JG798A HP FlexFabric 12508E Fabric Module\n * H3C Products\n - H3C S12508 Routing Switch (AC-1) (0235A0GE)\n - H3C S12518 Routing Switch (AC-1) (0235A0GF)\n - H3C S12508 Chassis (0235A0E6)\n - H3C S12508 Chassis (0235A38N)\n - H3C S12518 Chassis (0235A0E7)\n - H3C S12518 Chassis (0235A38M)\n - H3C 12508 DC Switch Chassis (0235A38L)\n - H3C 12518 DC Switch Chassis (0235A38K)\n + 10500 (Comware 7) R7168\n * HP Network Products\n - JC611A HP 10508-V Switch Chassis\n - JC612A HP 10508 Switch Chassis\n - JC613A HP 10504 Switch Chassis\n - JC748A HP 10512 Switch Chassis\n - JG820A HP 10504 TAA Switch Chassis\n - JG821A HP 10508 TAA Switch Chassis\n - JG822A HP 10508-V TAA Switch Chassis\n - JG823A HP 10512 TAA Switch Chassis\n - JG496A HP 10500 Type A MPU w/Comware v7 OS\n - JH198A HP 10500 Type D Main Processing Unit with Comware v7 Operating\nSystem\n - JH191A HP 10500 44-port GbE(SFP,LC)/ 4-port 10GbE SFP+ (SFP+,LC) SE\nModule\n - JH192A HP 10500 48-port Gig-T (RJ45) SE Module\n - JH193A HP 10500 16-port 10GbE SFP+ (SFP+,LC) SF Module\n - JH194A HP 10500 24-port 10GbE SFP+ (SFP+,LC) EC Module\n - JH195A HP 10500 6-port 40GbE QSFP+ EC Module\n - JH196A HP 10500 2-port 100GbE CFP EC Module\n - JH197A HP 10500 48-port 10GbE SFP+ (SFP+,LC) SG Module\n + 12900 (Comware 7) R1137\n * HP Network Products\n - JG619A HP FlexFabric 12910 Switch AC Chassis\n - JG621A HP FlexFabric 12910 Main Processing Unit\n - JG632A HP FlexFabric 12916 Switch AC Chassis\n - JG634A HP FlexFabric 12916 Main Processing Unit\n - JH104A HP FlexFabric 12900E Main Processing Unit\n - JH114A HP FlexFabric 12910 TAA-compliant Main Processing Unit\n - JH263A HP FlexFabric 12904E Main Processing Unit\n - JH255A HP FlexFabric 12908E Switch Chassis\n - JH262A HP FlexFabric 12904E Switch Chassis\n - JH113A HP FlexFabric 12910 TAA-compliant Switch AC Chassis\n - JH103A HP FlexFabric 12916E Switch Chassis\n + 5900 (Comware 7) R2422P01\n * HP Network Products\n - JC772A HP 5900AF-48XG-4QSFP+ Switch\n - JG336A HP 5900AF-48XGT-4QSFP+ Switch\n - JG510A HP 5900AF-48G-4XG-2QSFP+ Switch\n - JG554A HP 5900AF-48XG-4QSFP+ TAA Switch\n - JG838A HP FF 5900CP-48XG-4QSFP+ Switch\n - JH036A HP FlexFabric 5900CP 48XG 4QSFP+ TAA-Compliant\n - JH037A HP 5900AF 48XGT 4QSFP+ TAA-Compliant Switch\n - JH038A HP 5900AF 48G 4XG 2QSFP+ TAA-Compliant\n + 5920 (Comware 7) R2422P01\n * HP Network Products\n - JG296A HP 5920AF-24XG Switch\n - JG555A HP 5920AF-24XG TAA Switch\n + MSR1000 (Comware 7) R0304P04\n * HP Network Products\n - JG875A HP MSR1002-4 AC Router\n - JH060A HP MSR1003-8S AC Router\n + MSR2000 (Comware 7) R0304P04\n * HP Network Products\n - JG411A HP MSR2003 AC Router\n - JG734A HP MSR2004-24 AC Router\n - JG735A HP MSR2004-48 Router\n - JG866A HP MSR2003 TAA-compliant AC Router\n + MSR3000 (Comware 7) R0304P04\n * HP Network Products\n - JG404A HP MSR3064 Router\n - JG405A HP MSR3044 Router\n - JG406A HP MSR3024 AC Router\n - JG407A HP MSR3024 DC Router\n - JG408A HP MSR3024 PoE Router\n - JG409A HP MSR3012 AC Router\n - JG410A HP MSR3012 DC Router\n - JG861A HP MSR3024 TAA-compliant AC Router\n + MSR4000 (Comware 7) R0304P04\n * HP Network Products\n - JG402A HP MSR4080 Router Chassis\n - JG403A HP MSR4060 Router Chassis\n - JG412A HP MSR4000 MPU-100 Main Processing Unit\n - JG869A HP MSR4000 TAA-compliant MPU-100 Main Processing Unit\n + VSR (Comware 7) E0321\n * HP Network Products\n - JG810AAE HP VSR1001 Virtual Services Router 60 Day Evaluation\nSoftware\n - JG811AAE HP VSR1001 Comware 7 Virtual Services Router\n - JG812AAE HP VSR1004 Comware 7 Virtual Services Router\n - JG813AAE HP VSR1008 Comware 7 Virtual Services Router\n + 7900 (Comware 7) R2137\n * HP Network Products\n - JG682A HP FlexFabric 7904 Switch Chassis\n - JG841A HP FlexFabric 7910 Switch Chassis\n - JG842A HP FlexFabric 7910 7.2Tbps Fabric / Main Processing Unit\n - JH001A HP FlexFabric 7910 2.4Tbps Fabric / Main Processing Unit\n - JH122A HP FlexFabric 7904 TAA-compliant Switch Chassis\n - JH123A HP FlexFabric 7910 TAA-compliant Switch Chassis\n - JH124A HP FlexFabric 7910 7.2Tbps TAA-compliant Fabric/Main\nProcessing Unit\n - JH125A HP FlexFabric 7910 2.4Tbps TAA-compliant Fabric/Main\nProcessing Unit\n + 5130 (Comware 7) R3109P09\n * HP Network Products\n - JG932A HP 5130-24G-4SFP+ EI Switch\n - JG933A HP 5130-24G-SFP-4SFP+ EI Switch\n - JG934A HP 5130-48G-4SFP+ EI Switch\n - JG936A HP 5130-24G-PoE+-4SFP+ (370W) EI Switch\n - JG937A HP 5130-48G-PoE+-4SFP+ (370W) EI Switch\n - JG975A HP 5130-24G-4SFP+ EI Brazil Switch\n - JG976A HP 5130-48G-4SFP+ EI Brazil Switch\n - JG977A HP 5130-24G-PoE+-4SFP+ (370W) EI Brazil Switch\n - JG978A HP 5130-48G-PoE+-4SFP+ (370W) EI Brazil Switch\n - JG938A HP 5130-24G-2SFP+-2XGT EI Switch\n - JG939A HP 5130-48G-2SFP+-2XGT EI Switch\n - JG940A HP 5130-24G-PoE+-2SFP+-2XGT (370W) EI Switch\n - JG941A HP 5130-48G-PoE+-2SFP+-2XGT (370W) EI Switch\n + 5700 (Comware 7) R2422P01\n * HP Network Products\n - JG894A HP FlexFabric 5700-48G-4XG-2QSFP+ Switch\n - JG895A HP FlexFabric 5700-48G-4XG-2QSFP+ TAA-compliant Switch\n - JG896A HP FlexFabric 5700-40XG-2QSFP+ Switch\n - JG897A HP FlexFabric 5700-40XG-2QSFP+ TAA-compliant Switch\n - JG898A HP FlexFabric 5700-32XGT-8XG-2QSFP+ Switch\n - JG899A HP FlexFabric 5700-32XGT-8XG-2QSFP+ TAA-compliant Switch\n + 5930 (Comware 7) R2422P01\n * HP Network Products\n - JG726A HP FlexFabric 5930 32QSFP+ Switch\n - JG727A HP FlexFabric 5930 32QSFP+ TAA-compliant Switch\n - JH178A HP FlexFabric 5930 2QSFP+ 2-slot Switch\n - JH179A HP FlexFabric 5930 4-slot Switch\n - JH187A HP FlexFabric 5930 2QSFP+ 2-slot TAA-compliant Switch\n - JH188A HP FlexFabric 5930 4-slot TAA-compliant Switch\n + HSR6602 (Comware 7) R7103P05\n * HP Network Products\n - JG353A HP HSR6602-G Router\n - JG354A HP HSR6602-XG Router\n - JG776A HP HSR6602-G TAA-compliant Router\n - JG777A HP HSR6602-XG TAA-compliant Router\n + HSR6800 (Comware 7) R7103P05\n * HP Network Products\n - JG361A HP HSR6802 Router Chassis\n - JG361B HP HSR6802 Router Chassis\n - JG362A HP HSR6804 Router Chassis\n - JG362B HP HSR6804 Router Chassis\n - JG363A HP HSR6808 Router Chassis\n - JG363B HP HSR6808 Router Chassis\n - JG364A HP HSR6800 RSE-X2 Router Main Processing Unit\n - JG779A HP HSR6800 RSE-X2 Router TAA-compliant Main Processing Unit\n - JH075A) HP HSR6800 RSE-X3 Router Main Processing Unit\n + 1950 R3109P09\n * HP Network Products\n - JG960A HP 1950-24G-4XG Switch\n - JG961A HP 1950-48G-2SFP+-2XGT Switch\n - JG962A HP 1950-24G-2SFP+-2XGT-PoE+(370W) Switch\n - JG963A HP 1950-48G-2SFP+-2XGT-PoE+(370W) Switch\n\n**iMC**\n\n + iMC Plat iMC Plat 7.1 (E0303P13)\n * HP Network Products\n - JD125A HP IMC Std S/W Platform w/100-node\n - JD126A HP IMC Ent S/W Platform w/100-node\n - JD808A HP IMC Ent Platform w/100-node License\n - JD814A HP A-IMC Enterprise Edition Software DVD Media\n - JD815A HP IMC Std Platform w/100-node License\n - JD816A HP A-IMC Standard Edition Software DVD Media\n - JF288AAE HP Network Director to Intelligent Management Center\nUpgrade E-LTU\n - JF289AAE HP Enterprise Management System to Intelligent Management\nCenter Upgrade E-LTU\n - JF377A HP IMC Std S/W Platform w/100-node Lic\n - JF377AAE HP IMC Std S/W Pltfrm w/100-node E-LTU\n - JF378A HP IMC Ent S/W Platform w/200-node Lic\n - JF378AAE HP IMC Ent S/W Pltfrm w/200-node E-LTU\n - JG546AAE HP IMC Basic SW Platform w/50-node E-LTU\n - JG548AAE HP PCM+ to IMC Bsc Upgr w/50-node E-LTU\n - JG549AAE HP PCM+ to IMC Std Upgr w/200-node E-LTU\n - JG550AAE HP PMM to IMC Bsc WLM Upgr w/150AP E-LTU\n - JG590AAE HP IMC Bsc WLAN Mgr SW Pltfm 50 AP E-LTU\n - JG659AAE HP IMC Smart Connect VAE E-LTU\n - JG660AAE HP IMC Smart Connect w/WLM VAE E-LTU\n - JG747AAE HP IMC Std SW Plat w/ 50 Nodes E-LTU\n - JG748AAE HP IMC Ent SW Plat w/ 50 Nodes E-LTU\n - JG766AAE HP IMC SmCnct Vrtl Applnc SW E-LTU\n - JG767AAE HP IMC SmCnct WSM Vrtl Applnc SW E-LTU\n - JG768AAE HP PCM+ to IMC Std Upg w/ 200-node E-LTU\n\nHISTORY\nVersion:1 (rev.1) - 19 February 2016 Initial release\n\nThird Party Security Patches: Third party security patches that are to be\ninstalled on systems running Hewlett Packard Enterprise (HPE) software\nproducts should be applied in accordance with the customer\u0027s patch management\npolicy. \n\nSupport: For issues about implementing the recommendations of this Security\nBulletin, contact normal HPE Services support channel. For other issues about\nthe content of this Security Bulletin, send e-mail to security-alert@hpe.com. \n\nReport: To report a potential security vulnerability with any HPE supported\nproduct, send Email to: security-alert@hpe.com\n\nSubscribe: To initiate a subscription to receive future HPE Security Bulletin\nalerts via Email: http://www.hpe.com/support/Subscriber_Choice\n\nSecurity Bulletin Archive: A list of recently released Security Bulletins is\navailable here: http://www.hpe.com/support/Security_Bulletin_Archive\n\nSoftware Product Category: The Software Product Category is represented in\nthe title by the two characters following HPSB. \n\n3C = 3COM\n3P = 3rd Party Software\nGN = HPE General Software\nHF = HPE Hardware and Firmware\nMU = Multi-Platform Software\nNS = NonStop Servers\nOV = OpenVMS\nPV = ProCurve\nST = Storage Software\nUX = HP-UX\n\nCopyright 2016 Hewlett Packard Enterprise\n\nHewlett Packard Enterprise shall not be liable for technical or editorial\nerrors or omissions contained herein. The information provided is provided\n\"as is\" without warranty of any kind. To the extent permitted by law, neither\nHP or its affiliates, subcontractors or suppliers will be liable for\nincidental,special or consequential damages including downtime cost; lost\nprofits; damages relating to the procurement of substitute products or\nservices; or damages for loss of data, or software restoration. The\ninformation in this document is subject to change without notice. Hewlett\nPackard Enterprise and the names of Hewlett Packard Enterprise products\nreferenced herein are trademarks of Hewlett Packard Enterprise in the United\nStates and other countries. Other product and company names mentioned herein\nmay be trademarks of their respective owners. 7) - x86_64\n\n3. \n(BZ#1154060)\n\n* TLS 1.1 and TLS 1.2 are no longer disabled by default in libcurl. (BZ#1170339)\n\n* FTP operations such as downloading files took a significantly long time\nto complete. Now, the FTP implementation in libcurl correctly sets blocking\ndirection and estimated timeout for connections, resulting in faster FTP\ntransfers. (BZ#1066065)\n\n* The libcurl library did not implement a non-blocking SSL handshake, which\nnegatively affected performance of applications based on the libcurl multi\nAPI. The non-blocking SSL handshake has been implemented in libcurl, and\nthe libcurl multi API now immediately returns the control back to the\napplication whenever it cannot read or write data from or to the underlying\nnetwork socket. (BZ#1091429)\n\n* The libcurl library used an unnecessarily long blocking delay for actions\nwith no active file descriptors, even for short operations. Some actions,\nsuch as resolving a host name using /etc/hosts, took a long time to\ncomplete. The blocking code in libcurl has been modified so that the\ninitial delay is short and gradually increases until an event occurs. \n\n\nHere are the details from the Slackware 14.1 ChangeLog:\n+--------------------------+\npatches/packages/curl-7.45.0-i486-1_slack14.1.txz: Upgraded. \n For more information, see:\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3143\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3144\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3145\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3148\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3236\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3237\n (* Security fix *)\n+--------------------------+\n\n\nWhere to find the new packages:\n+-----------------------------+\n\nThanks to the friendly folks at the OSU Open Source Lab\n(http://osuosl.org) for donating FTP and rsync hosting\nto the Slackware project! :-)\n\nAlso see the \"Get Slack\" section on http://slackware.com for\nadditional mirror sites near you. \n\nUpdated package for Slackware 13.0:\nftp://ftp.slackware.com/pub/slackware/slackware-13.0/patches/packages/curl-7.45.0-i486-1_slack13.0.txz\n\nUpdated package for Slackware x86_64 13.0:\nftp://ftp.slackware.com/pub/slackware/slackware64-13.0/patches/packages/curl-7.45.0-x86_64-1_slack13.0.txz\n\nUpdated package for Slackware 13.1:\nftp://ftp.slackware.com/pub/slackware/slackware-13.1/patches/packages/curl-7.45.0-i486-1_slack13.1.txz\n\nUpdated package for Slackware x86_64 13.1:\nftp://ftp.slackware.com/pub/slackware/slackware64-13.1/patches/packages/curl-7.45.0-x86_64-1_slack13.1.txz\n\nUpdated package for Slackware 13.37:\nftp://ftp.slackware.com/pub/slackware/slackware-13.37/patches/packages/curl-7.45.0-i486-1_slack13.37.txz\n\nUpdated package for Slackware x86_64 13.37:\nftp://ftp.slackware.com/pub/slackware/slackware64-13.37/patches/packages/curl-7.45.0-x86_64-1_slack13.37.txz\n\nUpdated package for Slackware 14.0:\nftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/curl-7.45.0-i486-1_slack14.0.txz\n\nUpdated package for Slackware x86_64 14.0:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/curl-7.45.0-x86_64-1_slack14.0.txz\n\nUpdated package for Slackware 14.1:\nftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/curl-7.45.0-i486-1_slack14.1.txz\n\nUpdated package for Slackware x86_64 14.1:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/curl-7.45.0-x86_64-1_slack14.1.txz\n\nUpdated package for Slackware -current:\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/curl-7.45.0-i586-1.txz\n\nUpdated package for Slackware x86_64 -current:\nftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/curl-7.45.0-x86_64-1.txz\n\n\nMD5 signatures:\n+-------------+\n\nSlackware 13.0 package:\ne9307566f43c3c12ac72f12cea688741 curl-7.45.0-i486-1_slack13.0.txz\n\nSlackware x86_64 13.0 package:\n5fe5a7733ce969f8f468c6b03cf6b1f7 curl-7.45.0-x86_64-1_slack13.0.txz\n\nSlackware 13.1 package:\n9d3d5ccbae7284c84c4667885bf9fd0d curl-7.45.0-i486-1_slack13.1.txz\n\nSlackware x86_64 13.1 package:\n7e7f04d3de8d34b8b082729ceaa53ba9 curl-7.45.0-x86_64-1_slack13.1.txz\n\nSlackware 13.37 package:\n00bd418a8607ea74d1986c08d5358052 curl-7.45.0-i486-1_slack13.37.txz\n\nSlackware x86_64 13.37 package:\n23e7da7ab6846fed5d18b5f5399ac400 curl-7.45.0-x86_64-1_slack13.37.txz\n\nSlackware 14.0 package:\n76f010b92c755f16f19840723d845e21 curl-7.45.0-i486-1_slack14.0.txz\n\nSlackware x86_64 14.0 package:\ndaf0b67147a50e44d89f8852632fcdf7 curl-7.45.0-x86_64-1_slack14.0.txz\n\nSlackware 14.1 package:\n8c2a5796d4a4ce840a767423667eb97b curl-7.45.0-i486-1_slack14.1.txz\n\nSlackware x86_64 14.1 package:\n763157115101b63867217707ff4a9021 curl-7.45.0-x86_64-1_slack14.1.txz\n\nSlackware -current package:\n0c2d192aff4af6f74281a1d724d31ce3 n/curl-7.45.0-i586-1.txz\n\nSlackware x86_64 -current package:\n4791e2bb2afd43ec0642d94e22259e81 n/curl-7.45.0-x86_64-1.txz\n\n\nInstallation instructions:\n+------------------------+\n\nUpgrade the package as root:\n# upgradepkg curl-7.45.0-i486-1_slack14.1.txz\n\n\n+-----+\n\nSlackware Linux Security Team\nhttp://slackware.com/gpg-key\nsecurity@slackware.com\n\n+------------------------------------------------------------------------+\n| To leave the slackware-security mailing list: |\n+------------------------------------------------------------------------+\n| Send an email to majordomo@slackware.com with this text in the body of |\n| the email message: |\n| |\n| unsubscribe slackware-security |\n| |\n| You will get a confirmation message back containing instructions to |\n| complete the process. Please do not reply to this email address. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=====================================================================\n Red Hat Security Advisory\n\nSynopsis: Moderate: curl security, bug fix, and enhancement update\nAdvisory ID: RHSA-2015:1254-02\nProduct: Red Hat Enterprise Linux\nAdvisory URL: https://rhn.redhat.com/errata/RHSA-2015-1254.html\nIssue date: 2015-07-22\nUpdated on: 2014-12-15\nCVE Names: CVE-2014-3613 CVE-2014-3707 CVE-2014-8150 \n CVE-2015-3143 CVE-2015-3148 \n=====================================================================\n\n1. Summary:\n\nUpdated curl packages that fix multiple security issues, several bugs, and\nadd two enhancements are now available for Red Hat Enterprise Linux 6. \n\nRed Hat Product Security has rated this update as having Moderate security\nimpact. Common Vulnerability Scoring System (CVSS) base scores, which give\ndetailed severity ratings, are available for each vulnerability from the\nCVE links in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux Desktop (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Desktop Optional (v. 6) - i386, x86_64\nRed Hat Enterprise Linux HPC Node (v. 6) - x86_64\nRed Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64\nRed Hat Enterprise Linux Server (v. 6) - i386, ppc64, s390x, x86_64\nRed Hat Enterprise Linux Workstation (v. 6) - i386, x86_64\n\n3. Description:\n\nThe curl packages provide the libcurl library and the curl utility for\ndownloading files from servers using various protocols, including HTTP,\nFTP, and LDAP. \n\nIt was found that the libcurl library did not correctly handle partial\nliteral IP addresses when parsing received HTTP cookies. An attacker able\nto trick a user into connecting to a malicious server could use this flaw\nto set the user\u0027s cookie to a crafted domain, making other cookie-related\nissues easier to exploit. (CVE-2014-3613)\n\nA flaw was found in the way the libcurl library performed the duplication\nof connection handles. If an application set the CURLOPT_COPYPOSTFIELDS\noption for a handle, using the handle\u0027s duplicate could cause the\napplication to crash or disclose a portion of its memory. (CVE-2014-3707)\n\nIt was discovered that the libcurl library failed to properly handle URLs\nwith embedded end-of-line characters. An attacker able to make an\napplication using libcurl to access a specially crafted URL via an HTTP\nproxy could use this flaw to inject additional headers to the request or\nconstruct additional requests. (CVE-2014-8150)\n\nIt was discovered that libcurl implemented aspects of the NTLM and\nNegotatiate authentication incorrectly. If an application uses libcurl\nand the affected mechanisms in a specifc way, certain requests to a\npreviously NTLM-authenticated server could appears as sent by the wrong\nauthenticated user. Additionally, the initial set of credentials for HTTP\nNegotiate-authenticated requests could be reused in subsequent requests,\nalthough a different set of credentials was specified. (CVE-2015-3143,\nCVE-2015-3148)\n\nRed Hat would like to thank the cURL project for reporting these issues. \n\nBug fixes:\n\n* An out-of-protocol fallback to SSL version 3.0 (SSLv3.0) was available\nwith libcurl. Attackers could abuse the fallback to force downgrade of the\nSSL version. The fallback has been removed from libcurl. Users requiring\nthis functionality can explicitly enable SSLv3.0 through the libcurl API. \n(BZ#1154059)\n\n* A single upload transfer through the FILE protocol opened the destination\nfile twice. If the inotify kernel subsystem monitored the file, two events\nwere produced unnecessarily. The file is now opened only once per upload. \n(BZ#883002)\n\n* Utilities using libcurl for SCP/SFTP transfers could terminate\nunexpectedly when the system was running in FIPS mode. (BZ#1008178)\n\n* Using the \"--retry\" option with the curl utility could cause curl to\nterminate unexpectedly with a segmentation fault. Now, adding \"--retry\" no\nlonger causes curl to crash. (BZ#1009455)\n\n* The \"curl --trace-time\" command did not use the correct local time when\nprinting timestamps. Now, \"curl --trace-time\" works as expected. \n(BZ#1120196)\n\n* The valgrind utility could report dynamically allocated memory leaks on\ncurl exit. Now, curl performs a global shutdown of the NetScape Portable\nRuntime (NSPR) library on exit, and valgrind no longer reports the memory\nleaks. (BZ#1146528)\n\n* Previously, libcurl returned an incorrect value of the\nCURLINFO_HEADER_SIZE field when a proxy server appended its own headers to\nthe HTTP response. Now, the returned value is valid. (BZ#1161163)\n\nEnhancements:\n\n* The \"--tlsv1.0\", \"--tlsv1.1\", and \"--tlsv1.2\" options are available for\nspecifying the minor version of the TLS protocol to be negotiated by NSS. \nThe \"--tlsv1\" option now negotiates the highest version of the TLS protocol\nsupported by both the client and the server. (BZ#1012136)\n\n* It is now possible to explicitly enable or disable the ECC and the new\nAES cipher suites to be used for TLS. (BZ#1058767, BZ#1156422)\n\nAll curl users are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues and add these\nenhancements. \n\n4. Solution:\n\nBefore applying this update, make sure all previously released errata\nrelevant to your system have been applied. \n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258\n\n5. Bugs fixed (https://bugzilla.redhat.com/):\n\n835898 - Bug in DNS cache causes connections until restart of libcurl-using processes\n883002 - curl used with file:// protocol opens and closes a destination file twice\n997185 - sendrecv.c example incorrect type for sockfd\n1008178 - curl scp download fails in fips mode\n1011083 - CA certificate cannot be specified by nickname [documentation bug]\n1011101 - manpage typos found using aspell\n1058767 - curl does not support ECDSA certificates\n1104160 - Link in curl man page is wrong\n1136154 - CVE-2014-3613 curl: incorrect handling of IP addresses in cookie domain\n1154059 - curl: Disable out-of-protocol fallback to SSL 3.0\n1154747 - NTLM: ignore CURLOPT_FORBID_REUSE during NTLM HTTP auth\n1154941 - CVE-2014-3707 curl: incorrect handle duplication after COPYPOSTFIELDS\n1156422 - curl does not allow explicit control of DHE ciphers\n1161163 - Response headers added by proxy servers missing in CURLINFO_HEADER_SIZE\n1168137 - curl closes connection after HEAD request fails\n1178692 - CVE-2014-8150 curl: URL request injection vulnerability in parseurlandfillconn()\n1213306 - CVE-2015-3143 curl: re-using authenticated connection when unauthenticated\n1213351 - CVE-2015-3148 curl: Negotiate not treated as connection-oriented\n\n6. Package List:\n\nRed Hat Enterprise Linux Desktop (v. 6):\n\nSource:\ncurl-7.19.7-46.el6.src.rpm\n\ni386:\ncurl-7.19.7-46.el6.i686.rpm\ncurl-debuginfo-7.19.7-46.el6.i686.rpm\nlibcurl-7.19.7-46.el6.i686.rpm\n\nx86_64:\ncurl-7.19.7-46.el6.x86_64.rpm\ncurl-debuginfo-7.19.7-46.el6.i686.rpm\ncurl-debuginfo-7.19.7-46.el6.x86_64.rpm\nlibcurl-7.19.7-46.el6.i686.rpm\nlibcurl-7.19.7-46.el6.x86_64.rpm\n\nRed Hat Enterprise Linux Desktop Optional (v. 6):\n\ni386:\ncurl-debuginfo-7.19.7-46.el6.i686.rpm\nlibcurl-devel-7.19.7-46.el6.i686.rpm\n\nx86_64:\ncurl-debuginfo-7.19.7-46.el6.i686.rpm\ncurl-debuginfo-7.19.7-46.el6.x86_64.rpm\nlibcurl-devel-7.19.7-46.el6.i686.rpm\nlibcurl-devel-7.19.7-46.el6.x86_64.rpm\n\nRed Hat Enterprise Linux HPC Node (v. 6):\n\nSource:\ncurl-7.19.7-46.el6.src.rpm\n\nx86_64:\ncurl-7.19.7-46.el6.x86_64.rpm\ncurl-debuginfo-7.19.7-46.el6.i686.rpm\ncurl-debuginfo-7.19.7-46.el6.x86_64.rpm\nlibcurl-7.19.7-46.el6.i686.rpm\nlibcurl-7.19.7-46.el6.x86_64.rpm\n\nRed Hat Enterprise Linux HPC Node Optional (v. 6):\n\nx86_64:\ncurl-debuginfo-7.19.7-46.el6.i686.rpm\ncurl-debuginfo-7.19.7-46.el6.x86_64.rpm\nlibcurl-devel-7.19.7-46.el6.i686.rpm\nlibcurl-devel-7.19.7-46.el6.x86_64.rpm\n\nRed Hat Enterprise Linux Server (v. 6):\n\nSource:\ncurl-7.19.7-46.el6.src.rpm\n\ni386:\ncurl-7.19.7-46.el6.i686.rpm\ncurl-debuginfo-7.19.7-46.el6.i686.rpm\nlibcurl-7.19.7-46.el6.i686.rpm\nlibcurl-devel-7.19.7-46.el6.i686.rpm\n\nppc64:\ncurl-7.19.7-46.el6.ppc64.rpm\ncurl-debuginfo-7.19.7-46.el6.ppc.rpm\ncurl-debuginfo-7.19.7-46.el6.ppc64.rpm\nlibcurl-7.19.7-46.el6.ppc.rpm\nlibcurl-7.19.7-46.el6.ppc64.rpm\nlibcurl-devel-7.19.7-46.el6.ppc.rpm\nlibcurl-devel-7.19.7-46.el6.ppc64.rpm\n\ns390x:\ncurl-7.19.7-46.el6.s390x.rpm\ncurl-debuginfo-7.19.7-46.el6.s390.rpm\ncurl-debuginfo-7.19.7-46.el6.s390x.rpm\nlibcurl-7.19.7-46.el6.s390.rpm\nlibcurl-7.19.7-46.el6.s390x.rpm\nlibcurl-devel-7.19.7-46.el6.s390.rpm\nlibcurl-devel-7.19.7-46.el6.s390x.rpm\n\nx86_64:\ncurl-7.19.7-46.el6.x86_64.rpm\ncurl-debuginfo-7.19.7-46.el6.i686.rpm\ncurl-debuginfo-7.19.7-46.el6.x86_64.rpm\nlibcurl-7.19.7-46.el6.i686.rpm\nlibcurl-7.19.7-46.el6.x86_64.rpm\nlibcurl-devel-7.19.7-46.el6.i686.rpm\nlibcurl-devel-7.19.7-46.el6.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation (v. 6):\n\nSource:\ncurl-7.19.7-46.el6.src.rpm\n\ni386:\ncurl-7.19.7-46.el6.i686.rpm\ncurl-debuginfo-7.19.7-46.el6.i686.rpm\nlibcurl-7.19.7-46.el6.i686.rpm\nlibcurl-devel-7.19.7-46.el6.i686.rpm\n\nx86_64:\ncurl-7.19.7-46.el6.x86_64.rpm\ncurl-debuginfo-7.19.7-46.el6.i686.rpm\ncurl-debuginfo-7.19.7-46.el6.x86_64.rpm\nlibcurl-7.19.7-46.el6.i686.rpm\nlibcurl-7.19.7-46.el6.x86_64.rpm\nlibcurl-devel-7.19.7-46.el6.i686.rpm\nlibcurl-devel-7.19.7-46.el6.x86_64.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. References:\n\nhttps://access.redhat.com/security/cve/CVE-2014-3613\nhttps://access.redhat.com/security/cve/CVE-2014-3707\nhttps://access.redhat.com/security/cve/CVE-2014-8150\nhttps://access.redhat.com/security/cve/CVE-2015-3143\nhttps://access.redhat.com/security/cve/CVE-2015-3148\nhttps://access.redhat.com/security/updates/classification/#moderate\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2014 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niD8DBQFVrzSJXlSAg2UNWIIRAnEiAJ9xqOogsAzooomZ4VeMgA+gUwEuTwCfTzMn\nemWApg/iYw5vIs3rWoqmU7A=\n=p+Xb\n-----END PGP SIGNATURE-----\n\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n. \n _______________________________________________________________________\n\n References:\n\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3143\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3148\n http://advisories.mageia.org/MGASA-2015-0179.html\n _______________________________________________________________________\n\n Updated Packages:\n\n Mandriva Business Server 1/X86_64:\n fd3f4894f5c5215c29b84d70f2c6ada2 mbs1/x86_64/curl-7.24.0-3.9.mbs1.x86_64.rpm\n a00d0747b4d6ae22475948119a42efc4 mbs1/x86_64/curl-examples-7.24.0-3.9.mbs1.x86_64.rpm\n d5291ae320dd5766e4b981ff66b36e19 mbs1/x86_64/lib64curl4-7.24.0-3.9.mbs1.x86_64.rpm\n 62d5295190433ca4ff7d2cda746d6b16 mbs1/x86_64/lib64curl-devel-7.24.0-3.9.mbs1.x86_64.rpm \n 5bcf6538291f947870a9ccfe62c9ea6d mbs1/SRPMS/curl-7.24.0-3.9.mbs1.src.rpm\n _______________________________________________________________________\n\n To upgrade automatically use MandrivaUpdate or urpmi. The verification\n of md5 checksums and GPG signatures is performed automatically for you. You can obtain the\n GPG public key of the Mandriva Security Team by executing:\n\n gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98\n\n You can view other update advisories for Mandriva Linux at:\n\n http://www.mandriva.com/en/support/security/advisories/\n\n If you want to report vulnerabilities, please contact\n\n security_(at)_mandriva.com\n _______________________________________________________________________\n\n Type Bits/KeyID Date User ID\n pub 1024D/22458A98 2000-07-10 Mandriva Security Team\n \u003csecurity*mandriva.com\u003e\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.12 (GNU/Linux)\n\niD8DBQFVRx8emqjQ0CJFipgRAsfvAJ9Sn2C56m2GSJfYRC+l1x9iUmoePwCeOcgv\nC0vndeaT5lGPwsIYy65q4r4=\n=GbzX\n-----END PGP SIGNATURE-----\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2015-3143"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002484"
},
{
"db": "BID",
"id": "74299"
},
{
"db": "VULHUB",
"id": "VHN-81104"
},
{
"db": "VULMON",
"id": "CVE-2015-3143"
},
{
"db": "PACKETSTORM",
"id": "131699"
},
{
"db": "PACKETSTORM",
"id": "135878"
},
{
"db": "PACKETSTORM",
"id": "134443"
},
{
"db": "PACKETSTORM",
"id": "134138"
},
{
"db": "PACKETSTORM",
"id": "132792"
},
{
"db": "PACKETSTORM",
"id": "131726"
}
],
"trust": 2.61
},
"exploit_availability": {
"_id": null,
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-81104",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-81104"
}
]
},
"external_ids": {
"_id": null,
"data": [
{
"db": "NVD",
"id": "CVE-2015-3143",
"trust": 3.5
},
{
"db": "JUNIPER",
"id": "JSA10743",
"trust": 1.5
},
{
"db": "BID",
"id": "74299",
"trust": 1.5
},
{
"db": "SECTRACK",
"id": "1032232",
"trust": 1.2
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002484",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201504-500",
"trust": 0.7
},
{
"db": "SECUNIA",
"id": "64164",
"trust": 0.6
},
{
"db": "SECUNIA",
"id": "64284",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "131699",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "135878",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "131726",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "134138",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "133700",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "131588",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "131727",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-81104",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2015-3143",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "134443",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "132792",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-81104"
},
{
"db": "VULMON",
"id": "CVE-2015-3143"
},
{
"db": "BID",
"id": "74299"
},
{
"db": "PACKETSTORM",
"id": "131699"
},
{
"db": "PACKETSTORM",
"id": "135878"
},
{
"db": "PACKETSTORM",
"id": "134443"
},
{
"db": "PACKETSTORM",
"id": "134138"
},
{
"db": "PACKETSTORM",
"id": "132792"
},
{
"db": "PACKETSTORM",
"id": "131726"
},
{
"db": "CNNVD",
"id": "CNNVD-201504-500"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002484"
},
{
"db": "NVD",
"id": "CVE-2015-3143"
}
]
},
"id": "VAR-201504-0147",
"iot": {
"_id": null,
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-81104"
}
],
"trust": 0.01
},
"last_update_date": "2026-04-10T23:26:35.745000Z",
"patch": {
"_id": null,
"data": [
{
"title": "APPLE-SA-2015-08-13-2 OS X Yosemite v10.10.5 and Security Update 2015-006",
"trust": 0.8,
"url": "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html"
},
{
"title": "HT205031",
"trust": 0.8,
"url": "https://support.apple.com/en-us/HT205031"
},
{
"title": "HT205031",
"trust": 0.8,
"url": "https://support.apple.com/ja-jp/HT205031"
},
{
"title": "DSA-3232",
"trust": 0.8,
"url": "https://www.debian.org/security/2015/dsa-3232"
},
{
"title": "HPSBHF03544",
"trust": 0.8,
"url": "http://marc.info/?l=bugtraq\u0026m=145612005512270\u0026w=2"
},
{
"title": "HPSBMU03546",
"trust": 0.8,
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05045763"
},
{
"title": "Re-using authenticated connection when unauthenticated",
"trust": 0.8,
"url": "http://curl.haxx.se/docs/adv_20150422A.html"
},
{
"title": "USN-2591-1",
"trust": 0.8,
"url": "http://www.ubuntu.com/usn/USN-2591-1"
},
{
"title": "Red Hat: Moderate: curl security, bug fix, and enhancement update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20152159 - Security Advisory"
},
{
"title": "Red Hat: CVE-2015-3143",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database\u0026qid=CVE-2015-3143"
},
{
"title": "Ubuntu Security Notice: curl vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-2591-1"
},
{
"title": "Debian Security Advisories: DSA-3232-1 curl -- security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=6e7bbc3a8db398caa606cf6110790ac9"
},
{
"title": "Amazon Linux AMI: ALAS-2015-514",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami\u0026qid=ALAS-2015-514"
},
{
"title": "Apple: OS X Yosemite v10.10.5 and Security Update 2015-006",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=apple_security_advisories\u0026qid=9834d0d73bf28fb80d3390930bafd906"
},
{
"title": "Oracle Solaris Third Party Bulletins: Oracle Solaris Third Party Bulletin - January 2016",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_solaris_third_party_bulletins\u0026qid=eb439566c9130adc92d21bc093204cf8"
},
{
"title": "Oracle Linux Bulletins: Oracle Linux Bulletin - October 2015",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_linux_bulletins\u0026qid=435ed9abc2fb1e74ce2a69605a01e326"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2015-3143"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002484"
}
]
},
"problemtype_data": {
"_id": null,
"data": [
{
"problemtype": "CWE-264",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-81104"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002484"
},
{
"db": "NVD",
"id": "CVE-2015-3143"
}
]
},
"references": {
"_id": null,
"data": [
{
"trust": 2.1,
"url": "http://advisories.mageia.org/mgasa-2015-0179.html"
},
{
"trust": 2.1,
"url": "http://curl.haxx.se/docs/adv_20150422a.html"
},
{
"trust": 1.8,
"url": "http://www.debian.org/security/2015/dsa-3232"
},
{
"trust": 1.5,
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html"
},
{
"trust": 1.3,
"url": "http://www.securityfocus.com/bid/74299"
},
{
"trust": 1.3,
"url": "http://rhn.redhat.com/errata/rhsa-2015-1254.html"
},
{
"trust": 1.3,
"url": "http://www.ubuntu.com/usn/usn-2591-1"
},
{
"trust": 1.2,
"url": "http://lists.apple.com/archives/security-announce/2015/aug/msg00001.html"
},
{
"trust": 1.2,
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
},
{
"trust": 1.2,
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c05045763"
},
{
"trust": 1.2,
"url": "https://support.apple.com/kb/ht205031"
},
{
"trust": 1.2,
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-april/155957.html"
},
{
"trust": 1.2,
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-april/156250.html"
},
{
"trust": 1.2,
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-may/157017.html"
},
{
"trust": 1.2,
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-may/157188.html"
},
{
"trust": 1.2,
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-may/156945.html"
},
{
"trust": 1.2,
"url": "https://security.gentoo.org/glsa/201509-02"
},
{
"trust": 1.2,
"url": "http://www.mandriva.com/security/advisories?name=mdvsa-2015:219"
},
{
"trust": 1.2,
"url": "http://www.mandriva.com/security/advisories?name=mdvsa-2015:220"
},
{
"trust": 1.2,
"url": "http://www.securitytracker.com/id/1032232"
},
{
"trust": 1.2,
"url": "http://lists.opensuse.org/opensuse-updates/2015-04/msg00057.html"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=145612005512270\u0026w=2"
},
{
"trust": 1.1,
"url": "http://kb.juniper.net/infocenter/index?page=content\u0026id=jsa10743"
},
{
"trust": 1.0,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-3143"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-3143"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-3148"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-3143"
},
{
"trust": 0.6,
"url": "http://secunia.com/advisories/64164"
},
{
"trust": 0.6,
"url": "http://secunia.com/advisories/64284"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2015-3143"
},
{
"trust": 0.3,
"url": "http://curl.haxx.se/"
},
{
"trust": 0.3,
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1213306"
},
{
"trust": 0.3,
"url": "http://kb.juniper.net/infocenter/index?page=content\u0026id=jsa10743\u0026cat=sirt_1\u0026actp=list"
},
{
"trust": 0.3,
"url": "http://prod.lists.apple.com/archives/security-announce/2015/aug/msg00001.html"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3t1023307"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21957883"
},
{
"trust": 0.3,
"url": "https://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5099196"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21903004"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21966972"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21967789"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-3144"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-3145"
},
{
"trust": 0.2,
"url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-3613"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2014-3707"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-8150"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2014-3613"
},
{
"trust": 0.2,
"url": "https://bugzilla.redhat.com/):"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/team/key/"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-3707"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2015-3148"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/articles/11258"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/team/contact/"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2014-8150"
},
{
"trust": 0.2,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-3148"
},
{
"trust": 0.1,
"url": "http://kb.juniper.net/infocenter/index?page=content\u0026amp;id=jsa10743"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=145612005512270\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/264.html"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2015:2159"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://usn.ubuntu.com/2591-1/"
},
{
"trust": 0.1,
"url": "http://tools.cisco.com/security/center/viewalert.x?alertid=38682"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/curl/7.38.0-3ubuntu2.2"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/curl/7.35.0-1ubuntu2.5"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/curl/7.22.0-3ubuntu4.14"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/curl/7.37.1-1ubuntu3.4"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-3153"
},
{
"trust": 0.1,
"url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_n"
},
{
"trust": 0.1,
"url": "http://www.hpe.com/support/security_bulletin_archive"
},
{
"trust": 0.1,
"url": "http://www.hpe.com/support/subscriber_choice"
},
{
"trust": 0.1,
"url": "https://rhn.redhat.com/errata/rhsa-2015-2159.html"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-3236"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-3237"
},
{
"trust": 0.1,
"url": "http://slackware.com"
},
{
"trust": 0.1,
"url": "http://osuosl.org)"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-3145"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-3236"
},
{
"trust": 0.1,
"url": "http://slackware.com/gpg-key"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-3144"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-3237"
},
{
"trust": 0.1,
"url": "http://www.mandriva.com/en/support/security/"
},
{
"trust": 0.1,
"url": "http://www.mandriva.com/en/support/security/advisories/"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-81104"
},
{
"db": "VULMON",
"id": "CVE-2015-3143"
},
{
"db": "BID",
"id": "74299"
},
{
"db": "PACKETSTORM",
"id": "131699"
},
{
"db": "PACKETSTORM",
"id": "135878"
},
{
"db": "PACKETSTORM",
"id": "134443"
},
{
"db": "PACKETSTORM",
"id": "134138"
},
{
"db": "PACKETSTORM",
"id": "132792"
},
{
"db": "PACKETSTORM",
"id": "131726"
},
{
"db": "CNNVD",
"id": "CNNVD-201504-500"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002484"
},
{
"db": "NVD",
"id": "CVE-2015-3143"
}
]
},
"sources": {
"_id": null,
"data": [
{
"db": "VULHUB",
"id": "VHN-81104",
"ident": null
},
{
"db": "VULMON",
"id": "CVE-2015-3143",
"ident": null
},
{
"db": "BID",
"id": "74299",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "131699",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "135878",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "134443",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "134138",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "132792",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "131726",
"ident": null
},
{
"db": "CNNVD",
"id": "CNNVD-201504-500",
"ident": null
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002484",
"ident": null
},
{
"db": "NVD",
"id": "CVE-2015-3143",
"ident": null
}
]
},
"sources_release_date": {
"_id": null,
"data": [
{
"date": "2015-04-24T00:00:00",
"db": "VULHUB",
"id": "VHN-81104",
"ident": null
},
{
"date": "2015-04-24T00:00:00",
"db": "VULMON",
"id": "CVE-2015-3143",
"ident": null
},
{
"date": "2015-04-22T00:00:00",
"db": "BID",
"id": "74299",
"ident": null
},
{
"date": "2015-04-30T15:48:24",
"db": "PACKETSTORM",
"id": "131699",
"ident": null
},
{
"date": "2016-02-23T05:11:25",
"db": "PACKETSTORM",
"id": "135878",
"ident": null
},
{
"date": "2015-11-20T00:41:15",
"db": "PACKETSTORM",
"id": "134443",
"ident": null
},
{
"date": "2015-10-30T23:23:03",
"db": "PACKETSTORM",
"id": "134138",
"ident": null
},
{
"date": "2015-07-22T17:57:59",
"db": "PACKETSTORM",
"id": "132792",
"ident": null
},
{
"date": "2015-05-04T17:18:17",
"db": "PACKETSTORM",
"id": "131726",
"ident": null
},
{
"date": "2015-04-27T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201504-500",
"ident": null
},
{
"date": "2015-04-28T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-002484",
"ident": null
},
{
"date": "2015-04-24T14:59:08.187000",
"db": "NVD",
"id": "CVE-2015-3143",
"ident": null
}
]
},
"sources_update_date": {
"_id": null,
"data": [
{
"date": "2018-01-05T00:00:00",
"db": "VULHUB",
"id": "VHN-81104",
"ident": null
},
{
"date": "2018-01-05T00:00:00",
"db": "VULMON",
"id": "CVE-2015-3143",
"ident": null
},
{
"date": "2016-07-06T14:27:00",
"db": "BID",
"id": "74299",
"ident": null
},
{
"date": "2015-04-27T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201504-500",
"ident": null
},
{
"date": "2016-09-08T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-002484",
"ident": null
},
{
"date": "2025-04-12T10:46:40.837000",
"db": "NVD",
"id": "CVE-2015-3143",
"ident": null
}
]
},
"threat_type": {
"_id": null,
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201504-500"
}
],
"trust": 0.6
},
"title": {
"_id": null,
"data": "cURL and libcurl Vulnerabilities connected as other users",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-002484"
}
],
"trust": 0.8
},
"type": {
"_id": null,
"data": "permissions and access control",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201504-500"
}
],
"trust": 0.6
}
}
VAR-201006-1232
Vulnerability from variot - Updated: 2026-04-10 23:25Multiple integer overflows in the Fax3SetupState function in tif_fax3.c in the FAX3 decoder in LibTIFF before 3.9.3, as used in ImageIO in Apple Mac OS X 10.5.8 and Mac OS X 10.6 before 10.6.4, allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted TIFF file that triggers a heap-based buffer overflow. LibTIFF is prone to a remote integer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied data. An attacker can exploit this issue to execute arbitrary malicious code in the context of a user running an application that uses the affected library. Failed exploit attempts will likely crash the application. LibTIFF versions prior to 3.9.3 are vulnerable. Apple Mac OS X is the operating system used by Apple family computers, and Font Book is a font management tool included in Mac OS X.
For the stable distribution (lenny), this problem has been fixed in version 3.8.2-11.3.
For the unstable distribution (sid), this problem has been fixed in version 3.9.4-1.
We recommend that you upgrade your tiff packages.
Upgrade instructions
wget url will fetch the file for you dpkg -i file.deb will install the referenced file.
If you are using the apt-get package manager, use the line for sources.list as given below:
apt-get update will update the internal database apt-get upgrade will install corrected packages
You may use an automated update by adding the resources from the footer to the proper configuration.
Debian GNU/Linux 5.0 alias lenny
Stable updates are available for alpha, amd64, arm, armel, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.
Source archives:
http://security.debian.org/pool/updates/main/t/tiff/tiff_3.8.2-11.3.tar.gz Size/MD5 checksum: 1376361 bfbc775f3ea2d698f6c4e57a66a6bc62 http://security.debian.org/pool/updates/main/t/tiff/tiff_3.8.2-11.3.dsc Size/MD5 checksum: 965 289fde796cd4d75c185fd380e4ef2611
Architecture independent packages:
http://security.debian.org/pool/updates/main/t/tiff/libtiff-doc_3.8.2-11.3_all.deb Size/MD5 checksum: 368936 4fa6c87469e6d2a4ab8b9b609e1cd2b0
alpha architecture (DEC Alpha)
http://security.debian.org/pool/updates/main/t/tiff/libtiff4_3.8.2-11.3_alpha.deb Size/MD5 checksum: 184038 718aa158afb8b08924079e4c8990f303 http://security.debian.org/pool/updates/main/t/tiff/libtiff4-dev_3.8.2-11.3_alpha.deb Size/MD5 checksum: 339202 b4d67d4e554d4e681e54a9951bc6ab88 http://security.debian.org/pool/updates/main/t/tiff/libtiffxx0c2_3.8.2-11.3_alpha.deb Size/MD5 checksum: 49078 2c6b9d3ee81d1f1ea306d395b51c1731 http://security.debian.org/pool/updates/main/t/tiff/libtiff-opengl_3.8.2-11.3_alpha.deb Size/MD5 checksum: 55100 ef3532a300357164438524ca256853fb http://security.debian.org/pool/updates/main/t/tiff/libtiff-tools_3.8.2-11.3_alpha.deb Size/MD5 checksum: 253438 6e72c7d573238d09bdc43a20472b2b29
amd64 architecture (AMD x86_64 (AMD64))
http://security.debian.org/pool/updates/main/t/tiff/libtiff-tools_3.8.2-11.3_amd64.deb Size/MD5 checksum: 230540 93a89276bd4fe5be5a9d50b040002a70 http://security.debian.org/pool/updates/main/t/tiff/libtiff4_3.8.2-11.3_amd64.deb Size/MD5 checksum: 169962 037d13ec48515773798dfc51af404eef http://security.debian.org/pool/updates/main/t/tiff/libtiff-opengl_3.8.2-11.3_amd64.deb Size/MD5 checksum: 54210 d4e1911e9e5f07980e0d71bde8bfc732 http://security.debian.org/pool/updates/main/t/tiff/libtiffxx0c2_3.8.2-11.3_amd64.deb Size/MD5 checksum: 48846 334988c78cfc87a6a3f9f9a18254f450 http://security.debian.org/pool/updates/main/t/tiff/libtiff4-dev_3.8.2-11.3_amd64.deb Size/MD5 checksum: 293176 4aa38a5f29db663094e6af1039b5a32b
armel architecture (ARM EABI)
http://security.debian.org/pool/updates/main/t/tiff/libtiff4_3.8.2-11.3_armel.deb Size/MD5 checksum: 162044 2b4e8648f64119e0ab8e8ab6246270a9 http://security.debian.org/pool/updates/main/t/tiff/libtiff-tools_3.8.2-11.3_armel.deb Size/MD5 checksum: 234150 7481d9317f18ce662f3b8997ce924df8 http://security.debian.org/pool/updates/main/t/tiff/libtiff-opengl_3.8.2-11.3_armel.deb Size/MD5 checksum: 55996 26fbcbaccac9a1ee56b681699ff035e3 http://security.debian.org/pool/updates/main/t/tiff/libtiffxx0c2_3.8.2-11.3_armel.deb Size/MD5 checksum: 48532 30d10222b5e240af5823a2a1cf1b1e26 http://security.debian.org/pool/updates/main/t/tiff/libtiff4-dev_3.8.2-11.3_armel.deb Size/MD5 checksum: 278612 97026ca2288156a7c08057afedede29e
hppa architecture (HP PA RISC)
http://security.debian.org/pool/updates/main/t/tiff/libtiff4-dev_3.8.2-11.3_hppa.deb Size/MD5 checksum: 309128 bf85956e72869e294f893c3f27b6ad37 http://security.debian.org/pool/updates/main/t/tiff/libtiff4_3.8.2-11.3_hppa.deb Size/MD5 checksum: 176834 e0f39c8995ba2d40ae444257bf9b5943 http://security.debian.org/pool/updates/main/t/tiff/libtiffxx0c2_3.8.2-11.3_hppa.deb Size/MD5 checksum: 49746 04935c2e72b8696ccfcd1c303fb83327 http://security.debian.org/pool/updates/main/t/tiff/libtiff-opengl_3.8.2-11.3_hppa.deb Size/MD5 checksum: 54552 d4af13d4eb9022e20ce2312d951ba34b http://security.debian.org/pool/updates/main/t/tiff/libtiff-tools_3.8.2-11.3_hppa.deb Size/MD5 checksum: 241610 97b8a14e8b2cc24197e2b82d01f51775
i386 architecture (Intel ia32)
http://security.debian.org/pool/updates/main/t/tiff/libtiff4-dev_3.8.2-11.3_i386.deb Size/MD5 checksum: 275666 b8fb9e1f47d1e29ba82e9ab9c2c5695e http://security.debian.org/pool/updates/main/t/tiff/libtiffxx0c2_3.8.2-11.3_i386.deb Size/MD5 checksum: 48830 734c77873fd7f566e2473470b1db31aa http://security.debian.org/pool/updates/main/t/tiff/libtiff4_3.8.2-11.3_i386.deb Size/MD5 checksum: 161636 665df63c672569d63281727a7ac499b0 http://security.debian.org/pool/updates/main/t/tiff/libtiff-opengl_3.8.2-11.3_i386.deb Size/MD5 checksum: 53632 5d75e0f199918c8c250b0a48d4b2fd4f http://security.debian.org/pool/updates/main/t/tiff/libtiff-tools_3.8.2-11.3_i386.deb Size/MD5 checksum: 219164 b3b8468f9a518093440b74fc573a6ee1
ia64 architecture (Intel ia64)
http://security.debian.org/pool/updates/main/t/tiff/libtiff4-dev_3.8.2-11.3_ia64.deb Size/MD5 checksum: 368628 57e577e4e2a590f89b96204598e14d04 http://security.debian.org/pool/updates/main/t/tiff/libtiff-opengl_3.8.2-11.3_ia64.deb Size/MD5 checksum: 56790 4072f1d33f13b2bd419cdd984947a4ce http://security.debian.org/pool/updates/main/t/tiff/libtiffxx0c2_3.8.2-11.3_ia64.deb Size/MD5 checksum: 50600 fd59fabeaae51f1b5cf6a675abd2733e http://security.debian.org/pool/updates/main/t/tiff/libtiff4_3.8.2-11.3_ia64.deb Size/MD5 checksum: 230320 54f9d6a2004efac771cdf2856c238032 http://security.debian.org/pool/updates/main/t/tiff/libtiff-tools_3.8.2-11.3_ia64.deb Size/MD5 checksum: 294884 e6b5df4ea911fc1cc788b8ec7302180a
mips architecture (MIPS (Big Endian))
http://security.debian.org/pool/updates/main/t/tiff/libtiff-tools_3.8.2-11.3_mips.deb Size/MD5 checksum: 228404 3980fe301b7f21ef4a651d970791deb4 http://security.debian.org/pool/updates/main/t/tiff/libtiff-opengl_3.8.2-11.3_mips.deb Size/MD5 checksum: 54648 c1e21d56c6c3caca4fa5cd3088e0131e http://security.debian.org/pool/updates/main/t/tiff/libtiff4_3.8.2-11.3_mips.deb Size/MD5 checksum: 164076 5d3ebd670bb207890c8b01446d9b5286 http://security.debian.org/pool/updates/main/t/tiff/libtiffxx0c2_3.8.2-11.3_mips.deb Size/MD5 checksum: 49246 6b55de1c9cc0588311d490393588fef8 http://security.debian.org/pool/updates/main/t/tiff/libtiff4-dev_3.8.2-11.3_mips.deb Size/MD5 checksum: 308736 ff1fd350e5516cd2b01fdf63e7038571
mipsel architecture (MIPS (Little Endian))
http://security.debian.org/pool/updates/main/t/tiff/libtiff-opengl_3.8.2-11.3_mipsel.deb Size/MD5 checksum: 54422 561140c51e40c2c87d7c38e47ec1ce0f http://security.debian.org/pool/updates/main/t/tiff/libtiffxx0c2_3.8.2-11.3_mipsel.deb Size/MD5 checksum: 49108 0eed63837509815d380a8ede4617a2c0 http://security.debian.org/pool/updates/main/t/tiff/libtiff4-dev_3.8.2-11.3_mipsel.deb Size/MD5 checksum: 307868 f0b97d0b90054a568241766cd5e8ac0e http://security.debian.org/pool/updates/main/t/tiff/libtiff4_3.8.2-11.3_mipsel.deb Size/MD5 checksum: 164694 69ae3b75909d3fbcf4a748a3f17c4a2e http://security.debian.org/pool/updates/main/t/tiff/libtiff-tools_3.8.2-11.3_mipsel.deb Size/MD5 checksum: 228910 75d5940ed31a0a78f7a5a07cca1c90b9
powerpc architecture (PowerPC)
http://security.debian.org/pool/updates/main/t/tiff/libtiff4-dev_3.8.2-11.3_powerpc.deb Size/MD5 checksum: 299072 cf872d693b7d6d04caab6395c807a49d http://security.debian.org/pool/updates/main/t/tiff/libtiffxx0c2_3.8.2-11.3_powerpc.deb Size/MD5 checksum: 51290 4b3b6043a320e3b0efede959db2c993f http://security.debian.org/pool/updates/main/t/tiff/libtiff4_3.8.2-11.3_powerpc.deb Size/MD5 checksum: 173516 7fb5e356c35b8161dea064a927f8f524 http://security.debian.org/pool/updates/main/t/tiff/libtiff-tools_3.8.2-11.3_powerpc.deb Size/MD5 checksum: 270346 ff150ce3bea37067983a7ea8bdc8ce4f http://security.debian.org/pool/updates/main/t/tiff/libtiff-opengl_3.8.2-11.3_powerpc.deb Size/MD5 checksum: 57156 d57b33ff85a8c4775c519bf6868e5dda
s390 architecture (IBM S/390)
http://security.debian.org/pool/updates/main/t/tiff/libtiffxx0c2_3.8.2-11.3_s390.deb Size/MD5 checksum: 49846 f0d66694ef6247958c18b753690d6cf6 http://security.debian.org/pool/updates/main/t/tiff/libtiff4-dev_3.8.2-11.3_s390.deb Size/MD5 checksum: 293844 3f30774b20aada6f011ffeaaf0913ce9 http://security.debian.org/pool/updates/main/t/tiff/libtiff4_3.8.2-11.3_s390.deb Size/MD5 checksum: 177474 884dc57fdc438a4a735e123911bcb8dd http://security.debian.org/pool/updates/main/t/tiff/libtiff-tools_3.8.2-11.3_s390.deb Size/MD5 checksum: 231424 620b24d7eafbb4851b1fd43c96a4445c http://security.debian.org/pool/updates/main/t/tiff/libtiff-opengl_3.8.2-11.3_s390.deb Size/MD5 checksum: 55402 35f4548f8da35b1e25de3bc650fe65c4
sparc architecture (Sun SPARC/UltraSPARC)
http://security.debian.org/pool/updates/main/t/tiff/libtiff4-dev_3.8.2-11.3_sparc.deb Size/MD5 checksum: 280198 63347485f32c91c6b449ec33041cf343 http://security.debian.org/pool/updates/main/t/tiff/libtiff-opengl_3.8.2-11.3_sparc.deb Size/MD5 checksum: 55224 e64c5173ddd48b8a80f37a8a92a4b8ef http://security.debian.org/pool/updates/main/t/tiff/libtiff4_3.8.2-11.3_sparc.deb Size/MD5 checksum: 160138 a01d761068e08a849cf0aba5f8bf8115 http://security.debian.org/pool/updates/main/t/tiff/libtiffxx0c2_3.8.2-11.3_sparc.deb Size/MD5 checksum: 49380 07dfbcef878e3d014e55bf7c070f722b http://security.debian.org/pool/updates/main/t/tiff/libtiff-tools_3.8.2-11.3_sparc.deb Size/MD5 checksum: 224292 c31548079cc7b5aec519f66411cd0eeb
These files will probably be moved into the stable distribution on its next update.
Packages for 2008.0 and 2009.0 are provided as of the Extended Maintenance Program. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201209-02
http://security.gentoo.org/
Severity: Normal Title: libTIFF: Multiple vulnerabilities Date: September 23, 2012 Bugs: #307001, #324885, #357271, #359871, #371308, #410931, #422673, #427166 ID: 201209-02
Synopsis
Multiple vulnerabilities in libTIFF could result in execution of arbitrary code or Denial of Service.
Background
libTIFF provides support for reading and manipulating TIFF (Tagged Image File Format) images.
Affected packages
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 media-libs/tiff < 4.0.2-r1 *>= 3.9.5-r2 >= 4.0.2-r1
Description
Multiple vulnerabilities have been discovered in libTIFF. Please review the CVE identifiers referenced below for details.
Workaround
There is no known workaround at this time.
Resolution
All libTIFF 4.0 users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=media-libs/tiff-4.0.2-r1"
All libTIFF 3.9 users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=media-libs/tiff-3.9.5-r2"
References
[ 1 ] CVE-2009-2347 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2347 [ 2 ] CVE-2009-5022 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-5022 [ 3 ] CVE-2010-1411 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1411 [ 4 ] CVE-2010-2065 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2065 [ 5 ] CVE-2010-2067 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2067 [ 6 ] CVE-2010-2233 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2233 [ 7 ] CVE-2010-2443 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2443 [ 8 ] CVE-2010-2481 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2481 [ 9 ] CVE-2010-2482 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2482 [ 10 ] CVE-2010-2483 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2483 [ 11 ] CVE-2010-2595 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2595 [ 12 ] CVE-2010-2596 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2596 [ 13 ] CVE-2010-2597 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2597 [ 14 ] CVE-2010-2630 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2630 [ 15 ] CVE-2010-2631 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2631 [ 16 ] CVE-2010-3087 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3087 [ 17 ] CVE-2010-4665 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4665 [ 18 ] CVE-2011-0192 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0192 [ 19 ] CVE-2011-0192 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0192 [ 20 ] CVE-2011-1167 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-1167 [ 21 ] CVE-2011-1167 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-1167 [ 22 ] CVE-2012-1173 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1173 [ 23 ] CVE-2012-2088 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2088 [ 24 ] CVE-2012-2113 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2113 [ 25 ] CVE-2012-3401 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3401
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201209-02.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2012 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5 . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Mandriva Linux Security Advisory MDVSA-2010:146 http://www.mandriva.com/security/
Package : libtiff Date : August 6, 2010 Affected: 2010.0, 2010.1
Problem Description:
Multiple vulnerabilities has been discovered and corrected in libtiff:
The TIFFYCbCrtoRGB function in LibTIFF 3.9.0 and 3.9.2, as used in ImageMagick, does not properly handle invalid ReferenceBlackWhite values, which allows remote attackers to cause a denial of service (application crash) via a crafted TIFF image that triggers an array index error, related to downsampled OJPEG input. (CVE-2010-2233).
The updated packages have been patched to correct these issues.
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2595 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1411 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2065 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2483 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2597 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2481 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2067 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2233 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2482
Updated Packages:
Mandriva Linux 2010.0: ceb7febb41b948977f6196b5bf31d538 2010.0/i586/libtiff3-3.9.1-4.1mdv2010.0.i586.rpm d38ee02dca1666e8d8f7c628e9debcbe 2010.0/i586/libtiff-devel-3.9.1-4.1mdv2010.0.i586.rpm e022bf3d3badddd3c480b4143a8cc2ec 2010.0/i586/libtiff-progs-3.9.1-4.1mdv2010.0.i586.rpm 6f18f9ce3d9582ea3f6f9ddd7b1680d8 2010.0/i586/libtiff-static-devel-3.9.1-4.1mdv2010.0.i586.rpm 69aa854e6935c2d111e44e84225f6f69 2010.0/SRPMS/libtiff-3.9.1-4.1mdv2010.0.src.rpm
Mandriva Linux 2010.0/X86_64: 3965284cc51603cfdc0d9420104b8fd3 2010.0/x86_64/lib64tiff3-3.9.1-4.1mdv2010.0.x86_64.rpm 2768094532f4d1941ef66bae6da6ea15 2010.0/x86_64/lib64tiff-devel-3.9.1-4.1mdv2010.0.x86_64.rpm 2e08c6517abcf34dab75040fbee15212 2010.0/x86_64/lib64tiff-static-devel-3.9.1-4.1mdv2010.0.x86_64.rpm 3c81e78d3c389abcc370add6af857d12 2010.0/x86_64/libtiff-progs-3.9.1-4.1mdv2010.0.x86_64.rpm 69aa854e6935c2d111e44e84225f6f69 2010.0/SRPMS/libtiff-3.9.1-4.1mdv2010.0.src.rpm
Mandriva Linux 2010.1: 0ddf3e069a91387a7d85ad5aacd1dd81 2010.1/i586/libtiff3-3.9.2-2.1mdv2010.1.i586.rpm 53d5d64cb3bb34a78d52776d42e0ed16 2010.1/i586/libtiff-devel-3.9.2-2.1mdv2010.1.i586.rpm e549b78e6658cb9a408454bf698e2ead 2010.1/i586/libtiff-progs-3.9.2-2.1mdv2010.1.i586.rpm 821179322f86ba6dcc96dd6afc48fd0f 2010.1/i586/libtiff-static-devel-3.9.2-2.1mdv2010.1.i586.rpm 31563b8124d1953b9c8849e0a63f5422 2010.1/SRPMS/libtiff-3.9.2-2.1mdv2010.1.src.rpm
Mandriva Linux 2010.1/X86_64: e858e4c72c5191395d4db7f994ffd7c4 2010.1/x86_64/lib64tiff3-3.9.2-2.1mdv2010.1.x86_64.rpm 6bdce5697bc818f57cb56d22ce989b30 2010.1/x86_64/lib64tiff-devel-3.9.2-2.1mdv2010.1.x86_64.rpm daaf9562d71e8076e87578f25b8dbebe 2010.1/x86_64/lib64tiff-static-devel-3.9.2-2.1mdv2010.1.x86_64.rpm 36d9eef4dd2739944f05fe7edd4e76f8 2010.1/x86_64/libtiff-progs-3.9.2-2.1mdv2010.1.x86_64.rpm 31563b8124d1953b9c8849e0a63f5422 2010.1/SRPMS/libtiff-3.9.2-2.1mdv2010.1.src.rpm
To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandriva Linux at:
http://www.mandriva.com/security/advisories
If you want to report vulnerabilities, please contact
security_(at)_mandriva.com
Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux)
iD8DBQFMXDLBmqjQ0CJFipgRAsxuAJ9WAKaIXwvgmXJzs8W+fgn2/2+E/gCg9RT9 1DtIJJ4PJJj+9xrl7Yhsyw8= =Ov4p -----END PGP SIGNATURE-----
Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ . =========================================================== Ubuntu Security Notice USN-954-1 June 21, 2010 tiff vulnerabilities CVE-2010-1411, CVE-2010-2065, CVE-2010-2067 ===========================================================
A security issue affects the following Ubuntu releases:
Ubuntu 6.06 LTS Ubuntu 8.04 LTS Ubuntu 9.04 Ubuntu 9.10 Ubuntu 10.04 LTS
This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu.
The problem can be corrected by upgrading your system to the following package versions:
Ubuntu 6.06 LTS: libtiff4 3.7.4-1ubuntu3.8
Ubuntu 8.04 LTS: libtiff4 3.8.2-7ubuntu3.6
Ubuntu 9.04: libtiff4 3.8.2-11ubuntu0.9.04.6
Ubuntu 9.10: libtiff4 3.8.2-13ubuntu0.3
Ubuntu 10.04 LTS: libtiff4 3.9.2-2ubuntu0.3
After a standard system update you need to restart your session to make all the necessary changes.
Details follow:
Kevin Finisterre discovered that the TIFF library did not correctly handle certain image structures. (CVE-2010-1411)
Dan Rosenberg and Sauli Pahlman discovered multiple flaws in the TIFF library. (Only Ubuntu 10.04 LTS was affected.) (CVE-2010-2065, CVE-2010-2067)
Updated packages for Ubuntu 6.06 LTS:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/t/tiff/tiff_3.7.4-1ubuntu3.8.diff.gz
Size/MD5: 23040 b840c801a3d7fc4d0a1053d6fabbe707
http://security.ubuntu.com/ubuntu/pool/main/t/tiff/tiff_3.7.4-1ubuntu3.8.dsc
Size/MD5: 803 d68889478f2962e9b31033bebc892e89
http://security.ubuntu.com/ubuntu/pool/main/t/tiff/tiff_3.7.4.orig.tar.gz
Size/MD5: 1280113 02cf5c3820bda83b35bb35b45ae27005
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff-tools_3.7.4-1ubuntu3.8_amd64.deb
Size/MD5: 221050 4d3f5ef363350aa5ade8af964f8cb3ab
http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4-dev_3.7.4-1ubuntu3.8_amd64.deb
Size/MD5: 282864 3ab150b16046d29337ba739f09ffee98
http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4_3.7.4-1ubuntu3.8_amd64.deb
Size/MD5: 476068 717cb178af7ec2759268c50fd9257300
http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiffxx0c2_3.7.4-1ubuntu3.8_amd64.deb
Size/MD5: 44808 e94b7ae7d8c4ed4125db7276f84df640
http://security.ubuntu.com/ubuntu/pool/universe/t/tiff/libtiff-opengl_3.7.4-1ubuntu3.8_amd64.deb
Size/MD5: 49990 ad2f88b3d31e6ce02cc727f834f67fa6
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff-tools_3.7.4-1ubuntu3.8_i386.deb
Size/MD5: 206022 713177b3875929efae2c3ff8089067a4
http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4-dev_3.7.4-1ubuntu3.8_i386.deb
Size/MD5: 259564 da2b2a54a49072deb1099928d4d21e4f
http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4_3.7.4-1ubuntu3.8_i386.deb
Size/MD5: 462376 7672d9dab7dfb1c1f80465aedb91c68e
http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiffxx0c2_3.7.4-1ubuntu3.8_i386.deb
Size/MD5: 44808 6b927f6f57aa78861af48514ddac5918
http://security.ubuntu.com/ubuntu/pool/universe/t/tiff/libtiff-opengl_3.7.4-1ubuntu3.8_i386.deb
Size/MD5: 49330 5206a97516a0b6f76e423c2f90b8cfee
powerpc architecture (Apple Macintosh G3/G4/G5):
http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff-tools_3.7.4-1ubuntu3.8_powerpc.deb
Size/MD5: 239948 68f3cdaac63717128344589f976ae975
http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4-dev_3.7.4-1ubuntu3.8_powerpc.deb
Size/MD5: 288748 96e81fafcef3b4245c80ced08cc5752a
http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4_3.7.4-1ubuntu3.8_powerpc.deb
Size/MD5: 476678 9ee3902c1570f7b9cb458e6ed844abb1
http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiffxx0c2_3.7.4-1ubuntu3.8_powerpc.deb
Size/MD5: 47040 399804bdbcfbd3d38b976957ffec738b
http://security.ubuntu.com/ubuntu/pool/universe/t/tiff/libtiff-opengl_3.7.4-1ubuntu3.8_powerpc.deb
Size/MD5: 51672 ba92c41d9105bb80729ff263f7955e63
sparc architecture (Sun SPARC/UltraSPARC):
http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff-tools_3.7.4-1ubuntu3.8_sparc.deb
Size/MD5: 208940 c67ceaa5d1c09987d580c438874c17f6
http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4-dev_3.7.4-1ubuntu3.8_sparc.deb
Size/MD5: 270628 7df1a1ad75e42a84af970eab83163089
http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4_3.7.4-1ubuntu3.8_sparc.deb
Size/MD5: 467240 2b85c23af3d8b6c9a82e65736949c131
http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiffxx0c2_3.7.4-1ubuntu3.8_sparc.deb
Size/MD5: 44742 e69373d50bf9c942cbf6d8825bca352b
http://security.ubuntu.com/ubuntu/pool/universe/t/tiff/libtiff-opengl_3.7.4-1ubuntu3.8_sparc.deb
Size/MD5: 49878 e8d0bef67675fdb392e77625f435d219
Updated packages for Ubuntu 8.04 LTS:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/t/tiff/tiff_3.8.2-7ubuntu3.6.diff.gz
Size/MD5: 21457 7abcb4908ccce79993653514228664a7
http://security.ubuntu.com/ubuntu/pool/main/t/tiff/tiff_3.8.2-7ubuntu3.6.dsc
Size/MD5: 899 0a7f751ae5fd3a5cb4dbbef7ab8beba1
http://security.ubuntu.com/ubuntu/pool/main/t/tiff/tiff_3.8.2.orig.tar.gz
Size/MD5: 1333780 e6ec4ab957ef49d5aabc38b7a376910b
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff-tools_3.8.2-7ubuntu3.6_amd64.deb
Size/MD5: 186468 23fd6541a3233e1bb4cda603aaa78284
http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4-dev_3.8.2-7ubuntu3.6_amd64.deb
Size/MD5: 571232 95be000d64194a48d01273015edde173
http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4_3.8.2-7ubuntu3.6_amd64.deb
Size/MD5: 131246 c272d2494f48d401a6390ef591770e2a
http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiffxx0c2_3.8.2-7ubuntu3.6_amd64.deb
Size/MD5: 5074 aab0bfd607ea51554611263913f5de9a
http://security.ubuntu.com/ubuntu/pool/universe/t/tiff/libtiff-opengl_3.8.2-7ubuntu3.6_amd64.deb
Size/MD5: 10498 6ca030143c795181a60c4839614ab325
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff-tools_3.8.2-7ubuntu3.6_i386.deb
Size/MD5: 175322 65ce19d8e649dd9213fdd45dfa10c090
http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4-dev_3.8.2-7ubuntu3.6_i386.deb
Size/MD5: 552732 64759cd5ab6f5f9b4afbc32dbbff901d
http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4_3.8.2-7ubuntu3.6_i386.deb
Size/MD5: 123000 f58e75e4d5e334b476fd100ba33edf72
http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiffxx0c2_3.8.2-7ubuntu3.6_i386.deb
Size/MD5: 5042 586e14ed6fef1ce1eda11624b297f97f
http://security.ubuntu.com/ubuntu/pool/universe/t/tiff/libtiff-opengl_3.8.2-7ubuntu3.6_i386.deb
Size/MD5: 9940 65217cbdc3ed7c176ab115834d34030e
lpia architecture (Low Power Intel Architecture):
http://ports.ubuntu.com/pool/main/t/tiff/libtiff-tools_3.8.2-7ubuntu3.6_lpia.deb
Size/MD5: 177018 da50f84cda9ef32d65a5f28ac7e04d8c
http://ports.ubuntu.com/pool/main/t/tiff/libtiff4-dev_3.8.2-7ubuntu3.6_lpia.deb
Size/MD5: 555182 e7e9c90796c183e66bf34d72837e49c3
http://ports.ubuntu.com/pool/main/t/tiff/libtiff4_3.8.2-7ubuntu3.6_lpia.deb
Size/MD5: 124212 e8439778d4c95a5ad750b9d69a6eb309
http://ports.ubuntu.com/pool/main/t/tiff/libtiffxx0c2_3.8.2-7ubuntu3.6_lpia.deb
Size/MD5: 4916 09d01db63f70bd66c3a92720ad888281
http://ports.ubuntu.com/pool/universe/t/tiff/libtiff-opengl_3.8.2-7ubuntu3.6_lpia.deb
Size/MD5: 9980 4bd91c80378208cd35678ead71081ab6
powerpc architecture (Apple Macintosh G3/G4/G5):
http://ports.ubuntu.com/pool/main/t/tiff/libtiff-tools_3.8.2-7ubuntu3.6_powerpc.deb
Size/MD5: 223478 71bdc0445e1e63b91ecd6d5cdb3d362c
http://ports.ubuntu.com/pool/main/t/tiff/libtiff4-dev_3.8.2-7ubuntu3.6_powerpc.deb
Size/MD5: 577308 c893f853e3d834379fe34e6d98541500
http://ports.ubuntu.com/pool/main/t/tiff/libtiff4_3.8.2-7ubuntu3.6_powerpc.deb
Size/MD5: 134610 5ca1d77cac23b098008d3079e3d462a4
http://ports.ubuntu.com/pool/main/t/tiff/libtiffxx0c2_3.8.2-7ubuntu3.6_powerpc.deb
Size/MD5: 7510 d920d8082d30de0499af5038556fbaa7
http://ports.ubuntu.com/pool/universe/t/tiff/libtiff-opengl_3.8.2-7ubuntu3.6_powerpc.deb
Size/MD5: 13286 2cf13645039e3ef9ae085f33b709ec60
sparc architecture (Sun SPARC/UltraSPARC):
http://ports.ubuntu.com/pool/main/t/tiff/libtiff-tools_3.8.2-7ubuntu3.6_sparc.deb
Size/MD5: 178868 16fd5d7a68d5c119f1cfcfbc7d0f720b
http://ports.ubuntu.com/pool/main/t/tiff/libtiff4-dev_3.8.2-7ubuntu3.6_sparc.deb
Size/MD5: 558590 cef1b1501e6b71beb717da7f110a9829
http://ports.ubuntu.com/pool/main/t/tiff/libtiff4_3.8.2-7ubuntu3.6_sparc.deb
Size/MD5: 122704 1f07fe414230660e0608a4753f5fa456
http://ports.ubuntu.com/pool/main/t/tiff/libtiffxx0c2_3.8.2-7ubuntu3.6_sparc.deb
Size/MD5: 4804 836d935afee73d163417e77eae1b5eba
http://ports.ubuntu.com/pool/universe/t/tiff/libtiff-opengl_3.8.2-7ubuntu3.6_sparc.deb
Size/MD5: 10700 0ff671fb6a490f6bbf318bc566b9b68e
Updated packages for Ubuntu 9.04:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/t/tiff/tiff_3.8.2-11ubuntu0.9.04.6.diff.gz
Size/MD5: 41278 b5e24df5393ac8d3f0c4ea3f065ae4b3
http://security.ubuntu.com/ubuntu/pool/main/t/tiff/tiff_3.8.2-11ubuntu0.9.04.6.dsc
Size/MD5: 1367 fd03c6190254db93870f7ccd575272d1
http://security.ubuntu.com/ubuntu/pool/main/t/tiff/tiff_3.8.2.orig.tar.gz
Size/MD5: 1333780 e6ec4ab957ef49d5aabc38b7a376910b
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff-doc_3.8.2-11ubuntu0.9.04.6_all.deb
Size/MD5: 334870 026f8704147696147176f69e92682c28
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff-tools_3.8.2-11ubuntu0.9.04.6_amd64.deb
Size/MD5: 191638 c93bc89ad72f5c63476d9fe3ecf5ca0d
http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4-dev_3.8.2-11ubuntu0.9.04.6_amd64.deb
Size/MD5: 250894 d997f30871a19214988da6cd251328b9
http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4_3.8.2-11ubuntu0.9.04.6_amd64.deb
Size/MD5: 134574 80146acc32c9391baf2ce1c3a8e519c8
http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiffxx0c2_3.8.2-11ubuntu0.9.04.6_amd64.deb
Size/MD5: 6284 bd1c39ad7746d911e30871c8939d3988
http://security.ubuntu.com/ubuntu/pool/universe/t/tiff/libtiff-opengl_3.8.2-11ubuntu0.9.04.6_amd64.deb
Size/MD5: 11902 d12ea8aabdc9a7e67d998115c49e902f
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff-tools_3.8.2-11ubuntu0.9.04.6_i386.deb
Size/MD5: 176254 38eef2617f8e1fc8b8fbfce314e0d3e9
http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4-dev_3.8.2-11ubuntu0.9.04.6_i386.deb
Size/MD5: 233732 1d104561bc6950d1b7cadbab771f353c
http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4_3.8.2-11ubuntu0.9.04.6_i386.deb
Size/MD5: 126548 22359cfdca9c56ff2fb01853315f2639
http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiffxx0c2_3.8.2-11ubuntu0.9.04.6_i386.deb
Size/MD5: 6274 de4dccef0ce17f4a698aba609b33e73c
http://security.ubuntu.com/ubuntu/pool/universe/t/tiff/libtiff-opengl_3.8.2-11ubuntu0.9.04.6_i386.deb
Size/MD5: 11244 2297033448604abce36ceed918685799
lpia architecture (Low Power Intel Architecture):
http://ports.ubuntu.com/pool/main/t/tiff/libtiff-tools_3.8.2-11ubuntu0.9.04.6_lpia.deb
Size/MD5: 178544 7895fa9f7ed7e6310953384cf14b44ac
http://ports.ubuntu.com/pool/main/t/tiff/libtiff4-dev_3.8.2-11ubuntu0.9.04.6_lpia.deb
Size/MD5: 236174 a49ffa36dcd626470f6406945f2a9b07
http://ports.ubuntu.com/pool/main/t/tiff/libtiff4_3.8.2-11ubuntu0.9.04.6_lpia.deb
Size/MD5: 128182 c15737bbdb79e4ad6747ff1122c9010a
http://ports.ubuntu.com/pool/main/t/tiff/libtiffxx0c2_3.8.2-11ubuntu0.9.04.6_lpia.deb
Size/MD5: 6132 6c41518edbf30a79fa5c619da6345a2c
http://ports.ubuntu.com/pool/universe/t/tiff/libtiff-opengl_3.8.2-11ubuntu0.9.04.6_lpia.deb
Size/MD5: 11280 45e30b64c92200cc30ff35c076734f7c
powerpc architecture (Apple Macintosh G3/G4/G5):
http://ports.ubuntu.com/pool/main/t/tiff/libtiff-tools_3.8.2-11ubuntu0.9.04.6_powerpc.deb
Size/MD5: 221288 3592d9842997a658007ac326caaed2a7
http://ports.ubuntu.com/pool/main/t/tiff/libtiff4-dev_3.8.2-11ubuntu0.9.04.6_powerpc.deb
Size/MD5: 256768 834993c1049aca8c12420b92c92f28fb
http://ports.ubuntu.com/pool/main/t/tiff/libtiff4_3.8.2-11ubuntu0.9.04.6_powerpc.deb
Size/MD5: 137538 49b4a1e944f909ca495b525c2633a735
http://ports.ubuntu.com/pool/main/t/tiff/libtiffxx0c2_3.8.2-11ubuntu0.9.04.6_powerpc.deb
Size/MD5: 8730 01803cafeea784dbc818a5e0b280722f
http://ports.ubuntu.com/pool/universe/t/tiff/libtiff-opengl_3.8.2-11ubuntu0.9.04.6_powerpc.deb
Size/MD5: 14234 2ba3cc6f57abce5c990eef8d7c6fbceb
sparc architecture (Sun SPARC/UltraSPARC):
http://ports.ubuntu.com/pool/main/t/tiff/libtiff-tools_3.8.2-11ubuntu0.9.04.6_sparc.deb
Size/MD5: 183806 f2a9bbe1f571d06e74fc955ac8f59b72
http://ports.ubuntu.com/pool/main/t/tiff/libtiff4-dev_3.8.2-11ubuntu0.9.04.6_sparc.deb
Size/MD5: 238044 12858b8bde77b383f1089e8989394b38
http://ports.ubuntu.com/pool/main/t/tiff/libtiff4_3.8.2-11ubuntu0.9.04.6_sparc.deb
Size/MD5: 124424 bf09c05c0bc3ec5c21ebdefbb095faa6
http://ports.ubuntu.com/pool/main/t/tiff/libtiffxx0c2_3.8.2-11ubuntu0.9.04.6_sparc.deb
Size/MD5: 5978 952a5bf270a59b0f873dd1c6a1f67175
http://ports.ubuntu.com/pool/universe/t/tiff/libtiff-opengl_3.8.2-11ubuntu0.9.04.6_sparc.deb
Size/MD5: 12022 629b0b70778ecd8fe824f3254cf27b90
Updated packages for Ubuntu 9.10:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/t/tiff/tiff_3.8.2-13ubuntu0.3.diff.gz
Size/MD5: 41121 c0ab3072d29ea0360ba47217778d4901
http://security.ubuntu.com/ubuntu/pool/main/t/tiff/tiff_3.8.2-13ubuntu0.3.dsc
Size/MD5: 1343 03d22a022fc88888d9d8935e0df737bf
http://security.ubuntu.com/ubuntu/pool/main/t/tiff/tiff_3.8.2.orig.tar.gz
Size/MD5: 1333780 e6ec4ab957ef49d5aabc38b7a376910b
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff-doc_3.8.2-13ubuntu0.3_all.deb
Size/MD5: 334670 5cc39d1960ed0eaa84b0cef574f9019a
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff-tools_3.8.2-13ubuntu0.3_amd64.deb
Size/MD5: 193172 904b26a40f81337d896afb4dc99b6dac
http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4-dev_3.8.2-13ubuntu0.3_amd64.deb
Size/MD5: 251358 a2c45975bc8789e05a1fac873c54afdb
http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4_3.8.2-13ubuntu0.3_amd64.deb
Size/MD5: 135204 747b17ea960047cfe980951780e16343
http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiffxx0c2_3.8.2-13ubuntu0.3_amd64.deb
Size/MD5: 6330 1784c3b86fe6a9a68f8411b7ad816d4a
http://security.ubuntu.com/ubuntu/pool/universe/t/tiff/libtiff-opengl_3.8.2-13ubuntu0.3_amd64.deb
Size/MD5: 12006 24240bf743cd23ce670b4b486a7408a6
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff-tools_3.8.2-13ubuntu0.3_i386.deb
Size/MD5: 175842 008409a183baa37db8c1c45a8f094a44
http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4-dev_3.8.2-13ubuntu0.3_i386.deb
Size/MD5: 231870 56bb188c4596af1b901be03032d9a617
http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4_3.8.2-13ubuntu0.3_i386.deb
Size/MD5: 124248 3708797ed53d0d0b58769ff729ff18c0
http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiffxx0c2_3.8.2-13ubuntu0.3_i386.deb
Size/MD5: 6446 cb3263d1be21404f7cb72866fdf6ad2a
http://security.ubuntu.com/ubuntu/pool/universe/t/tiff/libtiff-opengl_3.8.2-13ubuntu0.3_i386.deb
Size/MD5: 11302 628741204ad187f2d66f724c49ee47f7
lpia architecture (Low Power Intel Architecture):
http://ports.ubuntu.com/pool/main/t/tiff/libtiff-tools_3.8.2-13ubuntu0.3_lpia.deb
Size/MD5: 177048 64a59e0441238751d0e74e47e414d27e
http://ports.ubuntu.com/pool/main/t/tiff/libtiff4-dev_3.8.2-13ubuntu0.3_lpia.deb
Size/MD5: 234210 73343fb5872ff0d51c90ffc1cc841c9f
http://ports.ubuntu.com/pool/main/t/tiff/libtiff4_3.8.2-13ubuntu0.3_lpia.deb
Size/MD5: 125892 2f7f51f21359bec31fdb219176d46517
http://ports.ubuntu.com/pool/main/t/tiff/libtiffxx0c2_3.8.2-13ubuntu0.3_lpia.deb
Size/MD5: 6314 5bd86ff35a7592a8cb6cc4fe5a19073f
http://ports.ubuntu.com/pool/universe/t/tiff/libtiff-opengl_3.8.2-13ubuntu0.3_lpia.deb
Size/MD5: 11342 36a53ad5737a7381f123f9ba65efb694
powerpc architecture (Apple Macintosh G3/G4/G5):
http://ports.ubuntu.com/pool/main/t/tiff/libtiff-tools_3.8.2-13ubuntu0.3_powerpc.deb
Size/MD5: 191502 c6b963c4009baaa04afe123c7ec99f9c
http://ports.ubuntu.com/pool/main/t/tiff/libtiff4-dev_3.8.2-13ubuntu0.3_powerpc.deb
Size/MD5: 256282 8110d1fade42b772fbc2072ea209eb97
http://ports.ubuntu.com/pool/main/t/tiff/libtiff4_3.8.2-13ubuntu0.3_powerpc.deb
Size/MD5: 136778 dbba3ac2c70dbf380fe242bd68c53fa3
http://ports.ubuntu.com/pool/main/t/tiff/libtiffxx0c2_3.8.2-13ubuntu0.3_powerpc.deb
Size/MD5: 6736 1f111239548e12c69db166e59a190b3c
http://ports.ubuntu.com/pool/universe/t/tiff/libtiff-opengl_3.8.2-13ubuntu0.3_powerpc.deb
Size/MD5: 12086 0d49955b527ff8a6ff4943120ba553c5
sparc architecture (Sun SPARC/UltraSPARC):
http://ports.ubuntu.com/pool/main/t/tiff/libtiff-tools_3.8.2-13ubuntu0.3_sparc.deb
Size/MD5: 184286 06388a8d95b34d4bfb7247c47c07906c
http://ports.ubuntu.com/pool/main/t/tiff/libtiff4-dev_3.8.2-13ubuntu0.3_sparc.deb
Size/MD5: 236968 4208eb62edba48bbd6d280eedda2a0a4
http://ports.ubuntu.com/pool/main/t/tiff/libtiff4_3.8.2-13ubuntu0.3_sparc.deb
Size/MD5: 124514 a6446a90d3e9d5629f8105603c9474dd
http://ports.ubuntu.com/pool/main/t/tiff/libtiffxx0c2_3.8.2-13ubuntu0.3_sparc.deb
Size/MD5: 6100 76a69eccc98c82be32b0481df58d3de9
http://ports.ubuntu.com/pool/universe/t/tiff/libtiff-opengl_3.8.2-13ubuntu0.3_sparc.deb
Size/MD5: 12026 c23e8ab257390fe565ebf103a8edaeb9
Updated packages for Ubuntu 10.04:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/t/tiff/tiff_3.9.2-2ubuntu0.3.diff.gz
Size/MD5: 17310 779fdd57e79090bedcec10b26eaf08ec
http://security.ubuntu.com/ubuntu/pool/main/t/tiff/tiff_3.9.2-2ubuntu0.3.dsc
Size/MD5: 1339 7d001b20ea0677cb63bbb4becf8ff69f
http://security.ubuntu.com/ubuntu/pool/main/t/tiff/tiff_3.9.2.orig.tar.gz
Size/MD5: 1419742 93e56e421679c591de7552db13384cb8
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff-doc_3.9.2-2ubuntu0.3_all.deb
Size/MD5: 342306 e17c62cb61768cd0885bd5c71caa7f67
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff-tools_3.9.2-2ubuntu0.3_amd64.deb
Size/MD5: 252274 0b359ab56d43865968c690765ef96a23
http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4-dev_3.9.2-2ubuntu0.3_amd64.deb
Size/MD5: 269444 364252fef2d31f9a59be006a60c6794e
http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4_3.9.2-2ubuntu0.3_amd64.deb
Size/MD5: 148610 19d95336d35bffd635787ac1174c6716
http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiffxx0c2_3.9.2-2ubuntu0.3_amd64.deb
Size/MD5: 6390 7236b5c267df2ae7fbb805768c4d6314
http://security.ubuntu.com/ubuntu/pool/universe/t/tiff/libtiff-opengl_3.9.2-2ubuntu0.3_amd64.deb
Size/MD5: 12034 ad15f0ac0f19016a4498c3f22f90de43
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff-tools_3.9.2-2ubuntu0.3_i386.deb
Size/MD5: 232412 def529fa30067e222a10ce03fb4651e2
http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4-dev_3.9.2-2ubuntu0.3_i386.deb
Size/MD5: 246484 3f78b62e3e411a05fcf9f97a9f77f21c
http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4_3.9.2-2ubuntu0.3_i386.deb
Size/MD5: 136176 0fae675d248b4ab7cf77018d860a55ce
http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiffxx0c2_3.9.2-2ubuntu0.3_i386.deb
Size/MD5: 6492 fb5a44eaef7ee218d83a4482bd331c69
http://security.ubuntu.com/ubuntu/pool/universe/t/tiff/libtiff-opengl_3.9.2-2ubuntu0.3_i386.deb
Size/MD5: 11290 c9ee0da107d51715c41bc5513a302532
powerpc architecture (Apple Macintosh G3/G4/G5):
http://ports.ubuntu.com/pool/main/t/tiff/libtiff-tools_3.9.2-2ubuntu0.3_powerpc.deb
Size/MD5: 253470 7fbf59b850974984a419f752830da31b
http://ports.ubuntu.com/pool/main/t/tiff/libtiff4-dev_3.9.2-2ubuntu0.3_powerpc.deb
Size/MD5: 275072 a174c0a69bbe402b3d17a0085e69952d
http://ports.ubuntu.com/pool/main/t/tiff/libtiff4_3.9.2-2ubuntu0.3_powerpc.deb
Size/MD5: 150222 e460e28329d5754c4670647d08a2c9fb
http://ports.ubuntu.com/pool/main/t/tiff/libtiffxx0c2_3.9.2-2ubuntu0.3_powerpc.deb
Size/MD5: 6774 f5f491424e932a100199e8274d7b8eef
http://ports.ubuntu.com/pool/universe/t/tiff/libtiff-opengl_3.9.2-2ubuntu0.3_powerpc.deb
Size/MD5: 12098 c18d01ecf566a05ef689b2224bf0c343
sparc architecture (Sun SPARC/UltraSPARC):
http://ports.ubuntu.com/pool/main/t/tiff/libtiff-tools_3.9.2-2ubuntu0.3_sparc.deb
Size/MD5: 248748 fc6cc955db82161bffe7ebf0dd5a4aea
http://ports.ubuntu.com/pool/main/t/tiff/libtiff4-dev_3.9.2-2ubuntu0.3_sparc.deb
Size/MD5: 257150 ccb51b6b25aa92dc09140d0fda8ef2b5
http://ports.ubuntu.com/pool/main/t/tiff/libtiff4_3.9.2-2ubuntu0.3_sparc.deb
Size/MD5: 142870 5644962072cf924c15a559f9a0f00ddc
http://ports.ubuntu.com/pool/main/t/tiff/libtiffxx0c2_3.9.2-2ubuntu0.3_sparc.deb
Size/MD5: 6238 d11701e3eb25d8201e363314c5ea4bbb
http://ports.ubuntu.com/pool/universe/t/tiff/libtiff-opengl_3.9.2-2ubuntu0.3_sparc.deb
Size/MD5: 11922 be82dd608f5e01be8117b48eaa567ca0
Show details on source website
{
"affected_products": {
"_id": null,
"data": [
{
"_id": null,
"model": "mac os x",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "10.6.3"
},
{
"_id": null,
"model": "mac os x",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "10.6.2"
},
{
"_id": null,
"model": "mac os x server",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "10.6.2"
},
{
"_id": null,
"model": "mac os x",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "10.6.1"
},
{
"_id": null,
"model": "mac os x",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "10.5.8"
},
{
"_id": null,
"model": "mac os x server",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "10.6.3"
},
{
"_id": null,
"model": "mac os x server",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "10.6.1"
},
{
"_id": null,
"model": "mac os x server",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "10.5.8"
},
{
"_id": null,
"model": "mac os x",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "10.6.0"
},
{
"_id": null,
"model": "mac os x server",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "10.6.0"
},
{
"_id": null,
"model": "libtiff",
"scope": "lt",
"trust": 0.8,
"vendor": "libtiff",
"version": "3.9.3"
},
{
"_id": null,
"model": "mac os x",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "v10.5.8"
},
{
"_id": null,
"model": "mac os x",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "v10.6 to v10.6.3"
},
{
"_id": null,
"model": "mac os x server",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "v10.5.8"
},
{
"_id": null,
"model": "mac os x server",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "v10.6 to v10.6.3"
},
{
"_id": null,
"model": "itunes",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "9"
},
{
"_id": null,
"model": "safari",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "4"
},
{
"_id": null,
"model": "safari",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "5"
},
{
"_id": null,
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "3 (x86)"
},
{
"_id": null,
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "3 (x86-64)"
},
{
"_id": null,
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "3.0"
},
{
"_id": null,
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "3.0 (x86-64)"
},
{
"_id": null,
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "4.0"
},
{
"_id": null,
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "4.0 (x86-64)"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3 (as)"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3 (es)"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3 (ws)"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 (as)"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 (es)"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 (ws)"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4.8 (as)"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4.8 (es)"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5 (server)"
},
{
"_id": null,
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3.0"
},
{
"_id": null,
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4.0"
},
{
"_id": null,
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5.0 (client)"
},
{
"_id": null,
"model": "rhel desktop workstation",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5 (client)"
},
{
"_id": null,
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "9.10"
},
{
"_id": null,
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "9.10"
},
{
"_id": null,
"model": "linux lpia",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "9.10"
},
{
"_id": null,
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "9.10"
},
{
"_id": null,
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "9.10"
},
{
"_id": null,
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "9.04"
},
{
"_id": null,
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "9.04"
},
{
"_id": null,
"model": "linux lpia",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "9.04"
},
{
"_id": null,
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "9.04"
},
{
"_id": null,
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "9.04"
},
{
"_id": null,
"model": "linux lts sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "8.04"
},
{
"_id": null,
"model": "linux lts powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "8.04"
},
{
"_id": null,
"model": "linux lts lpia",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "8.04"
},
{
"_id": null,
"model": "linux lts i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "8.04"
},
{
"_id": null,
"model": "linux lts amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "8.04"
},
{
"_id": null,
"model": "linux lts sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"_id": null,
"model": "linux lts powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"_id": null,
"model": "linux lts i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"_id": null,
"model": "linux lts amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"_id": null,
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"_id": null,
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"_id": null,
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"_id": null,
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"_id": null,
"model": "linux enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "9"
},
{
"_id": null,
"model": "linux enterprise sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "10.2"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "10.1"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "10.0"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "9.1"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "9.0"
},
{
"_id": null,
"model": "linux x86 64 -current",
"scope": null,
"trust": 0.3,
"vendor": "slackware",
"version": null
},
{
"_id": null,
"model": "linux x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "13.1"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "13.1"
},
{
"_id": null,
"model": "linux x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "13.0"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "13.0"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "12.2"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "12.1"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "12.0"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "11.0"
},
{
"_id": null,
"model": "linux -current",
"scope": null,
"trust": 0.3,
"vendor": "slackware",
"version": null
},
{
"_id": null,
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "11.2"
},
{
"_id": null,
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "11.1"
},
{
"_id": null,
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "11.0"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "rpath",
"version": "2"
},
{
"_id": null,
"model": "appliance platform linux service",
"scope": "eq",
"trust": 0.3,
"vendor": "rpath",
"version": "2"
},
{
"_id": null,
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"_id": null,
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"_id": null,
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"_id": null,
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"_id": null,
"model": "enterprise linux desktop workstation client",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"_id": null,
"model": "enterprise linux desktop client",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"_id": null,
"model": "enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"_id": null,
"model": "enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"_id": null,
"model": "enterprise linux desktop version",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"_id": null,
"model": "enterprise linux server",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"_id": null,
"model": "desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3.0"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "pardus",
"version": "20090"
},
{
"_id": null,
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2010.1"
},
{
"_id": null,
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2010.1"
},
{
"_id": null,
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2010.0"
},
{
"_id": null,
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2010.0"
},
{
"_id": null,
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2009.1"
},
{
"_id": null,
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2009.1"
},
{
"_id": null,
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2009.0"
},
{
"_id": null,
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2009.0"
},
{
"_id": null,
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2008.0"
},
{
"_id": null,
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2008.0"
},
{
"_id": null,
"model": "enterprise server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "5"
},
{
"_id": null,
"model": "enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "5"
},
{
"_id": null,
"model": "corporate server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "4.0"
},
{
"_id": null,
"model": "corporate server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "4.0"
},
{
"_id": null,
"model": "libtiff",
"scope": "eq",
"trust": 0.3,
"vendor": "libtiff",
"version": "3.8.2"
},
{
"_id": null,
"model": "libtiff",
"scope": "eq",
"trust": 0.3,
"vendor": "libtiff",
"version": "3.8.1"
},
{
"_id": null,
"model": "libtiff",
"scope": "eq",
"trust": 0.3,
"vendor": "libtiff",
"version": "3.8"
},
{
"_id": null,
"model": "libtiff",
"scope": "eq",
"trust": 0.3,
"vendor": "libtiff",
"version": "3.7.4"
},
{
"_id": null,
"model": "libtiff",
"scope": "eq",
"trust": 0.3,
"vendor": "libtiff",
"version": "3.7.3"
},
{
"_id": null,
"model": "libtiff",
"scope": "eq",
"trust": 0.3,
"vendor": "libtiff",
"version": "3.7.2"
},
{
"_id": null,
"model": "libtiff",
"scope": "eq",
"trust": 0.3,
"vendor": "libtiff",
"version": "3.7.1"
},
{
"_id": null,
"model": "libtiff",
"scope": "eq",
"trust": 0.3,
"vendor": "libtiff",
"version": "3.7"
},
{
"_id": null,
"model": "libtiff",
"scope": "eq",
"trust": 0.3,
"vendor": "libtiff",
"version": "3.6.1"
},
{
"_id": null,
"model": "libtiff",
"scope": "eq",
"trust": 0.3,
"vendor": "libtiff",
"version": "3.6.0"
},
{
"_id": null,
"model": "libtiff",
"scope": "eq",
"trust": 0.3,
"vendor": "libtiff",
"version": "3.5.7"
},
{
"_id": null,
"model": "libtiff",
"scope": "eq",
"trust": 0.3,
"vendor": "libtiff",
"version": "3.5.5"
},
{
"_id": null,
"model": "libtiff",
"scope": "eq",
"trust": 0.3,
"vendor": "libtiff",
"version": "3.5.4"
},
{
"_id": null,
"model": "libtiff",
"scope": "eq",
"trust": 0.3,
"vendor": "libtiff",
"version": "3.5.3"
},
{
"_id": null,
"model": "libtiff",
"scope": "eq",
"trust": 0.3,
"vendor": "libtiff",
"version": "3.5.2"
},
{
"_id": null,
"model": "libtiff",
"scope": "eq",
"trust": 0.3,
"vendor": "libtiff",
"version": "3.5.1"
},
{
"_id": null,
"model": "libtiff",
"scope": "eq",
"trust": 0.3,
"vendor": "libtiff",
"version": "3.4"
},
{
"_id": null,
"model": "libtiff",
"scope": "eq",
"trust": 0.3,
"vendor": "libtiff",
"version": "3.9"
},
{
"_id": null,
"model": "libtiff",
"scope": "eq",
"trust": 0.3,
"vendor": "libtiff",
"version": "3.7.2-7"
},
{
"_id": null,
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"_id": null,
"model": "linux s/390",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"_id": null,
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"_id": null,
"model": "linux mipsel",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"_id": null,
"model": "linux mips",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"_id": null,
"model": "linux m68k",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"_id": null,
"model": "linux ia-64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"_id": null,
"model": "linux ia-32",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"_id": null,
"model": "linux hppa",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"_id": null,
"model": "linux armel",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"_id": null,
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"_id": null,
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"_id": null,
"model": "linux alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"_id": null,
"model": "proactive contact",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.1.2"
},
{
"_id": null,
"model": "proactive contact",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.1.1"
},
{
"_id": null,
"model": "proactive contact",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.1"
},
{
"_id": null,
"model": "proactive contact",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.0"
},
{
"_id": null,
"model": "messaging storage server mm3.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"_id": null,
"model": "messaging storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"_id": null,
"model": "messaging storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.1"
},
{
"_id": null,
"model": "messaging storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.0"
},
{
"_id": null,
"model": "messaging storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.0"
},
{
"_id": null,
"model": "messaging storage server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"_id": null,
"model": "messaging storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"_id": null,
"model": "messaging storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"_id": null,
"model": "messaging storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.0"
},
{
"_id": null,
"model": "messaging storage server",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"_id": null,
"model": "message networking mn",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"_id": null,
"model": "message networking",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"_id": null,
"model": "message networking",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"_id": null,
"model": "message networking",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"_id": null,
"model": "iq",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.1"
},
{
"_id": null,
"model": "iq",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5"
},
{
"_id": null,
"model": "intuity audix lx r1.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"_id": null,
"model": "intuity audix lx sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"_id": null,
"model": "intuity audix lx sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"_id": null,
"model": "intuity audix lx",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"_id": null,
"model": "intuity audix lx",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.0"
},
{
"_id": null,
"model": "aura system platform sp1.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"_id": null,
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.0"
},
{
"_id": null,
"model": "aura system manager sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"_id": null,
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.0"
},
{
"_id": null,
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "aura session manager sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"_id": null,
"model": "aura session manager sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"_id": null,
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"_id": null,
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.1"
},
{
"_id": null,
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.0"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.3"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.2"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.1"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.8"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.7"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.6"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.5"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.4"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.3"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.2"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.1"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.3"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.2"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.1"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.8"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.7"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.6"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.5"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.4"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.3"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.2"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.1"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5"
},
{
"_id": null,
"model": "itunes",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "9.0.2"
},
{
"_id": null,
"model": "itunes",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "9.0.1.8"
},
{
"_id": null,
"model": "itunes",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "9.0.1"
},
{
"_id": null,
"model": "itunes",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "9.0"
},
{
"_id": null,
"model": "itunes",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "9.1"
},
{
"_id": null,
"model": "itunes",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "8.2"
},
{
"_id": null,
"model": "itunes",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "8.1"
},
{
"_id": null,
"model": "itunes",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "8.0.2.20"
},
{
"_id": null,
"model": "itunes",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "8.0"
},
{
"_id": null,
"model": "libtiff",
"scope": "ne",
"trust": 0.3,
"vendor": "libtiff",
"version": "3.9.3"
},
{
"_id": null,
"model": "mac os server",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.4"
},
{
"_id": null,
"model": "mac os",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.4"
},
{
"_id": null,
"model": "itunes",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "9.2"
}
],
"sources": [
{
"db": "BID",
"id": "40823"
},
{
"db": "CNNVD",
"id": "CNNVD-201006-294"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001651"
},
{
"db": "NVD",
"id": "CVE-2010-1411"
}
]
},
"configurations": {
"_id": null,
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:libtiff_project:libtiff",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:apple:mac_os_x",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:apple:mac_os_x_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:apple:itunes",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:apple:safari",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:misc:miraclelinux_asianux_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:redhat:enterprise_linux",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:redhat:enterprise_linux_desktop",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:redhat:rhel_desktop_workstation",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2010-001651"
}
]
},
"credits": {
"_id": null,
"data": "Kevin Finisterre",
"sources": [
{
"db": "BID",
"id": "40823"
},
{
"db": "CNNVD",
"id": "CNNVD-201006-294"
}
],
"trust": 0.9
},
"cve": "CVE-2010-1411",
"cvss": {
"_id": null,
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CVE-2010-1411",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.9,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "VHN-44016",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2010-1411",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2010-1411",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-201006-294",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-44016",
"trust": 0.1,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2010-1411",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-44016"
},
{
"db": "VULMON",
"id": "CVE-2010-1411"
},
{
"db": "CNNVD",
"id": "CNNVD-201006-294"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001651"
},
{
"db": "NVD",
"id": "CVE-2010-1411"
}
]
},
"description": {
"_id": null,
"data": "Multiple integer overflows in the Fax3SetupState function in tif_fax3.c in the FAX3 decoder in LibTIFF before 3.9.3, as used in ImageIO in Apple Mac OS X 10.5.8 and Mac OS X 10.6 before 10.6.4, allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted TIFF file that triggers a heap-based buffer overflow. LibTIFF is prone to a remote integer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied data. \nAn attacker can exploit this issue to execute arbitrary malicious code in the context of a user running an application that uses the affected library. Failed exploit attempts will likely crash the application. \nLibTIFF versions prior to 3.9.3 are vulnerable. Apple Mac OS X is the operating system used by Apple family computers, and Font Book is a font management tool included in Mac OS X. \n\nFor the stable distribution (lenny), this problem has been fixed in\nversion 3.8.2-11.3. \n\nFor the unstable distribution (sid), this problem has been fixed in\nversion 3.9.4-1. \n\nWe recommend that you upgrade your tiff packages. \n\nUpgrade instructions\n- --------------------\n\nwget url\n will fetch the file for you\ndpkg -i file.deb\n will install the referenced file. \n\nIf you are using the apt-get package manager, use the line for\nsources.list as given below:\n\napt-get update\n will update the internal database\napt-get upgrade\n will install corrected packages\n\nYou may use an automated update by adding the resources from the\nfooter to the proper configuration. \n\n\nDebian GNU/Linux 5.0 alias lenny\n- --------------------------------\n\nStable updates are available for alpha, amd64, arm, armel, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc. \n\nSource archives:\n\n http://security.debian.org/pool/updates/main/t/tiff/tiff_3.8.2-11.3.tar.gz\n Size/MD5 checksum: 1376361 bfbc775f3ea2d698f6c4e57a66a6bc62\n http://security.debian.org/pool/updates/main/t/tiff/tiff_3.8.2-11.3.dsc\n Size/MD5 checksum: 965 289fde796cd4d75c185fd380e4ef2611\n\nArchitecture independent packages:\n\n http://security.debian.org/pool/updates/main/t/tiff/libtiff-doc_3.8.2-11.3_all.deb\n Size/MD5 checksum: 368936 4fa6c87469e6d2a4ab8b9b609e1cd2b0\n\nalpha architecture (DEC Alpha)\n\n http://security.debian.org/pool/updates/main/t/tiff/libtiff4_3.8.2-11.3_alpha.deb\n Size/MD5 checksum: 184038 718aa158afb8b08924079e4c8990f303\n http://security.debian.org/pool/updates/main/t/tiff/libtiff4-dev_3.8.2-11.3_alpha.deb\n Size/MD5 checksum: 339202 b4d67d4e554d4e681e54a9951bc6ab88\n http://security.debian.org/pool/updates/main/t/tiff/libtiffxx0c2_3.8.2-11.3_alpha.deb\n Size/MD5 checksum: 49078 2c6b9d3ee81d1f1ea306d395b51c1731\n http://security.debian.org/pool/updates/main/t/tiff/libtiff-opengl_3.8.2-11.3_alpha.deb\n Size/MD5 checksum: 55100 ef3532a300357164438524ca256853fb\n http://security.debian.org/pool/updates/main/t/tiff/libtiff-tools_3.8.2-11.3_alpha.deb\n Size/MD5 checksum: 253438 6e72c7d573238d09bdc43a20472b2b29\n\namd64 architecture (AMD x86_64 (AMD64))\n\n http://security.debian.org/pool/updates/main/t/tiff/libtiff-tools_3.8.2-11.3_amd64.deb\n Size/MD5 checksum: 230540 93a89276bd4fe5be5a9d50b040002a70\n http://security.debian.org/pool/updates/main/t/tiff/libtiff4_3.8.2-11.3_amd64.deb\n Size/MD5 checksum: 169962 037d13ec48515773798dfc51af404eef\n http://security.debian.org/pool/updates/main/t/tiff/libtiff-opengl_3.8.2-11.3_amd64.deb\n Size/MD5 checksum: 54210 d4e1911e9e5f07980e0d71bde8bfc732\n http://security.debian.org/pool/updates/main/t/tiff/libtiffxx0c2_3.8.2-11.3_amd64.deb\n Size/MD5 checksum: 48846 334988c78cfc87a6a3f9f9a18254f450\n http://security.debian.org/pool/updates/main/t/tiff/libtiff4-dev_3.8.2-11.3_amd64.deb\n Size/MD5 checksum: 293176 4aa38a5f29db663094e6af1039b5a32b\n\narmel architecture (ARM EABI)\n\n http://security.debian.org/pool/updates/main/t/tiff/libtiff4_3.8.2-11.3_armel.deb\n Size/MD5 checksum: 162044 2b4e8648f64119e0ab8e8ab6246270a9\n http://security.debian.org/pool/updates/main/t/tiff/libtiff-tools_3.8.2-11.3_armel.deb\n Size/MD5 checksum: 234150 7481d9317f18ce662f3b8997ce924df8\n http://security.debian.org/pool/updates/main/t/tiff/libtiff-opengl_3.8.2-11.3_armel.deb\n Size/MD5 checksum: 55996 26fbcbaccac9a1ee56b681699ff035e3\n http://security.debian.org/pool/updates/main/t/tiff/libtiffxx0c2_3.8.2-11.3_armel.deb\n Size/MD5 checksum: 48532 30d10222b5e240af5823a2a1cf1b1e26\n http://security.debian.org/pool/updates/main/t/tiff/libtiff4-dev_3.8.2-11.3_armel.deb\n Size/MD5 checksum: 278612 97026ca2288156a7c08057afedede29e\n\nhppa architecture (HP PA RISC)\n\n http://security.debian.org/pool/updates/main/t/tiff/libtiff4-dev_3.8.2-11.3_hppa.deb\n Size/MD5 checksum: 309128 bf85956e72869e294f893c3f27b6ad37\n http://security.debian.org/pool/updates/main/t/tiff/libtiff4_3.8.2-11.3_hppa.deb\n Size/MD5 checksum: 176834 e0f39c8995ba2d40ae444257bf9b5943\n http://security.debian.org/pool/updates/main/t/tiff/libtiffxx0c2_3.8.2-11.3_hppa.deb\n Size/MD5 checksum: 49746 04935c2e72b8696ccfcd1c303fb83327\n http://security.debian.org/pool/updates/main/t/tiff/libtiff-opengl_3.8.2-11.3_hppa.deb\n Size/MD5 checksum: 54552 d4af13d4eb9022e20ce2312d951ba34b\n http://security.debian.org/pool/updates/main/t/tiff/libtiff-tools_3.8.2-11.3_hppa.deb\n Size/MD5 checksum: 241610 97b8a14e8b2cc24197e2b82d01f51775\n\ni386 architecture (Intel ia32)\n\n http://security.debian.org/pool/updates/main/t/tiff/libtiff4-dev_3.8.2-11.3_i386.deb\n Size/MD5 checksum: 275666 b8fb9e1f47d1e29ba82e9ab9c2c5695e\n http://security.debian.org/pool/updates/main/t/tiff/libtiffxx0c2_3.8.2-11.3_i386.deb\n Size/MD5 checksum: 48830 734c77873fd7f566e2473470b1db31aa\n http://security.debian.org/pool/updates/main/t/tiff/libtiff4_3.8.2-11.3_i386.deb\n Size/MD5 checksum: 161636 665df63c672569d63281727a7ac499b0\n http://security.debian.org/pool/updates/main/t/tiff/libtiff-opengl_3.8.2-11.3_i386.deb\n Size/MD5 checksum: 53632 5d75e0f199918c8c250b0a48d4b2fd4f\n http://security.debian.org/pool/updates/main/t/tiff/libtiff-tools_3.8.2-11.3_i386.deb\n Size/MD5 checksum: 219164 b3b8468f9a518093440b74fc573a6ee1\n\nia64 architecture (Intel ia64)\n\n http://security.debian.org/pool/updates/main/t/tiff/libtiff4-dev_3.8.2-11.3_ia64.deb\n Size/MD5 checksum: 368628 57e577e4e2a590f89b96204598e14d04\n http://security.debian.org/pool/updates/main/t/tiff/libtiff-opengl_3.8.2-11.3_ia64.deb\n Size/MD5 checksum: 56790 4072f1d33f13b2bd419cdd984947a4ce\n http://security.debian.org/pool/updates/main/t/tiff/libtiffxx0c2_3.8.2-11.3_ia64.deb\n Size/MD5 checksum: 50600 fd59fabeaae51f1b5cf6a675abd2733e\n http://security.debian.org/pool/updates/main/t/tiff/libtiff4_3.8.2-11.3_ia64.deb\n Size/MD5 checksum: 230320 54f9d6a2004efac771cdf2856c238032\n http://security.debian.org/pool/updates/main/t/tiff/libtiff-tools_3.8.2-11.3_ia64.deb\n Size/MD5 checksum: 294884 e6b5df4ea911fc1cc788b8ec7302180a\n\nmips architecture (MIPS (Big Endian))\n\n http://security.debian.org/pool/updates/main/t/tiff/libtiff-tools_3.8.2-11.3_mips.deb\n Size/MD5 checksum: 228404 3980fe301b7f21ef4a651d970791deb4\n http://security.debian.org/pool/updates/main/t/tiff/libtiff-opengl_3.8.2-11.3_mips.deb\n Size/MD5 checksum: 54648 c1e21d56c6c3caca4fa5cd3088e0131e\n http://security.debian.org/pool/updates/main/t/tiff/libtiff4_3.8.2-11.3_mips.deb\n Size/MD5 checksum: 164076 5d3ebd670bb207890c8b01446d9b5286\n http://security.debian.org/pool/updates/main/t/tiff/libtiffxx0c2_3.8.2-11.3_mips.deb\n Size/MD5 checksum: 49246 6b55de1c9cc0588311d490393588fef8\n http://security.debian.org/pool/updates/main/t/tiff/libtiff4-dev_3.8.2-11.3_mips.deb\n Size/MD5 checksum: 308736 ff1fd350e5516cd2b01fdf63e7038571\n\nmipsel architecture (MIPS (Little Endian))\n\n http://security.debian.org/pool/updates/main/t/tiff/libtiff-opengl_3.8.2-11.3_mipsel.deb\n Size/MD5 checksum: 54422 561140c51e40c2c87d7c38e47ec1ce0f\n http://security.debian.org/pool/updates/main/t/tiff/libtiffxx0c2_3.8.2-11.3_mipsel.deb\n Size/MD5 checksum: 49108 0eed63837509815d380a8ede4617a2c0\n http://security.debian.org/pool/updates/main/t/tiff/libtiff4-dev_3.8.2-11.3_mipsel.deb\n Size/MD5 checksum: 307868 f0b97d0b90054a568241766cd5e8ac0e\n http://security.debian.org/pool/updates/main/t/tiff/libtiff4_3.8.2-11.3_mipsel.deb\n Size/MD5 checksum: 164694 69ae3b75909d3fbcf4a748a3f17c4a2e\n http://security.debian.org/pool/updates/main/t/tiff/libtiff-tools_3.8.2-11.3_mipsel.deb\n Size/MD5 checksum: 228910 75d5940ed31a0a78f7a5a07cca1c90b9\n\npowerpc architecture (PowerPC)\n\n http://security.debian.org/pool/updates/main/t/tiff/libtiff4-dev_3.8.2-11.3_powerpc.deb\n Size/MD5 checksum: 299072 cf872d693b7d6d04caab6395c807a49d\n http://security.debian.org/pool/updates/main/t/tiff/libtiffxx0c2_3.8.2-11.3_powerpc.deb\n Size/MD5 checksum: 51290 4b3b6043a320e3b0efede959db2c993f\n http://security.debian.org/pool/updates/main/t/tiff/libtiff4_3.8.2-11.3_powerpc.deb\n Size/MD5 checksum: 173516 7fb5e356c35b8161dea064a927f8f524\n http://security.debian.org/pool/updates/main/t/tiff/libtiff-tools_3.8.2-11.3_powerpc.deb\n Size/MD5 checksum: 270346 ff150ce3bea37067983a7ea8bdc8ce4f\n http://security.debian.org/pool/updates/main/t/tiff/libtiff-opengl_3.8.2-11.3_powerpc.deb\n Size/MD5 checksum: 57156 d57b33ff85a8c4775c519bf6868e5dda\n\ns390 architecture (IBM S/390)\n\n http://security.debian.org/pool/updates/main/t/tiff/libtiffxx0c2_3.8.2-11.3_s390.deb\n Size/MD5 checksum: 49846 f0d66694ef6247958c18b753690d6cf6\n http://security.debian.org/pool/updates/main/t/tiff/libtiff4-dev_3.8.2-11.3_s390.deb\n Size/MD5 checksum: 293844 3f30774b20aada6f011ffeaaf0913ce9\n http://security.debian.org/pool/updates/main/t/tiff/libtiff4_3.8.2-11.3_s390.deb\n Size/MD5 checksum: 177474 884dc57fdc438a4a735e123911bcb8dd\n http://security.debian.org/pool/updates/main/t/tiff/libtiff-tools_3.8.2-11.3_s390.deb\n Size/MD5 checksum: 231424 620b24d7eafbb4851b1fd43c96a4445c\n http://security.debian.org/pool/updates/main/t/tiff/libtiff-opengl_3.8.2-11.3_s390.deb\n Size/MD5 checksum: 55402 35f4548f8da35b1e25de3bc650fe65c4\n\nsparc architecture (Sun SPARC/UltraSPARC)\n\n http://security.debian.org/pool/updates/main/t/tiff/libtiff4-dev_3.8.2-11.3_sparc.deb\n Size/MD5 checksum: 280198 63347485f32c91c6b449ec33041cf343\n http://security.debian.org/pool/updates/main/t/tiff/libtiff-opengl_3.8.2-11.3_sparc.deb\n Size/MD5 checksum: 55224 e64c5173ddd48b8a80f37a8a92a4b8ef\n http://security.debian.org/pool/updates/main/t/tiff/libtiff4_3.8.2-11.3_sparc.deb\n Size/MD5 checksum: 160138 a01d761068e08a849cf0aba5f8bf8115\n http://security.debian.org/pool/updates/main/t/tiff/libtiffxx0c2_3.8.2-11.3_sparc.deb\n Size/MD5 checksum: 49380 07dfbcef878e3d014e55bf7c070f722b\n http://security.debian.org/pool/updates/main/t/tiff/libtiff-tools_3.8.2-11.3_sparc.deb\n Size/MD5 checksum: 224292 c31548079cc7b5aec519f66411cd0eeb\n\n\n These files will probably be moved into the stable distribution on\n its next update. \n \n Packages for 2008.0 and 2009.0 are provided as of the Extended\n Maintenance Program. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 201209-02\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n http://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: Normal\n Title: libTIFF: Multiple vulnerabilities\n Date: September 23, 2012\n Bugs: #307001, #324885, #357271, #359871, #371308, #410931,\n #422673, #427166\n ID: 201209-02\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nMultiple vulnerabilities in libTIFF could result in execution of\narbitrary code or Denial of Service. \n\nBackground\n==========\n\nlibTIFF provides support for reading and manipulating TIFF (Tagged\nImage File Format) images. \n\nAffected packages\n=================\n\n -------------------------------------------------------------------\n Package / Vulnerable / Unaffected\n -------------------------------------------------------------------\n 1 media-libs/tiff \u003c 4.0.2-r1 *\u003e= 3.9.5-r2\n \u003e= 4.0.2-r1\n\nDescription\n===========\n\nMultiple vulnerabilities have been discovered in libTIFF. Please review\nthe CVE identifiers referenced below for details. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll libTIFF 4.0 users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=media-libs/tiff-4.0.2-r1\"\n\nAll libTIFF 3.9 users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=media-libs/tiff-3.9.5-r2\"\n\nReferences\n==========\n\n[ 1 ] CVE-2009-2347\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2347\n[ 2 ] CVE-2009-5022\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-5022\n[ 3 ] CVE-2010-1411\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1411\n[ 4 ] CVE-2010-2065\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2065\n[ 5 ] CVE-2010-2067\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2067\n[ 6 ] CVE-2010-2233\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2233\n[ 7 ] CVE-2010-2443\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2443\n[ 8 ] CVE-2010-2481\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2481\n[ 9 ] CVE-2010-2482\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2482\n[ 10 ] CVE-2010-2483\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2483\n[ 11 ] CVE-2010-2595\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2595\n[ 12 ] CVE-2010-2596\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2596\n[ 13 ] CVE-2010-2597\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2597\n[ 14 ] CVE-2010-2630\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2630\n[ 15 ] CVE-2010-2631\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2631\n[ 16 ] CVE-2010-3087\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3087\n[ 17 ] CVE-2010-4665\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4665\n[ 18 ] CVE-2011-0192\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0192\n[ 19 ] CVE-2011-0192\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0192\n[ 20 ] CVE-2011-1167\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-1167\n[ 21 ] CVE-2011-1167\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-1167\n[ 22 ] CVE-2012-1173\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1173\n[ 23 ] CVE-2012-2088\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2088\n[ 24 ] CVE-2012-2113\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2113\n[ 25 ] CVE-2012-3401\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3401\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-201209-02.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2012 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n _______________________________________________________________________\n\n Mandriva Linux Security Advisory MDVSA-2010:146\n http://www.mandriva.com/security/\n _______________________________________________________________________\n\n Package : libtiff\n Date : August 6, 2010\n Affected: 2010.0, 2010.1\n _______________________________________________________________________\n\n Problem Description:\n\n Multiple vulnerabilities has been discovered and corrected in libtiff:\n \n The TIFFYCbCrtoRGB function in LibTIFF 3.9.0 and 3.9.2, as used in\n ImageMagick, does not properly handle invalid ReferenceBlackWhite\n values, which allows remote attackers to cause a denial of service\n (application crash) via a crafted TIFF image that triggers an array\n index error, related to downsampled OJPEG input. (CVE-2010-2233). \n \n The updated packages have been patched to correct these issues. \n _______________________________________________________________________\n\n References:\n\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2595\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1411\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2065\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2483\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2597\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2481\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2067\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2233\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2482\n _______________________________________________________________________\n\n Updated Packages:\n\n Mandriva Linux 2010.0:\n ceb7febb41b948977f6196b5bf31d538 2010.0/i586/libtiff3-3.9.1-4.1mdv2010.0.i586.rpm\n d38ee02dca1666e8d8f7c628e9debcbe 2010.0/i586/libtiff-devel-3.9.1-4.1mdv2010.0.i586.rpm\n e022bf3d3badddd3c480b4143a8cc2ec 2010.0/i586/libtiff-progs-3.9.1-4.1mdv2010.0.i586.rpm\n 6f18f9ce3d9582ea3f6f9ddd7b1680d8 2010.0/i586/libtiff-static-devel-3.9.1-4.1mdv2010.0.i586.rpm \n 69aa854e6935c2d111e44e84225f6f69 2010.0/SRPMS/libtiff-3.9.1-4.1mdv2010.0.src.rpm\n\n Mandriva Linux 2010.0/X86_64:\n 3965284cc51603cfdc0d9420104b8fd3 2010.0/x86_64/lib64tiff3-3.9.1-4.1mdv2010.0.x86_64.rpm\n 2768094532f4d1941ef66bae6da6ea15 2010.0/x86_64/lib64tiff-devel-3.9.1-4.1mdv2010.0.x86_64.rpm\n 2e08c6517abcf34dab75040fbee15212 2010.0/x86_64/lib64tiff-static-devel-3.9.1-4.1mdv2010.0.x86_64.rpm\n 3c81e78d3c389abcc370add6af857d12 2010.0/x86_64/libtiff-progs-3.9.1-4.1mdv2010.0.x86_64.rpm \n 69aa854e6935c2d111e44e84225f6f69 2010.0/SRPMS/libtiff-3.9.1-4.1mdv2010.0.src.rpm\n\n Mandriva Linux 2010.1:\n 0ddf3e069a91387a7d85ad5aacd1dd81 2010.1/i586/libtiff3-3.9.2-2.1mdv2010.1.i586.rpm\n 53d5d64cb3bb34a78d52776d42e0ed16 2010.1/i586/libtiff-devel-3.9.2-2.1mdv2010.1.i586.rpm\n e549b78e6658cb9a408454bf698e2ead 2010.1/i586/libtiff-progs-3.9.2-2.1mdv2010.1.i586.rpm\n 821179322f86ba6dcc96dd6afc48fd0f 2010.1/i586/libtiff-static-devel-3.9.2-2.1mdv2010.1.i586.rpm \n 31563b8124d1953b9c8849e0a63f5422 2010.1/SRPMS/libtiff-3.9.2-2.1mdv2010.1.src.rpm\n\n Mandriva Linux 2010.1/X86_64:\n e858e4c72c5191395d4db7f994ffd7c4 2010.1/x86_64/lib64tiff3-3.9.2-2.1mdv2010.1.x86_64.rpm\n 6bdce5697bc818f57cb56d22ce989b30 2010.1/x86_64/lib64tiff-devel-3.9.2-2.1mdv2010.1.x86_64.rpm\n daaf9562d71e8076e87578f25b8dbebe 2010.1/x86_64/lib64tiff-static-devel-3.9.2-2.1mdv2010.1.x86_64.rpm\n 36d9eef4dd2739944f05fe7edd4e76f8 2010.1/x86_64/libtiff-progs-3.9.2-2.1mdv2010.1.x86_64.rpm \n 31563b8124d1953b9c8849e0a63f5422 2010.1/SRPMS/libtiff-3.9.2-2.1mdv2010.1.src.rpm\n _______________________________________________________________________\n\n To upgrade automatically use MandrivaUpdate or urpmi. The verification\n of md5 checksums and GPG signatures is performed automatically for you. \n\n All packages are signed by Mandriva for security. You can obtain the\n GPG public key of the Mandriva Security Team by executing:\n\n gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98\n\n You can view other update advisories for Mandriva Linux at:\n\n http://www.mandriva.com/security/advisories\n\n If you want to report vulnerabilities, please contact\n\n security_(at)_mandriva.com\n _______________________________________________________________________\n\n Type Bits/KeyID Date User ID\n pub 1024D/22458A98 2000-07-10 Mandriva Security Team\n \u003csecurity*mandriva.com\u003e\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.9 (GNU/Linux)\n\niD8DBQFMXDLBmqjQ0CJFipgRAsxuAJ9WAKaIXwvgmXJzs8W+fgn2/2+E/gCg9RT9\n1DtIJJ4PJJj+9xrl7Yhsyw8=\n=Ov4p\n-----END PGP SIGNATURE-----\n\n_______________________________________________\nFull-Disclosure - We believe in it. \nCharter: http://lists.grok.org.uk/full-disclosure-charter.html\nHosted and sponsored by Secunia - http://secunia.com/\n. ===========================================================\nUbuntu Security Notice USN-954-1 June 21, 2010\ntiff vulnerabilities\nCVE-2010-1411, CVE-2010-2065, CVE-2010-2067\n===========================================================\n\nA security issue affects the following Ubuntu releases:\n\nUbuntu 6.06 LTS\nUbuntu 8.04 LTS\nUbuntu 9.04\nUbuntu 9.10\nUbuntu 10.04 LTS\n\nThis advisory also applies to the corresponding versions of\nKubuntu, Edubuntu, and Xubuntu. \n\nThe problem can be corrected by upgrading your system to the\nfollowing package versions:\n\nUbuntu 6.06 LTS:\n libtiff4 3.7.4-1ubuntu3.8\n\nUbuntu 8.04 LTS:\n libtiff4 3.8.2-7ubuntu3.6\n\nUbuntu 9.04:\n libtiff4 3.8.2-11ubuntu0.9.04.6\n\nUbuntu 9.10:\n libtiff4 3.8.2-13ubuntu0.3\n\nUbuntu 10.04 LTS:\n libtiff4 3.9.2-2ubuntu0.3\n\nAfter a standard system update you need to restart your session to make\nall the necessary changes. \n\nDetails follow:\n\nKevin Finisterre discovered that the TIFF library did not correctly handle\ncertain image structures. (CVE-2010-1411)\n\nDan Rosenberg and Sauli Pahlman discovered multiple flaws in the TIFF\nlibrary. (Only Ubuntu 10.04 LTS was affected.) (CVE-2010-2065,\nCVE-2010-2067)\n\n\nUpdated packages for Ubuntu 6.06 LTS:\n\n Source archives:\n\n http://security.ubuntu.com/ubuntu/pool/main/t/tiff/tiff_3.7.4-1ubuntu3.8.diff.gz\n Size/MD5: 23040 b840c801a3d7fc4d0a1053d6fabbe707\n http://security.ubuntu.com/ubuntu/pool/main/t/tiff/tiff_3.7.4-1ubuntu3.8.dsc\n Size/MD5: 803 d68889478f2962e9b31033bebc892e89\n http://security.ubuntu.com/ubuntu/pool/main/t/tiff/tiff_3.7.4.orig.tar.gz\n Size/MD5: 1280113 02cf5c3820bda83b35bb35b45ae27005\n\n amd64 architecture (Athlon64, Opteron, EM64T Xeon):\n\n http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff-tools_3.7.4-1ubuntu3.8_amd64.deb\n Size/MD5: 221050 4d3f5ef363350aa5ade8af964f8cb3ab\n http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4-dev_3.7.4-1ubuntu3.8_amd64.deb\n Size/MD5: 282864 3ab150b16046d29337ba739f09ffee98\n http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4_3.7.4-1ubuntu3.8_amd64.deb\n Size/MD5: 476068 717cb178af7ec2759268c50fd9257300\n http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiffxx0c2_3.7.4-1ubuntu3.8_amd64.deb\n Size/MD5: 44808 e94b7ae7d8c4ed4125db7276f84df640\n http://security.ubuntu.com/ubuntu/pool/universe/t/tiff/libtiff-opengl_3.7.4-1ubuntu3.8_amd64.deb\n Size/MD5: 49990 ad2f88b3d31e6ce02cc727f834f67fa6\n\n i386 architecture (x86 compatible Intel/AMD):\n\n http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff-tools_3.7.4-1ubuntu3.8_i386.deb\n Size/MD5: 206022 713177b3875929efae2c3ff8089067a4\n http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4-dev_3.7.4-1ubuntu3.8_i386.deb\n Size/MD5: 259564 da2b2a54a49072deb1099928d4d21e4f\n http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4_3.7.4-1ubuntu3.8_i386.deb\n Size/MD5: 462376 7672d9dab7dfb1c1f80465aedb91c68e\n http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiffxx0c2_3.7.4-1ubuntu3.8_i386.deb\n Size/MD5: 44808 6b927f6f57aa78861af48514ddac5918\n http://security.ubuntu.com/ubuntu/pool/universe/t/tiff/libtiff-opengl_3.7.4-1ubuntu3.8_i386.deb\n Size/MD5: 49330 5206a97516a0b6f76e423c2f90b8cfee\n\n powerpc architecture (Apple Macintosh G3/G4/G5):\n\n http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff-tools_3.7.4-1ubuntu3.8_powerpc.deb\n Size/MD5: 239948 68f3cdaac63717128344589f976ae975\n http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4-dev_3.7.4-1ubuntu3.8_powerpc.deb\n Size/MD5: 288748 96e81fafcef3b4245c80ced08cc5752a\n http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4_3.7.4-1ubuntu3.8_powerpc.deb\n Size/MD5: 476678 9ee3902c1570f7b9cb458e6ed844abb1\n http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiffxx0c2_3.7.4-1ubuntu3.8_powerpc.deb\n Size/MD5: 47040 399804bdbcfbd3d38b976957ffec738b\n http://security.ubuntu.com/ubuntu/pool/universe/t/tiff/libtiff-opengl_3.7.4-1ubuntu3.8_powerpc.deb\n Size/MD5: 51672 ba92c41d9105bb80729ff263f7955e63\n\n sparc architecture (Sun SPARC/UltraSPARC):\n\n http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff-tools_3.7.4-1ubuntu3.8_sparc.deb\n Size/MD5: 208940 c67ceaa5d1c09987d580c438874c17f6\n http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4-dev_3.7.4-1ubuntu3.8_sparc.deb\n Size/MD5: 270628 7df1a1ad75e42a84af970eab83163089\n http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4_3.7.4-1ubuntu3.8_sparc.deb\n Size/MD5: 467240 2b85c23af3d8b6c9a82e65736949c131\n http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiffxx0c2_3.7.4-1ubuntu3.8_sparc.deb\n Size/MD5: 44742 e69373d50bf9c942cbf6d8825bca352b\n http://security.ubuntu.com/ubuntu/pool/universe/t/tiff/libtiff-opengl_3.7.4-1ubuntu3.8_sparc.deb\n Size/MD5: 49878 e8d0bef67675fdb392e77625f435d219\n\nUpdated packages for Ubuntu 8.04 LTS:\n\n Source archives:\n\n http://security.ubuntu.com/ubuntu/pool/main/t/tiff/tiff_3.8.2-7ubuntu3.6.diff.gz\n Size/MD5: 21457 7abcb4908ccce79993653514228664a7\n http://security.ubuntu.com/ubuntu/pool/main/t/tiff/tiff_3.8.2-7ubuntu3.6.dsc\n Size/MD5: 899 0a7f751ae5fd3a5cb4dbbef7ab8beba1\n http://security.ubuntu.com/ubuntu/pool/main/t/tiff/tiff_3.8.2.orig.tar.gz\n Size/MD5: 1333780 e6ec4ab957ef49d5aabc38b7a376910b\n\n amd64 architecture (Athlon64, Opteron, EM64T Xeon):\n\n http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff-tools_3.8.2-7ubuntu3.6_amd64.deb\n Size/MD5: 186468 23fd6541a3233e1bb4cda603aaa78284\n http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4-dev_3.8.2-7ubuntu3.6_amd64.deb\n Size/MD5: 571232 95be000d64194a48d01273015edde173\n http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4_3.8.2-7ubuntu3.6_amd64.deb\n Size/MD5: 131246 c272d2494f48d401a6390ef591770e2a\n http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiffxx0c2_3.8.2-7ubuntu3.6_amd64.deb\n Size/MD5: 5074 aab0bfd607ea51554611263913f5de9a\n http://security.ubuntu.com/ubuntu/pool/universe/t/tiff/libtiff-opengl_3.8.2-7ubuntu3.6_amd64.deb\n Size/MD5: 10498 6ca030143c795181a60c4839614ab325\n\n i386 architecture (x86 compatible Intel/AMD):\n\n http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff-tools_3.8.2-7ubuntu3.6_i386.deb\n Size/MD5: 175322 65ce19d8e649dd9213fdd45dfa10c090\n http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4-dev_3.8.2-7ubuntu3.6_i386.deb\n Size/MD5: 552732 64759cd5ab6f5f9b4afbc32dbbff901d\n http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4_3.8.2-7ubuntu3.6_i386.deb\n Size/MD5: 123000 f58e75e4d5e334b476fd100ba33edf72\n http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiffxx0c2_3.8.2-7ubuntu3.6_i386.deb\n Size/MD5: 5042 586e14ed6fef1ce1eda11624b297f97f\n http://security.ubuntu.com/ubuntu/pool/universe/t/tiff/libtiff-opengl_3.8.2-7ubuntu3.6_i386.deb\n Size/MD5: 9940 65217cbdc3ed7c176ab115834d34030e\n\n lpia architecture (Low Power Intel Architecture):\n\n http://ports.ubuntu.com/pool/main/t/tiff/libtiff-tools_3.8.2-7ubuntu3.6_lpia.deb\n Size/MD5: 177018 da50f84cda9ef32d65a5f28ac7e04d8c\n http://ports.ubuntu.com/pool/main/t/tiff/libtiff4-dev_3.8.2-7ubuntu3.6_lpia.deb\n Size/MD5: 555182 e7e9c90796c183e66bf34d72837e49c3\n http://ports.ubuntu.com/pool/main/t/tiff/libtiff4_3.8.2-7ubuntu3.6_lpia.deb\n Size/MD5: 124212 e8439778d4c95a5ad750b9d69a6eb309\n http://ports.ubuntu.com/pool/main/t/tiff/libtiffxx0c2_3.8.2-7ubuntu3.6_lpia.deb\n Size/MD5: 4916 09d01db63f70bd66c3a92720ad888281\n http://ports.ubuntu.com/pool/universe/t/tiff/libtiff-opengl_3.8.2-7ubuntu3.6_lpia.deb\n Size/MD5: 9980 4bd91c80378208cd35678ead71081ab6\n\n powerpc architecture (Apple Macintosh G3/G4/G5):\n\n http://ports.ubuntu.com/pool/main/t/tiff/libtiff-tools_3.8.2-7ubuntu3.6_powerpc.deb\n Size/MD5: 223478 71bdc0445e1e63b91ecd6d5cdb3d362c\n http://ports.ubuntu.com/pool/main/t/tiff/libtiff4-dev_3.8.2-7ubuntu3.6_powerpc.deb\n Size/MD5: 577308 c893f853e3d834379fe34e6d98541500\n http://ports.ubuntu.com/pool/main/t/tiff/libtiff4_3.8.2-7ubuntu3.6_powerpc.deb\n Size/MD5: 134610 5ca1d77cac23b098008d3079e3d462a4\n http://ports.ubuntu.com/pool/main/t/tiff/libtiffxx0c2_3.8.2-7ubuntu3.6_powerpc.deb\n Size/MD5: 7510 d920d8082d30de0499af5038556fbaa7\n http://ports.ubuntu.com/pool/universe/t/tiff/libtiff-opengl_3.8.2-7ubuntu3.6_powerpc.deb\n Size/MD5: 13286 2cf13645039e3ef9ae085f33b709ec60\n\n sparc architecture (Sun SPARC/UltraSPARC):\n\n http://ports.ubuntu.com/pool/main/t/tiff/libtiff-tools_3.8.2-7ubuntu3.6_sparc.deb\n Size/MD5: 178868 16fd5d7a68d5c119f1cfcfbc7d0f720b\n http://ports.ubuntu.com/pool/main/t/tiff/libtiff4-dev_3.8.2-7ubuntu3.6_sparc.deb\n Size/MD5: 558590 cef1b1501e6b71beb717da7f110a9829\n http://ports.ubuntu.com/pool/main/t/tiff/libtiff4_3.8.2-7ubuntu3.6_sparc.deb\n Size/MD5: 122704 1f07fe414230660e0608a4753f5fa456\n http://ports.ubuntu.com/pool/main/t/tiff/libtiffxx0c2_3.8.2-7ubuntu3.6_sparc.deb\n Size/MD5: 4804 836d935afee73d163417e77eae1b5eba\n http://ports.ubuntu.com/pool/universe/t/tiff/libtiff-opengl_3.8.2-7ubuntu3.6_sparc.deb\n Size/MD5: 10700 0ff671fb6a490f6bbf318bc566b9b68e\n\nUpdated packages for Ubuntu 9.04:\n\n Source archives:\n\n http://security.ubuntu.com/ubuntu/pool/main/t/tiff/tiff_3.8.2-11ubuntu0.9.04.6.diff.gz\n Size/MD5: 41278 b5e24df5393ac8d3f0c4ea3f065ae4b3\n http://security.ubuntu.com/ubuntu/pool/main/t/tiff/tiff_3.8.2-11ubuntu0.9.04.6.dsc\n Size/MD5: 1367 fd03c6190254db93870f7ccd575272d1\n http://security.ubuntu.com/ubuntu/pool/main/t/tiff/tiff_3.8.2.orig.tar.gz\n Size/MD5: 1333780 e6ec4ab957ef49d5aabc38b7a376910b\n\n Architecture independent packages:\n\n http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff-doc_3.8.2-11ubuntu0.9.04.6_all.deb\n Size/MD5: 334870 026f8704147696147176f69e92682c28\n\n amd64 architecture (Athlon64, Opteron, EM64T Xeon):\n\n http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff-tools_3.8.2-11ubuntu0.9.04.6_amd64.deb\n Size/MD5: 191638 c93bc89ad72f5c63476d9fe3ecf5ca0d\n http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4-dev_3.8.2-11ubuntu0.9.04.6_amd64.deb\n Size/MD5: 250894 d997f30871a19214988da6cd251328b9\n http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4_3.8.2-11ubuntu0.9.04.6_amd64.deb\n Size/MD5: 134574 80146acc32c9391baf2ce1c3a8e519c8\n http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiffxx0c2_3.8.2-11ubuntu0.9.04.6_amd64.deb\n Size/MD5: 6284 bd1c39ad7746d911e30871c8939d3988\n http://security.ubuntu.com/ubuntu/pool/universe/t/tiff/libtiff-opengl_3.8.2-11ubuntu0.9.04.6_amd64.deb\n Size/MD5: 11902 d12ea8aabdc9a7e67d998115c49e902f\n\n i386 architecture (x86 compatible Intel/AMD):\n\n http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff-tools_3.8.2-11ubuntu0.9.04.6_i386.deb\n Size/MD5: 176254 38eef2617f8e1fc8b8fbfce314e0d3e9\n http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4-dev_3.8.2-11ubuntu0.9.04.6_i386.deb\n Size/MD5: 233732 1d104561bc6950d1b7cadbab771f353c\n http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4_3.8.2-11ubuntu0.9.04.6_i386.deb\n Size/MD5: 126548 22359cfdca9c56ff2fb01853315f2639\n http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiffxx0c2_3.8.2-11ubuntu0.9.04.6_i386.deb\n Size/MD5: 6274 de4dccef0ce17f4a698aba609b33e73c\n http://security.ubuntu.com/ubuntu/pool/universe/t/tiff/libtiff-opengl_3.8.2-11ubuntu0.9.04.6_i386.deb\n Size/MD5: 11244 2297033448604abce36ceed918685799\n\n lpia architecture (Low Power Intel Architecture):\n\n http://ports.ubuntu.com/pool/main/t/tiff/libtiff-tools_3.8.2-11ubuntu0.9.04.6_lpia.deb\n Size/MD5: 178544 7895fa9f7ed7e6310953384cf14b44ac\n http://ports.ubuntu.com/pool/main/t/tiff/libtiff4-dev_3.8.2-11ubuntu0.9.04.6_lpia.deb\n Size/MD5: 236174 a49ffa36dcd626470f6406945f2a9b07\n http://ports.ubuntu.com/pool/main/t/tiff/libtiff4_3.8.2-11ubuntu0.9.04.6_lpia.deb\n Size/MD5: 128182 c15737bbdb79e4ad6747ff1122c9010a\n http://ports.ubuntu.com/pool/main/t/tiff/libtiffxx0c2_3.8.2-11ubuntu0.9.04.6_lpia.deb\n Size/MD5: 6132 6c41518edbf30a79fa5c619da6345a2c\n http://ports.ubuntu.com/pool/universe/t/tiff/libtiff-opengl_3.8.2-11ubuntu0.9.04.6_lpia.deb\n Size/MD5: 11280 45e30b64c92200cc30ff35c076734f7c\n\n powerpc architecture (Apple Macintosh G3/G4/G5):\n\n http://ports.ubuntu.com/pool/main/t/tiff/libtiff-tools_3.8.2-11ubuntu0.9.04.6_powerpc.deb\n Size/MD5: 221288 3592d9842997a658007ac326caaed2a7\n http://ports.ubuntu.com/pool/main/t/tiff/libtiff4-dev_3.8.2-11ubuntu0.9.04.6_powerpc.deb\n Size/MD5: 256768 834993c1049aca8c12420b92c92f28fb\n http://ports.ubuntu.com/pool/main/t/tiff/libtiff4_3.8.2-11ubuntu0.9.04.6_powerpc.deb\n Size/MD5: 137538 49b4a1e944f909ca495b525c2633a735\n http://ports.ubuntu.com/pool/main/t/tiff/libtiffxx0c2_3.8.2-11ubuntu0.9.04.6_powerpc.deb\n Size/MD5: 8730 01803cafeea784dbc818a5e0b280722f\n http://ports.ubuntu.com/pool/universe/t/tiff/libtiff-opengl_3.8.2-11ubuntu0.9.04.6_powerpc.deb\n Size/MD5: 14234 2ba3cc6f57abce5c990eef8d7c6fbceb\n\n sparc architecture (Sun SPARC/UltraSPARC):\n\n http://ports.ubuntu.com/pool/main/t/tiff/libtiff-tools_3.8.2-11ubuntu0.9.04.6_sparc.deb\n Size/MD5: 183806 f2a9bbe1f571d06e74fc955ac8f59b72\n http://ports.ubuntu.com/pool/main/t/tiff/libtiff4-dev_3.8.2-11ubuntu0.9.04.6_sparc.deb\n Size/MD5: 238044 12858b8bde77b383f1089e8989394b38\n http://ports.ubuntu.com/pool/main/t/tiff/libtiff4_3.8.2-11ubuntu0.9.04.6_sparc.deb\n Size/MD5: 124424 bf09c05c0bc3ec5c21ebdefbb095faa6\n http://ports.ubuntu.com/pool/main/t/tiff/libtiffxx0c2_3.8.2-11ubuntu0.9.04.6_sparc.deb\n Size/MD5: 5978 952a5bf270a59b0f873dd1c6a1f67175\n http://ports.ubuntu.com/pool/universe/t/tiff/libtiff-opengl_3.8.2-11ubuntu0.9.04.6_sparc.deb\n Size/MD5: 12022 629b0b70778ecd8fe824f3254cf27b90\n\nUpdated packages for Ubuntu 9.10:\n\n Source archives:\n\n http://security.ubuntu.com/ubuntu/pool/main/t/tiff/tiff_3.8.2-13ubuntu0.3.diff.gz\n Size/MD5: 41121 c0ab3072d29ea0360ba47217778d4901\n http://security.ubuntu.com/ubuntu/pool/main/t/tiff/tiff_3.8.2-13ubuntu0.3.dsc\n Size/MD5: 1343 03d22a022fc88888d9d8935e0df737bf\n http://security.ubuntu.com/ubuntu/pool/main/t/tiff/tiff_3.8.2.orig.tar.gz\n Size/MD5: 1333780 e6ec4ab957ef49d5aabc38b7a376910b\n\n Architecture independent packages:\n\n http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff-doc_3.8.2-13ubuntu0.3_all.deb\n Size/MD5: 334670 5cc39d1960ed0eaa84b0cef574f9019a\n\n amd64 architecture (Athlon64, Opteron, EM64T Xeon):\n\n http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff-tools_3.8.2-13ubuntu0.3_amd64.deb\n Size/MD5: 193172 904b26a40f81337d896afb4dc99b6dac\n http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4-dev_3.8.2-13ubuntu0.3_amd64.deb\n Size/MD5: 251358 a2c45975bc8789e05a1fac873c54afdb\n http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4_3.8.2-13ubuntu0.3_amd64.deb\n Size/MD5: 135204 747b17ea960047cfe980951780e16343\n http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiffxx0c2_3.8.2-13ubuntu0.3_amd64.deb\n Size/MD5: 6330 1784c3b86fe6a9a68f8411b7ad816d4a\n http://security.ubuntu.com/ubuntu/pool/universe/t/tiff/libtiff-opengl_3.8.2-13ubuntu0.3_amd64.deb\n Size/MD5: 12006 24240bf743cd23ce670b4b486a7408a6\n\n i386 architecture (x86 compatible Intel/AMD):\n\n http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff-tools_3.8.2-13ubuntu0.3_i386.deb\n Size/MD5: 175842 008409a183baa37db8c1c45a8f094a44\n http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4-dev_3.8.2-13ubuntu0.3_i386.deb\n Size/MD5: 231870 56bb188c4596af1b901be03032d9a617\n http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4_3.8.2-13ubuntu0.3_i386.deb\n Size/MD5: 124248 3708797ed53d0d0b58769ff729ff18c0\n http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiffxx0c2_3.8.2-13ubuntu0.3_i386.deb\n Size/MD5: 6446 cb3263d1be21404f7cb72866fdf6ad2a\n http://security.ubuntu.com/ubuntu/pool/universe/t/tiff/libtiff-opengl_3.8.2-13ubuntu0.3_i386.deb\n Size/MD5: 11302 628741204ad187f2d66f724c49ee47f7\n\n lpia architecture (Low Power Intel Architecture):\n\n http://ports.ubuntu.com/pool/main/t/tiff/libtiff-tools_3.8.2-13ubuntu0.3_lpia.deb\n Size/MD5: 177048 64a59e0441238751d0e74e47e414d27e\n http://ports.ubuntu.com/pool/main/t/tiff/libtiff4-dev_3.8.2-13ubuntu0.3_lpia.deb\n Size/MD5: 234210 73343fb5872ff0d51c90ffc1cc841c9f\n http://ports.ubuntu.com/pool/main/t/tiff/libtiff4_3.8.2-13ubuntu0.3_lpia.deb\n Size/MD5: 125892 2f7f51f21359bec31fdb219176d46517\n http://ports.ubuntu.com/pool/main/t/tiff/libtiffxx0c2_3.8.2-13ubuntu0.3_lpia.deb\n Size/MD5: 6314 5bd86ff35a7592a8cb6cc4fe5a19073f\n http://ports.ubuntu.com/pool/universe/t/tiff/libtiff-opengl_3.8.2-13ubuntu0.3_lpia.deb\n Size/MD5: 11342 36a53ad5737a7381f123f9ba65efb694\n\n powerpc architecture (Apple Macintosh G3/G4/G5):\n\n http://ports.ubuntu.com/pool/main/t/tiff/libtiff-tools_3.8.2-13ubuntu0.3_powerpc.deb\n Size/MD5: 191502 c6b963c4009baaa04afe123c7ec99f9c\n http://ports.ubuntu.com/pool/main/t/tiff/libtiff4-dev_3.8.2-13ubuntu0.3_powerpc.deb\n Size/MD5: 256282 8110d1fade42b772fbc2072ea209eb97\n http://ports.ubuntu.com/pool/main/t/tiff/libtiff4_3.8.2-13ubuntu0.3_powerpc.deb\n Size/MD5: 136778 dbba3ac2c70dbf380fe242bd68c53fa3\n http://ports.ubuntu.com/pool/main/t/tiff/libtiffxx0c2_3.8.2-13ubuntu0.3_powerpc.deb\n Size/MD5: 6736 1f111239548e12c69db166e59a190b3c\n http://ports.ubuntu.com/pool/universe/t/tiff/libtiff-opengl_3.8.2-13ubuntu0.3_powerpc.deb\n Size/MD5: 12086 0d49955b527ff8a6ff4943120ba553c5\n\n sparc architecture (Sun SPARC/UltraSPARC):\n\n http://ports.ubuntu.com/pool/main/t/tiff/libtiff-tools_3.8.2-13ubuntu0.3_sparc.deb\n Size/MD5: 184286 06388a8d95b34d4bfb7247c47c07906c\n http://ports.ubuntu.com/pool/main/t/tiff/libtiff4-dev_3.8.2-13ubuntu0.3_sparc.deb\n Size/MD5: 236968 4208eb62edba48bbd6d280eedda2a0a4\n http://ports.ubuntu.com/pool/main/t/tiff/libtiff4_3.8.2-13ubuntu0.3_sparc.deb\n Size/MD5: 124514 a6446a90d3e9d5629f8105603c9474dd\n http://ports.ubuntu.com/pool/main/t/tiff/libtiffxx0c2_3.8.2-13ubuntu0.3_sparc.deb\n Size/MD5: 6100 76a69eccc98c82be32b0481df58d3de9\n http://ports.ubuntu.com/pool/universe/t/tiff/libtiff-opengl_3.8.2-13ubuntu0.3_sparc.deb\n Size/MD5: 12026 c23e8ab257390fe565ebf103a8edaeb9\n\nUpdated packages for Ubuntu 10.04:\n\n Source archives:\n\n http://security.ubuntu.com/ubuntu/pool/main/t/tiff/tiff_3.9.2-2ubuntu0.3.diff.gz\n Size/MD5: 17310 779fdd57e79090bedcec10b26eaf08ec\n http://security.ubuntu.com/ubuntu/pool/main/t/tiff/tiff_3.9.2-2ubuntu0.3.dsc\n Size/MD5: 1339 7d001b20ea0677cb63bbb4becf8ff69f\n http://security.ubuntu.com/ubuntu/pool/main/t/tiff/tiff_3.9.2.orig.tar.gz\n Size/MD5: 1419742 93e56e421679c591de7552db13384cb8\n\n Architecture independent packages:\n\n http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff-doc_3.9.2-2ubuntu0.3_all.deb\n Size/MD5: 342306 e17c62cb61768cd0885bd5c71caa7f67\n\n amd64 architecture (Athlon64, Opteron, EM64T Xeon):\n\n http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff-tools_3.9.2-2ubuntu0.3_amd64.deb\n Size/MD5: 252274 0b359ab56d43865968c690765ef96a23\n http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4-dev_3.9.2-2ubuntu0.3_amd64.deb\n Size/MD5: 269444 364252fef2d31f9a59be006a60c6794e\n http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4_3.9.2-2ubuntu0.3_amd64.deb\n Size/MD5: 148610 19d95336d35bffd635787ac1174c6716\n http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiffxx0c2_3.9.2-2ubuntu0.3_amd64.deb\n Size/MD5: 6390 7236b5c267df2ae7fbb805768c4d6314\n http://security.ubuntu.com/ubuntu/pool/universe/t/tiff/libtiff-opengl_3.9.2-2ubuntu0.3_amd64.deb\n Size/MD5: 12034 ad15f0ac0f19016a4498c3f22f90de43\n\n i386 architecture (x86 compatible Intel/AMD):\n\n http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff-tools_3.9.2-2ubuntu0.3_i386.deb\n Size/MD5: 232412 def529fa30067e222a10ce03fb4651e2\n http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4-dev_3.9.2-2ubuntu0.3_i386.deb\n Size/MD5: 246484 3f78b62e3e411a05fcf9f97a9f77f21c\n http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4_3.9.2-2ubuntu0.3_i386.deb\n Size/MD5: 136176 0fae675d248b4ab7cf77018d860a55ce\n http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiffxx0c2_3.9.2-2ubuntu0.3_i386.deb\n Size/MD5: 6492 fb5a44eaef7ee218d83a4482bd331c69\n http://security.ubuntu.com/ubuntu/pool/universe/t/tiff/libtiff-opengl_3.9.2-2ubuntu0.3_i386.deb\n Size/MD5: 11290 c9ee0da107d51715c41bc5513a302532\n\n powerpc architecture (Apple Macintosh G3/G4/G5):\n\n http://ports.ubuntu.com/pool/main/t/tiff/libtiff-tools_3.9.2-2ubuntu0.3_powerpc.deb\n Size/MD5: 253470 7fbf59b850974984a419f752830da31b\n http://ports.ubuntu.com/pool/main/t/tiff/libtiff4-dev_3.9.2-2ubuntu0.3_powerpc.deb\n Size/MD5: 275072 a174c0a69bbe402b3d17a0085e69952d\n http://ports.ubuntu.com/pool/main/t/tiff/libtiff4_3.9.2-2ubuntu0.3_powerpc.deb\n Size/MD5: 150222 e460e28329d5754c4670647d08a2c9fb\n http://ports.ubuntu.com/pool/main/t/tiff/libtiffxx0c2_3.9.2-2ubuntu0.3_powerpc.deb\n Size/MD5: 6774 f5f491424e932a100199e8274d7b8eef\n http://ports.ubuntu.com/pool/universe/t/tiff/libtiff-opengl_3.9.2-2ubuntu0.3_powerpc.deb\n Size/MD5: 12098 c18d01ecf566a05ef689b2224bf0c343\n\n sparc architecture (Sun SPARC/UltraSPARC):\n\n http://ports.ubuntu.com/pool/main/t/tiff/libtiff-tools_3.9.2-2ubuntu0.3_sparc.deb\n Size/MD5: 248748 fc6cc955db82161bffe7ebf0dd5a4aea\n http://ports.ubuntu.com/pool/main/t/tiff/libtiff4-dev_3.9.2-2ubuntu0.3_sparc.deb\n Size/MD5: 257150 ccb51b6b25aa92dc09140d0fda8ef2b5\n http://ports.ubuntu.com/pool/main/t/tiff/libtiff4_3.9.2-2ubuntu0.3_sparc.deb\n Size/MD5: 142870 5644962072cf924c15a559f9a0f00ddc\n http://ports.ubuntu.com/pool/main/t/tiff/libtiffxx0c2_3.9.2-2ubuntu0.3_sparc.deb\n Size/MD5: 6238 d11701e3eb25d8201e363314c5ea4bbb\n http://ports.ubuntu.com/pool/universe/t/tiff/libtiff-opengl_3.9.2-2ubuntu0.3_sparc.deb\n Size/MD5: 11922 be82dd608f5e01be8117b48eaa567ca0\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2010-1411"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001651"
},
{
"db": "BID",
"id": "40823"
},
{
"db": "VULHUB",
"id": "VHN-44016"
},
{
"db": "VULMON",
"id": "CVE-2010-1411"
},
{
"db": "PACKETSTORM",
"id": "92361"
},
{
"db": "PACKETSTORM",
"id": "92522"
},
{
"db": "PACKETSTORM",
"id": "116799"
},
{
"db": "PACKETSTORM",
"id": "92523"
},
{
"db": "PACKETSTORM",
"id": "90903"
}
],
"trust": 2.52
},
"external_ids": {
"_id": null,
"data": [
{
"db": "NVD",
"id": "CVE-2010-1411",
"trust": 3.4
},
{
"db": "BID",
"id": "40823",
"trust": 2.3
},
{
"db": "SECUNIA",
"id": "40181",
"trust": 2.0
},
{
"db": "SECUNIA",
"id": "40220",
"trust": 2.0
},
{
"db": "SECUNIA",
"id": "40196",
"trust": 2.0
},
{
"db": "SECTRACK",
"id": "1024103",
"trust": 2.0
},
{
"db": "VUPEN",
"id": "ADV-2010-1435",
"trust": 2.0
},
{
"db": "VUPEN",
"id": "ADV-2010-1512",
"trust": 2.0
},
{
"db": "VUPEN",
"id": "ADV-2010-1481",
"trust": 2.0
},
{
"db": "SECUNIA",
"id": "50726",
"trust": 1.2
},
{
"db": "SECUNIA",
"id": "40536",
"trust": 1.2
},
{
"db": "SECUNIA",
"id": "40527",
"trust": 1.2
},
{
"db": "SECUNIA",
"id": "40381",
"trust": 1.2
},
{
"db": "SECUNIA",
"id": "40478",
"trust": 1.2
},
{
"db": "VUPEN",
"id": "ADV-2010-1761",
"trust": 1.2
},
{
"db": "VUPEN",
"id": "ADV-2010-1731",
"trust": 1.2
},
{
"db": "VUPEN",
"id": "ADV-2010-1638",
"trust": 1.2
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001651",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201006-294",
"trust": 0.7
},
{
"db": "AUSCERT",
"id": "ESB-2020.2340",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "92361",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "90903",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-44016",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2010-1411",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "92522",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "116799",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "92523",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-44016"
},
{
"db": "VULMON",
"id": "CVE-2010-1411"
},
{
"db": "BID",
"id": "40823"
},
{
"db": "PACKETSTORM",
"id": "92361"
},
{
"db": "PACKETSTORM",
"id": "92522"
},
{
"db": "PACKETSTORM",
"id": "116799"
},
{
"db": "PACKETSTORM",
"id": "92523"
},
{
"db": "PACKETSTORM",
"id": "90903"
},
{
"db": "CNNVD",
"id": "CNNVD-201006-294"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001651"
},
{
"db": "NVD",
"id": "CVE-2010-1411"
}
]
},
"id": "VAR-201006-1232",
"iot": {
"_id": null,
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-44016"
}
],
"trust": 0.01
},
"last_update_date": "2026-04-10T23:25:24.129000Z",
"patch": {
"_id": null,
"data": [
{
"title": "HT4188",
"trust": 0.8,
"url": "http://support.apple.com/kb/HT4188"
},
{
"title": "HT4196",
"trust": 0.8,
"url": "http://support.apple.com/kb/HT4196"
},
{
"title": "HT4220",
"trust": 0.8,
"url": "http://support.apple.com/kb/HT4220"
},
{
"title": "HT4188",
"trust": 0.8,
"url": "http://support.apple.com/kb/HT4188?viewlocale=ja_JP"
},
{
"title": "HT4196",
"trust": 0.8,
"url": "http://support.apple.com/kb/HT4196?viewlocale=ja_JP"
},
{
"title": "HT4220",
"trust": 0.8,
"url": "http://support.apple.com/kb/HT4220?viewlocale=ja_JP"
},
{
"title": "libtiff-3.8.2-7.5.0.1.AXS3",
"trust": 0.8,
"url": "https://tsn.miraclelinux.com/tsn_local/index.php?m=errata\u0026a=detail\u0026eid=1208"
},
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.remotesensing.org/libtiff"
},
{
"title": "2077",
"trust": 0.8,
"url": "http://www.miraclelinux.com/support/index.php?q=node/99\u0026errata_id=2077"
},
{
"title": "2107",
"trust": 0.8,
"url": "http://www.miraclelinux.com/support/index.php?q=node/99\u0026errata_id=2107"
},
{
"title": "RHSA-2010:0520",
"trust": 0.8,
"url": "http://rhn.redhat.com/errata/RHSA-2010-0520.html"
},
{
"title": "RHSA-2010:0519",
"trust": 0.8,
"url": "http://rhn.redhat.com/errata/RHSA-2010-0519.html"
},
{
"title": "Security Update 2010-004 (Leopard-Server)",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=3702"
},
{
"title": "Mac OS X v10.6.4 Update Mac mini (Mid 2010)",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=3706"
},
{
"title": "Mac OS X v10.6.4 Update (Combo)",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=3705"
},
{
"title": "Mac OS X Server v10.6.4 Update Mac mini (Mid 2010)",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=3709"
},
{
"title": "Mac OS X v10.6.4 Update",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=3704"
},
{
"title": "Mac OS X Server v10.6.4 Update (Combo)",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=3708"
},
{
"title": "Security Update 2010-004 (Leopard-Client)",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=3703"
},
{
"title": "Mac OS X Server v10.6.4 Update",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=3707"
},
{
"title": "Debian Security Advisories: DSA-2084-1 tiff -- integer overflows",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=cb629b16ae5c0ef923a9bd4a1d632e9a"
},
{
"title": "Ubuntu Security Notice: tiff vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-954-1"
},
{
"title": "httpfuzz-robomiller",
"trust": 0.1,
"url": "https://github.com/MAVProxyUser/httpfuzz-robomiller "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/khulnasoft-labs/awesome-security "
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2010-1411"
},
{
"db": "CNNVD",
"id": "CNNVD-201006-294"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001651"
}
]
},
"problemtype_data": {
"_id": null,
"data": [
{
"problemtype": "CWE-189",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-44016"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001651"
},
{
"db": "NVD",
"id": "CVE-2010-1411"
}
]
},
"references": {
"_id": null,
"data": [
{
"trust": 2.1,
"url": "http://www.securityfocus.com/bid/40823"
},
{
"trust": 2.0,
"url": "http://securitytracker.com/id?1024103"
},
{
"trust": 2.0,
"url": "http://secunia.com/advisories/40181"
},
{
"trust": 2.0,
"url": "http://secunia.com/advisories/40196"
},
{
"trust": 2.0,
"url": "http://secunia.com/advisories/40220"
},
{
"trust": 2.0,
"url": "http://www.vupen.com/english/advisories/2010/1435"
},
{
"trust": 2.0,
"url": "http://www.vupen.com/english/advisories/2010/1481"
},
{
"trust": 2.0,
"url": "http://www.vupen.com/english/advisories/2010/1512"
},
{
"trust": 1.5,
"url": "http://www.remotesensing.org/libtiff/v3.9.3.html"
},
{
"trust": 1.3,
"url": "http://security.gentoo.org/glsa/glsa-201209-02.xml"
},
{
"trust": 1.2,
"url": "http://lists.apple.com/archives/security-announce/2010//jun/msg00001.html"
},
{
"trust": 1.2,
"url": "http://lists.apple.com/archives/security-announce/2010//jun/msg00002.html"
},
{
"trust": 1.2,
"url": "http://support.apple.com/kb/ht4188"
},
{
"trust": 1.2,
"url": "http://support.apple.com/kb/ht4196"
},
{
"trust": 1.2,
"url": "http://support.apple.com/kb/ht4220"
},
{
"trust": 1.2,
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=592361"
},
{
"trust": 1.2,
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-july/043769.html"
},
{
"trust": 1.2,
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-july/043835.html"
},
{
"trust": 1.2,
"url": "http://www.redhat.com/support/errata/rhsa-2010-0519.html"
},
{
"trust": 1.2,
"url": "http://www.redhat.com/support/errata/rhsa-2010-0520.html"
},
{
"trust": 1.2,
"url": "http://secunia.com/advisories/40381"
},
{
"trust": 1.2,
"url": "http://secunia.com/advisories/40478"
},
{
"trust": 1.2,
"url": "http://secunia.com/advisories/40527"
},
{
"trust": 1.2,
"url": "http://secunia.com/advisories/40536"
},
{
"trust": 1.2,
"url": "http://secunia.com/advisories/50726"
},
{
"trust": 1.2,
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-08/msg00001.html"
},
{
"trust": 1.2,
"url": "http://www.ubuntu.com/usn/usn-954-1"
},
{
"trust": 1.2,
"url": "http://www.vupen.com/english/advisories/2010/1638"
},
{
"trust": 1.2,
"url": "http://www.vupen.com/english/advisories/2010/1731"
},
{
"trust": 1.2,
"url": "http://www.vupen.com/english/advisories/2010/1761"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=oss-security\u0026m=127731610612908\u0026w=2"
},
{
"trust": 1.1,
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2010\u0026m=slackware-security.596424"
},
{
"trust": 1.0,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1411"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2010-1411"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2020.2340/"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-1411"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-2065"
},
{
"trust": 0.3,
"url": "http://www.libtiff.org/"
},
{
"trust": 0.3,
"url": "http://support.avaya.com/css/p8/documents/100093705"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-2597"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-2595"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-2483"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-2481"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-2067"
},
{
"trust": 0.2,
"url": "http://secunia.com/"
},
{
"trust": 0.2,
"url": "http://lists.grok.org.uk/full-disclosure-charter.html"
},
{
"trust": 0.2,
"url": "http://www.mandriva.com/security/"
},
{
"trust": 0.2,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2595"
},
{
"trust": 0.2,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2597"
},
{
"trust": 0.2,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2483"
},
{
"trust": 0.2,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2481"
},
{
"trust": 0.2,
"url": "http://www.mandriva.com/security/advisories"
},
{
"trust": 0.2,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2065"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-2482"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-2233"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=oss-security\u0026amp;m=127731610612908\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026amp;y=2010\u0026amp;m=slackware-security.596424"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/189.html"
},
{
"trust": 0.1,
"url": "https://github.com/mavproxyuser/httpfuzz-robomiller"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://www.debian.org/security/./dsa-2084"
},
{
"trust": 0.1,
"url": "https://usn.ubuntu.com/954-1/"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/t/tiff/libtiffxx0c2_3.8.2-11.3_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/t/tiff/libtiff4-dev_3.8.2-11.3_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/t/tiff/libtiff4_3.8.2-11.3_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/t/tiff/libtiff-tools_3.8.2-11.3_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/t/tiff/libtiff4-dev_3.8.2-11.3_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/t/tiff/tiff_3.8.2-11.3.dsc"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/t/tiff/libtiff4_3.8.2-11.3_hppa.deb"
},
{
"trust": 0.1,
"url": "http://www.debian.org/security/faq"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/t/tiff/libtiff4_3.8.2-11.3_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/t/tiff/libtiff-opengl_3.8.2-11.3_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/t/tiff/libtiff-tools_3.8.2-11.3_armel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/t/tiff/libtiff4-dev_3.8.2-11.3_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/t/tiff/libtiffxx0c2_3.8.2-11.3_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/t/tiff/libtiffxx0c2_3.8.2-11.3_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/t/tiff/libtiff4_3.8.2-11.3_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/t/tiff/libtiff-tools_3.8.2-11.3_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/t/tiff/libtiff4_3.8.2-11.3_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/t/tiff/libtiff-opengl_3.8.2-11.3_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/t/tiff/libtiffxx0c2_3.8.2-11.3_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/t/tiff/libtiff4-dev_3.8.2-11.3_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/t/tiff/libtiff4-dev_3.8.2-11.3_armel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/t/tiff/libtiff-tools_3.8.2-11.3_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/t/tiff/libtiff4-dev_3.8.2-11.3_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/t/tiff/libtiff4_3.8.2-11.3_armel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/t/tiff/libtiff-opengl_3.8.2-11.3_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/t/tiff/libtiff4-dev_3.8.2-11.3_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/t/tiff/libtiff-tools_3.8.2-11.3_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/t/tiff/libtiff4-dev_3.8.2-11.3_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/t/tiff/libtiff-opengl_3.8.2-11.3_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/t/tiff/libtiff4_3.8.2-11.3_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/t/tiff/libtiff4_3.8.2-11.3_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/t/tiff/libtiff-opengl_3.8.2-11.3_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/t/tiff/libtiff4_3.8.2-11.3_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/t/tiff/libtiff-opengl_3.8.2-11.3_armel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/t/tiff/libtiffxx0c2_3.8.2-11.3_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/t/tiff/libtiff-opengl_3.8.2-11.3_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/t/tiff/libtiff-tools_3.8.2-11.3_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/t/tiff/libtiff-tools_3.8.2-11.3_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/t/tiff/libtiff4-dev_3.8.2-11.3_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/t/tiff/libtiff4-dev_3.8.2-11.3_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/t/tiff/libtiff4_3.8.2-11.3_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/t/tiff/libtiffxx0c2_3.8.2-11.3_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/t/tiff/libtiffxx0c2_3.8.2-11.3_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/t/tiff/libtiff-opengl_3.8.2-11.3_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/t/tiff/libtiffxx0c2_3.8.2-11.3_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/t/tiff/libtiff-tools_3.8.2-11.3_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/t/tiff/libtiff-tools_3.8.2-11.3_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/t/tiff/libtiff4-dev_3.8.2-11.3_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/t/tiff/libtiff4_3.8.2-11.3_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/t/tiff/libtiffxx0c2_3.8.2-11.3_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/t/tiff/libtiff-tools_3.8.2-11.3_sparc.deb"
},
{
"trust": 0.1,
"url": "http://packages.debian.org/\u003cpkg\u003e"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/t/tiff/libtiff-opengl_3.8.2-11.3_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/t/tiff/libtiff-opengl_3.8.2-11.3_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/t/tiff/libtiffxx0c2_3.8.2-11.3_armel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/t/tiff/libtiffxx0c2_3.8.2-11.3_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/t/tiff/tiff_3.8.2-11.3.tar.gz"
},
{
"trust": 0.1,
"url": "http://www.debian.org/security/"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/t/tiff/libtiff-doc_3.8.2-11.3_all.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/t/tiff/libtiff-tools_3.8.2-11.3_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/t/tiff/libtiff-opengl_3.8.2-11.3_sparc.deb"
},
{
"trust": 0.1,
"url": "http://store.mandriva.com/product_info.php?cpath=149\u0026products_id=490"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-2443"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-5022"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-2347"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-1167"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-3401"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-1167"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-2113"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-2482"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-2597"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-3401"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-2596"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-2595"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3087"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-2631"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-1173"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-2347"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-2088"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-2233"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-4665"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0192"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-2483"
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-2088"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-2065"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-5022"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-2630"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-2443"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-2113"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-2067"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-2481"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-4665"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1173"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-2631"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-2596"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-2630"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-1411"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3087"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0192"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2482"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2067"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2233"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/tiff_3.8.2-7ubuntu3.6.dsc"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/tiff_3.8.2.orig.tar.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiffxx0c2_3.7.4-1ubuntu3.8_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiffxx0c2_3.7.4-1ubuntu3.8_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/t/tiff/libtiffxx0c2_3.8.2-13ubuntu0.3_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4-dev_3.7.4-1ubuntu3.8_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/t/tiff/libtiff4-dev_3.8.2-13ubuntu0.3_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/t/tiff/libtiff-opengl_3.7.4-1ubuntu3.8_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4-dev_3.8.2-13ubuntu0.3_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/t/tiff/libtiff4_3.8.2-13ubuntu0.3_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/t/tiff/libtiffxx0c2_3.8.2-11ubuntu0.9.04.6_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4_3.7.4-1ubuntu3.8_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiffxx0c2_3.9.2-2ubuntu0.3_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4_3.9.2-2ubuntu0.3_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/universe/t/tiff/libtiff-opengl_3.8.2-13ubuntu0.3_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4-dev_3.8.2-7ubuntu3.6_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/t/tiff/libtiff-opengl_3.8.2-7ubuntu3.6_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff-doc_3.9.2-2ubuntu0.3_all.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/universe/t/tiff/libtiff-opengl_3.9.2-2ubuntu0.3_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/t/tiff/libtiffxx0c2_3.8.2-7ubuntu3.6_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff-tools_3.8.2-11ubuntu0.9.04.6_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/t/tiff/libtiffxx0c2_3.8.2-13ubuntu0.3_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff-tools_3.8.2-7ubuntu3.6_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4_3.8.2-13ubuntu0.3_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4-dev_3.9.2-2ubuntu0.3_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4_3.8.2-11ubuntu0.9.04.6_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/t/tiff/libtiff4-dev_3.8.2-7ubuntu3.6_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4-dev_3.8.2-11ubuntu0.9.04.6_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/t/tiff/libtiff4-dev_3.8.2-11ubuntu0.9.04.6_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/universe/t/tiff/libtiff-opengl_3.8.2-11ubuntu0.9.04.6_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/tiff_3.7.4.orig.tar.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/t/tiff/libtiff-opengl_3.7.4-1ubuntu3.8_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/t/tiff/libtiff-opengl_3.9.2-2ubuntu0.3_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff-tools_3.8.2-13ubuntu0.3_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/t/tiff/libtiff-tools_3.8.2-13ubuntu0.3_lpia.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/universe/t/tiff/libtiff-opengl_3.8.2-7ubuntu3.6_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/t/tiff/libtiffxx0c2_3.8.2-11ubuntu0.9.04.6_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/t/tiff/libtiff-opengl_3.8.2-11ubuntu0.9.04.6_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff-tools_3.7.4-1ubuntu3.8_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/universe/t/tiff/libtiff-opengl_3.8.2-11ubuntu0.9.04.6_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/t/tiff/libtiff-opengl_3.8.2-11ubuntu0.9.04.6_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/t/tiff/libtiff4_3.9.2-2ubuntu0.3_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/t/tiff/libtiff-opengl_3.7.4-1ubuntu3.8_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4_3.7.4-1ubuntu3.8_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/t/tiff/libtiff-opengl_3.8.2-7ubuntu3.6_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff-tools_3.9.2-2ubuntu0.3_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/t/tiff/libtiff4-dev_3.9.2-2ubuntu0.3_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiffxx0c2_3.8.2-11ubuntu0.9.04.6_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff-tools_3.7.4-1ubuntu3.8_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/t/tiff/libtiffxx0c2_3.8.2-11ubuntu0.9.04.6_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4_3.7.4-1ubuntu3.8_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiffxx0c2_3.7.4-1ubuntu3.8_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4_3.8.2-13ubuntu0.3_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/t/tiff/libtiff-tools_3.9.2-2ubuntu0.3_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/tiff_3.8.2-11ubuntu0.9.04.6.dsc"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/universe/t/tiff/libtiff-opengl_3.8.2-13ubuntu0.3_lpia.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/t/tiff/libtiff-tools_3.8.2-13ubuntu0.3_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/tiff_3.8.2-13ubuntu0.3.diff.gz"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/t/tiff/libtiff4_3.8.2-7ubuntu3.6_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiffxx0c2_3.9.2-2ubuntu0.3_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff-doc_3.8.2-11ubuntu0.9.04.6_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/tiff_3.8.2-7ubuntu3.6.diff.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4-dev_3.8.2-13ubuntu0.3_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/t/tiff/libtiff4-dev_3.8.2-13ubuntu0.3_lpia.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/t/tiff/libtiff4-dev_3.8.2-11ubuntu0.9.04.6_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4-dev_3.8.2-7ubuntu3.6_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/t/tiff/libtiff4_3.8.2-11ubuntu0.9.04.6_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/universe/t/tiff/libtiff-opengl_3.8.2-13ubuntu0.3_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/tiff_3.7.4-1ubuntu3.8.dsc"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4-dev_3.8.2-11ubuntu0.9.04.6_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/t/tiff/libtiff-tools_3.8.2-11ubuntu0.9.04.6_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiffxx0c2_3.8.2-7ubuntu3.6_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/t/tiff/libtiff4_3.8.2-11ubuntu0.9.04.6_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/t/tiff/libtiffxx0c2_3.9.2-2ubuntu0.3_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff-doc_3.8.2-13ubuntu0.3_all.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/t/tiff/libtiff4_3.9.2-2ubuntu0.3_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/t/tiff/libtiff4-dev_3.8.2-7ubuntu3.6_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiffxx0c2_3.8.2-11ubuntu0.9.04.6_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/t/tiff/libtiff-tools_3.8.2-7ubuntu3.6_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4-dev_3.7.4-1ubuntu3.8_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/t/tiff/libtiffxx0c2_3.8.2-7ubuntu3.6_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4-dev_3.7.4-1ubuntu3.8_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/t/tiff/libtiff-tools_3.8.2-7ubuntu3.6_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff-tools_3.8.2-7ubuntu3.6_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/t/tiff/libtiffxx0c2_3.8.2-13ubuntu0.3_lpia.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/t/tiff/libtiff4_3.8.2-13ubuntu0.3_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4_3.7.4-1ubuntu3.8_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/t/tiff/libtiff-tools_3.8.2-11ubuntu0.9.04.6_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/tiff_3.9.2-2ubuntu0.3.dsc"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/t/tiff/libtiff4_3.8.2-13ubuntu0.3_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4-dev_3.7.4-1ubuntu3.8_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/universe/t/tiff/libtiff-opengl_3.9.2-2ubuntu0.3_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff-tools_3.7.4-1ubuntu3.8_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/t/tiff/libtiff4-dev_3.8.2-13ubuntu0.3_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiffxx0c2_3.8.2-7ubuntu3.6_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/t/tiff/libtiff4_3.8.2-7ubuntu3.6_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/universe/t/tiff/libtiff-opengl_3.8.2-7ubuntu3.6_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/t/tiff/libtiff-opengl_3.9.2-2ubuntu0.3_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4_3.8.2-7ubuntu3.6_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/t/tiff/libtiff-tools_3.8.2-11ubuntu0.9.04.6_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/t/tiff/libtiff-opengl_3.8.2-13ubuntu0.3_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiffxx0c2_3.8.2-13ubuntu0.3_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/t/tiff/libtiff-tools_3.8.2-13ubuntu0.3_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/t/tiff/libtiffxx0c2_3.9.2-2ubuntu0.3_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/t/tiff/libtiff-opengl_3.8.2-13ubuntu0.3_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4_3.8.2-11ubuntu0.9.04.6_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/t/tiff/libtiff4-dev_3.8.2-7ubuntu3.6_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4_3.8.2-7ubuntu3.6_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff-tools_3.8.2-11ubuntu0.9.04.6_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiffxx0c2_3.7.4-1ubuntu3.8_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff-tools_3.8.2-13ubuntu0.3_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/tiff_3.9.2.orig.tar.gz"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/t/tiff/libtiff-tools_3.9.2-2ubuntu0.3_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/t/tiff/libtiff4-dev_3.8.2-11ubuntu0.9.04.6_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/t/tiff/libtiff4_3.8.2-7ubuntu3.6_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/tiff_3.8.2-11ubuntu0.9.04.6.diff.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/tiff_3.7.4-1ubuntu3.8.diff.gz"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/t/tiff/libtiffxx0c2_3.8.2-7ubuntu3.6_lpia.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/universe/t/tiff/libtiff-opengl_3.8.2-7ubuntu3.6_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff-tools_3.7.4-1ubuntu3.8_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff-tools_3.9.2-2ubuntu0.3_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4-dev_3.9.2-2ubuntu0.3_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/t/tiff/libtiff4-dev_3.9.2-2ubuntu0.3_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/t/tiff/libtiff-tools_3.8.2-7ubuntu3.6_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4_3.9.2-2ubuntu0.3_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/t/tiff/libtiff-opengl_3.7.4-1ubuntu3.8_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/tiff_3.9.2-2ubuntu0.3.diff.gz"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/universe/t/tiff/libtiff-opengl_3.8.2-11ubuntu0.9.04.6_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/tiff_3.8.2-13ubuntu0.3.dsc"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiffxx0c2_3.8.2-13ubuntu0.3_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/t/tiff/libtiff4_3.8.2-11ubuntu0.9.04.6_lpia.deb"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-44016"
},
{
"db": "VULMON",
"id": "CVE-2010-1411"
},
{
"db": "BID",
"id": "40823"
},
{
"db": "PACKETSTORM",
"id": "92361"
},
{
"db": "PACKETSTORM",
"id": "92522"
},
{
"db": "PACKETSTORM",
"id": "116799"
},
{
"db": "PACKETSTORM",
"id": "92523"
},
{
"db": "PACKETSTORM",
"id": "90903"
},
{
"db": "CNNVD",
"id": "CNNVD-201006-294"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001651"
},
{
"db": "NVD",
"id": "CVE-2010-1411"
}
]
},
"sources": {
"_id": null,
"data": [
{
"db": "VULHUB",
"id": "VHN-44016",
"ident": null
},
{
"db": "VULMON",
"id": "CVE-2010-1411",
"ident": null
},
{
"db": "BID",
"id": "40823",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "92361",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "92522",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "116799",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "92523",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "90903",
"ident": null
},
{
"db": "CNNVD",
"id": "CNNVD-201006-294",
"ident": null
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001651",
"ident": null
},
{
"db": "NVD",
"id": "CVE-2010-1411",
"ident": null
}
]
},
"sources_release_date": {
"_id": null,
"data": [
{
"date": "2010-06-17T00:00:00",
"db": "VULHUB",
"id": "VHN-44016",
"ident": null
},
{
"date": "2010-06-17T00:00:00",
"db": "VULMON",
"id": "CVE-2010-1411",
"ident": null
},
{
"date": "2010-06-11T00:00:00",
"db": "BID",
"id": "40823",
"ident": null
},
{
"date": "2010-08-03T14:30:41",
"db": "PACKETSTORM",
"id": "92361",
"ident": null
},
{
"date": "2010-08-06T19:37:01",
"db": "PACKETSTORM",
"id": "92522",
"ident": null
},
{
"date": "2012-09-24T15:01:54",
"db": "PACKETSTORM",
"id": "116799",
"ident": null
},
{
"date": "2010-08-06T19:38:19",
"db": "PACKETSTORM",
"id": "92523",
"ident": null
},
{
"date": "2010-06-23T05:46:05",
"db": "PACKETSTORM",
"id": "90903",
"ident": null
},
{
"date": "2010-06-21T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201006-294",
"ident": null
},
{
"date": "2010-07-09T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2010-001651",
"ident": null
},
{
"date": "2010-06-17T16:30:01.810000",
"db": "NVD",
"id": "CVE-2010-1411",
"ident": null
}
]
},
"sources_update_date": {
"_id": null,
"data": [
{
"date": "2013-05-15T00:00:00",
"db": "VULHUB",
"id": "VHN-44016",
"ident": null
},
{
"date": "2013-05-15T00:00:00",
"db": "VULMON",
"id": "CVE-2010-1411",
"ident": null
},
{
"date": "2015-04-13T21:41:00",
"db": "BID",
"id": "40823",
"ident": null
},
{
"date": "2020-07-10T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201006-294",
"ident": null
},
{
"date": "2010-08-24T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2010-001651",
"ident": null
},
{
"date": "2025-04-11T00:51:21.963000",
"db": "NVD",
"id": "CVE-2010-1411",
"ident": null
}
]
},
"threat_type": {
"_id": null,
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "92522"
},
{
"db": "PACKETSTORM",
"id": "92523"
},
{
"db": "PACKETSTORM",
"id": "90903"
},
{
"db": "CNNVD",
"id": "CNNVD-201006-294"
}
],
"trust": 0.9
},
"title": {
"_id": null,
"data": "LibTIFF of FAX3 Decoder Fax3SetupState Integer overflow vulnerability in functions",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2010-001651"
}
],
"trust": 0.8
},
"type": {
"_id": null,
"data": "digital error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201006-294"
}
],
"trust": 0.6
}
}
VAR-201304-0062
Vulnerability from variot - Updated: 2026-04-10 23:21Mozilla Firefox before 20.0, Firefox ESR 17.x before 17.0.5, Thunderbird before 17.0.5, Thunderbird ESR 17.x before 17.0.5, and SeaMonkey before 2.17 do not ensure the correctness of the address bar during history navigation, which allows remote attackers to conduct cross-site scripting (XSS) attacks or phishing attacks by leveraging control over navigation timing. Mozilla Firefox, SeaMonkey, and Thunderbird are prone to a cross-site scripting vulnerability. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and launch other attacks. Note: This issue was previously discussed in BID 58818 (Mozilla Firefox/Thunderbird/SeaMonkey MFSA 2013-30 through -40 Multiple Vulnerabilities), but has been moved to its own record to better document it. The issue is fixed in: Firefox 20.0 Firefox ESR 17.0.5 Thunderbird 17.0.5 Thunderbird ESR 17.0.5 SeaMonkey 2.17. ============================================================================ Ubuntu Security Notice USN-1786-2 April 04, 2013
unity-firefox-extension update
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 12.10
Summary:
This update provides a compatible version of Unity Firefox Extension for Firefox 20.
Software Description: - unity-firefox-extension: Unity Integration for Firefox
Details:
USN-1786-1 fixed vulnerabilities in Firefox. (CVE-2013-0788, CVE-2013-0789)
Ambroz Bizjak discovered an out-of-bounds array read in the CERT_DecodeCertPackage function of the Network Security Services (NSS) libary when decoding certain certificates. An attacker could potentially exploit this to cause a denial of service via application crash. (CVE-2013-0791)
Tobias Schula discovered an information leak in Firefox when the gfx.color_management.enablev4 preference is enabled. If the user were tricked into opening a specially crafted image, an attacker could potentially exploit this to steal confidential data. By default, the gfx.color_management.enablev4 preference is not enabled in Ubuntu. (CVE-2013-0792)
Mariusz Mlynski discovered that timed history navigations could be used to load arbitrary websites with the wrong URL displayed in the addressbar. (CVE-2013-0793)
It was discovered that the origin indication on tab-modal dialog boxes could be removed, which could allow an attacker's dialog to be displayed over another sites content. An attacker could exploit this to conduct phishing attacks. (CVE-2013-0794)
Cody Crews discovered that the cloneNode method could be used to bypass System Only Wrappers (SOW) to clone a protected node and bypass same-origin policy checks. (CVE-2013-0795)
A crash in WebGL rendering was discovered in Firefox. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201309-23
http://security.gentoo.org/
Severity: High Title: Mozilla Products: Multiple vulnerabilities Date: September 27, 2013 Bugs: #450940, #458390, #460818, #464226, #469868, #474758, #479968, #485258 ID: 201309-23
Synopsis
Multiple vulnerabilities have been found in Mozilla Firefox, Thunderbird, and SeaMonkey, some of which may allow a remote user to execute arbitrary code. The SeaMonkey project is a community effort to deliver production-quality releases of code derived from the application formerly known as the 'Mozilla Application Suite'. Please review the CVE identifiers referenced below for details. Further, a remote attacker could conduct XSS attacks, spoof URLs, bypass address space layout randomization, conduct clickjacking attacks, obtain potentially sensitive information, bypass access restrictions, modify the local filesystem, or conduct other unspecified attacks.
Workaround
There is no known workaround at this time.
Resolution
All Mozilla Firefox users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=www-client/firefox-17.0.9"
All users of the Mozilla Firefox binary package should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=www-client/firefox-bin-17.0.9"
All Mozilla Thunderbird users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=mail-client/thunderbird-17.0.9"=
All users of the Mozilla Thunderbird binary package should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot -v ">=mail-client/thunderbird-bin-17.0.9"
All SeaMonkey users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=www-client/seamonkey-2.21"
All users of the Mozilla SeaMonkey binary package should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=www-client/seamonkey-bin-2.21"
References
[ 1 ] CVE-2013-0744 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0744 [ 2 ] CVE-2013-0745 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0745 [ 3 ] CVE-2013-0746 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0746 [ 4 ] CVE-2013-0747 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0747 [ 5 ] CVE-2013-0748 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0748 [ 6 ] CVE-2013-0749 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0749 [ 7 ] CVE-2013-0750 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0750 [ 8 ] CVE-2013-0751 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0751 [ 9 ] CVE-2013-0752 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0752 [ 10 ] CVE-2013-0753 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0753 [ 11 ] CVE-2013-0754 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0754 [ 12 ] CVE-2013-0755 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0755 [ 13 ] CVE-2013-0756 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0756 [ 14 ] CVE-2013-0757 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0757 [ 15 ] CVE-2013-0758 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0758 [ 16 ] CVE-2013-0759 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0759 [ 17 ] CVE-2013-0760 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0760 [ 18 ] CVE-2013-0761 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0761 [ 19 ] CVE-2013-0762 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0762 [ 20 ] CVE-2013-0763 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0763 [ 21 ] CVE-2013-0764 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0764 [ 22 ] CVE-2013-0765 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0765 [ 23 ] CVE-2013-0766 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0766 [ 24 ] CVE-2013-0767 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0767 [ 25 ] CVE-2013-0768 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0768 [ 26 ] CVE-2013-0769 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0769 [ 27 ] CVE-2013-0770 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0770 [ 28 ] CVE-2013-0771 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0771 [ 29 ] CVE-2013-0772 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0772 [ 30 ] CVE-2013-0773 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0773 [ 31 ] CVE-2013-0774 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0774 [ 32 ] CVE-2013-0775 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0775 [ 33 ] CVE-2013-0776 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0776 [ 34 ] CVE-2013-0777 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0777 [ 35 ] CVE-2013-0778 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0778 [ 36 ] CVE-2013-0779 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0779 [ 37 ] CVE-2013-0780 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0780 [ 38 ] CVE-2013-0781 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0781 [ 39 ] CVE-2013-0782 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0782 [ 40 ] CVE-2013-0783 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0783 [ 41 ] CVE-2013-0784 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0784 [ 42 ] CVE-2013-0787 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0787 [ 43 ] CVE-2013-0788 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0788 [ 44 ] CVE-2013-0789 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0789 [ 45 ] CVE-2013-0791 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0791 [ 46 ] CVE-2013-0792 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0792 [ 47 ] CVE-2013-0793 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0793 [ 48 ] CVE-2013-0794 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0794 [ 49 ] CVE-2013-0795 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0795 [ 50 ] CVE-2013-0796 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0796 [ 51 ] CVE-2013-0797 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0797 [ 52 ] CVE-2013-0799 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0799 [ 53 ] CVE-2013-0800 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0800 [ 54 ] CVE-2013-0801 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0801 [ 55 ] CVE-2013-1670 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1670 [ 56 ] CVE-2013-1671 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1671 [ 57 ] CVE-2013-1674 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1674 [ 58 ] CVE-2013-1675 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1675 [ 59 ] CVE-2013-1676 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1676 [ 60 ] CVE-2013-1677 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1677 [ 61 ] CVE-2013-1678 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1678 [ 62 ] CVE-2013-1679 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1679 [ 63 ] CVE-2013-1680 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1680 [ 64 ] CVE-2013-1681 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1681 [ 65 ] CVE-2013-1682 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1682 [ 66 ] CVE-2013-1684 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1684 [ 67 ] CVE-2013-1687 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1687 [ 68 ] CVE-2013-1690 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1690 [ 69 ] CVE-2013-1692 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1692 [ 70 ] CVE-2013-1693 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1693 [ 71 ] CVE-2013-1694 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1694 [ 72 ] CVE-2013-1697 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1697 [ 73 ] CVE-2013-1701 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1701 [ 74 ] CVE-2013-1702 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1702 [ 75 ] CVE-2013-1704 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1704 [ 76 ] CVE-2013-1705 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1705 [ 77 ] CVE-2013-1707 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1707 [ 78 ] CVE-2013-1708 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1708 [ 79 ] CVE-2013-1709 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1709 [ 80 ] CVE-2013-1710 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1710 [ 81 ] CVE-2013-1711 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1711 [ 82 ] CVE-2013-1712 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1712 [ 83 ] CVE-2013-1713 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1713 [ 84 ] CVE-2013-1714 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1714 [ 85 ] CVE-2013-1717 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1717 [ 86 ] CVE-2013-1718 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1718 [ 87 ] CVE-2013-1719 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1719 [ 88 ] CVE-2013-1720 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1720 [ 89 ] CVE-2013-1722 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1722 [ 90 ] CVE-2013-1723 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1723 [ 91 ] CVE-2013-1724 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1724 [ 92 ] CVE-2013-1725 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1725 [ 93 ] CVE-2013-1726 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1726 [ 94 ] CVE-2013-1728 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1728 [ 95 ] CVE-2013-1730 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1730 [ 96 ] CVE-2013-1732 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1732 [ 97 ] CVE-2013-1735 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1735 [ 98 ] CVE-2013-1736 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1736 [ 99 ] CVE-2013-1737 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1737 [ 100 ] CVE-2013-1738 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1738
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201309-23.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2013 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5 . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
===================================================================== Red Hat Security Advisory
Synopsis: Critical: firefox security update Advisory ID: RHSA-2013:0696-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2013-0696.html Issue date: 2013-04-02 CVE Names: CVE-2013-0788 CVE-2013-0793 CVE-2013-0795 CVE-2013-0796 CVE-2013-0800 =====================================================================
- Summary:
Updated firefox packages that fix several security issues are now available for Red Hat Enterprise Linux 5 and 6.
The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.
- Relevant releases/architectures:
RHEL Desktop Workstation (v. 5 client) - i386, x86_64 Red Hat Enterprise Linux (v. 5 server) - i386, ia64, ppc, s390x, x86_64 Red Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64 Red Hat Enterprise Linux Desktop (v. 6) - i386, x86_64 Red Hat Enterprise Linux Desktop Optional (v. 6) - i386, x86_64 Red Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64 Red Hat Enterprise Linux Server (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Optional (v. 6) - i386, x86_64
- Description:
Mozilla Firefox is an open source web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox.
Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2013-0788)
A flaw was found in the way Same Origin Wrappers were implemented in Firefox. (CVE-2013-0795)
A flaw was found in the embedded WebGL library in Firefox. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. Note: This issue only affected systems using the Intel Mesa graphics drivers. (CVE-2013-0796)
An out-of-bounds write flaw was found in the embedded Cairo library in Firefox. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2013-0800)
A flaw was found in the way Firefox handled the JavaScript history functions. A malicious site could cause a web page to be displayed that has a baseURI pointing to a different site, allowing cross-site scripting (XSS) and phishing attacks. (CVE-2013-0793)
Red Hat would like to thank the Mozilla project for reporting these issues. Upstream acknowledges Olli Pettay, Jesse Ruderman, Boris Zbarsky, Christian Holler, Milan Sreckovic, Joe Drew, Cody Crews, miaubiz, Abhishek Arya, and Mariusz Mlynski as the original reporters of these issues.
For technical details regarding these flaws, refer to the Mozilla security advisories for Firefox 17.0.5 ESR. You can find a link to the Mozilla advisories in the References section of this erratum.
All Firefox users should upgrade to these updated packages, which contain Firefox version 17.0.5 ESR, which corrects these issues. After installing the update, Firefox must be restarted for the changes to take effect.
- Solution:
Before applying this update, make sure all previously-released errata relevant to your system have been applied.
This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/knowledge/articles/11258
- Bugs fixed (http://bugzilla.redhat.com/):
946927 - CVE-2013-0788 Mozilla: Miscellaneous memory safety hazards (rv:17.0.5) (MFSA 2013-30) 946929 - CVE-2013-0800 Mozilla: Out-of-bounds write in Cairo library (MFSA 2013-31) 946931 - CVE-2013-0796 Mozilla: WebGL crash with Mesa graphics driver on Linux (MFSA 2013-35) 946932 - CVE-2013-0795 Mozilla: Bypass of SOW protections allows cloning of protected nodes (MFSA 2013-36) 946935 - CVE-2013-0793 Mozilla: Cross-site scripting (XSS) using timed history navigations (MFSA 2013-38)
- Package List:
Red Hat Enterprise Linux Desktop (v. 5 client):
Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/firefox-17.0.5-1.el5_9.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/firefox-17.0.5-1.el5_9.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/xulrunner-17.0.5-1.el5_9.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/xulrunner-17.0.5-1.el5_9.src.rpm
i386: firefox-17.0.5-1.el5_9.i386.rpm firefox-17.0.5-1.el5_9.i386.rpm firefox-debuginfo-17.0.5-1.el5_9.i386.rpm firefox-debuginfo-17.0.5-1.el5_9.i386.rpm xulrunner-17.0.5-1.el5_9.i386.rpm xulrunner-17.0.5-1.el5_9.i386.rpm xulrunner-debuginfo-17.0.5-1.el5_9.i386.rpm xulrunner-debuginfo-17.0.5-1.el5_9.i386.rpm
x86_64: firefox-17.0.5-1.el5_9.i386.rpm firefox-17.0.5-1.el5_9.i386.rpm firefox-17.0.5-1.el5_9.x86_64.rpm firefox-17.0.5-1.el5_9.x86_64.rpm firefox-debuginfo-17.0.5-1.el5_9.i386.rpm firefox-debuginfo-17.0.5-1.el5_9.i386.rpm firefox-debuginfo-17.0.5-1.el5_9.x86_64.rpm firefox-debuginfo-17.0.5-1.el5_9.x86_64.rpm xulrunner-17.0.5-1.el5_9.i386.rpm xulrunner-17.0.5-1.el5_9.i386.rpm xulrunner-17.0.5-1.el5_9.x86_64.rpm xulrunner-17.0.5-1.el5_9.x86_64.rpm xulrunner-debuginfo-17.0.5-1.el5_9.i386.rpm xulrunner-debuginfo-17.0.5-1.el5_9.i386.rpm xulrunner-debuginfo-17.0.5-1.el5_9.x86_64.rpm xulrunner-debuginfo-17.0.5-1.el5_9.x86_64.rpm
RHEL Desktop Workstation (v. 5 client):
Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/xulrunner-17.0.5-1.el5_9.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/xulrunner-17.0.5-1.el5_9.src.rpm
i386: xulrunner-debuginfo-17.0.5-1.el5_9.i386.rpm xulrunner-debuginfo-17.0.5-1.el5_9.i386.rpm xulrunner-devel-17.0.5-1.el5_9.i386.rpm xulrunner-devel-17.0.5-1.el5_9.i386.rpm
x86_64: xulrunner-debuginfo-17.0.5-1.el5_9.i386.rpm xulrunner-debuginfo-17.0.5-1.el5_9.i386.rpm xulrunner-debuginfo-17.0.5-1.el5_9.x86_64.rpm xulrunner-debuginfo-17.0.5-1.el5_9.x86_64.rpm xulrunner-devel-17.0.5-1.el5_9.i386.rpm xulrunner-devel-17.0.5-1.el5_9.i386.rpm xulrunner-devel-17.0.5-1.el5_9.x86_64.rpm xulrunner-devel-17.0.5-1.el5_9.x86_64.rpm
Red Hat Enterprise Linux (v. 5 server):
Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Server/en/os/SRPMS/firefox-17.0.5-1.el5_9.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Server/en/os/SRPMS/firefox-17.0.5-1.el5_9.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Server/en/os/SRPMS/xulrunner-17.0.5-1.el5_9.src.rpm
i386: firefox-17.0.5-1.el5_9.i386.rpm firefox-17.0.5-1.el5_9.i386.rpm firefox-debuginfo-17.0.5-1.el5_9.i386.rpm firefox-debuginfo-17.0.5-1.el5_9.i386.rpm xulrunner-17.0.5-1.el5_9.i386.rpm xulrunner-debuginfo-17.0.5-1.el5_9.i386.rpm xulrunner-debuginfo-17.0.5-1.el5_9.i386.rpm xulrunner-devel-17.0.5-1.el5_9.i386.rpm xulrunner-devel-17.0.5-1.el5_9.i386.rpm
ia64: firefox-17.0.5-1.el5_9.ia64.rpm firefox-17.0.5-1.el5_9.ia64.rpm firefox-debuginfo-17.0.5-1.el5_9.ia64.rpm firefox-debuginfo-17.0.5-1.el5_9.ia64.rpm xulrunner-17.0.5-1.el5_9.ia64.rpm xulrunner-debuginfo-17.0.5-1.el5_9.ia64.rpm xulrunner-debuginfo-17.0.5-1.el5_9.ia64.rpm xulrunner-devel-17.0.5-1.el5_9.ia64.rpm xulrunner-devel-17.0.5-1.el5_9.ia64.rpm
ppc: firefox-17.0.5-1.el5_9.ppc.rpm firefox-17.0.5-1.el5_9.ppc.rpm firefox-debuginfo-17.0.5-1.el5_9.ppc.rpm firefox-debuginfo-17.0.5-1.el5_9.ppc.rpm xulrunner-17.0.5-1.el5_9.ppc.rpm xulrunner-17.0.5-1.el5_9.ppc64.rpm xulrunner-debuginfo-17.0.5-1.el5_9.ppc.rpm xulrunner-debuginfo-17.0.5-1.el5_9.ppc.rpm xulrunner-debuginfo-17.0.5-1.el5_9.ppc64.rpm xulrunner-debuginfo-17.0.5-1.el5_9.ppc64.rpm xulrunner-devel-17.0.5-1.el5_9.ppc.rpm xulrunner-devel-17.0.5-1.el5_9.ppc64.rpm
s390x: firefox-17.0.5-1.el5_9.s390.rpm firefox-17.0.5-1.el5_9.s390.rpm firefox-17.0.5-1.el5_9.s390x.rpm firefox-17.0.5-1.el5_9.s390x.rpm firefox-debuginfo-17.0.5-1.el5_9.s390.rpm firefox-debuginfo-17.0.5-1.el5_9.s390.rpm firefox-debuginfo-17.0.5-1.el5_9.s390x.rpm firefox-debuginfo-17.0.5-1.el5_9.s390x.rpm xulrunner-17.0.5-1.el5_9.s390.rpm xulrunner-17.0.5-1.el5_9.s390x.rpm xulrunner-debuginfo-17.0.5-1.el5_9.s390.rpm xulrunner-debuginfo-17.0.5-1.el5_9.s390.rpm xulrunner-debuginfo-17.0.5-1.el5_9.s390x.rpm xulrunner-debuginfo-17.0.5-1.el5_9.s390x.rpm xulrunner-devel-17.0.5-1.el5_9.s390.rpm xulrunner-devel-17.0.5-1.el5_9.s390x.rpm
x86_64: firefox-17.0.5-1.el5_9.i386.rpm firefox-17.0.5-1.el5_9.i386.rpm firefox-17.0.5-1.el5_9.x86_64.rpm firefox-17.0.5-1.el5_9.x86_64.rpm firefox-debuginfo-17.0.5-1.el5_9.i386.rpm firefox-debuginfo-17.0.5-1.el5_9.i386.rpm firefox-debuginfo-17.0.5-1.el5_9.x86_64.rpm firefox-debuginfo-17.0.5-1.el5_9.x86_64.rpm xulrunner-17.0.5-1.el5_9.i386.rpm xulrunner-17.0.5-1.el5_9.x86_64.rpm xulrunner-debuginfo-17.0.5-1.el5_9.i386.rpm xulrunner-debuginfo-17.0.5-1.el5_9.i386.rpm xulrunner-debuginfo-17.0.5-1.el5_9.x86_64.rpm xulrunner-debuginfo-17.0.5-1.el5_9.x86_64.rpm xulrunner-devel-17.0.5-1.el5_9.i386.rpm xulrunner-devel-17.0.5-1.el5_9.i386.rpm xulrunner-devel-17.0.5-1.el5_9.x86_64.rpm
Red Hat Enterprise Linux Desktop (v. 6):
Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Client/en/os/SRPMS/firefox-17.0.5-1.el6_4.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Client/en/os/SRPMS/firefox-17.0.5-1.el6_4.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Client/en/os/SRPMS/xulrunner-17.0.5-1.el6_4.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Client/en/os/SRPMS/xulrunner-17.0.5-1.el6_4.src.rpm
i386: firefox-17.0.5-1.el6_4.i686.rpm firefox-17.0.5-1.el6_4.i686.rpm firefox-debuginfo-17.0.5-1.el6_4.i686.rpm firefox-debuginfo-17.0.5-1.el6_4.i686.rpm xulrunner-17.0.5-1.el6_4.i686.rpm xulrunner-17.0.5-1.el6_4.i686.rpm xulrunner-debuginfo-17.0.5-1.el6_4.i686.rpm xulrunner-debuginfo-17.0.5-1.el6_4.i686.rpm
x86_64: firefox-17.0.5-1.el6_4.i686.rpm firefox-17.0.5-1.el6_4.i686.rpm firefox-17.0.5-1.el6_4.x86_64.rpm firefox-17.0.5-1.el6_4.x86_64.rpm firefox-debuginfo-17.0.5-1.el6_4.i686.rpm firefox-debuginfo-17.0.5-1.el6_4.i686.rpm firefox-debuginfo-17.0.5-1.el6_4.x86_64.rpm firefox-debuginfo-17.0.5-1.el6_4.x86_64.rpm xulrunner-17.0.5-1.el6_4.i686.rpm xulrunner-17.0.5-1.el6_4.i686.rpm xulrunner-17.0.5-1.el6_4.x86_64.rpm xulrunner-17.0.5-1.el6_4.x86_64.rpm xulrunner-debuginfo-17.0.5-1.el6_4.i686.rpm xulrunner-debuginfo-17.0.5-1.el6_4.i686.rpm xulrunner-debuginfo-17.0.5-1.el6_4.x86_64.rpm xulrunner-debuginfo-17.0.5-1.el6_4.x86_64.rpm
Red Hat Enterprise Linux Desktop Optional (v. 6):
Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Client/en/os/SRPMS/xulrunner-17.0.5-1.el6_4.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Client/en/os/SRPMS/xulrunner-17.0.5-1.el6_4.src.rpm
i386: xulrunner-debuginfo-17.0.5-1.el6_4.i686.rpm xulrunner-debuginfo-17.0.5-1.el6_4.i686.rpm xulrunner-devel-17.0.5-1.el6_4.i686.rpm xulrunner-devel-17.0.5-1.el6_4.i686.rpm
x86_64: xulrunner-debuginfo-17.0.5-1.el6_4.i686.rpm xulrunner-debuginfo-17.0.5-1.el6_4.i686.rpm xulrunner-debuginfo-17.0.5-1.el6_4.x86_64.rpm xulrunner-debuginfo-17.0.5-1.el6_4.x86_64.rpm xulrunner-devel-17.0.5-1.el6_4.i686.rpm xulrunner-devel-17.0.5-1.el6_4.i686.rpm xulrunner-devel-17.0.5-1.el6_4.x86_64.rpm xulrunner-devel-17.0.5-1.el6_4.x86_64.rpm
Red Hat Enterprise Linux HPC Node Optional (v. 6):
Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6ComputeNode/en/os/SRPMS/firefox-17.0.5-1.el6_4.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6ComputeNode/en/os/SRPMS/firefox-17.0.5-1.el6_4.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6ComputeNode/en/os/SRPMS/xulrunner-17.0.5-1.el6_4.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6ComputeNode/en/os/SRPMS/xulrunner-17.0.5-1.el6_4.src.rpm
x86_64: firefox-17.0.5-1.el6_4.i686.rpm firefox-17.0.5-1.el6_4.i686.rpm firefox-17.0.5-1.el6_4.x86_64.rpm firefox-17.0.5-1.el6_4.x86_64.rpm firefox-debuginfo-17.0.5-1.el6_4.i686.rpm firefox-debuginfo-17.0.5-1.el6_4.i686.rpm firefox-debuginfo-17.0.5-1.el6_4.x86_64.rpm firefox-debuginfo-17.0.5-1.el6_4.x86_64.rpm xulrunner-17.0.5-1.el6_4.i686.rpm xulrunner-17.0.5-1.el6_4.i686.rpm xulrunner-17.0.5-1.el6_4.x86_64.rpm xulrunner-17.0.5-1.el6_4.x86_64.rpm xulrunner-debuginfo-17.0.5-1.el6_4.i686.rpm xulrunner-debuginfo-17.0.5-1.el6_4.i686.rpm xulrunner-debuginfo-17.0.5-1.el6_4.x86_64.rpm xulrunner-debuginfo-17.0.5-1.el6_4.x86_64.rpm xulrunner-devel-17.0.5-1.el6_4.i686.rpm xulrunner-devel-17.0.5-1.el6_4.i686.rpm xulrunner-devel-17.0.5-1.el6_4.x86_64.rpm xulrunner-devel-17.0.5-1.el6_4.x86_64.rpm
Red Hat Enterprise Linux Server (v. 6):
Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/os/SRPMS/firefox-17.0.5-1.el6_4.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/os/SRPMS/firefox-17.0.5-1.el6_4.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/os/SRPMS/xulrunner-17.0.5-1.el6_4.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/os/SRPMS/xulrunner-17.0.5-1.el6_4.src.rpm
i386: firefox-17.0.5-1.el6_4.i686.rpm firefox-17.0.5-1.el6_4.i686.rpm firefox-debuginfo-17.0.5-1.el6_4.i686.rpm firefox-debuginfo-17.0.5-1.el6_4.i686.rpm xulrunner-17.0.5-1.el6_4.i686.rpm xulrunner-17.0.5-1.el6_4.i686.rpm xulrunner-debuginfo-17.0.5-1.el6_4.i686.rpm xulrunner-debuginfo-17.0.5-1.el6_4.i686.rpm
ppc64: firefox-17.0.5-1.el6_4.ppc.rpm firefox-17.0.5-1.el6_4.ppc.rpm firefox-17.0.5-1.el6_4.ppc64.rpm firefox-17.0.5-1.el6_4.ppc64.rpm firefox-debuginfo-17.0.5-1.el6_4.ppc.rpm firefox-debuginfo-17.0.5-1.el6_4.ppc.rpm firefox-debuginfo-17.0.5-1.el6_4.ppc64.rpm firefox-debuginfo-17.0.5-1.el6_4.ppc64.rpm xulrunner-17.0.5-1.el6_4.ppc.rpm xulrunner-17.0.5-1.el6_4.ppc.rpm xulrunner-17.0.5-1.el6_4.ppc64.rpm xulrunner-17.0.5-1.el6_4.ppc64.rpm xulrunner-debuginfo-17.0.5-1.el6_4.ppc.rpm xulrunner-debuginfo-17.0.5-1.el6_4.ppc.rpm xulrunner-debuginfo-17.0.5-1.el6_4.ppc64.rpm xulrunner-debuginfo-17.0.5-1.el6_4.ppc64.rpm
s390x: firefox-17.0.5-1.el6_4.s390.rpm firefox-17.0.5-1.el6_4.s390.rpm firefox-17.0.5-1.el6_4.s390x.rpm firefox-17.0.5-1.el6_4.s390x.rpm firefox-debuginfo-17.0.5-1.el6_4.s390.rpm firefox-debuginfo-17.0.5-1.el6_4.s390.rpm firefox-debuginfo-17.0.5-1.el6_4.s390x.rpm firefox-debuginfo-17.0.5-1.el6_4.s390x.rpm xulrunner-17.0.5-1.el6_4.s390.rpm xulrunner-17.0.5-1.el6_4.s390.rpm xulrunner-17.0.5-1.el6_4.s390x.rpm xulrunner-17.0.5-1.el6_4.s390x.rpm xulrunner-debuginfo-17.0.5-1.el6_4.s390.rpm xulrunner-debuginfo-17.0.5-1.el6_4.s390.rpm xulrunner-debuginfo-17.0.5-1.el6_4.s390x.rpm xulrunner-debuginfo-17.0.5-1.el6_4.s390x.rpm
x86_64: firefox-17.0.5-1.el6_4.i686.rpm firefox-17.0.5-1.el6_4.i686.rpm firefox-17.0.5-1.el6_4.x86_64.rpm firefox-17.0.5-1.el6_4.x86_64.rpm firefox-debuginfo-17.0.5-1.el6_4.i686.rpm firefox-debuginfo-17.0.5-1.el6_4.i686.rpm firefox-debuginfo-17.0.5-1.el6_4.x86_64.rpm firefox-debuginfo-17.0.5-1.el6_4.x86_64.rpm xulrunner-17.0.5-1.el6_4.i686.rpm xulrunner-17.0.5-1.el6_4.i686.rpm xulrunner-17.0.5-1.el6_4.x86_64.rpm xulrunner-17.0.5-1.el6_4.x86_64.rpm xulrunner-debuginfo-17.0.5-1.el6_4.i686.rpm xulrunner-debuginfo-17.0.5-1.el6_4.i686.rpm xulrunner-debuginfo-17.0.5-1.el6_4.x86_64.rpm xulrunner-debuginfo-17.0.5-1.el6_4.x86_64.rpm
Red Hat Enterprise Linux Server Optional (v. 6):
Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/os/SRPMS/xulrunner-17.0.5-1.el6_4.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/os/SRPMS/xulrunner-17.0.5-1.el6_4.src.rpm
i386: xulrunner-debuginfo-17.0.5-1.el6_4.i686.rpm xulrunner-debuginfo-17.0.5-1.el6_4.i686.rpm xulrunner-devel-17.0.5-1.el6_4.i686.rpm xulrunner-devel-17.0.5-1.el6_4.i686.rpm
ppc64: xulrunner-debuginfo-17.0.5-1.el6_4.ppc.rpm xulrunner-debuginfo-17.0.5-1.el6_4.ppc.rpm xulrunner-debuginfo-17.0.5-1.el6_4.ppc64.rpm xulrunner-debuginfo-17.0.5-1.el6_4.ppc64.rpm xulrunner-devel-17.0.5-1.el6_4.ppc.rpm xulrunner-devel-17.0.5-1.el6_4.ppc.rpm xulrunner-devel-17.0.5-1.el6_4.ppc64.rpm xulrunner-devel-17.0.5-1.el6_4.ppc64.rpm
s390x: xulrunner-debuginfo-17.0.5-1.el6_4.s390.rpm xulrunner-debuginfo-17.0.5-1.el6_4.s390.rpm xulrunner-debuginfo-17.0.5-1.el6_4.s390x.rpm xulrunner-debuginfo-17.0.5-1.el6_4.s390x.rpm xulrunner-devel-17.0.5-1.el6_4.s390.rpm xulrunner-devel-17.0.5-1.el6_4.s390.rpm xulrunner-devel-17.0.5-1.el6_4.s390x.rpm xulrunner-devel-17.0.5-1.el6_4.s390x.rpm
x86_64: xulrunner-debuginfo-17.0.5-1.el6_4.i686.rpm xulrunner-debuginfo-17.0.5-1.el6_4.i686.rpm xulrunner-debuginfo-17.0.5-1.el6_4.x86_64.rpm xulrunner-debuginfo-17.0.5-1.el6_4.x86_64.rpm xulrunner-devel-17.0.5-1.el6_4.i686.rpm xulrunner-devel-17.0.5-1.el6_4.i686.rpm xulrunner-devel-17.0.5-1.el6_4.x86_64.rpm xulrunner-devel-17.0.5-1.el6_4.x86_64.rpm
Red Hat Enterprise Linux Workstation (v. 6):
Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Workstation/en/os/SRPMS/firefox-17.0.5-1.el6_4.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Workstation/en/os/SRPMS/firefox-17.0.5-1.el6_4.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Workstation/en/os/SRPMS/xulrunner-17.0.5-1.el6_4.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Workstation/en/os/SRPMS/xulrunner-17.0.5-1.el6_4.src.rpm
i386: firefox-17.0.5-1.el6_4.i686.rpm firefox-17.0.5-1.el6_4.i686.rpm firefox-debuginfo-17.0.5-1.el6_4.i686.rpm firefox-debuginfo-17.0.5-1.el6_4.i686.rpm xulrunner-17.0.5-1.el6_4.i686.rpm xulrunner-17.0.5-1.el6_4.i686.rpm xulrunner-debuginfo-17.0.5-1.el6_4.i686.rpm xulrunner-debuginfo-17.0.5-1.el6_4.i686.rpm
x86_64: firefox-17.0.5-1.el6_4.i686.rpm firefox-17.0.5-1.el6_4.i686.rpm firefox-17.0.5-1.el6_4.x86_64.rpm firefox-17.0.5-1.el6_4.x86_64.rpm firefox-debuginfo-17.0.5-1.el6_4.i686.rpm firefox-debuginfo-17.0.5-1.el6_4.i686.rpm firefox-debuginfo-17.0.5-1.el6_4.x86_64.rpm firefox-debuginfo-17.0.5-1.el6_4.x86_64.rpm xulrunner-17.0.5-1.el6_4.i686.rpm xulrunner-17.0.5-1.el6_4.i686.rpm xulrunner-17.0.5-1.el6_4.x86_64.rpm xulrunner-17.0.5-1.el6_4.x86_64.rpm xulrunner-debuginfo-17.0.5-1.el6_4.i686.rpm xulrunner-debuginfo-17.0.5-1.el6_4.i686.rpm xulrunner-debuginfo-17.0.5-1.el6_4.x86_64.rpm xulrunner-debuginfo-17.0.5-1.el6_4.x86_64.rpm
Red Hat Enterprise Linux Workstation Optional (v. 6):
Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Workstation/en/os/SRPMS/xulrunner-17.0.5-1.el6_4.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Workstation/en/os/SRPMS/xulrunner-17.0.5-1.el6_4.src.rpm
i386: xulrunner-debuginfo-17.0.5-1.el6_4.i686.rpm xulrunner-debuginfo-17.0.5-1.el6_4.i686.rpm xulrunner-devel-17.0.5-1.el6_4.i686.rpm xulrunner-devel-17.0.5-1.el6_4.i686.rpm
x86_64: xulrunner-debuginfo-17.0.5-1.el6_4.i686.rpm xulrunner-debuginfo-17.0.5-1.el6_4.i686.rpm xulrunner-debuginfo-17.0.5-1.el6_4.x86_64.rpm xulrunner-debuginfo-17.0.5-1.el6_4.x86_64.rpm xulrunner-devel-17.0.5-1.el6_4.i686.rpm xulrunner-devel-17.0.5-1.el6_4.i686.rpm xulrunner-devel-17.0.5-1.el6_4.x86_64.rpm xulrunner-devel-17.0.5-1.el6_4.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package
- References:
https://www.redhat.com/security/data/cve/CVE-2013-0788.html https://www.redhat.com/security/data/cve/CVE-2013-0793.html https://www.redhat.com/security/data/cve/CVE-2013-0795.html https://www.redhat.com/security/data/cve/CVE-2013-0796.html https://www.redhat.com/security/data/cve/CVE-2013-0800.html https://access.redhat.com/security/updates/classification/#critical http://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2013 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux)
iD8DBQFRWzt5XlSAg2UNWIIRAobXAJ9/uirvEeOiGpegRbi/Fdtv9BRXUACeMYpK taMjOQZpo7Ea1JPyhBWhy7M= =2sCd -----END PGP SIGNATURE-----
-- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce .
Note: All issues except CVE-2013-0800 cannot be exploited by a specially-crafted HTML mail message as JavaScript is disabled by default for mail messages. They could be exploited another way in Thunderbird, for example, when viewing the full remote content of an RSS feed. A crafted PNG image could use this flaw to leak data through rendered images drawing from random memory.
Security researcher Mariusz Mlynski reported a method to use browser navigations through history to load an arbitrary website with that page's baseURI property pointing to another site instead of the seemingly loaded one. The user will continue to see the incorrect site in the addressbar of the browser. This allows violation of the browser's same origin policy and could also lead to privilege escalation and the execution of arbitrary code (CVE-2013-0795).
Security researcher miaubiz used the Address Sanitizer tool to discover a crash in WebGL rendering when memory is freed that has not previously been allocated. The resulting crash could be potentially exploitable (CVE-2013-0796). When certain values are passed to it during rendering, Cairo attempts to use negative boundaries or sizes for boxes, leading to a potentially exploitable crash in some instances (CVE-2013-0800).
Mozilla developers identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these bugs showed evidence of memory corruption under certain circumstances, and we presume that with enough effort at least some of these could be exploited to run arbitrary code (CVE-2013-0788).
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0792 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0793 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0795 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0796 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0800 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0788 http://www.mozilla.org/security/announce/2013/mfsa2013-39.html http://www.mozilla.org/security/announce/2013/mfsa2013-38.html http://www.mozilla.org/security/announce/2013/mfsa2013-36.html http://www.mozilla.org/security/announce/2013/mfsa2013-35.html http://www.mozilla.org/security/announce/2013/mfsa2013-31.html http://www.mozilla.org/security/announce/2013/mfsa2013-30.html
Updated Packages:
Mandriva Enterprise Server 5: 0db2c1631a956f6147230a099f1d2d68 mes5/i586/firefox-17.0.5-0.1mdvmes5.2.i586.rpm b6accdf420ac5eb3dbea29d283fff049 mes5/i586/firefox-af-17.0.5-0.1mdvmes5.2.i586.rpm a434d7ee9d360c2b555873e8c93aac2a mes5/i586/firefox-ar-17.0.5-0.1mdvmes5.2.i586.rpm 3b64b73c7cb465fee179b140656a065d mes5/i586/firefox-be-17.0.5-0.1mdvmes5.2.i586.rpm 967b03abad307a338d0709df85e1ec1e mes5/i586/firefox-bg-17.0.5-0.1mdvmes5.2.i586.rpm 715fef97490152afcea942e32d9f8fae mes5/i586/firefox-bn-17.0.5-0.1mdvmes5.2.i586.rpm 46bac62630e189f9d6f7f2d90a5e1c4e mes5/i586/firefox-ca-17.0.5-0.1mdvmes5.2.i586.rpm 64143512420338cc54a073be91ccbf9d mes5/i586/firefox-cs-17.0.5-0.1mdvmes5.2.i586.rpm ba627030e474fb62caf34b2280e2432f mes5/i586/firefox-cy-17.0.5-0.1mdvmes5.2.i586.rpm d2ba69795c243c8aad3e56f1ba3190b4 mes5/i586/firefox-da-17.0.5-0.1mdvmes5.2.i586.rpm 81473710741c44e227e930f512a890d7 mes5/i586/firefox-de-17.0.5-0.1mdvmes5.2.i586.rpm 7d787c3a0eabf7b514083f267037cbdd mes5/i586/firefox-devel-17.0.5-0.1mdvmes5.2.i586.rpm f279d611e9a8233cec0090439e0bbc30 mes5/i586/firefox-el-17.0.5-0.1mdvmes5.2.i586.rpm 5ad88edccb4a8cb75d58464ed2201e2a mes5/i586/firefox-en_GB-17.0.5-0.1mdvmes5.2.i586.rpm 7c2bdafe6cf1219d33df634b40ca7f33 mes5/i586/firefox-eo-17.0.5-0.1mdvmes5.2.i586.rpm 6e8e3cc43e1b5326d886780d5409ff57 mes5/i586/firefox-es_AR-17.0.5-0.1mdvmes5.2.i586.rpm 8608ba9849ea4f56ac60475ccfc3acd7 mes5/i586/firefox-es_ES-17.0.5-0.1mdvmes5.2.i586.rpm b6de17fad95679a08dfc420f51d5e0fa mes5/i586/firefox-et-17.0.5-0.1mdvmes5.2.i586.rpm 7d5281fe391c7bcbc4f49369e00ce6f0 mes5/i586/firefox-eu-17.0.5-0.1mdvmes5.2.i586.rpm dfacd04856fb4529fb0ebdabbad374f9 mes5/i586/firefox-fi-17.0.5-0.1mdvmes5.2.i586.rpm b98f1800a67f8fec9dcbca77edd41ac4 mes5/i586/firefox-fr-17.0.5-0.1mdvmes5.2.i586.rpm eed03047da1e7642f207cb8821dbd95f mes5/i586/firefox-fy-17.0.5-0.1mdvmes5.2.i586.rpm 3f110cc8c73665a709b97bf554b835cc mes5/i586/firefox-ga_IE-17.0.5-0.1mdvmes5.2.i586.rpm 0ad55037b7527a452626a84dade35f56 mes5/i586/firefox-gl-17.0.5-0.1mdvmes5.2.i586.rpm e0272d903a0f8b1c938dded3626ac89a mes5/i586/firefox-gu_IN-17.0.5-0.1mdvmes5.2.i586.rpm 6bdc9c6edcc036122d131b6bf5a341ec mes5/i586/firefox-he-17.0.5-0.1mdvmes5.2.i586.rpm 8fd0ad163782a228e9176f1618dbae2f mes5/i586/firefox-hi-17.0.5-0.1mdvmes5.2.i586.rpm cef589c92b95defd03297a43a4a65e65 mes5/i586/firefox-hu-17.0.5-0.1mdvmes5.2.i586.rpm 6a4e24d1c59f774cab7ea341dedde5e5 mes5/i586/firefox-id-17.0.5-0.1mdvmes5.2.i586.rpm 617d63908bfa91b171a5e40acdfbb058 mes5/i586/firefox-is-17.0.5-0.1mdvmes5.2.i586.rpm 89d72f5231e362ffbcb74c5ebd9d2789 mes5/i586/firefox-it-17.0.5-0.1mdvmes5.2.i586.rpm 46e283185529cf7e3b55208e928d3e21 mes5/i586/firefox-ja-17.0.5-0.1mdvmes5.2.i586.rpm 9cb48d986cb94e843740461ccdc7e344 mes5/i586/firefox-kn-17.0.5-0.1mdvmes5.2.i586.rpm b4a30b6ae86cf07f9e15a5921ccf367c mes5/i586/firefox-ko-17.0.5-0.1mdvmes5.2.i586.rpm 447af559ce4a0a7cd0ff00ad81466966 mes5/i586/firefox-ku-17.0.5-0.1mdvmes5.2.i586.rpm f16fa703cc4611f42ef618a2709467ce mes5/i586/firefox-lt-17.0.5-0.1mdvmes5.2.i586.rpm f2f05879c892085be5d0fa4e9c787ae7 mes5/i586/firefox-lv-17.0.5-0.1mdvmes5.2.i586.rpm f166cef7eeae485e939a9964df355ffe mes5/i586/firefox-mk-17.0.5-0.1mdvmes5.2.i586.rpm a2d9533d98cd613ff49ace2dd3c4aaaf mes5/i586/firefox-mr-17.0.5-0.1mdvmes5.2.i586.rpm 04e604773ab19ad5060c53d906c7d222 mes5/i586/firefox-nb_NO-17.0.5-0.1mdvmes5.2.i586.rpm ea691e1ecd5cfac906a077614841100f mes5/i586/firefox-nl-17.0.5-0.1mdvmes5.2.i586.rpm 0b7dac86ef507b78504a6f507d2b82b6 mes5/i586/firefox-nn_NO-17.0.5-0.1mdvmes5.2.i586.rpm b5a1616579bd3804eb500a75aa9b040e mes5/i586/firefox-pa_IN-17.0.5-0.1mdvmes5.2.i586.rpm abca5b749f468af02e0d94e2c8b00ac1 mes5/i586/firefox-pl-17.0.5-0.1mdvmes5.2.i586.rpm 2585fe186ebb3b81ae4e3b4c4ed73442 mes5/i586/firefox-pt_BR-17.0.5-0.1mdvmes5.2.i586.rpm 416bbd1fc256861429b3fd78f7d83ef1 mes5/i586/firefox-pt_PT-17.0.5-0.1mdvmes5.2.i586.rpm 3d66426c2548c0ba2746c4c36a9db708 mes5/i586/firefox-ro-17.0.5-0.1mdvmes5.2.i586.rpm ae4fc0951b14c00d6656540e7d38e22e mes5/i586/firefox-ru-17.0.5-0.1mdvmes5.2.i586.rpm d323216cc380f286ff0c990062cdbd43 mes5/i586/firefox-si-17.0.5-0.1mdvmes5.2.i586.rpm a0edc229b50354a66d6c6152fc082395 mes5/i586/firefox-sk-17.0.5-0.1mdvmes5.2.i586.rpm 7d5edda5ddd9064dec3b85ecc7102f19 mes5/i586/firefox-sl-17.0.5-0.1mdvmes5.2.i586.rpm 277d4c09d495b4b8bb0c7e715761f267 mes5/i586/firefox-sq-17.0.5-0.1mdvmes5.2.i586.rpm 3d601400d0df895c73a5ebb064f4f016 mes5/i586/firefox-sr-17.0.5-0.1mdvmes5.2.i586.rpm f5f9e7bbe47f6fba7042f2bf5a61d28e mes5/i586/firefox-sv_SE-17.0.5-0.1mdvmes5.2.i586.rpm ec8dc022734c08dab5183405efa6d0c1 mes5/i586/firefox-te-17.0.5-0.1mdvmes5.2.i586.rpm 242b490062337f7f4f4b8169fb8c91d5 mes5/i586/firefox-th-17.0.5-0.1mdvmes5.2.i586.rpm 3f2fe42cd27e1c751513a561df7fb5a7 mes5/i586/firefox-tr-17.0.5-0.1mdvmes5.2.i586.rpm e5a6d7e6b9981687ca062526a14c7056 mes5/i586/firefox-uk-17.0.5-0.1mdvmes5.2.i586.rpm 8ad451f2a167af24160826bb6d054593 mes5/i586/firefox-zh_CN-17.0.5-0.1mdvmes5.2.i586.rpm 3d1c7ee791874a416ed2bf5847fa6ad7 mes5/i586/firefox-zh_TW-17.0.5-0.1mdvmes5.2.i586.rpm 0c338be36acdbe8c79655cfeac88627a mes5/i586/icedtea-web-1.3.1-0.3mdvmes5.2.i586.rpm 807123e3063f730d05282bf43f3dda6a mes5/i586/icedtea-web-javadoc-1.3.1-0.3mdvmes5.2.i586.rpm 7380860d463c5b198f74b592e51031f1 mes5/i586/libnspr4-4.9.6-0.1mdvmes5.2.i586.rpm 58137e16b3eb8e9655ceef99f4ec1fc7 mes5/i586/libnspr-devel-4.9.6-0.1mdvmes5.2.i586.rpm 6cb4ca4131bce6f48ff8d347ded8236d mes5/i586/libxulrunner17.0.5-17.0.5-0.1mdvmes5.2.i586.rpm 5c7ea7a5a52630606b7e71d61ac5c738 mes5/i586/libxulrunner-devel-17.0.5-0.1mdvmes5.2.i586.rpm 41f2f6022487aabc48b573620111b6b8 mes5/i586/xulrunner-17.0.5-0.1mdvmes5.2.i586.rpm 2a3a774ee0094a48cf108ed120ba227a mes5/SRPMS/firefox-17.0.5-0.1mdvmes5.2.src.rpm 58a810253d11b6af76cf1bcce6a3e7b4 mes5/SRPMS/firefox-l10n-17.0.5-0.1mdvmes5.2.src.rpm 5add3a80120b73f5ed97c9dd02837c58 mes5/SRPMS/icedtea-web-1.3.1-0.3mdvmes5.2.src.rpm 6d70b7e57cc741f0b587a1effee81fb4 mes5/SRPMS/nspr-4.9.6-0.1mdvmes5.2.src.rpm d7f835773038004ff8995ef676f8397e mes5/SRPMS/xulrunner-17.0.5-0.1mdvmes5.2.src.rpm
Mandriva Enterprise Server 5/X86_64: 352b4b9c3ec49226611acfff2586132d mes5/x86_64/firefox-17.0.5-0.1mdvmes5.2.x86_64.rpm 29388b8d4da203e932710f8b98630932 mes5/x86_64/firefox-af-17.0.5-0.1mdvmes5.2.x86_64.rpm 35c9f59f4ce87eb7c64b89e60220ebb3 mes5/x86_64/firefox-ar-17.0.5-0.1mdvmes5.2.x86_64.rpm 204c1013d7e6d3925a73ff3c62ce6c14 mes5/x86_64/firefox-be-17.0.5-0.1mdvmes5.2.x86_64.rpm 43fdfdbedaf5a13fe6396775731a1835 mes5/x86_64/firefox-bg-17.0.5-0.1mdvmes5.2.x86_64.rpm d800fa786bef5538692c6b8fffb2f1b3 mes5/x86_64/firefox-bn-17.0.5-0.1mdvmes5.2.x86_64.rpm 74cb34c33f9d0f070338dd49332bbdd1 mes5/x86_64/firefox-ca-17.0.5-0.1mdvmes5.2.x86_64.rpm fca54be2cf51319542bca20cedf9dff6 mes5/x86_64/firefox-cs-17.0.5-0.1mdvmes5.2.x86_64.rpm 10b6de867fa24ab60c419fd9b314723c mes5/x86_64/firefox-cy-17.0.5-0.1mdvmes5.2.x86_64.rpm eb67b095d7490b5bc24c85bc8652fed9 mes5/x86_64/firefox-da-17.0.5-0.1mdvmes5.2.x86_64.rpm 7761e055af6b87172b2a05f9dc671d99 mes5/x86_64/firefox-de-17.0.5-0.1mdvmes5.2.x86_64.rpm b4ede22d5b768e082d47d2702fb71221 mes5/x86_64/firefox-devel-17.0.5-0.1mdvmes5.2.x86_64.rpm a359d0468b6217c59eb88771f2e799b2 mes5/x86_64/firefox-el-17.0.5-0.1mdvmes5.2.x86_64.rpm 4e58ae7627f5d6d0ba4d7c215c252611 mes5/x86_64/firefox-en_GB-17.0.5-0.1mdvmes5.2.x86_64.rpm 777062d66c8b57c59dc72c60bcade5aa mes5/x86_64/firefox-eo-17.0.5-0.1mdvmes5.2.x86_64.rpm c2b069c9c0105d85c5946f542204a7c7 mes5/x86_64/firefox-es_AR-17.0.5-0.1mdvmes5.2.x86_64.rpm 2a39a098a5b39dee19347f18c033f8c5 mes5/x86_64/firefox-es_ES-17.0.5-0.1mdvmes5.2.x86_64.rpm 412516e1b5a4b4b8b3a7eaf8d2b7806e mes5/x86_64/firefox-et-17.0.5-0.1mdvmes5.2.x86_64.rpm 5225e8ac59ee14a9fe5653e8afaa96b4 mes5/x86_64/firefox-eu-17.0.5-0.1mdvmes5.2.x86_64.rpm e91755da5dc3a6481ef5fd87b66dc2b3 mes5/x86_64/firefox-fi-17.0.5-0.1mdvmes5.2.x86_64.rpm 6c3c9ffddeb301345539516a2128870b mes5/x86_64/firefox-fr-17.0.5-0.1mdvmes5.2.x86_64.rpm f90bff71593d02e29a6801fb30196522 mes5/x86_64/firefox-fy-17.0.5-0.1mdvmes5.2.x86_64.rpm e36128274f24c1e3a905c6834dbd3431 mes5/x86_64/firefox-ga_IE-17.0.5-0.1mdvmes5.2.x86_64.rpm c1d8d7d3060a4a63ecf56e516d704322 mes5/x86_64/firefox-gl-17.0.5-0.1mdvmes5.2.x86_64.rpm fce3e57a97a18461e6784f27c9b5f982 mes5/x86_64/firefox-gu_IN-17.0.5-0.1mdvmes5.2.x86_64.rpm d567bdbe94970ce762fbbec34566271e mes5/x86_64/firefox-he-17.0.5-0.1mdvmes5.2.x86_64.rpm 68a74e20c4ee64127e275d443052a0aa mes5/x86_64/firefox-hi-17.0.5-0.1mdvmes5.2.x86_64.rpm 65eeb5076b7e049d2212f88e8e3a5d2b mes5/x86_64/firefox-hu-17.0.5-0.1mdvmes5.2.x86_64.rpm 7906c9372d2db0981a0f1fc5d068781f mes5/x86_64/firefox-id-17.0.5-0.1mdvmes5.2.x86_64.rpm 39174043fdecada0715aae758b111931 mes5/x86_64/firefox-is-17.0.5-0.1mdvmes5.2.x86_64.rpm 391b93959169588a74801efb2baeb048 mes5/x86_64/firefox-it-17.0.5-0.1mdvmes5.2.x86_64.rpm de1e0b1e3b0e2c1b91b3b9d8250b042d mes5/x86_64/firefox-ja-17.0.5-0.1mdvmes5.2.x86_64.rpm c465364f97f2c2cb891ff5866f7b2048 mes5/x86_64/firefox-kn-17.0.5-0.1mdvmes5.2.x86_64.rpm dd25c3ffde3ac083a3bd439855ab9e66 mes5/x86_64/firefox-ko-17.0.5-0.1mdvmes5.2.x86_64.rpm 0af917c3141a800843563b56e634e4b9 mes5/x86_64/firefox-ku-17.0.5-0.1mdvmes5.2.x86_64.rpm d17896516e04d7b2483c449c07018c1a mes5/x86_64/firefox-lt-17.0.5-0.1mdvmes5.2.x86_64.rpm e7925f0f39dd9cc0be8e390ff5b2511a mes5/x86_64/firefox-lv-17.0.5-0.1mdvmes5.2.x86_64.rpm aa7dada147bc0ee6e14de44582148245 mes5/x86_64/firefox-mk-17.0.5-0.1mdvmes5.2.x86_64.rpm 12eeadd008b58a4c51c396a3296c6876 mes5/x86_64/firefox-mr-17.0.5-0.1mdvmes5.2.x86_64.rpm 6043540a8e8edd39b06c8dbde4bbac6a mes5/x86_64/firefox-nb_NO-17.0.5-0.1mdvmes5.2.x86_64.rpm 0967142165225c2d0cde356bdf91af38 mes5/x86_64/firefox-nl-17.0.5-0.1mdvmes5.2.x86_64.rpm fe4d07e0a85ee4cf0a3ed65c4a24e561 mes5/x86_64/firefox-nn_NO-17.0.5-0.1mdvmes5.2.x86_64.rpm 18c355a3a4ecbed10dd933a2c0cee658 mes5/x86_64/firefox-pa_IN-17.0.5-0.1mdvmes5.2.x86_64.rpm fdb47ab94213fde94caca5c0e956ad0a mes5/x86_64/firefox-pl-17.0.5-0.1mdvmes5.2.x86_64.rpm 26659783f49eb63504f8240af15c46ef mes5/x86_64/firefox-pt_BR-17.0.5-0.1mdvmes5.2.x86_64.rpm 003887926df53eea9cd2c728ce2f2613 mes5/x86_64/firefox-pt_PT-17.0.5-0.1mdvmes5.2.x86_64.rpm f26a734cc64f5630d5763501789af036 mes5/x86_64/firefox-ro-17.0.5-0.1mdvmes5.2.x86_64.rpm 2055c8a4b5ab208de8bb7fc03df6f6ad mes5/x86_64/firefox-ru-17.0.5-0.1mdvmes5.2.x86_64.rpm eb5a279167efdded2ec946f1174885da mes5/x86_64/firefox-si-17.0.5-0.1mdvmes5.2.x86_64.rpm 0884722ce24c5dc947a1693b72ab87a8 mes5/x86_64/firefox-sk-17.0.5-0.1mdvmes5.2.x86_64.rpm 9ec578bd6111680976755026eee9736f mes5/x86_64/firefox-sl-17.0.5-0.1mdvmes5.2.x86_64.rpm d3ed346a9201d1c43ec0addd91404407 mes5/x86_64/firefox-sq-17.0.5-0.1mdvmes5.2.x86_64.rpm 7a3c688c303f03f13d370e078ef527d8 mes5/x86_64/firefox-sr-17.0.5-0.1mdvmes5.2.x86_64.rpm 679acfed547f9ed80a7515a4ac955990 mes5/x86_64/firefox-sv_SE-17.0.5-0.1mdvmes5.2.x86_64.rpm 94bf66782b9ffd747482d41526527b5f mes5/x86_64/firefox-te-17.0.5-0.1mdvmes5.2.x86_64.rpm 9b37e1edaa79527f9bb7159e39be108c mes5/x86_64/firefox-th-17.0.5-0.1mdvmes5.2.x86_64.rpm 2a6557c6d334dc4020f3cd2ba2235a0d mes5/x86_64/firefox-tr-17.0.5-0.1mdvmes5.2.x86_64.rpm c95479524cf439150d838ecd163e7040 mes5/x86_64/firefox-uk-17.0.5-0.1mdvmes5.2.x86_64.rpm aa31ef1321eff4e86d98acfac020fb25 mes5/x86_64/firefox-zh_CN-17.0.5-0.1mdvmes5.2.x86_64.rpm d539dfb331ec70a69828f7665686d9b0 mes5/x86_64/firefox-zh_TW-17.0.5-0.1mdvmes5.2.x86_64.rpm 2028cbbf55353a75366c9cb191efd67c mes5/x86_64/icedtea-web-1.3.1-0.3mdvmes5.2.x86_64.rpm 734ae27edc8c1026bca9947d70fd3fb7 mes5/x86_64/icedtea-web-javadoc-1.3.1-0.3mdvmes5.2.x86_64.rpm be78699f862f4a1d199248510e20ce1b mes5/x86_64/lib64nspr4-4.9.6-0.1mdvmes5.2.x86_64.rpm f62ab4de8ca959c4ff3990c92ea2427b mes5/x86_64/lib64nspr-devel-4.9.6-0.1mdvmes5.2.x86_64.rpm e94bbf818cfa59f67f7e5e75daf2726d mes5/x86_64/lib64xulrunner17.0.5-17.0.5-0.1mdvmes5.2.x86_64.rpm aecb7c59434a3330e7cb64bb6e7d902c mes5/x86_64/lib64xulrunner-devel-17.0.5-0.1mdvmes5.2.x86_64.rpm 531f21b03dbffa6024943663c1ba9e64 mes5/x86_64/xulrunner-17.0.5-0.1mdvmes5.2.x86_64.rpm 2a3a774ee0094a48cf108ed120ba227a mes5/SRPMS/firefox-17.0.5-0.1mdvmes5.2.src.rpm 58a810253d11b6af76cf1bcce6a3e7b4 mes5/SRPMS/firefox-l10n-17.0.5-0.1mdvmes5.2.src.rpm 5add3a80120b73f5ed97c9dd02837c58 mes5/SRPMS/icedtea-web-1.3.1-0.3mdvmes5.2.src.rpm 6d70b7e57cc741f0b587a1effee81fb4 mes5/SRPMS/nspr-4.9.6-0.1mdvmes5.2.src.rpm d7f835773038004ff8995ef676f8397e mes5/SRPMS/xulrunner-17.0.5-0.1mdvmes5.2.src.rpm
To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandriva Linux at:
http://www.mandriva.com/en/support/security/advisories/
If you want to report vulnerabilities, please contact
security_(at)_mandriva.com
Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux)
iD8DBQFRZBk1mqjQ0CJFipgRAplSAJ44faYKLDitsBC24gBnRhdQycVEmgCgq1FV wMd/SGhxwMMZZ8YXJEH7z9g= =83zI -----END PGP SIGNATURE-----
Show details on source website{
"affected_products": {
"_id": null,
"data": [
{
"_id": null,
"model": "seamonkey",
"scope": "eq",
"trust": 1.9,
"vendor": "mozilla",
"version": "2.1"
},
{
"_id": null,
"model": "seamonkey",
"scope": "eq",
"trust": 1.9,
"vendor": "mozilla",
"version": "2.11"
},
{
"_id": null,
"model": "seamonkey",
"scope": "eq",
"trust": 1.9,
"vendor": "mozilla",
"version": "2.4"
},
{
"_id": null,
"model": "seamonkey",
"scope": "eq",
"trust": 1.9,
"vendor": "mozilla",
"version": "2.2"
},
{
"_id": null,
"model": "seamonkey",
"scope": "eq",
"trust": 1.9,
"vendor": "mozilla",
"version": "2.3"
},
{
"_id": null,
"model": "seamonkey",
"scope": "eq",
"trust": 1.9,
"vendor": "mozilla",
"version": "2.12"
},
{
"_id": null,
"model": "seamonkey",
"scope": "eq",
"trust": 1.9,
"vendor": "mozilla",
"version": "2.13.1"
},
{
"_id": null,
"model": "seamonkey",
"scope": "eq",
"trust": 1.3,
"vendor": "mozilla",
"version": "2.0.11"
},
{
"_id": null,
"model": "seamonkey",
"scope": "eq",
"trust": 1.3,
"vendor": "mozilla",
"version": "2.0.5"
},
{
"_id": null,
"model": "seamonkey",
"scope": "eq",
"trust": 1.3,
"vendor": "mozilla",
"version": "2.7.1"
},
{
"_id": null,
"model": "thunderbird esr",
"scope": "eq",
"trust": 1.3,
"vendor": "mozilla",
"version": "17.0.1"
},
{
"_id": null,
"model": "thunderbird",
"scope": "eq",
"trust": 1.3,
"vendor": "mozilla",
"version": "17.0.4"
},
{
"_id": null,
"model": "seamonkey",
"scope": "eq",
"trust": 1.3,
"vendor": "mozilla",
"version": "2.15"
},
{
"_id": null,
"model": "seamonkey",
"scope": "eq",
"trust": 1.3,
"vendor": "mozilla",
"version": "2.0.10"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 1.3,
"vendor": "mozilla",
"version": "17.0.1"
},
{
"_id": null,
"model": "thunderbird esr",
"scope": "eq",
"trust": 1.3,
"vendor": "mozilla",
"version": "17.0.4"
},
{
"_id": null,
"model": "seamonkey",
"scope": "eq",
"trust": 1.3,
"vendor": "mozilla",
"version": "2.5"
},
{
"_id": null,
"model": "seamonkey",
"scope": "eq",
"trust": 1.3,
"vendor": "mozilla",
"version": "2.10"
},
{
"_id": null,
"model": "seamonkey",
"scope": "eq",
"trust": 1.3,
"vendor": "mozilla",
"version": "2.0.13"
},
{
"_id": null,
"model": "seamonkey",
"scope": "eq",
"trust": 1.3,
"vendor": "mozilla",
"version": "2.0.14"
},
{
"_id": null,
"model": "seamonkey",
"scope": "eq",
"trust": 1.3,
"vendor": "mozilla",
"version": "2.0.9"
},
{
"_id": null,
"model": "seamonkey",
"scope": "eq",
"trust": 1.3,
"vendor": "mozilla",
"version": "2.0.12"
},
{
"_id": null,
"model": "seamonkey",
"scope": "eq",
"trust": 1.3,
"vendor": "mozilla",
"version": "2.0"
},
{
"_id": null,
"model": "seamonkey",
"scope": "eq",
"trust": 1.3,
"vendor": "mozilla",
"version": "2.0.2"
},
{
"_id": null,
"model": "seamonkey",
"scope": "eq",
"trust": 1.3,
"vendor": "mozilla",
"version": "2.0.4"
},
{
"_id": null,
"model": "seamonkey",
"scope": "eq",
"trust": 1.3,
"vendor": "mozilla",
"version": "2.0.3"
},
{
"_id": null,
"model": "thunderbird",
"scope": "eq",
"trust": 1.3,
"vendor": "mozilla",
"version": "17.0.3"
},
{
"_id": null,
"model": "seamonkey",
"scope": "eq",
"trust": 1.3,
"vendor": "mozilla",
"version": "2.0.6"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 1.3,
"vendor": "mozilla",
"version": "19.0"
},
{
"_id": null,
"model": "thunderbird esr",
"scope": "eq",
"trust": 1.3,
"vendor": "mozilla",
"version": "17.0.3"
},
{
"_id": null,
"model": "seamonkey",
"scope": "eq",
"trust": 1.3,
"vendor": "mozilla",
"version": "2.14"
},
{
"_id": null,
"model": "seamonkey",
"scope": "eq",
"trust": 1.3,
"vendor": "mozilla",
"version": "2.0.7"
},
{
"_id": null,
"model": "seamonkey",
"scope": "eq",
"trust": 1.3,
"vendor": "mozilla",
"version": "2.9"
},
{
"_id": null,
"model": "seamonkey",
"scope": "eq",
"trust": 1.3,
"vendor": "mozilla",
"version": "2.13.2"
},
{
"_id": null,
"model": "thunderbird",
"scope": "eq",
"trust": 1.3,
"vendor": "mozilla",
"version": "17.0.2"
},
{
"_id": null,
"model": "seamonkey",
"scope": "eq",
"trust": 1.3,
"vendor": "mozilla",
"version": "2.6"
},
{
"_id": null,
"model": "seamonkey",
"scope": "eq",
"trust": 1.3,
"vendor": "mozilla",
"version": "2.0.1"
},
{
"_id": null,
"model": "thunderbird",
"scope": "eq",
"trust": 1.3,
"vendor": "mozilla",
"version": "17.0"
},
{
"_id": null,
"model": "seamonkey",
"scope": "eq",
"trust": 1.3,
"vendor": "mozilla",
"version": "2.7.2"
},
{
"_id": null,
"model": "thunderbird esr",
"scope": "eq",
"trust": 1.3,
"vendor": "mozilla",
"version": "17.0.2"
},
{
"_id": null,
"model": "seamonkey",
"scope": "eq",
"trust": 1.3,
"vendor": "mozilla",
"version": "2.0.8"
},
{
"_id": null,
"model": "seamonkey",
"scope": "eq",
"trust": 1.3,
"vendor": "mozilla",
"version": "2.13"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 1.3,
"vendor": "mozilla",
"version": "17.0"
},
{
"_id": null,
"model": "seamonkey",
"scope": "eq",
"trust": 1.3,
"vendor": "mozilla",
"version": "2.16"
},
{
"_id": null,
"model": "seamonkey",
"scope": "eq",
"trust": 1.3,
"vendor": "mozilla",
"version": "2.8"
},
{
"_id": null,
"model": "seamonkey",
"scope": "eq",
"trust": 1.3,
"vendor": "mozilla",
"version": "2.16.1"
},
{
"_id": null,
"model": "seamonkey",
"scope": "eq",
"trust": 1.3,
"vendor": "mozilla",
"version": "2.7"
},
{
"_id": null,
"model": "seamonkey",
"scope": "eq",
"trust": 1.0,
"vendor": "mozilla",
"version": "2.6.1"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 1.0,
"vendor": "mozilla",
"version": "17.0.3"
},
{
"_id": null,
"model": "thunderbird esr",
"scope": "eq",
"trust": 1.0,
"vendor": "mozilla",
"version": "17.0"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 1.0,
"vendor": "mozilla",
"version": "19.0.1"
},
{
"_id": null,
"model": "firefox",
"scope": "lte",
"trust": 1.0,
"vendor": "mozilla",
"version": "19.0.2"
},
{
"_id": null,
"model": "seamonkey",
"scope": "eq",
"trust": 1.0,
"vendor": "mozilla",
"version": "2.4.1"
},
{
"_id": null,
"model": "seamonkey",
"scope": "eq",
"trust": 1.0,
"vendor": "mozilla",
"version": "2.3.2"
},
{
"_id": null,
"model": "thunderbird",
"scope": "eq",
"trust": 1.0,
"vendor": "mozilla",
"version": "17.0.1"
},
{
"_id": null,
"model": "seamonkey",
"scope": "eq",
"trust": 1.0,
"vendor": "mozilla",
"version": "2.3.1"
},
{
"_id": null,
"model": "seamonkey",
"scope": "eq",
"trust": 1.0,
"vendor": "mozilla",
"version": "2.16.2"
},
{
"_id": null,
"model": "seamonkey",
"scope": "eq",
"trust": 1.0,
"vendor": "mozilla",
"version": "2.3.3"
},
{
"_id": null,
"model": "seamonkey",
"scope": "eq",
"trust": 1.0,
"vendor": "mozilla",
"version": "2.17"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 1.0,
"vendor": "mozilla",
"version": "17.0.2"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 1.0,
"vendor": "mozilla",
"version": "17.0.4"
},
{
"_id": null,
"model": "seamonkey",
"scope": "eq",
"trust": 1.0,
"vendor": "mozilla",
"version": "2.15.2"
},
{
"_id": null,
"model": "seamonkey",
"scope": "eq",
"trust": 1.0,
"vendor": "mozilla",
"version": "2.15.1"
},
{
"_id": null,
"model": "seamonkey",
"scope": "eq",
"trust": 1.0,
"vendor": "mozilla",
"version": "2.9.1"
},
{
"_id": null,
"model": "seamonkey",
"scope": "eq",
"trust": 1.0,
"vendor": "mozilla",
"version": "2.12.1"
},
{
"_id": null,
"model": "seamonkey",
"scope": "lte",
"trust": 1.0,
"vendor": "mozilla",
"version": "2.17"
},
{
"_id": null,
"model": "seamonkey",
"scope": "eq",
"trust": 1.0,
"vendor": "mozilla",
"version": "2.10.1"
},
{
"_id": null,
"model": "firefox",
"scope": "lt",
"trust": 0.8,
"vendor": "mozilla",
"version": "20.0"
},
{
"_id": null,
"model": "firefox esr",
"scope": "lt",
"trust": 0.8,
"vendor": "mozilla",
"version": "17.0.5"
},
{
"_id": null,
"model": "seamonkey",
"scope": "lt",
"trust": 0.8,
"vendor": "mozilla",
"version": "2.17"
},
{
"_id": null,
"model": "thunderbird",
"scope": "lt",
"trust": 0.8,
"vendor": "mozilla",
"version": "17.0.5"
},
{
"_id": null,
"model": "thunderbird esr",
"scope": "lt",
"trust": 0.8,
"vendor": "mozilla",
"version": "17.0.5"
},
{
"_id": null,
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "13.0"
},
{
"_id": null,
"model": "seamonkey",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.0.5"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.6"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.0.6"
},
{
"_id": null,
"model": "scale out network attached storage",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.21-21"
},
{
"_id": null,
"model": "firefox esr",
"scope": "ne",
"trust": 0.3,
"vendor": "mozilla",
"version": "24.1"
},
{
"_id": null,
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.0.8"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.5.0.9"
},
{
"_id": null,
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2.1"
},
{
"_id": null,
"model": "thunderbird esr",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "10.0.2"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.0"
},
{
"_id": null,
"model": "seamonkey",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.1.2"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "0.8"
},
{
"_id": null,
"model": "enterprise linux server",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"_id": null,
"model": "seamonkey",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.1.9"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "10.0.1"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "4.0.1"
},
{
"_id": null,
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.1.19"
},
{
"_id": null,
"model": "firefox esr",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "10.0.4"
},
{
"_id": null,
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.0.9"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.6.7"
},
{
"_id": null,
"model": "browser avant browser build",
"scope": "ne",
"trust": 0.3,
"vendor": "avant",
"version": "2013107"
},
{
"_id": null,
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "11.10"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.5.7"
},
{
"_id": null,
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2.1"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.6.2"
},
{
"_id": null,
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.0.17"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "14.0"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "11.0"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.5.11"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.5.4"
},
{
"_id": null,
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "10.0.2"
},
{
"_id": null,
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.1"
},
{
"_id": null,
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.5"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.5.6"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.6.12"
},
{
"_id": null,
"model": "firefox esr",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "10.0.9"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.8"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.0.16"
},
{
"_id": null,
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"_id": null,
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.3"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.0.4"
},
{
"_id": null,
"model": "thunderbird esr",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "10.0.8"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "14.01"
},
{
"_id": null,
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2.3"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.0.7"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.4.1"
},
{
"_id": null,
"model": "seamonkey",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.1.18"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.0.7"
},
{
"_id": null,
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.0.8"
},
{
"_id": null,
"model": "thunderbird esr",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "10.0.11"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "13.0"
},
{
"_id": null,
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "0.7.3"
},
{
"_id": null,
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "6.0.2"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.0.0.19"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.5.2"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.0.8"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.6.20"
},
{
"_id": null,
"model": "aura session manager sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"_id": null,
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "12.10"
},
{
"_id": null,
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "7.0.1"
},
{
"_id": null,
"model": "seamonkey",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.1.1"
},
{
"_id": null,
"model": "linux enterprise server sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"_id": null,
"model": "seamonkey",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.0.9"
},
{
"_id": null,
"model": "thunderbird esr",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "10.0.5"
},
{
"_id": null,
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.5.3"
},
{
"_id": null,
"model": "linux enterprise server sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.0.9"
},
{
"_id": null,
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "12.10"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.5.0.3"
},
{
"_id": null,
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.0.2"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.0.17"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.0.1"
},
{
"_id": null,
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.1.16"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.5"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "0.10.1"
},
{
"_id": null,
"model": "seamonkey",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.1.6"
},
{
"_id": null,
"model": "thunderbird esr",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "10.0.7"
},
{
"_id": null,
"model": "seamonkey",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.1.17"
},
{
"_id": null,
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.2"
},
{
"_id": null,
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.1.14"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "10"
},
{
"_id": null,
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "8.0"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.5.7"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.5.17"
},
{
"_id": null,
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.0.0.13"
},
{
"_id": null,
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "16.0.1"
},
{
"_id": null,
"model": "thunderbird esr",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "10.0.6"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.0.0.2"
},
{
"_id": null,
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.1.15"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.5.13"
},
{
"_id": null,
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.1.11"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.0.0.12"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.6.9"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.0.8"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "0.0.13"
},
{
"_id": null,
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "12.0"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.5.1"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.0.0.15"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.6.24"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.5.1"
},
{
"_id": null,
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.0.1"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "6.0.2"
},
{
"_id": null,
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.1"
},
{
"_id": null,
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "10.0"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "8.0.1"
},
{
"_id": null,
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.1"
},
{
"_id": null,
"model": "thunderbird esr",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "10.0.10"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "7.0.1"
},
{
"_id": null,
"model": "seamonkey",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.1.7"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.6.19"
},
{
"_id": null,
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"_id": null,
"model": "seamonkey",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.1.19"
},
{
"_id": null,
"model": "seamonkey",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.1.10"
},
{
"_id": null,
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.0.8"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.0.2"
},
{
"_id": null,
"model": "browser avant browser build",
"scope": "eq",
"trust": 0.3,
"vendor": "avant",
"version": "201312"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.0.3"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.6.18"
},
{
"_id": null,
"model": "linux ia-64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.2"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.5.18"
},
{
"_id": null,
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.1.6"
},
{
"_id": null,
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.1.4"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.6.23"
},
{
"_id": null,
"model": "seamonkey",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.1.3"
},
{
"_id": null,
"model": "browser avant browser build",
"scope": "eq",
"trust": 0.3,
"vendor": "avant",
"version": "201321"
},
{
"_id": null,
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.0.0.11"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.5.8"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "0.9.1"
},
{
"_id": null,
"model": "thunderbird esr",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "10.0.3"
},
{
"_id": null,
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.0.19"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "8.0"
},
{
"_id": null,
"model": "enterprise linux workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "16.0.1"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.5.10"
},
{
"_id": null,
"model": "scale out network attached storage",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "1.4.1.0"
},
{
"_id": null,
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.0.6"
},
{
"_id": null,
"model": "enterprise linux desktop client",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.0.17"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.6.26"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "9.0.1"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "12.0"
},
{
"_id": null,
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.0.6"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.6.27"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.5.0.11"
},
{
"_id": null,
"model": "seamonkey",
"scope": "ne",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.17"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.0.1"
},
{
"_id": null,
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.024"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "10.0"
},
{
"_id": null,
"model": "firefox esr",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "17.0.2"
},
{
"_id": null,
"model": "iq",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"_id": null,
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.1"
},
{
"_id": null,
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "11.4"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.0.13"
},
{
"_id": null,
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.5.0.5"
},
{
"_id": null,
"model": "aura presence services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"_id": null,
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "0.7.2"
},
{
"_id": null,
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.0.11"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.1"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "0.9.2"
},
{
"_id": null,
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.5"
},
{
"_id": null,
"model": "scale out network attached storage",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.2.2"
},
{
"_id": null,
"model": "thunderbird esr",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "10.0.12"
},
{
"_id": null,
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "0.6"
},
{
"_id": null,
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "15"
},
{
"_id": null,
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.0.5"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.0.8"
},
{
"_id": null,
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.5.9"
},
{
"_id": null,
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.0.9"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.5.14"
},
{
"_id": null,
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.5.0.7"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.0.7"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.0.3"
},
{
"_id": null,
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.1.9"
},
{
"_id": null,
"model": "firefox",
"scope": "ne",
"trust": 0.3,
"vendor": "mozilla",
"version": "20.0"
},
{
"_id": null,
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.0.5"
},
{
"_id": null,
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.1.8"
},
{
"_id": null,
"model": "scale out network attached storage",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.2"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.0.0.11"
},
{
"_id": null,
"model": "firefox esr",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "10.0.8"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.0.15"
},
{
"_id": null,
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.0.19"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.5.15"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.6.4"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.0.18"
},
{
"_id": null,
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "0.7"
},
{
"_id": null,
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "12.2"
},
{
"_id": null,
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"_id": null,
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.0.3"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.0.6"
},
{
"_id": null,
"model": "linux lts amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "12.04"
},
{
"_id": null,
"model": "thunderbird esr",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "10.0.4"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.0.6"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.5.16"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.6.6"
},
{
"_id": null,
"model": "seamonkey",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.5.0.10"
},
{
"_id": null,
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.1.20"
},
{
"_id": null,
"model": "linux mips",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "scale out network attached storage",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.0.5"
},
{
"_id": null,
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.0.1"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.6.25"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.5.0.5"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.0.11"
},
{
"_id": null,
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.1"
},
{
"_id": null,
"model": "linux enterprise server for vmware sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.6.13"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "0.6"
},
{
"_id": null,
"model": "communication server 1000e signaling server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.6"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "15"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.0.5"
},
{
"_id": null,
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.0.5"
},
{
"_id": null,
"model": "linux enterprise server sp1 for vmware lt",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.6.22"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.0.9"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.5.5"
},
{
"_id": null,
"model": "enterprise server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "5"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.6.3"
},
{
"_id": null,
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.3"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.5.0.7"
},
{
"_id": null,
"model": "aura session manager sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"_id": null,
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.1.18"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "19.0.2"
},
{
"_id": null,
"model": "seamonkey",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.1.15"
},
{
"_id": null,
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "12.1"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.0.5"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "0.6.1"
},
{
"_id": null,
"model": "seamonkey",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.5.0.8"
},
{
"_id": null,
"model": "one-x client enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"_id": null,
"model": "communication server 1000m",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.6"
},
{
"_id": null,
"model": "linux x86 64 -current",
"scope": null,
"trust": 0.3,
"vendor": "slackware",
"version": null
},
{
"_id": null,
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.0.2"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "14.0"
},
{
"_id": null,
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "6.0"
},
{
"_id": null,
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.5.0.4"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.6.17"
},
{
"_id": null,
"model": "enterprise linux hpc node optional",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.6.10"
},
{
"_id": null,
"model": "scale out network attached storage",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.0.4"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.0.3"
},
{
"_id": null,
"model": "communication server 1000m signaling server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.6"
},
{
"_id": null,
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.1.1"
},
{
"_id": null,
"model": "productions pale moon",
"scope": "ne",
"trust": 0.3,
"vendor": "moonchild",
"version": "20.0.1"
},
{
"_id": null,
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.0"
},
{
"_id": null,
"model": "seamonkey",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.5.0.9"
},
{
"_id": null,
"model": "iq",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.1.1"
},
{
"_id": null,
"model": "communication server 1000e",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.6"
},
{
"_id": null,
"model": "firefox esr",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "10.0.10"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.0.14"
},
{
"_id": null,
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.1.1"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "4.0"
},
{
"_id": null,
"model": "scale out network attached storage",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.2.3"
},
{
"_id": null,
"model": "enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "5"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.0.1"
},
{
"_id": null,
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "14"
},
{
"_id": null,
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "16.0.2"
},
{
"_id": null,
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.1.3"
},
{
"_id": null,
"model": "productions pale moon",
"scope": "eq",
"trust": 0.3,
"vendor": "moonchild",
"version": "19.0"
},
{
"_id": null,
"model": "seamonkey",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.1.13"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.0.5"
},
{
"_id": null,
"model": "enterprise linux workstation optional",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.5.6"
},
{
"_id": null,
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.5.0.2"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.5.9"
},
{
"_id": null,
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.0.15"
},
{
"_id": null,
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "0.7.1"
},
{
"_id": null,
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.0.0.23"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.0.2"
},
{
"_id": null,
"model": "seamonkey",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.1.5"
},
{
"_id": null,
"model": "seamonkey",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.1.12"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "6.0"
},
{
"_id": null,
"model": "seamonkey",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.1.11"
},
{
"_id": null,
"model": "seamonkey",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.0.6"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.5.0.4"
},
{
"_id": null,
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.5.0.12"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.5.0.6"
},
{
"_id": null,
"model": "seamonkey",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.0.7"
},
{
"_id": null,
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "7.0"
},
{
"_id": null,
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.1"
},
{
"_id": null,
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "6"
},
{
"_id": null,
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.1.7"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "13.37"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.6.28"
},
{
"_id": null,
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.1.5"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.0"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6"
},
{
"_id": null,
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "6.0.1"
},
{
"_id": null,
"model": "h3c s7500e series switches",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"_id": null,
"model": "seamonkey beta",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.1"
},
{
"_id": null,
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.0.10"
},
{
"_id": null,
"model": "firefox esr",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "10.0.2"
},
{
"_id": null,
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.3"
},
{
"_id": null,
"model": "linux lts i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "12.04"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "14"
},
{
"_id": null,
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.1.10"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "16.0.2"
},
{
"_id": null,
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "9.0"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.5.4"
},
{
"_id": null,
"model": "aura presence services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.0.16"
},
{
"_id": null,
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.5.13"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.0.10"
},
{
"_id": null,
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.5.0.1"
},
{
"_id": null,
"model": "thunderbird",
"scope": "ne",
"trust": 0.3,
"vendor": "mozilla",
"version": "17.0.5"
},
{
"_id": null,
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.0.13"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.512"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.0.4"
},
{
"_id": null,
"model": "seamonkey",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.1.8"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.5.3"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.5.0.2"
},
{
"_id": null,
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.1.17"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.6.15"
},
{
"_id": null,
"model": "linux s/390",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "linux x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "14.0"
},
{
"_id": null,
"model": "communication server 1000m signaling server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.0"
},
{
"_id": null,
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.1.12"
},
{
"_id": null,
"model": "communication server 1000e",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.0"
},
{
"_id": null,
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.0.14"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "7.0"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "6"
},
{
"_id": null,
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2.2"
},
{
"_id": null,
"model": "firefox esr",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "10.0.11"
},
{
"_id": null,
"model": "browser avant browser build",
"scope": "eq",
"trust": 0.3,
"vendor": "avant",
"version": "201317"
},
{
"_id": null,
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "12.3"
},
{
"_id": null,
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.0.0.22"
},
{
"_id": null,
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "5.0"
},
{
"_id": null,
"model": "seamonkey",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.0.1"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "6.0.1"
},
{
"_id": null,
"model": "thunderbird esr",
"scope": "ne",
"trust": 0.3,
"vendor": "mozilla",
"version": "17.0.5"
},
{
"_id": null,
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.5"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.5.5"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.0.10"
},
{
"_id": null,
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.0.12"
},
{
"_id": null,
"model": "firefox esr",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "10.0.5"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "18.0"
},
{
"_id": null,
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "11.10"
},
{
"_id": null,
"model": "seamonkey",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.1.4"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.6.14"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.5.12"
},
{
"_id": null,
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.0.0.18"
},
{
"_id": null,
"model": "firefox esr",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "17.0.1"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "9.0"
},
{
"_id": null,
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "scale out network attached storage",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.1"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "5.0.1"
},
{
"_id": null,
"model": "linux enterprise server sp1 ltss",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"_id": null,
"model": "centos",
"scope": "eq",
"trust": 0.3,
"vendor": "centos",
"version": "5"
},
{
"_id": null,
"model": "seamonkey",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.0.2"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.0.19"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.0.16"
},
{
"_id": null,
"model": "thunderbird esr",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "10.0.9"
},
{
"_id": null,
"model": "enterprise linux server optional",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"_id": null,
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.1.2"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "0.5"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.5.0.1"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "0.3"
},
{
"_id": null,
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.2"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "7"
},
{
"_id": null,
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "16"
},
{
"_id": null,
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "firefox esr",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "10.0.7"
},
{
"_id": null,
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.0.4"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.0.12"
},
{
"_id": null,
"model": "productions pale moon",
"scope": "eq",
"trust": 0.3,
"vendor": "moonchild",
"version": "19.0.2"
},
{
"_id": null,
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "0.9"
},
{
"_id": null,
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.5.0.10"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "0.10"
},
{
"_id": null,
"model": "linux enterprise sdk sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"_id": null,
"model": "linux x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "13.37"
},
{
"_id": null,
"model": "firefox esr",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "10.0.6"
},
{
"_id": null,
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "5"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "0.7"
},
{
"_id": null,
"model": "firefox esr",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "17.0.4"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "5.0"
},
{
"_id": null,
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.0.0.21"
},
{
"_id": null,
"model": "linux -current",
"scope": null,
"trust": 0.3,
"vendor": "slackware",
"version": null
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "15.0.1"
},
{
"_id": null,
"model": "firefox esr",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "17.0.3"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.0.0.18"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.5.8"
},
{
"_id": null,
"model": "seamonkey",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.0.8"
},
{
"_id": null,
"model": "enterprise linux optional productivity application server",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"_id": null,
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.5.0.8"
},
{
"_id": null,
"model": "scale out network attached storage",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.21-20"
},
{
"_id": null,
"model": "firefox beta",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.01"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.020"
},
{
"_id": null,
"model": "enterprise linux desktop optional",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"_id": null,
"model": "seamonkey",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.0.3"
},
{
"_id": null,
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"_id": null,
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.0.0.14"
},
{
"_id": null,
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.0.6"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "0.1"
},
{
"_id": null,
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "16"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.5.2"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.0.4"
},
{
"_id": null,
"model": "communication server 1000e signaling server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.5"
},
{
"_id": null,
"model": "firefox esr",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "10.0.3"
},
{
"_id": null,
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.0"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "0.9"
},
{
"_id": null,
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "0.8"
},
{
"_id": null,
"model": "enterprise linux server",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.5.0.10"
},
{
"_id": null,
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "10.0.1"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.5"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.6.8"
},
{
"_id": null,
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.0"
},
{
"_id": null,
"model": "linux ia-32",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.1.13"
},
{
"_id": null,
"model": "productions pale moon",
"scope": "eq",
"trust": 0.3,
"vendor": "moonchild",
"version": "19.0.1"
},
{
"_id": null,
"model": "linux enterprise desktop sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"_id": null,
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "11.0"
},
{
"_id": null,
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "14.0"
},
{
"_id": null,
"model": "communication server 1000m",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.5"
},
{
"_id": null,
"model": "communication server 1000e signaling server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.0"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.6.11"
},
{
"_id": null,
"model": "enterprise linux desktop workstation client",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"_id": null,
"model": "linux enterprise desktop sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"_id": null,
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "firefox esr",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "10.0.12"
},
{
"_id": null,
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "10.0.2"
},
{
"_id": null,
"model": "iq",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.1"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "0.9.3"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.6.16"
},
{
"_id": null,
"model": "seamonkey",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.1.14"
},
{
"_id": null,
"model": "communication server 1000m signaling server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.5"
},
{
"_id": null,
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.0.4"
},
{
"_id": null,
"model": "seamonkey",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.1.16"
},
{
"_id": null,
"model": "communication server 1000e",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.5"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.5.19"
},
{
"_id": null,
"model": "seamonkey",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.0.99"
},
{
"_id": null,
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.0.7"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "0.2"
},
{
"_id": null,
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.5.0.14"
},
{
"_id": null,
"model": "communication server 1000m",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.0"
},
{
"_id": null,
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.0.7"
}
],
"sources": [
{
"db": "BID",
"id": "58837"
},
{
"db": "CNNVD",
"id": "CNNVD-201304-047"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-002129"
},
{
"db": "NVD",
"id": "CVE-2013-0793"
}
]
},
"configurations": {
"_id": null,
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:mozilla:firefox",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:mozilla:firefox_esr",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:mozilla:seamonkey",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:mozilla:thunderbird",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:mozilla:thunderbird_esr",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-002129"
}
]
},
"credits": {
"_id": null,
"data": "Mariusz Mlynski",
"sources": [
{
"db": "BID",
"id": "58837"
}
],
"trust": 0.3
},
"cve": "CVE-2013-0793",
"cvss": {
"_id": null,
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "CVE-2013-0793",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2013-0793",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2013-0793",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-201304-047",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201304-047"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-002129"
},
{
"db": "NVD",
"id": "CVE-2013-0793"
}
]
},
"description": {
"_id": null,
"data": "Mozilla Firefox before 20.0, Firefox ESR 17.x before 17.0.5, Thunderbird before 17.0.5, Thunderbird ESR 17.x before 17.0.5, and SeaMonkey before 2.17 do not ensure the correctness of the address bar during history navigation, which allows remote attackers to conduct cross-site scripting (XSS) attacks or phishing attacks by leveraging control over navigation timing. Mozilla Firefox, SeaMonkey, and Thunderbird are prone to a cross-site scripting vulnerability. \nAn attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and launch other attacks. \nNote: This issue was previously discussed in BID 58818 (Mozilla Firefox/Thunderbird/SeaMonkey MFSA 2013-30 through -40 Multiple Vulnerabilities), but has been moved to its own record to better document it. \nThe issue is fixed in:\nFirefox 20.0\nFirefox ESR 17.0.5\nThunderbird 17.0.5\nThunderbird ESR 17.0.5\nSeaMonkey 2.17. ============================================================================\nUbuntu Security Notice USN-1786-2\nApril 04, 2013\n\nunity-firefox-extension update\n============================================================================\n\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 12.10\n\nSummary:\n\nThis update provides a compatible version of Unity Firefox Extension for\nFirefox 20. \n\nSoftware Description:\n- unity-firefox-extension: Unity Integration for Firefox\n\nDetails:\n\nUSN-1786-1 fixed vulnerabilities in Firefox. (CVE-2013-0788, CVE-2013-0789)\n \n Ambroz Bizjak discovered an out-of-bounds array read in the\n CERT_DecodeCertPackage function of the Network Security Services (NSS)\n libary when decoding certain certificates. An attacker could potentially\n exploit this to cause a denial of service via application crash. \n (CVE-2013-0791)\n \n Tobias Schula discovered an information leak in Firefox when the\n gfx.color_management.enablev4 preference is enabled. If the user were\n tricked into opening a specially crafted image, an attacker could\n potentially exploit this to steal confidential data. By default, the\n gfx.color_management.enablev4 preference is not enabled in Ubuntu. \n (CVE-2013-0792)\n \n Mariusz Mlynski discovered that timed history navigations could be used to\n load arbitrary websites with the wrong URL displayed in the addressbar. (CVE-2013-0793)\n \n It was discovered that the origin indication on tab-modal dialog boxes\n could be removed, which could allow an attacker\u0027s dialog to be displayed\n over another sites content. An attacker could exploit this to conduct\n phishing attacks. (CVE-2013-0794)\n \n Cody Crews discovered that the cloneNode method could be used to\n bypass System Only Wrappers (SOW) to clone a protected node and bypass\n same-origin policy checks. (CVE-2013-0795)\n \n A crash in WebGL rendering was discovered in Firefox. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 201309-23\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n http://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: High\n Title: Mozilla Products: Multiple vulnerabilities\n Date: September 27, 2013\n Bugs: #450940, #458390, #460818, #464226, #469868, #474758,\n #479968, #485258\n ID: 201309-23\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nMultiple vulnerabilities have been found in Mozilla Firefox,\nThunderbird, and SeaMonkey, some of which may allow a remote user to\nexecute arbitrary code. The\nSeaMonkey project is a community effort to deliver production-quality\nreleases of code derived from the application formerly known as the\n\u0027Mozilla Application Suite\u0027. Please review the CVE identifiers\nreferenced below for details. Further, a remote attacker could conduct\nXSS attacks, spoof URLs, bypass address space layout randomization,\nconduct clickjacking attacks, obtain potentially sensitive information,\nbypass access restrictions, modify the local filesystem, or conduct\nother unspecified attacks. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll Mozilla Firefox users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=www-client/firefox-17.0.9\"\n\nAll users of the Mozilla Firefox binary package should upgrade to the\nlatest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=www-client/firefox-bin-17.0.9\"\n\nAll Mozilla Thunderbird users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=mail-client/thunderbird-17.0.9\"=\n\n\nAll users of the Mozilla Thunderbird binary package should upgrade to\nthe latest version:\n\n # emerge --sync\n # emerge --ask --oneshot -v \"\u003e=mail-client/thunderbird-bin-17.0.9\"\n\nAll SeaMonkey users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=www-client/seamonkey-2.21\"\n\nAll users of the Mozilla SeaMonkey binary package should upgrade to the\nlatest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=www-client/seamonkey-bin-2.21\"\n\nReferences\n==========\n\n[ 1 ] CVE-2013-0744\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0744\n[ 2 ] CVE-2013-0745\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0745\n[ 3 ] CVE-2013-0746\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0746\n[ 4 ] CVE-2013-0747\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0747\n[ 5 ] CVE-2013-0748\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0748\n[ 6 ] CVE-2013-0749\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0749\n[ 7 ] CVE-2013-0750\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0750\n[ 8 ] CVE-2013-0751\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0751\n[ 9 ] CVE-2013-0752\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0752\n[ 10 ] CVE-2013-0753\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0753\n[ 11 ] CVE-2013-0754\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0754\n[ 12 ] CVE-2013-0755\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0755\n[ 13 ] CVE-2013-0756\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0756\n[ 14 ] CVE-2013-0757\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0757\n[ 15 ] CVE-2013-0758\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0758\n[ 16 ] CVE-2013-0759\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0759\n[ 17 ] CVE-2013-0760\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0760\n[ 18 ] CVE-2013-0761\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0761\n[ 19 ] CVE-2013-0762\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0762\n[ 20 ] CVE-2013-0763\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0763\n[ 21 ] CVE-2013-0764\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0764\n[ 22 ] CVE-2013-0765\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0765\n[ 23 ] CVE-2013-0766\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0766\n[ 24 ] CVE-2013-0767\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0767\n[ 25 ] CVE-2013-0768\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0768\n[ 26 ] CVE-2013-0769\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0769\n[ 27 ] CVE-2013-0770\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0770\n[ 28 ] CVE-2013-0771\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0771\n[ 29 ] CVE-2013-0772\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0772\n[ 30 ] CVE-2013-0773\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0773\n[ 31 ] CVE-2013-0774\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0774\n[ 32 ] CVE-2013-0775\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0775\n[ 33 ] CVE-2013-0776\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0776\n[ 34 ] CVE-2013-0777\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0777\n[ 35 ] CVE-2013-0778\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0778\n[ 36 ] CVE-2013-0779\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0779\n[ 37 ] CVE-2013-0780\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0780\n[ 38 ] CVE-2013-0781\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0781\n[ 39 ] CVE-2013-0782\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0782\n[ 40 ] CVE-2013-0783\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0783\n[ 41 ] CVE-2013-0784\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0784\n[ 42 ] CVE-2013-0787\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0787\n[ 43 ] CVE-2013-0788\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0788\n[ 44 ] CVE-2013-0789\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0789\n[ 45 ] CVE-2013-0791\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0791\n[ 46 ] CVE-2013-0792\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0792\n[ 47 ] CVE-2013-0793\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0793\n[ 48 ] CVE-2013-0794\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0794\n[ 49 ] CVE-2013-0795\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0795\n[ 50 ] CVE-2013-0796\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0796\n[ 51 ] CVE-2013-0797\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0797\n[ 52 ] CVE-2013-0799\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0799\n[ 53 ] CVE-2013-0800\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0800\n[ 54 ] CVE-2013-0801\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0801\n[ 55 ] CVE-2013-1670\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1670\n[ 56 ] CVE-2013-1671\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1671\n[ 57 ] CVE-2013-1674\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1674\n[ 58 ] CVE-2013-1675\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1675\n[ 59 ] CVE-2013-1676\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1676\n[ 60 ] CVE-2013-1677\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1677\n[ 61 ] CVE-2013-1678\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1678\n[ 62 ] CVE-2013-1679\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1679\n[ 63 ] CVE-2013-1680\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1680\n[ 64 ] CVE-2013-1681\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1681\n[ 65 ] CVE-2013-1682\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1682\n[ 66 ] CVE-2013-1684\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1684\n[ 67 ] CVE-2013-1687\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1687\n[ 68 ] CVE-2013-1690\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1690\n[ 69 ] CVE-2013-1692\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1692\n[ 70 ] CVE-2013-1693\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1693\n[ 71 ] CVE-2013-1694\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1694\n[ 72 ] CVE-2013-1697\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1697\n[ 73 ] CVE-2013-1701\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1701\n[ 74 ] CVE-2013-1702\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1702\n[ 75 ] CVE-2013-1704\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1704\n[ 76 ] CVE-2013-1705\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1705\n[ 77 ] CVE-2013-1707\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1707\n[ 78 ] CVE-2013-1708\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1708\n[ 79 ] CVE-2013-1709\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1709\n[ 80 ] CVE-2013-1710\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1710\n[ 81 ] CVE-2013-1711\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1711\n[ 82 ] CVE-2013-1712\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1712\n[ 83 ] CVE-2013-1713\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1713\n[ 84 ] CVE-2013-1714\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1714\n[ 85 ] CVE-2013-1717\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1717\n[ 86 ] CVE-2013-1718\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1718\n[ 87 ] CVE-2013-1719\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1719\n[ 88 ] CVE-2013-1720\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1720\n[ 89 ] CVE-2013-1722\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1722\n[ 90 ] CVE-2013-1723\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1723\n[ 91 ] CVE-2013-1724\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1724\n[ 92 ] CVE-2013-1725\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1725\n[ 93 ] CVE-2013-1726\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1726\n[ 94 ] CVE-2013-1728\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1728\n[ 95 ] CVE-2013-1730\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1730\n[ 96 ] CVE-2013-1732\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1732\n[ 97 ] CVE-2013-1735\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1735\n[ 98 ] CVE-2013-1736\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1736\n[ 99 ] CVE-2013-1737\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1737\n[ 100 ] CVE-2013-1738\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1738\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-201309-23.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2013 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=====================================================================\n Red Hat Security Advisory\n\nSynopsis: Critical: firefox security update\nAdvisory ID: RHSA-2013:0696-01\nProduct: Red Hat Enterprise Linux\nAdvisory URL: https://rhn.redhat.com/errata/RHSA-2013-0696.html\nIssue date: 2013-04-02\nCVE Names: CVE-2013-0788 CVE-2013-0793 CVE-2013-0795 \n CVE-2013-0796 CVE-2013-0800 \n=====================================================================\n\n1. Summary:\n\nUpdated firefox packages that fix several security issues are now available\nfor Red Hat Enterprise Linux 5 and 6. \n\nThe Red Hat Security Response Team has rated this update as having critical\nsecurity impact. Common Vulnerability Scoring System (CVSS) base scores,\nwhich give detailed severity ratings, are available for each vulnerability\nfrom the CVE links in the References section. \n\n2. Relevant releases/architectures:\n\nRHEL Desktop Workstation (v. 5 client) - i386, x86_64\nRed Hat Enterprise Linux (v. 5 server) - i386, ia64, ppc, s390x, x86_64\nRed Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64\nRed Hat Enterprise Linux Desktop (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Desktop Optional (v. 6) - i386, x86_64\nRed Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64\nRed Hat Enterprise Linux Server (v. 6) - i386, ppc64, s390x, x86_64\nRed Hat Enterprise Linux Server Optional (v. 6) - i386, ppc64, s390x, x86_64\nRed Hat Enterprise Linux Workstation (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Workstation Optional (v. 6) - i386, x86_64\n\n3. Description:\n\nMozilla Firefox is an open source web browser. XULRunner provides the XUL\nRuntime environment for Mozilla Firefox. \n\nSeveral flaws were found in the processing of malformed web content. A web\npage containing malicious content could cause Firefox to crash or,\npotentially, execute arbitrary code with the privileges of the user running\nFirefox. (CVE-2013-0788)\n\nA flaw was found in the way Same Origin Wrappers were implemented in\nFirefox. (CVE-2013-0795)\n\nA flaw was found in the embedded WebGL library in Firefox. A web page\ncontaining malicious content could cause Firefox to crash or, potentially,\nexecute arbitrary code with the privileges of the user running Firefox. \nNote: This issue only affected systems using the Intel Mesa graphics\ndrivers. (CVE-2013-0796)\n\nAn out-of-bounds write flaw was found in the embedded Cairo library in\nFirefox. A web page containing malicious content could cause Firefox to\ncrash or, potentially, execute arbitrary code with the privileges of the\nuser running Firefox. (CVE-2013-0800)\n\nA flaw was found in the way Firefox handled the JavaScript history\nfunctions. A malicious site could cause a web page to be displayed that has\na baseURI pointing to a different site, allowing cross-site scripting (XSS)\nand phishing attacks. (CVE-2013-0793)\n\nRed Hat would like to thank the Mozilla project for reporting these issues. \nUpstream acknowledges Olli Pettay, Jesse Ruderman, Boris Zbarsky, Christian\nHoller, Milan Sreckovic, Joe Drew, Cody Crews, miaubiz, Abhishek Arya, and\nMariusz Mlynski as the original reporters of these issues. \n\nFor technical details regarding these flaws, refer to the Mozilla security\nadvisories for Firefox 17.0.5 ESR. You can find a link to the Mozilla\nadvisories in the References section of this erratum. \n\nAll Firefox users should upgrade to these updated packages, which contain\nFirefox version 17.0.5 ESR, which corrects these issues. After installing\nthe update, Firefox must be restarted for the changes to take effect. \n\n4. Solution:\n\nBefore applying this update, make sure all previously-released errata\nrelevant to your system have been applied. \n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258\n\n5. Bugs fixed (http://bugzilla.redhat.com/):\n\n946927 - CVE-2013-0788 Mozilla: Miscellaneous memory safety hazards (rv:17.0.5) (MFSA 2013-30)\n946929 - CVE-2013-0800 Mozilla: Out-of-bounds write in Cairo library (MFSA 2013-31)\n946931 - CVE-2013-0796 Mozilla: WebGL crash with Mesa graphics driver on Linux (MFSA 2013-35)\n946932 - CVE-2013-0795 Mozilla: Bypass of SOW protections allows cloning of protected nodes (MFSA 2013-36)\n946935 - CVE-2013-0793 Mozilla: Cross-site scripting (XSS) using timed history navigations (MFSA 2013-38)\n\n6. Package List:\n\nRed Hat Enterprise Linux Desktop (v. 5 client):\n\nSource:\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/firefox-17.0.5-1.el5_9.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/firefox-17.0.5-1.el5_9.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/xulrunner-17.0.5-1.el5_9.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/xulrunner-17.0.5-1.el5_9.src.rpm\n\ni386:\nfirefox-17.0.5-1.el5_9.i386.rpm\nfirefox-17.0.5-1.el5_9.i386.rpm\nfirefox-debuginfo-17.0.5-1.el5_9.i386.rpm\nfirefox-debuginfo-17.0.5-1.el5_9.i386.rpm\nxulrunner-17.0.5-1.el5_9.i386.rpm\nxulrunner-17.0.5-1.el5_9.i386.rpm\nxulrunner-debuginfo-17.0.5-1.el5_9.i386.rpm\nxulrunner-debuginfo-17.0.5-1.el5_9.i386.rpm\n\nx86_64:\nfirefox-17.0.5-1.el5_9.i386.rpm\nfirefox-17.0.5-1.el5_9.i386.rpm\nfirefox-17.0.5-1.el5_9.x86_64.rpm\nfirefox-17.0.5-1.el5_9.x86_64.rpm\nfirefox-debuginfo-17.0.5-1.el5_9.i386.rpm\nfirefox-debuginfo-17.0.5-1.el5_9.i386.rpm\nfirefox-debuginfo-17.0.5-1.el5_9.x86_64.rpm\nfirefox-debuginfo-17.0.5-1.el5_9.x86_64.rpm\nxulrunner-17.0.5-1.el5_9.i386.rpm\nxulrunner-17.0.5-1.el5_9.i386.rpm\nxulrunner-17.0.5-1.el5_9.x86_64.rpm\nxulrunner-17.0.5-1.el5_9.x86_64.rpm\nxulrunner-debuginfo-17.0.5-1.el5_9.i386.rpm\nxulrunner-debuginfo-17.0.5-1.el5_9.i386.rpm\nxulrunner-debuginfo-17.0.5-1.el5_9.x86_64.rpm\nxulrunner-debuginfo-17.0.5-1.el5_9.x86_64.rpm\n\nRHEL Desktop Workstation (v. 5 client):\n\nSource:\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/xulrunner-17.0.5-1.el5_9.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/xulrunner-17.0.5-1.el5_9.src.rpm\n\ni386:\nxulrunner-debuginfo-17.0.5-1.el5_9.i386.rpm\nxulrunner-debuginfo-17.0.5-1.el5_9.i386.rpm\nxulrunner-devel-17.0.5-1.el5_9.i386.rpm\nxulrunner-devel-17.0.5-1.el5_9.i386.rpm\n\nx86_64:\nxulrunner-debuginfo-17.0.5-1.el5_9.i386.rpm\nxulrunner-debuginfo-17.0.5-1.el5_9.i386.rpm\nxulrunner-debuginfo-17.0.5-1.el5_9.x86_64.rpm\nxulrunner-debuginfo-17.0.5-1.el5_9.x86_64.rpm\nxulrunner-devel-17.0.5-1.el5_9.i386.rpm\nxulrunner-devel-17.0.5-1.el5_9.i386.rpm\nxulrunner-devel-17.0.5-1.el5_9.x86_64.rpm\nxulrunner-devel-17.0.5-1.el5_9.x86_64.rpm\n\nRed Hat Enterprise Linux (v. 5 server):\n\nSource:\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Server/en/os/SRPMS/firefox-17.0.5-1.el5_9.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Server/en/os/SRPMS/firefox-17.0.5-1.el5_9.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Server/en/os/SRPMS/xulrunner-17.0.5-1.el5_9.src.rpm\n\ni386:\nfirefox-17.0.5-1.el5_9.i386.rpm\nfirefox-17.0.5-1.el5_9.i386.rpm\nfirefox-debuginfo-17.0.5-1.el5_9.i386.rpm\nfirefox-debuginfo-17.0.5-1.el5_9.i386.rpm\nxulrunner-17.0.5-1.el5_9.i386.rpm\nxulrunner-debuginfo-17.0.5-1.el5_9.i386.rpm\nxulrunner-debuginfo-17.0.5-1.el5_9.i386.rpm\nxulrunner-devel-17.0.5-1.el5_9.i386.rpm\nxulrunner-devel-17.0.5-1.el5_9.i386.rpm\n\nia64:\nfirefox-17.0.5-1.el5_9.ia64.rpm\nfirefox-17.0.5-1.el5_9.ia64.rpm\nfirefox-debuginfo-17.0.5-1.el5_9.ia64.rpm\nfirefox-debuginfo-17.0.5-1.el5_9.ia64.rpm\nxulrunner-17.0.5-1.el5_9.ia64.rpm\nxulrunner-debuginfo-17.0.5-1.el5_9.ia64.rpm\nxulrunner-debuginfo-17.0.5-1.el5_9.ia64.rpm\nxulrunner-devel-17.0.5-1.el5_9.ia64.rpm\nxulrunner-devel-17.0.5-1.el5_9.ia64.rpm\n\nppc:\nfirefox-17.0.5-1.el5_9.ppc.rpm\nfirefox-17.0.5-1.el5_9.ppc.rpm\nfirefox-debuginfo-17.0.5-1.el5_9.ppc.rpm\nfirefox-debuginfo-17.0.5-1.el5_9.ppc.rpm\nxulrunner-17.0.5-1.el5_9.ppc.rpm\nxulrunner-17.0.5-1.el5_9.ppc64.rpm\nxulrunner-debuginfo-17.0.5-1.el5_9.ppc.rpm\nxulrunner-debuginfo-17.0.5-1.el5_9.ppc.rpm\nxulrunner-debuginfo-17.0.5-1.el5_9.ppc64.rpm\nxulrunner-debuginfo-17.0.5-1.el5_9.ppc64.rpm\nxulrunner-devel-17.0.5-1.el5_9.ppc.rpm\nxulrunner-devel-17.0.5-1.el5_9.ppc64.rpm\n\ns390x:\nfirefox-17.0.5-1.el5_9.s390.rpm\nfirefox-17.0.5-1.el5_9.s390.rpm\nfirefox-17.0.5-1.el5_9.s390x.rpm\nfirefox-17.0.5-1.el5_9.s390x.rpm\nfirefox-debuginfo-17.0.5-1.el5_9.s390.rpm\nfirefox-debuginfo-17.0.5-1.el5_9.s390.rpm\nfirefox-debuginfo-17.0.5-1.el5_9.s390x.rpm\nfirefox-debuginfo-17.0.5-1.el5_9.s390x.rpm\nxulrunner-17.0.5-1.el5_9.s390.rpm\nxulrunner-17.0.5-1.el5_9.s390x.rpm\nxulrunner-debuginfo-17.0.5-1.el5_9.s390.rpm\nxulrunner-debuginfo-17.0.5-1.el5_9.s390.rpm\nxulrunner-debuginfo-17.0.5-1.el5_9.s390x.rpm\nxulrunner-debuginfo-17.0.5-1.el5_9.s390x.rpm\nxulrunner-devel-17.0.5-1.el5_9.s390.rpm\nxulrunner-devel-17.0.5-1.el5_9.s390x.rpm\n\nx86_64:\nfirefox-17.0.5-1.el5_9.i386.rpm\nfirefox-17.0.5-1.el5_9.i386.rpm\nfirefox-17.0.5-1.el5_9.x86_64.rpm\nfirefox-17.0.5-1.el5_9.x86_64.rpm\nfirefox-debuginfo-17.0.5-1.el5_9.i386.rpm\nfirefox-debuginfo-17.0.5-1.el5_9.i386.rpm\nfirefox-debuginfo-17.0.5-1.el5_9.x86_64.rpm\nfirefox-debuginfo-17.0.5-1.el5_9.x86_64.rpm\nxulrunner-17.0.5-1.el5_9.i386.rpm\nxulrunner-17.0.5-1.el5_9.x86_64.rpm\nxulrunner-debuginfo-17.0.5-1.el5_9.i386.rpm\nxulrunner-debuginfo-17.0.5-1.el5_9.i386.rpm\nxulrunner-debuginfo-17.0.5-1.el5_9.x86_64.rpm\nxulrunner-debuginfo-17.0.5-1.el5_9.x86_64.rpm\nxulrunner-devel-17.0.5-1.el5_9.i386.rpm\nxulrunner-devel-17.0.5-1.el5_9.i386.rpm\nxulrunner-devel-17.0.5-1.el5_9.x86_64.rpm\n\nRed Hat Enterprise Linux Desktop (v. 6):\n\nSource:\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Client/en/os/SRPMS/firefox-17.0.5-1.el6_4.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Client/en/os/SRPMS/firefox-17.0.5-1.el6_4.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Client/en/os/SRPMS/xulrunner-17.0.5-1.el6_4.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Client/en/os/SRPMS/xulrunner-17.0.5-1.el6_4.src.rpm\n\ni386:\nfirefox-17.0.5-1.el6_4.i686.rpm\nfirefox-17.0.5-1.el6_4.i686.rpm\nfirefox-debuginfo-17.0.5-1.el6_4.i686.rpm\nfirefox-debuginfo-17.0.5-1.el6_4.i686.rpm\nxulrunner-17.0.5-1.el6_4.i686.rpm\nxulrunner-17.0.5-1.el6_4.i686.rpm\nxulrunner-debuginfo-17.0.5-1.el6_4.i686.rpm\nxulrunner-debuginfo-17.0.5-1.el6_4.i686.rpm\n\nx86_64:\nfirefox-17.0.5-1.el6_4.i686.rpm\nfirefox-17.0.5-1.el6_4.i686.rpm\nfirefox-17.0.5-1.el6_4.x86_64.rpm\nfirefox-17.0.5-1.el6_4.x86_64.rpm\nfirefox-debuginfo-17.0.5-1.el6_4.i686.rpm\nfirefox-debuginfo-17.0.5-1.el6_4.i686.rpm\nfirefox-debuginfo-17.0.5-1.el6_4.x86_64.rpm\nfirefox-debuginfo-17.0.5-1.el6_4.x86_64.rpm\nxulrunner-17.0.5-1.el6_4.i686.rpm\nxulrunner-17.0.5-1.el6_4.i686.rpm\nxulrunner-17.0.5-1.el6_4.x86_64.rpm\nxulrunner-17.0.5-1.el6_4.x86_64.rpm\nxulrunner-debuginfo-17.0.5-1.el6_4.i686.rpm\nxulrunner-debuginfo-17.0.5-1.el6_4.i686.rpm\nxulrunner-debuginfo-17.0.5-1.el6_4.x86_64.rpm\nxulrunner-debuginfo-17.0.5-1.el6_4.x86_64.rpm\n\nRed Hat Enterprise Linux Desktop Optional (v. 6):\n\nSource:\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Client/en/os/SRPMS/xulrunner-17.0.5-1.el6_4.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Client/en/os/SRPMS/xulrunner-17.0.5-1.el6_4.src.rpm\n\ni386:\nxulrunner-debuginfo-17.0.5-1.el6_4.i686.rpm\nxulrunner-debuginfo-17.0.5-1.el6_4.i686.rpm\nxulrunner-devel-17.0.5-1.el6_4.i686.rpm\nxulrunner-devel-17.0.5-1.el6_4.i686.rpm\n\nx86_64:\nxulrunner-debuginfo-17.0.5-1.el6_4.i686.rpm\nxulrunner-debuginfo-17.0.5-1.el6_4.i686.rpm\nxulrunner-debuginfo-17.0.5-1.el6_4.x86_64.rpm\nxulrunner-debuginfo-17.0.5-1.el6_4.x86_64.rpm\nxulrunner-devel-17.0.5-1.el6_4.i686.rpm\nxulrunner-devel-17.0.5-1.el6_4.i686.rpm\nxulrunner-devel-17.0.5-1.el6_4.x86_64.rpm\nxulrunner-devel-17.0.5-1.el6_4.x86_64.rpm\n\nRed Hat Enterprise Linux HPC Node Optional (v. 6):\n\nSource:\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6ComputeNode/en/os/SRPMS/firefox-17.0.5-1.el6_4.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6ComputeNode/en/os/SRPMS/firefox-17.0.5-1.el6_4.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6ComputeNode/en/os/SRPMS/xulrunner-17.0.5-1.el6_4.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6ComputeNode/en/os/SRPMS/xulrunner-17.0.5-1.el6_4.src.rpm\n\nx86_64:\nfirefox-17.0.5-1.el6_4.i686.rpm\nfirefox-17.0.5-1.el6_4.i686.rpm\nfirefox-17.0.5-1.el6_4.x86_64.rpm\nfirefox-17.0.5-1.el6_4.x86_64.rpm\nfirefox-debuginfo-17.0.5-1.el6_4.i686.rpm\nfirefox-debuginfo-17.0.5-1.el6_4.i686.rpm\nfirefox-debuginfo-17.0.5-1.el6_4.x86_64.rpm\nfirefox-debuginfo-17.0.5-1.el6_4.x86_64.rpm\nxulrunner-17.0.5-1.el6_4.i686.rpm\nxulrunner-17.0.5-1.el6_4.i686.rpm\nxulrunner-17.0.5-1.el6_4.x86_64.rpm\nxulrunner-17.0.5-1.el6_4.x86_64.rpm\nxulrunner-debuginfo-17.0.5-1.el6_4.i686.rpm\nxulrunner-debuginfo-17.0.5-1.el6_4.i686.rpm\nxulrunner-debuginfo-17.0.5-1.el6_4.x86_64.rpm\nxulrunner-debuginfo-17.0.5-1.el6_4.x86_64.rpm\nxulrunner-devel-17.0.5-1.el6_4.i686.rpm\nxulrunner-devel-17.0.5-1.el6_4.i686.rpm\nxulrunner-devel-17.0.5-1.el6_4.x86_64.rpm\nxulrunner-devel-17.0.5-1.el6_4.x86_64.rpm\n\nRed Hat Enterprise Linux Server (v. 6):\n\nSource:\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/os/SRPMS/firefox-17.0.5-1.el6_4.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/os/SRPMS/firefox-17.0.5-1.el6_4.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/os/SRPMS/xulrunner-17.0.5-1.el6_4.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/os/SRPMS/xulrunner-17.0.5-1.el6_4.src.rpm\n\ni386:\nfirefox-17.0.5-1.el6_4.i686.rpm\nfirefox-17.0.5-1.el6_4.i686.rpm\nfirefox-debuginfo-17.0.5-1.el6_4.i686.rpm\nfirefox-debuginfo-17.0.5-1.el6_4.i686.rpm\nxulrunner-17.0.5-1.el6_4.i686.rpm\nxulrunner-17.0.5-1.el6_4.i686.rpm\nxulrunner-debuginfo-17.0.5-1.el6_4.i686.rpm\nxulrunner-debuginfo-17.0.5-1.el6_4.i686.rpm\n\nppc64:\nfirefox-17.0.5-1.el6_4.ppc.rpm\nfirefox-17.0.5-1.el6_4.ppc.rpm\nfirefox-17.0.5-1.el6_4.ppc64.rpm\nfirefox-17.0.5-1.el6_4.ppc64.rpm\nfirefox-debuginfo-17.0.5-1.el6_4.ppc.rpm\nfirefox-debuginfo-17.0.5-1.el6_4.ppc.rpm\nfirefox-debuginfo-17.0.5-1.el6_4.ppc64.rpm\nfirefox-debuginfo-17.0.5-1.el6_4.ppc64.rpm\nxulrunner-17.0.5-1.el6_4.ppc.rpm\nxulrunner-17.0.5-1.el6_4.ppc.rpm\nxulrunner-17.0.5-1.el6_4.ppc64.rpm\nxulrunner-17.0.5-1.el6_4.ppc64.rpm\nxulrunner-debuginfo-17.0.5-1.el6_4.ppc.rpm\nxulrunner-debuginfo-17.0.5-1.el6_4.ppc.rpm\nxulrunner-debuginfo-17.0.5-1.el6_4.ppc64.rpm\nxulrunner-debuginfo-17.0.5-1.el6_4.ppc64.rpm\n\ns390x:\nfirefox-17.0.5-1.el6_4.s390.rpm\nfirefox-17.0.5-1.el6_4.s390.rpm\nfirefox-17.0.5-1.el6_4.s390x.rpm\nfirefox-17.0.5-1.el6_4.s390x.rpm\nfirefox-debuginfo-17.0.5-1.el6_4.s390.rpm\nfirefox-debuginfo-17.0.5-1.el6_4.s390.rpm\nfirefox-debuginfo-17.0.5-1.el6_4.s390x.rpm\nfirefox-debuginfo-17.0.5-1.el6_4.s390x.rpm\nxulrunner-17.0.5-1.el6_4.s390.rpm\nxulrunner-17.0.5-1.el6_4.s390.rpm\nxulrunner-17.0.5-1.el6_4.s390x.rpm\nxulrunner-17.0.5-1.el6_4.s390x.rpm\nxulrunner-debuginfo-17.0.5-1.el6_4.s390.rpm\nxulrunner-debuginfo-17.0.5-1.el6_4.s390.rpm\nxulrunner-debuginfo-17.0.5-1.el6_4.s390x.rpm\nxulrunner-debuginfo-17.0.5-1.el6_4.s390x.rpm\n\nx86_64:\nfirefox-17.0.5-1.el6_4.i686.rpm\nfirefox-17.0.5-1.el6_4.i686.rpm\nfirefox-17.0.5-1.el6_4.x86_64.rpm\nfirefox-17.0.5-1.el6_4.x86_64.rpm\nfirefox-debuginfo-17.0.5-1.el6_4.i686.rpm\nfirefox-debuginfo-17.0.5-1.el6_4.i686.rpm\nfirefox-debuginfo-17.0.5-1.el6_4.x86_64.rpm\nfirefox-debuginfo-17.0.5-1.el6_4.x86_64.rpm\nxulrunner-17.0.5-1.el6_4.i686.rpm\nxulrunner-17.0.5-1.el6_4.i686.rpm\nxulrunner-17.0.5-1.el6_4.x86_64.rpm\nxulrunner-17.0.5-1.el6_4.x86_64.rpm\nxulrunner-debuginfo-17.0.5-1.el6_4.i686.rpm\nxulrunner-debuginfo-17.0.5-1.el6_4.i686.rpm\nxulrunner-debuginfo-17.0.5-1.el6_4.x86_64.rpm\nxulrunner-debuginfo-17.0.5-1.el6_4.x86_64.rpm\n\nRed Hat Enterprise Linux Server Optional (v. 6):\n\nSource:\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/os/SRPMS/xulrunner-17.0.5-1.el6_4.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/os/SRPMS/xulrunner-17.0.5-1.el6_4.src.rpm\n\ni386:\nxulrunner-debuginfo-17.0.5-1.el6_4.i686.rpm\nxulrunner-debuginfo-17.0.5-1.el6_4.i686.rpm\nxulrunner-devel-17.0.5-1.el6_4.i686.rpm\nxulrunner-devel-17.0.5-1.el6_4.i686.rpm\n\nppc64:\nxulrunner-debuginfo-17.0.5-1.el6_4.ppc.rpm\nxulrunner-debuginfo-17.0.5-1.el6_4.ppc.rpm\nxulrunner-debuginfo-17.0.5-1.el6_4.ppc64.rpm\nxulrunner-debuginfo-17.0.5-1.el6_4.ppc64.rpm\nxulrunner-devel-17.0.5-1.el6_4.ppc.rpm\nxulrunner-devel-17.0.5-1.el6_4.ppc.rpm\nxulrunner-devel-17.0.5-1.el6_4.ppc64.rpm\nxulrunner-devel-17.0.5-1.el6_4.ppc64.rpm\n\ns390x:\nxulrunner-debuginfo-17.0.5-1.el6_4.s390.rpm\nxulrunner-debuginfo-17.0.5-1.el6_4.s390.rpm\nxulrunner-debuginfo-17.0.5-1.el6_4.s390x.rpm\nxulrunner-debuginfo-17.0.5-1.el6_4.s390x.rpm\nxulrunner-devel-17.0.5-1.el6_4.s390.rpm\nxulrunner-devel-17.0.5-1.el6_4.s390.rpm\nxulrunner-devel-17.0.5-1.el6_4.s390x.rpm\nxulrunner-devel-17.0.5-1.el6_4.s390x.rpm\n\nx86_64:\nxulrunner-debuginfo-17.0.5-1.el6_4.i686.rpm\nxulrunner-debuginfo-17.0.5-1.el6_4.i686.rpm\nxulrunner-debuginfo-17.0.5-1.el6_4.x86_64.rpm\nxulrunner-debuginfo-17.0.5-1.el6_4.x86_64.rpm\nxulrunner-devel-17.0.5-1.el6_4.i686.rpm\nxulrunner-devel-17.0.5-1.el6_4.i686.rpm\nxulrunner-devel-17.0.5-1.el6_4.x86_64.rpm\nxulrunner-devel-17.0.5-1.el6_4.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation (v. 6):\n\nSource:\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Workstation/en/os/SRPMS/firefox-17.0.5-1.el6_4.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Workstation/en/os/SRPMS/firefox-17.0.5-1.el6_4.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Workstation/en/os/SRPMS/xulrunner-17.0.5-1.el6_4.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Workstation/en/os/SRPMS/xulrunner-17.0.5-1.el6_4.src.rpm\n\ni386:\nfirefox-17.0.5-1.el6_4.i686.rpm\nfirefox-17.0.5-1.el6_4.i686.rpm\nfirefox-debuginfo-17.0.5-1.el6_4.i686.rpm\nfirefox-debuginfo-17.0.5-1.el6_4.i686.rpm\nxulrunner-17.0.5-1.el6_4.i686.rpm\nxulrunner-17.0.5-1.el6_4.i686.rpm\nxulrunner-debuginfo-17.0.5-1.el6_4.i686.rpm\nxulrunner-debuginfo-17.0.5-1.el6_4.i686.rpm\n\nx86_64:\nfirefox-17.0.5-1.el6_4.i686.rpm\nfirefox-17.0.5-1.el6_4.i686.rpm\nfirefox-17.0.5-1.el6_4.x86_64.rpm\nfirefox-17.0.5-1.el6_4.x86_64.rpm\nfirefox-debuginfo-17.0.5-1.el6_4.i686.rpm\nfirefox-debuginfo-17.0.5-1.el6_4.i686.rpm\nfirefox-debuginfo-17.0.5-1.el6_4.x86_64.rpm\nfirefox-debuginfo-17.0.5-1.el6_4.x86_64.rpm\nxulrunner-17.0.5-1.el6_4.i686.rpm\nxulrunner-17.0.5-1.el6_4.i686.rpm\nxulrunner-17.0.5-1.el6_4.x86_64.rpm\nxulrunner-17.0.5-1.el6_4.x86_64.rpm\nxulrunner-debuginfo-17.0.5-1.el6_4.i686.rpm\nxulrunner-debuginfo-17.0.5-1.el6_4.i686.rpm\nxulrunner-debuginfo-17.0.5-1.el6_4.x86_64.rpm\nxulrunner-debuginfo-17.0.5-1.el6_4.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation Optional (v. 6):\n\nSource:\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Workstation/en/os/SRPMS/xulrunner-17.0.5-1.el6_4.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Workstation/en/os/SRPMS/xulrunner-17.0.5-1.el6_4.src.rpm\n\ni386:\nxulrunner-debuginfo-17.0.5-1.el6_4.i686.rpm\nxulrunner-debuginfo-17.0.5-1.el6_4.i686.rpm\nxulrunner-devel-17.0.5-1.el6_4.i686.rpm\nxulrunner-devel-17.0.5-1.el6_4.i686.rpm\n\nx86_64:\nxulrunner-debuginfo-17.0.5-1.el6_4.i686.rpm\nxulrunner-debuginfo-17.0.5-1.el6_4.i686.rpm\nxulrunner-debuginfo-17.0.5-1.el6_4.x86_64.rpm\nxulrunner-debuginfo-17.0.5-1.el6_4.x86_64.rpm\nxulrunner-devel-17.0.5-1.el6_4.i686.rpm\nxulrunner-devel-17.0.5-1.el6_4.i686.rpm\nxulrunner-devel-17.0.5-1.el6_4.x86_64.rpm\nxulrunner-devel-17.0.5-1.el6_4.x86_64.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/#package\n\n7. References:\n\nhttps://www.redhat.com/security/data/cve/CVE-2013-0788.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-0793.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-0795.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-0796.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-0800.html\nhttps://access.redhat.com/security/updates/classification/#critical\nhttp://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2013 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.4 (GNU/Linux)\n\niD8DBQFRWzt5XlSAg2UNWIIRAobXAJ9/uirvEeOiGpegRbi/Fdtv9BRXUACeMYpK\ntaMjOQZpo7Ea1JPyhBWhy7M=\n=2sCd\n-----END PGP SIGNATURE-----\n\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n. \n\nNote: All issues except CVE-2013-0800 cannot be exploited by a\nspecially-crafted HTML mail message as JavaScript is disabled by default\nfor mail messages. They could be exploited another way in Thunderbird, for\nexample, when viewing the full remote content of an RSS feed. A crafted PNG image could use this flaw to leak\n data through rendered images drawing from random memory. \n \n Security researcher Mariusz Mlynski reported a method to use browser\n navigations through history to load an arbitrary website with that\n page\u0026#039;s baseURI property pointing to another site instead of the\n seemingly loaded one. The user will continue to see the incorrect\n site in the addressbar of the browser. This allows violation of the browser\u0026#039;s same origin\n policy and could also lead to privilege escalation and the execution\n of arbitrary code (CVE-2013-0795). \n \n Security researcher miaubiz used the Address Sanitizer tool to\n discover a crash in WebGL rendering when memory is freed that has\n not previously been allocated. The resulting crash could be\n potentially exploitable (CVE-2013-0796). When certain values\n are passed to it during rendering, Cairo attempts to use negative\n boundaries or sizes for boxes, leading to a potentially exploitable\n crash in some instances (CVE-2013-0800). \n \n Mozilla developers identified and fixed several memory safety\n bugs in the browser engine used in Firefox and other Mozilla-based\n products. Some of these bugs showed evidence of memory corruption under\n certain circumstances, and we presume that with enough effort at least\n some of these could be exploited to run arbitrary code (CVE-2013-0788). \n _______________________________________________________________________\n\n References:\n\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0792\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0793\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0795\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0796\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0800\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0788\n http://www.mozilla.org/security/announce/2013/mfsa2013-39.html\n http://www.mozilla.org/security/announce/2013/mfsa2013-38.html\n http://www.mozilla.org/security/announce/2013/mfsa2013-36.html\n http://www.mozilla.org/security/announce/2013/mfsa2013-35.html\n http://www.mozilla.org/security/announce/2013/mfsa2013-31.html\n http://www.mozilla.org/security/announce/2013/mfsa2013-30.html\n _______________________________________________________________________\n\n Updated Packages:\n\n Mandriva Enterprise Server 5:\n 0db2c1631a956f6147230a099f1d2d68 mes5/i586/firefox-17.0.5-0.1mdvmes5.2.i586.rpm\n b6accdf420ac5eb3dbea29d283fff049 mes5/i586/firefox-af-17.0.5-0.1mdvmes5.2.i586.rpm\n a434d7ee9d360c2b555873e8c93aac2a mes5/i586/firefox-ar-17.0.5-0.1mdvmes5.2.i586.rpm\n 3b64b73c7cb465fee179b140656a065d mes5/i586/firefox-be-17.0.5-0.1mdvmes5.2.i586.rpm\n 967b03abad307a338d0709df85e1ec1e mes5/i586/firefox-bg-17.0.5-0.1mdvmes5.2.i586.rpm\n 715fef97490152afcea942e32d9f8fae mes5/i586/firefox-bn-17.0.5-0.1mdvmes5.2.i586.rpm\n 46bac62630e189f9d6f7f2d90a5e1c4e mes5/i586/firefox-ca-17.0.5-0.1mdvmes5.2.i586.rpm\n 64143512420338cc54a073be91ccbf9d mes5/i586/firefox-cs-17.0.5-0.1mdvmes5.2.i586.rpm\n ba627030e474fb62caf34b2280e2432f mes5/i586/firefox-cy-17.0.5-0.1mdvmes5.2.i586.rpm\n d2ba69795c243c8aad3e56f1ba3190b4 mes5/i586/firefox-da-17.0.5-0.1mdvmes5.2.i586.rpm\n 81473710741c44e227e930f512a890d7 mes5/i586/firefox-de-17.0.5-0.1mdvmes5.2.i586.rpm\n 7d787c3a0eabf7b514083f267037cbdd mes5/i586/firefox-devel-17.0.5-0.1mdvmes5.2.i586.rpm\n f279d611e9a8233cec0090439e0bbc30 mes5/i586/firefox-el-17.0.5-0.1mdvmes5.2.i586.rpm\n 5ad88edccb4a8cb75d58464ed2201e2a mes5/i586/firefox-en_GB-17.0.5-0.1mdvmes5.2.i586.rpm\n 7c2bdafe6cf1219d33df634b40ca7f33 mes5/i586/firefox-eo-17.0.5-0.1mdvmes5.2.i586.rpm\n 6e8e3cc43e1b5326d886780d5409ff57 mes5/i586/firefox-es_AR-17.0.5-0.1mdvmes5.2.i586.rpm\n 8608ba9849ea4f56ac60475ccfc3acd7 mes5/i586/firefox-es_ES-17.0.5-0.1mdvmes5.2.i586.rpm\n b6de17fad95679a08dfc420f51d5e0fa mes5/i586/firefox-et-17.0.5-0.1mdvmes5.2.i586.rpm\n 7d5281fe391c7bcbc4f49369e00ce6f0 mes5/i586/firefox-eu-17.0.5-0.1mdvmes5.2.i586.rpm\n dfacd04856fb4529fb0ebdabbad374f9 mes5/i586/firefox-fi-17.0.5-0.1mdvmes5.2.i586.rpm\n b98f1800a67f8fec9dcbca77edd41ac4 mes5/i586/firefox-fr-17.0.5-0.1mdvmes5.2.i586.rpm\n eed03047da1e7642f207cb8821dbd95f mes5/i586/firefox-fy-17.0.5-0.1mdvmes5.2.i586.rpm\n 3f110cc8c73665a709b97bf554b835cc mes5/i586/firefox-ga_IE-17.0.5-0.1mdvmes5.2.i586.rpm\n 0ad55037b7527a452626a84dade35f56 mes5/i586/firefox-gl-17.0.5-0.1mdvmes5.2.i586.rpm\n e0272d903a0f8b1c938dded3626ac89a mes5/i586/firefox-gu_IN-17.0.5-0.1mdvmes5.2.i586.rpm\n 6bdc9c6edcc036122d131b6bf5a341ec mes5/i586/firefox-he-17.0.5-0.1mdvmes5.2.i586.rpm\n 8fd0ad163782a228e9176f1618dbae2f mes5/i586/firefox-hi-17.0.5-0.1mdvmes5.2.i586.rpm\n cef589c92b95defd03297a43a4a65e65 mes5/i586/firefox-hu-17.0.5-0.1mdvmes5.2.i586.rpm\n 6a4e24d1c59f774cab7ea341dedde5e5 mes5/i586/firefox-id-17.0.5-0.1mdvmes5.2.i586.rpm\n 617d63908bfa91b171a5e40acdfbb058 mes5/i586/firefox-is-17.0.5-0.1mdvmes5.2.i586.rpm\n 89d72f5231e362ffbcb74c5ebd9d2789 mes5/i586/firefox-it-17.0.5-0.1mdvmes5.2.i586.rpm\n 46e283185529cf7e3b55208e928d3e21 mes5/i586/firefox-ja-17.0.5-0.1mdvmes5.2.i586.rpm\n 9cb48d986cb94e843740461ccdc7e344 mes5/i586/firefox-kn-17.0.5-0.1mdvmes5.2.i586.rpm\n b4a30b6ae86cf07f9e15a5921ccf367c mes5/i586/firefox-ko-17.0.5-0.1mdvmes5.2.i586.rpm\n 447af559ce4a0a7cd0ff00ad81466966 mes5/i586/firefox-ku-17.0.5-0.1mdvmes5.2.i586.rpm\n f16fa703cc4611f42ef618a2709467ce mes5/i586/firefox-lt-17.0.5-0.1mdvmes5.2.i586.rpm\n f2f05879c892085be5d0fa4e9c787ae7 mes5/i586/firefox-lv-17.0.5-0.1mdvmes5.2.i586.rpm\n f166cef7eeae485e939a9964df355ffe mes5/i586/firefox-mk-17.0.5-0.1mdvmes5.2.i586.rpm\n a2d9533d98cd613ff49ace2dd3c4aaaf mes5/i586/firefox-mr-17.0.5-0.1mdvmes5.2.i586.rpm\n 04e604773ab19ad5060c53d906c7d222 mes5/i586/firefox-nb_NO-17.0.5-0.1mdvmes5.2.i586.rpm\n ea691e1ecd5cfac906a077614841100f mes5/i586/firefox-nl-17.0.5-0.1mdvmes5.2.i586.rpm\n 0b7dac86ef507b78504a6f507d2b82b6 mes5/i586/firefox-nn_NO-17.0.5-0.1mdvmes5.2.i586.rpm\n b5a1616579bd3804eb500a75aa9b040e mes5/i586/firefox-pa_IN-17.0.5-0.1mdvmes5.2.i586.rpm\n abca5b749f468af02e0d94e2c8b00ac1 mes5/i586/firefox-pl-17.0.5-0.1mdvmes5.2.i586.rpm\n 2585fe186ebb3b81ae4e3b4c4ed73442 mes5/i586/firefox-pt_BR-17.0.5-0.1mdvmes5.2.i586.rpm\n 416bbd1fc256861429b3fd78f7d83ef1 mes5/i586/firefox-pt_PT-17.0.5-0.1mdvmes5.2.i586.rpm\n 3d66426c2548c0ba2746c4c36a9db708 mes5/i586/firefox-ro-17.0.5-0.1mdvmes5.2.i586.rpm\n ae4fc0951b14c00d6656540e7d38e22e mes5/i586/firefox-ru-17.0.5-0.1mdvmes5.2.i586.rpm\n d323216cc380f286ff0c990062cdbd43 mes5/i586/firefox-si-17.0.5-0.1mdvmes5.2.i586.rpm\n a0edc229b50354a66d6c6152fc082395 mes5/i586/firefox-sk-17.0.5-0.1mdvmes5.2.i586.rpm\n 7d5edda5ddd9064dec3b85ecc7102f19 mes5/i586/firefox-sl-17.0.5-0.1mdvmes5.2.i586.rpm\n 277d4c09d495b4b8bb0c7e715761f267 mes5/i586/firefox-sq-17.0.5-0.1mdvmes5.2.i586.rpm\n 3d601400d0df895c73a5ebb064f4f016 mes5/i586/firefox-sr-17.0.5-0.1mdvmes5.2.i586.rpm\n f5f9e7bbe47f6fba7042f2bf5a61d28e mes5/i586/firefox-sv_SE-17.0.5-0.1mdvmes5.2.i586.rpm\n ec8dc022734c08dab5183405efa6d0c1 mes5/i586/firefox-te-17.0.5-0.1mdvmes5.2.i586.rpm\n 242b490062337f7f4f4b8169fb8c91d5 mes5/i586/firefox-th-17.0.5-0.1mdvmes5.2.i586.rpm\n 3f2fe42cd27e1c751513a561df7fb5a7 mes5/i586/firefox-tr-17.0.5-0.1mdvmes5.2.i586.rpm\n e5a6d7e6b9981687ca062526a14c7056 mes5/i586/firefox-uk-17.0.5-0.1mdvmes5.2.i586.rpm\n 8ad451f2a167af24160826bb6d054593 mes5/i586/firefox-zh_CN-17.0.5-0.1mdvmes5.2.i586.rpm\n 3d1c7ee791874a416ed2bf5847fa6ad7 mes5/i586/firefox-zh_TW-17.0.5-0.1mdvmes5.2.i586.rpm\n 0c338be36acdbe8c79655cfeac88627a mes5/i586/icedtea-web-1.3.1-0.3mdvmes5.2.i586.rpm\n 807123e3063f730d05282bf43f3dda6a mes5/i586/icedtea-web-javadoc-1.3.1-0.3mdvmes5.2.i586.rpm\n 7380860d463c5b198f74b592e51031f1 mes5/i586/libnspr4-4.9.6-0.1mdvmes5.2.i586.rpm\n 58137e16b3eb8e9655ceef99f4ec1fc7 mes5/i586/libnspr-devel-4.9.6-0.1mdvmes5.2.i586.rpm\n 6cb4ca4131bce6f48ff8d347ded8236d mes5/i586/libxulrunner17.0.5-17.0.5-0.1mdvmes5.2.i586.rpm\n 5c7ea7a5a52630606b7e71d61ac5c738 mes5/i586/libxulrunner-devel-17.0.5-0.1mdvmes5.2.i586.rpm\n 41f2f6022487aabc48b573620111b6b8 mes5/i586/xulrunner-17.0.5-0.1mdvmes5.2.i586.rpm \n 2a3a774ee0094a48cf108ed120ba227a mes5/SRPMS/firefox-17.0.5-0.1mdvmes5.2.src.rpm\n 58a810253d11b6af76cf1bcce6a3e7b4 mes5/SRPMS/firefox-l10n-17.0.5-0.1mdvmes5.2.src.rpm\n 5add3a80120b73f5ed97c9dd02837c58 mes5/SRPMS/icedtea-web-1.3.1-0.3mdvmes5.2.src.rpm\n 6d70b7e57cc741f0b587a1effee81fb4 mes5/SRPMS/nspr-4.9.6-0.1mdvmes5.2.src.rpm\n d7f835773038004ff8995ef676f8397e mes5/SRPMS/xulrunner-17.0.5-0.1mdvmes5.2.src.rpm\n\n Mandriva Enterprise Server 5/X86_64:\n 352b4b9c3ec49226611acfff2586132d mes5/x86_64/firefox-17.0.5-0.1mdvmes5.2.x86_64.rpm\n 29388b8d4da203e932710f8b98630932 mes5/x86_64/firefox-af-17.0.5-0.1mdvmes5.2.x86_64.rpm\n 35c9f59f4ce87eb7c64b89e60220ebb3 mes5/x86_64/firefox-ar-17.0.5-0.1mdvmes5.2.x86_64.rpm\n 204c1013d7e6d3925a73ff3c62ce6c14 mes5/x86_64/firefox-be-17.0.5-0.1mdvmes5.2.x86_64.rpm\n 43fdfdbedaf5a13fe6396775731a1835 mes5/x86_64/firefox-bg-17.0.5-0.1mdvmes5.2.x86_64.rpm\n d800fa786bef5538692c6b8fffb2f1b3 mes5/x86_64/firefox-bn-17.0.5-0.1mdvmes5.2.x86_64.rpm\n 74cb34c33f9d0f070338dd49332bbdd1 mes5/x86_64/firefox-ca-17.0.5-0.1mdvmes5.2.x86_64.rpm\n fca54be2cf51319542bca20cedf9dff6 mes5/x86_64/firefox-cs-17.0.5-0.1mdvmes5.2.x86_64.rpm\n 10b6de867fa24ab60c419fd9b314723c mes5/x86_64/firefox-cy-17.0.5-0.1mdvmes5.2.x86_64.rpm\n eb67b095d7490b5bc24c85bc8652fed9 mes5/x86_64/firefox-da-17.0.5-0.1mdvmes5.2.x86_64.rpm\n 7761e055af6b87172b2a05f9dc671d99 mes5/x86_64/firefox-de-17.0.5-0.1mdvmes5.2.x86_64.rpm\n b4ede22d5b768e082d47d2702fb71221 mes5/x86_64/firefox-devel-17.0.5-0.1mdvmes5.2.x86_64.rpm\n a359d0468b6217c59eb88771f2e799b2 mes5/x86_64/firefox-el-17.0.5-0.1mdvmes5.2.x86_64.rpm\n 4e58ae7627f5d6d0ba4d7c215c252611 mes5/x86_64/firefox-en_GB-17.0.5-0.1mdvmes5.2.x86_64.rpm\n 777062d66c8b57c59dc72c60bcade5aa mes5/x86_64/firefox-eo-17.0.5-0.1mdvmes5.2.x86_64.rpm\n c2b069c9c0105d85c5946f542204a7c7 mes5/x86_64/firefox-es_AR-17.0.5-0.1mdvmes5.2.x86_64.rpm\n 2a39a098a5b39dee19347f18c033f8c5 mes5/x86_64/firefox-es_ES-17.0.5-0.1mdvmes5.2.x86_64.rpm\n 412516e1b5a4b4b8b3a7eaf8d2b7806e mes5/x86_64/firefox-et-17.0.5-0.1mdvmes5.2.x86_64.rpm\n 5225e8ac59ee14a9fe5653e8afaa96b4 mes5/x86_64/firefox-eu-17.0.5-0.1mdvmes5.2.x86_64.rpm\n e91755da5dc3a6481ef5fd87b66dc2b3 mes5/x86_64/firefox-fi-17.0.5-0.1mdvmes5.2.x86_64.rpm\n 6c3c9ffddeb301345539516a2128870b mes5/x86_64/firefox-fr-17.0.5-0.1mdvmes5.2.x86_64.rpm\n f90bff71593d02e29a6801fb30196522 mes5/x86_64/firefox-fy-17.0.5-0.1mdvmes5.2.x86_64.rpm\n e36128274f24c1e3a905c6834dbd3431 mes5/x86_64/firefox-ga_IE-17.0.5-0.1mdvmes5.2.x86_64.rpm\n c1d8d7d3060a4a63ecf56e516d704322 mes5/x86_64/firefox-gl-17.0.5-0.1mdvmes5.2.x86_64.rpm\n fce3e57a97a18461e6784f27c9b5f982 mes5/x86_64/firefox-gu_IN-17.0.5-0.1mdvmes5.2.x86_64.rpm\n d567bdbe94970ce762fbbec34566271e mes5/x86_64/firefox-he-17.0.5-0.1mdvmes5.2.x86_64.rpm\n 68a74e20c4ee64127e275d443052a0aa mes5/x86_64/firefox-hi-17.0.5-0.1mdvmes5.2.x86_64.rpm\n 65eeb5076b7e049d2212f88e8e3a5d2b mes5/x86_64/firefox-hu-17.0.5-0.1mdvmes5.2.x86_64.rpm\n 7906c9372d2db0981a0f1fc5d068781f mes5/x86_64/firefox-id-17.0.5-0.1mdvmes5.2.x86_64.rpm\n 39174043fdecada0715aae758b111931 mes5/x86_64/firefox-is-17.0.5-0.1mdvmes5.2.x86_64.rpm\n 391b93959169588a74801efb2baeb048 mes5/x86_64/firefox-it-17.0.5-0.1mdvmes5.2.x86_64.rpm\n de1e0b1e3b0e2c1b91b3b9d8250b042d mes5/x86_64/firefox-ja-17.0.5-0.1mdvmes5.2.x86_64.rpm\n c465364f97f2c2cb891ff5866f7b2048 mes5/x86_64/firefox-kn-17.0.5-0.1mdvmes5.2.x86_64.rpm\n dd25c3ffde3ac083a3bd439855ab9e66 mes5/x86_64/firefox-ko-17.0.5-0.1mdvmes5.2.x86_64.rpm\n 0af917c3141a800843563b56e634e4b9 mes5/x86_64/firefox-ku-17.0.5-0.1mdvmes5.2.x86_64.rpm\n d17896516e04d7b2483c449c07018c1a mes5/x86_64/firefox-lt-17.0.5-0.1mdvmes5.2.x86_64.rpm\n e7925f0f39dd9cc0be8e390ff5b2511a mes5/x86_64/firefox-lv-17.0.5-0.1mdvmes5.2.x86_64.rpm\n aa7dada147bc0ee6e14de44582148245 mes5/x86_64/firefox-mk-17.0.5-0.1mdvmes5.2.x86_64.rpm\n 12eeadd008b58a4c51c396a3296c6876 mes5/x86_64/firefox-mr-17.0.5-0.1mdvmes5.2.x86_64.rpm\n 6043540a8e8edd39b06c8dbde4bbac6a mes5/x86_64/firefox-nb_NO-17.0.5-0.1mdvmes5.2.x86_64.rpm\n 0967142165225c2d0cde356bdf91af38 mes5/x86_64/firefox-nl-17.0.5-0.1mdvmes5.2.x86_64.rpm\n fe4d07e0a85ee4cf0a3ed65c4a24e561 mes5/x86_64/firefox-nn_NO-17.0.5-0.1mdvmes5.2.x86_64.rpm\n 18c355a3a4ecbed10dd933a2c0cee658 mes5/x86_64/firefox-pa_IN-17.0.5-0.1mdvmes5.2.x86_64.rpm\n fdb47ab94213fde94caca5c0e956ad0a mes5/x86_64/firefox-pl-17.0.5-0.1mdvmes5.2.x86_64.rpm\n 26659783f49eb63504f8240af15c46ef mes5/x86_64/firefox-pt_BR-17.0.5-0.1mdvmes5.2.x86_64.rpm\n 003887926df53eea9cd2c728ce2f2613 mes5/x86_64/firefox-pt_PT-17.0.5-0.1mdvmes5.2.x86_64.rpm\n f26a734cc64f5630d5763501789af036 mes5/x86_64/firefox-ro-17.0.5-0.1mdvmes5.2.x86_64.rpm\n 2055c8a4b5ab208de8bb7fc03df6f6ad mes5/x86_64/firefox-ru-17.0.5-0.1mdvmes5.2.x86_64.rpm\n eb5a279167efdded2ec946f1174885da mes5/x86_64/firefox-si-17.0.5-0.1mdvmes5.2.x86_64.rpm\n 0884722ce24c5dc947a1693b72ab87a8 mes5/x86_64/firefox-sk-17.0.5-0.1mdvmes5.2.x86_64.rpm\n 9ec578bd6111680976755026eee9736f mes5/x86_64/firefox-sl-17.0.5-0.1mdvmes5.2.x86_64.rpm\n d3ed346a9201d1c43ec0addd91404407 mes5/x86_64/firefox-sq-17.0.5-0.1mdvmes5.2.x86_64.rpm\n 7a3c688c303f03f13d370e078ef527d8 mes5/x86_64/firefox-sr-17.0.5-0.1mdvmes5.2.x86_64.rpm\n 679acfed547f9ed80a7515a4ac955990 mes5/x86_64/firefox-sv_SE-17.0.5-0.1mdvmes5.2.x86_64.rpm\n 94bf66782b9ffd747482d41526527b5f mes5/x86_64/firefox-te-17.0.5-0.1mdvmes5.2.x86_64.rpm\n 9b37e1edaa79527f9bb7159e39be108c mes5/x86_64/firefox-th-17.0.5-0.1mdvmes5.2.x86_64.rpm\n 2a6557c6d334dc4020f3cd2ba2235a0d mes5/x86_64/firefox-tr-17.0.5-0.1mdvmes5.2.x86_64.rpm\n c95479524cf439150d838ecd163e7040 mes5/x86_64/firefox-uk-17.0.5-0.1mdvmes5.2.x86_64.rpm\n aa31ef1321eff4e86d98acfac020fb25 mes5/x86_64/firefox-zh_CN-17.0.5-0.1mdvmes5.2.x86_64.rpm\n d539dfb331ec70a69828f7665686d9b0 mes5/x86_64/firefox-zh_TW-17.0.5-0.1mdvmes5.2.x86_64.rpm\n 2028cbbf55353a75366c9cb191efd67c mes5/x86_64/icedtea-web-1.3.1-0.3mdvmes5.2.x86_64.rpm\n 734ae27edc8c1026bca9947d70fd3fb7 mes5/x86_64/icedtea-web-javadoc-1.3.1-0.3mdvmes5.2.x86_64.rpm\n be78699f862f4a1d199248510e20ce1b mes5/x86_64/lib64nspr4-4.9.6-0.1mdvmes5.2.x86_64.rpm\n f62ab4de8ca959c4ff3990c92ea2427b mes5/x86_64/lib64nspr-devel-4.9.6-0.1mdvmes5.2.x86_64.rpm\n e94bbf818cfa59f67f7e5e75daf2726d mes5/x86_64/lib64xulrunner17.0.5-17.0.5-0.1mdvmes5.2.x86_64.rpm\n aecb7c59434a3330e7cb64bb6e7d902c mes5/x86_64/lib64xulrunner-devel-17.0.5-0.1mdvmes5.2.x86_64.rpm\n 531f21b03dbffa6024943663c1ba9e64 mes5/x86_64/xulrunner-17.0.5-0.1mdvmes5.2.x86_64.rpm \n 2a3a774ee0094a48cf108ed120ba227a mes5/SRPMS/firefox-17.0.5-0.1mdvmes5.2.src.rpm\n 58a810253d11b6af76cf1bcce6a3e7b4 mes5/SRPMS/firefox-l10n-17.0.5-0.1mdvmes5.2.src.rpm\n 5add3a80120b73f5ed97c9dd02837c58 mes5/SRPMS/icedtea-web-1.3.1-0.3mdvmes5.2.src.rpm\n 6d70b7e57cc741f0b587a1effee81fb4 mes5/SRPMS/nspr-4.9.6-0.1mdvmes5.2.src.rpm\n d7f835773038004ff8995ef676f8397e mes5/SRPMS/xulrunner-17.0.5-0.1mdvmes5.2.src.rpm\n _______________________________________________________________________\n\n To upgrade automatically use MandrivaUpdate or urpmi. The verification\n of md5 checksums and GPG signatures is performed automatically for you. \n\n All packages are signed by Mandriva for security. You can obtain the\n GPG public key of the Mandriva Security Team by executing:\n\n gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98\n\n You can view other update advisories for Mandriva Linux at:\n\n http://www.mandriva.com/en/support/security/advisories/\n\n If you want to report vulnerabilities, please contact\n\n security_(at)_mandriva.com\n _______________________________________________________________________\n\n Type Bits/KeyID Date User ID\n pub 1024D/22458A98 2000-07-10 Mandriva Security Team\n \u003csecurity*mandriva.com\u003e\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.12 (GNU/Linux)\n\niD8DBQFRZBk1mqjQ0CJFipgRAplSAJ44faYKLDitsBC24gBnRhdQycVEmgCgq1FV\nwMd/SGhxwMMZZ8YXJEH7z9g=\n=83zI\n-----END PGP SIGNATURE-----\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2013-0793"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-002129"
},
{
"db": "BID",
"id": "58837"
},
{
"db": "PACKETSTORM",
"id": "121086"
},
{
"db": "PACKETSTORM",
"id": "121085"
},
{
"db": "PACKETSTORM",
"id": "121133"
},
{
"db": "PACKETSTORM",
"id": "123420"
},
{
"db": "PACKETSTORM",
"id": "121049"
},
{
"db": "PACKETSTORM",
"id": "121050"
},
{
"db": "PACKETSTORM",
"id": "121190"
}
],
"trust": 2.52
},
"external_ids": {
"_id": null,
"data": [
{
"db": "NVD",
"id": "CVE-2013-0793",
"trust": 3.4
},
{
"db": "BID",
"id": "58837",
"trust": 1.3
},
{
"db": "JVNDB",
"id": "JVNDB-2013-002129",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "52830",
"trust": 0.6
},
{
"db": "SECUNIA",
"id": "52293",
"trust": 0.6
},
{
"db": "SECUNIA",
"id": "52888",
"trust": 0.6
},
{
"db": "SECUNIA",
"id": "52831",
"trust": 0.6
},
{
"db": "SECUNIA",
"id": "52770",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201304-047",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "121086",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "121085",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "121133",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "123420",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "121049",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "121050",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "121190",
"trust": 0.1
}
],
"sources": [
{
"db": "BID",
"id": "58837"
},
{
"db": "PACKETSTORM",
"id": "121086"
},
{
"db": "PACKETSTORM",
"id": "121085"
},
{
"db": "PACKETSTORM",
"id": "121133"
},
{
"db": "PACKETSTORM",
"id": "123420"
},
{
"db": "PACKETSTORM",
"id": "121049"
},
{
"db": "PACKETSTORM",
"id": "121050"
},
{
"db": "PACKETSTORM",
"id": "121190"
},
{
"db": "CNNVD",
"id": "CNNVD-201304-047"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-002129"
},
{
"db": "NVD",
"id": "CVE-2013-0793"
}
]
},
"id": "VAR-201304-0062",
"iot": {
"_id": null,
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 1.0
},
"last_update_date": "2026-04-10T23:21:40.444000Z",
"patch": {
"_id": null,
"data": [
{
"title": "DSA-2699",
"trust": 0.8,
"url": "http://www.debian.org/security/2013/dsa-2699"
},
{
"title": "MFSA2013-38",
"trust": 0.8,
"url": "http://www.mozilla.org/security/announce/2013/mfsa2013-38.html"
},
{
"title": "MFSA2013-38",
"trust": 0.8,
"url": "http://www.mozilla-japan.org/security/announce/2013/mfsa2013-38.html"
},
{
"title": "openSUSE-SU-2013:0630",
"trust": 0.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-04/msg00009.html"
},
{
"title": "openSUSE-SU-2013:0631",
"trust": 0.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-04/msg00010.html"
},
{
"title": "SUSE-SU-2013:0645",
"trust": 0.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-04/msg00013.html"
},
{
"title": "SUSE-SU-2013:0850",
"trust": 0.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-05/msg00019.html"
},
{
"title": "openSUSE-SU-2013:0875",
"trust": 0.8,
"url": "http://lists.opensuse.org/opensuse-updates/2013-06/msg00012.html"
},
{
"title": "RHSA-2013:0697",
"trust": 0.8,
"url": "http://rhn.redhat.com/errata/RHSA-2013-0697.html"
},
{
"title": "RHSA-2013:0696",
"trust": 0.8,
"url": "http://rhn.redhat.com/errata/RHSA-2013-0696.html"
},
{
"title": "USN-1791-1",
"trust": 0.8,
"url": "http://www.ubuntu.com/usn/USN-1791-1"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-002129"
}
]
},
"problemtype_data": {
"_id": null,
"data": [
{
"problemtype": "CWE-79",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-002129"
},
{
"db": "NVD",
"id": "CVE-2013-0793"
}
]
},
"references": {
"_id": null,
"data": [
{
"trust": 2.0,
"url": "http://www.mozilla.org/security/announce/2013/mfsa2013-38.html"
},
{
"trust": 1.6,
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=803870"
},
{
"trust": 1.1,
"url": "http://www.ubuntu.com/usn/usn-1791-1"
},
{
"trust": 1.1,
"url": "http://rhn.redhat.com/errata/rhsa-2013-0696.html"
},
{
"trust": 1.1,
"url": "http://rhn.redhat.com/errata/rhsa-2013-0697.html"
},
{
"trust": 1.0,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a16928"
},
{
"trust": 1.0,
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-04/msg00013.html"
},
{
"trust": 1.0,
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-04/msg00009.html"
},
{
"trust": 1.0,
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-04/msg00010.html"
},
{
"trust": 1.0,
"url": "http://www.debian.org/security/2013/dsa-2699"
},
{
"trust": 1.0,
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-05/msg00019.html"
},
{
"trust": 1.0,
"url": "http://lists.opensuse.org/opensuse-updates/2013-06/msg00012.html"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/bid/58837"
},
{
"trust": 0.9,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-0793"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-0793"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0793"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0796"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0795"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0800"
},
{
"trust": 0.6,
"url": "http://secunia.com/advisories/52293"
},
{
"trust": 0.6,
"url": "http://secunia.com/advisories/52770"
},
{
"trust": 0.6,
"url": "http://secunia.com/advisories/52830"
},
{
"trust": 0.6,
"url": "http://secunia.com/advisories/52831"
},
{
"trust": 0.6,
"url": "http://secunia.com/advisories/52888"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0788"
},
{
"trust": 0.3,
"url": "http://www.avantbrowser.com/new.aspx?uil=en-us#13000000107"
},
{
"trust": 0.3,
"url": "http://www.mozilla.org/projects/seamonkey/"
},
{
"trust": 0.3,
"url": "http://www.mozilla.org/products/thunderbird/"
},
{
"trust": 0.3,
"url": "http://www.palemoon.org/releasenotes-ng.shtml"
},
{
"trust": 0.3,
"url": "http://tools.cisco.com/security/center/content/ciscosecuritynotice/cve-2014-0676"
},
{
"trust": 0.3,
"url": "https://downloads.avaya.com/css/p8/documents/100172166"
},
{
"trust": 0.3,
"url": "https://www-304.ibm.com/support/docview.wss?uid=ssg1s1004390"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0792"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0791"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0794"
},
{
"trust": 0.2,
"url": "https://launchpad.net/bugs/1161422"
},
{
"trust": 0.2,
"url": "http://www.ubuntu.com/usn/usn-1786-1"
},
{
"trust": 0.2,
"url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.2,
"url": "https://www.redhat.com/security/data/cve/cve-2013-0788.html"
},
{
"trust": 0.2,
"url": "https://www.redhat.com/security/data/cve/cve-2013-0796.html"
},
{
"trust": 0.2,
"url": "https://www.redhat.com/security/data/cve/cve-2013-0800.html"
},
{
"trust": 0.2,
"url": "https://www.redhat.com/security/data/cve/cve-2013-0795.html"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/team/contact/"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/team/key/#package"
},
{
"trust": 0.2,
"url": "https://www.redhat.com/security/data/cve/cve-2013-0793.html"
},
{
"trust": 0.2,
"url": "http://bugzilla.redhat.com/):"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/knowledge/articles/11258"
},
{
"trust": 0.1,
"url": "http://www.ubuntu.com/usn/usn-1786-2"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/unity-firefox-extension/2.4.4-0ubuntu0.2"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0789"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/firefox/20.0+build1-0ubuntu0.12.04.3"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/firefox/20.0+build1-0ubuntu0.11.10.3"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/firefox/20.0+build1-0ubuntu0.12.10.3"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/firefox/20.0+build1-0ubuntu0.10.04.3"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/thunderbird/17.0.5+build1-0ubuntu0.12.10.1"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/thunderbird/17.0.5+build1-0ubuntu0.11.10.1"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/thunderbird/17.0.5+build1-0ubuntu0.10.04.1"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/thunderbird/17.0.5+build1-0ubuntu0.12.04.1"
},
{
"trust": 0.1,
"url": "https://launchpad.net/bugs/1162043"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0761"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0754"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0800"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0789"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0766"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0773"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0756"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0749"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0750"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0761"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1675"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1736"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0797"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1692"
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1711"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0759"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0753"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0746"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0752"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0767"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1722"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0770"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0783"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0759"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0768"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0792"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0760"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1718"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0780"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0791"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1697"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0757"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0793"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0782"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1705"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1719"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0764"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0765"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0768"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0760"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1690"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0757"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0776"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1737"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0771"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0775"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0777"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0778"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0795"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0767"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0794"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1681"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0748"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1725"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0762"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1701"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1670"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0799"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0749"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1702"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0769"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0784"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1712"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1687"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0772"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1713"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1714"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0745"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0750"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0756"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0747"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1682"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0796"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0763"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0751"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0779"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0748"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1724"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1674"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1709"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0765"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0781"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0744"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0747"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1707"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0758"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1738"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1671"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0753"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0754"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1679"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1680"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0752"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0745"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1720"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1684"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0787"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0762"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1693"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1710"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0764"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0788"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/glsa/glsa-201309-23.xml"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0744"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0751"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0755"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0763"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1694"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1726"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1730"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0771"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0766"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0801"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0769"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1723"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1678"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1717"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1735"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1676"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0755"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0770"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1732"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0758"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0746"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1728"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1677"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1704"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0774"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1708"
},
{
"trust": 0.1,
"url": "http://www.mozilla.org/security/known-vulnerabilities/firefoxesr.html"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/updates/classification/#critical"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-0792"
},
{
"trust": 0.1,
"url": "http://www.mozilla.org/security/announce/2013/mfsa2013-36.html"
},
{
"trust": 0.1,
"url": "http://www.mandriva.com/en/support/security/"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-0788"
},
{
"trust": 0.1,
"url": "http://www.mozilla.org/security/announce/2013/mfsa2013-30.html"
},
{
"trust": 0.1,
"url": "http://www.mozilla.org/security/announce/2013/mfsa2013-35.html"
},
{
"trust": 0.1,
"url": "http://www.mozilla.org/security/announce/2013/mfsa2013-39.html"
},
{
"trust": 0.1,
"url": "http://www.mandriva.com/en/support/security/advisories/"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-0795"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-0800"
},
{
"trust": 0.1,
"url": "http://www.mozilla.org/security/announce/2013/mfsa2013-31.html"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-0796"
}
],
"sources": [
{
"db": "BID",
"id": "58837"
},
{
"db": "PACKETSTORM",
"id": "121086"
},
{
"db": "PACKETSTORM",
"id": "121085"
},
{
"db": "PACKETSTORM",
"id": "121133"
},
{
"db": "PACKETSTORM",
"id": "123420"
},
{
"db": "PACKETSTORM",
"id": "121049"
},
{
"db": "PACKETSTORM",
"id": "121050"
},
{
"db": "PACKETSTORM",
"id": "121190"
},
{
"db": "CNNVD",
"id": "CNNVD-201304-047"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-002129"
},
{
"db": "NVD",
"id": "CVE-2013-0793"
}
]
},
"sources": {
"_id": null,
"data": [
{
"db": "BID",
"id": "58837",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "121086",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "121085",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "121133",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "123420",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "121049",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "121050",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "121190",
"ident": null
},
{
"db": "CNNVD",
"id": "CNNVD-201304-047",
"ident": null
},
{
"db": "JVNDB",
"id": "JVNDB-2013-002129",
"ident": null
},
{
"db": "NVD",
"id": "CVE-2013-0793",
"ident": null
}
]
},
"sources_release_date": {
"_id": null,
"data": [
{
"date": "2013-04-02T00:00:00",
"db": "BID",
"id": "58837",
"ident": null
},
{
"date": "2013-04-05T01:58:43",
"db": "PACKETSTORM",
"id": "121086",
"ident": null
},
{
"date": "2013-04-05T01:58:28",
"db": "PACKETSTORM",
"id": "121085",
"ident": null
},
{
"date": "2013-04-08T21:11:50",
"db": "PACKETSTORM",
"id": "121133",
"ident": null
},
{
"date": "2013-09-27T22:24:30",
"db": "PACKETSTORM",
"id": "123420",
"ident": null
},
{
"date": "2013-04-02T14:35:00",
"db": "PACKETSTORM",
"id": "121049",
"ident": null
},
{
"date": "2013-04-02T14:37:00",
"db": "PACKETSTORM",
"id": "121050",
"ident": null
},
{
"date": "2013-04-10T01:24:07",
"db": "PACKETSTORM",
"id": "121190",
"ident": null
},
{
"date": "2013-04-07T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201304-047",
"ident": null
},
{
"date": "2013-04-04T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-002129",
"ident": null
},
{
"date": "2013-04-03T11:56:21.150000",
"db": "NVD",
"id": "CVE-2013-0793",
"ident": null
}
]
},
"sources_update_date": {
"_id": null,
"data": [
{
"date": "2015-04-13T22:14:00",
"db": "BID",
"id": "58837",
"ident": null
},
{
"date": "2013-04-07T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201304-047",
"ident": null
},
{
"date": "2013-06-27T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-002129",
"ident": null
},
{
"date": "2025-04-11T00:51:21.963000",
"db": "NVD",
"id": "CVE-2013-0793",
"ident": null
}
]
},
"threat_type": {
"_id": null,
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "123420"
},
{
"db": "CNNVD",
"id": "CNNVD-201304-047"
}
],
"trust": 0.7
},
"title": {
"_id": null,
"data": "plural Mozilla Product cross-site scripting vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-002129"
}
],
"trust": 0.8
},
"type": {
"_id": null,
"data": "XSS",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201304-047"
}
],
"trust": 0.6
}
}
VAR-201506-0498
Vulnerability from variot - Updated: 2026-04-10 23:17The X509_cmp_time function in crypto/x509/x509_vfy.c in OpenSSL before 0.9.8zg, 1.0.0 before 1.0.0s, 1.0.1 before 1.0.1n, and 1.0.2 before 1.0.2b allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted length field in ASN1_TIME data, as demonstrated by an attack against a server that supports client authentication with a custom verification callback. OpenSSL is prone to denial-of-service vulnerability. An attacker may exploit this issue to cause a denial-of-service condition. The following are vulnerable: OpenSSL 1.0.2 prior to 1.0.2b OpenSSL 1.0.1 prior to 1.0.1n OpenSSL 1.0.0 prior to 1.0.0s OpenSSL 0.9.8 prior to 0.9.8zg. OpenSSL Security Advisory [11 Jun 2015] =======================================
DHE man-in-the-middle protection (Logjam)
A vulnerability in the TLS protocol allows a man-in-the-middle attacker to downgrade vulnerable TLS connections using ephemeral Diffie-Hellman key exchange to 512-bit export-grade cryptography. This vulnerability is known as Logjam (CVE-2015-4000).
OpenSSL has added protection for TLS clients by rejecting handshakes with DH parameters shorter than 768 bits. This limit will be increased to 1024 bits in a future release.
Malformed ECParameters causes infinite loop (CVE-2015-1788)
Severity: Moderate
When processing an ECParameters structure OpenSSL enters an infinite loop if the curve specified is over a specially malformed binary polynomial field.
This can be used to perform denial of service against any system which processes public keys, certificate requests or certificates. This includes TLS clients and TLS servers with client authentication enabled.
This issue affects OpenSSL versions: 1.0.2 and 1.0.1. Recent 1.0.0 and 0.9.8 versions are not affected. 1.0.0d and 0.9.8r and below are affected.
OpenSSL 1.0.2 users should upgrade to 1.0.2b OpenSSL 1.0.1 users should upgrade to 1.0.1n OpenSSL 1.0.0d (and below) users should upgrade to 1.0.0s OpenSSL 0.9.8r (and below) users should upgrade to 0.9.8zg
This issue was reported to OpenSSL on 6th April 2015 by Joseph Birr-Pixton. The fix was developed by Andy Polyakov of the OpenSSL development team.
Exploitable out-of-bounds read in X509_cmp_time (CVE-2015-1789)
Severity: Moderate
X509_cmp_time does not properly check the length of the ASN1_TIME string and can read a few bytes out of bounds. In addition, X509_cmp_time accepts an arbitrary number of fractional seconds in the time string.
An attacker can use this to craft malformed certificates and CRLs of various sizes and potentially cause a segmentation fault, resulting in a DoS on applications that verify certificates or CRLs. TLS clients that verify CRLs are affected. TLS clients and servers with client authentication enabled may be affected if they use custom verification callbacks.
This issue affects all current OpenSSL versions: 1.0.2, 1.0.1, 1.0.0 and 0.9.8.
OpenSSL 1.0.2 users should upgrade to 1.0.2b OpenSSL 1.0.1 users should upgrade to 1.0.1n OpenSSL 1.0.0 users should upgrade to 1.0.0s OpenSSL 0.9.8 users should upgrade to 0.9.8zg
This issue was reported to OpenSSL on 8th April 2015 by Robert Swiecki (Google), and independently on 11th April 2015 by Hanno Böck. The fix was developed by Emilia Käsper of the OpenSSL development team.
PKCS7 crash with missing EnvelopedContent (CVE-2015-1790)
Severity: Moderate
The PKCS#7 parsing code does not handle missing inner EncryptedContent correctly. An attacker can craft malformed ASN.1-encoded PKCS#7 blobs with missing content and trigger a NULL pointer dereference on parsing.
Applications that decrypt PKCS#7 data or otherwise parse PKCS#7 structures from untrusted sources are affected. OpenSSL clients and servers are not affected.
This issue affects all current OpenSSL versions: 1.0.2, 1.0.1, 1.0.0 and 0.9.8.
OpenSSL 1.0.2 users should upgrade to 1.0.2b OpenSSL 1.0.1 users should upgrade to 1.0.1n OpenSSL 1.0.0 users should upgrade to 1.0.0s OpenSSL 0.9.8 users should upgrade to 0.9.8zg
This issue was reported to OpenSSL on 18th April 2015 by Michal Zalewski (Google). The fix was developed by Emilia Käsper of the OpenSSL development team.
This can be used to perform denial of service against any system which verifies signedData messages using the CMS code.
This issue affects all current OpenSSL versions: 1.0.2, 1.0.1, 1.0.0 and 0.9.8.
OpenSSL 1.0.2 users should upgrade to 1.0.2b OpenSSL 1.0.1 users should upgrade to 1.0.1n OpenSSL 1.0.0 users should upgrade to 1.0.0s OpenSSL 0.9.8 users should upgrade to 0.9.8zg
This issue was reported to OpenSSL on 31st March 2015 by Johannes Bauer. The fix was developed by Dr. Stephen Henson of the OpenSSL development team.
This issue affects all current OpenSSL versions: 1.0.2, 1.0.1, 1.0.0 and 0.9.8. The fix was developed by Matt Caswell of the OpenSSL development team. It existed in previous OpenSSL versions and was fixed in June 2014.
If a DTLS peer receives application data between the ChangeCipherSpec and Finished messages, buffering of such data may cause an invalid free, resulting in a segmentation fault or potentially, memory corruption.
This issue affected older OpenSSL versions 1.0.1, 1.0.0 and 0.9.8.
OpenSSL 0.9.8 DTLS users should upgrade to 0.9.8za OpenSSL 1.0.0 DTLS users should upgrade to 1.0.0m. OpenSSL 1.0.1 DTLS users should upgrade to 1.0.1h.
This issue was originally reported on March 28th 2014 in https://rt.openssl.org/Ticket/Display.html?id=3286 by Praveen Kariyanahalli, and subsequently by Ivan Fratric and Felix Groebert (Google). A fix was developed by zhu qun-ying.
The fix for this issue can be identified by commits bcc31166 (1.0.1), b79e6e3a (1.0.0) and 4b258e73 (0.9.8).
Note
As per our previous announcements and our Release Strategy (https://www.openssl.org/about/releasestrat.html), support for OpenSSL versions 1.0.0 and 0.9.8 will cease on 31st December 2015. No security updates for these releases will be provided after that date. Users of these releases are advised to upgrade.
References
URL for this Security Advisory: https://www.openssl.org/news/secadv_20150611.txt
Note: the online version of the advisory may be updated with additional details over time.
For details of OpenSSL severity classifications please see: https://www.openssl.org/about/secpolicy.html
. These vulnerabilities include:
The SSLv3 vulnerability known as "Padding Oracle on Downgraded Legacy Encryption" also known as "POODLE", which could be exploited remotely resulting in disclosure of information. The following firmware versions of Virtual Connect (VC) are impacted:
HPE BladeSystem c-Class Virtual Connect (VC) Firmware 4.30 through VC 4.45 HPE BladeSystem c-Class Virtual Connect (VC) Firmware 3.62 through VC 4.21
Note: Firmware versions 3.62 through 4.21 are not impacted by CVE-2016-0800, CVE-2015-3194, CVE-2014-3566, CVE-2015-0705, CVE-2016-0799, and CVE-2016-2842.
Release Date: 2015-07-10 Last Updated: 2015-07-10
Potential Security Impact: Remote Denial of Service (DoS)
Source: Hewlett-Packard Company, HP Software Security Response Team
VULNERABILITY SUMMARY Potential security vulnerabilities have been identified with HP IceWall Products running OpenSSL. Product Impacted Versions Impacted CVEs
HP IceWall MCRP v3.0 CVE-2015-1789 CVE-2015-1790 CVE-2015-1792
HP IceWall SSO Dfw v10.0 CVE-2015-1789 CVE-2015-1790 CVE-2015-1792
HP IceWall SSO Agent Option v10.0 CVE-2015-1789 CVE-2015-1790 CVE-2015-1792
HP IceWall SSO Certd v10.0 CVE-2015-1792
HP IceWall Federation Agent v3.0 CVE-2015-1792
BACKGROUND
CVSS 2.0 Base Metrics
Reference Base Vector Base Score CVE-2015-1789 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3 CVE-2015-1790 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 CVE-2015-1792 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 =========================================================== Information on CVSS is documented in HP Customer Notice: HPSN-2008-002
RESOLUTION
HP recommends applying the latest OS vendor security patches for OpenSSL to resolve the vulnerabilities for HP IceWall Products.
HP IceWall SSO Dfw v10.0 and Certd v10.0, which are running on RHEL, could be using either the OS bundled OpenSSL library or the OpenSSL bundled with HP IceWall. If still using the OpenSSL bundled with HP IceWall, please apply the latest OS vendor security patches for OpenSSL and switch to the OpenSSL library bundled with the OS.
Documents are available at the following location with instructions to switch to the OS bundled OpenSSL library:
http://www.hp.com/jp/icewall_patchaccess
Note: The HP IceWall product is only available in Japan.
HISTORY Version:1 (rev.1) - 10 July 2015 Initial release
Third Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy.
Support: For issues about implementing the recommendations of this Security Bulletin, contact normal HP Services support channel. For other issues about the content of this Security Bulletin, send e-mail to security-alert@hp.com.
Report: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com
Subscribe: To initiate a subscription to receive future HP Security Bulletin alerts via Email: http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins
Security Bulletin Archive: A list of recently released Security Bulletins is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/secBullArchive/
Software Product Category: The Software Product Category is represented in the title by the two characters following HPSB.
3C = 3COM 3P = 3rd Party Software GN = HP General Software HF = HP Hardware and Firmware MP = MPE/iX MU = Multi-Platform Software NS = NonStop Servers OV = OpenVMS PI = Printing and Imaging PV = ProCurve ST = Storage Software TU = Tru64 UNIX UX = HP-UX
Copyright 2015 Hewlett-Packard Development Company, L.P. Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. This could allow remote attackers to cause a denial of service. This could allow remote attackers to cause a denial of service (crash). This could allow remote attackers to cause a denial of service.
For the oldstable distribution (wheezy), these problems have been fixed in version 1.0.1e-2+deb7u17.
For the stable distribution (jessie), these problems have been fixed in version 1.0.1k-3+deb8u1.
For the testing distribution (stretch), these problems have been fixed in version 1.0.2b-1.
For the unstable distribution (sid), these problems have been fixed in version 1.0.2b-1. Corrected: 2015-06-11 19:07:45 UTC (stable/10, 10.1-STABLE) 2015-06-12 07:23:55 UTC (releng/10.1, 10.1-RELEASE-p12) 2015-06-11 19:39:27 UTC (stable/9, 9.3-STABLE) 2015-06-12 07:23:55 UTC (releng/9.3, 9.3-RELEASE-p16) 2015-06-11 19:39:27 UTC (stable/8, 8.4-STABLE) 2015-06-12 07:23:55 UTC (releng/8.4, 8.4-RELEASE-p30) CVE Name: CVE-2015-1788, CVE-2015-1789, CVE-2015-1790, CVE-2015-1791 CVE-2015-1792, CVE-2015-4000
For general information regarding FreeBSD Security Advisories, including descriptions of the fields above, security branches, and the following sections, please visit . Background
FreeBSD includes software from the OpenSSL Project.
II. [CVE-2015-1791]
The OpenSSL advisory also describes a problem that is identified as CVE-2014-8176, which is already fixed by an earlier FreeBSD Errata Notice, FreeBSD-EN-15:02.openssl.
III. [CVE-2015-4000]. [CVE-2015-1788]. This affects FreeBSD 10.1 only, as the problem was no longer exist in OpenSSL 0.9.8 series since July 2012. [CVE-2015-1790]. [CVE-2015-1792]
An attacker may be able to crash multi-thread applications that supports resumed TLS handshakes. [CVE-2015-1791]
IV. Workaround
No workaround is available.
V. Solution
Perform one of the following:
1) Upgrade your vulnerable system to a supported FreeBSD stable or release / security branch (releng) dated after the correction date.
2) To update your vulnerable system via a binary patch:
Systems running a RELEASE version of FreeBSD on the i386 or amd64 platforms can be updated via the freebsd-update(8) utility:
freebsd-update fetch
freebsd-update install
3) To update your vulnerable system via a source code patch:
The following patches have been verified to apply to the applicable FreeBSD release branches.
a) Download the relevant patch from the location below, and verify the detached PGP signature using your PGP utility.
[FreeBSD 10.1]
fetch https://security.FreeBSD.org/patches/SA-15:10/openssl-10.1.patch
fetch https://security.FreeBSD.org/patches/SA-15:10/openssl-10.1.patch.asc
gpg --verify openssl-10.1.patch.asc
[FreeBSD 9.3 and 8.4]
fetch https://security.FreeBSD.org/patches/SA-15:10/openssl-8.4.patch
fetch https://security.FreeBSD.org/patches/SA-15:10/openssl-8.4.patch.asc
gpg --verify openssl-8.4.patch.asc
b) Apply the patch. Execute the following commands as root:
cd /usr/src
patch < /path/to/patch
c) Recompile the operating system using buildworld and installworld as described in .
Restart all deamons using the library, or reboot the system.
VI. Correction details
The following list contains the correction revision numbers for each affected branch.
Branch/path Revision
stable/8/ r284286 releng/8.4/ r284295 stable/9/ r284286 releng/9.3/ r284295 stable/10/ r284285 releng/10.1/ r284295
To see which files were modified by a particular revision, run the following command, replacing NNNNNN with the revision number, on a machine with Subversion installed:
svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base
Or visit the following URL, replacing NNNNNN with the revision number:
VII. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
===================================================================== Red Hat Security Advisory
Synopsis: Moderate: openssl security update Advisory ID: RHSA-2015:1115-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2015-1115.html Issue date: 2015-06-15 CVE Names: CVE-2014-8176 CVE-2015-1789 CVE-2015-1790 CVE-2015-1791 CVE-2015-1792 CVE-2015-3216 =====================================================================
- Summary:
Updated openssl packages that fix multiple security issues are now available for Red Hat Enterprise Linux 6 and 7.
Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.
- Relevant releases/architectures:
Red Hat Enterprise Linux Client (v. 7) - x86_64 Red Hat Enterprise Linux Client Optional (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64 Red Hat Enterprise Linux Desktop (v. 6) - i386, x86_64 Red Hat Enterprise Linux Desktop Optional (v. 6) - i386, x86_64 Red Hat Enterprise Linux HPC Node (v. 6) - x86_64 Red Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64 Red Hat Enterprise Linux Server (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server (v. 7) - ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 7) - ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation (v. 7) - x86_64 Red Hat Enterprise Linux Workstation Optional (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Optional (v. 7) - x86_64
- Description:
OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols, as well as a full-strength, general purpose cryptography library.
An invalid free flaw was found in the way OpenSSL handled certain DTLS handshake messages. A malicious DTLS client or server could cause a DTLS server or client using OpenSSL to crash or, potentially, execute arbitrary code. (CVE-2014-8176)
A flaw was found in the way the OpenSSL packages shipped with Red Hat Enterprise Linux 6 and 7 performed locking in the ssleay_rand_bytes() function. (CVE-2015-3216)
An out-of-bounds read flaw was found in the X509_cmp_time() function of OpenSSL. A specially crafted X.509 certificate or a Certificate Revocation List (CRL) could possibly cause a TLS/SSL server or client using OpenSSL to crash. (CVE-2015-1789)
A race condition was found in the session handling code of OpenSSL. This issue could possibly cause a multi-threaded TLS/SSL client using OpenSSL to double free session ticket data and crash. (CVE-2015-1791)
A flaw was found in the way OpenSSL handled Cryptographic Message Syntax (CMS) messages. A CMS message with an unknown hash function identifier could cause an application using OpenSSL to enter an infinite loop. (CVE-2015-1792)
A NULL pointer dereference was found in the way OpenSSL handled certain PKCS#7 inputs. A specially crafted PKCS#7 input with missing EncryptedContent data could cause an application using OpenSSL to crash. (CVE-2015-1790)
Red Hat would like to thank the OpenSSL project for reporting CVE-2014-8176, CVE-2015-1789, CVE-2015-1790, CVE-2015-1791 and CVE-2015-1792 flaws. Upstream acknowledges Praveen Kariyanahalli and Ivan Fratric as the original reporters of CVE-2014-8176, Robert Swiecki and Hanno Böck as the original reporters of CVE-2015-1789, Michal Zalewski as the original reporter of CVE-2015-1790, Emilia Käsper as the original report of CVE-2015-1791 and Johannes Bauer as the original reporter of CVE-2015-1792.
All openssl users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. For the update to take effect, all services linked to the OpenSSL library must be restarted, or the system rebooted.
- Solution:
Before applying this update, make sure all previously released errata relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
- Bugs fixed (https://bugzilla.redhat.com/):
1227574 - CVE-2015-3216 openssl: Crash in ssleay_rand_bytes due to locking regression 1228603 - CVE-2015-1789 OpenSSL: out-of-bounds read in X509_cmp_time 1228604 - CVE-2015-1790 OpenSSL: PKCS7 crash with missing EnvelopedContent 1228607 - CVE-2015-1792 OpenSSL: CMS verify infinite loop with unknown hash function 1228608 - CVE-2015-1791 OpenSSL: Race condition handling NewSessionTicket 1228611 - CVE-2014-8176 OpenSSL: Invalid free in DTLS
- Package List:
Red Hat Enterprise Linux Desktop (v. 6):
Source: openssl-1.0.1e-30.el6_6.11.src.rpm
i386: openssl-1.0.1e-30.el6_6.11.i686.rpm openssl-debuginfo-1.0.1e-30.el6_6.11.i686.rpm
x86_64: openssl-1.0.1e-30.el6_6.11.i686.rpm openssl-1.0.1e-30.el6_6.11.x86_64.rpm openssl-debuginfo-1.0.1e-30.el6_6.11.i686.rpm openssl-debuginfo-1.0.1e-30.el6_6.11.x86_64.rpm
Red Hat Enterprise Linux Desktop Optional (v. 6):
i386: openssl-debuginfo-1.0.1e-30.el6_6.11.i686.rpm openssl-devel-1.0.1e-30.el6_6.11.i686.rpm openssl-perl-1.0.1e-30.el6_6.11.i686.rpm openssl-static-1.0.1e-30.el6_6.11.i686.rpm
x86_64: openssl-debuginfo-1.0.1e-30.el6_6.11.i686.rpm openssl-debuginfo-1.0.1e-30.el6_6.11.x86_64.rpm openssl-devel-1.0.1e-30.el6_6.11.i686.rpm openssl-devel-1.0.1e-30.el6_6.11.x86_64.rpm openssl-perl-1.0.1e-30.el6_6.11.x86_64.rpm openssl-static-1.0.1e-30.el6_6.11.x86_64.rpm
Red Hat Enterprise Linux HPC Node (v. 6):
Source: openssl-1.0.1e-30.el6_6.11.src.rpm
x86_64: openssl-1.0.1e-30.el6_6.11.i686.rpm openssl-1.0.1e-30.el6_6.11.x86_64.rpm openssl-debuginfo-1.0.1e-30.el6_6.11.i686.rpm openssl-debuginfo-1.0.1e-30.el6_6.11.x86_64.rpm
Red Hat Enterprise Linux HPC Node Optional (v. 6):
x86_64: openssl-debuginfo-1.0.1e-30.el6_6.11.i686.rpm openssl-debuginfo-1.0.1e-30.el6_6.11.x86_64.rpm openssl-devel-1.0.1e-30.el6_6.11.i686.rpm openssl-devel-1.0.1e-30.el6_6.11.x86_64.rpm openssl-perl-1.0.1e-30.el6_6.11.x86_64.rpm openssl-static-1.0.1e-30.el6_6.11.x86_64.rpm
Red Hat Enterprise Linux Server (v. 6):
Source: openssl-1.0.1e-30.el6_6.11.src.rpm
i386: openssl-1.0.1e-30.el6_6.11.i686.rpm openssl-debuginfo-1.0.1e-30.el6_6.11.i686.rpm openssl-devel-1.0.1e-30.el6_6.11.i686.rpm
ppc64: openssl-1.0.1e-30.el6_6.11.ppc.rpm openssl-1.0.1e-30.el6_6.11.ppc64.rpm openssl-debuginfo-1.0.1e-30.el6_6.11.ppc.rpm openssl-debuginfo-1.0.1e-30.el6_6.11.ppc64.rpm openssl-devel-1.0.1e-30.el6_6.11.ppc.rpm openssl-devel-1.0.1e-30.el6_6.11.ppc64.rpm
s390x: openssl-1.0.1e-30.el6_6.11.s390.rpm openssl-1.0.1e-30.el6_6.11.s390x.rpm openssl-debuginfo-1.0.1e-30.el6_6.11.s390.rpm openssl-debuginfo-1.0.1e-30.el6_6.11.s390x.rpm openssl-devel-1.0.1e-30.el6_6.11.s390.rpm openssl-devel-1.0.1e-30.el6_6.11.s390x.rpm
x86_64: openssl-1.0.1e-30.el6_6.11.i686.rpm openssl-1.0.1e-30.el6_6.11.x86_64.rpm openssl-debuginfo-1.0.1e-30.el6_6.11.i686.rpm openssl-debuginfo-1.0.1e-30.el6_6.11.x86_64.rpm openssl-devel-1.0.1e-30.el6_6.11.i686.rpm openssl-devel-1.0.1e-30.el6_6.11.x86_64.rpm
Red Hat Enterprise Linux Server Optional (v. 6):
i386: openssl-debuginfo-1.0.1e-30.el6_6.11.i686.rpm openssl-perl-1.0.1e-30.el6_6.11.i686.rpm openssl-static-1.0.1e-30.el6_6.11.i686.rpm
ppc64: openssl-debuginfo-1.0.1e-30.el6_6.11.ppc64.rpm openssl-perl-1.0.1e-30.el6_6.11.ppc64.rpm openssl-static-1.0.1e-30.el6_6.11.ppc64.rpm
s390x: openssl-debuginfo-1.0.1e-30.el6_6.11.s390x.rpm openssl-perl-1.0.1e-30.el6_6.11.s390x.rpm openssl-static-1.0.1e-30.el6_6.11.s390x.rpm
x86_64: openssl-debuginfo-1.0.1e-30.el6_6.11.x86_64.rpm openssl-perl-1.0.1e-30.el6_6.11.x86_64.rpm openssl-static-1.0.1e-30.el6_6.11.x86_64.rpm
Red Hat Enterprise Linux Workstation (v. 6):
Source: openssl-1.0.1e-30.el6_6.11.src.rpm
i386: openssl-1.0.1e-30.el6_6.11.i686.rpm openssl-debuginfo-1.0.1e-30.el6_6.11.i686.rpm openssl-devel-1.0.1e-30.el6_6.11.i686.rpm
x86_64: openssl-1.0.1e-30.el6_6.11.i686.rpm openssl-1.0.1e-30.el6_6.11.x86_64.rpm openssl-debuginfo-1.0.1e-30.el6_6.11.i686.rpm openssl-debuginfo-1.0.1e-30.el6_6.11.x86_64.rpm openssl-devel-1.0.1e-30.el6_6.11.i686.rpm openssl-devel-1.0.1e-30.el6_6.11.x86_64.rpm
Red Hat Enterprise Linux Workstation Optional (v. 6):
i386: openssl-debuginfo-1.0.1e-30.el6_6.11.i686.rpm openssl-perl-1.0.1e-30.el6_6.11.i686.rpm openssl-static-1.0.1e-30.el6_6.11.i686.rpm
x86_64: openssl-debuginfo-1.0.1e-30.el6_6.11.x86_64.rpm openssl-perl-1.0.1e-30.el6_6.11.x86_64.rpm openssl-static-1.0.1e-30.el6_6.11.x86_64.rpm
Red Hat Enterprise Linux Client (v. 7):
Source: openssl-1.0.1e-42.el7_1.8.src.rpm
x86_64: openssl-1.0.1e-42.el7_1.8.x86_64.rpm openssl-debuginfo-1.0.1e-42.el7_1.8.i686.rpm openssl-debuginfo-1.0.1e-42.el7_1.8.x86_64.rpm openssl-libs-1.0.1e-42.el7_1.8.i686.rpm openssl-libs-1.0.1e-42.el7_1.8.x86_64.rpm
Red Hat Enterprise Linux Client Optional (v. 7):
x86_64: openssl-debuginfo-1.0.1e-42.el7_1.8.i686.rpm openssl-debuginfo-1.0.1e-42.el7_1.8.x86_64.rpm openssl-devel-1.0.1e-42.el7_1.8.i686.rpm openssl-devel-1.0.1e-42.el7_1.8.x86_64.rpm openssl-perl-1.0.1e-42.el7_1.8.x86_64.rpm openssl-static-1.0.1e-42.el7_1.8.i686.rpm openssl-static-1.0.1e-42.el7_1.8.x86_64.rpm
Red Hat Enterprise Linux ComputeNode (v. 7):
Source: openssl-1.0.1e-42.el7_1.8.src.rpm
x86_64: openssl-1.0.1e-42.el7_1.8.x86_64.rpm openssl-debuginfo-1.0.1e-42.el7_1.8.i686.rpm openssl-debuginfo-1.0.1e-42.el7_1.8.x86_64.rpm openssl-libs-1.0.1e-42.el7_1.8.i686.rpm openssl-libs-1.0.1e-42.el7_1.8.x86_64.rpm
Red Hat Enterprise Linux ComputeNode Optional (v. 7):
x86_64: openssl-debuginfo-1.0.1e-42.el7_1.8.i686.rpm openssl-debuginfo-1.0.1e-42.el7_1.8.x86_64.rpm openssl-devel-1.0.1e-42.el7_1.8.i686.rpm openssl-devel-1.0.1e-42.el7_1.8.x86_64.rpm openssl-perl-1.0.1e-42.el7_1.8.x86_64.rpm openssl-static-1.0.1e-42.el7_1.8.i686.rpm openssl-static-1.0.1e-42.el7_1.8.x86_64.rpm
Red Hat Enterprise Linux Server (v. 7):
Source: openssl-1.0.1e-42.el7_1.8.src.rpm
ppc64: openssl-1.0.1e-42.el7_1.8.ppc64.rpm openssl-debuginfo-1.0.1e-42.el7_1.8.ppc.rpm openssl-debuginfo-1.0.1e-42.el7_1.8.ppc64.rpm openssl-devel-1.0.1e-42.el7_1.8.ppc.rpm openssl-devel-1.0.1e-42.el7_1.8.ppc64.rpm openssl-libs-1.0.1e-42.el7_1.8.ppc.rpm openssl-libs-1.0.1e-42.el7_1.8.ppc64.rpm
s390x: openssl-1.0.1e-42.el7_1.8.s390x.rpm openssl-debuginfo-1.0.1e-42.el7_1.8.s390.rpm openssl-debuginfo-1.0.1e-42.el7_1.8.s390x.rpm openssl-devel-1.0.1e-42.el7_1.8.s390.rpm openssl-devel-1.0.1e-42.el7_1.8.s390x.rpm openssl-libs-1.0.1e-42.el7_1.8.s390.rpm openssl-libs-1.0.1e-42.el7_1.8.s390x.rpm
x86_64: openssl-1.0.1e-42.el7_1.8.x86_64.rpm openssl-debuginfo-1.0.1e-42.el7_1.8.i686.rpm openssl-debuginfo-1.0.1e-42.el7_1.8.x86_64.rpm openssl-devel-1.0.1e-42.el7_1.8.i686.rpm openssl-devel-1.0.1e-42.el7_1.8.x86_64.rpm openssl-libs-1.0.1e-42.el7_1.8.i686.rpm openssl-libs-1.0.1e-42.el7_1.8.x86_64.rpm
Red Hat Enterprise Linux Server (v. 7):
Source: openssl-1.0.1e-42.ael7b_1.8.src.rpm
ppc64le: openssl-1.0.1e-42.ael7b_1.8.ppc64le.rpm openssl-debuginfo-1.0.1e-42.ael7b_1.8.ppc64le.rpm openssl-devel-1.0.1e-42.ael7b_1.8.ppc64le.rpm openssl-libs-1.0.1e-42.ael7b_1.8.ppc64le.rpm
Red Hat Enterprise Linux Server Optional (v. 7):
ppc64: openssl-debuginfo-1.0.1e-42.el7_1.8.ppc.rpm openssl-debuginfo-1.0.1e-42.el7_1.8.ppc64.rpm openssl-perl-1.0.1e-42.el7_1.8.ppc64.rpm openssl-static-1.0.1e-42.el7_1.8.ppc.rpm openssl-static-1.0.1e-42.el7_1.8.ppc64.rpm
s390x: openssl-debuginfo-1.0.1e-42.el7_1.8.s390.rpm openssl-debuginfo-1.0.1e-42.el7_1.8.s390x.rpm openssl-perl-1.0.1e-42.el7_1.8.s390x.rpm openssl-static-1.0.1e-42.el7_1.8.s390.rpm openssl-static-1.0.1e-42.el7_1.8.s390x.rpm
x86_64: openssl-debuginfo-1.0.1e-42.el7_1.8.i686.rpm openssl-debuginfo-1.0.1e-42.el7_1.8.x86_64.rpm openssl-perl-1.0.1e-42.el7_1.8.x86_64.rpm openssl-static-1.0.1e-42.el7_1.8.i686.rpm openssl-static-1.0.1e-42.el7_1.8.x86_64.rpm
Red Hat Enterprise Linux Server Optional (v. 7):
ppc64le: openssl-debuginfo-1.0.1e-42.ael7b_1.8.ppc64le.rpm openssl-perl-1.0.1e-42.ael7b_1.8.ppc64le.rpm openssl-static-1.0.1e-42.ael7b_1.8.ppc64le.rpm
Red Hat Enterprise Linux Workstation (v. 7):
Source: openssl-1.0.1e-42.el7_1.8.src.rpm
x86_64: openssl-1.0.1e-42.el7_1.8.x86_64.rpm openssl-debuginfo-1.0.1e-42.el7_1.8.i686.rpm openssl-debuginfo-1.0.1e-42.el7_1.8.x86_64.rpm openssl-devel-1.0.1e-42.el7_1.8.i686.rpm openssl-devel-1.0.1e-42.el7_1.8.x86_64.rpm openssl-libs-1.0.1e-42.el7_1.8.i686.rpm openssl-libs-1.0.1e-42.el7_1.8.x86_64.rpm
Red Hat Enterprise Linux Workstation Optional (v. 7):
x86_64: openssl-debuginfo-1.0.1e-42.el7_1.8.i686.rpm openssl-debuginfo-1.0.1e-42.el7_1.8.x86_64.rpm openssl-perl-1.0.1e-42.el7_1.8.x86_64.rpm openssl-static-1.0.1e-42.el7_1.8.i686.rpm openssl-static-1.0.1e-42.el7_1.8.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/
- References:
https://access.redhat.com/security/cve/CVE-2014-8176 https://access.redhat.com/security/cve/CVE-2015-1789 https://access.redhat.com/security/cve/CVE-2015-1790 https://access.redhat.com/security/cve/CVE-2015-1791 https://access.redhat.com/security/cve/CVE-2015-1792 https://access.redhat.com/security/cve/CVE-2015-3216 https://access.redhat.com/security/updates/classification/#moderate https://www.openssl.org/news/secadv_20150611.txt
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2015 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iD8DBQFVf0NNXlSAg2UNWIIRArL4AJ9e7lbD/4Nks5midR5o3E4Bs5lQWQCgnrvk ZyXizCcFL9oAQexObjxp/Mo= =PXiY -----END PGP SIGNATURE-----
-- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce
Show details on source website{
"affected_products": {
"_id": null,
"data": [
{
"_id": null,
"model": "primavera p6 enterprise project portfolio management",
"scope": "eq",
"trust": 1.1,
"vendor": "oracle",
"version": "15.1"
},
{
"_id": null,
"model": "primavera p6 enterprise project portfolio management",
"scope": "eq",
"trust": 1.1,
"vendor": "oracle",
"version": "8.3"
},
{
"_id": null,
"model": "primavera p6 enterprise project portfolio management",
"scope": "eq",
"trust": 1.1,
"vendor": "oracle",
"version": "8.4"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0q"
},
{
"_id": null,
"model": "sparc-opl service processor",
"scope": "lte",
"trust": 1.0,
"vendor": "oracle",
"version": "1121"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0e"
},
{
"_id": null,
"model": "openssl",
"scope": "lte",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8zf"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0d"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0a"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0p"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1f"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0k"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1l"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1d"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1c"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1h"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0j"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1j"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0l"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1i"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1e"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0m"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0g"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1g"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0c"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0o"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0b"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.2"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0f"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0r"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0n"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1a"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0i"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0h"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1k"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.2a"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1b"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1m"
},
{
"_id": null,
"model": "junos 12.1x44-d20",
"scope": null,
"trust": 0.9,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "istorage",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "hs series all versions"
},
{
"_id": null,
"model": "hpe systems insight manager",
"scope": null,
"trust": 0.8,
"vendor": "hewlett packard",
"version": null
},
{
"_id": null,
"model": "webotx application server",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "foundation v8.2 to v8.5"
},
{
"_id": null,
"model": "enterprisedirectoryserver",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "6.1"
},
{
"_id": null,
"model": "peoplesoft products",
"scope": "eq",
"trust": 0.8,
"vendor": "oracle",
"version": "of peoplesoft enterprise peopletools 8.54"
},
{
"_id": null,
"model": "express5800",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "v3.0"
},
{
"_id": null,
"model": "enterprisedirectoryserver",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "ver6.0"
},
{
"_id": null,
"model": "express5800",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "v6.2"
},
{
"_id": null,
"model": "webotx application server",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "st ard-j edition v7.1 to v8.1"
},
{
"_id": null,
"model": "hpe matrix operating environment",
"scope": null,
"trust": 0.8,
"vendor": "hewlett packard",
"version": null
},
{
"_id": null,
"model": "express5800",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "v7.1"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 0.8,
"vendor": "openssl",
"version": "1.0.0s"
},
{
"_id": null,
"model": "enterprisedirectoryserver",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "7.0"
},
{
"_id": null,
"model": "webotx",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "st ard edition v4.2 to v6.5"
},
{
"_id": null,
"model": "websam",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "mcoperations ver3.6.2 to ver4.2"
},
{
"_id": null,
"model": "openssl",
"scope": "lt",
"trust": 0.8,
"vendor": "openssl",
"version": "1.0.2"
},
{
"_id": null,
"model": "ix3000 series",
"scope": null,
"trust": 0.8,
"vendor": "nec",
"version": null
},
{
"_id": null,
"model": "ip38x/5000",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "all revisions"
},
{
"_id": null,
"model": "capssuite",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "v3.0 to v4.0 manager component"
},
{
"_id": null,
"model": "secureware/pki application development kit",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "ver3.01"
},
{
"_id": null,
"model": "mysql",
"scope": "lte",
"trust": 0.8,
"vendor": "oracle",
"version": "5.6.25 and earlier"
},
{
"_id": null,
"model": "webotx application server",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "express v8.2 to v9.2"
},
{
"_id": null,
"model": "mac os x",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "10.10 to 10.10.4"
},
{
"_id": null,
"model": "express5800",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "v3.1"
},
{
"_id": null,
"model": "univerge",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "3c ucm"
},
{
"_id": null,
"model": "e-business suite",
"scope": "eq",
"trust": 0.8,
"vendor": "oracle",
"version": "11.5.10.2"
},
{
"_id": null,
"model": "hpe insight control",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "none"
},
{
"_id": null,
"model": "express5800",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "/sg series sg3600lm/lg/lj v6.1"
},
{
"_id": null,
"model": "websam",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "systemmanager ver5.5.2 to ver6.2.1"
},
{
"_id": null,
"model": "ip38x/3500",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "all revisions"
},
{
"_id": null,
"model": "webotx application server",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "st ard v8.2 to v9.2"
},
{
"_id": null,
"model": "istorage",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "nv7500/nv5500/nv3500 series"
},
{
"_id": null,
"model": "istorage",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "nv7400/nv5400/nv3400 series"
},
{
"_id": null,
"model": "express5800",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "v4.0"
},
{
"_id": null,
"model": "webotx application server",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "web edition v7.1 to v8.1"
},
{
"_id": null,
"model": "fusion middleware",
"scope": "eq",
"trust": 0.8,
"vendor": "oracle",
"version": "of oracle exalogic infrastructure eecs 2.0.6.2.3"
},
{
"_id": null,
"model": "webotx",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "uddi registry v1.1 to v7.1"
},
{
"_id": null,
"model": "websam",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "application navigator probe option ver3.1.0.x to ver4.1.0.x"
},
{
"_id": null,
"model": "express5800",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "v8.0"
},
{
"_id": null,
"model": "secureware/pki application development kit",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "ver3.02"
},
{
"_id": null,
"model": "univerge",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "3c cmm"
},
{
"_id": null,
"model": "webotx application server",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "enterprise v8.2 to v9.2"
},
{
"_id": null,
"model": "webotx",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "enterprise edition v4.2 to v6.5"
},
{
"_id": null,
"model": "hpe server migration pack",
"scope": null,
"trust": 0.8,
"vendor": "hewlett packard",
"version": null
},
{
"_id": null,
"model": "webotx application server",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "st ard edition v7.1"
},
{
"_id": null,
"model": "xcp",
"scope": "lt",
"trust": 0.8,
"vendor": "oracle",
"version": "(sparc enterprise m3000/m4000/m5000/m8000/m9000 server )"
},
{
"_id": null,
"model": "webotx application server",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "enterprise edition v7.1"
},
{
"_id": null,
"model": "peoplesoft products",
"scope": "eq",
"trust": 0.8,
"vendor": "oracle",
"version": "of peoplesoft enterprise peopletools 8.53"
},
{
"_id": null,
"model": "hpe version control repository manager",
"scope": null,
"trust": 0.8,
"vendor": "hewlett packard",
"version": null
},
{
"_id": null,
"model": "express5800",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "/sg series intersecvm/sg v1.2"
},
{
"_id": null,
"model": "express5800",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "v7.0"
},
{
"_id": null,
"model": "websam",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "jobcenter r14.1"
},
{
"_id": null,
"model": "ip38x/810",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "all revisions"
},
{
"_id": null,
"model": "webotx",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "st ard-j edition v4.1 to v6.5"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 0.8,
"vendor": "openssl",
"version": "1.0.2b"
},
{
"_id": null,
"model": "hpe insight control",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "server provisioning"
},
{
"_id": null,
"model": "xcp",
"scope": "eq",
"trust": 0.8,
"vendor": "oracle",
"version": "1121"
},
{
"_id": null,
"model": "supply chain products suite",
"scope": "eq",
"trust": 0.8,
"vendor": "oracle",
"version": "of oracle transportation management 6.2"
},
{
"_id": null,
"model": "mac os x",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "10.9.5"
},
{
"_id": null,
"model": "webotx sip application server",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "st ard edition v7.1 to v8.1"
},
{
"_id": null,
"model": "mac os x",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "10.8.5"
},
{
"_id": null,
"model": "websam",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "application navigator agent ver3.3 to ver4.1"
},
{
"_id": null,
"model": "openssl",
"scope": "lt",
"trust": 0.8,
"vendor": "openssl",
"version": "1.0.1"
},
{
"_id": null,
"model": "ix2000 series",
"scope": null,
"trust": 0.8,
"vendor": "nec",
"version": null
},
{
"_id": null,
"model": "secureware/pki application development kit",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "ver3.0"
},
{
"_id": null,
"model": "openssl",
"scope": "lt",
"trust": 0.8,
"vendor": "openssl",
"version": "1.0.0"
},
{
"_id": null,
"model": "supply chain products suite",
"scope": "eq",
"trust": 0.8,
"vendor": "oracle",
"version": "of oracle transportation management 6.1"
},
{
"_id": null,
"model": "webotx",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "web edition v4.1 to v6.5"
},
{
"_id": null,
"model": "webotx enterprise service bus",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "v6.4 to v9.2"
},
{
"_id": null,
"model": "ip38x/1210",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "all revisions"
},
{
"_id": null,
"model": "websam",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "application navigator manager ver3.2.2 to ver4.1"
},
{
"_id": null,
"model": "webotx portal",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "v8.2 to v9.1"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 0.8,
"vendor": "openssl",
"version": "1.0.1n"
},
{
"_id": null,
"model": "enterprisedirectoryserver",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "8.0"
},
{
"_id": null,
"model": "enterprisedirectoryserver",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "7.1"
},
{
"_id": null,
"model": "system management homepage",
"scope": null,
"trust": 0.8,
"vendor": "hewlett packard",
"version": null
},
{
"_id": null,
"model": "secureware/pki application development kit",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "ver3.1"
},
{
"_id": null,
"model": "express5800",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "/sg series univerge sg3000lg/lj"
},
{
"_id": null,
"model": "rational clearquest",
"scope": "eq",
"trust": 0.6,
"vendor": "ibm",
"version": "8.0.0.2"
},
{
"_id": null,
"model": "rational clearquest",
"scope": "eq",
"trust": 0.6,
"vendor": "ibm",
"version": "8.0.0.1"
},
{
"_id": null,
"model": "junos 12.1x46-d25",
"scope": null,
"trust": 0.6,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "rational clearquest",
"scope": "eq",
"trust": 0.6,
"vendor": "ibm",
"version": "7.1.2.6"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70001.1"
},
{
"_id": null,
"model": "security network intrusion prevention system gx5208-v2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v35007.2"
},
{
"_id": null,
"model": "sparc enterprise m5000 xcp",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1118"
},
{
"_id": null,
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.6"
},
{
"_id": null,
"model": "peoplesoft enterprise peopletools",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "8.53"
},
{
"_id": null,
"model": "enterprise linux server",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"_id": null,
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.18"
},
{
"_id": null,
"model": "junos 12.1x44-d33",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "power hmc",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.8.0.0"
},
{
"_id": null,
"model": "security network intrusion prevention system gx5008",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.5"
},
{
"_id": null,
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1.6"
},
{
"_id": null,
"model": "operations agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "11.11"
},
{
"_id": null,
"model": "security network intrusion prevention system gx5108",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.4"
},
{
"_id": null,
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.2"
},
{
"_id": null,
"model": "sonas",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.5.2.0"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70007.5"
},
{
"_id": null,
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0"
},
{
"_id": null,
"model": "project openssl 1.0.0g",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.7"
},
{
"_id": null,
"model": "worklight foundation enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.20"
},
{
"_id": null,
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.12"
},
{
"_id": null,
"model": "aura communication manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "rational insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.1"
},
{
"_id": null,
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.17"
},
{
"_id": null,
"model": "security network intrusion prevention system gx7412",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6"
},
{
"_id": null,
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.7"
},
{
"_id": null,
"model": "imc products",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"_id": null,
"model": "open source siem",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.1.2"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v37001.1"
},
{
"_id": null,
"model": "version control agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2"
},
{
"_id": null,
"model": "security network intrusion prevention system gv200",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3"
},
{
"_id": null,
"model": "junos 12.1x44-d50",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.5.4"
},
{
"_id": null,
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.2"
},
{
"_id": null,
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3.1"
},
{
"_id": null,
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.15"
},
{
"_id": null,
"model": "aura experience portal",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.0"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v37007.2"
},
{
"_id": null,
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.1"
},
{
"_id": null,
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.4"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v50001.1"
},
{
"_id": null,
"model": "meeting exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.0.0.52"
},
{
"_id": null,
"model": "tivoli common reporting",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1.1.2"
},
{
"_id": null,
"model": "ip office application server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "8.0"
},
{
"_id": null,
"model": "project openssl 1.0.1i",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "sdk for node.js for bluemix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0.10.38"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.12"
},
{
"_id": null,
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1"
},
{
"_id": null,
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2"
},
{
"_id": null,
"model": "project openssl 1.0.0h",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "project openssl 1.0.1n",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.6"
},
{
"_id": null,
"model": "storwize unified",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70001.5.0.0"
},
{
"_id": null,
"model": "mysql server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.20"
},
{
"_id": null,
"model": "security network intrusion prevention system gx5008",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6"
},
{
"_id": null,
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.2"
},
{
"_id": null,
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.211"
},
{
"_id": null,
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.5.0"
},
{
"_id": null,
"model": "qradar siem mr2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1"
},
{
"_id": null,
"model": "security appscan enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0.2"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v35007.3"
},
{
"_id": null,
"model": "security network intrusion prevention system gx3002",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.4"
},
{
"_id": null,
"model": "version control agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.1"
},
{
"_id": null,
"model": "junos 15.1r2",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "cognos metrics manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.1"
},
{
"_id": null,
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.3"
},
{
"_id": null,
"model": "security network controller 1.0.3350m",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "project openssl 0.9.8y",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "sparc enterprise m4000 xcp",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1118"
},
{
"_id": null,
"model": "sterling connect:enterprise for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.4.4.0"
},
{
"_id": null,
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.3.12"
},
{
"_id": null,
"model": "message networking",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2.0"
},
{
"_id": null,
"model": "storwize unified",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70001.5.1.0"
},
{
"_id": null,
"model": "abyp-2t-1s-1l-p",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"_id": null,
"model": "matrix operating environment",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.2"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "3.0.68"
},
{
"_id": null,
"model": "system networking rackswitch g8052",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.11.4.0"
},
{
"_id": null,
"model": "fortimail",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "4.3.10"
},
{
"_id": null,
"model": "abyp-10g-2sr-2lr-1-p-m",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v35007.4"
},
{
"_id": null,
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.1"
},
{
"_id": null,
"model": "initiate master data service",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.1"
},
{
"_id": null,
"model": "security network intrusion prevention system gx5008-v2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.5"
},
{
"_id": null,
"model": "sterling b2b integrator",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.4.2"
},
{
"_id": null,
"model": "security network intrusion prevention system gx5108",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3"
},
{
"_id": null,
"model": "tealeaf customer experience",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0"
},
{
"_id": null,
"model": "sterling b2b integrator",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.5.0"
},
{
"_id": null,
"model": "linux ia-64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "security proventia network enterprise scanner",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.3"
},
{
"_id": null,
"model": "security access manager for web appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0"
},
{
"_id": null,
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.0.1"
},
{
"_id": null,
"model": "tivoli common reporting",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1.0.2"
},
{
"_id": null,
"model": "smartcloud entry fix pack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.2.08"
},
{
"_id": null,
"model": "worklight consumer edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.0.0"
},
{
"_id": null,
"model": "security network intrusion prevention system gx7412-05",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.2"
},
{
"_id": null,
"model": "sterling b2b integrator",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.4"
},
{
"_id": null,
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3.3"
},
{
"_id": null,
"model": "system networking rackswitch g8052",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.9.15.0"
},
{
"_id": null,
"model": "meeting exchange sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"_id": null,
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.17"
},
{
"_id": null,
"model": "exalogic infrastructure eecs",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "2.0.6.2.3"
},
{
"_id": null,
"model": "version control agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.1"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v50007.5"
},
{
"_id": null,
"model": "security privileged identity manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.1.1"
},
{
"_id": null,
"model": "infosphere master data management provider hub",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.0"
},
{
"_id": null,
"model": "initiate master data service",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.7"
},
{
"_id": null,
"model": "abyp-10g-4lr-1-p",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"_id": null,
"model": "security network intrusion prevention system gx4002",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.5"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v35007.4.0.5"
},
{
"_id": null,
"model": "security network intrusion prevention system gx7412-10",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.4"
},
{
"_id": null,
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.02"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v50007.2"
},
{
"_id": null,
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.3"
},
{
"_id": null,
"model": "linux x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "14.1"
},
{
"_id": null,
"model": "aura presence services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.2"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v37007.5.0.2"
},
{
"_id": null,
"model": "junos 12.1x46-d10",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "qradar siem patch",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.34"
},
{
"_id": null,
"model": "sparc enterprise m9000 xcp",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1117"
},
{
"_id": null,
"model": "predictiveinsight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.6"
},
{
"_id": null,
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.5"
},
{
"_id": null,
"model": "cloud manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1.0.1"
},
{
"_id": null,
"model": "security network intrusion prevention system gx5108-v2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3"
},
{
"_id": null,
"model": "project openssl 1.0.1f",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.4.1"
},
{
"_id": null,
"model": "worklight enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.0.0"
},
{
"_id": null,
"model": "fortiweb",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.3.3"
},
{
"_id": null,
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2"
},
{
"_id": null,
"model": "system networking rackswitch g8124-e",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.11.4.0"
},
{
"_id": null,
"model": "meeting exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.0"
},
{
"_id": null,
"model": "mysql server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.25"
},
{
"_id": null,
"model": "messagesight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.2"
},
{
"_id": null,
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "security network intrusion prevention system gx7412-05",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.5"
},
{
"_id": null,
"model": "comware products",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "70"
},
{
"_id": null,
"model": "project openssl 1.0.0o",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "rational software architect",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.1"
},
{
"_id": null,
"model": "security network intrusion prevention system gx5008-v2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6"
},
{
"_id": null,
"model": "security network intrusion prevention system gx3002",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3"
},
{
"_id": null,
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.5"
},
{
"_id": null,
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.3"
},
{
"_id": null,
"model": "fortianalyzer",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.0.9"
},
{
"_id": null,
"model": "one-x client enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "flashsystem 9840-ae2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "840"
},
{
"_id": null,
"model": "security network controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.3387"
},
{
"_id": null,
"model": "abyp-10g-4sr-1-p-m",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"_id": null,
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.5.0"
},
{
"_id": null,
"model": "enterprise session border controller ecz7.3m2p2",
"scope": null,
"trust": 0.3,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.03"
},
{
"_id": null,
"model": "ds8870 r7.5",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.1"
},
{
"_id": null,
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.3"
},
{
"_id": null,
"model": "sdk for node.js for bluemix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0.12.4"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v50007.4.0.5"
},
{
"_id": null,
"model": "infosphere master data management standard/advanced edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "11.0"
},
{
"_id": null,
"model": "security network intrusion prevention system gx4002",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6"
},
{
"_id": null,
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.213"
},
{
"_id": null,
"model": "qradar siem mr2 patch",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.18"
},
{
"_id": null,
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2.3"
},
{
"_id": null,
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3.2"
},
{
"_id": null,
"model": "secure backup",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.4.0.4.0"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "14.0"
},
{
"_id": null,
"model": "open source siem",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.3.1"
},
{
"_id": null,
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.1"
},
{
"_id": null,
"model": "fortivoice enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "3.0.6"
},
{
"_id": null,
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.4.7"
},
{
"_id": null,
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.5.1"
},
{
"_id": null,
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.28"
},
{
"_id": null,
"model": "san volume controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.4.19"
},
{
"_id": null,
"model": "iq",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.1.1"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v35007.2.0.5"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v35006.1"
},
{
"_id": null,
"model": "junos 12.1x44-d25",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.3.9.3"
},
{
"_id": null,
"model": "junos 12.1x46-d55",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "security network intrusion prevention system gx7412-10",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3"
},
{
"_id": null,
"model": "system networking rackswitch g8124",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.11.5.0"
},
{
"_id": null,
"model": "security network intrusion prevention system gx7412-05",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6"
},
{
"_id": null,
"model": "ip office application server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "9.01"
},
{
"_id": null,
"model": "fortisandbox",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "2.0"
},
{
"_id": null,
"model": "icewall sso dfw",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "10.0"
},
{
"_id": null,
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.7"
},
{
"_id": null,
"model": "san volume controller",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.4.0.6"
},
{
"_id": null,
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.9"
},
{
"_id": null,
"model": "junos 13.2x51-d20",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.3"
},
{
"_id": null,
"model": "infosphere master data management standard/advanced edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "11.3"
},
{
"_id": null,
"model": "cloud manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1.0.3"
},
{
"_id": null,
"model": "enterprise content management system monitor",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1"
},
{
"_id": null,
"model": "datapower gateways",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.0.1"
},
{
"_id": null,
"model": "project openssl 1.0.0c",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.1.3"
},
{
"_id": null,
"model": "open source siem",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "3.1"
},
{
"_id": null,
"model": "storwize",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "v70007.3.0.12"
},
{
"_id": null,
"model": "project openssl 1.0.0s",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "security network intrusion prevention system gx5108",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.1"
},
{
"_id": null,
"model": "ip office application server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "9.02"
},
{
"_id": null,
"model": "junos 12.1x47-d45",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "version control agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.4"
},
{
"_id": null,
"model": "security network intrusion prevention system gx7412",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.4"
},
{
"_id": null,
"model": "sparc enterprise m5000 xcp",
"scope": "ne",
"trust": 0.3,
"vendor": "oracle",
"version": "1121"
},
{
"_id": null,
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.4"
},
{
"_id": null,
"model": "aura presence services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "version control agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.5"
},
{
"_id": null,
"model": "aura experience portal sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70006.2"
},
{
"_id": null,
"model": "screenos 6.3.0r13",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "version control agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.2"
},
{
"_id": null,
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1"
},
{
"_id": null,
"model": "initiate master data service provider hub",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.7"
},
{
"_id": null,
"model": "aura presence services sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"_id": null,
"model": "security network intrusion prevention system gx5208",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.4"
},
{
"_id": null,
"model": "fortiddos",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "4.1.5"
},
{
"_id": null,
"model": "linux enterprise server sp4 ltss",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"_id": null,
"model": "security network intrusion prevention system gx4004-v2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.4"
},
{
"_id": null,
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.0.5"
},
{
"_id": null,
"model": "secure backup",
"scope": "ne",
"trust": 0.3,
"vendor": "oracle",
"version": "12.1.0.3"
},
{
"_id": null,
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.3.13"
},
{
"_id": null,
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.2"
},
{
"_id": null,
"model": "version control repository manager",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "7.5.0"
},
{
"_id": null,
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.3"
},
{
"_id": null,
"model": "linux s/390",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "project openssl 0.9.8zf",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "aura experience portal",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v50007.4"
},
{
"_id": null,
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.7"
},
{
"_id": null,
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2.2"
},
{
"_id": null,
"model": "abyp-0t-0s-4l-p",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"_id": null,
"model": "qradar incident forensics mr3",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2"
},
{
"_id": null,
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.14"
},
{
"_id": null,
"model": "flashsystem 9840-ae1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "840"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.3.0"
},
{
"_id": null,
"model": "system networking rackswitch g8316",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.9.15.0"
},
{
"_id": null,
"model": "unified security management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "5.0"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70007.1.0.6"
},
{
"_id": null,
"model": "aura application server sip core pb5",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "53003.0"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.2"
},
{
"_id": null,
"model": "websphere mq for hp nonstop",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v50007.5.0.2"
},
{
"_id": null,
"model": "secure backup",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.3.0.3"
},
{
"_id": null,
"model": "security network intrusion prevention system gx3002",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.1"
},
{
"_id": null,
"model": "secure backup",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.0.2"
},
{
"_id": null,
"model": "worklight consumer edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.0.1"
},
{
"_id": null,
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.18"
},
{
"_id": null,
"model": "security network intrusion prevention system gx5208-v2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3"
},
{
"_id": null,
"model": "enterprise linux server",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7"
},
{
"_id": null,
"model": "storwize unified",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70001.5.1.3"
},
{
"_id": null,
"model": "project openssl 0.9.8zc",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2.4"
},
{
"_id": null,
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "12.1x47"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.5"
},
{
"_id": null,
"model": "infosphere guardium for applications",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.0"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v50007.1"
},
{
"_id": null,
"model": "open source siem",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.0"
},
{
"_id": null,
"model": "server migration pack",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.5"
},
{
"_id": null,
"model": "cloud manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3"
},
{
"_id": null,
"model": "security network intrusion prevention system gx6116",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.4"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v37007.3"
},
{
"_id": null,
"model": "one-x client enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.1"
},
{
"_id": null,
"model": "rational application developer for websphere software",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.0.1"
},
{
"_id": null,
"model": "worklight foundation consumer edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.2.0.1"
},
{
"_id": null,
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.0.2"
},
{
"_id": null,
"model": "tealeaf customer experience",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0.2"
},
{
"_id": null,
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"_id": null,
"model": "sparc enterprise m4000 xcp",
"scope": "ne",
"trust": 0.3,
"vendor": "oracle",
"version": "1121"
},
{
"_id": null,
"model": "san volume controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.3"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v35001.1"
},
{
"_id": null,
"model": "security network intrusion prevention system gx7412",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3"
},
{
"_id": null,
"model": "security network intrusion prevention system gx4004",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.2"
},
{
"_id": null,
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.6"
},
{
"_id": null,
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1.7"
},
{
"_id": null,
"model": "worklight enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.0.1"
},
{
"_id": null,
"model": "secure backup",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.3.0.1.0"
},
{
"_id": null,
"model": "system networking rackswitch g8124",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.11.4.0"
},
{
"_id": null,
"model": "flashsystem 9846-ac1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v840"
},
{
"_id": null,
"model": "qradar siem",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.3"
},
{
"_id": null,
"model": "fsso build",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "235"
},
{
"_id": null,
"model": "sterling b2b integrator",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2"
},
{
"_id": null,
"model": "one-x client enablement services sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"_id": null,
"model": "enterprise linux hpc node",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"_id": null,
"model": "project openssl 0.9.8s",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "aura communication manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.1"
},
{
"_id": null,
"model": "i",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2"
},
{
"_id": null,
"model": "security network intrusion prevention system gx5208",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3"
},
{
"_id": null,
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2"
},
{
"_id": null,
"model": "security network intrusion prevention system gx7412-10",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.1"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v37006.3"
},
{
"_id": null,
"model": "communication server 1000e signaling server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.5"
},
{
"_id": null,
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.5"
},
{
"_id": null,
"model": "tivoli common reporting",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1.2"
},
{
"_id": null,
"model": "security network controller 1.0.3376m",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "operations agent",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "12.01"
},
{
"_id": null,
"model": "matrix operating environment",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "7.5.1"
},
{
"_id": null,
"model": "predictiveinsight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.2"
},
{
"_id": null,
"model": "junos 13.2x51-d25",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "iq",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5"
},
{
"_id": null,
"model": "sparc enterprise m8000 xcp",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1118"
},
{
"_id": null,
"model": "mobilefirst platform foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.0"
},
{
"_id": null,
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.14"
},
{
"_id": null,
"model": "security network intrusion prevention system gx5008",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.4"
},
{
"_id": null,
"model": "storwize",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "v50007.4.0.6"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v50007.1.0.6"
},
{
"_id": null,
"model": "san volume controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.1"
},
{
"_id": null,
"model": "junos 12.1x46-d15",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.2"
},
{
"_id": null,
"model": "junos 12.1x44-d32",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "project openssl 1.0.1l",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v37007.5"
},
{
"_id": null,
"model": "initiate master data service",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.1"
},
{
"_id": null,
"model": "security network intrusion prevention system gx4004",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.5"
},
{
"_id": null,
"model": "systems insight manager",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "7.5.0"
},
{
"_id": null,
"model": "sparc enterprise m3000 xcp",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1118"
},
{
"_id": null,
"model": "junos 12.3r10",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "smartcloud entry fix pack",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "3.214"
},
{
"_id": null,
"model": "project openssl 1.0.1h",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "communication server 1000m",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.0"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v50007.2.0.5"
},
{
"_id": null,
"model": "power hmc",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.3.0.0"
},
{
"_id": null,
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.2.0.2"
},
{
"_id": null,
"model": "infosphere guardium",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.2"
},
{
"_id": null,
"model": "smartcloud entry fix pack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.211"
},
{
"_id": null,
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.2"
},
{
"_id": null,
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.0.2"
},
{
"_id": null,
"model": "hp-ux b.11.22",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "mysql server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6"
},
{
"_id": null,
"model": "insight orchestration",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.2"
},
{
"_id": null,
"model": "websphere mq",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.3"
},
{
"_id": null,
"model": "insight control",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3"
},
{
"_id": null,
"model": "insight orchestration",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "7.5.0"
},
{
"_id": null,
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"_id": null,
"model": "junos 14.1r3",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "version control agent",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "7.5.0"
},
{
"_id": null,
"model": "storwize",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "v37007.3.0.12"
},
{
"_id": null,
"model": "storwize",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "v70007.4.0.6"
},
{
"_id": null,
"model": "open source siem",
"scope": "ne",
"trust": 0.3,
"vendor": "alienvault",
"version": "5.0.4"
},
{
"_id": null,
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2.1"
},
{
"_id": null,
"model": "worklight foundation consumer edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.20"
},
{
"_id": null,
"model": "junos 13.3r5",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "abyp-4tl-p",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"_id": null,
"model": "cms r16.3",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.2"
},
{
"_id": null,
"model": "security network controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.1209"
},
{
"_id": null,
"model": "project openssl k",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"_id": null,
"model": "netinsight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.6.0"
},
{
"_id": null,
"model": "datapower gateways",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.6"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70007.5.0.2"
},
{
"_id": null,
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.8"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v37006.4.19"
},
{
"_id": null,
"model": "security network controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.3361"
},
{
"_id": null,
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0"
},
{
"_id": null,
"model": "operations agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "12.0"
},
{
"_id": null,
"model": "initiate master data service",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.2"
},
{
"_id": null,
"model": "workflow for bluemix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"_id": null,
"model": "filenet system monitor",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.5"
},
{
"_id": null,
"model": "junos 12.1x44-d34",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "matrix operating environment",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3"
},
{
"_id": null,
"model": "sterling connect:direct for hp nonstop",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.5.1"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "3.0.2.77"
},
{
"_id": null,
"model": "junos 14.1r4",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.2.27"
},
{
"_id": null,
"model": "san volume controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.4.1.8"
},
{
"_id": null,
"model": "linux enterprise server sp2 ltss",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"_id": null,
"model": "command center appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "0"
},
{
"_id": null,
"model": "security network intrusion prevention system gx4004",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6"
},
{
"_id": null,
"model": "workload deployer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1"
},
{
"_id": null,
"model": "security network intrusion prevention system gv1000",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6"
},
{
"_id": null,
"model": "aura communication manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"_id": null,
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.3.0.3"
},
{
"_id": null,
"model": "netscaler gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "0"
},
{
"_id": null,
"model": "secure backup",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.33"
},
{
"_id": null,
"model": "aura messaging",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "security network intrusion prevention system gx5008-v2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3"
},
{
"_id": null,
"model": "san volume controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.0.5"
},
{
"_id": null,
"model": "enterprise content management system monitor fix pack",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.02"
},
{
"_id": null,
"model": "sterling connect:enterprise for unix ifix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.4.4.03"
},
{
"_id": null,
"model": "i v5r4",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70006.4"
},
{
"_id": null,
"model": "project openssl 0.9.8n",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "abyp-2t-1s-1l-p-m",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"_id": null,
"model": "icewall sso agent option",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "10"
},
{
"_id": null,
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v50007.2.0.3"
},
{
"_id": null,
"model": "security network intrusion prevention system gv200",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.4"
},
{
"_id": null,
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.1"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v37007.2.0.3"
},
{
"_id": null,
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.1"
},
{
"_id": null,
"model": "junos 14.2r1",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v35006.4.1.8"
},
{
"_id": null,
"model": "system networking rackswitch g8264t",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.9.14.0"
},
{
"_id": null,
"model": "security network intrusion prevention system gx7412",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.1"
},
{
"_id": null,
"model": "aura messaging",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3"
},
{
"_id": null,
"model": "junos 14.1r2",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.213"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v50006.4"
},
{
"_id": null,
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.6"
},
{
"_id": null,
"model": "security network intrusion prevention system gx4004-v2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.2"
},
{
"_id": null,
"model": "i v5r3",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "project openssl 1.0.2b",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "system networking rackswitch g8052",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.11.5.0"
},
{
"_id": null,
"model": "one-x client enablement services sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"_id": null,
"model": "screenos 6.3.0r19",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "open source siem",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.8.0"
},
{
"_id": null,
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.1"
},
{
"_id": null,
"model": "security network intrusion prevention system gx5208",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.1"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.0"
},
{
"_id": null,
"model": "system management homepage",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "7.5"
},
{
"_id": null,
"model": "security network intrusion prevention system gx4002",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3"
},
{
"_id": null,
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.01"
},
{
"_id": null,
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.0.14"
},
{
"_id": null,
"model": "abyp-2t-2s-0l-p",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"_id": null,
"model": "san volume controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.7"
},
{
"_id": null,
"model": "junos 12.1x46-d20",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "cognos insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2"
},
{
"_id": null,
"model": "rational insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.1.4"
},
{
"_id": null,
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.4"
},
{
"_id": null,
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2.2"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v50007.2.0.8"
},
{
"_id": null,
"model": "abyp-0t-4s-0l-p",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v37007.4"
},
{
"_id": null,
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7"
},
{
"_id": null,
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.2"
},
{
"_id": null,
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.15"
},
{
"_id": null,
"model": "smartcloud entry fix pack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.213"
},
{
"_id": null,
"model": "systems insight manager",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "7.5.1"
},
{
"_id": null,
"model": "aura session manager sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"_id": null,
"model": "rational application developer for websphere software",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.1"
},
{
"_id": null,
"model": "iq",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"_id": null,
"model": "websphere mq",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.1"
},
{
"_id": null,
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.1"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v37007.1.0.6"
},
{
"_id": null,
"model": "hp-ux b.11.11.16.09",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1.1"
},
{
"_id": null,
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.5"
},
{
"_id": null,
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.4"
},
{
"_id": null,
"model": "ip office server edition",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "9.0"
},
{
"_id": null,
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.07"
},
{
"_id": null,
"model": "predictiveinsight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0"
},
{
"_id": null,
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.38"
},
{
"_id": null,
"model": "security network intrusion prevention system gx6116",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.2"
},
{
"_id": null,
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.12"
},
{
"_id": null,
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "system networking rackswitch g8124-e",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.11.5.0"
},
{
"_id": null,
"model": "qradar siem patch",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.41"
},
{
"_id": null,
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.5"
},
{
"_id": null,
"model": "aura utility services sp7",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3"
},
{
"_id": null,
"model": "security network intrusion prevention system gx6116",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.1"
},
{
"_id": null,
"model": "insight control",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.4"
},
{
"_id": null,
"model": "meeting exchange sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"_id": null,
"model": "storwize",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "v50007.3.0.12"
},
{
"_id": null,
"model": "one-x client enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.2"
},
{
"_id": null,
"model": "open source siem",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.3.3"
},
{
"_id": null,
"model": "rational software architect for websphere software",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.2"
},
{
"_id": null,
"model": "fortirecorder",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "2.0.1"
},
{
"_id": null,
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0.2"
},
{
"_id": null,
"model": "security network intrusion prevention system gx7800",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6"
},
{
"_id": null,
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3"
},
{
"_id": null,
"model": "linux mips",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "infosphere guardium",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0"
},
{
"_id": null,
"model": "flashsystem 9848-ac1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v840"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "14.1"
},
{
"_id": null,
"model": "open source siem",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.6.1"
},
{
"_id": null,
"model": "abyp-2t-0s-2l-p",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"_id": null,
"model": "primavera p6 enterprise project portfolio management",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "15.2"
},
{
"_id": null,
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.16"
},
{
"_id": null,
"model": "security network intrusion prevention system gx5108-v2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.4"
},
{
"_id": null,
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.14"
},
{
"_id": null,
"model": "rational software architect for websphere software",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1"
},
{
"_id": null,
"model": "version control repository manager 7.4.0a",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "system networking rackswitch g8264t",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.9.15.0"
},
{
"_id": null,
"model": "matrix operating environment",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.4"
},
{
"_id": null,
"model": "tealeaf customer experience",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0"
},
{
"_id": null,
"model": "cognos metrics manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2.1"
},
{
"_id": null,
"model": "system networking rackswitch g8264",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.11.4.0"
},
{
"_id": null,
"model": "one-x client enablement services sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"_id": null,
"model": "flashsystem 9846-ae1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v840"
},
{
"_id": null,
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3"
},
{
"_id": null,
"model": "storwize",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "v37007.4.0.6"
},
{
"_id": null,
"model": "one-x client enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"_id": null,
"model": "communication server 1000m",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.6"
},
{
"_id": null,
"model": "linux x86 64 -current",
"scope": null,
"trust": 0.3,
"vendor": "slackware",
"version": null
},
{
"_id": null,
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.4.3"
},
{
"_id": null,
"model": "meeting exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.1"
},
{
"_id": null,
"model": "junos 12.1x46-d35",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "communication server 1000m signaling server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.6"
},
{
"_id": null,
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.3.8.3"
},
{
"_id": null,
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3.1"
},
{
"_id": null,
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.15"
},
{
"_id": null,
"model": "communication server 1000e",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.6"
},
{
"_id": null,
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.4"
},
{
"_id": null,
"model": "insight control server provisioning",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.4.0"
},
{
"_id": null,
"model": "system networking rackswitch g8264",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.9.15.0"
},
{
"_id": null,
"model": "security network intrusion prevention system gx5008-v2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.1"
},
{
"_id": null,
"model": "project openssl 1.0.0e",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "security privileged identity manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0"
},
{
"_id": null,
"model": "version control agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3"
},
{
"_id": null,
"model": "junos 12.1x47-d11",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"_id": null,
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.35"
},
{
"_id": null,
"model": "websphere mq",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.4"
},
{
"_id": null,
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1.4"
},
{
"_id": null,
"model": "junos d25",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "12.1x46"
},
{
"_id": null,
"model": "junos 12.3r7",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.1"
},
{
"_id": null,
"model": "unified security management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.14"
},
{
"_id": null,
"model": "project openssl 0.9.8zg",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "junos 13.2x51-d40",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"_id": null,
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.4"
},
{
"_id": null,
"model": "project openssl 0.9.8t",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "sparc enterprise m8000 xcp",
"scope": "ne",
"trust": 0.3,
"vendor": "oracle",
"version": "1121"
},
{
"_id": null,
"model": "abyp-0t-4s-0l-p-m",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"_id": null,
"model": "aura messaging",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.1"
},
{
"_id": null,
"model": "qradar siem mr3",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2"
},
{
"_id": null,
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.8"
},
{
"_id": null,
"model": "power hmc",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.2.0.0"
},
{
"_id": null,
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1.7"
},
{
"_id": null,
"model": "security network intrusion prevention system gx4002",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.1"
},
{
"_id": null,
"model": "san volume controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.5"
},
{
"_id": null,
"model": "transportation management",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.1"
},
{
"_id": null,
"model": "insight orchestration",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.1"
},
{
"_id": null,
"model": "cloud manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v35006.4"
},
{
"_id": null,
"model": "sonas",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.5.1.3"
},
{
"_id": null,
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2.1"
},
{
"_id": null,
"model": "aura experience portal",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.2"
},
{
"_id": null,
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.210"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.10.4"
},
{
"_id": null,
"model": "enterprise content management system monitor",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2"
},
{
"_id": null,
"model": "linux lts",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "14.04"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.4"
},
{
"_id": null,
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.0.13"
},
{
"_id": null,
"model": "project openssl 1.0.1m",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "fortimanager",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.0.9"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v35007.3.0.5"
},
{
"_id": null,
"model": "tivoli common reporting",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1"
},
{
"_id": null,
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.16"
},
{
"_id": null,
"model": "aura system manager sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3.3"
},
{
"_id": null,
"model": "hp-ux b.11.00",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "security network intrusion prevention system gv1000",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.4"
},
{
"_id": null,
"model": "hp-ux b.11.31",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "linux x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "14.0"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v35007.2.0.3"
},
{
"_id": null,
"model": "aura session manager sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v50007.1.0.7"
},
{
"_id": null,
"model": "aura presence services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"_id": null,
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.1"
},
{
"_id": null,
"model": "open source siem",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "5.0.3"
},
{
"_id": null,
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3.10"
},
{
"_id": null,
"model": "linux x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "13.1"
},
{
"_id": null,
"model": "security network intrusion prevention system gv200",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.2"
},
{
"_id": null,
"model": "aura session manager sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"_id": null,
"model": "storwize unified",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70001.5.2.1"
},
{
"_id": null,
"model": "linux x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "13.0"
},
{
"_id": null,
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.3"
},
{
"_id": null,
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1"
},
{
"_id": null,
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.1"
},
{
"_id": null,
"model": "open source siem",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.3.2"
},
{
"_id": null,
"model": "security network intrusion prevention system gv200",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.1"
},
{
"_id": null,
"model": "abyp-10g-2sr-2lr-1-p",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"_id": null,
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.1.5"
},
{
"_id": null,
"model": "power hmc",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.1.0.0"
},
{
"_id": null,
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.13"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.0"
},
{
"_id": null,
"model": "insight control server provisioning",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.4.1"
},
{
"_id": null,
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.1"
},
{
"_id": null,
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.8"
},
{
"_id": null,
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "project openssl 1.0.0r",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.2.0"
},
{
"_id": null,
"model": "aura conferencing sp7",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.2"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v37006.4"
},
{
"_id": null,
"model": "security network controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.3376"
},
{
"_id": null,
"model": "secure backup",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.3.0.2"
},
{
"_id": null,
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.11"
},
{
"_id": null,
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.2"
},
{
"_id": null,
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.23"
},
{
"_id": null,
"model": "insight control",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.5"
},
{
"_id": null,
"model": "workload deployer if9",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1.0.7"
},
{
"_id": null,
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.2"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.9.5"
},
{
"_id": null,
"model": "aura utility services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3"
},
{
"_id": null,
"model": "smartcloud entry fix pack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.2.010"
},
{
"_id": null,
"model": "aura system manager sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"_id": null,
"model": "open source siem",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.0.2"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "13.1"
},
{
"_id": null,
"model": "junos 12.3r9",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.4"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70007.2.0.5"
},
{
"_id": null,
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "4.2"
},
{
"_id": null,
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.12"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "13.0"
},
{
"_id": null,
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.212"
},
{
"_id": null,
"model": "cognos insight standard edition fp if",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2.124"
},
{
"_id": null,
"model": "open source siem",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.6.0"
},
{
"_id": null,
"model": "sparc enterprise m4000 xcp",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1117"
},
{
"_id": null,
"model": "security network intrusion prevention system gx5208-v2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.4"
},
{
"_id": null,
"model": "aura utility services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3"
},
{
"_id": null,
"model": "junos 12.1x44-d26",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "hp-ux b.11.11.14.15",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.11"
},
{
"_id": null,
"model": "open source siem",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.1"
},
{
"_id": null,
"model": "fortiap",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.0.8"
},
{
"_id": null,
"model": "tivoli composite application manager for transactions",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.3.0"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.8.5"
},
{
"_id": null,
"model": "system networking rackswitch g8332",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.7.20.0"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v35006.3"
},
{
"_id": null,
"model": "fortiadc",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "4.2"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v35007.1.0.7"
},
{
"_id": null,
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.12"
},
{
"_id": null,
"model": "security network intrusion prevention system gx5108",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.2"
},
{
"_id": null,
"model": "storwize",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "v70007.5.0.3"
},
{
"_id": null,
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.1"
},
{
"_id": null,
"model": "security network intrusion prevention system gx4004",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3"
},
{
"_id": null,
"model": "security network intrusion prevention system gv1000",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3"
},
{
"_id": null,
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.0.12"
},
{
"_id": null,
"model": "endpoint manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.2"
},
{
"_id": null,
"model": "bladesystem c-class virtual connect",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "4.21"
},
{
"_id": null,
"model": "tivoli common reporting",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1.1"
},
{
"_id": null,
"model": "unified security management",
"scope": "ne",
"trust": 0.3,
"vendor": "alienvault",
"version": "5.0.4"
},
{
"_id": null,
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.0.15"
},
{
"_id": null,
"model": "linux ia-32",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "netscaler service delivery appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "0"
},
{
"_id": null,
"model": "cognos insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2.2"
},
{
"_id": null,
"model": "mysql server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.22"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "3.2.7"
},
{
"_id": null,
"model": "junos 12.1x46-d36",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "security access manager for mobile",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0"
},
{
"_id": null,
"model": "hp-ux b.11.11.15.13",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "san volume controller",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.0.3"
},
{
"_id": null,
"model": "qradar incident forensics patch",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.41"
},
{
"_id": null,
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.2"
},
{
"_id": null,
"model": "storwize",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "v50007.5.0.3"
},
{
"_id": null,
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1"
},
{
"_id": null,
"model": "session border controller for enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3.0"
},
{
"_id": null,
"model": "communication server 1000e signaling server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.0"
},
{
"_id": null,
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.3"
},
{
"_id": null,
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.7"
},
{
"_id": null,
"model": "junos 12.1x47-d15",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "security network intrusion prevention system gx7800",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.4"
},
{
"_id": null,
"model": "storwize",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "v35007.5.0.3"
},
{
"_id": null,
"model": "security identity manager virtual appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0"
},
{
"_id": null,
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3.4"
},
{
"_id": null,
"model": "project openssl 1.0.0q",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "project openssl 0.9.8u",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "sterling b2b integrator",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.1"
},
{
"_id": null,
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.3.14"
},
{
"_id": null,
"model": "security network intrusion prevention system gx5108-v2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.2"
},
{
"_id": null,
"model": "security access manager for web appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.2.6"
},
{
"_id": null,
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.0"
},
{
"_id": null,
"model": "open source siem",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.15"
},
{
"_id": null,
"model": "security network intrusion prevention system gx5108",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.5"
},
{
"_id": null,
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.12"
},
{
"_id": null,
"model": "san volume controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.4.1.3"
},
{
"_id": null,
"model": "project openssl 1.0.0d",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "project openssl 1.0.1e",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.4"
},
{
"_id": null,
"model": "security network intrusion prevention system gx5108-v2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.1"
},
{
"_id": null,
"model": "one-x client enablement services sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"_id": null,
"model": "open source siem",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "5.0.1"
},
{
"_id": null,
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.15"
},
{
"_id": null,
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.24"
},
{
"_id": null,
"model": "security network intrusion prevention system gx3002",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.2"
},
{
"_id": null,
"model": "security network intrusion prevention system gx5008",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.4"
},
{
"_id": null,
"model": "storwize unified",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "v70001.5.2.2"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.5"
},
{
"_id": null,
"model": "insight control server provisioning",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "7.5.1"
},
{
"_id": null,
"model": "hp-ux b.11.04",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "junos 12.1x44-d51",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1.1"
},
{
"_id": null,
"model": "one-x client enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"_id": null,
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "smartcloud provisioning",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1"
},
{
"_id": null,
"model": "message networking",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "enterprise linux server eus 6.6.z",
"scope": null,
"trust": 0.3,
"vendor": "redhat",
"version": null
},
{
"_id": null,
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.8"
},
{
"_id": null,
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.0"
},
{
"_id": null,
"model": "qradar incident forensics mr2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2"
},
{
"_id": null,
"model": "project openssl 0.9.8m",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "project openssl j",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"_id": null,
"model": "sterling connect:enterprise for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.5.0.0"
},
{
"_id": null,
"model": "message networking",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3"
},
{
"_id": null,
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.6"
},
{
"_id": null,
"model": "meeting exchange sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.0"
},
{
"_id": null,
"model": "storwize unified",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70001.5.0.2"
},
{
"_id": null,
"model": "initiate master data service patient hub",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.7"
},
{
"_id": null,
"model": "meeting exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"_id": null,
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.2"
},
{
"_id": null,
"model": "fortios",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.2.0"
},
{
"_id": null,
"model": "security network intrusion prevention system gx3002",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.5"
},
{
"_id": null,
"model": "junos 12.3x48-d20",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "infosphere master data management patient hub",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.0"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.10"
},
{
"_id": null,
"model": "security network intrusion prevention system gx5108",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6"
},
{
"_id": null,
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "14.10"
},
{
"_id": null,
"model": "junos d30",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "12.1x44"
},
{
"_id": null,
"model": "security network intrusion prevention system gx7800",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3"
},
{
"_id": null,
"model": "security network intrusion prevention system gx7412-10",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.2"
},
{
"_id": null,
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.0.7"
},
{
"_id": null,
"model": "sdk for node.js",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "1.2.0.3"
},
{
"_id": null,
"model": "aura communication manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.0"
},
{
"_id": null,
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.16"
},
{
"_id": null,
"model": "san volume controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.0.3"
},
{
"_id": null,
"model": "initiate master data service",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.5"
},
{
"_id": null,
"model": "cognos metrics manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2"
},
{
"_id": null,
"model": "operations agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "11.03"
},
{
"_id": null,
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.1"
},
{
"_id": null,
"model": "sonas",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.5.2.1"
},
{
"_id": null,
"model": "rational policy tester",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5"
},
{
"_id": null,
"model": "qradar siem mr2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2"
},
{
"_id": null,
"model": "netscaler application delivery controller",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "0"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v35007.1"
},
{
"_id": null,
"model": "version control agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.3"
},
{
"_id": null,
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.1.4"
},
{
"_id": null,
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.3.9"
},
{
"_id": null,
"model": "bladesystem c-class virtual connect",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "4.30"
},
{
"_id": null,
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.0.3"
},
{
"_id": null,
"model": "aura messaging",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"_id": null,
"model": "junos 12.3r6",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "security network intrusion prevention system gv1000",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.1"
},
{
"_id": null,
"model": "endpoint manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.2"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.2"
},
{
"_id": null,
"model": "aura conferencing sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "8.0"
},
{
"_id": null,
"model": "insight control",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.2.9.1"
},
{
"_id": null,
"model": "system networking rackswitch g8264cs",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.8.11.0"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v37006.1"
},
{
"_id": null,
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0"
},
{
"_id": null,
"model": "security network intrusion prevention system gx5008-v2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.4"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.10.3"
},
{
"_id": null,
"model": "security network controller 1.0.3387m",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1.4"
},
{
"_id": null,
"model": "junos d40",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "12.1x44"
},
{
"_id": null,
"model": "enterprise linux workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"_id": null,
"model": "junos 15.1r1",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "security network controller 1.0.3379m",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "project openssl 0.9.8za",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "security network intrusion prevention system gx7412-10",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.5"
},
{
"_id": null,
"model": "comware products",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "50"
},
{
"_id": null,
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1.2"
},
{
"_id": null,
"model": "abyp-4ts-p-m",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"_id": null,
"model": "sterling connect:enterprise for unix ifix",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "2.5.0.38"
},
{
"_id": null,
"model": "operations agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "11.14"
},
{
"_id": null,
"model": "project openssl 0.9.8q",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "aura presence services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"_id": null,
"model": "san volume controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.0.8"
},
{
"_id": null,
"model": "screenos 6.3.0r22",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v37007.4.0.5"
},
{
"_id": null,
"model": "endpoint manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0"
},
{
"_id": null,
"model": "transportation management",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.2"
},
{
"_id": null,
"model": "mysql server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.21"
},
{
"_id": null,
"model": "netinsight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.6.0.14"
},
{
"_id": null,
"model": "cognos insight standard edition fp if",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "10.214"
},
{
"_id": null,
"model": "security network intrusion prevention system gx4002",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.4"
},
{
"_id": null,
"model": "project openssl 1.0.2a",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "datapower gateways",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.0.16"
},
{
"_id": null,
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.2"
},
{
"_id": null,
"model": "rational software architect",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.2"
},
{
"_id": null,
"model": "junos 14.1r6",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "fortios",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "4.3.16"
},
{
"_id": null,
"model": "project openssl 0.9.8g",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "abyp-0t-2s-2l-p",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70007.3.0.10"
},
{
"_id": null,
"model": "cms r17",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"_id": null,
"model": "version control agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.5"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "3.0.1"
},
{
"_id": null,
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.17"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.10.2"
},
{
"_id": null,
"model": "project openssl 0.9.8ze",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.15"
},
{
"_id": null,
"model": "san volume controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.3"
},
{
"_id": null,
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1.5"
},
{
"_id": null,
"model": "worklight consumer edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.0.2"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70007.2"
},
{
"_id": null,
"model": "i",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1"
},
{
"_id": null,
"model": "security network intrusion prevention system gx5208-v2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.2"
},
{
"_id": null,
"model": "rational insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.1.7"
},
{
"_id": null,
"model": "hp-ux b.11.23.1.007",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "security network intrusion prevention system gx7412-05",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.4"
},
{
"_id": null,
"model": "unified security management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.0"
},
{
"_id": null,
"model": "forticlient windows/mac",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.2.3"
},
{
"_id": null,
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.31"
},
{
"_id": null,
"model": "aura conferencing",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "8.0"
},
{
"_id": null,
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.7"
},
{
"_id": null,
"model": "security network intrusion prevention system gx5208-v2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.1"
},
{
"_id": null,
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"_id": null,
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2"
},
{
"_id": null,
"model": "sterling connect:enterprise for unix ifix",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "2.4.4.04"
},
{
"_id": null,
"model": "communication server 1000e signaling server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.6"
},
{
"_id": null,
"model": "storwize",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "v35007.4.0.6"
},
{
"_id": null,
"model": "security network controller 1.0.3352m",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "security identity governance",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1.1"
},
{
"_id": null,
"model": "aura system manager sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.1.1"
},
{
"_id": null,
"model": "infosphere information server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "11.3"
},
{
"_id": null,
"model": "virtual connect enterprise manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.0"
},
{
"_id": null,
"model": "san volume controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1"
},
{
"_id": null,
"model": "system networking rackswitch g8264",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.11.5.0"
},
{
"_id": null,
"model": "san volume controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.6"
},
{
"_id": null,
"model": "ip office server edition",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "8.1"
},
{
"_id": null,
"model": "datapower gateways",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.1.12"
},
{
"_id": null,
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.13"
},
{
"_id": null,
"model": "infosphere guardium",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.5"
},
{
"_id": null,
"model": "predictiveinsight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.1"
},
{
"_id": null,
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1"
},
{
"_id": null,
"model": "security network intrusion prevention system gx7412",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.2"
},
{
"_id": null,
"model": "power hmc",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.9.0.0"
},
{
"_id": null,
"model": "hp-ux b.11.23",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2"
},
{
"_id": null,
"model": "open source siem",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.7"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5"
},
{
"_id": null,
"model": "hp-ux b.11.11.02.008",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.13"
},
{
"_id": null,
"model": "insight control server provisioning",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.5.0"
},
{
"_id": null,
"model": "security network intrusion prevention system gx5208",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.2"
},
{
"_id": null,
"model": "security network intrusion prevention system gx7800",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.1"
},
{
"_id": null,
"model": "meeting exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"_id": null,
"model": "tivoli common reporting",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1.0.1"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v37007.3.0.5"
},
{
"_id": null,
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.10.1"
},
{
"_id": null,
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8x"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v35006.4.19"
},
{
"_id": null,
"model": "abyp-10g-4sr-1-p",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "11.5.10.2"
},
{
"_id": null,
"model": "cloud manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2.0.1"
},
{
"_id": null,
"model": "initiate master data service provider hub",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.5"
},
{
"_id": null,
"model": "junos 14.2r4",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.4"
},
{
"_id": null,
"model": "rational insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.11"
},
{
"_id": null,
"model": "powerkvm build",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1.157"
},
{
"_id": null,
"model": "cloud manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2"
},
{
"_id": null,
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.1.1"
},
{
"_id": null,
"model": "virtual connect enterprise manager sdk",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "7.5.0"
},
{
"_id": null,
"model": "primavera p6 enterprise project portfolio management",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "16.1"
},
{
"_id": null,
"model": "junos 12.1x47-d20",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "junos d25",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "12.1x44"
},
{
"_id": null,
"model": "security network intrusion prevention system gx5008",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.2"
},
{
"_id": null,
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1.8"
},
{
"_id": null,
"model": "sparc enterprise m8000 xcp",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1117"
},
{
"_id": null,
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.17"
},
{
"_id": null,
"model": "mysql server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.24"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "13.37"
},
{
"_id": null,
"model": "security network intrusion prevention system gx7412",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.5"
},
{
"_id": null,
"model": "vcx products",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"_id": null,
"model": "qradar incident forensics",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.2"
},
{
"_id": null,
"model": "predictiveinsight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.3"
},
{
"_id": null,
"model": "aura application server sip core pb3",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "53003.0"
},
{
"_id": null,
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.3.10"
},
{
"_id": null,
"model": "security network controller 1.0.3381m",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "security network intrusion prevention system gx7412-05",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3"
},
{
"_id": null,
"model": "project openssl 1.0.0f",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "rational developer for i",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1"
},
{
"_id": null,
"model": "linux lts i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "12.04"
},
{
"_id": null,
"model": "project openssl d",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"_id": null,
"model": "flashsystem 9843-ae2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "840"
},
{
"_id": null,
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.0.9"
},
{
"_id": null,
"model": "sparc enterprise m3000 xcp",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1117"
},
{
"_id": null,
"model": "sterling b2b integrator",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.2"
},
{
"_id": null,
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.1"
},
{
"_id": null,
"model": "system networking rackswitch g8264cs",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.8.12.0"
},
{
"_id": null,
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1"
},
{
"_id": null,
"model": "security network intrusion prevention system gx5208",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.5"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v37007.2.0.5"
},
{
"_id": null,
"model": "security network intrusion prevention system gx4004-v2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.5"
},
{
"_id": null,
"model": "project openssl 1.0.0b",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "13.1"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70007.1.0.5"
},
{
"_id": null,
"model": "hp-ux b.11.11.17.02",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.11"
},
{
"_id": null,
"model": "operations agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "11.01"
},
{
"_id": null,
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.2"
},
{
"_id": null,
"model": "sparc enterprise m9000 xcp",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1118"
},
{
"_id": null,
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.1.2"
},
{
"_id": null,
"model": "san volume controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1"
},
{
"_id": null,
"model": "rational insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.1.6"
},
{
"_id": null,
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.1.1"
},
{
"_id": null,
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.6"
},
{
"_id": null,
"model": "aura system manager sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"_id": null,
"model": "rational insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.1.5"
},
{
"_id": null,
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.03"
},
{
"_id": null,
"model": "forticlient ios",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.2.1"
},
{
"_id": null,
"model": "storwize",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "v37007.5.0.3"
},
{
"_id": null,
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.41"
},
{
"_id": null,
"model": "forticlient android",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.2.6"
},
{
"_id": null,
"model": "project openssl f",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.1"
},
{
"_id": null,
"model": "sonas",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "1.5.2.2"
},
{
"_id": null,
"model": "sterling b2b integrator",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.41"
},
{
"_id": null,
"model": "hp-ux b.11.23.07.04",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "system networking rackswitch g8052",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.9.14.0"
},
{
"_id": null,
"model": "initiate master data service patient hub",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.5"
},
{
"_id": null,
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2"
},
{
"_id": null,
"model": "aura conferencing sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "8.0"
},
{
"_id": null,
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.14"
},
{
"_id": null,
"model": "project openssl 1.0.1d",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.5"
},
{
"_id": null,
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.13"
},
{
"_id": null,
"model": "abyp-4tl-p-m",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v37007.1.0.7"
},
{
"_id": null,
"model": "workload deployer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.11"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v37006.2"
},
{
"_id": null,
"model": "project openssl 1.0.0p",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.12"
},
{
"_id": null,
"model": "junos 12.1x46-d40",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "smartcloud entry fix pack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.2.09"
},
{
"_id": null,
"model": "rational developer for aix and linux",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1"
},
{
"_id": null,
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.1"
},
{
"_id": null,
"model": "proactive contact",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.0"
},
{
"_id": null,
"model": "ip office application server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "8.1"
},
{
"_id": null,
"model": "secure backup",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.0.1"
},
{
"_id": null,
"model": "san volume controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.4"
},
{
"_id": null,
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.1"
},
{
"_id": null,
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.2"
},
{
"_id": null,
"model": "project openssl 1.0.0n",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "secure backup",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.2.0.3"
},
{
"_id": null,
"model": "aura session manager sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"_id": null,
"model": "security network intrusion prevention system gx6116",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.5"
},
{
"_id": null,
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.25"
},
{
"_id": null,
"model": "rational developer for i",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.1.1"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70007.1"
},
{
"_id": null,
"model": "junos 15.1x49-d10",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "insight control",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "7.5.1"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.3.1"
},
{
"_id": null,
"model": "aura communication manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3"
},
{
"_id": null,
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2.1.0.9"
},
{
"_id": null,
"model": "security network intrusion prevention system gx5208",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6"
},
{
"_id": null,
"model": "sterling connect:direct for hp nonstop",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.5"
},
{
"_id": null,
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.010"
},
{
"_id": null,
"model": "security network intrusion prevention system gx4004-v2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6"
},
{
"_id": null,
"model": "abyp-4t-0s-0l-p",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"_id": null,
"model": "secure backup",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.41"
},
{
"_id": null,
"model": "aura application server sip core",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "53003.0"
},
{
"_id": null,
"model": "security network intrusion prevention system gx5008-v2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.2"
},
{
"_id": null,
"model": "virtual connect enterprise manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.1"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v50006.3"
},
{
"_id": null,
"model": "aura experience portal",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.1"
},
{
"_id": null,
"model": "aura experience portal sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "san volume controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.4"
},
{
"_id": null,
"model": "storwize",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "v35007.3.0.12"
},
{
"_id": null,
"model": "aura messaging",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"_id": null,
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0"
},
{
"_id": null,
"model": "operations agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "11.10"
},
{
"_id": null,
"model": "open source siem",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.5"
},
{
"_id": null,
"model": "flashsystem 9848-ac0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v840"
},
{
"_id": null,
"model": "operations agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "11.13"
},
{
"_id": null,
"model": "linux -current",
"scope": null,
"trust": 0.3,
"vendor": "slackware",
"version": null
},
{
"_id": null,
"model": "project openssl 1.0.1b",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "project openssl 1.0.0k",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "aura system platform sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "bladesystem c-class virtual connect",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "3.62"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v35006.2"
},
{
"_id": null,
"model": "aura conferencing",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.0"
},
{
"_id": null,
"model": "cognos metrics manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2.2"
},
{
"_id": null,
"model": "i",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1"
},
{
"_id": null,
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"_id": null,
"model": "aura system platform sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"_id": null,
"model": "infosphere master data management standard/advanced edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "11.4"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v50006.2"
},
{
"_id": null,
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.4"
},
{
"_id": null,
"model": "san volume controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.3.0.5"
},
{
"_id": null,
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"_id": null,
"model": "security network intrusion prevention system gx4002",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.2"
},
{
"_id": null,
"model": "junos 12.3x48-d30",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "security privileged identity manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.1"
},
{
"_id": null,
"model": "sterling connect:direct for hp nonstop",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.6"
},
{
"_id": null,
"model": "aura utility services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"_id": null,
"model": "workload deployer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.12"
},
{
"_id": null,
"model": "cloud manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1.0.4"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.9"
},
{
"_id": null,
"model": "security network controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.3379"
},
{
"_id": null,
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.5"
},
{
"_id": null,
"model": "junos 13.2x51-d15",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.16"
},
{
"_id": null,
"model": "san volume controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1"
},
{
"_id": null,
"model": "endpoint manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1"
},
{
"_id": null,
"model": "ip office application server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "9.0"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1"
},
{
"_id": null,
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.8"
},
{
"_id": null,
"model": "aura conferencing sp6",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.2"
},
{
"_id": null,
"model": "operations agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "11.05"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70007.1.0.7"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v35007.5.0.2"
},
{
"_id": null,
"model": "sonas",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.5.0.2"
},
{
"_id": null,
"model": "junos 15.1x49-d20",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "fortiauthenticator",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "3.1"
},
{
"_id": null,
"model": "security network intrusion prevention system gx6116",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6"
},
{
"_id": null,
"model": "aura messaging sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"_id": null,
"model": "iq",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.1"
},
{
"_id": null,
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.7"
},
{
"_id": null,
"model": "enterprise linux hpc node",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v50007.3.0.5"
},
{
"_id": null,
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.4"
},
{
"_id": null,
"model": "sparc enterprise m5000 xcp",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1117"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "15.04"
},
{
"_id": null,
"model": "project openssl 1.0.0a",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "junos 12.1x44-d15",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "security network intrusion prevention system gx7412-05",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.1"
},
{
"_id": null,
"model": "aura collaboration environment",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.0"
},
{
"_id": null,
"model": "security network controller 1.0.3361m",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "security network intrusion prevention system gx4004",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.4"
},
{
"_id": null,
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.2"
},
{
"_id": null,
"model": "project openssl 1.0.1a",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "junos 12.1x47-d25",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "3.2.2"
},
{
"_id": null,
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.13"
},
{
"_id": null,
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"_id": null,
"model": "storwize unified",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70001.5.0.1"
},
{
"_id": null,
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1.2"
},
{
"_id": null,
"model": "meeting exchange sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.1"
},
{
"_id": null,
"model": "enterprise linux workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7"
},
{
"_id": null,
"model": "ascenlink",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "7.2.3"
},
{
"_id": null,
"model": "workload deployer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.16"
},
{
"_id": null,
"model": "junos 12.1x44-d35",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "sterling integrator",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1"
},
{
"_id": null,
"model": "netscaler t1",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "0"
},
{
"_id": null,
"model": "project openssl 0.9.8zb",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "datapower gateways",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.9"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70007.4.0.5"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.2"
},
{
"_id": null,
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.3"
},
{
"_id": null,
"model": "junos 13.3r6",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2.3"
},
{
"_id": null,
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.4"
},
{
"_id": null,
"model": "aura system platform sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "project openssl 0.9.8w",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "junos 12.1x47-d10",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70007.4"
},
{
"_id": null,
"model": "open source siem",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "5.0"
},
{
"_id": null,
"model": "flashsystem 9843-ae1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "840"
},
{
"_id": null,
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.27"
},
{
"_id": null,
"model": "project openssl 1.0.0m",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "operations agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "11.0"
},
{
"_id": null,
"model": "project openssl 1.0.1g",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "communications security gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "3.0"
},
{
"_id": null,
"model": "tivoli composite application manager for transactions",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.4"
},
{
"_id": null,
"model": "junos 12.3x48-d15",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "flashsystem 9848-ae1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v840"
},
{
"_id": null,
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.5"
},
{
"_id": null,
"model": "qradar siem patch ifix01",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.44"
},
{
"_id": null,
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.16"
},
{
"_id": null,
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1.5"
},
{
"_id": null,
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.210"
},
{
"_id": null,
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.9"
},
{
"_id": null,
"model": "security appscan enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0.1"
},
{
"_id": null,
"model": "security network controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.913"
},
{
"_id": null,
"model": "system networking rackswitch g8316",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.9.14.0"
},
{
"_id": null,
"model": "security appscan enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.00"
},
{
"_id": null,
"model": "filenet system monitor interim fix",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "4.5.0.3"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v37007.2.0.8"
},
{
"_id": null,
"model": "junos 12.3r2",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "security network intrusion prevention system gv200",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.5"
},
{
"_id": null,
"model": "mobilefirst platform foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.3.0.0"
},
{
"_id": null,
"model": "screenos 6.3.0r21",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70006.4.19"
},
{
"_id": null,
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.4.6"
},
{
"_id": null,
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.9"
},
{
"_id": null,
"model": "aura communication manager ssp04",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3"
},
{
"_id": null,
"model": "project openssl 0.9.8r",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "open source siem",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.2.3"
},
{
"_id": null,
"model": "san volume controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5"
},
{
"_id": null,
"model": "san volume controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.2"
},
{
"_id": null,
"model": "power hmc",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.3.0.0"
},
{
"_id": null,
"model": "matrix operating environment",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.5"
},
{
"_id": null,
"model": "tealeaf customer experience",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70006.4.1.8"
},
{
"_id": null,
"model": "meeting exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70006.1"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.0.1"
},
{
"_id": null,
"model": "project openssl 1.0.0l",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "general parallel file system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.5.0"
},
{
"_id": null,
"model": "cognos insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2.1"
},
{
"_id": null,
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"_id": null,
"model": "enterprise content management system monitor interim fix",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1.0.3"
},
{
"_id": null,
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.3"
},
{
"_id": null,
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "13.2"
},
{
"_id": null,
"model": "meeting exchange sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.0"
},
{
"_id": null,
"model": "project openssl 0.9.8p",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "junos 13.3r4",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "mac os",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "x10.10.5"
},
{
"_id": null,
"model": "peoplesoft enterprise peopletools",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "8.54"
},
{
"_id": null,
"model": "powerkvm",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1"
},
{
"_id": null,
"model": "sterling connect:enterprise for unix ifix03",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.5.0.3"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v35007.5"
},
{
"_id": null,
"model": "fortios",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.0.8"
},
{
"_id": null,
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.18"
},
{
"_id": null,
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.06"
},
{
"_id": null,
"model": "junos 12.1x44-d55",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "junos 12.1x44-d30.4",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1.6"
},
{
"_id": null,
"model": "junos d20",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "12.1x44"
},
{
"_id": null,
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.2"
},
{
"_id": null,
"model": "aura messaging",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.1"
},
{
"_id": null,
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.07"
},
{
"_id": null,
"model": "rational developer for i",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.1"
},
{
"_id": null,
"model": "bladesystem c-class virtual connect",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "4.50"
},
{
"_id": null,
"model": "aura communication manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3.8"
},
{
"_id": null,
"model": "abyp-10g-4lr-1-p-m",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"_id": null,
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3.6"
},
{
"_id": null,
"model": "open source siem",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.13"
},
{
"_id": null,
"model": "sparc enterprise m9000 xcp",
"scope": "ne",
"trust": 0.3,
"vendor": "oracle",
"version": "1121"
},
{
"_id": null,
"model": "predictiveinsight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5"
},
{
"_id": null,
"model": "rational application developer for websphere software",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1"
},
{
"_id": null,
"model": "security network intrusion prevention system gv200",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6"
},
{
"_id": null,
"model": "qradar siem mr2 patch ifi",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.110"
},
{
"_id": null,
"model": "infosphere guardium",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1"
},
{
"_id": null,
"model": "project openssl 1.0.1c",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "security network controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.1768"
},
{
"_id": null,
"model": "abyp-0t-0s-4l-p-m",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"_id": null,
"model": "unified security management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "5.0.3"
},
{
"_id": null,
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8v"
},
{
"_id": null,
"model": "abyp-4t-0s-0l-p-m",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"_id": null,
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.2"
},
{
"_id": null,
"model": "hp-ux b.11.11.13.14",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "mysql server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.15"
},
{
"_id": null,
"model": "initiate master data service",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.0"
},
{
"_id": null,
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2.4"
},
{
"_id": null,
"model": "matrix operating environment",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.2"
},
{
"_id": null,
"model": "cloud manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3.0.1"
},
{
"_id": null,
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.9"
},
{
"_id": null,
"model": "cognos metrics manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.1.1"
},
{
"_id": null,
"model": "san volume controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3.1.7"
},
{
"_id": null,
"model": "linux lts amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "12.04"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70007.3"
},
{
"_id": null,
"model": "rational developer for aix and linux",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.1"
},
{
"_id": null,
"model": "security network intrusion prevention system gx5108-v2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.5"
},
{
"_id": null,
"model": "hp-ux b.11.11",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "abyp-0t-2s-2l-p-m",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"_id": null,
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.34"
},
{
"_id": null,
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.4.1"
},
{
"_id": null,
"model": "screenos 6.3.0r12",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.8"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70006.3"
},
{
"_id": null,
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.211"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "3.0.64"
},
{
"_id": null,
"model": "rational software architect for websphere software",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.1"
},
{
"_id": null,
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"_id": null,
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.3"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.2.8"
},
{
"_id": null,
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.14"
},
{
"_id": null,
"model": "project openssl 0.9.8l",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.13"
},
{
"_id": null,
"model": "project openssl h",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"_id": null,
"model": "secure backup",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "12.1.0.2.0"
},
{
"_id": null,
"model": "san volume controller",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.3.0.12"
},
{
"_id": null,
"model": "project openssl i",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"_id": null,
"model": "junos 13.2x51-d26",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "bladesystem c-class virtual connect",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "4.45"
},
{
"_id": null,
"model": "workload deployer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.17"
},
{
"_id": null,
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.18"
},
{
"_id": null,
"model": "junos 14.2r2",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "project openssl 1.0.0i",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.2"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.4.1"
},
{
"_id": null,
"model": "junos d10",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "12.1x44"
},
{
"_id": null,
"model": "flashsystem 9846-ac0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v840"
},
{
"_id": null,
"model": "storwize unified",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70001.5.2.0"
},
{
"_id": null,
"model": "security privileged identity manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0.1"
},
{
"_id": null,
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.1.11"
},
{
"_id": null,
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.16"
},
{
"_id": null,
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.21"
},
{
"_id": null,
"model": "rational insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.13"
},
{
"_id": null,
"model": "open source siem",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.3.0"
},
{
"_id": null,
"model": "virtual connect enterprise manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.2"
},
{
"_id": null,
"model": "system networking rackswitch g8332",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.7.21.0"
},
{
"_id": null,
"model": "security network intrusion prevention system gv1000",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.2"
},
{
"_id": null,
"model": "system management homepage",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "7.5.5"
},
{
"_id": null,
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.010"
},
{
"_id": null,
"model": "project openssl c",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"_id": null,
"model": "junos 12.3r3",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "aura collaboration environment",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"_id": null,
"model": "sdk for node.js",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.0.15"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.2"
},
{
"_id": null,
"model": "rational insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.12"
},
{
"_id": null,
"model": "sparc enterprise m3000 xcp",
"scope": "ne",
"trust": 0.3,
"vendor": "oracle",
"version": "1121"
},
{
"_id": null,
"model": "security network intrusion prevention system gx4004",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.1"
},
{
"_id": null,
"model": "aura conferencing",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.2"
},
{
"_id": null,
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0"
},
{
"_id": null,
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.26"
},
{
"_id": null,
"model": "security network intrusion prevention system gx4004-v2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3"
},
{
"_id": null,
"model": "security network intrusion prevention system gx5108-v2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6"
},
{
"_id": null,
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.0.6"
},
{
"_id": null,
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.3"
},
{
"_id": null,
"model": "security appscan enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0"
},
{
"_id": null,
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.1"
},
{
"_id": null,
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.5"
},
{
"_id": null,
"model": "junos d35",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "12.1x44"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v50007.3"
},
{
"_id": null,
"model": "unified security management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.15"
},
{
"_id": null,
"model": "cloud manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2.0.2"
},
{
"_id": null,
"model": "centos",
"scope": "eq",
"trust": 0.3,
"vendor": "centos",
"version": "7"
},
{
"_id": null,
"model": "qradar siem mr1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1"
},
{
"_id": null,
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.37"
},
{
"_id": null,
"model": "security network intrusion prevention system gx3002",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6"
},
{
"_id": null,
"model": "junos 12.1x44-d40",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "junos 12.1x44-d30",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "cloud manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1.0.2"
},
{
"_id": null,
"model": "project openssl 1.0.0j",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "matrix operating environment",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2"
},
{
"_id": null,
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.211"
},
{
"_id": null,
"model": "security network intrusion prevention system gv1000",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.5"
},
{
"_id": null,
"model": "junos 12.1x46-d30",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.5"
},
{
"_id": null,
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.5"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.0"
},
{
"_id": null,
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.9"
},
{
"_id": null,
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.3"
},
{
"_id": null,
"model": "infosphere information server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1"
},
{
"_id": null,
"model": "aura presence services sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"_id": null,
"model": "secure backup",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.2.0.2"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70007.2.0.3"
},
{
"_id": null,
"model": "sonas",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.5.0.0"
},
{
"_id": null,
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0.1"
},
{
"_id": null,
"model": "communication server 1000m signaling server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.0"
},
{
"_id": null,
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.19"
},
{
"_id": null,
"model": "project openssl 1.0.1j",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "cloudbridge",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "0"
},
{
"_id": null,
"model": "communication server 1000e",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.0"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v37006.4.1.8"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.3"
},
{
"_id": null,
"model": "version control repository manager",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "7.5.1"
},
{
"_id": null,
"model": "security network intrusion prevention system gx6116",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3"
},
{
"_id": null,
"model": "sonas",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.5.0.1"
},
{
"_id": null,
"model": "junos 12.3x48-d10",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70007.3.0.5"
},
{
"_id": null,
"model": "abyp-2t-2s-0l-p-m",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"_id": null,
"model": "secure backup",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.0.3"
},
{
"_id": null,
"model": "security network controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.3381"
},
{
"_id": null,
"model": "rational software architect",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1"
},
{
"_id": null,
"model": "operations agent",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "11.15"
},
{
"_id": null,
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.3.6"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v35007.1.0.6"
},
{
"_id": null,
"model": "abyp-4ts-p",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"_id": null,
"model": "operations agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "11.02"
},
{
"_id": null,
"model": "mysql server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.23"
},
{
"_id": null,
"model": "matrix operating environment",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.1"
},
{
"_id": null,
"model": "infosphere information server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5"
},
{
"_id": null,
"model": "junos 12.3r11",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v50006.1"
},
{
"_id": null,
"model": "aura presence services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.1"
},
{
"_id": null,
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.1"
},
{
"_id": null,
"model": "linux enterprise server sp1 ltss",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"_id": null,
"model": "centos",
"scope": "eq",
"trust": 0.3,
"vendor": "centos",
"version": "5"
},
{
"_id": null,
"model": "websphere mq",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.0"
},
{
"_id": null,
"model": "screenos 6.3.0r20",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "security network intrusion prevention system gx7412-10",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.10"
},
{
"_id": null,
"model": "junos 13.3r7",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.2"
},
{
"_id": null,
"model": "cognos insight standard edition fp",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2.24"
},
{
"_id": null,
"model": "forticache",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "3.0"
},
{
"_id": null,
"model": "messagesight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1"
},
{
"_id": null,
"model": "aura application server sip core sp10",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "53003.0"
},
{
"_id": null,
"model": "linux x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "13.37"
},
{
"_id": null,
"model": "project openssl 0.9.8zd",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "worklight enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.0.2"
},
{
"_id": null,
"model": "junos 14.1r5",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "security network intrusion prevention system gx7800",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.2"
},
{
"_id": null,
"model": "websphere mq",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.2"
},
{
"_id": null,
"model": "initiate master data service",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0"
},
{
"_id": null,
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.11"
},
{
"_id": null,
"model": "project openssl 1.0.1k",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.9"
},
{
"_id": null,
"model": "version control agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.2"
},
{
"_id": null,
"model": "security network intrusion prevention system gx5208-v2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.5"
},
{
"_id": null,
"model": "project openssl 0.9.8o",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "mysql server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.16"
},
{
"_id": null,
"model": "server migration pack",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "7.5.1"
},
{
"_id": null,
"model": "project openssl e",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"_id": null,
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.1.2"
},
{
"_id": null,
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.1"
},
{
"_id": null,
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.33"
},
{
"_id": null,
"model": "sterling connect:enterprise for unix ifix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.5.0.37"
},
{
"_id": null,
"model": "matrix operating environment",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.1"
},
{
"_id": null,
"model": "qradar siem patch",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.43"
},
{
"_id": null,
"model": "ip office server edition",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "8.0"
},
{
"_id": null,
"model": "worklight foundation enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.2.0.1"
},
{
"_id": null,
"model": "proactive contact",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.1"
},
{
"_id": null,
"model": "predictiveinsight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0"
},
{
"_id": null,
"model": "junos 12.1x44-d35.5",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.5"
},
{
"_id": null,
"model": "tivoli common reporting",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1"
},
{
"_id": null,
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.0"
},
{
"_id": null,
"model": "secure backup",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "12.1"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.3"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.1"
},
{
"_id": null,
"model": "open source siem",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.3.3.1"
},
{
"_id": null,
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.9"
},
{
"_id": null,
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.4"
},
{
"_id": null,
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.0.0"
},
{
"_id": null,
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.3"
},
{
"_id": null,
"model": "security network intrusion prevention system gx7800",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.5"
},
{
"_id": null,
"model": "security network intrusion prevention system gx4004-v2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.1"
},
{
"_id": null,
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1"
},
{
"_id": null,
"model": "open source siem",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.14"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.0.2"
},
{
"_id": null,
"model": "communication server 1000m",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.5"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3"
},
{
"_id": null,
"model": "infosphere information server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.7"
},
{
"_id": null,
"model": "operations agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "11.12"
},
{
"_id": null,
"model": "insight orchestration",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.0"
},
{
"_id": null,
"model": "junos 14.2r3",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.10"
},
{
"_id": null,
"model": "icewall mcrp",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "3.0"
},
{
"_id": null,
"model": "abyp-2t-0s-2l-p-m",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v37007.1"
},
{
"_id": null,
"model": "system networking rackswitch g8264",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.9.14.0"
},
{
"_id": null,
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.32"
},
{
"_id": null,
"model": "junos 13.2x51-d30",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v35007.2.0.8"
},
{
"_id": null,
"model": "communication server 1000m signaling server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.5"
},
{
"_id": null,
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70007.2.0.8"
},
{
"_id": null,
"model": "communication server 1000e",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.5"
},
{
"_id": null,
"model": "qradar siem mr2 patch",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.19"
}
],
"sources": [
{
"db": "BID",
"id": "75156"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-003081"
},
{
"db": "NVD",
"id": "CVE-2015-1789"
}
]
},
"configurations": {
"_id": null,
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:openssl:openssl",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:apple:mac_os_x",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:oracle:mysql",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:oracle:e-business_suite",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:oracle:fusion_middleware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:oracle:peoplesoft_products",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:oracle:supply_chain_products_suite",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:oracle:primavera_p6_enterprise_project_portfolio_management",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:oracle:xcp",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hp:insight_control",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hp:matrix_operating_environment",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hp:server_migration_pack",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hp:systems_insight_manager",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hp:version_control_repository_manager",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hp:system_management_homepage",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:nec:capssuite",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:nec:enterprise_directoryserver",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:nec:express5800",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:nec:ip38x_1200",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:nec:ip38x_1210",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:nec:ip38x_3000",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:nec:ip38x_3500",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:nec:ip38x_5000",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:nec:ip38x_810",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:nec:ip38x_fw120",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:nec:istorage",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:nec:ix2000",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:nec:ix3000",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:nec:secureware_pki_application_development_kit",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:nec:univerge",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:nec:webotx",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:nec:webotx_application_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:nec:webotx_enterprise_service_bus",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:nec:webotx_portal",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:nec:webotx_sip_application_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:nec:websam",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-003081"
}
]
},
"credits": {
"_id": null,
"data": "Robert Swiecki(Google) and Hanno B\u0026amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;ouml;ck.",
"sources": [
{
"db": "BID",
"id": "75156"
}
],
"trust": 0.3
},
"cve": "CVE-2015-1789",
"cvss": {
"_id": null,
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "CVE-2015-1789",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.9,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"id": "CVE-2015-1789",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2015-1789",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2015-1789",
"trust": 0.8,
"value": "High"
},
{
"author": "VULMON",
"id": "CVE-2015-1789",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2015-1789"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-003081"
},
{
"db": "NVD",
"id": "CVE-2015-1789"
}
]
},
"description": {
"_id": null,
"data": "The X509_cmp_time function in crypto/x509/x509_vfy.c in OpenSSL before 0.9.8zg, 1.0.0 before 1.0.0s, 1.0.1 before 1.0.1n, and 1.0.2 before 1.0.2b allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted length field in ASN1_TIME data, as demonstrated by an attack against a server that supports client authentication with a custom verification callback. OpenSSL is prone to denial-of-service vulnerability. \nAn attacker may exploit this issue to cause a denial-of-service condition. \nThe following are vulnerable:\nOpenSSL 1.0.2 prior to 1.0.2b\nOpenSSL 1.0.1 prior to 1.0.1n\nOpenSSL 1.0.0 prior to 1.0.0s\nOpenSSL 0.9.8 prior to 0.9.8zg. OpenSSL Security Advisory [11 Jun 2015]\n=======================================\n\nDHE man-in-the-middle protection (Logjam)\n====================================================================\n\nA vulnerability in the TLS protocol allows a man-in-the-middle\nattacker to downgrade vulnerable TLS connections using ephemeral\nDiffie-Hellman key exchange to 512-bit export-grade cryptography. This\nvulnerability is known as Logjam (CVE-2015-4000). \n\nOpenSSL has added protection for TLS clients by rejecting handshakes\nwith DH parameters shorter than 768 bits. This limit will be increased\nto 1024 bits in a future release. \n\nMalformed ECParameters causes infinite loop (CVE-2015-1788)\n===========================================================\n\nSeverity: Moderate\n\nWhen processing an ECParameters structure OpenSSL enters an infinite loop if\nthe curve specified is over a specially malformed binary polynomial field. \n\nThis can be used to perform denial of service against any\nsystem which processes public keys, certificate requests or\ncertificates. This includes TLS clients and TLS servers with\nclient authentication enabled. \n\nThis issue affects OpenSSL versions: 1.0.2 and 1.0.1. Recent\n1.0.0 and 0.9.8 versions are not affected. 1.0.0d and 0.9.8r and below are\naffected. \n\nOpenSSL 1.0.2 users should upgrade to 1.0.2b\nOpenSSL 1.0.1 users should upgrade to 1.0.1n\nOpenSSL 1.0.0d (and below) users should upgrade to 1.0.0s\nOpenSSL 0.9.8r (and below) users should upgrade to 0.9.8zg\n\nThis issue was reported to OpenSSL on 6th April 2015 by Joseph Birr-Pixton. The\nfix was developed by Andy Polyakov of the OpenSSL development team. \n\nExploitable out-of-bounds read in X509_cmp_time (CVE-2015-1789)\n===============================================================\n\nSeverity: Moderate\n\nX509_cmp_time does not properly check the length of the ASN1_TIME\nstring and can read a few bytes out of bounds. In addition,\nX509_cmp_time accepts an arbitrary number of fractional seconds in the\ntime string. \n\nAn attacker can use this to craft malformed certificates and CRLs of\nvarious sizes and potentially cause a segmentation fault, resulting in\na DoS on applications that verify certificates or CRLs. TLS clients\nthat verify CRLs are affected. TLS clients and servers with client\nauthentication enabled may be affected if they use custom verification\ncallbacks. \n\nThis issue affects all current OpenSSL versions: 1.0.2, 1.0.1, 1.0.0 and 0.9.8. \n\nOpenSSL 1.0.2 users should upgrade to 1.0.2b\nOpenSSL 1.0.1 users should upgrade to 1.0.1n\nOpenSSL 1.0.0 users should upgrade to 1.0.0s\nOpenSSL 0.9.8 users should upgrade to 0.9.8zg\n\nThis issue was reported to OpenSSL on 8th April 2015 by Robert Swiecki\n(Google), and independently on 11th April 2015 by Hanno B\u00f6ck. The fix\nwas developed by Emilia K\u00e4sper of the OpenSSL development team. \n\nPKCS7 crash with missing EnvelopedContent (CVE-2015-1790)\n=========================================================\n\nSeverity: Moderate\n\nThe PKCS#7 parsing code does not handle missing inner EncryptedContent\ncorrectly. An attacker can craft malformed ASN.1-encoded PKCS#7 blobs\nwith missing content and trigger a NULL pointer dereference on parsing. \n\nApplications that decrypt PKCS#7 data or otherwise parse PKCS#7\nstructures from untrusted sources are affected. OpenSSL clients and\nservers are not affected. \n\nThis issue affects all current OpenSSL versions: 1.0.2, 1.0.1, 1.0.0 and 0.9.8. \n\nOpenSSL 1.0.2 users should upgrade to 1.0.2b\nOpenSSL 1.0.1 users should upgrade to 1.0.1n\nOpenSSL 1.0.0 users should upgrade to 1.0.0s\nOpenSSL 0.9.8 users should upgrade to 0.9.8zg\n\nThis issue was reported to OpenSSL on 18th April 2015 by Michal\nZalewski (Google). The fix was developed by Emilia K\u00e4sper of the\nOpenSSL development team. \n\nThis can be used to perform denial of service against any system which\nverifies signedData messages using the CMS code. \n\nThis issue affects all current OpenSSL versions: 1.0.2, 1.0.1, 1.0.0 and 0.9.8. \n\nOpenSSL 1.0.2 users should upgrade to 1.0.2b\nOpenSSL 1.0.1 users should upgrade to 1.0.1n\nOpenSSL 1.0.0 users should upgrade to 1.0.0s\nOpenSSL 0.9.8 users should upgrade to 0.9.8zg\n\nThis issue was reported to OpenSSL on 31st March 2015 by Johannes Bauer. The\nfix was developed by Dr. Stephen Henson of the OpenSSL development team. \n\nThis issue affects all current OpenSSL versions: 1.0.2, 1.0.1, 1.0.0 and 0.9.8. The\nfix was developed by Matt Caswell of the OpenSSL development team. It\nexisted in previous OpenSSL versions and was fixed in June 2014. \n\nIf a DTLS peer receives application data between the ChangeCipherSpec\nand Finished messages, buffering of such data may cause an invalid\nfree, resulting in a segmentation fault or potentially, memory\ncorruption. \n\nThis issue affected older OpenSSL versions 1.0.1, 1.0.0 and 0.9.8. \n\nOpenSSL 0.9.8 DTLS users should upgrade to 0.9.8za\nOpenSSL 1.0.0 DTLS users should upgrade to 1.0.0m. \nOpenSSL 1.0.1 DTLS users should upgrade to 1.0.1h. \n\nThis issue was originally reported on March 28th 2014 in\nhttps://rt.openssl.org/Ticket/Display.html?id=3286 by Praveen\nKariyanahalli, and subsequently by Ivan Fratric and Felix Groebert\n(Google). A fix was developed by zhu qun-ying. \n\nThe fix for this issue can be identified by commits bcc31166 (1.0.1),\nb79e6e3a (1.0.0) and 4b258e73 (0.9.8). \n\nNote\n====\n\nAs per our previous announcements and our Release Strategy\n(https://www.openssl.org/about/releasestrat.html), support for OpenSSL versions\n1.0.0 and 0.9.8 will cease on 31st December 2015. No security updates for these\nreleases will be provided after that date. Users of these releases are advised\nto upgrade. \n\nReferences\n==========\n\nURL for this Security Advisory:\nhttps://www.openssl.org/news/secadv_20150611.txt\n\nNote: the online version of the advisory may be updated with additional\ndetails over time. \n\nFor details of OpenSSL severity classifications please see:\nhttps://www.openssl.org/about/secpolicy.html\n\n. These vulnerabilities\ninclude:\n\nThe SSLv3 vulnerability known as \"Padding Oracle on Downgraded Legacy\nEncryption\" also known as \"POODLE\", which could be exploited remotely\nresulting in disclosure of information. \nThe following firmware versions of Virtual Connect (VC) are impacted:\n\nHPE BladeSystem c-Class Virtual Connect (VC) Firmware 4.30 through VC 4.45\nHPE BladeSystem c-Class Virtual Connect (VC) Firmware 3.62 through VC 4.21\n\nNote: Firmware versions 3.62 through 4.21 are not impacted by CVE-2016-0800,\nCVE-2015-3194, CVE-2014-3566, CVE-2015-0705, CVE-2016-0799, and\nCVE-2016-2842. \n\nRelease Date: 2015-07-10\nLast Updated: 2015-07-10\n\nPotential Security Impact: Remote Denial of Service (DoS)\n\nSource: Hewlett-Packard Company, HP Software Security Response Team\n\nVULNERABILITY SUMMARY\nPotential security vulnerabilities have been identified with HP IceWall\nProducts running OpenSSL. \nProduct\n Impacted Versions\n Impacted CVEs\n\nHP IceWall MCRP\n v3.0\n CVE-2015-1789\nCVE-2015-1790\nCVE-2015-1792\n\nHP IceWall SSO Dfw\n v10.0\n CVE-2015-1789\nCVE-2015-1790\nCVE-2015-1792\n\nHP IceWall SSO Agent Option\n v10.0\n CVE-2015-1789\nCVE-2015-1790\nCVE-2015-1792\n\nHP IceWall SSO Certd\n v10.0\n CVE-2015-1792\n\nHP IceWall Federation Agent\n v3.0\n CVE-2015-1792\n\nBACKGROUND\n\nCVSS 2.0 Base Metrics\n===========================================================\n Reference Base Vector Base Score\nCVE-2015-1789 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3\nCVE-2015-1790 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0\nCVE-2015-1792 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0\n===========================================================\n Information on CVSS is documented\n in HP Customer Notice: HPSN-2008-002\n\nRESOLUTION\n\nHP recommends applying the latest OS vendor security patches for OpenSSL to\nresolve the vulnerabilities for HP IceWall Products. \n\n HP IceWall SSO Dfw v10.0 and Certd v10.0, which are running on RHEL, could\nbe using either the OS bundled OpenSSL library or the OpenSSL bundled with HP\nIceWall. If still using the OpenSSL bundled with HP IceWall, please apply the\nlatest OS vendor security patches for OpenSSL and switch to the OpenSSL\nlibrary bundled with the OS. \n\n Documents are available at the following location with instructions to\nswitch to the OS bundled OpenSSL library:\n\n http://www.hp.com/jp/icewall_patchaccess\n\n Note: The HP IceWall product is only available in Japan. \n\nHISTORY\nVersion:1 (rev.1) - 10 July 2015 Initial release\n\nThird Party Security Patches: Third party security patches that are to be\ninstalled on systems running HP software products should be applied in\naccordance with the customer\u0027s patch management policy. \n\nSupport: For issues about implementing the recommendations of this Security\nBulletin, contact normal HP Services support channel. For other issues about\nthe content of this Security Bulletin, send e-mail to security-alert@hp.com. \n\nReport: To report a potential security vulnerability with any HP supported\nproduct, send Email to: security-alert@hp.com\n\nSubscribe: To initiate a subscription to receive future HP Security Bulletin\nalerts via Email:\nhttp://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins\n\nSecurity Bulletin Archive: A list of recently released Security Bulletins is\navailable here:\nhttps://h20564.www2.hp.com/portal/site/hpsc/public/kb/secBullArchive/\n\nSoftware Product Category: The Software Product Category is represented in\nthe title by the two characters following HPSB. \n\n3C = 3COM\n3P = 3rd Party Software\nGN = HP General Software\nHF = HP Hardware and Firmware\nMP = MPE/iX\nMU = Multi-Platform Software\nNS = NonStop Servers\nOV = OpenVMS\nPI = Printing and Imaging\nPV = ProCurve\nST = Storage Software\nTU = Tru64 UNIX\nUX = HP-UX\n\nCopyright 2015 Hewlett-Packard Development Company, L.P. \nHewlett-Packard Company shall not be liable for technical or editorial errors\nor omissions contained herein. The information provided is provided \"as is\"\nwithout warranty of any kind. To the extent permitted by law, neither HP or\nits affiliates, subcontractors or suppliers will be liable for\nincidental,special or consequential damages including downtime cost; lost\nprofits; damages relating to the procurement of substitute products or\nservices; or damages for loss of data, or software restoration. The\ninformation in this document is subject to change without notice. \nHewlett-Packard Company and the names of Hewlett-Packard products referenced\nherein are trademarks of Hewlett-Packard Company in the United States and\nother countries. Other product and company names mentioned herein may be\ntrademarks of their respective owners. This\n could allow remote attackers to cause a denial of service. This could allow remote attackers to cause\n a denial of service (crash). This could allow remote attackers to cause\n a denial of service. \n\nFor the oldstable distribution (wheezy), these problems have been fixed\nin version 1.0.1e-2+deb7u17. \n\nFor the stable distribution (jessie), these problems have been fixed in\nversion 1.0.1k-3+deb8u1. \n\nFor the testing distribution (stretch), these problems have been fixed\nin version 1.0.2b-1. \n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 1.0.2b-1. \nCorrected: 2015-06-11 19:07:45 UTC (stable/10, 10.1-STABLE)\n 2015-06-12 07:23:55 UTC (releng/10.1, 10.1-RELEASE-p12)\n 2015-06-11 19:39:27 UTC (stable/9, 9.3-STABLE)\n 2015-06-12 07:23:55 UTC (releng/9.3, 9.3-RELEASE-p16)\n 2015-06-11 19:39:27 UTC (stable/8, 8.4-STABLE)\n 2015-06-12 07:23:55 UTC (releng/8.4, 8.4-RELEASE-p30)\nCVE Name: CVE-2015-1788, CVE-2015-1789, CVE-2015-1790, CVE-2015-1791\n CVE-2015-1792, CVE-2015-4000\n\nFor general information regarding FreeBSD Security Advisories,\nincluding descriptions of the fields above, security branches, and the\nfollowing sections, please visit \u003cURL:https://security.FreeBSD.org/\u003e. Background\n\nFreeBSD includes software from the OpenSSL Project. \n\nII. [CVE-2015-1791]\n\nThe OpenSSL advisory also describes a problem that is identified as\nCVE-2014-8176, which is already fixed by an earlier FreeBSD Errata\nNotice, FreeBSD-EN-15:02.openssl. \n\nIII. [CVE-2015-4000]. \n[CVE-2015-1788]. This affects FreeBSD 10.1 only, as the problem\nwas no longer exist in OpenSSL 0.9.8 series since July 2012. [CVE-2015-1790]. [CVE-2015-1792]\n\nAn attacker may be able to crash multi-thread applications that\nsupports resumed TLS handshakes. [CVE-2015-1791]\n\nIV. Workaround\n\nNo workaround is available. \n\nV. Solution\n\nPerform one of the following:\n\n1) Upgrade your vulnerable system to a supported FreeBSD stable or\nrelease / security branch (releng) dated after the correction date. \n\n2) To update your vulnerable system via a binary patch:\n\nSystems running a RELEASE version of FreeBSD on the i386 or amd64\nplatforms can be updated via the freebsd-update(8) utility:\n\n# freebsd-update fetch\n# freebsd-update install\n\n3) To update your vulnerable system via a source code patch:\n\nThe following patches have been verified to apply to the applicable\nFreeBSD release branches. \n\na) Download the relevant patch from the location below, and verify the\ndetached PGP signature using your PGP utility. \n\n[FreeBSD 10.1]\n# fetch https://security.FreeBSD.org/patches/SA-15:10/openssl-10.1.patch\n# fetch https://security.FreeBSD.org/patches/SA-15:10/openssl-10.1.patch.asc\n# gpg --verify openssl-10.1.patch.asc\n\n[FreeBSD 9.3 and 8.4]\n# fetch https://security.FreeBSD.org/patches/SA-15:10/openssl-8.4.patch\n# fetch https://security.FreeBSD.org/patches/SA-15:10/openssl-8.4.patch.asc\n# gpg --verify openssl-8.4.patch.asc\n\nb) Apply the patch. Execute the following commands as root:\n\n# cd /usr/src\n# patch \u003c /path/to/patch\n\nc) Recompile the operating system using buildworld and installworld as\ndescribed in \u003cURL:https://www.FreeBSD.org/handbook/makeworld.html\u003e. \n\nRestart all deamons using the library, or reboot the system. \n\nVI. Correction details\n\nThe following list contains the correction revision numbers for each\naffected branch. \n\nBranch/path Revision\n- -------------------------------------------------------------------------\nstable/8/ r284286\nreleng/8.4/ r284295\nstable/9/ r284286\nreleng/9.3/ r284295\nstable/10/ r284285\nreleng/10.1/ r284295\n- -------------------------------------------------------------------------\n\nTo see which files were modified by a particular revision, run the\nfollowing command, replacing NNNNNN with the revision number, on a\nmachine with Subversion installed:\n\n# svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base\n\nOr visit the following URL, replacing NNNNNN with the revision number:\n\n\u003cURL:https://svnweb.freebsd.org/base?view=revision\u0026revision=NNNNNN\u003e\n\nVII. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=====================================================================\n Red Hat Security Advisory\n\nSynopsis: Moderate: openssl security update\nAdvisory ID: RHSA-2015:1115-01\nProduct: Red Hat Enterprise Linux\nAdvisory URL: https://rhn.redhat.com/errata/RHSA-2015-1115.html\nIssue date: 2015-06-15\nCVE Names: CVE-2014-8176 CVE-2015-1789 CVE-2015-1790 \n CVE-2015-1791 CVE-2015-1792 CVE-2015-3216 \n=====================================================================\n\n1. Summary:\n\nUpdated openssl packages that fix multiple security issues are now\navailable for Red Hat Enterprise Linux 6 and 7. \n\nRed Hat Product Security has rated this update as having Moderate security\nimpact. Common Vulnerability Scoring System (CVSS) base scores, which give\ndetailed severity ratings, are available for each vulnerability from the\nCVE links in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux Client (v. 7) - x86_64\nRed Hat Enterprise Linux Client Optional (v. 7) - x86_64\nRed Hat Enterprise Linux ComputeNode (v. 7) - x86_64\nRed Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64\nRed Hat Enterprise Linux Desktop (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Desktop Optional (v. 6) - i386, x86_64\nRed Hat Enterprise Linux HPC Node (v. 6) - x86_64\nRed Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64\nRed Hat Enterprise Linux Server (v. 6) - i386, ppc64, s390x, x86_64\nRed Hat Enterprise Linux Server (v. 7) - ppc64, ppc64le, s390x, x86_64\nRed Hat Enterprise Linux Server Optional (v. 6) - i386, ppc64, s390x, x86_64\nRed Hat Enterprise Linux Server Optional (v. 7) - ppc64, ppc64le, s390x, x86_64\nRed Hat Enterprise Linux Workstation (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Workstation (v. 7) - x86_64\nRed Hat Enterprise Linux Workstation Optional (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Workstation Optional (v. 7) - x86_64\n\n3. Description:\n\nOpenSSL is a toolkit that implements the Secure Sockets Layer (SSL v2/v3)\nand Transport Layer Security (TLS v1) protocols, as well as a\nfull-strength, general purpose cryptography library. \n\nAn invalid free flaw was found in the way OpenSSL handled certain DTLS\nhandshake messages. A malicious DTLS client or server could cause a DTLS\nserver or client using OpenSSL to crash or, potentially, execute arbitrary\ncode. (CVE-2014-8176)\n\nA flaw was found in the way the OpenSSL packages shipped with Red Hat\nEnterprise Linux 6 and 7 performed locking in the ssleay_rand_bytes()\nfunction. (CVE-2015-3216)\n\nAn out-of-bounds read flaw was found in the X509_cmp_time() function of\nOpenSSL. A specially crafted X.509 certificate or a Certificate Revocation\nList (CRL) could possibly cause a TLS/SSL server or client using OpenSSL\nto crash. (CVE-2015-1789)\n\nA race condition was found in the session handling code of OpenSSL. This\nissue could possibly cause a multi-threaded TLS/SSL client using OpenSSL\nto double free session ticket data and crash. (CVE-2015-1791)\n\nA flaw was found in the way OpenSSL handled Cryptographic Message Syntax\n(CMS) messages. A CMS message with an unknown hash function identifier\ncould cause an application using OpenSSL to enter an infinite loop. \n(CVE-2015-1792)\n\nA NULL pointer dereference was found in the way OpenSSL handled certain\nPKCS#7 inputs. A specially crafted PKCS#7 input with missing\nEncryptedContent data could cause an application using OpenSSL to crash. \n(CVE-2015-1790)\n\nRed Hat would like to thank the OpenSSL project for reporting\nCVE-2014-8176, CVE-2015-1789, CVE-2015-1790, CVE-2015-1791 and\nCVE-2015-1792 flaws. Upstream acknowledges Praveen Kariyanahalli and Ivan\nFratric as the original reporters of CVE-2014-8176, Robert Swiecki and\nHanno B\u00f6ck as the original reporters of CVE-2015-1789, Michal Zalewski as\nthe original reporter of CVE-2015-1790, Emilia K\u00e4sper as the original\nreport of CVE-2015-1791 and Johannes Bauer as the original reporter of\nCVE-2015-1792. \n\nAll openssl users are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues. For the update to take\neffect, all services linked to the OpenSSL library must be restarted, or\nthe system rebooted. \n\n4. Solution:\n\nBefore applying this update, make sure all previously released errata\nrelevant to your system have been applied. \n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258\n\n5. Bugs fixed (https://bugzilla.redhat.com/):\n\n1227574 - CVE-2015-3216 openssl: Crash in ssleay_rand_bytes due to locking regression\n1228603 - CVE-2015-1789 OpenSSL: out-of-bounds read in X509_cmp_time\n1228604 - CVE-2015-1790 OpenSSL: PKCS7 crash with missing EnvelopedContent\n1228607 - CVE-2015-1792 OpenSSL: CMS verify infinite loop with unknown hash function\n1228608 - CVE-2015-1791 OpenSSL: Race condition handling NewSessionTicket\n1228611 - CVE-2014-8176 OpenSSL: Invalid free in DTLS\n\n6. Package List:\n\nRed Hat Enterprise Linux Desktop (v. 6):\n\nSource:\nopenssl-1.0.1e-30.el6_6.11.src.rpm\n\ni386:\nopenssl-1.0.1e-30.el6_6.11.i686.rpm\nopenssl-debuginfo-1.0.1e-30.el6_6.11.i686.rpm\n\nx86_64:\nopenssl-1.0.1e-30.el6_6.11.i686.rpm\nopenssl-1.0.1e-30.el6_6.11.x86_64.rpm\nopenssl-debuginfo-1.0.1e-30.el6_6.11.i686.rpm\nopenssl-debuginfo-1.0.1e-30.el6_6.11.x86_64.rpm\n\nRed Hat Enterprise Linux Desktop Optional (v. 6):\n\ni386:\nopenssl-debuginfo-1.0.1e-30.el6_6.11.i686.rpm\nopenssl-devel-1.0.1e-30.el6_6.11.i686.rpm\nopenssl-perl-1.0.1e-30.el6_6.11.i686.rpm\nopenssl-static-1.0.1e-30.el6_6.11.i686.rpm\n\nx86_64:\nopenssl-debuginfo-1.0.1e-30.el6_6.11.i686.rpm\nopenssl-debuginfo-1.0.1e-30.el6_6.11.x86_64.rpm\nopenssl-devel-1.0.1e-30.el6_6.11.i686.rpm\nopenssl-devel-1.0.1e-30.el6_6.11.x86_64.rpm\nopenssl-perl-1.0.1e-30.el6_6.11.x86_64.rpm\nopenssl-static-1.0.1e-30.el6_6.11.x86_64.rpm\n\nRed Hat Enterprise Linux HPC Node (v. 6):\n\nSource:\nopenssl-1.0.1e-30.el6_6.11.src.rpm\n\nx86_64:\nopenssl-1.0.1e-30.el6_6.11.i686.rpm\nopenssl-1.0.1e-30.el6_6.11.x86_64.rpm\nopenssl-debuginfo-1.0.1e-30.el6_6.11.i686.rpm\nopenssl-debuginfo-1.0.1e-30.el6_6.11.x86_64.rpm\n\nRed Hat Enterprise Linux HPC Node Optional (v. 6):\n\nx86_64:\nopenssl-debuginfo-1.0.1e-30.el6_6.11.i686.rpm\nopenssl-debuginfo-1.0.1e-30.el6_6.11.x86_64.rpm\nopenssl-devel-1.0.1e-30.el6_6.11.i686.rpm\nopenssl-devel-1.0.1e-30.el6_6.11.x86_64.rpm\nopenssl-perl-1.0.1e-30.el6_6.11.x86_64.rpm\nopenssl-static-1.0.1e-30.el6_6.11.x86_64.rpm\n\nRed Hat Enterprise Linux Server (v. 6):\n\nSource:\nopenssl-1.0.1e-30.el6_6.11.src.rpm\n\ni386:\nopenssl-1.0.1e-30.el6_6.11.i686.rpm\nopenssl-debuginfo-1.0.1e-30.el6_6.11.i686.rpm\nopenssl-devel-1.0.1e-30.el6_6.11.i686.rpm\n\nppc64:\nopenssl-1.0.1e-30.el6_6.11.ppc.rpm\nopenssl-1.0.1e-30.el6_6.11.ppc64.rpm\nopenssl-debuginfo-1.0.1e-30.el6_6.11.ppc.rpm\nopenssl-debuginfo-1.0.1e-30.el6_6.11.ppc64.rpm\nopenssl-devel-1.0.1e-30.el6_6.11.ppc.rpm\nopenssl-devel-1.0.1e-30.el6_6.11.ppc64.rpm\n\ns390x:\nopenssl-1.0.1e-30.el6_6.11.s390.rpm\nopenssl-1.0.1e-30.el6_6.11.s390x.rpm\nopenssl-debuginfo-1.0.1e-30.el6_6.11.s390.rpm\nopenssl-debuginfo-1.0.1e-30.el6_6.11.s390x.rpm\nopenssl-devel-1.0.1e-30.el6_6.11.s390.rpm\nopenssl-devel-1.0.1e-30.el6_6.11.s390x.rpm\n\nx86_64:\nopenssl-1.0.1e-30.el6_6.11.i686.rpm\nopenssl-1.0.1e-30.el6_6.11.x86_64.rpm\nopenssl-debuginfo-1.0.1e-30.el6_6.11.i686.rpm\nopenssl-debuginfo-1.0.1e-30.el6_6.11.x86_64.rpm\nopenssl-devel-1.0.1e-30.el6_6.11.i686.rpm\nopenssl-devel-1.0.1e-30.el6_6.11.x86_64.rpm\n\nRed Hat Enterprise Linux Server Optional (v. 6):\n\ni386:\nopenssl-debuginfo-1.0.1e-30.el6_6.11.i686.rpm\nopenssl-perl-1.0.1e-30.el6_6.11.i686.rpm\nopenssl-static-1.0.1e-30.el6_6.11.i686.rpm\n\nppc64:\nopenssl-debuginfo-1.0.1e-30.el6_6.11.ppc64.rpm\nopenssl-perl-1.0.1e-30.el6_6.11.ppc64.rpm\nopenssl-static-1.0.1e-30.el6_6.11.ppc64.rpm\n\ns390x:\nopenssl-debuginfo-1.0.1e-30.el6_6.11.s390x.rpm\nopenssl-perl-1.0.1e-30.el6_6.11.s390x.rpm\nopenssl-static-1.0.1e-30.el6_6.11.s390x.rpm\n\nx86_64:\nopenssl-debuginfo-1.0.1e-30.el6_6.11.x86_64.rpm\nopenssl-perl-1.0.1e-30.el6_6.11.x86_64.rpm\nopenssl-static-1.0.1e-30.el6_6.11.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation (v. 6):\n\nSource:\nopenssl-1.0.1e-30.el6_6.11.src.rpm\n\ni386:\nopenssl-1.0.1e-30.el6_6.11.i686.rpm\nopenssl-debuginfo-1.0.1e-30.el6_6.11.i686.rpm\nopenssl-devel-1.0.1e-30.el6_6.11.i686.rpm\n\nx86_64:\nopenssl-1.0.1e-30.el6_6.11.i686.rpm\nopenssl-1.0.1e-30.el6_6.11.x86_64.rpm\nopenssl-debuginfo-1.0.1e-30.el6_6.11.i686.rpm\nopenssl-debuginfo-1.0.1e-30.el6_6.11.x86_64.rpm\nopenssl-devel-1.0.1e-30.el6_6.11.i686.rpm\nopenssl-devel-1.0.1e-30.el6_6.11.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation Optional (v. 6):\n\ni386:\nopenssl-debuginfo-1.0.1e-30.el6_6.11.i686.rpm\nopenssl-perl-1.0.1e-30.el6_6.11.i686.rpm\nopenssl-static-1.0.1e-30.el6_6.11.i686.rpm\n\nx86_64:\nopenssl-debuginfo-1.0.1e-30.el6_6.11.x86_64.rpm\nopenssl-perl-1.0.1e-30.el6_6.11.x86_64.rpm\nopenssl-static-1.0.1e-30.el6_6.11.x86_64.rpm\n\nRed Hat Enterprise Linux Client (v. 7):\n\nSource:\nopenssl-1.0.1e-42.el7_1.8.src.rpm\n\nx86_64:\nopenssl-1.0.1e-42.el7_1.8.x86_64.rpm\nopenssl-debuginfo-1.0.1e-42.el7_1.8.i686.rpm\nopenssl-debuginfo-1.0.1e-42.el7_1.8.x86_64.rpm\nopenssl-libs-1.0.1e-42.el7_1.8.i686.rpm\nopenssl-libs-1.0.1e-42.el7_1.8.x86_64.rpm\n\nRed Hat Enterprise Linux Client Optional (v. 7):\n\nx86_64:\nopenssl-debuginfo-1.0.1e-42.el7_1.8.i686.rpm\nopenssl-debuginfo-1.0.1e-42.el7_1.8.x86_64.rpm\nopenssl-devel-1.0.1e-42.el7_1.8.i686.rpm\nopenssl-devel-1.0.1e-42.el7_1.8.x86_64.rpm\nopenssl-perl-1.0.1e-42.el7_1.8.x86_64.rpm\nopenssl-static-1.0.1e-42.el7_1.8.i686.rpm\nopenssl-static-1.0.1e-42.el7_1.8.x86_64.rpm\n\nRed Hat Enterprise Linux ComputeNode (v. 7):\n\nSource:\nopenssl-1.0.1e-42.el7_1.8.src.rpm\n\nx86_64:\nopenssl-1.0.1e-42.el7_1.8.x86_64.rpm\nopenssl-debuginfo-1.0.1e-42.el7_1.8.i686.rpm\nopenssl-debuginfo-1.0.1e-42.el7_1.8.x86_64.rpm\nopenssl-libs-1.0.1e-42.el7_1.8.i686.rpm\nopenssl-libs-1.0.1e-42.el7_1.8.x86_64.rpm\n\nRed Hat Enterprise Linux ComputeNode Optional (v. 7):\n\nx86_64:\nopenssl-debuginfo-1.0.1e-42.el7_1.8.i686.rpm\nopenssl-debuginfo-1.0.1e-42.el7_1.8.x86_64.rpm\nopenssl-devel-1.0.1e-42.el7_1.8.i686.rpm\nopenssl-devel-1.0.1e-42.el7_1.8.x86_64.rpm\nopenssl-perl-1.0.1e-42.el7_1.8.x86_64.rpm\nopenssl-static-1.0.1e-42.el7_1.8.i686.rpm\nopenssl-static-1.0.1e-42.el7_1.8.x86_64.rpm\n\nRed Hat Enterprise Linux Server (v. 7):\n\nSource:\nopenssl-1.0.1e-42.el7_1.8.src.rpm\n\nppc64:\nopenssl-1.0.1e-42.el7_1.8.ppc64.rpm\nopenssl-debuginfo-1.0.1e-42.el7_1.8.ppc.rpm\nopenssl-debuginfo-1.0.1e-42.el7_1.8.ppc64.rpm\nopenssl-devel-1.0.1e-42.el7_1.8.ppc.rpm\nopenssl-devel-1.0.1e-42.el7_1.8.ppc64.rpm\nopenssl-libs-1.0.1e-42.el7_1.8.ppc.rpm\nopenssl-libs-1.0.1e-42.el7_1.8.ppc64.rpm\n\ns390x:\nopenssl-1.0.1e-42.el7_1.8.s390x.rpm\nopenssl-debuginfo-1.0.1e-42.el7_1.8.s390.rpm\nopenssl-debuginfo-1.0.1e-42.el7_1.8.s390x.rpm\nopenssl-devel-1.0.1e-42.el7_1.8.s390.rpm\nopenssl-devel-1.0.1e-42.el7_1.8.s390x.rpm\nopenssl-libs-1.0.1e-42.el7_1.8.s390.rpm\nopenssl-libs-1.0.1e-42.el7_1.8.s390x.rpm\n\nx86_64:\nopenssl-1.0.1e-42.el7_1.8.x86_64.rpm\nopenssl-debuginfo-1.0.1e-42.el7_1.8.i686.rpm\nopenssl-debuginfo-1.0.1e-42.el7_1.8.x86_64.rpm\nopenssl-devel-1.0.1e-42.el7_1.8.i686.rpm\nopenssl-devel-1.0.1e-42.el7_1.8.x86_64.rpm\nopenssl-libs-1.0.1e-42.el7_1.8.i686.rpm\nopenssl-libs-1.0.1e-42.el7_1.8.x86_64.rpm\n\nRed Hat Enterprise Linux Server (v. 7):\n\nSource:\nopenssl-1.0.1e-42.ael7b_1.8.src.rpm\n\nppc64le:\nopenssl-1.0.1e-42.ael7b_1.8.ppc64le.rpm\nopenssl-debuginfo-1.0.1e-42.ael7b_1.8.ppc64le.rpm\nopenssl-devel-1.0.1e-42.ael7b_1.8.ppc64le.rpm\nopenssl-libs-1.0.1e-42.ael7b_1.8.ppc64le.rpm\n\nRed Hat Enterprise Linux Server Optional (v. 7):\n\nppc64:\nopenssl-debuginfo-1.0.1e-42.el7_1.8.ppc.rpm\nopenssl-debuginfo-1.0.1e-42.el7_1.8.ppc64.rpm\nopenssl-perl-1.0.1e-42.el7_1.8.ppc64.rpm\nopenssl-static-1.0.1e-42.el7_1.8.ppc.rpm\nopenssl-static-1.0.1e-42.el7_1.8.ppc64.rpm\n\ns390x:\nopenssl-debuginfo-1.0.1e-42.el7_1.8.s390.rpm\nopenssl-debuginfo-1.0.1e-42.el7_1.8.s390x.rpm\nopenssl-perl-1.0.1e-42.el7_1.8.s390x.rpm\nopenssl-static-1.0.1e-42.el7_1.8.s390.rpm\nopenssl-static-1.0.1e-42.el7_1.8.s390x.rpm\n\nx86_64:\nopenssl-debuginfo-1.0.1e-42.el7_1.8.i686.rpm\nopenssl-debuginfo-1.0.1e-42.el7_1.8.x86_64.rpm\nopenssl-perl-1.0.1e-42.el7_1.8.x86_64.rpm\nopenssl-static-1.0.1e-42.el7_1.8.i686.rpm\nopenssl-static-1.0.1e-42.el7_1.8.x86_64.rpm\n\nRed Hat Enterprise Linux Server Optional (v. 7):\n\nppc64le:\nopenssl-debuginfo-1.0.1e-42.ael7b_1.8.ppc64le.rpm\nopenssl-perl-1.0.1e-42.ael7b_1.8.ppc64le.rpm\nopenssl-static-1.0.1e-42.ael7b_1.8.ppc64le.rpm\n\nRed Hat Enterprise Linux Workstation (v. 7):\n\nSource:\nopenssl-1.0.1e-42.el7_1.8.src.rpm\n\nx86_64:\nopenssl-1.0.1e-42.el7_1.8.x86_64.rpm\nopenssl-debuginfo-1.0.1e-42.el7_1.8.i686.rpm\nopenssl-debuginfo-1.0.1e-42.el7_1.8.x86_64.rpm\nopenssl-devel-1.0.1e-42.el7_1.8.i686.rpm\nopenssl-devel-1.0.1e-42.el7_1.8.x86_64.rpm\nopenssl-libs-1.0.1e-42.el7_1.8.i686.rpm\nopenssl-libs-1.0.1e-42.el7_1.8.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation Optional (v. 7):\n\nx86_64:\nopenssl-debuginfo-1.0.1e-42.el7_1.8.i686.rpm\nopenssl-debuginfo-1.0.1e-42.el7_1.8.x86_64.rpm\nopenssl-perl-1.0.1e-42.el7_1.8.x86_64.rpm\nopenssl-static-1.0.1e-42.el7_1.8.i686.rpm\nopenssl-static-1.0.1e-42.el7_1.8.x86_64.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. References:\n\nhttps://access.redhat.com/security/cve/CVE-2014-8176\nhttps://access.redhat.com/security/cve/CVE-2015-1789\nhttps://access.redhat.com/security/cve/CVE-2015-1790\nhttps://access.redhat.com/security/cve/CVE-2015-1791\nhttps://access.redhat.com/security/cve/CVE-2015-1792\nhttps://access.redhat.com/security/cve/CVE-2015-3216\nhttps://access.redhat.com/security/updates/classification/#moderate\nhttps://www.openssl.org/news/secadv_20150611.txt\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2015 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niD8DBQFVf0NNXlSAg2UNWIIRArL4AJ9e7lbD/4Nks5midR5o3E4Bs5lQWQCgnrvk\nZyXizCcFL9oAQexObjxp/Mo=\n=PXiY\n-----END PGP SIGNATURE-----\n\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce",
"sources": [
{
"db": "NVD",
"id": "CVE-2015-1789"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-003081"
},
{
"db": "BID",
"id": "75156"
},
{
"db": "VULMON",
"id": "CVE-2015-1789"
},
{
"db": "PACKETSTORM",
"id": "169629"
},
{
"db": "PACKETSTORM",
"id": "137294"
},
{
"db": "PACKETSTORM",
"id": "132637"
},
{
"db": "PACKETSTORM",
"id": "132291"
},
{
"db": "PACKETSTORM",
"id": "132288"
},
{
"db": "PACKETSTORM",
"id": "132313"
},
{
"db": "PACKETSTORM",
"id": "136989"
}
],
"trust": 2.61
},
"external_ids": {
"_id": null,
"data": [
{
"db": "NVD",
"id": "CVE-2015-1789",
"trust": 2.9
},
{
"db": "JUNIPER",
"id": "JSA10733",
"trust": 1.4
},
{
"db": "JUNIPER",
"id": "JSA10694",
"trust": 1.4
},
{
"db": "BID",
"id": "75156",
"trust": 1.4
},
{
"db": "BID",
"id": "91787",
"trust": 1.1
},
{
"db": "SIEMENS",
"id": "SSA-412672",
"trust": 1.1
},
{
"db": "MCAFEE",
"id": "SB10122",
"trust": 1.1
},
{
"db": "SECTRACK",
"id": "1032564",
"trust": 1.1
},
{
"db": "JVN",
"id": "JVNVU91445763",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2015-003081",
"trust": 0.8
},
{
"db": "ICS CERT",
"id": "ICSA-22-349-21",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2015-1789",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "169629",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "137294",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "132637",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "132291",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "132288",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "132313",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "136989",
"trust": 0.1
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2015-1789"
},
{
"db": "BID",
"id": "75156"
},
{
"db": "PACKETSTORM",
"id": "169629"
},
{
"db": "PACKETSTORM",
"id": "137294"
},
{
"db": "PACKETSTORM",
"id": "132637"
},
{
"db": "PACKETSTORM",
"id": "132291"
},
{
"db": "PACKETSTORM",
"id": "132288"
},
{
"db": "PACKETSTORM",
"id": "132313"
},
{
"db": "PACKETSTORM",
"id": "136989"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-003081"
},
{
"db": "NVD",
"id": "CVE-2015-1789"
}
]
},
"id": "VAR-201506-0498",
"iot": {
"_id": null,
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.1575688975
},
"last_update_date": "2026-04-10T23:17:27.032000Z",
"patch": {
"_id": null,
"data": [
{
"title": "APPLE-SA-2015-08-13-2 OS X Yosemite v10.10.5 and Security Update 2015-006",
"trust": 0.8,
"url": "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html"
},
{
"title": "HT205031",
"trust": 0.8,
"url": "https://support.apple.com/en-us/HT205031"
},
{
"title": "HT205031",
"trust": 0.8,
"url": "https://support.apple.com/ja-jp/HT205031"
},
{
"title": "cisco-sa-20150612-openssl",
"trust": 0.8,
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150612-openssl"
},
{
"title": "Fix length checks in X509_cmp_time to avoid out-of-bounds reads.",
"trust": 0.8,
"url": "https://github.com/openssl/openssl/commit/f48b83b4fb7d6689584cf25f61ca63a4891f5b11"
},
{
"title": "HPSBUX03388",
"trust": 0.8,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=143880121627664\u0026amp;w=2"
},
{
"title": "HPSBMU03612",
"trust": 0.8,
"url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c05158380"
},
{
"title": "HPSBHF03613",
"trust": 0.8,
"url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c05184351"
},
{
"title": "HPSBMU03546",
"trust": 0.8,
"url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c05045763"
},
{
"title": "HPSBMU03611",
"trust": 0.8,
"url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c05150888"
},
{
"title": "\u30a2\u30e9\u30a4\u30c9\u30c6\u30ec\u30b7\u30b9\u682a\u5f0f\u4f1a\u793e\u304b\u3089\u306e\u60c5\u5831",
"trust": 0.8,
"url": "http://jvn.jp/vu/JVNVU91445763/522154/index.html"
},
{
"title": "NV15-010",
"trust": 0.8,
"url": "http://jpn.nec.com/security-info/secinfo/nv15-010.html"
},
{
"title": "OpenSSL vulnerabilities",
"trust": 0.8,
"url": "https://www.openssl.org/news/vulnerabilities.html"
},
{
"title": "Tarballs",
"trust": 0.8,
"url": "https://www.openssl.org/source/"
},
{
"title": "[11 Jun 2015] DHE man-in-the-middle protection (Logjam)",
"trust": 0.8,
"url": "https://www.openssl.org/news/secadv_20150611.txt"
},
{
"title": "Oracle Critical Patch Update Advisory - October 2015",
"trust": 0.8,
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html"
},
{
"title": "Text Form of Oracle Critical Patch Update - April 2016 Risk Matrices",
"trust": 0.8,
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2016verbose-2881709.html"
},
{
"title": "Text Form of Oracle Critical Patch Update - October 2015 Risk Matrices",
"trust": 0.8,
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2015verbose-2367954.html"
},
{
"title": "Oracle Critical Patch Update Advisory - July 2016",
"trust": 0.8,
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html"
},
{
"title": "Oracle Critical Patch Update Advisory - January 2016",
"trust": 0.8,
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html"
},
{
"title": "Text Form of Oracle Critical Patch Update - July 2016 Risk Matrices",
"trust": 0.8,
"url": "http://www.oracle.com/technetwork/topics/security/cpujul2016verbose-2881721.html"
},
{
"title": "Text Form of Oracle Critical Patch Update - January 2016 Risk Matrices",
"trust": 0.8,
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2016verbose-2367956.html"
},
{
"title": "Oracle Critical Patch Update Advisory - April 2016",
"trust": 0.8,
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html"
},
{
"title": "Oracle Critical Patch Update CVSS V2 Risk Matrices - April 2016",
"trust": 0.8,
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2016-2881694.html"
},
{
"title": "Oracle Solaris Third Party Bulletin - July 2015",
"trust": 0.8,
"url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html"
},
{
"title": "April 2016 Critical Patch Update Released",
"trust": 0.8,
"url": "https://blogs.oracle.com/security/entry/april_2016_critical_patch_update"
},
{
"title": "October 2015 Critical Patch Update Released",
"trust": 0.8,
"url": "https://blogs.oracle.com/security/entry/october_2015_critical_patch_update"
},
{
"title": "July 2016 Critical Patch Update Released",
"trust": 0.8,
"url": "https://blogs.oracle.com/security/entry/july_2016_critical_patch_update"
},
{
"title": "January 2016 Critical Patch Update Released",
"trust": 0.8,
"url": "https://blogs.oracle.com/security/entry/january_2016_critical_patch_update"
},
{
"title": "JSA10694",
"trust": 0.8,
"url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10694"
},
{
"title": "TLSA-2015-14",
"trust": 0.8,
"url": "http://www.turbolinux.co.jp/security/2015/TLSA-2015-14j.html"
},
{
"title": "cisco-sa-20150612-openssl",
"trust": 0.8,
"url": "http://www.cisco.com/cisco/web/support/JP/112/1129/1129443_cisco-sa-20150612-openssl-j.html"
},
{
"title": "The Register",
"trust": 0.2,
"url": "https://www.theregister.co.uk/2016/07/06/hpe_rushes_out_patch_for_more_than_a_year_of_openssl_vulns/"
},
{
"title": "Red Hat: CVE-2015-1789",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database\u0026qid=CVE-2015-1789"
},
{
"title": "Ubuntu Security Notice: openssl vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-2639-1"
},
{
"title": "Amazon Linux AMI: ALAS-2015-550",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami\u0026qid=ALAS-2015-550"
},
{
"title": "Tenable Security Advisories: [R7] OpenSSL \u002720150611\u0027 Advisory Affects Tenable Products",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=tenable_security_advisories\u0026qid=TNS-2015-07"
},
{
"title": "Cisco: Multiple Vulnerabilities in OpenSSL (June 2015) Affecting Cisco Products",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts\u0026qid=cisco-sa-20150612-openssl"
},
{
"title": "Symantec Security Advisories: SA98 : OpenSSL Security Advisory 11-June-2015",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=symantec_security_advisories\u0026qid=a7350b0751124b5a44ba8dbd2df71f9f"
},
{
"title": "Oracle Solaris Third Party Bulletins: Oracle Solaris Third Party Bulletin - July 2015",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_solaris_third_party_bulletins\u0026qid=8b701aba68029ec36b631a8e26157a22"
},
{
"title": "Citrix Security Bulletins: Multiple Security Vulnerabilities in Citrix NetScaler Platform IPMI Lights Out Management (LOM) firmware",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=citrix_security_bulletins\u0026qid=eb059834b7f24e2562bcf592b6d0afbc"
},
{
"title": "Oracle: Oracle Critical Patch Update Advisory - October 2015",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=744c19dc9f4f70ad58059bf8733ec9c1"
},
{
"title": "Oracle: Oracle Critical Patch Update Advisory - October 2016",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=05aabe19d38058b7814ef5514aab4c0c"
},
{
"title": "Oracle: Oracle Critical Patch Update Advisory - January 2017",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=69e9536e77203a3c76b24dd89f4f9300"
},
{
"title": "Oracle: Oracle Critical Patch Update Advisory - April 2017",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=143b3fb255063c81571469eaa3cf0a87"
},
{
"title": "Oracle: Oracle Critical Patch Update Advisory - October 2017",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=523d3f220a64ff01dd95e064bd37566a"
},
{
"title": "Oracle: Oracle Critical Patch Update Advisory - July 2017",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=2f446a7e1ea263c0c3a365776c6713f2"
},
{
"title": "Oracle: Oracle Critical Patch Update Advisory - April 2016",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=122319027ae43d6d626710f1b1bb1d43"
},
{
"title": "Oracle: Oracle Critical Patch Update Advisory - July 2016",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=3a04485ebb79f7fbc2472bf9af5ce489"
},
{
"title": "Oracle: Oracle Critical Patch Update Advisory - January 2016",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=63802a6c83b107c4e6e0c7f9241a66a8"
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/Live-Hack-CVE/CVE-2015-1789 "
},
{
"title": "android_external_honggfuzz",
"trust": 0.1,
"url": "https://github.com/khadas/android_external_honggfuzz "
},
{
"title": "external_honggfuzz",
"trust": 0.1,
"url": "https://github.com/yaap/external_honggfuzz "
},
{
"title": "external_honggfuzz",
"trust": 0.1,
"url": "https://github.com/crdroid-r/external_honggfuzz "
},
{
"title": "tab_pie_external_honggfuzz",
"trust": 0.1,
"url": "https://github.com/CredenceID/tab_pie_external_honggfuzz "
},
{
"title": "platform_external_honggfuzz",
"trust": 0.1,
"url": "https://github.com/DennissimOS/platform_external_honggfuzz "
},
{
"title": "external_honggfuzz",
"trust": 0.1,
"url": "https://github.com/swordphoenix/external_honggfuzz "
},
{
"title": "platform_external_honggfuzz",
"trust": 0.1,
"url": "https://github.com/aosp-caf-upstream/platform_external_honggfuzz "
},
{
"title": "honggfuzz_READ",
"trust": 0.1,
"url": "https://github.com/imbaya2466/honggfuzz_READ "
},
{
"title": "android_external_honggfuzz",
"trust": 0.1,
"url": "https://github.com/bananadroid/android_external_honggfuzz "
},
{
"title": "external_honggfuzz",
"trust": 0.1,
"url": "https://github.com/ForkLineageOS/external_honggfuzz "
},
{
"title": "android_external_honggfuzz",
"trust": 0.1,
"url": "https://github.com/TheXPerienceProject/android_external_honggfuzz "
},
{
"title": "android_external_honggfuzz",
"trust": 0.1,
"url": "https://github.com/random-aosp-stuff/android_external_honggfuzz "
},
{
"title": "external_honggfuzz",
"trust": 0.1,
"url": "https://github.com/Wave-Project/external_honggfuzz "
},
{
"title": "external_honggfuzz",
"trust": 0.1,
"url": "https://github.com/Project-1CE/external_honggfuzz "
},
{
"title": "android_external_honggfuzz",
"trust": 0.1,
"url": "https://github.com/jingpad-bsp/android_external_honggfuzz "
},
{
"title": "android_external_honggfuzz",
"trust": 0.1,
"url": "https://github.com/crdroidandroid/android_external_honggfuzz "
},
{
"title": "android_external_honggfuzz",
"trust": 0.1,
"url": "https://github.com/StatiXOS/android_external_honggfuzz "
},
{
"title": "external_honggfuzz",
"trust": 0.1,
"url": "https://github.com/CAF-Extended/external_honggfuzz "
},
{
"title": "external_honggfuzz",
"trust": 0.1,
"url": "https://github.com/Ozone-OS/external_honggfuzz "
},
{
"title": "android_external_honggfuzz",
"trust": 0.1,
"url": "https://github.com/Corvus-R/android_external_honggfuzz "
},
{
"title": "external-honggfuzz",
"trust": 0.1,
"url": "https://github.com/TinkerBoard2-Android/external-honggfuzz "
},
{
"title": "external_honggfuzz",
"trust": 0.1,
"url": "https://github.com/TinkerEdgeR-Android/external_honggfuzz "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/ep-infosec/50_google_honggfuzz "
},
{
"title": "lllnx",
"trust": 0.1,
"url": "https://github.com/lllnx/lllnx "
},
{
"title": "external_honggfuzz",
"trust": 0.1,
"url": "https://github.com/TinkerBoard2-Android/external_honggfuzz "
},
{
"title": "external-honggfuzz",
"trust": 0.1,
"url": "https://github.com/TinkerBoard-Android/external-honggfuzz "
},
{
"title": "external_honggfuzz",
"trust": 0.1,
"url": "https://github.com/HavocR/external_honggfuzz "
},
{
"title": "android_external_honggfuzz",
"trust": 0.1,
"url": "https://github.com/ProtonAOSP-platina/android_external_honggfuzz "
},
{
"title": "android_external_honggfuzz",
"trust": 0.1,
"url": "https://github.com/ProtonAOSP/android_external_honggfuzz "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/Tomoms/android_external_honggfuzz "
},
{
"title": "honggfuzz",
"trust": 0.1,
"url": "https://github.com/google/honggfuzz "
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2015-1789"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-003081"
}
]
},
"problemtype_data": {
"_id": null,
"data": [
{
"problemtype": "CWE-119",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-003081"
},
{
"db": "NVD",
"id": "CVE-2015-1789"
}
]
},
"references": {
"_id": null,
"data": [
{
"trust": 1.6,
"url": "https://www.openssl.org/news/secadv_20150611.txt"
},
{
"trust": 1.5,
"url": "http://rhn.redhat.com/errata/rhsa-2015-1115.html"
},
{
"trust": 1.4,
"url": "http://kb.juniper.net/infocenter/index?page=content\u0026id=jsa10694"
},
{
"trust": 1.4,
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html"
},
{
"trust": 1.4,
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html"
},
{
"trust": 1.4,
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html"
},
{
"trust": 1.4,
"url": "http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20150612-openssl"
},
{
"trust": 1.4,
"url": "https://support.citrix.com/article/ctx216642"
},
{
"trust": 1.2,
"url": "http://www.securityfocus.com/bid/75156"
},
{
"trust": 1.1,
"url": "https://github.com/openssl/openssl/commit/f48b83b4fb7d6689584cf25f61ca63a4891f5b11"
},
{
"trust": 1.1,
"url": "http://lists.apple.com/archives/security-announce/2015/aug/msg00001.html"
},
{
"trust": 1.1,
"url": "https://support.apple.com/kb/ht205031"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=143880121627664\u0026w=2"
},
{
"trust": 1.1,
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html"
},
{
"trust": 1.1,
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html"
},
{
"trust": 1.1,
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c05157667"
},
{
"trust": 1.1,
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c05131044"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/bid/91787"
},
{
"trust": 1.1,
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c05150888"
},
{
"trust": 1.1,
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c05158380"
},
{
"trust": 1.1,
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c05184351"
},
{
"trust": 1.1,
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c05045763"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=143654156615516\u0026w=2"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=144050155601375\u0026w=2"
},
{
"trust": 1.1,
"url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html"
},
{
"trust": 1.1,
"url": "https://openssl.org/news/secadv/20150611.txt"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00011.html"
},
{
"trust": 1.1,
"url": "http://kb.juniper.net/infocenter/index?page=content\u0026id=jsa10733"
},
{
"trust": 1.1,
"url": "http://fortiguard.com/advisory/openssl-vulnerabilities-june-2015"
},
{
"trust": 1.1,
"url": "http://www.fortiguard.com/advisory/openssl-vulnerabilities-june-2015"
},
{
"trust": 1.1,
"url": "https://bto.bluecoat.com/security-advisory/sa98"
},
{
"trust": 1.1,
"url": "http://www.fortiguard.com/advisory/2015-06-11-fortinet-vulnerability-openssl-vulnerabilities-june-2015"
},
{
"trust": 1.1,
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c05353965"
},
{
"trust": 1.1,
"url": "https://security.gentoo.org/glsa/201506-02"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00037.html"
},
{
"trust": 1.1,
"url": "http://ftp.netbsd.org/pub/netbsd/security/advisories/netbsd-sa2015-008.txt.asc"
},
{
"trust": 1.1,
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=sb10122"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00007.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00006.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00005.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00004.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00003.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00026.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00024.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00023.html"
},
{
"trust": 1.1,
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-june/160647.html"
},
{
"trust": 1.1,
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-june/160436.html"
},
{
"trust": 1.1,
"url": "http://www.ubuntu.com/usn/usn-2639-1"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1032564"
},
{
"trust": 1.1,
"url": "http://www.debian.org/security/2015/dsa-3287"
},
{
"trust": 1.1,
"url": "http://rhn.redhat.com/errata/rhsa-2015-1197.html"
},
{
"trust": 1.1,
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html"
},
{
"trust": 1.1,
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html"
},
{
"trust": 1.1,
"url": "https://www.arista.com/en/support/advisories-notices/security-advisories/1144-security-advisory-11"
},
{
"trust": 1.1,
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-1789"
},
{
"trust": 0.8,
"url": "http://jvn.jp/vu/jvnvu91445763/index.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-1789"
},
{
"trust": 0.7,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-1789"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-1792"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-1790"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-1791"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-1788"
},
{
"trust": 0.3,
"url": "http://openssl.org/"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3t1022444"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21962775"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21965845"
},
{
"trust": 0.3,
"url": "http://seclists.org/bugtraq/2015/aug/13"
},
{
"trust": 0.3,
"url": "http://kb.juniper.net/infocenter/index?page=content\u0026id=jsa10733\u0026cat=sirt_1\u0026actp=list"
},
{
"trust": 0.3,
"url": "http://prod.lists.apple.com/archives/security-announce/2015/aug/msg00001.html"
},
{
"trust": 0.3,
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2016-2881694.html"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/hpsc/doc/public/display?docid=emr_na-c04739301"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c05353965"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c05184351"
},
{
"trust": 0.3,
"url": "http://seclists.org/bugtraq/2015/aug/135"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c05131044"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c05157667"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c05150888"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c05158380"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3t1022527"
},
{
"trust": 0.3,
"url": "http://www.ibm.com/support/docview.wss?uid=isg3t1022724"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1s1005313"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1s1005376"
},
{
"trust": 0.3,
"url": "http://www.ibm.com/support/docview.wss?uid=swg21961837"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21962520"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21963232"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21963954"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21965415"
},
{
"trust": 0.3,
"url": "http://www.ibm.com/support/docview.wss?uid=swg21966484"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21966723"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3t1022655"
},
{
"trust": 0.3,
"url": "https://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5098801"
},
{
"trust": 0.3,
"url": "https://downloads.avaya.com/css/p8/documents/101012435"
},
{
"trust": 0.3,
"url": "https://downloads.avaya.com/css/p8/documents/101013879"
},
{
"trust": 0.3,
"url": "http://www.fortiguard.com/advisory/fg-ir-15-014/"
},
{
"trust": 0.3,
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html"
},
{
"trust": 0.3,
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html"
},
{
"trust": 0.3,
"url": "https://downloads.avaya.com/css/p8/documents/101012550"
},
{
"trust": 0.3,
"url": "https://www.alienvault.com/forums/discussion/5438/security-advisory-alienvault-v5-0-4-addresses-31-vulnerabilities"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21962519"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21962726"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21963964"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1s1005375"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21962039"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=nas8n1020862"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3t1022647"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21962686"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21961800"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21961633"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21960633"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21963096"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21960713"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21964033"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21964441"
},
{
"trust": 0.3,
"url": "www-01.ibm.com/support/docview.wss?uid=swg21903425"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21960157"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=nas8n1020840"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21961179"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21962493"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?rs=0\u0026uid=swg21963438"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21962623"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21959518"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21961438"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21961569"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21963270"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1s1005314"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1s1005373"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1s1005434"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21960045"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21963498"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21966481"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21966847"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21966873"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21967384"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21968046"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21968724"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21968871"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21970020"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21970103"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21971238"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21964030"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21963603"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21966381"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-8176"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-4000"
},
{
"trust": 0.2,
"url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_n"
},
{
"trust": 0.2,
"url": "http://www.hpe.com/support/security_bulletin_archive"
},
{
"trust": 0.2,
"url": "http://www.hpe.com/support/subscriber_choice"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/119.html"
},
{
"trust": 0.1,
"url": "https://github.com/live-hack-cve/cve-2015-1789"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://usn.ubuntu.com/2639-1/"
},
{
"trust": 0.1,
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-349-21"
},
{
"trust": 0.1,
"url": "http://tools.cisco.com/security/center/viewalert.x?alertid=44733"
},
{
"trust": 0.1,
"url": "https://www.openssl.org/about/secpolicy.html"
},
{
"trust": 0.1,
"url": "https://www.openssl.org/about/releasestrat.html),"
},
{
"trust": 0.1,
"url": "https://rt.openssl.org/ticket/display.html?id=3286"
},
{
"trust": 0.1,
"url": "http://h20564.www2.hpe.com/hpsc/swd/public"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-3194"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-0705"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-5161"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-5600"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0800"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-2842"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-3566"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0799"
},
{
"trust": 0.1,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/"
},
{
"trust": 0.1,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/secbullarchive/"
},
{
"trust": 0.1,
"url": "http://www.hp.com/jp/icewall_patchaccess"
},
{
"trust": 0.1,
"url": "http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins"
},
{
"trust": 0.1,
"url": "https://www.debian.org/security/faq"
},
{
"trust": 0.1,
"url": "https://www.debian.org/security/"
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-1789\u003e"
},
{
"trust": 0.1,
"url": "https://security.freebsd.org/patches/sa-15:10/openssl-8.4.patch.asc"
},
{
"trust": 0.1,
"url": "https://www.openssl.org/news/secadv_20150611.txt\u003e"
},
{
"trust": 0.1,
"url": "https://svnweb.freebsd.org/base?view=revision\u0026revision=nnnnnn\u003e"
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-4000\u003e"
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-1790\u003e"
},
{
"trust": 0.1,
"url": "https://security.freebsd.org/patches/sa-15:10/openssl-10.1.patch"
},
{
"trust": 0.1,
"url": "https://security.freebsd.org/advisories/freebsd-sa-15:10.openssl.asc\u003e"
},
{
"trust": 0.1,
"url": "https://security.freebsd.org/\u003e."
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-1791\u003e"
},
{
"trust": 0.1,
"url": "https://security.freebsd.org/patches/sa-15:10/openssl-10.1.patch.asc"
},
{
"trust": 0.1,
"url": "https://security.freebsd.org/patches/sa-15:10/openssl-8.4.patch"
},
{
"trust": 0.1,
"url": "https://www.freebsd.org/handbook/makeworld.html\u003e."
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-1788\u003e"
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-1792\u003e"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-3216"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2015-1790"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2015-1791"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/articles/11258"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/team/contact/"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2015-1792"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2014-8176"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2015-3216"
},
{
"trust": 0.1,
"url": "https://bugzilla.redhat.com/):"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/team/key/"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2015-1789"
},
{
"trust": 0.1,
"url": "https://www.hp.com/swpublishing/mtx-b59b11be53744759a650eadeb4"
},
{
"trust": 0.1,
"url": "https://www.hp.com/go/sim"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2015-1789"
},
{
"db": "BID",
"id": "75156"
},
{
"db": "PACKETSTORM",
"id": "169629"
},
{
"db": "PACKETSTORM",
"id": "137294"
},
{
"db": "PACKETSTORM",
"id": "132637"
},
{
"db": "PACKETSTORM",
"id": "132291"
},
{
"db": "PACKETSTORM",
"id": "132288"
},
{
"db": "PACKETSTORM",
"id": "132313"
},
{
"db": "PACKETSTORM",
"id": "136989"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-003081"
},
{
"db": "NVD",
"id": "CVE-2015-1789"
}
]
},
"sources": {
"_id": null,
"data": [
{
"db": "VULMON",
"id": "CVE-2015-1789",
"ident": null
},
{
"db": "BID",
"id": "75156",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "169629",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "137294",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "132637",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "132291",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "132288",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "132313",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "136989",
"ident": null
},
{
"db": "JVNDB",
"id": "JVNDB-2015-003081",
"ident": null
},
{
"db": "NVD",
"id": "CVE-2015-1789",
"ident": null
}
]
},
"sources_release_date": {
"_id": null,
"data": [
{
"date": "2015-06-12T00:00:00",
"db": "VULMON",
"id": "CVE-2015-1789",
"ident": null
},
{
"date": "2015-06-11T00:00:00",
"db": "BID",
"id": "75156",
"ident": null
},
{
"date": "2015-06-11T12:12:12",
"db": "PACKETSTORM",
"id": "169629",
"ident": null
},
{
"date": "2016-06-02T16:22:00",
"db": "PACKETSTORM",
"id": "137294",
"ident": null
},
{
"date": "2015-07-10T15:43:15",
"db": "PACKETSTORM",
"id": "132637",
"ident": null
},
{
"date": "2015-06-15T15:43:16",
"db": "PACKETSTORM",
"id": "132291",
"ident": null
},
{
"date": "2015-06-12T13:25:28",
"db": "PACKETSTORM",
"id": "132288",
"ident": null
},
{
"date": "2015-06-15T23:37:59",
"db": "PACKETSTORM",
"id": "132313",
"ident": null
},
{
"date": "2016-05-13T16:14:13",
"db": "PACKETSTORM",
"id": "136989",
"ident": null
},
{
"date": "2015-06-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-003081",
"ident": null
},
{
"date": "2015-06-12T19:59:02.507000",
"db": "NVD",
"id": "CVE-2015-1789",
"ident": null
}
]
},
"sources_update_date": {
"_id": null,
"data": [
{
"date": "2023-02-13T00:00:00",
"db": "VULMON",
"id": "CVE-2015-1789",
"ident": null
},
{
"date": "2017-05-02T01:08:00",
"db": "BID",
"id": "75156",
"ident": null
},
{
"date": "2017-03-09T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-003081",
"ident": null
},
{
"date": "2025-04-12T10:46:40.837000",
"db": "NVD",
"id": "CVE-2015-1789",
"ident": null
}
]
},
"threat_type": {
"_id": null,
"data": "network",
"sources": [
{
"db": "BID",
"id": "75156"
}
],
"trust": 0.3
},
"title": {
"_id": null,
"data": "OpenSSL of crypto/x509/x509_vfy.c of X509_cmp_time Service disruption in functions (DoS) Vulnerabilities",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-003081"
}
],
"trust": 0.8
},
"type": {
"_id": null,
"data": "Failure to Handle Exceptional Conditions",
"sources": [
{
"db": "BID",
"id": "75156"
}
],
"trust": 0.3
}
}
VAR-201403-0275
Vulnerability from variot - Updated: 2026-04-10 23:16sshd in OpenSSH before 6.6 does not properly support wildcards on AcceptEnv lines in sshd_config, which allows remote attackers to bypass intended environment restrictions by using a substring located before a wildcard character. OpenSSH is prone to a security-bypass vulnerability. An attacker can exploit this issue to bypass certain security restrictions and perform unauthorized actions. This may lead to further attacks. Versions prior to OpenSSH 6.6 are vulnerable.
Here are the details from the Slackware 14.1 ChangeLog: +--------------------------+ patches/packages/openssh-6.6p1-i486-1_slack14.1.txz: Upgraded. This update fixes a security issue when using environment passing with a sshd_config(5) AcceptEnv pattern with a wildcard. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2532 ( Security fix ) +--------------------------+
Where to find the new packages: +-----------------------------+
Thanks to the friendly folks at the OSU Open Source Lab (http://osuosl.org) for donating FTP and rsync hosting to the Slackware project! :-)
Also see the "Get Slack" section on http://slackware.com for additional mirror sites near you.
Updated package for Slackware 13.0: ftp://ftp.slackware.com/pub/slackware/slackware-13.0/patches/packages/openssh-5.9p1-i486-1_slack13.0.txz
Updated package for Slackware x86_64 13.0: ftp://ftp.slackware.com/pub/slackware/slackware64-13.0/patches/packages/openssh-5.9p1-x86_64-1_slack13.0.txz
Updated package for Slackware 13.1: ftp://ftp.slackware.com/pub/slackware/slackware-13.1/patches/packages/openssh-5.9p1-i486-1_slack13.1.txz
Updated package for Slackware x86_64 13.1: ftp://ftp.slackware.com/pub/slackware/slackware64-13.1/patches/packages/openssh-5.9p1-x86_64-1_slack13.1.txz
Updated package for Slackware 13.37: ftp://ftp.slackware.com/pub/slackware/slackware-13.37/patches/packages/openssh-5.9p1-i486-3_slack13.37.txz
Updated package for Slackware x86_64 13.37: ftp://ftp.slackware.com/pub/slackware/slackware64-13.37/patches/packages/openssh-5.9p1-x86_64-3_slack13.37.txz
Updated package for Slackware 14.0: ftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/openssh-6.6p1-i486-1_slack14.0.txz
Updated package for Slackware x86_64 14.0: ftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/openssh-6.6p1-x86_64-1_slack14.0.txz
Updated package for Slackware 14.1: ftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/openssh-6.6p1-i486-1_slack14.1.txz
Updated package for Slackware x86_64 14.1: ftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/openssh-6.6p1-x86_64-1_slack14.1.txz
Updated package for Slackware -current: ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/openssh-6.6p1-i486-1.txz
Updated package for Slackware x86_64 -current: ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/openssh-6.6p1-x86_64-1.txz
MD5 signatures: +-------------+
Slackware 13.0 package: 0729d3be6a1886c2462522110333abc0 openssh-5.9p1-i486-1_slack13.0.txz
Slackware x86_64 13.0 package: a474f048de648347207bacb21b5f8f28 openssh-5.9p1-x86_64-1_slack13.0.txz
Slackware 13.1 package: 8df387cdf44f359a9de7c3e40ea321c6 openssh-5.9p1-i486-1_slack13.1.txz
Slackware x86_64 13.1 package: e7eb361401849bbcfb0e20ea17181836 openssh-5.9p1-x86_64-1_slack13.1.txz
Slackware 13.37 package: 8404668d896f81b44ddd5e6e2985f590 openssh-5.9p1-i486-3_slack13.37.txz
Slackware x86_64 13.37 package: b50bb951453824e53dcddbdf1d571561 openssh-5.9p1-x86_64-3_slack13.37.txz
Slackware 14.0 package: 755d1ec29f80ac40636741ddf618715a openssh-6.6p1-i486-1_slack14.0.txz
Slackware x86_64 14.0 package: cc74307ab8875a8fa04a87f18b0cd216 openssh-6.6p1-x86_64-1_slack14.0.txz
Slackware 14.1 package: 1dcb917e01fa83d1cabd59378c81dd32 openssh-6.6p1-i486-1_slack14.1.txz
Slackware x86_64 14.1 package: dfb1f98206ce1e2300fea647a5281486 openssh-6.6p1-x86_64-1_slack14.1.txz
Slackware -current package: 7a5f7c123c397d040fff868afbf86e8b n/openssh-6.6p1-i486-1.txz
Slackware x86_64 -current package: e6d3cced2c7c9e642d8982b27295a408 n/openssh-6.6p1-x86_64-1.txz
Installation instructions: +------------------------+
Upgrade the package as root:
upgradepkg openssh-6.6p1-i486-1_slack14.1.txz
Next, restart the sshd daemon:
sh /etc/rc.d/rc.sshd restart
+-----+
Slackware Linux Security Team http://slackware.com/gpg-key security@slackware.com
+------------------------------------------------------------------------+ | To leave the slackware-security mailing list: | +------------------------------------------------------------------------+ | Send an email to majordomo@slackware.com with this text in the body of | | the email message: | | | | unsubscribe slackware-security | | | | You will get a confirmation message back containing instructions to | | complete the process. Please do not reply to this email address. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
===================================================================== Red Hat Security Advisory
Synopsis: Moderate: openssh security, bug fix, and enhancement update Advisory ID: RHSA-2014:1552-02 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2014-1552.html Issue date: 2014-10-14 CVE Names: CVE-2014-2532 CVE-2014-2653 =====================================================================
- Summary:
Updated openssh packages that fix two security issues, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 6.
Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.
- Relevant releases/architectures:
Red Hat Enterprise Linux Desktop (v. 6) - i386, x86_64 Red Hat Enterprise Linux Desktop Optional (v. 6) - i386, x86_64 Red Hat Enterprise Linux HPC Node (v. 6) - x86_64 Red Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64 Red Hat Enterprise Linux Server (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Optional (v. 6) - i386, x86_64
- Description:
OpenSSH is OpenBSD's SSH (Secure Shell) protocol implementation. These packages include the core files necessary for both the OpenSSH client and server.
It was discovered that OpenSSH clients did not correctly verify DNS SSHFP records. A malicious server could use this flaw to force a connecting client to skip the DNS SSHFP record check and require the user to perform manual host verification of the DNS SSHFP record. (CVE-2014-2653)
It was found that OpenSSH did not properly handle certain AcceptEnv parameter values with wildcard characters. (CVE-2014-2532)
This update also fixes the following bugs:
-
Based on the SP800-131A information security standard, the generation of a digital signature using the Digital Signature Algorithm (DSA) with the key size of 1024 bits and RSA with the key size of less than 2048 bits is disallowed after the year 2013. After this update, ssh-keygen no longer generates keys with less than 2048 bits in FIPS mode. However, the sshd service accepts keys of size 1024 bits as well as larger keys for compatibility reasons. (BZ#993580)
-
Previously, the openssh utility incorrectly set the oom_adj value to -17 for all of its children processes. This behavior was incorrect because the children processes were supposed to have this value set to 0. This update applies a patch to fix this bug and oom_adj is now properly set to 0 for all children processes as expected. (BZ#1010429)
-
Previously, if the sshd service failed to verify the checksum of an installed FIPS module using the fipscheck library, the information about this failure was only provided at the standard error output of sshd. As a consequence, the user could not notice this message and be uninformed when a system had not been properly configured for FIPS mode. To fix this bug, this behavior has been changed and sshd now sends such messages via the syslog service. (BZ#1020803)
-
When keys provided by the pkcs11 library were removed from the ssh agent using the "ssh-add -e" command, the user was prompted to enter a PIN. With this update, a patch has been applied to allow the user to remove the keys provided by pkcs11 without the PIN. (BZ#1042519)
In addition, this update adds the following enhancements:
-
With this update, ControlPersist has been added to OpenSSH. The option in conjunction with the ControlMaster configuration directive specifies that the master connection remains open in the background after the initial client connection has been closed. (BZ#953088)
-
When the sshd daemon is configured to force the internal SFTP session, and the user attempts to use a connection other than SFTP, the appropriate message is logged to the /var/log/secure file. (BZ#997377)
-
Support for Elliptic Curve Cryptography modes for key exchange (ECDH) and host user keys (ECDSA) as specified by RFC5656 has been added to the openssh packages. However, they are not enabled by default and the user has to enable them manually. For more information on how to configure ECDSA and ECDH with OpenSSH, see: https://access.redhat.com/solutions/711953 (BZ#1028335)
All openssh users are advised to upgrade to these updated packages, which contain backported patches to correct these issues and add these enhancements.
- Solution:
Before applying this update, make sure all previously released errata relevant to your system have been applied.
This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/articles/11258
- Bugs fixed (https://bugzilla.redhat.com/):
953088 - OpenSSH adding ControlPersist patch to enable full usage of SSH control options 1010429 - Openssh Incorrectly sets oom_adj in all Children after Performing a Reload 1023043 - ssh_config manual page lists incorrect default value of KexAlgorithms 1023044 - Fix man page for ssh-keygen because of certificate support 1027197 - X11 Forwarding does not work with default config - error: Failed to allocate internet-domain X11 display socket 1028643 - Connection remains when fork() fails. 1077843 - CVE-2014-2532 openssh: AcceptEnv environment restriction bypass flaw 1081338 - CVE-2014-2653 openssh: failure to check DNS SSHFP records in certain scenarios 1108836 - ssh-keyscan should ignore SIGPIPE 1111568 - AUTOCREATE_SERVER_KEYS=RSAONLY is not supported by init script
- Package List:
Red Hat Enterprise Linux Desktop (v. 6):
Source: openssh-5.3p1-104.el6.src.rpm
i386: openssh-5.3p1-104.el6.i686.rpm openssh-askpass-5.3p1-104.el6.i686.rpm openssh-clients-5.3p1-104.el6.i686.rpm openssh-debuginfo-5.3p1-104.el6.i686.rpm openssh-server-5.3p1-104.el6.i686.rpm
x86_64: openssh-5.3p1-104.el6.x86_64.rpm openssh-askpass-5.3p1-104.el6.x86_64.rpm openssh-clients-5.3p1-104.el6.x86_64.rpm openssh-debuginfo-5.3p1-104.el6.x86_64.rpm openssh-server-5.3p1-104.el6.x86_64.rpm
Red Hat Enterprise Linux Desktop Optional (v. 6):
i386: openssh-debuginfo-5.3p1-104.el6.i686.rpm openssh-ldap-5.3p1-104.el6.i686.rpm pam_ssh_agent_auth-0.9.3-104.el6.i686.rpm
x86_64: openssh-debuginfo-5.3p1-104.el6.i686.rpm openssh-debuginfo-5.3p1-104.el6.x86_64.rpm openssh-ldap-5.3p1-104.el6.x86_64.rpm pam_ssh_agent_auth-0.9.3-104.el6.i686.rpm pam_ssh_agent_auth-0.9.3-104.el6.x86_64.rpm
Red Hat Enterprise Linux HPC Node (v. 6):
Source: openssh-5.3p1-104.el6.src.rpm
x86_64: openssh-5.3p1-104.el6.x86_64.rpm openssh-clients-5.3p1-104.el6.x86_64.rpm openssh-debuginfo-5.3p1-104.el6.x86_64.rpm openssh-server-5.3p1-104.el6.x86_64.rpm
Red Hat Enterprise Linux HPC Node Optional (v. 6):
x86_64: openssh-askpass-5.3p1-104.el6.x86_64.rpm openssh-debuginfo-5.3p1-104.el6.i686.rpm openssh-debuginfo-5.3p1-104.el6.x86_64.rpm openssh-ldap-5.3p1-104.el6.x86_64.rpm pam_ssh_agent_auth-0.9.3-104.el6.i686.rpm pam_ssh_agent_auth-0.9.3-104.el6.x86_64.rpm
Red Hat Enterprise Linux Server (v. 6):
Source: openssh-5.3p1-104.el6.src.rpm
i386: openssh-5.3p1-104.el6.i686.rpm openssh-askpass-5.3p1-104.el6.i686.rpm openssh-clients-5.3p1-104.el6.i686.rpm openssh-debuginfo-5.3p1-104.el6.i686.rpm openssh-server-5.3p1-104.el6.i686.rpm
ppc64: openssh-5.3p1-104.el6.ppc64.rpm openssh-askpass-5.3p1-104.el6.ppc64.rpm openssh-clients-5.3p1-104.el6.ppc64.rpm openssh-debuginfo-5.3p1-104.el6.ppc64.rpm openssh-server-5.3p1-104.el6.ppc64.rpm
s390x: openssh-5.3p1-104.el6.s390x.rpm openssh-askpass-5.3p1-104.el6.s390x.rpm openssh-clients-5.3p1-104.el6.s390x.rpm openssh-debuginfo-5.3p1-104.el6.s390x.rpm openssh-server-5.3p1-104.el6.s390x.rpm
x86_64: openssh-5.3p1-104.el6.x86_64.rpm openssh-askpass-5.3p1-104.el6.x86_64.rpm openssh-clients-5.3p1-104.el6.x86_64.rpm openssh-debuginfo-5.3p1-104.el6.x86_64.rpm openssh-server-5.3p1-104.el6.x86_64.rpm
Red Hat Enterprise Linux Server Optional (v. 6):
i386: openssh-debuginfo-5.3p1-104.el6.i686.rpm openssh-ldap-5.3p1-104.el6.i686.rpm pam_ssh_agent_auth-0.9.3-104.el6.i686.rpm
ppc64: openssh-debuginfo-5.3p1-104.el6.ppc.rpm openssh-debuginfo-5.3p1-104.el6.ppc64.rpm openssh-ldap-5.3p1-104.el6.ppc64.rpm pam_ssh_agent_auth-0.9.3-104.el6.ppc.rpm pam_ssh_agent_auth-0.9.3-104.el6.ppc64.rpm
s390x: openssh-debuginfo-5.3p1-104.el6.s390.rpm openssh-debuginfo-5.3p1-104.el6.s390x.rpm openssh-ldap-5.3p1-104.el6.s390x.rpm pam_ssh_agent_auth-0.9.3-104.el6.s390.rpm pam_ssh_agent_auth-0.9.3-104.el6.s390x.rpm
x86_64: openssh-debuginfo-5.3p1-104.el6.i686.rpm openssh-debuginfo-5.3p1-104.el6.x86_64.rpm openssh-ldap-5.3p1-104.el6.x86_64.rpm pam_ssh_agent_auth-0.9.3-104.el6.i686.rpm pam_ssh_agent_auth-0.9.3-104.el6.x86_64.rpm
Red Hat Enterprise Linux Workstation (v. 6):
Source: openssh-5.3p1-104.el6.src.rpm
i386: openssh-5.3p1-104.el6.i686.rpm openssh-askpass-5.3p1-104.el6.i686.rpm openssh-clients-5.3p1-104.el6.i686.rpm openssh-debuginfo-5.3p1-104.el6.i686.rpm openssh-server-5.3p1-104.el6.i686.rpm
x86_64: openssh-5.3p1-104.el6.x86_64.rpm openssh-askpass-5.3p1-104.el6.x86_64.rpm openssh-clients-5.3p1-104.el6.x86_64.rpm openssh-debuginfo-5.3p1-104.el6.x86_64.rpm openssh-server-5.3p1-104.el6.x86_64.rpm
Red Hat Enterprise Linux Workstation Optional (v. 6):
i386: openssh-debuginfo-5.3p1-104.el6.i686.rpm openssh-ldap-5.3p1-104.el6.i686.rpm pam_ssh_agent_auth-0.9.3-104.el6.i686.rpm
x86_64: openssh-debuginfo-5.3p1-104.el6.i686.rpm openssh-debuginfo-5.3p1-104.el6.x86_64.rpm openssh-ldap-5.3p1-104.el6.x86_64.rpm pam_ssh_agent_auth-0.9.3-104.el6.i686.rpm pam_ssh_agent_auth-0.9.3-104.el6.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package
- References:
https://www.redhat.com/security/data/cve/CVE-2014-2532.html https://www.redhat.com/security/data/cve/CVE-2014-2653.html https://access.redhat.com/security/updates/classification/#moderate https://access.redhat.com/solutions/711953
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2014 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iD8DBQFUPK1zXlSAg2UNWIIRAgLFAKCbc0zGun3IBr/70ChlueemUsEORgCfa8RL IT6RfneDJRTv3j8EqBZSrp0= =33Fn -----END PGP SIGNATURE-----
-- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce . - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201405-06
http://security.gentoo.org/
Severity: High Title: OpenSSH: Multiple vulnerabilities Date: May 11, 2014 Bugs: #231292, #247466, #386307, #410869, #419357, #456006, #505066 ID: 201405-06
Synopsis
Multiple vulnerabilities have been found in OpenSSH, the worst of which may allow remote attackers to execute arbitrary code. Please review the CVE identifiers referenced below for details.
Workaround
There is no known workaround at this time.
Resolution
All OpenSSH users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=net-misc/openssh-6.6_p1-r1"
NOTE: One or more of the issues described in this advisory have been fixed in previous updates. They are included in this advisory for the sake of completeness. It is likely that your system is already no longer affected by them.
References
[ 1 ] CVE-2008-5161 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5161 [ 2 ] CVE-2010-4478 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-4478 [ 3 ] CVE-2010-4755 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-4755 [ 4 ] CVE-2010-5107 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-5107 [ 5 ] CVE-2011-5000 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-5000 [ 6 ] CVE-2012-0814 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-0814 [ 7 ] CVE-2014-2532 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-2532
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201405-06.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2014 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5 . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
APPLE-SA-2015-09-30-3 OS X El Capitan 10.11
OS X El Capitan 10.11 is now available and addresses the following:
Address Book Available for: Mac OS X v10.6.8 and later Impact: A local attacker may be able to inject arbitrary code to processes loading the Address Book framework Description: An issue existed in Address Book framework's handling of an environment variable. This issue was addressed through improved environment variable handling. CVE-ID CVE-2015-5897 : Dan Bastone of Gotham Digital Science
AirScan Available for: Mac OS X v10.6.8 and later Impact: An attacker with a privileged network position may be able to extract payload from eSCL packets sent over a secure connection Description: An issue existed in the processing of eSCL packets. This issue was addressed through improved validation checks. CVE-ID CVE-2015-5853 : an anonymous researcher
apache_mod_php Available for: Mac OS X v10.6.8 and later Impact: Multiple vulnerabilities in PHP Description: Multiple vulnerabilities existed in PHP versions prior to 5.5.27, including one which may have led to remote code execution. This issue was addressed by updating PHP to version 5.5.27. CVE-ID CVE-2014-9425 CVE-2014-9427 CVE-2014-9652 CVE-2014-9705 CVE-2014-9709 CVE-2015-0231 CVE-2015-0232 CVE-2015-0235 CVE-2015-0273 CVE-2015-1351 CVE-2015-1352 CVE-2015-2301 CVE-2015-2305 CVE-2015-2331 CVE-2015-2348 CVE-2015-2783 CVE-2015-2787 CVE-2015-3329 CVE-2015-3330
Apple Online Store Kit Available for: Mac OS X v10.6.8 and later Impact: A malicious application may gain access to a user's keychain items Description: An issue existed in validation of access control lists for iCloud keychain items. This issue was addressed through improved access control list checks. CVE-ID CVE-2015-5836 : XiaoFeng Wang of Indiana University, Luyi Xing of Indiana University, Tongxin Li of Peking University, Tongxin Li of Peking University, Xiaolong Bai of Tsinghua University
AppleEvents Available for: Mac OS X v10.6.8 and later Impact: A user connected through screen sharing can send Apple Events to a local user's session Description: An issue existed with Apple Event filtering that allowed some users to send events to other users. This was addressed by improved Apple Event handling. CVE-ID CVE-2015-5849 : Jack Lawrence (@_jackhl)
Audio Available for: Mac OS X v10.6.8 and later Impact: Playing a malicious audio file may lead to an unexpected application termination Description: A memory corruption issue existed in the handling of audio files. This issue issue was addressed through improved memory handling. CVE-ID CVE-2015-5862 : YoungJin Yoon of Information Security Lab. (Adv.: Prof. Taekyoung Kwon), Yonsei University, Seoul, Korea
bash Available for: Mac OS X v10.6.8 and later Impact: Multiple vulnerabilities in bash Description: Multiple vulnerabilities existed in bash versions prior to 3.2 patch level 57. These issues were addressed by updating bash version 3.2 to patch level 57. CVE-ID CVE-2014-6277 CVE-2014-7186 CVE-2014-7187
Certificate Trust Policy Available for: Mac OS X v10.6.8 and later Impact: Update to the certificate trust policy Description: The certificate trust policy was updated. The complete list of certificates may be viewed at https://support.apple.com/en- us/HT202858.
CFNetwork Cookies Available for: Mac OS X v10.6.8 and later Impact: An attacker in a privileged network position can track a user's activity Description: A cross-domain cookie issue existed in the handling of top level domains. The issue was address through improved restrictions of cookie creation. CVE-ID CVE-2015-5885 : Xiaofeng Zheng of Blue Lotus Team, Tsinghua University
CFNetwork FTPProtocol Available for: Mac OS X v10.6.8 and later Impact: Malicious FTP servers may be able to cause the client to perform reconnaissance on other hosts Description: An issue existed in the handling of FTP packets when using the PASV command. This issue was resolved through improved validation. CVE-ID CVE-2015-5912 : Amit Klein
CFNetwork HTTPProtocol Available for: Mac OS X v10.6.8 and later Impact: A maliciously crafted URL may be able to bypass HSTS and leak sensitive data Description: A URL parsing vulnerability existed in HSTS handling. This issue was addressed through improved URL parsing. CVE-ID CVE-2015-5858 : Xiaofeng Zheng of Blue Lotus Team, Tsinghua University
CFNetwork HTTPProtocol Available for: Mac OS X v10.6.8 and later Impact: A malicious website may be able to track users in Safari private browsing mode Description: An issue existed in the handling of HSTS state in Safari private browsing mode. This issue was addressed through improved state handling. CVE-ID CVE-2015-5860 : Sam Greenhalgh of RadicalResearch Ltd
CFNetwork Proxies Available for: Mac OS X v10.6.8 and later Impact: Connecting to a malicious web proxy may set malicious cookies for a website Description: An issue existed in the handling of proxy connect responses. This issue was addressed by removing the set-cookie header while parsing the connect response. CVE-ID CVE-2015-5841 : Xiaofeng Zheng of Blue Lotus Team, Tsinghua University
CFNetwork SSL Available for: Mac OS X v10.6.8 and later Impact: An attacker with a privileged network position may intercept SSL/TLS connections Description: A certificate validation issue existed in NSURL when a certificate changed. This issue was addressed through improved certificate validation. CVE-ID CVE-2015-5824 : Timothy J. Wood of The Omni Group
CFNetwork SSL Available for: Mac OS X v10.6.8 and later Impact: An attacker may be able to decrypt data protected by SSL Description: There are known attacks on the confidentiality of RC4. An attacker could force the use of RC4, even if the server preferred better ciphers, by blocking TLS 1.0 and higher connections until CFNetwork tried SSL 3.0, which only allows RC4. This issue was addressed by removing the fallback to SSL 3.0.
CoreCrypto Available for: Mac OS X v10.6.8 and later Impact: An attacker may be able to determine a private key Description: By observing many signing or decryption attempts, an attacker may have been able to determine the RSA private key. This issue was addressed using improved encryption algorithms.
CoreText Available for: Mac OS X v10.6.8 and later Impact: Processing a maliciously crafted font file may lead to arbitrary code execution Description: A memory corruption issue existed in the processing of font files. This issue was addressed through improved input validation. CVE-ID CVE-2015-5874 : John Villamil (@day6reak), Yahoo Pentest Team
Dev Tools Available for: Mac OS X v10.6.8 and later Impact: A malicious application may be able to execute arbitrary code with system privileges Description: A memory corruption issue existed in dyld. This was addressed through improved memory handling. CVE-ID CVE-2015-5876 : beist of grayhash
Dev Tools Available for: Mac OS X v10.6.8 and later Impact: An application may be able to bypass code signing Description: An issue existed with validation of the code signature of executables. This issue was addressed through improved bounds checking. CVE-ID CVE-2015-5839 : @PanguTeam
Disk Images Available for: Mac OS X v10.6.8 and later Impact: A local user may be able to execute arbitrary code with system privileges Description: A memory corruption issue existed in DiskImages. This issue was addressed through improved memory handling. CVE-ID CVE-2015-5847 : Filippo Bigarella, Luca Todesco
dyld Available for: Mac OS X v10.6.8 and later Impact: An application may be able to bypass code signing Description: An issue existed with validation of the code signature of executables. This issue was addressed through improved bounds checking. CVE-ID CVE-2015-5839 : TaiG Jailbreak Team
EFI Available for: Mac OS X v10.6.8 and later Impact: A malicious application can prevent some systems from booting Description: An issue existed with the addresses covered by the protected range register. This issue was fixed by changing the protected range. CVE-ID CVE-2015-5900 : Xeno Kovah & Corey Kallenberg from LegbaCore
EFI Available for: Mac OS X v10.6.8 and later Impact: A malicious Apple Ethernet Thunderbolt adapter may be able to affect firmware flashing Description: Apple Ethernet Thunderbolt adapters could modify the host firmware if connected during an EFI update. This issue was addressed by not loading option ROMs during updates. CVE-ID CVE-2015-5914 : Trammell Hudson of Two Sigma Investments and snare
Finder Available for: Mac OS X v10.6.8 and later Impact: The "Secure Empty Trash" feature may not securely delete files placed in the Trash Description: An issue existed in guaranteeing secure deletion of Trash files on some systems, such as those with flash storage. This issue was addressed by removing the "Secure Empty Trash" option. CVE-ID CVE-2015-5901 : Apple
Game Center Available for: Mac OS X v10.6.8 and later Impact: A malicious Game Center application may be able to access a player's email address Description: An issue existed in Game Center in the handling of a player's email. This issue was addressed through improved access restrictions. CVE-ID CVE-2015-5855 : Nasser Alnasser
Heimdal Available for: Mac OS X v10.6.8 and later Impact: An attacker may be able to replay Kerberos credentials to the SMB server Description: An authentication issue existed in Kerberos credentials. This issue was addressed through additional validation of credentials using a list of recently seen credentials. CVE-ID CVE-2015-5913 : Tarun Chopra of Microsoft Corporation, U.S. and Yu Fan of Microsoft Corporation, China
ICU Available for: Mac OS X v10.6.8 and later Impact: Multiple vulnerabilities in ICU Description: Multiple vulnerabilities existed in ICU versions prior to 53.1.0. These issues were addressed by updating ICU to version 55.1. CVE-ID CVE-2014-8146 CVE-2014-8147 CVE-2015-5922
Install Framework Legacy Available for: Mac OS X v10.6.8 and later Impact: A local user may be able to gain root privileges Description: A restriction issue existed in the Install private framework containing a privileged executable. This issue was addressed by removing the executable. CVE-ID CVE-2015-5888 : Apple
Intel Graphics Driver Available for: Mac OS X v10.6.8 and later Impact: A local user may be able to execute arbitrary code with system privileges Description: Multiple memory corruption issues existed in the Intel Graphics Driver. These issues were addressed through improved memory handling. CVE-ID CVE-2015-5830 : Yuki MIZUNO (@mzyy94) CVE-2015-5877 : Camillus Gerard Cai
IOAudioFamily Available for: Mac OS X v10.6.8 and later Impact: A local user may be able to determine kernel memory layout Description: An issue existed in IOAudioFamily that led to the disclosure of kernel memory content. This issue was addressed by permuting kernel pointers. CVE-ID CVE-2015-5864 : Luca Todesco
IOGraphics Available for: Mac OS X v10.6.8 and later Impact: A local user may be able to execute arbitrary code with kernel privileges Description: Multiple memory corruption issues existed in the kernel. These issues were addressed through improved memory handling. CVE-ID CVE-2015-5871 : Ilja van Sprundel of IOActive CVE-2015-5872 : Ilja van Sprundel of IOActive CVE-2015-5873 : Ilja van Sprundel of IOActive CVE-2015-5890 : Ilja van Sprundel of IOActive
IOGraphics Available for: Mac OS X v10.6.8 and later Impact: A malicious application may be able to determine kernel memory layout Description: An issue existed in IOGraphics which could have led to the disclosure of kernel memory layout. This issue was addressed through improved memory management. CVE-ID CVE-2015-5865 : Luca Todesco
IOHIDFamily Available for: Mac OS X v10.6.8 and later Impact: A malicious application may be able to execute arbitrary code with system privileges Description: Multiple memory corruption issues existed in IOHIDFamily. These issues were addressed through improved memory handling. CVE-ID CVE-2015-5866 : Apple CVE-2015-5867 : moony li of Trend Micro
IOStorageFamily Available for: Mac OS X v10.6.8 and later Impact: A local attacker may be able to read kernel memory Description: A memory initialization issue existed in the kernel. This issue was addressed through improved memory handling. CVE-ID CVE-2015-5863 : Ilja van Sprundel of IOActive
Kernel Available for: Mac OS X v10.6.8 and later Impact: A local user may be able to execute arbitrary code with kernel privileges Description: Multiple memory corruption issues existed in the Kernel. These issues were addressed through improved memory handling. CVE-ID CVE-2015-5868 : Cererdlong of Alibaba Mobile Security Team CVE-2015-5896 : Maxime Villard of m00nbsd CVE-2015-5903 : CESG
Kernel Available for: Mac OS X v10.6.8 and later Impact: A local process can modify other processes without entitlement checks Description: An issue existed where root processes using the processor_set_tasks API were allowed to retrieve the task ports of other processes. This issue was addressed through additional entitlement checks. CVE-ID CVE-2015-5882 : Pedro Vilaca, working from original research by Ming-chieh Pan and Sung-ting Tsai; Jonathan Levin
Kernel Available for: Mac OS X v10.6.8 and later Impact: A local attacker may control the value of stack cookies Description: Multiple weaknesses existed in the generation of user space stack cookies. These issues were addressed through improved generation of stack cookies. CVE-ID CVE-2013-3951 : Stefan Esser
Kernel Available for: Mac OS X v10.6.8 and later Impact: An attacker may be able to launch denial of service attacks on targeted TCP connections without knowing the correct sequence number Description: An issue existed in xnu's validation of TCP packet headers. This issue was addressed through improved TCP packet header validation. CVE-ID CVE-2015-5879 : Jonathan Looney
Kernel Available for: Mac OS X v10.6.8 and later Impact: An attacker in a local LAN segment may disable IPv6 routing Description: An insufficient validation issue existed in the handling of IPv6 router advertisements that allowed an attacker to set the hop limit to an arbitrary value. This issue was addressed by enforcing a minimum hop limit. CVE-ID CVE-2015-5869 : Dennis Spindel Ljungmark
Kernel Available for: Mac OS X v10.6.8 and later Impact: A local user may be able to determine kernel memory layout Description: An issue existed that led to the disclosure of kernel memory layout. This was addressed through improved initialization of kernel memory structures. CVE-ID CVE-2015-5842 : beist of grayhash
Kernel Available for: Mac OS X v10.6.8 and later Impact: A local user may be able to determine kernel memory layout Description: An issue existed in debugging interfaces that led to the disclosure of memory content. This issue was addressed by sanitizing output from debugging interfaces. CVE-ID CVE-2015-5870 : Apple
Kernel Available for: Mac OS X v10.6.8 and later Impact: A local user may be able to cause a system denial of service Description: A state management issue existed in debugging functionality. This issue was addressed through improved validation. CVE-ID CVE-2015-5902 : Sergi Alvarez (pancake) of NowSecure Research Team
libc Available for: Mac OS X v10.6.8 and later Impact: A local user may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue existed in the kernel. This issue was addressed through improved memory handling. CVE-ID CVE-2014-8611 : Adrian Chadd and Alfred Perlstein of Norse Corporation
libpthread Available for: Mac OS X v10.6.8 and later Impact: A local user may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue existed in the kernel. This issue was addressed through improved memory handling. CVE-ID CVE-2015-5899 : Lufeng Li of Qihoo 360 Vulcan Team
libxpc Available for: Mac OS X v10.6.8 and later Impact: Many SSH connections could cause a denial of service Description: launchd had no limit on the number of processes that could be started by a network connection. This issue was addressed by limiting the number of SSH processes to 40. CVE-ID CVE-2015-5881 : Apple
Login Window Available for: Mac OS X v10.6.8 and later Impact: The screen lock may not engage after the specified time period Description: An issue existed with captured display locking. The issue was addressed through improved lock handling. CVE-ID CVE-2015-5833 : Carlos Moreira, Rainer Dorau of rainer dorau informationsdesign, Chris Nehren, Kai Takac, Hans Douma, Toni Vaahtera, and an anonymous researcher
lukemftpd Available for: Mac OS X v10.6.8 and later Impact: A remote attacker may be able to deny service to the FTP server Description: A glob-processing issue existed in tnftpd. This issue was addressed through improved glob validation. CVE-ID CVE-2015-5917 : Maksymilian Arciemowicz of cxsecurity.com
Mail Available for: Mac OS X v10.6.8 and later Impact: Printing an email may leak sensitive user information Description: An issue existed in Mail which bypassed user preferences when printing an email. This issue was addressed through improved user preference enforcement. CVE-ID CVE-2015-5881 : Owen DeLong of Akamai Technologies, Noritaka Kamiya, Dennis Klein from Eschenburg, Germany, Jeff Hammett of Systim Technology Partners
Mail Available for: Mac OS X v10.6.8 and later Impact: An attacker in a privileged network position may be able to intercept attachments of S/MIME-encrypted e-mail sent via Mail Drop Description: An issue existed in handling encryption parameters for large email attachments sent via Mail Drop. The issue is addressed by no longer offering Mail Drop when sending an encrypted e-mail. CVE-ID CVE-2015-5884 : John McCombs of Integrated Mapping Ltd
Multipeer Connectivity Available for: Mac OS X v10.6.8 and later Impact: A local attacker may be able to observe unprotected multipeer data Description: An issue existed in convenience initializer handling in which encryption could be actively downgraded to a non-encrypted session. This issue was addressed by changing the convenience initializer to require encryption. CVE-ID CVE-2015-5851 : Alban Diquet (@nabla_c0d3) of Data Theorem
NetworkExtension Available for: Mac OS X v10.6.8 and later Impact: A malicious application may be able to determine kernel memory layout Description: An uninitialized memory issue in the kernel led to the disclosure of kernel memory content. This issue was addressed through improved memory initialization. CVE-ID CVE-2015-5831 : Maxime Villard of m00nbsd
Notes Available for: Mac OS X v10.6.8 and later Impact: A local user may be able to leak sensitive user information Description: An issue existed in parsing links in the Notes application. This issue was addressed through improved input validation. CVE-ID CVE-2015-5878 : Craig Young of Tripwire VERT, an anonymous researcher
Notes Available for: Mac OS X v10.6.8 and later Impact: A local user may be able to leak sensitive user information Description: A cross-site scripting issue existed in parsing text by the Notes application. This issue was addressed through improved input validation. CVE-ID CVE-2015-5875 : xisigr of Tencent's Xuanwu LAB (www.tencent.com)
OpenSSH Available for: Mac OS X v10.6.8 and later Impact: Multiple vulnerabilities in OpenSSH Description: Multiple vulnerabilities existed in OpenSSH versions prior to 6.9. These issues were addressed by updating OpenSSH to version 6.9. CVE-ID CVE-2014-2532
OpenSSL Available for: Mac OS X v10.6.8 and later Impact: Multiple vulnerabilities in OpenSSL Description: Multiple vulnerabilities existed in OpenSSL versions prior to 0.9.8zg. These were addressed by updating OpenSSL to version 0.9.8zg. CVE-ID CVE-2015-0286 CVE-2015-0287
procmail Available for: Mac OS X v10.6.8 and later Impact: Multiple vulnerabilities in procmail Description: Multiple vulnerabilities existed in procmail versions prior to 3.22. These issues were addressed by removing procmail. CVE-ID CVE-2014-3618
remote_cmds Available for: Mac OS X v10.6.8 and later Impact: A local user may be able to execute arbitrary code with root privileges Description: An issue existed in the usage of environment variables by the rsh binary. This issue was addressed by dropping setuid privileges from the rsh binary. CVE-ID CVE-2015-5889 : Philip Pettersson
removefile Available for: Mac OS X v10.6.8 and later Impact: Processing malicious data may lead to unexpected application termination Description: An overflow fault existed in the checkint division routines. This issue was addressed with improved division routines. CVE-ID CVE-2015-5840 : an anonymous researcher
Ruby Available for: Mac OS X v10.6.8 and later Impact: Multiple vulnerabilities in Ruby Description: Multiple vulnerabilities existed in Ruby versions prior to 2.0.0p645. These were addressed by updating Ruby to version 2.0.0p645. CVE-ID CVE-2014-8080 CVE-2014-8090 CVE-2015-1855
Security Available for: Mac OS X v10.6.8 and later Impact: The lock state of the keychain may be incorrectly displayed to the user Description: A state management issue existed in the way keychain lock status was tracked. This issue was addressed through improved state management. CVE-ID CVE-2015-5915 : Peter Walz of University of Minnesota, David Ephron, Eric E. Lawrence, Apple
Security Available for: Mac OS X v10.6.8 and later Impact: A trust evaluation configured to require revocation checking may succeed even if revocation checking fails Description: The kSecRevocationRequirePositiveResponse flag was specified but not implemented. This issue was addressed by implementing the flag. CVE-ID CVE-2015-5894 : Hannes Oud of kWallet GmbH
Security Available for: Mac OS X v10.6.8 and later Impact: A remote server may prompt for a certificate before identifying itself Description: Secure Transport accepted the CertificateRequest message before the ServerKeyExchange message. This issue was addressed by requiring the ServerKeyExchange first. CVE-ID CVE-2015-5887 : Benjamin Beurdouche, Karthikeyan Bhargavan, Antoine Delignat-Lavaud, Alfredo Pironti, and Jean Karim Zinzindohoue of INRIA Paris-Rocquencourt, and Cedric Fournet and Markulf Kohlweiss of Microsoft Research, Pierre-Yves Strub of IMDEA Software Institute
SMB Available for: Mac OS X v10.6.8 and later Impact: A local user may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue existed in the kernel. This issue was addressed through improved memory handling. CVE-ID CVE-2015-5891 : Ilja van Sprundel of IOActive
SMB Available for: Mac OS X v10.6.8 and later Impact: A local user may be able to determine kernel memory layout Description: An issue existed in SMBClient that led to the disclosure of kernel memory content. This issue was addressed through improved bounds checking. CVE-ID CVE-2015-5893 : Ilja van Sprundel of IOActive
SQLite Available for: Mac OS X v10.6.8 and later Impact: Multiple vulnerabilities in SQLite v3.8.5 Description: Multiple vulnerabilities existed in SQLite v3.8.5. These issues were addressed by updating SQLite to version 3.8.10.2. CVE-ID CVE-2015-3414 CVE-2015-3415 CVE-2015-3416
Telephony Available for: Mac OS X v10.6.8 and later Impact: A local attacker can place phone calls without the user's knowledge when using Continuity Description: An issue existed in the authorization checks for placing phone calls. This issue was addressed through improved authorization checks. CVE-ID CVE-2015-3785 : Dan Bastone of Gotham Digital Science
Terminal Available for: Mac OS X v10.6.8 and later Impact: Maliciously crafted text could mislead the user in Terminal Description: Terminal did not handle bidirectional override characters in the same way when displaying text and when selecting text. This issue was addressed by suppressing bidirectional override characters in Terminal. CVE-ID CVE-2015-5883 : an anonymous researcher
tidy Available for: Mac OS X v10.6.8 and later Impact: Visiting a maliciously crafted website may lead to arbitrary code execution Description: Multiple memory corruption issues existed in tidy. These issues were addressed through improved memory handling. CVE-ID CVE-2015-5522 : Fernando Munoz of NULLGroup.com CVE-2015-5523 : Fernando Munoz of NULLGroup.com
Time Machine Available for: Mac OS X v10.6.8 and later Impact: A local attacker may gain access to keychain items Description: An issue existed in backups by the Time Machine framework. This issue was addressed through improved coverage of Time Machine backups. CVE-ID CVE-2015-5854 : Jonas Magazinius of Assured AB
Note: OS X El Capitan 10.11 includes the security content of Safari 9: https://support.apple.com/kb/HT205265.
OS X El Capitan 10.11 may be obtained from the Mac App Store: http://www.apple.com/support/downloads/
Information will also be posted to the Apple Security Updates web site: https://support.apple.com/kb/HT201222
This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/
-----BEGIN PGP SIGNATURE----- Comment: GPGTools - http://gpgtools.org
iQIcBAEBCAAGBQJWDB2wAAoJEBcWfLTuOo7t0sYP/2L3JOGPkHH8XUh2YHpu5qaw S5F2v+SRpWleKQBVsGZ7oA8PV0rBTzEkzt8K1tNxYmxEqL9f/TpRiGoforn89thO /hOtmVOfUcBjPZ4XKwMVzycfSMC9o6LxWTLEKDVylE+F+5jkXafOC9QaqD11dxX6 QhENkpS1BwrKhyaSVxEcgBQtZM9aTsVdZ78rTCb9XTn6gDnvs8NfIQquFOnaQT54 YJ36e5UcUsnyBIol+yGDbC3ZEhzSVIGE5/8/NFlFfRXLgnJArxD8lqz8WdfU9fop hpT/dDqqAdYbRcW1ihcG1haiNHgP9yQCY5jRNfttb+Tc/kIi/QmPkEO0QS8Ygt/O c3sUbNulr1LCinymFVwx16CM1DplGS/GmBL18BAEBnL6yi9tEhYDynZWLSEa37VR 8q802rXRSF10Wct9/kEeR4HgY/1k0KK/4Uddm3c0YyOU21ya7NAhoHGwmDa9g11r N1TniOK8tPiCGjRNOJwuF6DKxD9L3Fv44bVlxAarGUGYkICqzaNS+bgKI1aQNahT fJ91x5uKD4+L9v9c5slkoDIvWqIhO9oyuxgnmC5GstkwFplFXSOklLkTktjLGNn1 nJq8cPnZ/3E1RXTEwVhGljYw5pdZHNx98XmLomGrPqVlZfjGURK+5AXdf2pOlt2e g6jld/w5tPuCFhGucE7Z =XciV -----END PGP SIGNATURE----- .
Matthew Vernon reported that if a SSH server offers a HostCertificate that the ssh client doesn't accept, then the client doesn't check the DNS for SSHFP records. As a consequence a malicious server can disable SSHFP-checking by presenting a certificate (CVE-2014-2653).
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2532 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2653 http://advisories.mageia.org/MGASA-2014-0143.html http://advisories.mageia.org/MGASA-2014-0166.html
Updated Packages:
Mandriva Business Server 1/X86_64: 753bd40deb60429adc6a7c1afd63ee3d mbs1/x86_64/openssh-5.9p1-6.3.mbs1.x86_64.rpm 377e7fbb14f72a1e32da41f19be7baa8 mbs1/x86_64/openssh-askpass-5.9p1-6.3.mbs1.x86_64.rpm a906db623fc8d56eab9b8b99b1af84d9 mbs1/x86_64/openssh-askpass-common-5.9p1-6.3.mbs1.x86_64.rpm 9fc03d4929efdf21a26aef308eb66f14 mbs1/x86_64/openssh-askpass-gnome-5.9p1-6.3.mbs1.x86_64.rpm f2dbea4a0a8109bc835c69e871f07a69 mbs1/x86_64/openssh-clients-5.9p1-6.3.mbs1.x86_64.rpm a20d329b8332ff7f7f10dd541a3865a9 mbs1/x86_64/openssh-server-5.9p1-6.3.mbs1.x86_64.rpm 0fd2c0a9338a7e8e8747c2ea3ae43c49 mbs1/SRPMS/openssh-5.9p1-6.3.mbs1.src.rpm
To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. ============================================================================ Ubuntu Security Notice USN-2155-1 March 25, 2014
openssh vulnerability
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 13.10
- Ubuntu 12.10
- Ubuntu 12.04 LTS
- Ubuntu 10.04 LTS
Summary:
OpenSSH incorrectly handled environment restrictions with wildcards.
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 13.10: openssh-server 1:6.2p2-6ubuntu0.2
Ubuntu 12.10: openssh-server 1:6.0p1-3ubuntu1.1
Ubuntu 12.04 LTS: openssh-server 1:5.9p1-5ubuntu1.2
Ubuntu 10.04 LTS: openssh-server 1:5.3p1-3ubuntu7.1
In general, a standard system update will make all the necessary changes. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emr_na-c04499681
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c04499681 Version: 1
HPSBUX03188 SSRT101487 rev.1 - HP-UX running HP Secure Shell, Remote Denial of Service (DoS) and other Vulnerabilities
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2014-11-07 Last Updated: 2014-11-07
Potential Security Impact: Remote Denial of Service (DoS) and other vulnerabilities
Source: Hewlett-Packard Company, HP Software Security Response Team
VULNERABILITY SUMMARY Potential security vulnerabilities have been identified with HP-UX running HP Secure Shell. These vulnerabilities could be exploited remotely to create a Denial of Service (DoS) and other vulnerabilities.
References:
CVE-2013-4548 - remote Permissions, Privileges, and Access Control (CWE-264)
CVE-2014-1692 - remote Denial of Service (DoS), Buffer Errors (CWE-119)
CVE-2014-2532 - remote Permissions, Privileges, and Access Control (CWE-264)
CVE-2014-2653 - remote Input Validation (CWE-20)
SSRT101487
SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. HP-UX B.11.11 running HP Secure Shell before version A.06.20.010
HP-UX B.11.23 running HP Secure Shell before version A.06.20.011
HP-UX B.11.31 running HP Secure Shell before version A.06.20.012
BACKGROUND
CVSS 2.0 Base Metrics
Reference Base Vector Base Score CVE-2013-4548 (AV:N/AC:M/Au:S/C:P/I:P/A:P) 6.0 CVE-2014-1692 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2014-2532 (AV:N/AC:M/Au:N/C:P/I:P/A:N) 5.8 CVE-2014-2653 (AV:N/AC:M/Au:N/C:P/I:P/A:N) 5.8 =========================================================== Information on CVSS is documented in HP Customer Notice: HPSN-2008-002
RESOLUTION
HP has provided the following software updates to resolve this vulnerability. The updates are available for download from: http://h20293.www2.hp.com/portal/swdepot/displayProductInfo.do?productNumber= T1471AA
OS Release HP Secure Shell Version Depot Name
HP-UX B.11.11 (11i v1) A.06.20.010 or subsequent HP_UX_11i_v1_T1471AA_A.06.20.010_HP-UX_B.11.11_32_64.depot
HP-UX B.11.23 (11i v2) A.06.20.011 or subsequent HP_UX_11i_v2_T1471AA_A.06.20.011_HP-UX_B.11.23_IA_PA.depot
HP-UX B.11.31 (11i v3) A.06.20.012 or subsequent HP_UX_11i_v3_SecureShell_A.06.20.012_HP-UX_B.11.31_IA_PA.depot
MANUAL ACTIONS: Yes - Update
PRODUCT SPECIFIC INFORMATION
HP-UX Software Assistant: HP-UX Software Assistant is an enhanced application that replaces HP-UX Security Patch Check. It analyzes all HP-issued Security Bulletins and lists recommended actions that may apply to a specific HP-UX system. It can also download patches and create a depot automatically. For more information see: https://www.hp.com/go/swa
AFFECTED VERSIONS
HP-UX B.11.11
Secure_Shell.SECURE_SHELL action: install revision A.06.20.010 or subsequent
HP-UX B.11.23
Secure_Shell.SECSH-CMN Secure_Shell.SECURE_SHELL action: install revision A.06.20.011 or subsequent
HP-UX B.11.31
Secure_Shell.SECSH-CMN Secure_Shell.SECURE_SHELL action: install revision A.06.20.012 or subsequent
END AFFECTED VERSIONS
HISTORY: Version:1 (rev.1) - 7 November 2014 Initial Release
Third Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy.
Support: For issues about implementing the recommendations of this Security Bulletin, contact normal HP Services support channel. For other issues about the content of this Security Bulletin, send e-mail to security-alert@hp.com.
Report: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com
Subscribe: To initiate a subscription to receive future HP Security Bulletin alerts via Email: http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins
Security Bulletin Archive: A list of recently released Security Bulletins is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/secBullArchive/
Software Product Category: The Software Product Category is represented in the title by the two characters following HPSB.
3C = 3COM 3P = 3rd Party Software GN = HP General Software HF = HP Hardware and Firmware MP = MPE/iX MU = Multi-Platform Software NS = NonStop Servers OV = OpenVMS PI = Printing and Imaging PV = ProCurve ST = Storage Software TU = Tru64 UNIX UX = HP-UX
Copyright 2014 Hewlett-Packard Development Company, L.P. Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners
Show details on source website{
"affected_products": {
"_id": null,
"data": [
{
"_id": null,
"model": "communications user data repository",
"scope": "eq",
"trust": 1.9,
"vendor": "oracle",
"version": "10.0.1"
},
{
"_id": null,
"model": "communications policy management",
"scope": "eq",
"trust": 1.1,
"vendor": "oracle",
"version": "9.9.1"
},
{
"_id": null,
"model": "communications policy management",
"scope": "eq",
"trust": 1.1,
"vendor": "oracle",
"version": "9.7.3"
},
{
"_id": null,
"model": "communications policy management",
"scope": "eq",
"trust": 1.1,
"vendor": "oracle",
"version": "10.4.1"
},
{
"_id": null,
"model": "openssh",
"scope": "eq",
"trust": 1.0,
"vendor": "openbsd",
"version": "6.4"
},
{
"_id": null,
"model": "openssh",
"scope": "eq",
"trust": 1.0,
"vendor": "openbsd",
"version": "6.0"
},
{
"_id": null,
"model": "openssh",
"scope": "eq",
"trust": 1.0,
"vendor": "openbsd",
"version": "6.2"
},
{
"_id": null,
"model": "openssh",
"scope": "eq",
"trust": 1.0,
"vendor": "openbsd",
"version": "6.1"
},
{
"_id": null,
"model": "openssh",
"scope": "eq",
"trust": 1.0,
"vendor": "openbsd",
"version": "6.3"
},
{
"_id": null,
"model": "openssh",
"scope": "lte",
"trust": 1.0,
"vendor": "openbsd",
"version": "6.5"
},
{
"_id": null,
"model": "openssh",
"scope": "lt",
"trust": 0.8,
"vendor": "openbsd",
"version": "6.6"
},
{
"_id": null,
"model": "mac os x",
"scope": "lt",
"trust": 0.8,
"vendor": "apple",
"version": "10.6.8 thats all 10.11"
},
{
"_id": null,
"model": "communications policy management",
"scope": "lte",
"trust": 0.8,
"vendor": "oracle",
"version": "12.1.1"
},
{
"_id": null,
"model": "virtual i/o server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2"
},
{
"_id": null,
"model": "big-ip wom hf3",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.1"
},
{
"_id": null,
"model": "big-ip psm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"_id": null,
"model": "openssh",
"scope": "ne",
"trust": 0.3,
"vendor": "openssh",
"version": "6.6"
},
{
"_id": null,
"model": "big-ip aam",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5"
},
{
"_id": null,
"model": "enterprise linux server",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"_id": null,
"model": "big-ip afm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.1"
},
{
"_id": null,
"model": "big-ip gtm hf2",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.0"
},
{
"_id": null,
"model": "big-ip psm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.0"
},
{
"_id": null,
"model": "big-ip apm hf5",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.0"
},
{
"_id": null,
"model": "5.0p1",
"scope": null,
"trust": 0.3,
"vendor": "openssh",
"version": null
},
{
"_id": null,
"model": "big-ip psm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.4"
},
{
"_id": null,
"model": "big-ip link controller",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.3"
},
{
"_id": null,
"model": "big-ip webaccelerator hf7",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.1.0"
},
{
"_id": null,
"model": "big-ip gtm hf4",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.3.0"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.7"
},
{
"_id": null,
"model": "big-ip wom",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.0"
},
{
"_id": null,
"model": "big-ip link controller hf2",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.0"
},
{
"_id": null,
"model": "big-ip asm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.3.0"
},
{
"_id": null,
"model": "virtual i/o server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.1.8"
},
{
"_id": null,
"model": "big-ip ltm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.1"
},
{
"_id": null,
"model": "big-ip psm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.0"
},
{
"_id": null,
"model": "big-iq device",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.2"
},
{
"_id": null,
"model": "big-ip apm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.0"
},
{
"_id": null,
"model": "big-ip asm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "12.10"
},
{
"_id": null,
"model": "openssh",
"scope": "eq",
"trust": 0.3,
"vendor": "openssh",
"version": "6.4"
},
{
"_id": null,
"model": "big-ip asm hf7",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.1.0"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.8.1"
},
{
"_id": null,
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "openssh",
"scope": "eq",
"trust": 0.3,
"vendor": "openssh",
"version": "5.7"
},
{
"_id": null,
"model": "big-ip edge gateway hf5",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.1"
},
{
"_id": null,
"model": "big-ip apm hf1",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.1"
},
{
"_id": null,
"model": "big-ip afm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5"
},
{
"_id": null,
"model": "idatplex dx360 m4 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "79120"
},
{
"_id": null,
"model": "big-ip ltm hf2",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.1"
},
{
"_id": null,
"model": "flex system compute node",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x2407863"
},
{
"_id": null,
"model": "big-ip psm hf1",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.1"
},
{
"_id": null,
"model": "idatplex dx360 m4 water cooled type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "79180"
},
{
"_id": null,
"model": "big-ip edge gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2"
},
{
"_id": null,
"model": "system m4",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x35007383"
},
{
"_id": null,
"model": "big-ip link controller",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.1"
},
{
"_id": null,
"model": "business server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "1"
},
{
"_id": null,
"model": "5.2p1",
"scope": null,
"trust": 0.3,
"vendor": "openssh",
"version": null
},
{
"_id": null,
"model": "flex system compute node",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x2207906"
},
{
"_id": null,
"model": "big-ip apm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.1"
},
{
"_id": null,
"model": "big-ip apm hf2",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.1"
},
{
"_id": null,
"model": "big-ip ltm hf1",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.1"
},
{
"_id": null,
"model": "big-ip webaccelerator hf1",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.1"
},
{
"_id": null,
"model": "big-ip ltm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.1"
},
{
"_id": null,
"model": "big-ip webaccelerator",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.0"
},
{
"_id": null,
"model": "big-ip analytics",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.1.0"
},
{
"_id": null,
"model": "big-ip psm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.3"
},
{
"_id": null,
"model": "idatplex dx360 m4 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "79130"
},
{
"_id": null,
"model": "arx",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "6.0"
},
{
"_id": null,
"model": "enterprise manager",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "2.1"
},
{
"_id": null,
"model": "big-ip apm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.1"
},
{
"_id": null,
"model": "big-ip gtm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.2"
},
{
"_id": null,
"model": "big-ip asm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.40"
},
{
"_id": null,
"model": "arx",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "6.4"
},
{
"_id": null,
"model": "big-ip analytics",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.1"
},
{
"_id": null,
"model": "big-ip edge gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.1"
},
{
"_id": null,
"model": "big-ip gtm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.1.0"
},
{
"_id": null,
"model": "big-ip ltm hf3",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.1"
},
{
"_id": null,
"model": "big-ip analytics hf4",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.3.0"
},
{
"_id": null,
"model": "big-ip link controller hf1",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.1"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.9.2"
},
{
"_id": null,
"model": "system m4",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x33007382"
},
{
"_id": null,
"model": "big-ip link controller hf4",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.3.0"
},
{
"_id": null,
"model": "arx",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "6.3"
},
{
"_id": null,
"model": "mac os",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "x10.11"
},
{
"_id": null,
"model": "big-ip asm hf1",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.1"
},
{
"_id": null,
"model": "system type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x3850x638370"
},
{
"_id": null,
"model": "big-ip ltm hf7",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.1.0"
},
{
"_id": null,
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"_id": null,
"model": "big-ip ltm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"_id": null,
"model": "big-ip edge gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.4"
},
{
"_id": null,
"model": "big-ip apm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.1"
},
{
"_id": null,
"model": "big-ip wom",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.2"
},
{
"_id": null,
"model": "big-ip ltm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.0"
},
{
"_id": null,
"model": "arx",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "6.2"
},
{
"_id": null,
"model": "big-ip wom",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.1.0"
},
{
"_id": null,
"model": "big-ip gtm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2"
},
{
"_id": null,
"model": "flex system manager node",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7955"
},
{
"_id": null,
"model": "big-ip afm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.3"
},
{
"_id": null,
"model": "enterprise manager",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "3.0"
},
{
"_id": null,
"model": "nextscale nx360 m4 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "54550"
},
{
"_id": null,
"model": "big-ip psm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.1"
},
{
"_id": null,
"model": "big-ip aam",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.1"
},
{
"_id": null,
"model": "big-ip gtm hf1",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.1"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.9.4"
},
{
"_id": null,
"model": "linux ia-64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.2"
},
{
"_id": null,
"model": "big-ip pem",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5"
},
{
"_id": null,
"model": "big-ip ltm hf4",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.3.0"
},
{
"_id": null,
"model": "big-ip edge gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.0"
},
{
"_id": null,
"model": "big-ip analytics hf5",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.0"
},
{
"_id": null,
"model": "flex system compute node",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x2408738"
},
{
"_id": null,
"model": "big-ip wom",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.1"
},
{
"_id": null,
"model": "big-ip gtm hf2",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.1"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.10.3"
},
{
"_id": null,
"model": "big-ip apm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.3.0"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.9.1"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.9"
},
{
"_id": null,
"model": "enterprise linux workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"_id": null,
"model": "6.2p1",
"scope": null,
"trust": 0.3,
"vendor": "openssh",
"version": null
},
{
"_id": null,
"model": "big-ip link controller hf2",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.1"
},
{
"_id": null,
"model": "big-iq device",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.3"
},
{
"_id": null,
"model": "big-ip edge gateway hf3",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.7.4"
},
{
"_id": null,
"model": "big-ip apm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"_id": null,
"model": "big-ip aam",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.0"
},
{
"_id": null,
"model": "system m4 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x365079150"
},
{
"_id": null,
"model": "big-ip apm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.0"
},
{
"_id": null,
"model": "big-ip wom hf4",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.3.0"
},
{
"_id": null,
"model": "big-ip apm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.4"
},
{
"_id": null,
"model": "big-ip ltm hf5",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.0"
},
{
"_id": null,
"model": "big-ip aam",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"_id": null,
"model": "big-ip webaccelerator",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.00"
},
{
"_id": null,
"model": "big-ip gtm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5"
},
{
"_id": null,
"model": "system m4",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x35507914"
},
{
"_id": null,
"model": "big-ip asm hf3",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.1"
},
{
"_id": null,
"model": "big-ip analytics",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.0.0"
},
{
"_id": null,
"model": "big-ip psm hf4",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.3.0"
},
{
"_id": null,
"model": "big-ip gtm hf3",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.0"
},
{
"_id": null,
"model": "big-ip apm hf7",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.1.0"
},
{
"_id": null,
"model": "big-ip edge gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.1"
},
{
"_id": null,
"model": "big-ip psm hf5",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.0"
},
{
"_id": null,
"model": "openssh",
"scope": "eq",
"trust": 0.3,
"vendor": "openssh",
"version": "5.8"
},
{
"_id": null,
"model": "big-ip wom hf5",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.0"
},
{
"_id": null,
"model": "big-ip apm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.0"
},
{
"_id": null,
"model": "gpfs for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.5.0.11"
},
{
"_id": null,
"model": "system m4 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x357087330"
},
{
"_id": null,
"model": "big-ip asm hf4",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.3.0"
},
{
"_id": null,
"model": "openssh",
"scope": "eq",
"trust": 0.3,
"vendor": "openssh",
"version": "6.0"
},
{
"_id": null,
"model": "big-ip webaccelerator",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.1"
},
{
"_id": null,
"model": "big-ip link controller hf7",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.1.0"
},
{
"_id": null,
"model": "big-ip link controller",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.00"
},
{
"_id": null,
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.10.2"
},
{
"_id": null,
"model": "big-ip link controller",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.2"
},
{
"_id": null,
"model": "big-ip edge gateway hf2",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.1"
},
{
"_id": null,
"model": "big-ip edge gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.1"
},
{
"_id": null,
"model": "flex system compute node",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x2202585"
},
{
"_id": null,
"model": "big-ip webaccelerator hf5",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.0"
},
{
"_id": null,
"model": "openssh",
"scope": "eq",
"trust": 0.3,
"vendor": "openssh",
"version": "6.3"
},
{
"_id": null,
"model": "6.2p2",
"scope": null,
"trust": 0.3,
"vendor": "openssh",
"version": null
},
{
"_id": null,
"model": "big-ip afm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"_id": null,
"model": "big-ip wom hf3",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.0"
},
{
"_id": null,
"model": "linux mips",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "linux lts",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "12.04"
},
{
"_id": null,
"model": "big-ip link controller hf5",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.0"
},
{
"_id": null,
"model": "hp-ux b.11.11",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "big-ip edge gateway hf1",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.1"
},
{
"_id": null,
"model": "virtual i/o server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.3"
},
{
"_id": null,
"model": "big-ip ltm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.2"
},
{
"_id": null,
"model": "big-iq security",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.3"
},
{
"_id": null,
"model": "big-ip ltm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.1.0"
},
{
"_id": null,
"model": "openssh",
"scope": "eq",
"trust": 0.3,
"vendor": "openssh",
"version": "6.2"
},
{
"_id": null,
"model": "big-ip psm hf2",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.1"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "14.1"
},
{
"_id": null,
"model": "flex system compute node",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x2227916"
},
{
"_id": null,
"model": "big-ip webaccelerator hf3",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.1"
},
{
"_id": null,
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1"
},
{
"_id": null,
"model": "big-ip wom hf7",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.1.0"
},
{
"_id": null,
"model": "big-ip analytics 11.0.0-hf2",
"scope": null,
"trust": 0.3,
"vendor": "f5",
"version": null
},
{
"_id": null,
"model": "big-ip ltm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.1"
},
{
"_id": null,
"model": "virtual i/o server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.14"
},
{
"_id": null,
"model": "big-ip afm hf4",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.3.0"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.8.2"
},
{
"_id": null,
"model": "big-ip asm hf1",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.1"
},
{
"_id": null,
"model": "big-ip gtm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.1"
},
{
"_id": null,
"model": "big-ip analytics hf2",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.0"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "14.0"
},
{
"_id": null,
"model": "big-ip analytics hf3",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.1"
},
{
"_id": null,
"model": "enterprise linux hpc node optional",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"_id": null,
"model": "hp-ux b.11.23",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "big-ip pem",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.1"
},
{
"_id": null,
"model": "big-ip edge gateway hf5",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.0"
},
{
"_id": null,
"model": "flex system compute node",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x8804259"
},
{
"_id": null,
"model": "big-ip apm hf1",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.1"
},
{
"_id": null,
"model": "openssh",
"scope": "eq",
"trust": 0.3,
"vendor": "openssh",
"version": "6.5"
},
{
"_id": null,
"model": "system m4",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x37508752"
},
{
"_id": null,
"model": "big-ip analytics",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2"
},
{
"_id": null,
"model": "big-ip psm hf1",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.1"
},
{
"_id": null,
"model": "big-ip ltm hf3",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2"
},
{
"_id": null,
"model": "business server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "1x8664"
},
{
"_id": null,
"model": "big-ip analytics",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.1"
},
{
"_id": null,
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3"
},
{
"_id": null,
"model": "big-ip apm hf3",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.0"
},
{
"_id": null,
"model": "big-ip link controller",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5"
},
{
"_id": null,
"model": "system m4",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x36307158"
},
{
"_id": null,
"model": "big-ip apm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.1"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.10.1"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.8"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.8.4"
},
{
"_id": null,
"model": "enterprise linux workstation optional",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"_id": null,
"model": "big-ip asm hf5",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.0"
},
{
"_id": null,
"model": "big-ip gtm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.1"
},
{
"_id": null,
"model": "arx",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "6.1.1"
},
{
"_id": null,
"model": "big-ip asm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.00"
},
{
"_id": null,
"model": "5.6p1",
"scope": null,
"trust": 0.3,
"vendor": "openssh",
"version": null
},
{
"_id": null,
"model": "bladecenter advanced management module 3.66g",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "big-ip psm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2"
},
{
"_id": null,
"model": "big-ip link controller hf3",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.1"
},
{
"_id": null,
"model": "big-ip ltm hf5",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.1"
},
{
"_id": null,
"model": "big-iq cloud",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.0"
},
{
"_id": null,
"model": "big-ip asm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.2"
},
{
"_id": null,
"model": "big-ip asm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.1.0"
},
{
"_id": null,
"model": "big-ip apm hf5",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.1"
},
{
"_id": null,
"model": "openssh",
"scope": "eq",
"trust": 0.3,
"vendor": "openssh",
"version": "5.0"
},
{
"_id": null,
"model": "flex system compute node",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x2408737"
},
{
"_id": null,
"model": "big-ip gtm hf5",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.0"
},
{
"_id": null,
"model": "big-ip wom",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2"
},
{
"_id": null,
"model": "big-ip apm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.0"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "13.37"
},
{
"_id": null,
"model": "big-ip link controller hf1",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.1"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.9.3"
},
{
"_id": null,
"model": "big-ip analytics",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6"
},
{
"_id": null,
"model": "big-ip wom hf5",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.1"
},
{
"_id": null,
"model": "big-ip asm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.1"
},
{
"_id": null,
"model": "big-ip wom",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.1"
},
{
"_id": null,
"model": "big-iq cloud",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.2"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.10.4"
},
{
"_id": null,
"model": "big-ip asm hf2",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.00"
},
{
"_id": null,
"model": "big-ip analytics hf1",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.1"
},
{
"_id": null,
"model": "big-ip gtm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"_id": null,
"model": "big-ip gtm hf7",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.1.0"
},
{
"_id": null,
"model": "big-iq cloud",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.1"
},
{
"_id": null,
"model": "big-ip webaccelerator hf5",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.1"
},
{
"_id": null,
"model": "big-ip gtm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.0"
},
{
"_id": null,
"model": "system m4",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x32502583"
},
{
"_id": null,
"model": "big-ip gtm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.4"
},
{
"_id": null,
"model": "big-ip gtm hf1",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.1"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.7.3"
},
{
"_id": null,
"model": "big-ip edge gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.3"
},
{
"_id": null,
"model": "big-ip wom",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.3.0"
},
{
"_id": null,
"model": "big-ip link controller hf5",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.1"
},
{
"_id": null,
"model": "big-ip psm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.8.3"
},
{
"_id": null,
"model": "hp-ux b.11.31",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "linux s/390",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "big-ip asm hf2",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.1"
},
{
"_id": null,
"model": "big-ip link controller",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.1"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.7.1"
},
{
"_id": null,
"model": "openssh",
"scope": "eq",
"trust": 0.3,
"vendor": "openssh",
"version": "5.4"
},
{
"_id": null,
"model": "system m4",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x31002582"
},
{
"_id": null,
"model": "big-ip gtm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.0"
},
{
"_id": null,
"model": "gpfs for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.5"
},
{
"_id": null,
"model": "big-ip psm hf3",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.0"
},
{
"_id": null,
"model": "openssh",
"scope": "eq",
"trust": 0.3,
"vendor": "openssh",
"version": "6.1"
},
{
"_id": null,
"model": "virtual i/o server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.1"
},
{
"_id": null,
"model": "openssh",
"scope": "eq",
"trust": 0.3,
"vendor": "openssh",
"version": "5.1"
},
{
"_id": null,
"model": "big-ip wom",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.4"
},
{
"_id": null,
"model": "virtual i/o server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.2.4"
},
{
"_id": null,
"model": "p2",
"scope": "eq",
"trust": 0.3,
"vendor": "openssh",
"version": "5.8"
},
{
"_id": null,
"model": "big-ip pem",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.3"
},
{
"_id": null,
"model": "big-ip edge gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.2"
},
{
"_id": null,
"model": "big-ip webaccelerator",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.1"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.10.5"
},
{
"_id": null,
"model": "big-ip apm hf4",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.3.0"
},
{
"_id": null,
"model": "big-ip asm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "13.10"
},
{
"_id": null,
"model": "big-ip analytics hf2",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.1"
},
{
"_id": null,
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "big-ip psm hf7",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.1.0"
},
{
"_id": null,
"model": "big-ip wom",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.0"
},
{
"_id": null,
"model": "big-ip asm hf3",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.0"
},
{
"_id": null,
"model": "openssh",
"scope": "eq",
"trust": 0.3,
"vendor": "openssh",
"version": "5.2"
},
{
"_id": null,
"model": "nsm3000 appliances",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "2012.2"
},
{
"_id": null,
"model": "enterprise linux server optional",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"_id": null,
"model": "big-ip edge gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.1"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.10"
},
{
"_id": null,
"model": "big-ip analytics",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.3"
},
{
"_id": null,
"model": "nsmxpress appliances",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "2012.2"
},
{
"_id": null,
"model": "linux lts",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"_id": null,
"model": "system m5 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x310054570"
},
{
"_id": null,
"model": "big-ip webaccelerator hf3",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2"
},
{
"_id": null,
"model": "system m4",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x35307160"
},
{
"_id": null,
"model": "big-ip link controller",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.1"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.8"
},
{
"_id": null,
"model": "big-ip webaccelerator",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.1"
},
{
"_id": null,
"model": "big-ip ltm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2"
},
{
"_id": null,
"model": "big-ip gtm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.3"
},
{
"_id": null,
"model": "openssh",
"scope": "eq",
"trust": 0.3,
"vendor": "openssh",
"version": "5.3"
},
{
"_id": null,
"model": "big-ip apm hf3",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.1"
},
{
"_id": null,
"model": "arx",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "6.1"
},
{
"_id": null,
"model": "big-ip analytics hf3",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.9.5"
},
{
"_id": null,
"model": "big-ip apm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.2"
},
{
"_id": null,
"model": "big-ip webaccelerator",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.4"
},
{
"_id": null,
"model": "big-ip psm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.1"
},
{
"_id": null,
"model": "big-ip asm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.0.00"
},
{
"_id": null,
"model": "big-ip asm hf5",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.1"
},
{
"_id": null,
"model": "big-ip ltm hf2",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.0"
},
{
"_id": null,
"model": "big-ip apm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.1.0"
},
{
"_id": null,
"model": "system m4 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x357087180"
},
{
"_id": null,
"model": "big-iq security",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.0"
},
{
"_id": null,
"model": "big-ip analytics hf5",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.1"
},
{
"_id": null,
"model": "big-ip link controller",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.1"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "13.1"
},
{
"_id": null,
"model": "virtual i/o server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.3.3"
},
{
"_id": null,
"model": "idatplex dx360 m4 water cooled type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "79190"
},
{
"_id": null,
"model": "big-ip wom",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.1"
},
{
"_id": null,
"model": "enterprise manager",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "2.3"
},
{
"_id": null,
"model": "system type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x3950x638370"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "13.0"
},
{
"_id": null,
"model": "big-ip psm hf2",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.0"
},
{
"_id": null,
"model": "big-ip gtm hf5",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.1"
},
{
"_id": null,
"model": "big-iq cloud",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.3"
},
{
"_id": null,
"model": "big-ip webaccelerator",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.0"
},
{
"_id": null,
"model": "big-ip ltm hf1",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.1"
},
{
"_id": null,
"model": "big-ip apm hf2",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.0"
},
{
"_id": null,
"model": "big-ip wom hf1",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.1"
},
{
"_id": null,
"model": "flex system compute node",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x2408956"
},
{
"_id": null,
"model": "flex system manager node",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8731"
},
{
"_id": null,
"model": "big-ip link controller",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"_id": null,
"model": "enterprise linux desktop optional",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"_id": null,
"model": "flex system compute node",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x8807903"
},
{
"_id": null,
"model": "communications policy management",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "12.1.1"
},
{
"_id": null,
"model": "big-iq security",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.2"
},
{
"_id": null,
"model": "big-ip ltm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.3.0"
},
{
"_id": null,
"model": "big-ip link controller",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.0"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.8.5"
},
{
"_id": null,
"model": "openssh",
"scope": "eq",
"trust": 0.3,
"vendor": "openssh",
"version": "5.5"
},
{
"_id": null,
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"_id": null,
"model": "big-ip link controller",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.4"
},
{
"_id": null,
"model": "big-ip analytics hf7",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.1.0"
},
{
"_id": null,
"model": "enterprise linux hpc node",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"_id": null,
"model": "system m4 hd",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x36305466"
},
{
"_id": null,
"model": "big-ip apm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2"
},
{
"_id": null,
"model": "big-ip asm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.1"
},
{
"_id": null,
"model": "big-ip pem",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"_id": null,
"model": "big-ip ltm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5"
},
{
"_id": null,
"model": "big-ip gtm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.1"
},
{
"_id": null,
"model": "flex system compute node",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x4407917"
},
{
"_id": null,
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1"
},
{
"_id": null,
"model": "system m4 hd",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x36505460"
},
{
"_id": null,
"model": "system m4 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x357087220"
},
{
"_id": null,
"model": "big-iq security",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.1"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.7.5"
},
{
"_id": null,
"model": "flex system manager node",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8734"
},
{
"_id": null,
"model": "linux ia-32",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "big-ip ltm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.4"
},
{
"_id": null,
"model": "big-ip asm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.0.00"
},
{
"_id": null,
"model": "big-ip link controller",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.0"
},
{
"_id": null,
"model": "big-ip link controller hf3",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2"
},
{
"_id": null,
"model": "big-ip psm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.1"
},
{
"_id": null,
"model": "big-ip gtm hf3",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.1"
},
{
"_id": null,
"model": "big-ip psm hf5",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.1"
},
{
"_id": null,
"model": "enterprise manager",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "3.1.1"
},
{
"_id": null,
"model": "big-ip webaccelerator hf4",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.3.0"
},
{
"_id": null,
"model": "big-ip analytics",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"_id": null,
"model": "virtual i/o server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.2"
},
{
"_id": null,
"model": "enterprise manager",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "3.1"
},
{
"_id": null,
"model": "big-ip pem hf4",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.3.0"
},
{
"_id": null,
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "big-ip edge gateway hf7",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.1.0"
},
{
"_id": null,
"model": "big-ip ltm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.0"
},
{
"_id": null,
"model": "big-ip webaccelerator",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.1"
},
{
"_id": null,
"model": "openssh",
"scope": "eq",
"trust": 0.3,
"vendor": "openssh",
"version": "5.6"
},
{
"_id": null,
"model": "big-ip webaccelerator",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.3"
},
{
"_id": null,
"model": "system m5 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x325054580"
},
{
"_id": null,
"model": "big-ip edge gateway hf3",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.1"
},
{
"_id": null,
"model": "big-ip psm hf3",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.1"
},
{
"_id": null,
"model": "big-ip psm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.1"
},
{
"_id": null,
"model": "big-ip asm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.1"
}
],
"sources": [
{
"db": "BID",
"id": "66355"
},
{
"db": "CNNVD",
"id": "CNNVD-201403-336"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-001718"
},
{
"db": "NVD",
"id": "CVE-2014-2532"
}
]
},
"configurations": {
"_id": null,
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:openbsd:openssh",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:apple:mac_os_x",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:oracle:communications_policy_management",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-001718"
}
]
},
"credits": {
"_id": null,
"data": "Jann Horn",
"sources": [
{
"db": "BID",
"id": "66355"
}
],
"trust": 0.3
},
"cve": "CVE-2014-2532",
"cvss": {
"_id": null,
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 5.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CVE-2014-2532",
"impactScore": 4.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.9,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"exploitabilityScore": 1.8,
"id": "CVE-2014-2532",
"impactScore": 2.7,
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2014-2532",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2014-2532",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-201403-336",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2014-2532",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2014-2532"
},
{
"db": "CNNVD",
"id": "CNNVD-201403-336"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-001718"
},
{
"db": "NVD",
"id": "CVE-2014-2532"
}
]
},
"description": {
"_id": null,
"data": "sshd in OpenSSH before 6.6 does not properly support wildcards on AcceptEnv lines in sshd_config, which allows remote attackers to bypass intended environment restrictions by using a substring located before a wildcard character. OpenSSH is prone to a security-bypass vulnerability. \nAn attacker can exploit this issue to bypass certain security restrictions and perform unauthorized actions. This may lead to further attacks. \nVersions prior to OpenSSH 6.6 are vulnerable. \n\n\nHere are the details from the Slackware 14.1 ChangeLog:\n+--------------------------+\npatches/packages/openssh-6.6p1-i486-1_slack14.1.txz: Upgraded. \n This update fixes a security issue when using environment passing with\n a sshd_config(5) AcceptEnv pattern with a wildcard. \n For more information, see:\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2532\n (* Security fix *)\n+--------------------------+\n\n\nWhere to find the new packages:\n+-----------------------------+\n\nThanks to the friendly folks at the OSU Open Source Lab\n(http://osuosl.org) for donating FTP and rsync hosting\nto the Slackware project! :-)\n\nAlso see the \"Get Slack\" section on http://slackware.com for\nadditional mirror sites near you. \n\nUpdated package for Slackware 13.0:\nftp://ftp.slackware.com/pub/slackware/slackware-13.0/patches/packages/openssh-5.9p1-i486-1_slack13.0.txz\n\nUpdated package for Slackware x86_64 13.0:\nftp://ftp.slackware.com/pub/slackware/slackware64-13.0/patches/packages/openssh-5.9p1-x86_64-1_slack13.0.txz\n\nUpdated package for Slackware 13.1:\nftp://ftp.slackware.com/pub/slackware/slackware-13.1/patches/packages/openssh-5.9p1-i486-1_slack13.1.txz\n\nUpdated package for Slackware x86_64 13.1:\nftp://ftp.slackware.com/pub/slackware/slackware64-13.1/patches/packages/openssh-5.9p1-x86_64-1_slack13.1.txz\n\nUpdated package for Slackware 13.37:\nftp://ftp.slackware.com/pub/slackware/slackware-13.37/patches/packages/openssh-5.9p1-i486-3_slack13.37.txz\n\nUpdated package for Slackware x86_64 13.37:\nftp://ftp.slackware.com/pub/slackware/slackware64-13.37/patches/packages/openssh-5.9p1-x86_64-3_slack13.37.txz\n\nUpdated package for Slackware 14.0:\nftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/openssh-6.6p1-i486-1_slack14.0.txz\n\nUpdated package for Slackware x86_64 14.0:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/openssh-6.6p1-x86_64-1_slack14.0.txz\n\nUpdated package for Slackware 14.1:\nftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/openssh-6.6p1-i486-1_slack14.1.txz\n\nUpdated package for Slackware x86_64 14.1:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/openssh-6.6p1-x86_64-1_slack14.1.txz\n\nUpdated package for Slackware -current:\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/openssh-6.6p1-i486-1.txz\n\nUpdated package for Slackware x86_64 -current:\nftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/openssh-6.6p1-x86_64-1.txz\n\n\nMD5 signatures:\n+-------------+\n\nSlackware 13.0 package:\n0729d3be6a1886c2462522110333abc0 openssh-5.9p1-i486-1_slack13.0.txz\n\nSlackware x86_64 13.0 package:\na474f048de648347207bacb21b5f8f28 openssh-5.9p1-x86_64-1_slack13.0.txz\n\nSlackware 13.1 package:\n8df387cdf44f359a9de7c3e40ea321c6 openssh-5.9p1-i486-1_slack13.1.txz\n\nSlackware x86_64 13.1 package:\ne7eb361401849bbcfb0e20ea17181836 openssh-5.9p1-x86_64-1_slack13.1.txz\n\nSlackware 13.37 package:\n8404668d896f81b44ddd5e6e2985f590 openssh-5.9p1-i486-3_slack13.37.txz\n\nSlackware x86_64 13.37 package:\nb50bb951453824e53dcddbdf1d571561 openssh-5.9p1-x86_64-3_slack13.37.txz\n\nSlackware 14.0 package:\n755d1ec29f80ac40636741ddf618715a openssh-6.6p1-i486-1_slack14.0.txz\n\nSlackware x86_64 14.0 package:\ncc74307ab8875a8fa04a87f18b0cd216 openssh-6.6p1-x86_64-1_slack14.0.txz\n\nSlackware 14.1 package:\n1dcb917e01fa83d1cabd59378c81dd32 openssh-6.6p1-i486-1_slack14.1.txz\n\nSlackware x86_64 14.1 package:\ndfb1f98206ce1e2300fea647a5281486 openssh-6.6p1-x86_64-1_slack14.1.txz\n\nSlackware -current package:\n7a5f7c123c397d040fff868afbf86e8b n/openssh-6.6p1-i486-1.txz\n\nSlackware x86_64 -current package:\ne6d3cced2c7c9e642d8982b27295a408 n/openssh-6.6p1-x86_64-1.txz\n\n\nInstallation instructions:\n+------------------------+\n\nUpgrade the package as root:\n# upgradepkg openssh-6.6p1-i486-1_slack14.1.txz\n\nNext, restart the sshd daemon:\n# sh /etc/rc.d/rc.sshd restart\n\n\n+-----+\n\nSlackware Linux Security Team\nhttp://slackware.com/gpg-key\nsecurity@slackware.com\n\n+------------------------------------------------------------------------+\n| To leave the slackware-security mailing list: |\n+------------------------------------------------------------------------+\n| Send an email to majordomo@slackware.com with this text in the body of |\n| the email message: |\n| |\n| unsubscribe slackware-security |\n| |\n| You will get a confirmation message back containing instructions to |\n| complete the process. Please do not reply to this email address. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=====================================================================\n Red Hat Security Advisory\n\nSynopsis: Moderate: openssh security, bug fix, and enhancement update\nAdvisory ID: RHSA-2014:1552-02\nProduct: Red Hat Enterprise Linux\nAdvisory URL: https://rhn.redhat.com/errata/RHSA-2014-1552.html\nIssue date: 2014-10-14\nCVE Names: CVE-2014-2532 CVE-2014-2653 \n=====================================================================\n\n1. Summary:\n\nUpdated openssh packages that fix two security issues, several bugs, and\nadd various enhancements are now available for Red Hat Enterprise Linux 6. \n\nRed Hat Product Security has rated this update as having Moderate security\nimpact. Common Vulnerability Scoring System (CVSS) base scores, which give\ndetailed severity ratings, are available for each vulnerability from the\nCVE links in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux Desktop (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Desktop Optional (v. 6) - i386, x86_64\nRed Hat Enterprise Linux HPC Node (v. 6) - x86_64\nRed Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64\nRed Hat Enterprise Linux Server (v. 6) - i386, ppc64, s390x, x86_64\nRed Hat Enterprise Linux Server Optional (v. 6) - i386, ppc64, s390x, x86_64\nRed Hat Enterprise Linux Workstation (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Workstation Optional (v. 6) - i386, x86_64\n\n3. Description:\n\nOpenSSH is OpenBSD\u0027s SSH (Secure Shell) protocol implementation. \nThese packages include the core files necessary for both the OpenSSH client\nand server. \n\nIt was discovered that OpenSSH clients did not correctly verify DNS SSHFP\nrecords. A malicious server could use this flaw to force a connecting\nclient to skip the DNS SSHFP record check and require the user to perform\nmanual host verification of the DNS SSHFP record. (CVE-2014-2653)\n\nIt was found that OpenSSH did not properly handle certain AcceptEnv\nparameter values with wildcard characters. (CVE-2014-2532)\n\nThis update also fixes the following bugs:\n\n* Based on the SP800-131A information security standard, the generation of\na digital signature using the Digital Signature Algorithm (DSA) with the\nkey size of 1024 bits and RSA with the key size of less than 2048 bits is\ndisallowed after the year 2013. After this update, ssh-keygen no longer\ngenerates keys with less than 2048 bits in FIPS mode. However, the sshd\nservice accepts keys of size 1024 bits as well as larger keys for\ncompatibility reasons. (BZ#993580)\n\n* Previously, the openssh utility incorrectly set the oom_adj value to -17\nfor all of its children processes. This behavior was incorrect because the\nchildren processes were supposed to have this value set to 0. This update\napplies a patch to fix this bug and oom_adj is now properly set to 0 for\nall children processes as expected. (BZ#1010429)\n\n* Previously, if the sshd service failed to verify the checksum of an\ninstalled FIPS module using the fipscheck library, the information about\nthis failure was only provided at the standard error output of sshd. As a\nconsequence, the user could not notice this message and be uninformed when\na system had not been properly configured for FIPS mode. To fix this bug,\nthis behavior has been changed and sshd now sends such messages via the\nsyslog service. (BZ#1020803)\n\n* When keys provided by the pkcs11 library were removed from the ssh agent\nusing the \"ssh-add -e\" command, the user was prompted to enter a PIN. \nWith this update, a patch has been applied to allow the user to remove the\nkeys provided by pkcs11 without the PIN. (BZ#1042519)\n\nIn addition, this update adds the following enhancements:\n\n* With this update, ControlPersist has been added to OpenSSH. The option in\nconjunction with the ControlMaster configuration directive specifies that\nthe master connection remains open in the background after the initial\nclient connection has been closed. (BZ#953088)\n\n* When the sshd daemon is configured to force the internal SFTP session,\nand the user attempts to use a connection other than SFTP, the appropriate\nmessage is logged to the /var/log/secure file. (BZ#997377)\n\n* Support for Elliptic Curve Cryptography modes for key exchange (ECDH) and\nhost user keys (ECDSA) as specified by RFC5656 has been added to the\nopenssh packages. However, they are not enabled by default and the user has\nto enable them manually. For more information on how to configure ECDSA and\nECDH with OpenSSH, see: https://access.redhat.com/solutions/711953\n(BZ#1028335)\n\nAll openssh users are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues and add these\nenhancements. \n\n4. Solution:\n\nBefore applying this update, make sure all previously released errata\nrelevant to your system have been applied. \n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/articles/11258\n\n5. Bugs fixed (https://bugzilla.redhat.com/):\n\n953088 - OpenSSH adding ControlPersist patch to enable full usage of SSH control options\n1010429 - Openssh Incorrectly sets oom_adj in all Children after Performing a Reload\n1023043 - ssh_config manual page lists incorrect default value of KexAlgorithms\n1023044 - Fix man page for ssh-keygen because of certificate support\n1027197 - X11 Forwarding does not work with default config - error: Failed to allocate internet-domain X11 display socket\n1028643 - Connection remains when fork() fails. \n1077843 - CVE-2014-2532 openssh: AcceptEnv environment restriction bypass flaw\n1081338 - CVE-2014-2653 openssh: failure to check DNS SSHFP records in certain scenarios\n1108836 - ssh-keyscan should ignore SIGPIPE\n1111568 - AUTOCREATE_SERVER_KEYS=RSAONLY is not supported by init script\n\n6. Package List:\n\nRed Hat Enterprise Linux Desktop (v. 6):\n\nSource:\nopenssh-5.3p1-104.el6.src.rpm\n\ni386:\nopenssh-5.3p1-104.el6.i686.rpm\nopenssh-askpass-5.3p1-104.el6.i686.rpm\nopenssh-clients-5.3p1-104.el6.i686.rpm\nopenssh-debuginfo-5.3p1-104.el6.i686.rpm\nopenssh-server-5.3p1-104.el6.i686.rpm\n\nx86_64:\nopenssh-5.3p1-104.el6.x86_64.rpm\nopenssh-askpass-5.3p1-104.el6.x86_64.rpm\nopenssh-clients-5.3p1-104.el6.x86_64.rpm\nopenssh-debuginfo-5.3p1-104.el6.x86_64.rpm\nopenssh-server-5.3p1-104.el6.x86_64.rpm\n\nRed Hat Enterprise Linux Desktop Optional (v. 6):\n\ni386:\nopenssh-debuginfo-5.3p1-104.el6.i686.rpm\nopenssh-ldap-5.3p1-104.el6.i686.rpm\npam_ssh_agent_auth-0.9.3-104.el6.i686.rpm\n\nx86_64:\nopenssh-debuginfo-5.3p1-104.el6.i686.rpm\nopenssh-debuginfo-5.3p1-104.el6.x86_64.rpm\nopenssh-ldap-5.3p1-104.el6.x86_64.rpm\npam_ssh_agent_auth-0.9.3-104.el6.i686.rpm\npam_ssh_agent_auth-0.9.3-104.el6.x86_64.rpm\n\nRed Hat Enterprise Linux HPC Node (v. 6):\n\nSource:\nopenssh-5.3p1-104.el6.src.rpm\n\nx86_64:\nopenssh-5.3p1-104.el6.x86_64.rpm\nopenssh-clients-5.3p1-104.el6.x86_64.rpm\nopenssh-debuginfo-5.3p1-104.el6.x86_64.rpm\nopenssh-server-5.3p1-104.el6.x86_64.rpm\n\nRed Hat Enterprise Linux HPC Node Optional (v. 6):\n\nx86_64:\nopenssh-askpass-5.3p1-104.el6.x86_64.rpm\nopenssh-debuginfo-5.3p1-104.el6.i686.rpm\nopenssh-debuginfo-5.3p1-104.el6.x86_64.rpm\nopenssh-ldap-5.3p1-104.el6.x86_64.rpm\npam_ssh_agent_auth-0.9.3-104.el6.i686.rpm\npam_ssh_agent_auth-0.9.3-104.el6.x86_64.rpm\n\nRed Hat Enterprise Linux Server (v. 6):\n\nSource:\nopenssh-5.3p1-104.el6.src.rpm\n\ni386:\nopenssh-5.3p1-104.el6.i686.rpm\nopenssh-askpass-5.3p1-104.el6.i686.rpm\nopenssh-clients-5.3p1-104.el6.i686.rpm\nopenssh-debuginfo-5.3p1-104.el6.i686.rpm\nopenssh-server-5.3p1-104.el6.i686.rpm\n\nppc64:\nopenssh-5.3p1-104.el6.ppc64.rpm\nopenssh-askpass-5.3p1-104.el6.ppc64.rpm\nopenssh-clients-5.3p1-104.el6.ppc64.rpm\nopenssh-debuginfo-5.3p1-104.el6.ppc64.rpm\nopenssh-server-5.3p1-104.el6.ppc64.rpm\n\ns390x:\nopenssh-5.3p1-104.el6.s390x.rpm\nopenssh-askpass-5.3p1-104.el6.s390x.rpm\nopenssh-clients-5.3p1-104.el6.s390x.rpm\nopenssh-debuginfo-5.3p1-104.el6.s390x.rpm\nopenssh-server-5.3p1-104.el6.s390x.rpm\n\nx86_64:\nopenssh-5.3p1-104.el6.x86_64.rpm\nopenssh-askpass-5.3p1-104.el6.x86_64.rpm\nopenssh-clients-5.3p1-104.el6.x86_64.rpm\nopenssh-debuginfo-5.3p1-104.el6.x86_64.rpm\nopenssh-server-5.3p1-104.el6.x86_64.rpm\n\nRed Hat Enterprise Linux Server Optional (v. 6):\n\ni386:\nopenssh-debuginfo-5.3p1-104.el6.i686.rpm\nopenssh-ldap-5.3p1-104.el6.i686.rpm\npam_ssh_agent_auth-0.9.3-104.el6.i686.rpm\n\nppc64:\nopenssh-debuginfo-5.3p1-104.el6.ppc.rpm\nopenssh-debuginfo-5.3p1-104.el6.ppc64.rpm\nopenssh-ldap-5.3p1-104.el6.ppc64.rpm\npam_ssh_agent_auth-0.9.3-104.el6.ppc.rpm\npam_ssh_agent_auth-0.9.3-104.el6.ppc64.rpm\n\ns390x:\nopenssh-debuginfo-5.3p1-104.el6.s390.rpm\nopenssh-debuginfo-5.3p1-104.el6.s390x.rpm\nopenssh-ldap-5.3p1-104.el6.s390x.rpm\npam_ssh_agent_auth-0.9.3-104.el6.s390.rpm\npam_ssh_agent_auth-0.9.3-104.el6.s390x.rpm\n\nx86_64:\nopenssh-debuginfo-5.3p1-104.el6.i686.rpm\nopenssh-debuginfo-5.3p1-104.el6.x86_64.rpm\nopenssh-ldap-5.3p1-104.el6.x86_64.rpm\npam_ssh_agent_auth-0.9.3-104.el6.i686.rpm\npam_ssh_agent_auth-0.9.3-104.el6.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation (v. 6):\n\nSource:\nopenssh-5.3p1-104.el6.src.rpm\n\ni386:\nopenssh-5.3p1-104.el6.i686.rpm\nopenssh-askpass-5.3p1-104.el6.i686.rpm\nopenssh-clients-5.3p1-104.el6.i686.rpm\nopenssh-debuginfo-5.3p1-104.el6.i686.rpm\nopenssh-server-5.3p1-104.el6.i686.rpm\n\nx86_64:\nopenssh-5.3p1-104.el6.x86_64.rpm\nopenssh-askpass-5.3p1-104.el6.x86_64.rpm\nopenssh-clients-5.3p1-104.el6.x86_64.rpm\nopenssh-debuginfo-5.3p1-104.el6.x86_64.rpm\nopenssh-server-5.3p1-104.el6.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation Optional (v. 6):\n\ni386:\nopenssh-debuginfo-5.3p1-104.el6.i686.rpm\nopenssh-ldap-5.3p1-104.el6.i686.rpm\npam_ssh_agent_auth-0.9.3-104.el6.i686.rpm\n\nx86_64:\nopenssh-debuginfo-5.3p1-104.el6.i686.rpm\nopenssh-debuginfo-5.3p1-104.el6.x86_64.rpm\nopenssh-ldap-5.3p1-104.el6.x86_64.rpm\npam_ssh_agent_auth-0.9.3-104.el6.i686.rpm\npam_ssh_agent_auth-0.9.3-104.el6.x86_64.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/#package\n\n7. References:\n\nhttps://www.redhat.com/security/data/cve/CVE-2014-2532.html\nhttps://www.redhat.com/security/data/cve/CVE-2014-2653.html\nhttps://access.redhat.com/security/updates/classification/#moderate\nhttps://access.redhat.com/solutions/711953\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2014 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niD8DBQFUPK1zXlSAg2UNWIIRAgLFAKCbc0zGun3IBr/70ChlueemUsEORgCfa8RL\nIT6RfneDJRTv3j8EqBZSrp0=\n=33Fn\n-----END PGP SIGNATURE-----\n\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 201405-06\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n http://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: High\n Title: OpenSSH: Multiple vulnerabilities\n Date: May 11, 2014\n Bugs: #231292, #247466, #386307, #410869, #419357, #456006, #505066\n ID: 201405-06\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nMultiple vulnerabilities have been found in OpenSSH, the worst of which\nmay allow remote attackers to execute arbitrary code. Please review\nthe CVE identifiers referenced below for details. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll OpenSSH users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=net-misc/openssh-6.6_p1-r1\"\n\nNOTE: One or more of the issues described in this advisory have been\nfixed in previous updates. They are included in this advisory for the\nsake of completeness. It is likely that your system is already no\nlonger affected by them. \n\nReferences\n==========\n\n[ 1 ] CVE-2008-5161\n http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5161\n[ 2 ] CVE-2010-4478\n http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-4478\n[ 3 ] CVE-2010-4755\n http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-4755\n[ 4 ] CVE-2010-5107\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-5107\n[ 5 ] CVE-2011-5000\n http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-5000\n[ 6 ] CVE-2012-0814\n http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-0814\n[ 7 ] CVE-2014-2532\n http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-2532\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-201405-06.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2014 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA256\n\nAPPLE-SA-2015-09-30-3 OS X El Capitan 10.11\n\nOS X El Capitan 10.11 is now available and addresses the following:\n\nAddress Book\nAvailable for: Mac OS X v10.6.8 and later\nImpact: A local attacker may be able to inject arbitrary code to\nprocesses loading the Address Book framework\nDescription: An issue existed in Address Book framework\u0027s handling\nof an environment variable. This issue was addressed through improved\nenvironment variable handling. \nCVE-ID\nCVE-2015-5897 : Dan Bastone of Gotham Digital Science\n\nAirScan\nAvailable for: Mac OS X v10.6.8 and later\nImpact: An attacker with a privileged network position may be able\nto extract payload from eSCL packets sent over a secure connection\nDescription: An issue existed in the processing of eSCL packets. \nThis issue was addressed through improved validation checks. \nCVE-ID\nCVE-2015-5853 : an anonymous researcher\n\napache_mod_php\nAvailable for: Mac OS X v10.6.8 and later\nImpact: Multiple vulnerabilities in PHP\nDescription: Multiple vulnerabilities existed in PHP versions prior\nto 5.5.27, including one which may have led to remote code execution. \nThis issue was addressed by updating PHP to version 5.5.27. \nCVE-ID\nCVE-2014-9425\nCVE-2014-9427\nCVE-2014-9652\nCVE-2014-9705\nCVE-2014-9709\nCVE-2015-0231\nCVE-2015-0232\nCVE-2015-0235\nCVE-2015-0273\nCVE-2015-1351\nCVE-2015-1352\nCVE-2015-2301\nCVE-2015-2305\nCVE-2015-2331\nCVE-2015-2348\nCVE-2015-2783\nCVE-2015-2787\nCVE-2015-3329\nCVE-2015-3330\n\nApple Online Store Kit\nAvailable for: Mac OS X v10.6.8 and later\nImpact: A malicious application may gain access to a user\u0027s keychain\nitems\nDescription: An issue existed in validation of access control lists\nfor iCloud keychain items. This issue was addressed through improved\naccess control list checks. \nCVE-ID\nCVE-2015-5836 : XiaoFeng Wang of Indiana University, Luyi Xing of\nIndiana University, Tongxin Li of Peking University, Tongxin Li of\nPeking University, Xiaolong Bai of Tsinghua University\n\nAppleEvents\nAvailable for: Mac OS X v10.6.8 and later\nImpact: A user connected through screen sharing can send Apple\nEvents to a local user\u0027s session\nDescription: An issue existed with Apple Event filtering that\nallowed some users to send events to other users. This was addressed\nby improved Apple Event handling. \nCVE-ID\nCVE-2015-5849 : Jack Lawrence (@_jackhl)\n\nAudio\nAvailable for: Mac OS X v10.6.8 and later\nImpact: Playing a malicious audio file may lead to an unexpected\napplication termination\nDescription: A memory corruption issue existed in the handling of\naudio files. This issue issue was addressed through improved memory\nhandling. \nCVE-ID\nCVE-2015-5862 : YoungJin Yoon of Information Security Lab. (Adv.:\nProf. Taekyoung Kwon), Yonsei University, Seoul, Korea\n\nbash\nAvailable for: Mac OS X v10.6.8 and later\nImpact: Multiple vulnerabilities in bash\nDescription: Multiple vulnerabilities existed in bash versions prior\nto 3.2 patch level 57. These issues were addressed by updating bash\nversion 3.2 to patch level 57. \nCVE-ID\nCVE-2014-6277\nCVE-2014-7186\nCVE-2014-7187\n\nCertificate Trust Policy\nAvailable for: Mac OS X v10.6.8 and later\nImpact: Update to the certificate trust policy\nDescription: The certificate trust policy was updated. The complete\nlist of certificates may be viewed at https://support.apple.com/en-\nus/HT202858. \n\nCFNetwork Cookies\nAvailable for: Mac OS X v10.6.8 and later\nImpact: An attacker in a privileged network position can track a\nuser\u0027s activity\nDescription: A cross-domain cookie issue existed in the handling of\ntop level domains. The issue was address through improved\nrestrictions of cookie creation. \nCVE-ID\nCVE-2015-5885 : Xiaofeng Zheng of Blue Lotus Team, Tsinghua\nUniversity\n\nCFNetwork FTPProtocol\nAvailable for: Mac OS X v10.6.8 and later\nImpact: Malicious FTP servers may be able to cause the client to\nperform reconnaissance on other hosts\nDescription: An issue existed in the handling of FTP packets when\nusing the PASV command. This issue was resolved through improved\nvalidation. \nCVE-ID\nCVE-2015-5912 : Amit Klein\n\nCFNetwork HTTPProtocol\nAvailable for: Mac OS X v10.6.8 and later\nImpact: A maliciously crafted URL may be able to bypass HSTS and\nleak sensitive data\nDescription: A URL parsing vulnerability existed in HSTS handling. \nThis issue was addressed through improved URL parsing. \nCVE-ID\nCVE-2015-5858 : Xiaofeng Zheng of Blue Lotus Team, Tsinghua\nUniversity\n\nCFNetwork HTTPProtocol\nAvailable for: Mac OS X v10.6.8 and later\nImpact: A malicious website may be able to track users in Safari\nprivate browsing mode\nDescription: An issue existed in the handling of HSTS state in\nSafari private browsing mode. This issue was addressed through\nimproved state handling. \nCVE-ID\nCVE-2015-5860 : Sam Greenhalgh of RadicalResearch Ltd\n\nCFNetwork Proxies\nAvailable for: Mac OS X v10.6.8 and later\nImpact: Connecting to a malicious web proxy may set malicious\ncookies for a website\nDescription: An issue existed in the handling of proxy connect\nresponses. This issue was addressed by removing the set-cookie header\nwhile parsing the connect response. \nCVE-ID\nCVE-2015-5841 : Xiaofeng Zheng of Blue Lotus Team, Tsinghua\nUniversity\n\nCFNetwork SSL\nAvailable for: Mac OS X v10.6.8 and later\nImpact: An attacker with a privileged network position may intercept\nSSL/TLS connections\nDescription: A certificate validation issue existed in NSURL when a\ncertificate changed. This issue was addressed through improved\ncertificate validation. \nCVE-ID\nCVE-2015-5824 : Timothy J. Wood of The Omni Group\n\nCFNetwork SSL\nAvailable for: Mac OS X v10.6.8 and later\nImpact: An attacker may be able to decrypt data protected by SSL\nDescription: There are known attacks on the confidentiality of RC4. \nAn attacker could force the use of RC4, even if the server preferred\nbetter ciphers, by blocking TLS 1.0 and higher connections until\nCFNetwork tried SSL 3.0, which only allows RC4. This issue was\naddressed by removing the fallback to SSL 3.0. \n\nCoreCrypto\nAvailable for: Mac OS X v10.6.8 and later\nImpact: An attacker may be able to determine a private key\nDescription: By observing many signing or decryption attempts, an\nattacker may have been able to determine the RSA private key. This\nissue was addressed using improved encryption algorithms. \n\nCoreText\nAvailable for: Mac OS X v10.6.8 and later\nImpact: Processing a maliciously crafted font file may lead to\narbitrary code execution\nDescription: A memory corruption issue existed in the processing of\nfont files. This issue was addressed through improved input\nvalidation. \nCVE-ID\nCVE-2015-5874 : John Villamil (@day6reak), Yahoo Pentest Team\n\nDev Tools\nAvailable for: Mac OS X v10.6.8 and later\nImpact: A malicious application may be able to execute arbitrary\ncode with system privileges\nDescription: A memory corruption issue existed in dyld. This was\naddressed through improved memory handling. \nCVE-ID\nCVE-2015-5876 : beist of grayhash\n\nDev Tools\nAvailable for: Mac OS X v10.6.8 and later\nImpact: An application may be able to bypass code signing\nDescription: An issue existed with validation of the code signature\nof executables. This issue was addressed through improved bounds\nchecking. \nCVE-ID\nCVE-2015-5839 : @PanguTeam\n\nDisk Images\nAvailable for: Mac OS X v10.6.8 and later\nImpact: A local user may be able to execute arbitrary code with\nsystem privileges\nDescription: A memory corruption issue existed in DiskImages. This\nissue was addressed through improved memory handling. \nCVE-ID\nCVE-2015-5847 : Filippo Bigarella, Luca Todesco\n\ndyld\nAvailable for: Mac OS X v10.6.8 and later\nImpact: An application may be able to bypass code signing\nDescription: An issue existed with validation of the code signature\nof executables. This issue was addressed through improved bounds\nchecking. \nCVE-ID\nCVE-2015-5839 : TaiG Jailbreak Team\n\nEFI\nAvailable for: Mac OS X v10.6.8 and later\nImpact: A malicious application can prevent some systems from\nbooting\nDescription: An issue existed with the addresses covered by the\nprotected range register. This issue was fixed by changing the\nprotected range. \nCVE-ID\nCVE-2015-5900 : Xeno Kovah \u0026 Corey Kallenberg from LegbaCore\n\nEFI\nAvailable for: Mac OS X v10.6.8 and later\nImpact: A malicious Apple Ethernet Thunderbolt adapter may be able\nto affect firmware flashing\nDescription: Apple Ethernet Thunderbolt adapters could modify the\nhost firmware if connected during an EFI update. This issue was\naddressed by not loading option ROMs during updates. \nCVE-ID\nCVE-2015-5914 : Trammell Hudson of Two Sigma Investments and snare\n\nFinder\nAvailable for: Mac OS X v10.6.8 and later\nImpact: The \"Secure Empty Trash\" feature may not securely delete\nfiles placed in the Trash\nDescription: An issue existed in guaranteeing secure deletion of\nTrash files on some systems, such as those with flash storage. This\nissue was addressed by removing the \"Secure Empty Trash\" option. \nCVE-ID\nCVE-2015-5901 : Apple\n\nGame Center\nAvailable for: Mac OS X v10.6.8 and later\nImpact: A malicious Game Center application may be able to access a\nplayer\u0027s email address\nDescription: An issue existed in Game Center in the handling of a\nplayer\u0027s email. This issue was addressed through improved access\nrestrictions. \nCVE-ID\nCVE-2015-5855 : Nasser Alnasser\n\nHeimdal\nAvailable for: Mac OS X v10.6.8 and later\nImpact: An attacker may be able to replay Kerberos credentials to\nthe SMB server\nDescription: An authentication issue existed in Kerberos\ncredentials. This issue was addressed through additional validation\nof credentials using a list of recently seen credentials. \nCVE-ID\nCVE-2015-5913 : Tarun Chopra of Microsoft Corporation, U.S. and Yu\nFan of Microsoft Corporation, China\n\nICU\nAvailable for: Mac OS X v10.6.8 and later\nImpact: Multiple vulnerabilities in ICU\nDescription: Multiple vulnerabilities existed in ICU versions prior\nto 53.1.0. These issues were addressed by updating ICU to version\n55.1. \nCVE-ID\nCVE-2014-8146\nCVE-2014-8147\nCVE-2015-5922\n\nInstall Framework Legacy\nAvailable for: Mac OS X v10.6.8 and later\nImpact: A local user may be able to gain root privileges\nDescription: A restriction issue existed in the Install private\nframework containing a privileged executable. This issue was\naddressed by removing the executable. \nCVE-ID\nCVE-2015-5888 : Apple\n\nIntel Graphics Driver\nAvailable for: Mac OS X v10.6.8 and later\nImpact: A local user may be able to execute arbitrary code with\nsystem privileges\nDescription: Multiple memory corruption issues existed in the Intel\nGraphics Driver. These issues were addressed through improved memory\nhandling. \nCVE-ID\nCVE-2015-5830 : Yuki MIZUNO (@mzyy94)\nCVE-2015-5877 : Camillus Gerard Cai\n\nIOAudioFamily\nAvailable for: Mac OS X v10.6.8 and later\nImpact: A local user may be able to determine kernel memory layout\nDescription: An issue existed in IOAudioFamily that led to the\ndisclosure of kernel memory content. This issue was addressed by\npermuting kernel pointers. \nCVE-ID\nCVE-2015-5864 : Luca Todesco\n\nIOGraphics\nAvailable for: Mac OS X v10.6.8 and later\nImpact: A local user may be able to execute arbitrary code with\nkernel privileges\nDescription: Multiple memory corruption issues existed in the\nkernel. These issues were addressed through improved memory handling. \nCVE-ID\nCVE-2015-5871 : Ilja van Sprundel of IOActive\nCVE-2015-5872 : Ilja van Sprundel of IOActive\nCVE-2015-5873 : Ilja van Sprundel of IOActive\nCVE-2015-5890 : Ilja van Sprundel of IOActive\n\nIOGraphics\nAvailable for: Mac OS X v10.6.8 and later\nImpact: A malicious application may be able to determine kernel\nmemory layout\nDescription: An issue existed in IOGraphics which could have led to\nthe disclosure of kernel memory layout. This issue was addressed\nthrough improved memory management. \nCVE-ID\nCVE-2015-5865 : Luca Todesco\n\nIOHIDFamily\nAvailable for: Mac OS X v10.6.8 and later\nImpact: A malicious application may be able to execute arbitrary\ncode with system privileges\nDescription: Multiple memory corruption issues existed in\nIOHIDFamily. These issues were addressed through improved memory\nhandling. \nCVE-ID\nCVE-2015-5866 : Apple\nCVE-2015-5867 : moony li of Trend Micro\n\nIOStorageFamily\nAvailable for: Mac OS X v10.6.8 and later\nImpact: A local attacker may be able to read kernel memory\nDescription: A memory initialization issue existed in the kernel. \nThis issue was addressed through improved memory handling. \nCVE-ID\nCVE-2015-5863 : Ilja van Sprundel of IOActive\n\nKernel\nAvailable for: Mac OS X v10.6.8 and later\nImpact: A local user may be able to execute arbitrary code with\nkernel privileges\nDescription: Multiple memory corruption issues existed in the\nKernel. These issues were addressed through improved memory handling. \nCVE-ID\nCVE-2015-5868 : Cererdlong of Alibaba Mobile Security Team\nCVE-2015-5896 : Maxime Villard of m00nbsd\nCVE-2015-5903 : CESG\n\nKernel\nAvailable for: Mac OS X v10.6.8 and later\nImpact: A local process can modify other processes without\nentitlement checks\nDescription: An issue existed where root processes using the\nprocessor_set_tasks API were allowed to retrieve the task ports of\nother processes. This issue was addressed through additional\nentitlement checks. \nCVE-ID\nCVE-2015-5882 : Pedro Vilaca, working from original research by\nMing-chieh Pan and Sung-ting Tsai; Jonathan Levin\n\nKernel\nAvailable for: Mac OS X v10.6.8 and later\nImpact: A local attacker may control the value of stack cookies\nDescription: Multiple weaknesses existed in the generation of user\nspace stack cookies. These issues were addressed through improved\ngeneration of stack cookies. \nCVE-ID\nCVE-2013-3951 : Stefan Esser\n\nKernel\nAvailable for: Mac OS X v10.6.8 and later\nImpact: An attacker may be able to launch denial of service attacks\non targeted TCP connections without knowing the correct sequence\nnumber\nDescription: An issue existed in xnu\u0027s validation of TCP packet\nheaders. This issue was addressed through improved TCP packet header\nvalidation. \nCVE-ID\nCVE-2015-5879 : Jonathan Looney\n\nKernel\nAvailable for: Mac OS X v10.6.8 and later\nImpact: An attacker in a local LAN segment may disable IPv6 routing\nDescription: An insufficient validation issue existed in the\nhandling of IPv6 router advertisements that allowed an attacker to\nset the hop limit to an arbitrary value. This issue was addressed by\nenforcing a minimum hop limit. \nCVE-ID\nCVE-2015-5869 : Dennis Spindel Ljungmark\n\nKernel\nAvailable for: Mac OS X v10.6.8 and later\nImpact: A local user may be able to determine kernel memory layout\nDescription: An issue existed that led to the disclosure of kernel\nmemory layout. This was addressed through improved initialization of\nkernel memory structures. \nCVE-ID\nCVE-2015-5842 : beist of grayhash\n\nKernel\nAvailable for: Mac OS X v10.6.8 and later\nImpact: A local user may be able to determine kernel memory layout\nDescription: An issue existed in debugging interfaces that led to\nthe disclosure of memory content. This issue was addressed by\nsanitizing output from debugging interfaces. \nCVE-ID\nCVE-2015-5870 : Apple\n\nKernel\nAvailable for: Mac OS X v10.6.8 and later\nImpact: A local user may be able to cause a system denial of service\nDescription: A state management issue existed in debugging\nfunctionality. This issue was addressed through improved validation. \nCVE-ID\nCVE-2015-5902 : Sergi Alvarez (pancake) of NowSecure Research Team\n\nlibc\nAvailable for: Mac OS X v10.6.8 and later\nImpact: A local user may be able to execute arbitrary code with\nkernel privileges\nDescription: A memory corruption issue existed in the kernel. This\nissue was addressed through improved memory handling. \nCVE-ID\nCVE-2014-8611 : Adrian Chadd and Alfred Perlstein of Norse\nCorporation\n\nlibpthread\nAvailable for: Mac OS X v10.6.8 and later\nImpact: A local user may be able to execute arbitrary code with\nkernel privileges\nDescription: A memory corruption issue existed in the kernel. This\nissue was addressed through improved memory handling. \nCVE-ID\nCVE-2015-5899 : Lufeng Li of Qihoo 360 Vulcan Team\n\nlibxpc\nAvailable for: Mac OS X v10.6.8 and later\nImpact: Many SSH connections could cause a denial of service\nDescription: launchd had no limit on the number of processes that\ncould be started by a network connection. This issue was addressed by\nlimiting the number of SSH processes to 40. \nCVE-ID\nCVE-2015-5881 : Apple\n\nLogin Window\nAvailable for: Mac OS X v10.6.8 and later\nImpact: The screen lock may not engage after the specified time\nperiod\nDescription: An issue existed with captured display locking. The\nissue was addressed through improved lock handling. \nCVE-ID\nCVE-2015-5833 : Carlos Moreira, Rainer Dorau of rainer dorau\ninformationsdesign, Chris Nehren, Kai Takac, Hans Douma, Toni\nVaahtera, and an anonymous researcher\n\nlukemftpd\nAvailable for: Mac OS X v10.6.8 and later\nImpact: A remote attacker may be able to deny service to the FTP\nserver\nDescription: A glob-processing issue existed in tnftpd. This issue\nwas addressed through improved glob validation. \nCVE-ID\nCVE-2015-5917 : Maksymilian Arciemowicz of cxsecurity.com\n\nMail\nAvailable for: Mac OS X v10.6.8 and later\nImpact: Printing an email may leak sensitive user information\nDescription: An issue existed in Mail which bypassed user\npreferences when printing an email. This issue was addressed through\nimproved user preference enforcement. \nCVE-ID\nCVE-2015-5881 : Owen DeLong of Akamai Technologies, Noritaka Kamiya,\nDennis Klein from Eschenburg, Germany, Jeff Hammett of Systim\nTechnology Partners\n\nMail\nAvailable for: Mac OS X v10.6.8 and later\nImpact: An attacker in a privileged network position may be able to\nintercept attachments of S/MIME-encrypted e-mail sent via Mail Drop\nDescription: An issue existed in handling encryption parameters for\nlarge email attachments sent via Mail Drop. The issue is addressed by\nno longer offering Mail Drop when sending an encrypted e-mail. \nCVE-ID\nCVE-2015-5884 : John McCombs of Integrated Mapping Ltd\n\nMultipeer Connectivity\nAvailable for: Mac OS X v10.6.8 and later\nImpact: A local attacker may be able to observe unprotected\nmultipeer data\nDescription: An issue existed in convenience initializer handling in\nwhich encryption could be actively downgraded to a non-encrypted\nsession. This issue was addressed by changing the convenience\ninitializer to require encryption. \nCVE-ID\nCVE-2015-5851 : Alban Diquet (@nabla_c0d3) of Data Theorem\n\nNetworkExtension\nAvailable for: Mac OS X v10.6.8 and later\nImpact: A malicious application may be able to determine kernel\nmemory layout\nDescription: An uninitialized memory issue in the kernel led to the\ndisclosure of kernel memory content. This issue was addressed through\nimproved memory initialization. \nCVE-ID\nCVE-2015-5831 : Maxime Villard of m00nbsd\n\nNotes\nAvailable for: Mac OS X v10.6.8 and later\nImpact: A local user may be able to leak sensitive user information\nDescription: An issue existed in parsing links in the Notes\napplication. This issue was addressed through improved input\nvalidation. \nCVE-ID\nCVE-2015-5878 : Craig Young of Tripwire VERT, an anonymous researcher\n\nNotes\nAvailable for: Mac OS X v10.6.8 and later\nImpact: A local user may be able to leak sensitive user information\nDescription: A cross-site scripting issue existed in parsing text by\nthe Notes application. This issue was addressed through improved\ninput validation. \nCVE-ID\nCVE-2015-5875 : xisigr of Tencent\u0027s Xuanwu LAB (www.tencent.com)\n\nOpenSSH\nAvailable for: Mac OS X v10.6.8 and later\nImpact: Multiple vulnerabilities in OpenSSH\nDescription: Multiple vulnerabilities existed in OpenSSH versions\nprior to 6.9. These issues were addressed by updating OpenSSH to\nversion 6.9. \nCVE-ID\nCVE-2014-2532\n\nOpenSSL\nAvailable for: Mac OS X v10.6.8 and later\nImpact: Multiple vulnerabilities in OpenSSL\nDescription: Multiple vulnerabilities existed in OpenSSL versions\nprior to 0.9.8zg. These were addressed by updating OpenSSL to version\n0.9.8zg. \nCVE-ID\nCVE-2015-0286\nCVE-2015-0287\n\nprocmail\nAvailable for: Mac OS X v10.6.8 and later\nImpact: Multiple vulnerabilities in procmail\nDescription: Multiple vulnerabilities existed in procmail versions\nprior to 3.22. These issues were addressed by removing procmail. \nCVE-ID\nCVE-2014-3618\n\nremote_cmds\nAvailable for: Mac OS X v10.6.8 and later\nImpact: A local user may be able to execute arbitrary code with root\nprivileges\nDescription: An issue existed in the usage of environment variables\nby the rsh binary. This issue was addressed by dropping setuid\nprivileges from the rsh binary. \nCVE-ID\nCVE-2015-5889 : Philip Pettersson\n\nremovefile\nAvailable for: Mac OS X v10.6.8 and later\nImpact: Processing malicious data may lead to unexpected application\ntermination\nDescription: An overflow fault existed in the checkint division\nroutines. This issue was addressed with improved division routines. \nCVE-ID\nCVE-2015-5840 : an anonymous researcher\n\nRuby\nAvailable for: Mac OS X v10.6.8 and later\nImpact: Multiple vulnerabilities in Ruby\nDescription: Multiple vulnerabilities existed in Ruby versions prior\nto 2.0.0p645. These were addressed by updating Ruby to version\n2.0.0p645. \nCVE-ID\nCVE-2014-8080\nCVE-2014-8090\nCVE-2015-1855\n\nSecurity\nAvailable for: Mac OS X v10.6.8 and later\nImpact: The lock state of the keychain may be incorrectly displayed\nto the user\nDescription: A state management issue existed in the way keychain\nlock status was tracked. This issue was addressed through improved\nstate management. \nCVE-ID\nCVE-2015-5915 : Peter Walz of University of Minnesota, David Ephron,\nEric E. Lawrence, Apple\n\nSecurity\nAvailable for: Mac OS X v10.6.8 and later\nImpact: A trust evaluation configured to require revocation checking\nmay succeed even if revocation checking fails\nDescription: The kSecRevocationRequirePositiveResponse flag was\nspecified but not implemented. This issue was addressed by\nimplementing the flag. \nCVE-ID\nCVE-2015-5894 : Hannes Oud of kWallet GmbH\n\nSecurity\nAvailable for: Mac OS X v10.6.8 and later\nImpact: A remote server may prompt for a certificate before\nidentifying itself\nDescription: Secure Transport accepted the CertificateRequest\nmessage before the ServerKeyExchange message. This issue was\naddressed by requiring the ServerKeyExchange first. \nCVE-ID\nCVE-2015-5887 : Benjamin Beurdouche, Karthikeyan Bhargavan, Antoine\nDelignat-Lavaud, Alfredo Pironti, and Jean Karim Zinzindohoue of\nINRIA Paris-Rocquencourt, and Cedric Fournet and Markulf Kohlweiss of\nMicrosoft Research, Pierre-Yves Strub of IMDEA Software Institute\n\nSMB\nAvailable for: Mac OS X v10.6.8 and later\nImpact: A local user may be able to execute arbitrary code with\nkernel privileges\nDescription: A memory corruption issue existed in the kernel. This\nissue was addressed through improved memory handling. \nCVE-ID\nCVE-2015-5891 : Ilja van Sprundel of IOActive\n\nSMB\nAvailable for: Mac OS X v10.6.8 and later\nImpact: A local user may be able to determine kernel memory layout\nDescription: An issue existed in SMBClient that led to the\ndisclosure of kernel memory content. This issue was addressed through\nimproved bounds checking. \nCVE-ID\nCVE-2015-5893 : Ilja van Sprundel of IOActive\n\nSQLite\nAvailable for: Mac OS X v10.6.8 and later\nImpact: Multiple vulnerabilities in SQLite v3.8.5\nDescription: Multiple vulnerabilities existed in SQLite v3.8.5. \nThese issues were addressed by updating SQLite to version 3.8.10.2. \nCVE-ID\nCVE-2015-3414\nCVE-2015-3415\nCVE-2015-3416\n\nTelephony\nAvailable for: Mac OS X v10.6.8 and later\nImpact: A local attacker can place phone calls without the user\u0027s\nknowledge when using Continuity\nDescription: An issue existed in the authorization checks for\nplacing phone calls. This issue was addressed through improved\nauthorization checks. \nCVE-ID\nCVE-2015-3785 : Dan Bastone of Gotham Digital Science\n\nTerminal\nAvailable for: Mac OS X v10.6.8 and later\nImpact: Maliciously crafted text could mislead the user in Terminal\nDescription: Terminal did not handle bidirectional override\ncharacters in the same way when displaying text and when selecting\ntext. This issue was addressed by suppressing bidirectional override\ncharacters in Terminal. \nCVE-ID\nCVE-2015-5883 : an anonymous researcher\n\ntidy\nAvailable for: Mac OS X v10.6.8 and later\nImpact: Visiting a maliciously crafted website may lead to arbitrary\ncode execution\nDescription: Multiple memory corruption issues existed in tidy. \nThese issues were addressed through improved memory handling. \nCVE-ID\nCVE-2015-5522 : Fernando Munoz of NULLGroup.com\nCVE-2015-5523 : Fernando Munoz of NULLGroup.com\n\nTime Machine\nAvailable for: Mac OS X v10.6.8 and later\nImpact: A local attacker may gain access to keychain items\nDescription: An issue existed in backups by the Time Machine\nframework. This issue was addressed through improved coverage of Time\nMachine backups. \nCVE-ID\nCVE-2015-5854 : Jonas Magazinius of Assured AB\n\nNote: OS X El Capitan 10.11 includes the security content of\nSafari 9: https://support.apple.com/kb/HT205265. \n\nOS X El Capitan 10.11 may be obtained from the Mac App Store:\nhttp://www.apple.com/support/downloads/\n\nInformation will also be posted to the Apple Security Updates\nweb site: https://support.apple.com/kb/HT201222\n\nThis message is signed with Apple\u0027s Product Security PGP key,\nand details are available at:\nhttps://www.apple.com/support/security/pgp/\n\n-----BEGIN PGP SIGNATURE-----\nComment: GPGTools - http://gpgtools.org\n\niQIcBAEBCAAGBQJWDB2wAAoJEBcWfLTuOo7t0sYP/2L3JOGPkHH8XUh2YHpu5qaw\nS5F2v+SRpWleKQBVsGZ7oA8PV0rBTzEkzt8K1tNxYmxEqL9f/TpRiGoforn89thO\n/hOtmVOfUcBjPZ4XKwMVzycfSMC9o6LxWTLEKDVylE+F+5jkXafOC9QaqD11dxX6\nQhENkpS1BwrKhyaSVxEcgBQtZM9aTsVdZ78rTCb9XTn6gDnvs8NfIQquFOnaQT54\nYJ36e5UcUsnyBIol+yGDbC3ZEhzSVIGE5/8/NFlFfRXLgnJArxD8lqz8WdfU9fop\nhpT/dDqqAdYbRcW1ihcG1haiNHgP9yQCY5jRNfttb+Tc/kIi/QmPkEO0QS8Ygt/O\nc3sUbNulr1LCinymFVwx16CM1DplGS/GmBL18BAEBnL6yi9tEhYDynZWLSEa37VR\n8q802rXRSF10Wct9/kEeR4HgY/1k0KK/4Uddm3c0YyOU21ya7NAhoHGwmDa9g11r\nN1TniOK8tPiCGjRNOJwuF6DKxD9L3Fv44bVlxAarGUGYkICqzaNS+bgKI1aQNahT\nfJ91x5uKD4+L9v9c5slkoDIvWqIhO9oyuxgnmC5GstkwFplFXSOklLkTktjLGNn1\nnJq8cPnZ/3E1RXTEwVhGljYw5pdZHNx98XmLomGrPqVlZfjGURK+5AXdf2pOlt2e\ng6jld/w5tPuCFhGucE7Z\n=XciV\n-----END PGP SIGNATURE-----\n. \n \n Matthew Vernon reported that if a SSH server offers a HostCertificate\n that the ssh client doesn\u0026#039;t accept, then the client doesn\u0026#039;t check\n the DNS for SSHFP records. As a consequence a malicious server can\n disable SSHFP-checking by presenting a certificate (CVE-2014-2653). \n _______________________________________________________________________\n\n References:\n\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2532\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2653\n http://advisories.mageia.org/MGASA-2014-0143.html\n http://advisories.mageia.org/MGASA-2014-0166.html\n _______________________________________________________________________\n\n Updated Packages:\n\n Mandriva Business Server 1/X86_64:\n 753bd40deb60429adc6a7c1afd63ee3d mbs1/x86_64/openssh-5.9p1-6.3.mbs1.x86_64.rpm\n 377e7fbb14f72a1e32da41f19be7baa8 mbs1/x86_64/openssh-askpass-5.9p1-6.3.mbs1.x86_64.rpm\n a906db623fc8d56eab9b8b99b1af84d9 mbs1/x86_64/openssh-askpass-common-5.9p1-6.3.mbs1.x86_64.rpm\n 9fc03d4929efdf21a26aef308eb66f14 mbs1/x86_64/openssh-askpass-gnome-5.9p1-6.3.mbs1.x86_64.rpm\n f2dbea4a0a8109bc835c69e871f07a69 mbs1/x86_64/openssh-clients-5.9p1-6.3.mbs1.x86_64.rpm\n a20d329b8332ff7f7f10dd541a3865a9 mbs1/x86_64/openssh-server-5.9p1-6.3.mbs1.x86_64.rpm \n 0fd2c0a9338a7e8e8747c2ea3ae43c49 mbs1/SRPMS/openssh-5.9p1-6.3.mbs1.src.rpm\n _______________________________________________________________________\n\n To upgrade automatically use MandrivaUpdate or urpmi. The verification\n of md5 checksums and GPG signatures is performed automatically for you. ============================================================================\nUbuntu Security Notice USN-2155-1\nMarch 25, 2014\n\nopenssh vulnerability\n============================================================================\n\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 13.10\n- Ubuntu 12.10\n- Ubuntu 12.04 LTS\n- Ubuntu 10.04 LTS\n\nSummary:\n\nOpenSSH incorrectly handled environment restrictions with wildcards. \n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 13.10:\n openssh-server 1:6.2p2-6ubuntu0.2\n\nUbuntu 12.10:\n openssh-server 1:6.0p1-3ubuntu1.1\n\nUbuntu 12.04 LTS:\n openssh-server 1:5.9p1-5ubuntu1.2\n\nUbuntu 10.04 LTS:\n openssh-server 1:5.3p1-3ubuntu7.1\n\nIn general, a standard system update will make all the necessary changes. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\nNote: the current version of the following document is available here:\nhttps://h20564.www2.hp.com/portal/site/hpsc/public/kb/\ndocDisplay?docId=emr_na-c04499681\n\nSUPPORT COMMUNICATION - SECURITY BULLETIN\n\nDocument ID: c04499681\nVersion: 1\n\nHPSBUX03188 SSRT101487 rev.1 - HP-UX running HP Secure Shell, Remote Denial\nof Service (DoS) and other Vulnerabilities\n\nNOTICE: The information in this Security Bulletin should be acted upon as\nsoon as possible. \n\nRelease Date: 2014-11-07\nLast Updated: 2014-11-07\n\nPotential Security Impact: Remote Denial of Service (DoS) and other\nvulnerabilities\n\nSource: Hewlett-Packard Company, HP Software Security Response Team\n\nVULNERABILITY SUMMARY\nPotential security vulnerabilities have been identified with HP-UX running HP\nSecure Shell. These vulnerabilities could be exploited remotely to create a\nDenial of Service (DoS) and other vulnerabilities. \n\nReferences:\n\nCVE-2013-4548 - remote Permissions, Privileges, and Access Control (CWE-264)\n\nCVE-2014-1692 - remote Denial of Service (DoS), Buffer Errors (CWE-119)\n\nCVE-2014-2532 - remote Permissions, Privileges, and Access Control (CWE-264)\n\nCVE-2014-2653 - remote Input Validation (CWE-20)\n\nSSRT101487\n\nSUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. \nHP-UX B.11.11 running HP Secure Shell before version A.06.20.010\n\nHP-UX B.11.23 running HP Secure Shell before version A.06.20.011\n\nHP-UX B.11.31 running HP Secure Shell before version A.06.20.012\n\nBACKGROUND\n\nCVSS 2.0 Base Metrics\n===========================================================\n Reference Base Vector Base Score\nCVE-2013-4548 (AV:N/AC:M/Au:S/C:P/I:P/A:P) 6.0\nCVE-2014-1692 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5\nCVE-2014-2532 (AV:N/AC:M/Au:N/C:P/I:P/A:N) 5.8\nCVE-2014-2653 (AV:N/AC:M/Au:N/C:P/I:P/A:N) 5.8\n===========================================================\n Information on CVSS is documented\n in HP Customer Notice: HPSN-2008-002\n\nRESOLUTION\n\nHP has provided the following software updates to resolve this vulnerability. \nThe updates are available for download from:\nhttp://h20293.www2.hp.com/portal/swdepot/displayProductInfo.do?productNumber=\nT1471AA\n\nOS Release\n HP Secure Shell Version\n Depot Name\n\nHP-UX B.11.11 (11i v1)\n A.06.20.010 or subsequent\n HP_UX_11i_v1_T1471AA_A.06.20.010_HP-UX_B.11.11_32_64.depot\n\nHP-UX B.11.23 (11i v2)\n A.06.20.011 or subsequent\n HP_UX_11i_v2_T1471AA_A.06.20.011_HP-UX_B.11.23_IA_PA.depot\n\nHP-UX B.11.31 (11i v3)\n A.06.20.012 or subsequent\n HP_UX_11i_v3_SecureShell_A.06.20.012_HP-UX_B.11.31_IA_PA.depot\n\nMANUAL ACTIONS: Yes - Update\n\nPRODUCT SPECIFIC INFORMATION\n\nHP-UX Software Assistant:\nHP-UX Software Assistant is an enhanced application that replaces HP-UX\nSecurity Patch Check. It analyzes all HP-issued Security Bulletins and lists\nrecommended actions that may apply to a specific HP-UX system. It can also\ndownload patches and create a depot automatically. For more information see:\nhttps://www.hp.com/go/swa\n\nAFFECTED VERSIONS\n\nHP-UX B.11.11\n==============\nSecure_Shell.SECURE_SHELL\naction: install revision A.06.20.010 or subsequent\n\nHP-UX B.11.23\n==============\nSecure_Shell.SECSH-CMN\nSecure_Shell.SECURE_SHELL\naction: install revision A.06.20.011 or subsequent\n\nHP-UX B.11.31\n==============\nSecure_Shell.SECSH-CMN\nSecure_Shell.SECURE_SHELL\naction: install revision A.06.20.012 or subsequent\n\nEND AFFECTED VERSIONS\n\nHISTORY: Version:1 (rev.1) - 7 November 2014 Initial Release\n\nThird Party Security Patches: Third party security patches that are to be\ninstalled on systems running HP software products should be applied in\naccordance with the customer\u0027s patch management policy. \n\nSupport: For issues about implementing the recommendations of this Security\nBulletin, contact normal HP Services support channel. For other issues about\nthe content of this Security Bulletin, send e-mail to security-alert@hp.com. \n\nReport: To report a potential security vulnerability with any HP supported\nproduct, send Email to: security-alert@hp.com\n\nSubscribe: To initiate a subscription to receive future HP Security Bulletin\nalerts via Email:\nhttp://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins\n\nSecurity Bulletin Archive: A list of recently released Security Bulletins is\navailable here:\nhttps://h20564.www2.hp.com/portal/site/hpsc/public/kb/secBullArchive/\n\nSoftware Product Category: The Software Product Category is represented in\nthe title by the two characters following HPSB. \n\n3C = 3COM\n3P = 3rd Party Software\nGN = HP General Software\nHF = HP Hardware and Firmware\nMP = MPE/iX\nMU = Multi-Platform Software\nNS = NonStop Servers\nOV = OpenVMS\nPI = Printing and Imaging\nPV = ProCurve\nST = Storage Software\nTU = Tru64 UNIX\nUX = HP-UX\n\nCopyright 2014 Hewlett-Packard Development Company, L.P. \nHewlett-Packard Company shall not be liable for technical or editorial errors\nor omissions contained herein. The information provided is provided \"as is\"\nwithout warranty of any kind. To the extent permitted by law, neither HP or\nits affiliates, subcontractors or suppliers will be liable for\nincidental,special or consequential damages including downtime cost; lost\nprofits; damages relating to the procurement of substitute products or\nservices; or damages for loss of data, or software restoration. The\ninformation in this document is subject to change without notice. \nHewlett-Packard Company and the names of Hewlett-Packard products referenced\nherein are trademarks of Hewlett-Packard Company in the United States and\nother countries. Other product and company names mentioned herein may be\ntrademarks of their respective owners",
"sources": [
{
"db": "NVD",
"id": "CVE-2014-2532"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-001718"
},
{
"db": "BID",
"id": "66355"
},
{
"db": "VULMON",
"id": "CVE-2014-2532"
},
{
"db": "PACKETSTORM",
"id": "125940"
},
{
"db": "PACKETSTORM",
"id": "128654"
},
{
"db": "PACKETSTORM",
"id": "126580"
},
{
"db": "PACKETSTORM",
"id": "133803"
},
{
"db": "PACKETSTORM",
"id": "126075"
},
{
"db": "PACKETSTORM",
"id": "125859"
},
{
"db": "PACKETSTORM",
"id": "129077"
}
],
"trust": 2.61
},
"external_ids": {
"_id": null,
"data": [
{
"db": "NVD",
"id": "CVE-2014-2532",
"trust": 3.5
},
{
"db": "BID",
"id": "66355",
"trust": 1.4
},
{
"db": "SECUNIA",
"id": "59855",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "59313",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "57488",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "57574",
"trust": 1.1
},
{
"db": "SECTRACK",
"id": "1029925",
"trust": 1.1
},
{
"db": "JVN",
"id": "JVNVU97220341",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2014-001718",
"trust": 0.8
},
{
"db": "MLIST",
"id": "[SECURITY-ANNOUNCE] 20140315 ANNOUNCE: OPENSSH 6.6 RELEASED",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201403-336",
"trust": 0.6
},
{
"db": "JUNIPER",
"id": "JSA10661",
"trust": 0.3
},
{
"db": "VULMON",
"id": "CVE-2014-2532",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "125940",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "128654",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "126580",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "133803",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "126075",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "125859",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "129077",
"trust": 0.1
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2014-2532"
},
{
"db": "BID",
"id": "66355"
},
{
"db": "PACKETSTORM",
"id": "125940"
},
{
"db": "PACKETSTORM",
"id": "128654"
},
{
"db": "PACKETSTORM",
"id": "126580"
},
{
"db": "PACKETSTORM",
"id": "133803"
},
{
"db": "PACKETSTORM",
"id": "126075"
},
{
"db": "PACKETSTORM",
"id": "125859"
},
{
"db": "PACKETSTORM",
"id": "129077"
},
{
"db": "CNNVD",
"id": "CNNVD-201403-336"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-001718"
},
{
"db": "NVD",
"id": "CVE-2014-2532"
}
]
},
"id": "VAR-201403-0275",
"iot": {
"_id": null,
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.45272481500000006
},
"last_update_date": "2026-04-10T23:16:47.157000Z",
"patch": {
"_id": null,
"data": [
{
"title": "APPLE-SA-2015-09-30-3 OS X El Capitan 10.11",
"trust": 0.8,
"url": "http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html"
},
{
"title": "HT205267",
"trust": 0.8,
"url": "https://support.apple.com/en-us/HT205267"
},
{
"title": "HT205267",
"trust": 0.8,
"url": "http://support.apple.com/ja-jp/HT205267"
},
{
"title": "HPSBUX03188 SSRT101487",
"trust": 0.8,
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en\u0026cc=us\u0026objectID=c04499681"
},
{
"title": "AIX OpenSSH Vulnerability",
"trust": 0.8,
"url": "http://aix.software.ibm.com/aix/efixes/security/openssh_advisory4.asc"
},
{
"title": "release-6.6",
"trust": 0.8,
"url": "http://www.openssh.com/txt/release-6.6"
},
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.openssh.org/index.html"
},
{
"title": "Text Form of Oracle Critical Patch Update - October 2016 Risk Matrices",
"trust": 0.8,
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016verbose-2881725.html"
},
{
"title": "Oracle Critical Patch Update Advisory - October 2016",
"trust": 0.8,
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html"
},
{
"title": "RHSA-2014:1552",
"trust": 0.8,
"url": "http://rhn.redhat.com/errata/RHSA-2014-1552.html"
},
{
"title": "October 2016 Critical Patch Update Released",
"trust": 0.8,
"url": "https://blogs.oracle.com/security/entry/october_2016_critical_patch_update"
},
{
"title": "openssh-6.6",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=48725"
},
{
"title": "Ubuntu Security Notice: openssh vulnerability",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-2155-1"
},
{
"title": "Debian CVElist Bug Report Logs: If server offers certificate, doesn\u0027t fall back to checking SSHFP records (CVE-2014-2653)",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs\u0026qid=e2b29b5960fd84d7d2fed1e9bad51e83"
},
{
"title": "Debian Security Advisories: DSA-2894-1 openssh -- security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=097ff1ee5afacf7965034aa9b90de6de"
},
{
"title": "Amazon Linux AMI: ALAS-2014-369",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami\u0026qid=ALAS-2014-369"
},
{
"title": "Brocade Security Advisories: BSA-2017-253",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=brocade_security_advisories\u0026qid=2d463347de7f8b5b2483cc00eb7338bc"
},
{
"title": "Symantec Security Advisories: SA104 : OpenSSH Vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=symantec_security_advisories\u0026qid=b643e473a764678a8d1ded300d5699b6"
},
{
"title": "Apple: OS X El Capitan v10.11",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=apple_security_advisories\u0026qid=e88bab658248444f5dffc23fd95859e7"
},
{
"title": "Oracle: Oracle Critical Patch Update Advisory - April 2016",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=122319027ae43d6d626710f1b1bb1d43"
},
{
"title": "Oracle: Oracle Critical Patch Update Advisory - October 2016",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=05aabe19d38058b7814ef5514aab4c0c"
},
{
"title": "Oracle: Oracle Critical Patch Update Advisory - July 2018",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=5f8c525f1408011628af1792207b2099"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2014-2532"
},
{
"db": "CNNVD",
"id": "CNNVD-201403-336"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-001718"
}
]
},
"problemtype_data": {
"_id": null,
"data": [
{
"problemtype": "CWE-264",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-001718"
},
{
"db": "NVD",
"id": "CVE-2014-2532"
}
]
},
"references": {
"_id": null,
"data": [
{
"trust": 1.7,
"url": "http://marc.info/?l=openbsd-security-announce\u0026m=139492048027313\u0026w=2"
},
{
"trust": 1.4,
"url": "http://aix.software.ibm.com/aix/efixes/security/openssh_advisory4.asc"
},
{
"trust": 1.4,
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html"
},
{
"trust": 1.2,
"url": "http://advisories.mageia.org/mgasa-2014-0143.html"
},
{
"trust": 1.2,
"url": "http://rhn.redhat.com/errata/rhsa-2014-1552.html"
},
{
"trust": 1.2,
"url": "http://www.ubuntu.com/usn/usn-2155-1"
},
{
"trust": 1.1,
"url": "http://lists.apple.com/archives/security-announce/2015/sep/msg00008.html"
},
{
"trust": 1.1,
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-june/134026.html"
},
{
"trust": 1.1,
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-may/133537.html"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=141576985122836\u0026w=2"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/57488"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/57574"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/59313"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/59855"
},
{
"trust": 1.1,
"url": "http://www.debian.org/security/2014/dsa-2894"
},
{
"trust": 1.1,
"url": "http://www.mandriva.com/security/advisories?name=mdvsa-2014:068"
},
{
"trust": 1.1,
"url": "http://www.mandriva.com/security/advisories?name=mdvsa-2015:095"
},
{
"trust": 1.1,
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html"
},
{
"trust": 1.1,
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/bid/66355"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1029925"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/91986"
},
{
"trust": 1.1,
"url": "https://support.apple.com/ht205267"
},
{
"trust": 1.0,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-2532"
},
{
"trust": 0.9,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-2532"
},
{
"trust": 0.8,
"url": "http://jvn.jp/vu/jvnvu97220341/index.html"
},
{
"trust": 0.7,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-2532"
},
{
"trust": 0.3,
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1077843"
},
{
"trust": 0.3,
"url": "http://www.openssh.com/txt/release-6.6"
},
{
"trust": 0.3,
"url": "http://www.openssh.com"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3t1021316"
},
{
"trust": 0.3,
"url": "http://kb.juniper.net/infocenter/index?page=content\u0026id=jsa10661\u0026cat=sirt_1\u0026actp=list"
},
{
"trust": 0.3,
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2016-2881694.html"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04499681"
},
{
"trust": 0.3,
"url": "https://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5097903"
},
{
"trust": 0.3,
"url": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5096510"
},
{
"trust": 0.3,
"url": "http://support.f5.com/kb/en-us/solutions/public/15000/400/sol15430.html?ref=rss"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-2653"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/264.html"
},
{
"trust": 0.1,
"url": "https://www.rapid7.com/db/vulnerabilities/amazon-linux-ami-alas-2014-369"
},
{
"trust": 0.1,
"url": "https://usn.ubuntu.com/2155-1/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "http://tools.cisco.com/security/center/viewalert.x?alertid=41307"
},
{
"trust": 0.1,
"url": "http://slackware.com"
},
{
"trust": 0.1,
"url": "http://osuosl.org)"
},
{
"trust": 0.1,
"url": "http://slackware.com/gpg-key"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2014-2532.html"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/team/key/#package"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/solutions/711953"
},
{
"trust": 0.1,
"url": "https://bugzilla.redhat.com/):"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2014-2653.html"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/articles/11258"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/team/contact/"
},
{
"trust": 0.1,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2010-4478"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-0814"
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-5107"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/glsa/glsa-201405-06.xml"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-4478"
},
{
"trust": 0.1,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2010-4755"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-5107"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-5161"
},
{
"trust": 0.1,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2008-5161"
},
{
"trust": 0.1,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-5000"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2012-0814"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-5000"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-4755"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-0287"
},
{
"trust": 0.1,
"url": "https://support.apple.com/kb/ht201222"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-0235"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-8146"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-0231"
},
{
"trust": 0.1,
"url": "http://www.apple.com/support/downloads/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-8080"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-2331"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-7187"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-1351"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-8090"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-9705"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-1352"
},
{
"trust": 0.1,
"url": "https://support.apple.com/en-"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-3951"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-8147"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-0232"
},
{
"trust": 0.1,
"url": "https://www.apple.com/support/security/pgp/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-2301"
},
{
"trust": 0.1,
"url": "https://support.apple.com/kb/ht205265."
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-8611"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-9427"
},
{
"trust": 0.1,
"url": "http://gpgtools.org"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-1855"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-2305"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-9425"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-7186"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-3618"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-9709"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-0273"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-6277"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-9652"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-0286"
},
{
"trust": 0.1,
"url": "https://www.tencent.com)"
},
{
"trust": 0.1,
"url": "http://www.mandriva.com/en/support/security/"
},
{
"trust": 0.1,
"url": "http://www.mandriva.com/en/support/security/advisories/"
},
{
"trust": 0.1,
"url": "http://advisories.mageia.org/mgasa-2014-0166.html"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-2653"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/openssh/1:6.2p2-6ubuntu0.2"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/openssh/1:5.9p1-5ubuntu1.2"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/openssh/1:5.3p1-3ubuntu7.1"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/openssh/1:6.0p1-3ubuntu1.1"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-1692"
},
{
"trust": 0.1,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/"
},
{
"trust": 0.1,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/secbullarchive/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-4548"
},
{
"trust": 0.1,
"url": "http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins"
},
{
"trust": 0.1,
"url": "https://www.hp.com/go/swa"
},
{
"trust": 0.1,
"url": "http://h20293.www2.hp.com/portal/swdepot/displayproductinfo.do?productnumber="
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2014-2532"
},
{
"db": "BID",
"id": "66355"
},
{
"db": "PACKETSTORM",
"id": "125940"
},
{
"db": "PACKETSTORM",
"id": "128654"
},
{
"db": "PACKETSTORM",
"id": "126580"
},
{
"db": "PACKETSTORM",
"id": "133803"
},
{
"db": "PACKETSTORM",
"id": "126075"
},
{
"db": "PACKETSTORM",
"id": "125859"
},
{
"db": "PACKETSTORM",
"id": "129077"
},
{
"db": "CNNVD",
"id": "CNNVD-201403-336"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-001718"
},
{
"db": "NVD",
"id": "CVE-2014-2532"
}
]
},
"sources": {
"_id": null,
"data": [
{
"db": "VULMON",
"id": "CVE-2014-2532",
"ident": null
},
{
"db": "BID",
"id": "66355",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "125940",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "128654",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "126580",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "133803",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "126075",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "125859",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "129077",
"ident": null
},
{
"db": "CNNVD",
"id": "CNNVD-201403-336",
"ident": null
},
{
"db": "JVNDB",
"id": "JVNDB-2014-001718",
"ident": null
},
{
"db": "NVD",
"id": "CVE-2014-2532",
"ident": null
}
]
},
"sources_release_date": {
"_id": null,
"data": [
{
"date": "2014-03-18T00:00:00",
"db": "VULMON",
"id": "CVE-2014-2532",
"ident": null
},
{
"date": "2014-03-21T00:00:00",
"db": "BID",
"id": "66355",
"ident": null
},
{
"date": "2014-03-30T16:38:00",
"db": "PACKETSTORM",
"id": "125940",
"ident": null
},
{
"date": "2014-10-14T23:03:32",
"db": "PACKETSTORM",
"id": "128654",
"ident": null
},
{
"date": "2014-05-12T18:51:17",
"db": "PACKETSTORM",
"id": "126580",
"ident": null
},
{
"date": "2015-10-01T16:33:47",
"db": "PACKETSTORM",
"id": "133803",
"ident": null
},
{
"date": "2014-04-09T22:40:33",
"db": "PACKETSTORM",
"id": "126075",
"ident": null
},
{
"date": "2014-03-25T18:47:40",
"db": "PACKETSTORM",
"id": "125859",
"ident": null
},
{
"date": "2014-11-12T18:14:54",
"db": "PACKETSTORM",
"id": "129077",
"ident": null
},
{
"date": "2014-03-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201403-336",
"ident": null
},
{
"date": "2014-03-19T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-001718",
"ident": null
},
{
"date": "2014-03-18T05:18:19",
"db": "NVD",
"id": "CVE-2014-2532",
"ident": null
}
]
},
"sources_update_date": {
"_id": null,
"data": [
{
"date": "2018-07-19T00:00:00",
"db": "VULMON",
"id": "CVE-2014-2532",
"ident": null
},
{
"date": "2016-10-26T01:14:00",
"db": "BID",
"id": "66355",
"ident": null
},
{
"date": "2014-03-21T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201403-336",
"ident": null
},
{
"date": "2016-11-22T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-001718",
"ident": null
},
{
"date": "2025-04-12T10:46:40.837000",
"db": "NVD",
"id": "CVE-2014-2532",
"ident": null
}
]
},
"threat_type": {
"_id": null,
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "128654"
},
{
"db": "PACKETSTORM",
"id": "126580"
},
{
"db": "PACKETSTORM",
"id": "126075"
},
{
"db": "PACKETSTORM",
"id": "125859"
},
{
"db": "CNNVD",
"id": "CNNVD-201403-336"
}
],
"trust": 1.0
},
"title": {
"_id": null,
"data": "OpenSSH of sshd Vulnerabilities that can circumvent environmental restrictions",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-001718"
}
],
"trust": 0.8
},
"type": {
"_id": null,
"data": "permissions and access control",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201403-336"
}
],
"trust": 0.6
}
}
VAR-200909-0801
Vulnerability from variot - Updated: 2026-04-10 23:16The ap_proxy_ftp_handler function in modules/proxy/proxy_ftp.c in the mod_proxy_ftp module in the Apache HTTP Server 2.0.63 and 2.2.13 allows remote FTP servers to cause a denial of service (NULL pointer dereference and child process crash) via a malformed reply to an EPSV command. The Apache 'mod_proxy_ftp' module is prone to a denial-of-service vulnerability because of a NULL-pointer dereference. Successful exploits may allow remote attackers to cause denial-of-service conditions. Given the nature of this issue, attackers may also be able to run arbitrary code, but this has not been confirmed. =========================================================== Ubuntu Security Notice USN-860-1 November 19, 2009 apache2 vulnerabilities CVE-2009-3094, CVE-2009-3095, CVE-2009-3555 ===========================================================
A security issue affects the following Ubuntu releases:
Ubuntu 6.06 LTS Ubuntu 8.04 LTS Ubuntu 8.10 Ubuntu 9.04 Ubuntu 9.10
This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu.
The problem can be corrected by upgrading your system to the following package versions:
Ubuntu 6.06 LTS: apache2-common 2.0.55-4ubuntu2.9
Ubuntu 8.04 LTS: apache2.2-common 2.2.8-1ubuntu0.14
Ubuntu 8.10: apache2.2-common 2.2.9-7ubuntu3.5
Ubuntu 9.04: apache2.2-common 2.2.11-2ubuntu2.5
Ubuntu 9.10: apache2.2-common 2.2.12-1ubuntu2.1
In general, a standard system upgrade is sufficient to effect the necessary changes.
Details follow:
Marsh Ray and Steve Dispensa discovered a flaw in the TLS and SSLv3 protocols. If an attacker could perform a man in the middle attack at the start of a TLS connection, the attacker could inject arbitrary content at the beginning of the user's session. The flaw is with TLS renegotiation and potentially affects any software that supports this feature. Attacks against the HTTPS protocol are known, with the severity of the issue depending on the safeguards used in the web application. Until the TLS protocol and underlying libraries are adjusted to defend against this vulnerability, a partial, temporary workaround has been applied to Apache that disables client initiated TLS renegotiation. This update does not protect against server initiated TLS renegotiation when using SSLVerifyClient and SSLCipherSuite on a per Directory or Location basis. (CVE-2009-3555)
It was discovered that mod_proxy_ftp in Apache did not properly sanitize its input when processing replies to EPASV and PASV commands. (CVE-2009-3094)
Another flaw was discovered in mod_proxy_ftp. (CVE-2009-3095)
Updated packages for Ubuntu 6.06 LTS:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.9.diff.gz
Size/MD5: 130638 5d172b0ca228238e211940fad6b0935d
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.9.dsc
Size/MD5: 1156 a6d575c4c0ef0ef9c4c77e7f6ddfb02d
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55.orig.tar.gz
Size/MD5: 6092031 45e32c9432a8e3cf4227f5af91b03622
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.0.55-4ubuntu2.9_all.deb
Size/MD5: 2125884 643115e9135b9bf626f3a65cfc5f2ed3
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.9_amd64.deb
Size/MD5: 834492 818915da9848657833480b1ead6b4a12
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.9_amd64.deb
Size/MD5: 229578 9086ac3033e0425ecd150b31b377ee76
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.9_amd64.deb
Size/MD5: 224594 85a4480344a072868758c466f6a98747
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.9_amd64.deb
Size/MD5: 229128 446b52088b9744fb776e53155403a474
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.9_amd64.deb
Size/MD5: 172850 17e4cd95ecb9d0390274fca9625c2e5e
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.9_amd64.deb
Size/MD5: 173636 b501407d01fa07e5807c28cd1db16cd7
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.9_amd64.deb
Size/MD5: 95454 a06ee30ec14b35003ebcb821624bc2af
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.9_amd64.deb
Size/MD5: 37510 4c063b1b8d831ea8a02d5ec691995dec
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.9_amd64.deb
Size/MD5: 287048 9cdc7502ebc526d4bc7df9b59a9d8925
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.9_amd64.deb
Size/MD5: 145624 4b613a57da2ca57678e8c8f0c1628556
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.9_i386.deb
Size/MD5: 787870 67b1855dc984e5296ac9580e2a2f0a0c
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.9_i386.deb
Size/MD5: 204122 edf40b0ff5c1824b2d6232da247ce480
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.9_i386.deb
Size/MD5: 200060 6267a56fcef78f6300372810ce36ea41
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.9_i386.deb
Size/MD5: 203580 c487929bbf45b5a4dc3d035d86f7b3a0
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.9_i386.deb
Size/MD5: 172876 bae257127c3d137e407a7db744f3d57a
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.9_i386.deb
Size/MD5: 173660 9dd0e108ab4d3382799b29d901bf4502
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.9_i386.deb
Size/MD5: 93410 d5d602c75a28873f1cd7523857e0dd80
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.9_i386.deb
Size/MD5: 37508 22049e1ea8ea88259ff3f6e94482cfb3
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.9_i386.deb
Size/MD5: 263066 43fa2ae3b43c4743c98c45ac22fb0250
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.9_i386.deb
Size/MD5: 133484 e70b7f81859cb92e0c50084e92216526
powerpc architecture (Apple Macintosh G3/G4/G5):
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.9_powerpc.deb
Size/MD5: 860622 6d386da8da90d363414846dbc7fa7f08
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.9_powerpc.deb
Size/MD5: 221470 8c207b379f7ba646c94759d3e9079dd4
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.9_powerpc.deb
Size/MD5: 217132 069cab77278b101c3c4a5b172f36ba9b
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.9_powerpc.deb
Size/MD5: 220968 2f6ba65769fc964eb6dfec8a842f7621
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.9_powerpc.deb
Size/MD5: 172874 89137c84b5a33f526daf3f8b4c047a7e
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.9_powerpc.deb
Size/MD5: 173662 23e576721faccb4aef732cf98e2358d4
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.9_powerpc.deb
Size/MD5: 105198 44f9e698567784555db7d7d971b9fce2
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.9_powerpc.deb
Size/MD5: 37518 fe7caa2a3cf6d4227ac34692de30635e
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.9_powerpc.deb
Size/MD5: 282644 ec0306c04778cf8c8edd622aabb0363c
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.9_powerpc.deb
Size/MD5: 142730 d43356422176ca29440f3e0572678093
sparc architecture (Sun SPARC/UltraSPARC):
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.9_sparc.deb
Size/MD5: 805078 0f1f6a9b04ad5ce4ea29fd0e44bf18a4
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.9_sparc.deb
Size/MD5: 211674 eb19532b9b759c806e9a95a4ffbfad9b
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.9_sparc.deb
Size/MD5: 207344 9e5770a4c94cbc4f9bc8cc11a6a038f1
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.9_sparc.deb
Size/MD5: 210948 6d1d2357cec5b88c1c2269e5c16724bc
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.9_sparc.deb
Size/MD5: 172882 d04dd123def1bc4cfbf2ac0095432eea
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.9_sparc.deb
Size/MD5: 173662 6be46bbb9e92224020da49d657cb4cd4
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.9_sparc.deb
Size/MD5: 94510 9df6ae07a9218d6159b1eebde5d58606
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.9_sparc.deb
Size/MD5: 37506 89856bb1433e67fb23c8d34423d3e0a5
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.9_sparc.deb
Size/MD5: 269070 bf585dec777b0306cd80663c11b020df
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.9_sparc.deb
Size/MD5: 131466 340eaf2d2c1f129c7676a152776cfcf3
Updated packages for Ubuntu 8.04 LTS:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.8-1ubuntu0.14.diff.gz
Size/MD5: 141838 37d5c93b425758839cbef5afea5353a2
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.8-1ubuntu0.14.dsc
Size/MD5: 1381 78c9a13cc2af0dbf3958a3fc98aeea84
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.8.orig.tar.gz
Size/MD5: 6125771 39a755eb0f584c279336387b321e3dfc
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.2.8-1ubuntu0.14_all.deb
Size/MD5: 1929318 d4faaf64c2c0af807848ea171a4efa90
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.2.8-1ubuntu0.14_all.deb
Size/MD5: 72920 065d63c19b22f0f7a8f7c28952b0b408
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-src_2.2.8-1ubuntu0.14_all.deb
Size/MD5: 6258048 33c48a093bbb868ea108a50c051437cf
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.8-1ubuntu0.14_all.deb
Size/MD5: 45850 07a9463a8e4fdf1a48766d5ad08b9a3c
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.8-1ubuntu0.14_amd64.deb
Size/MD5: 253080 3c6467ee604002a5b8ebffff8554c568
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.8-1ubuntu0.14_amd64.deb
Size/MD5: 248676 3c83ce9eb0a27f18b9c3a8c3e651cafa
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.8-1ubuntu0.14_amd64.deb
Size/MD5: 252490 cf379a515d967d89d2009be9e06d4833
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.8-1ubuntu0.14_amd64.deb
Size/MD5: 205592 af6cb62114d2e70bf859c32008a66433
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.8-1ubuntu0.14_amd64.deb
Size/MD5: 206350 9c3d5ef8e55eee98cc3e75f2ed9ffaff
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.8-1ubuntu0.14_amd64.deb
Size/MD5: 141660 958585d6391847cd5a618464054f7d37
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.8-1ubuntu0.14_amd64.deb
Size/MD5: 803974 76d23bd94465a2f96711dc1c41b31af0
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.8-1ubuntu0.14_i386.deb
Size/MD5: 236060 ad4c00dc10b406cc312982b7113fa468
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.8-1ubuntu0.14_i386.deb
Size/MD5: 231580 07ae6a192e6c859e49d48f2b2158df40
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.8-1ubuntu0.14_i386.deb
Size/MD5: 235308 18a44bbffcebde8f2d66fe3a6bdbab6d
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.8-1ubuntu0.14_i386.deb
Size/MD5: 205594 73ec71599d4c8a42a69ac3099b9d50cf
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.8-1ubuntu0.14_i386.deb
Size/MD5: 206374 c1524e4fa8265e7eaac046b114b8c463
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.8-1ubuntu0.14_i386.deb
Size/MD5: 140644 379a125b8b5b51ff8033449755ab87b8
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.8-1ubuntu0.14_i386.deb
Size/MD5: 755574 9de96c8719740c2525e3c0cf7836d60b
lpia architecture (Low Power Intel Architecture):
http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-event_2.2.8-1ubuntu0.14_lpia.deb
Size/MD5: 235578 0265d4f6ccee2d7b5ee10cfff48fed08
http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-prefork_2.2.8-1ubuntu0.14_lpia.deb
Size/MD5: 231234 611499fb33808ecdd232e2c5350f6838
http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-worker_2.2.8-1ubuntu0.14_lpia.deb
Size/MD5: 234738 d7757d2da2e542ce0fdad5994be1d8bd
http://ports.ubuntu.com/pool/main/a/apache2/apache2-prefork-dev_2.2.8-1ubuntu0.14_lpia.deb
Size/MD5: 205592 c10ac9eb401184c379b7993b6a62cde3
http://ports.ubuntu.com/pool/main/a/apache2/apache2-threaded-dev_2.2.8-1ubuntu0.14_lpia.deb
Size/MD5: 206358 fc91c0159b096e744c42014e6e5f8909
http://ports.ubuntu.com/pool/main/a/apache2/apache2-utils_2.2.8-1ubuntu0.14_lpia.deb
Size/MD5: 141212 f87d5f443e5d8e1c3eda6f976b3ceb06
http://ports.ubuntu.com/pool/main/a/apache2/apache2.2-common_2.2.8-1ubuntu0.14_lpia.deb
Size/MD5: 749716 86ae389b81b057288ff3c0b69ef68656
powerpc architecture (Apple Macintosh G3/G4/G5):
http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-event_2.2.8-1ubuntu0.14_powerpc.deb
Size/MD5: 254134 4337f858972022fa196c9a1f9bb724fb
http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-prefork_2.2.8-1ubuntu0.14_powerpc.deb
Size/MD5: 249596 44a6e21ff8fa81d09dab19cab4caffdb
http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-worker_2.2.8-1ubuntu0.14_powerpc.deb
Size/MD5: 253698 f101a1709f21320716d4c9afb356f24f
http://ports.ubuntu.com/pool/main/a/apache2/apache2-prefork-dev_2.2.8-1ubuntu0.14_powerpc.deb
Size/MD5: 205604 3f4d4f6733257a7037e35101ef792352
http://ports.ubuntu.com/pool/main/a/apache2/apache2-threaded-dev_2.2.8-1ubuntu0.14_powerpc.deb
Size/MD5: 206386 06402188459de8dab5279b5bfef768fa
http://ports.ubuntu.com/pool/main/a/apache2/apache2-utils_2.2.8-1ubuntu0.14_powerpc.deb
Size/MD5: 158390 0acffbdb7e5602b434c4f2805f8dc4d0
http://ports.ubuntu.com/pool/main/a/apache2/apache2.2-common_2.2.8-1ubuntu0.14_powerpc.deb
Size/MD5: 906022 28c3e8b63d123a4ca0632b3fed6720b5
sparc architecture (Sun SPARC/UltraSPARC):
http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-event_2.2.8-1ubuntu0.14_sparc.deb
Size/MD5: 237422 5651f53b09c0f36e1333c569980a0eb0
http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-prefork_2.2.8-1ubuntu0.14_sparc.deb
Size/MD5: 233152 1165607c64c57c84212b6b106254e885
http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-worker_2.2.8-1ubuntu0.14_sparc.deb
Size/MD5: 236606 bbe00d0707c279a16eca35258dd8f13a
http://ports.ubuntu.com/pool/main/a/apache2/apache2-prefork-dev_2.2.8-1ubuntu0.14_sparc.deb
Size/MD5: 205598 76afcd4085fa6f39055a5a3f1ef34a43
http://ports.ubuntu.com/pool/main/a/apache2/apache2-threaded-dev_2.2.8-1ubuntu0.14_sparc.deb
Size/MD5: 206372 5c67270e0a19d1558cf17cb21a114833
http://ports.ubuntu.com/pool/main/a/apache2/apache2-utils_2.2.8-1ubuntu0.14_sparc.deb
Size/MD5: 143838 28e9c3811feeac70b846279e82c23430
http://ports.ubuntu.com/pool/main/a/apache2/apache2.2-common_2.2.8-1ubuntu0.14_sparc.deb
Size/MD5: 765398 92c5b054b80b6258a1c4caac8248a40a
Updated packages for Ubuntu 8.10:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.9-7ubuntu3.5.diff.gz
Size/MD5: 137715 0e8a6128ff37a1c064d4ce881b5d3df9
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.9-7ubuntu3.5.dsc
Size/MD5: 1788 5e3c3d53b68ea3053bcca3a5e19f5911
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.9.orig.tar.gz
Size/MD5: 6396996 80d3754fc278338033296f0d41ef2c04
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.2.9-7ubuntu3.5_all.deb
Size/MD5: 2041786 cd1e98fb2064bad51f7845f203a07d79
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-src_2.2.9-7ubuntu3.5_all.deb
Size/MD5: 6538578 32e07db65f1e7b3002aedc3afce1748c
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.9-7ubuntu3.5_all.deb
Size/MD5: 45474 0f1b4fb499af61a596241bd4f0f4d35d
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.9-7ubuntu3.5_amd64.deb
Size/MD5: 254968 f2004f847cc5cbc730599352ad1f7dc6
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.9-7ubuntu3.5_amd64.deb
Size/MD5: 249196 fb001fc4f192e9b8ae1bb7161925413c
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.9-7ubuntu3.5_amd64.deb
Size/MD5: 254360 419b942bad4cf4d959afcfa3ce4314e2
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.9-7ubuntu3.5_amd64.deb
Size/MD5: 208524 0d87bf6acbf1ab5dc48c68debe7c0d26
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-suexec-custom_2.2.9-7ubuntu3.5_amd64.deb
Size/MD5: 84490 2a4df4b619debe549f48ac3e9e764305
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-suexec_2.2.9-7ubuntu3.5_amd64.deb
Size/MD5: 82838 215665711684d5b5dd04cdfa23d36462
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.9-7ubuntu3.5_amd64.deb
Size/MD5: 209550 496d387e315370c0cd83489db663a356
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.9-7ubuntu3.5_amd64.deb
Size/MD5: 147762 48061b9015c78b39b7afd834f4c81ae0
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.9-7ubuntu3.5_amd64.deb
Size/MD5: 820242 3497441009bc9db76a87fd2447ba433c
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.9-7ubuntu3.5_i386.deb
Size/MD5: 241376 488812d1a311fd67dafd5b18b6813920
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.9-7ubuntu3.5_i386.deb
Size/MD5: 236082 9256681808703f40e822c81b53f4ce3e
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.9-7ubuntu3.5_i386.deb
Size/MD5: 240668 2b6b7c11a88ed5a280f603305bee880e
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.9-7ubuntu3.5_i386.deb
Size/MD5: 208532 e0eccceba6cae5fb12f431ff0283a23e
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-suexec-custom_2.2.9-7ubuntu3.5_i386.deb
Size/MD5: 83922 ea5f69f36e344e493cce5d9c0bc69c46
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-suexec_2.2.9-7ubuntu3.5_i386.deb
Size/MD5: 82320 0d9b2f9afff4b9efe924b59e9bb039ea
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.9-7ubuntu3.5_i386.deb
Size/MD5: 209554 f4e53148ae30d5c4f060d455e4f11f95
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.9-7ubuntu3.5_i386.deb
Size/MD5: 146596 5ed6a4af9378bacfb7d4a034d9923915
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.9-7ubuntu3.5_i386.deb
Size/MD5: 778564 ffd7752394933004094c13b00113b263
lpia architecture (Low Power Intel Architecture):
http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-event_2.2.9-7ubuntu3.5_lpia.deb
Size/MD5: 238358 4955c7d577496ea4f3573345fad028a4
http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-prefork_2.2.9-7ubuntu3.5_lpia.deb
Size/MD5: 232964 76aecf38baba17a8a968329b818ec74a
http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-worker_2.2.9-7ubuntu3.5_lpia.deb
Size/MD5: 237626 83f32bd08e2e206bbdb9f92cfb1a37e5
http://ports.ubuntu.com/pool/main/a/apache2/apache2-prefork-dev_2.2.9-7ubuntu3.5_lpia.deb
Size/MD5: 208528 6672fb116e108687669c89197732fbb0
http://ports.ubuntu.com/pool/main/a/apache2/apache2-suexec-custom_2.2.9-7ubuntu3.5_lpia.deb
Size/MD5: 83870 b8f875f197017aec0fe8203c203065d7
http://ports.ubuntu.com/pool/main/a/apache2/apache2-suexec_2.2.9-7ubuntu3.5_lpia.deb
Size/MD5: 82296 d6724391ed540b351e2b660ba98af1ca
http://ports.ubuntu.com/pool/main/a/apache2/apache2-threaded-dev_2.2.9-7ubuntu3.5_lpia.deb
Size/MD5: 209550 263b43fb11c6d954d5a4bf7839e720a4
http://ports.ubuntu.com/pool/main/a/apache2/apache2-utils_2.2.9-7ubuntu3.5_lpia.deb
Size/MD5: 146282 a225b8d0f48e141eea28b2369d4595c0
http://ports.ubuntu.com/pool/main/a/apache2/apache2.2-common_2.2.9-7ubuntu3.5_lpia.deb
Size/MD5: 766494 454c737e191429c43ad3f28c9e0294a0
powerpc architecture (Apple Macintosh G3/G4/G5):
http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-event_2.2.9-7ubuntu3.5_powerpc.deb
Size/MD5: 261510 d3e1155682726cc28859156e647d97b3
http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-prefork_2.2.9-7ubuntu3.5_powerpc.deb
Size/MD5: 256082 e49d894a6e9ab612a3cbd2f189ca3d8d
http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-worker_2.2.9-7ubuntu3.5_powerpc.deb
Size/MD5: 260850 bc3cd7677cd630ac00424e73a3a6b343
http://ports.ubuntu.com/pool/main/a/apache2/apache2-prefork-dev_2.2.9-7ubuntu3.5_powerpc.deb
Size/MD5: 208542 ae1cc6b1323832528ad8f0e7130ec87d
http://ports.ubuntu.com/pool/main/a/apache2/apache2-suexec-custom_2.2.9-7ubuntu3.5_powerpc.deb
Size/MD5: 84558 68452b686e89320007e9c5367ce36345
http://ports.ubuntu.com/pool/main/a/apache2/apache2-suexec_2.2.9-7ubuntu3.5_powerpc.deb
Size/MD5: 82908 2b8c5fc4bdec1017735dc16eba41d0a6
http://ports.ubuntu.com/pool/main/a/apache2/apache2-threaded-dev_2.2.9-7ubuntu3.5_powerpc.deb
Size/MD5: 209562 a8da7487e3dcd1bdff008956728b8dd3
http://ports.ubuntu.com/pool/main/a/apache2/apache2-utils_2.2.9-7ubuntu3.5_powerpc.deb
Size/MD5: 161030 a5ffe07d5e3050c8a54c4fccd3732263
http://ports.ubuntu.com/pool/main/a/apache2/apache2.2-common_2.2.9-7ubuntu3.5_powerpc.deb
Size/MD5: 926240 8282583e86e84bd256959540f39a515d
sparc architecture (Sun SPARC/UltraSPARC):
http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-event_2.2.9-7ubuntu3.5_sparc.deb
Size/MD5: 246720 e54b4b9b354001a910ec9027dc90b0d2
http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-prefork_2.2.9-7ubuntu3.5_sparc.deb
Size/MD5: 241280 1eea25472875056e34cd2c3283c60171
http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-worker_2.2.9-7ubuntu3.5_sparc.deb
Size/MD5: 246024 5709e7421814ecfb83fff5804d429971
http://ports.ubuntu.com/pool/main/a/apache2/apache2-prefork-dev_2.2.9-7ubuntu3.5_sparc.deb
Size/MD5: 208528 25cdfd0177da7e5484d3d44f93257863
http://ports.ubuntu.com/pool/main/a/apache2/apache2-suexec-custom_2.2.9-7ubuntu3.5_sparc.deb
Size/MD5: 84096 3ffbacffcc23ffc640a2ce05d35437bf
http://ports.ubuntu.com/pool/main/a/apache2/apache2-suexec_2.2.9-7ubuntu3.5_sparc.deb
Size/MD5: 82470 17d1ca84f9455c492013f4f754a1d365
http://ports.ubuntu.com/pool/main/a/apache2/apache2-threaded-dev_2.2.9-7ubuntu3.5_sparc.deb
Size/MD5: 209546 696ef3652703523aea6208a4e51e48f1
http://ports.ubuntu.com/pool/main/a/apache2/apache2-utils_2.2.9-7ubuntu3.5_sparc.deb
Size/MD5: 150932 44c89e0249c85eed09b6f3a6a23db59d
http://ports.ubuntu.com/pool/main/a/apache2/apache2.2-common_2.2.9-7ubuntu3.5_sparc.deb
Size/MD5: 783902 773a80d7a85a452016da3b10b1f3ae43
Updated packages for Ubuntu 9.04:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.11-2ubuntu2.5.diff.gz
Size/MD5: 141023 50d6737005a6d4fe601e223a39293f99
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.11-2ubuntu2.5.dsc
Size/MD5: 1795 59720f4d7ad291c986d92ec120750c3d
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.11.orig.tar.gz
Size/MD5: 6806786 03e0a99a5de0f3f568a0087fb9993af9
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.2.11-2ubuntu2.5_all.deb
Size/MD5: 2219326 d29c903489b894ddf88b23a0fec23e5c
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.11-2ubuntu2.5_all.deb
Size/MD5: 46636 ee03585b00f277ed98c0de07a683317a
http://security.ubuntu.com/ubuntu/pool/universe/a/apache2/apache2-src_2.2.11-2ubuntu2.5_all.deb
Size/MD5: 6948222 a3505a83c13cf36c86248079127dd84d
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.11-2ubuntu2.5_amd64.deb
Size/MD5: 259028 5e9bddefad4c58c3ef9fd15d7a06988d
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.11-2ubuntu2.5_amd64.deb
Size/MD5: 253218 ee1bfbb759ffade3a52a6782e2f4b66d
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.11-2ubuntu2.5_amd64.deb
Size/MD5: 258414 8ef063026de9790bac1965427ce1b584
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.11-2ubuntu2.5_amd64.deb
Size/MD5: 213294 09701d434bd102e4205e551b4525afd1
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.11-2ubuntu2.5_amd64.deb
Size/MD5: 214258 e98de48ea01e1132c5f1248a9a018745
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.11-2ubuntu2.5_amd64.deb
Size/MD5: 151140 2f7c7f14b843b2c24de8c67356406449
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.11-2ubuntu2.5_amd64.deb
Size/MD5: 826834 28abdf1c7be886e9be2825d351abaec7
http://security.ubuntu.com/ubuntu/pool/universe/a/apache2/apache2-suexec-custom_2.2.11-2ubuntu2.5_amd64.deb
Size/MD5: 87818 670c62615e107920c45893b3377ab2a0
http://security.ubuntu.com/ubuntu/pool/universe/a/apache2/apache2-suexec_2.2.11-2ubuntu2.5_amd64.deb
Size/MD5: 86094 5a7c68fd37066287b4819cba4cfed1f2
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.11-2ubuntu2.5_i386.deb
Size/MD5: 245538 952540b7679ebc8d3ffc953f32d3be0f
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.11-2ubuntu2.5_i386.deb
Size/MD5: 240048 08a7fd4888ffd9188890e57c613c4be7
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.11-2ubuntu2.5_i386.deb
Size/MD5: 244914 955bb5121da808d44aa994386d90723f
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.11-2ubuntu2.5_i386.deb
Size/MD5: 213308 dd16143608ff8c41cb2d5cd27212a57e
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.11-2ubuntu2.5_i386.deb
Size/MD5: 214280 1e1f5d6feef40413f823a19126a018e3
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.11-2ubuntu2.5_i386.deb
Size/MD5: 150046 0769d86d26282d1d31615050ae5b8915
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.11-2ubuntu2.5_i386.deb
Size/MD5: 784198 8760e9c37147d0472dbbfe941c058829
http://security.ubuntu.com/ubuntu/pool/universe/a/apache2/apache2-suexec-custom_2.2.11-2ubuntu2.5_i386.deb
Size/MD5: 87182 21980cb1035d05f69b857870bbcbc085
http://security.ubuntu.com/ubuntu/pool/universe/a/apache2/apache2-suexec_2.2.11-2ubuntu2.5_i386.deb
Size/MD5: 85572 6a1b8a5e4cb19e815e88335757b06cf3
lpia architecture (Low Power Intel Architecture):
http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-event_2.2.11-2ubuntu2.5_lpia.deb
Size/MD5: 242386 859ad63822b7e82c81cd6dcaca088c4a
http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-prefork_2.2.11-2ubuntu2.5_lpia.deb
Size/MD5: 236924 200538ce94218c9d8af8532636bfd40a
http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-worker_2.2.11-2ubuntu2.5_lpia.deb
Size/MD5: 241822 3a3183ea4ee77d2677919d3b698f92a1
http://ports.ubuntu.com/pool/main/a/apache2/apache2-prefork-dev_2.2.11-2ubuntu2.5_lpia.deb
Size/MD5: 213286 bf81273b1db0a4a621085171c2b2b421
http://ports.ubuntu.com/pool/main/a/apache2/apache2-threaded-dev_2.2.11-2ubuntu2.5_lpia.deb
Size/MD5: 214264 ed278dab71289d2baae2ea409382fbf8
http://ports.ubuntu.com/pool/main/a/apache2/apache2-utils_2.2.11-2ubuntu2.5_lpia.deb
Size/MD5: 149758 75f6e2d7bd1cdfe5b1806062c3c859df
http://ports.ubuntu.com/pool/main/a/apache2/apache2.2-common_2.2.11-2ubuntu2.5_lpia.deb
Size/MD5: 773424 c7cdc26051bd9443ae25b73776537fb5
http://ports.ubuntu.com/pool/universe/a/apache2/apache2-suexec-custom_2.2.11-2ubuntu2.5_lpia.deb
Size/MD5: 87132 32e7ea89c96a0afce7ce1da457d947fb
http://ports.ubuntu.com/pool/universe/a/apache2/apache2-suexec_2.2.11-2ubuntu2.5_lpia.deb
Size/MD5: 85550 1d9b5963aa6ea5c01492ec417ab8510a
powerpc architecture (Apple Macintosh G3/G4/G5):
http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-event_2.2.11-2ubuntu2.5_powerpc.deb
Size/MD5: 265476 5d03fe6b2da8de98c876941ff78b066f
http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-prefork_2.2.11-2ubuntu2.5_powerpc.deb
Size/MD5: 260478 3e3aeaaf496cc86c62a831c59994c1f2
http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-worker_2.2.11-2ubuntu2.5_powerpc.deb
Size/MD5: 265154 5eae30e7a33c09b37483f3aab595d0e9
http://ports.ubuntu.com/pool/main/a/apache2/apache2-prefork-dev_2.2.11-2ubuntu2.5_powerpc.deb
Size/MD5: 213314 879534ebabbb8be86b606e1800dc9cf8
http://ports.ubuntu.com/pool/main/a/apache2/apache2-threaded-dev_2.2.11-2ubuntu2.5_powerpc.deb
Size/MD5: 214286 922033231a6aa67ecca1c400d47f09c1
http://ports.ubuntu.com/pool/main/a/apache2/apache2-utils_2.2.11-2ubuntu2.5_powerpc.deb
Size/MD5: 164444 74faf68f0baeffcd011155ca9b201039
http://ports.ubuntu.com/pool/main/a/apache2/apache2.2-common_2.2.11-2ubuntu2.5_powerpc.deb
Size/MD5: 932416 2911758e4ad1b3b401369621301ea76f
http://ports.ubuntu.com/pool/universe/a/apache2/apache2-suexec-custom_2.2.11-2ubuntu2.5_powerpc.deb
Size/MD5: 87876 1d45c033ec5498c092f30188cf1d481e
http://ports.ubuntu.com/pool/universe/a/apache2/apache2-suexec_2.2.11-2ubuntu2.5_powerpc.deb
Size/MD5: 86154 52c1d8806d52fef6f43ab53662953953
sparc architecture (Sun SPARC/UltraSPARC):
http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-event_2.2.11-2ubuntu2.5_sparc.deb
Size/MD5: 250786 4e8e98dcba5543394ed5f07d141ce408
http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-prefork_2.2.11-2ubuntu2.5_sparc.deb
Size/MD5: 245094 a82bf04fc92b8c275b0c0f25cc81ff91
http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-worker_2.2.11-2ubuntu2.5_sparc.deb
Size/MD5: 250110 092cf734813ae1d127d7b4f498f936c1
http://ports.ubuntu.com/pool/main/a/apache2/apache2-prefork-dev_2.2.11-2ubuntu2.5_sparc.deb
Size/MD5: 213312 98d7062a6bdb58637f7e850b76bfbc80
http://ports.ubuntu.com/pool/main/a/apache2/apache2-threaded-dev_2.2.11-2ubuntu2.5_sparc.deb
Size/MD5: 214286 a378e2e0418631cec0f398379a446172
http://ports.ubuntu.com/pool/main/a/apache2/apache2-utils_2.2.11-2ubuntu2.5_sparc.deb
Size/MD5: 154284 ce8b7bbccd359675b70426df15becfed
http://ports.ubuntu.com/pool/main/a/apache2/apache2.2-common_2.2.11-2ubuntu2.5_sparc.deb
Size/MD5: 789298 11f088b18425b97367d5bc141da2ef2f
http://ports.ubuntu.com/pool/universe/a/apache2/apache2-suexec-custom_2.2.11-2ubuntu2.5_sparc.deb
Size/MD5: 87384 477b6594866c8c73a8a3603e7e646c68
http://ports.ubuntu.com/pool/universe/a/apache2/apache2-suexec_2.2.11-2ubuntu2.5_sparc.deb
Size/MD5: 85686 5562ea5a0e6f01ba12adda3afb65c1b0
Updated packages for Ubuntu 9.10:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.12-1ubuntu2.1.diff.gz
Size/MD5: 185244 1ef59f9642bd9efa35e0808ea804cd0b
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.12-1ubuntu2.1.dsc
Size/MD5: 1888 d3bfdecefdd8b1adec8ab35dcf85d2b3
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.12.orig.tar.gz
Size/MD5: 6678149 17f017b571f88aa60abebfe2945d7caf
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.2.12-1ubuntu2.1_all.deb
Size/MD5: 2246560 be12bcc117bf165ffd3401486186762e
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.12-1ubuntu2.1_all.deb
Size/MD5: 2336 009d381342b0be5280835a46c91f01d9
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.12-1ubuntu2.1_all.deb
Size/MD5: 2374 7545a3750acea08e95bee86f6a3247e2
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.12-1ubuntu2.1_all.deb
Size/MD5: 2314 17719223d92d46821098ce178b5947d6
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.12-1ubuntu2.1_all.deb
Size/MD5: 284782 4321e3201d8e8d1a9e3c6fbe6864102b
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.12-1ubuntu2.1_all.deb
Size/MD5: 1424 7b4d96008368549d5600a8c1f64a7559
http://security.ubuntu.com/ubuntu/pool/universe/a/apache2/apache2-mpm-itk_2.2.12-1ubuntu2.1_all.deb
Size/MD5: 2366 46add3d428c97fa69a8848a3e4025bb0
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.12-1ubuntu2.1_amd64.deb
Size/MD5: 137080 91e4f72d0f1f0abe91555e1497558fc2
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.12-1ubuntu2.1_amd64.deb
Size/MD5: 138176 5fd6a5ed536306528f9f2c1a0281ad70
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.12-1ubuntu2.1_amd64.deb
Size/MD5: 156646 cfa55666363303b3f44a24fa2929bf01
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-bin_2.2.12-1ubuntu2.1_amd64.deb
Size/MD5: 1399630 82b36d57faa29a646e72a1125600c11c
http://security.ubuntu.com/ubuntu/pool/universe/a/apache2/apache2-suexec-custom_2.2.12-1ubuntu2.1_amd64.deb
Size/MD5: 92488 ddebef9d1a537520380f85b63c512bef
http://security.ubuntu.com/ubuntu/pool/universe/a/apache2/apache2-suexec_2.2.12-1ubuntu2.1_amd64.deb
Size/MD5: 90880 c6d163edf145da8ff6d102dc0dd1f8d7
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.12-1ubuntu2.1_i386.deb
Size/MD5: 137102 69dcd0519ca612e02102f52dcb50bf7f
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.12-1ubuntu2.1_i386.deb
Size/MD5: 138200 17221b53903d664823a55faa1ec4d9a9
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.12-1ubuntu2.1_i386.deb
Size/MD5: 155166 4347806710edff47fc051b4a68d5b448
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-bin_2.2.12-1ubuntu2.1_i386.deb
Size/MD5: 1309136 d9a7df212b315fc6f77fc87fa8eb4a04
http://security.ubuntu.com/ubuntu/pool/universe/a/apache2/apache2-suexec-custom_2.2.12-1ubuntu2.1_i386.deb
Size/MD5: 91876 289bf732dd4750a2ce61ab121b04b079
http://security.ubuntu.com/ubuntu/pool/universe/a/apache2/apache2-suexec_2.2.12-1ubuntu2.1_i386.deb
Size/MD5: 90316 add7f446f6b524343c0066a486dd299a
lpia architecture (Low Power Intel Architecture):
http://ports.ubuntu.com/pool/main/a/apache2/apache2-prefork-dev_2.2.12-1ubuntu2.1_lpia.deb
Size/MD5: 137088 571e9f0370b5687acff25f71c4efe33e
http://ports.ubuntu.com/pool/main/a/apache2/apache2-threaded-dev_2.2.12-1ubuntu2.1_lpia.deb
Size/MD5: 138192 816a6e033f02114553bbb3627b9c6f9c
http://ports.ubuntu.com/pool/main/a/apache2/apache2-utils_2.2.12-1ubuntu2.1_lpia.deb
Size/MD5: 155090 af8272dc794250c30cd2f66b82486dc2
http://ports.ubuntu.com/pool/main/a/apache2/apache2.2-bin_2.2.12-1ubuntu2.1_lpia.deb
Size/MD5: 1290606 4c51de07f5a6fe9612de45369e6f35a5
http://ports.ubuntu.com/pool/universe/a/apache2/apache2-suexec-custom_2.2.12-1ubuntu2.1_lpia.deb
Size/MD5: 91830 06866386df811127f4fd71d6fb2a9e2a
http://ports.ubuntu.com/pool/universe/a/apache2/apache2-suexec_2.2.12-1ubuntu2.1_lpia.deb
Size/MD5: 90312 9e68bd8111503135a4eae7265b0084ae
powerpc architecture (Apple Macintosh G3/G4/G5):
http://ports.ubuntu.com/pool/main/a/apache2/apache2-prefork-dev_2.2.12-1ubuntu2.1_powerpc.deb
Size/MD5: 137096 61b24dbeb12d7998e5d7014c26410a99
http://ports.ubuntu.com/pool/main/a/apache2/apache2-threaded-dev_2.2.12-1ubuntu2.1_powerpc.deb
Size/MD5: 138202 599898ff374bde8bfa388e2615064c5a
http://ports.ubuntu.com/pool/main/a/apache2/apache2-utils_2.2.12-1ubuntu2.1_powerpc.deb
Size/MD5: 161058 fea8f5b9a80bef9c4cb3405bc37160af
http://ports.ubuntu.com/pool/main/a/apache2/apache2.2-bin_2.2.12-1ubuntu2.1_powerpc.deb
Size/MD5: 1390150 fb1a244728a509586b77d02930fcf10f
http://ports.ubuntu.com/pool/universe/a/apache2/apache2-suexec-custom_2.2.12-1ubuntu2.1_powerpc.deb
Size/MD5: 92400 572c3b0aa5ab717e8c4e4e8248aff1ff
http://ports.ubuntu.com/pool/universe/a/apache2/apache2-suexec_2.2.12-1ubuntu2.1_powerpc.deb
Size/MD5: 90774 82011ebc757d31e690698cf9913e3adc
sparc architecture (Sun SPARC/UltraSPARC):
http://ports.ubuntu.com/pool/main/a/apache2/apache2-prefork-dev_2.2.12-1ubuntu2.1_sparc.deb
Size/MD5: 137098 7f566dfade1678c72eac7dd923ab5987
http://ports.ubuntu.com/pool/main/a/apache2/apache2-threaded-dev_2.2.12-1ubuntu2.1_sparc.deb
Size/MD5: 138202 09fbc3145d768cf1f204d47b50e21528
http://ports.ubuntu.com/pool/main/a/apache2/apache2-utils_2.2.12-1ubuntu2.1_sparc.deb
Size/MD5: 159488 7cb6c81588adaee162b8c85a1f69e7a7
http://ports.ubuntu.com/pool/main/a/apache2/apache2.2-bin_2.2.12-1ubuntu2.1_sparc.deb
Size/MD5: 1297936 106b0b71f5e928c1d543973b5b1f015b
http://ports.ubuntu.com/pool/universe/a/apache2/apache2-suexec-custom_2.2.12-1ubuntu2.1_sparc.deb
Size/MD5: 92166 28899fe31226880dfa961d8b05e8fa43
http://ports.ubuntu.com/pool/universe/a/apache2/apache2-suexec_2.2.12-1ubuntu2.1_sparc.deb
Size/MD5: 90554 f207de0099ed259e2af736e8c82f91c2
. Note that this security issue does not really apply as zlib compression is not enabled in the openssl build provided by Mandriva, but apache is patched to address this issue anyway (conserns 2008.1 only).
Cross-site scripting (XSS) vulnerability in proxy_ftp.c in the mod_proxy_ftp module in Apache 2.0.63 and earlier, and mod_proxy_ftp.c in the mod_proxy_ftp module in Apache 2.2.9 and earlier 2.2 versions, allows remote attackers to inject arbitrary web script or HTML via wildcards in a pathname in an FTP URI (CVE-2008-2939). Note that this security issue was initially addressed with MDVSA-2008:195 but the patch fixing the issue was added but not applied in 2009.0.
The Apache HTTP Server 2.2.11 and earlier 2.2 versions does not properly handle Options=IncludesNOEXEC in the AllowOverride directive, which allows local users to gain privileges by configuring (1) Options Includes, (2) Options +Includes, or (3) Options +IncludesNOEXEC in a .htaccess file, and then inserting an exec element in a .shtml file (CVE-2009-1195).
Fix a potential Denial-of-Service attack against mod_deflate or other modules, by forcing the server to consume CPU time in compressing a large file after a client disconnects (CVE-2009-1891). NOTE: as of 20090903, this disclosure has no actionable information. However, because the VulnDisco Pack author is a reliable researcher, the issue is being assigned a CVE identifier for tracking purposes (CVE-2009-3095).
Apache is affected by SSL injection or man-in-the-middle attacks due to a design flaw in the SSL and/or TLS protocols. A short term solution was released Sat Nov 07 2009 by the ASF team to mitigate these problems. Apache will now reject in-session renegotiation (CVE-2009-3555).
Packages for 2008.0 are being provided due to extended support for Corporate products.
This update provides a solution to these vulnerabilities.
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1678 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2939 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1191 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1195 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1890 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1891 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3094 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3095 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3555 http://marc.info/?l=apache-httpd-announce&m=125755783724966&w=2
Updated Packages:
Mandriva Linux 2008.0: dd2bebdd6726d2d865331d37068a90b7 2008.0/i586/apache-base-2.2.6-8.3mdv2008.0.i586.rpm 6de9d36a91b125cc03bafe911b7a38a2 2008.0/i586/apache-devel-2.2.6-8.3mdv2008.0.i586.rpm ab7963efad1b7951c94a24075a2070e7 2008.0/i586/apache-htcacheclean-2.2.6-8.3mdv2008.0.i586.rpm 42a53b597d5547fb88b7427cacd617a1 2008.0/i586/apache-mod_authn_dbd-2.2.6-8.3mdv2008.0.i586.rpm 1dff9d313e93c94e907d8c72348ed2e0 2008.0/i586/apache-mod_cache-2.2.6-8.3mdv2008.0.i586.rpm b575ede2978ad47e41d355bd8b192725 2008.0/i586/apache-mod_dav-2.2.6-8.3mdv2008.0.i586.rpm 8ff3dee24d2d2d9a8d13e567cf1eaced 2008.0/i586/apache-mod_dbd-2.2.6-8.3mdv2008.0.i586.rpm 7bae541dfec14b21700878514750de83 2008.0/i586/apache-mod_deflate-2.2.6-8.3mdv2008.0.i586.rpm 19cab766a26ce53bd7e7973ed92f0db4 2008.0/i586/apache-mod_disk_cache-2.2.6-8.3mdv2008.0.i586.rpm a1336e4ab4f282c388d7565bde4557fd 2008.0/i586/apache-mod_file_cache-2.2.6-8.3mdv2008.0.i586.rpm 6b2f2eb949977349390fa3b06cf257e7 2008.0/i586/apache-mod_ldap-2.2.6-8.3mdv2008.0.i586.rpm 3640bbef5262ec0407126e31dd5ddde3 2008.0/i586/apache-mod_mem_cache-2.2.6-8.3mdv2008.0.i586.rpm 98793747365606baabc08f22e36a0a04 2008.0/i586/apache-mod_proxy-2.2.6-8.3mdv2008.0.i586.rpm d7fe4d88f25d2a01b0809ab5292b0999 2008.0/i586/apache-mod_proxy_ajp-2.2.6-8.3mdv2008.0.i586.rpm 4c9f48adbd0b1d45a874f06b9275ebe3 2008.0/i586/apache-mod_ssl-2.2.6-8.3mdv2008.0.i586.rpm e5a1d9476316ccc9f183cb1ae5bbcf31 2008.0/i586/apache-modules-2.2.6-8.3mdv2008.0.i586.rpm 44f7810695a40519c68930695829f124 2008.0/i586/apache-mod_userdir-2.2.6-8.3mdv2008.0.i586.rpm d6f666e9954422664d1f029fc147b591 2008.0/i586/apache-mpm-event-2.2.6-8.3mdv2008.0.i586.rpm 75e205ddbc9313b8d02519e57919923a 2008.0/i586/apache-mpm-itk-2.2.6-8.3mdv2008.0.i586.rpm 6d68e8fa7baccc2ad090c703fb33458e 2008.0/i586/apache-mpm-prefork-2.2.6-8.3mdv2008.0.i586.rpm 331f18ce48403472fc7f8af6d5daee8e 2008.0/i586/apache-mpm-worker-2.2.6-8.3mdv2008.0.i586.rpm c75e69bcabc104938cb9033e591d1de8 2008.0/i586/apache-source-2.2.6-8.3mdv2008.0.i586.rpm 23fcdf29e21b0146fb5646baca2fa63b 2008.0/SRPMS/apache-2.2.6-8.3mdv2008.0.src.rpm
Mandriva Linux 2008.0/X86_64: 3d4afe3f8da8369d80b6c195e132c5c0 2008.0/x86_64/apache-base-2.2.6-8.3mdv2008.0.x86_64.rpm 37034ee7c7eb813de2a00a6945a10248 2008.0/x86_64/apache-devel-2.2.6-8.3mdv2008.0.x86_64.rpm ba296f9aa229a616a2c406d1a16912c3 2008.0/x86_64/apache-htcacheclean-2.2.6-8.3mdv2008.0.x86_64.rpm 77fa75d36e7a4bbe154c846e3271e7a3 2008.0/x86_64/apache-mod_authn_dbd-2.2.6-8.3mdv2008.0.x86_64.rpm ca29e2db08b29e319f2392b46ea4c3fe 2008.0/x86_64/apache-mod_cache-2.2.6-8.3mdv2008.0.x86_64.rpm 3fbf5a0276adaa2d887a92482d81313f 2008.0/x86_64/apache-mod_dav-2.2.6-8.3mdv2008.0.x86_64.rpm 9c66e471c2d2d3e43462302d0cc6f1c9 2008.0/x86_64/apache-mod_dbd-2.2.6-8.3mdv2008.0.x86_64.rpm 05020102a26a28b96319b23e3b6e43d6 2008.0/x86_64/apache-mod_deflate-2.2.6-8.3mdv2008.0.x86_64.rpm 7191542417b30ed77334f1b8366628aa 2008.0/x86_64/apache-mod_disk_cache-2.2.6-8.3mdv2008.0.x86_64.rpm f4177dbdcfd2e3dc8e66be731ad731c4 2008.0/x86_64/apache-mod_file_cache-2.2.6-8.3mdv2008.0.x86_64.rpm fea417664f0a2689fa12308bd80c2fe4 2008.0/x86_64/apache-mod_ldap-2.2.6-8.3mdv2008.0.x86_64.rpm 9cf956fa426e6bdf6497337b6e26a2ab 2008.0/x86_64/apache-mod_mem_cache-2.2.6-8.3mdv2008.0.x86_64.rpm 0d9d04ca878bb3f19f4764152da42d82 2008.0/x86_64/apache-mod_proxy-2.2.6-8.3mdv2008.0.x86_64.rpm dbbcd75dd83779f54f98fa3e16b59f13 2008.0/x86_64/apache-mod_proxy_ajp-2.2.6-8.3mdv2008.0.x86_64.rpm dce8db6742ba28a71e18b86bb38688c8 2008.0/x86_64/apache-mod_ssl-2.2.6-8.3mdv2008.0.x86_64.rpm 2ff69d6e9c2cd3250f6746d4a7d921fd 2008.0/x86_64/apache-modules-2.2.6-8.3mdv2008.0.x86_64.rpm f298827d4dfa631a77907f7f5733fa29 2008.0/x86_64/apache-mod_userdir-2.2.6-8.3mdv2008.0.x86_64.rpm 6f02fb080e308ca0826fdb1ef00a1489 2008.0/x86_64/apache-mpm-event-2.2.6-8.3mdv2008.0.x86_64.rpm b886d30d73c60a515b3ed36d7f186378 2008.0/x86_64/apache-mpm-itk-2.2.6-8.3mdv2008.0.x86_64.rpm 62d7754a5aa7af596cc06cd540d4025f 2008.0/x86_64/apache-mpm-prefork-2.2.6-8.3mdv2008.0.x86_64.rpm d3438e0967978e580be896bd85f1d953 2008.0/x86_64/apache-mpm-worker-2.2.6-8.3mdv2008.0.x86_64.rpm e72af335ec7c3c02b5a494fbd6e99e0e 2008.0/x86_64/apache-source-2.2.6-8.3mdv2008.0.x86_64.rpm 23fcdf29e21b0146fb5646baca2fa63b 2008.0/SRPMS/apache-2.2.6-8.3mdv2008.0.src.rpm
To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandriva Linux at:
http://www.mandriva.com/security/advisories
If you want to report vulnerabilities, please contact
security_(at)_mandriva.com
Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux)
iD8DBQFLHQcamqjQ0CJFipgRAsJgAKDf5oc5UbEz3j+qsMn3tL6F8cujygCfY+cu MUj4lK2Wsb+qzbv2V+Ih30U= =VdZS -----END PGP SIGNATURE----- . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Debian Security Advisory DSA-1934-1 security@debian.org http://www.debian.org/security/ Stefan Fritsch November 16, 2009 http://www.debian.org/security/faq
Package : apache2 Vulnerability : multiple issues Problem type : remote Debian-specific: no CVE Id(s) : CVE-2009-3094 CVE-2009-3095 CVE-2009-3555
A design flaw has been found in the TLS and SSL protocol that allows an attacker to inject arbitrary content at the beginning of a TLS/SSL connection. The attack is related to the way how TLS and SSL handle session renegotiations. CVE-2009-3555 has been assigned to this vulnerability.
As a partial mitigation against this attack, this apache2 update disables client-initiated renegotiations. This should fix the vulnerability for the majority of Apache configurations in use.
NOTE: This is not a complete fix for the problem. The attack is still possible in configurations where the server initiates the renegotiation. This is the case for the following configurations (the information in the changelog of the updated packages is slightly inaccurate):
-
- The "SSLVerifyClient" directive is used in a Directory or Location context.
-
- The "SSLCipherSuite" directive is used in a Directory or Location context.
As a workaround, you may rearrange your configuration in a way that SSLVerifyClient and SSLCipherSuite are only used on the server or virtual host level.
A complete fix for the problem will require a protocol change. Further information will be included in a separate announcement about this issue.
CVE-2009-3095: Insufficient input validation in the mod_proxy_ftp module allowed remote authenticated attackers to bypass intended access restrictions and send arbitrary FTP commands to an FTP server.
For the stable distribution (lenny), these problems have been fixed in version 2.2.9-10+lenny6. This version also includes some non-security bug fixes that were scheduled for inclusion in the next stable point release (Debian 5.0.4).
The oldstable distribution (etch), these problems have been fixed in version 2.2.3-4+etch11.
For the testing distribution (squeeze) and the unstable distribution (sid), these problems will be fixed in version 2.2.14-2.
This advisory also provides updated apache2-mpm-itk packages which have been recompiled against the new apache2 packages.
Updated apache2-mpm-itk packages for the armel architecture are not included yet. They will be released as soon as they become available.
We recommend that you upgrade your apache2 and apache2-mpm-itk packages.
Upgrade instructions
wget url will fetch the file for you dpkg -i file.deb will install the referenced file.
If you are using the apt-get package manager, use the line for sources.list as given below:
apt-get update will update the internal database apt-get upgrade will install corrected packages
You may use an automated update by adding the resources from the footer to the proper configuration.
Debian GNU/Linux 4.0 alias etch (oldstable)
Oldstable updates are available for alpha, amd64, arm, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.
Source archives:
http://security.debian.org/pool/updates/main/a/apache2/apache2_2.2.3-4+etch11.dsc Size/MD5 checksum: 1071 dff8f31d88ede35bb87f92743d2db202 http://security.debian.org/pool/updates/main/a/apache2/apache2_2.2.3.orig.tar.gz Size/MD5 checksum: 6342475 f72ffb176e2dc7b322be16508c09f63c http://security.debian.org/pool/updates/main/a/apache2/apache2_2.2.3-4+etch11.diff.gz Size/MD5 checksum: 124890 c9b197b2a4bade4e92f3c65b88eea614
Architecture independent packages:
http://security.debian.org/pool/updates/main/a/apache2/apache2-doc_2.2.3-4+etch11_all.deb Size/MD5 checksum: 2247064 357f2daba8360eaf00b0157326c4d258 http://security.debian.org/pool/updates/main/a/apache2/apache2-src_2.2.3-4+etch11_all.deb Size/MD5 checksum: 6668542 043a6a14dc48aae5fa8101715f4ddf81 http://security.debian.org/pool/updates/main/a/apache2/apache2_2.2.3-4+etch11_all.deb Size/MD5 checksum: 41626 27661a99c55641d534a5ffe4ea828c4b http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-perchild_2.2.3-4+etch11_all.deb Size/MD5 checksum: 275872 8ff0ac120a46e235a9253df6be09e4d5
alpha architecture (DEC Alpha)
http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.3-4+etch11_alpha.deb Size/MD5 checksum: 346016 02b337e48ef627e13d79ad3919bc380d http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.3-4+etch11_alpha.deb Size/MD5 checksum: 407682 f01d7e23f206baed1e42c60e15fe240f http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.3-4+etch11_alpha.deb Size/MD5 checksum: 1017408 1c8dccbed0a309ed0b74b83667f1d587 http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.3-4+etch11_alpha.deb Size/MD5 checksum: 449704 b227ff8c9bceaa81488fec48b81f18f6 http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.3-4+etch11_alpha.deb Size/MD5 checksum: 450266 766ba095925ee31c175716084f41b3cf http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.3-4+etch11_alpha.deb Size/MD5 checksum: 444898 3b1d9a9531c82872d36ce295d6cba581 http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.3-4+etch11_alpha.deb Size/MD5 checksum: 407030 eedabbc4930b3c14012f57ec7956847b http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.3-01-2+etch4+b1_alpha.deb Size/MD5 checksum: 184920 2d152290678598aeacd32564c2ec37c2
amd64 architecture (AMD x86_64 (AMD64))
http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.3-4+etch11_amd64.deb Size/MD5 checksum: 409010 15d5dda7eb1e9e8d406cd9ff4b25e60f http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.3-4+etch11_amd64.deb Size/MD5 checksum: 408330 0bf271280295146f4ded8c02335e8fc1 http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.3-4+etch11_amd64.deb Size/MD5 checksum: 1000068 f92b3deafb9ce263d0d66b753231a003 http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.3-4+etch11_amd64.deb Size/MD5 checksum: 436268 9ef6b02f0ecf9905c14114a464c86f80 http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.3-4+etch11_amd64.deb Size/MD5 checksum: 432320 b734b0c2f1d2177a828cff7d8e34d17c http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.3-4+etch11_amd64.deb Size/MD5 checksum: 342152 ef061f914027b41b788a31758d7c4e96 http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.3-4+etch11_amd64.deb Size/MD5 checksum: 436766 deb97a3637ae8be3e016e37c038bc470 http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.3-01-2+etch4+b1_amd64.deb Size/MD5 checksum: 172802 0550f661c804ef0c0ec31e1928f5f97d
arm architecture (ARM)
http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.3-4+etch11_arm.deb Size/MD5 checksum: 421056 b55b215aee8398e6388a73b421229db7 http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.3-4+etch11_arm.deb Size/MD5 checksum: 408940 8782732ef6487ef268abf2856ec5e2c0 http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.3-4+etch11_arm.deb Size/MD5 checksum: 408140 f3627e52eaf7a011a5a624ea25fa058b http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.3-4+etch11_arm.deb Size/MD5 checksum: 968448 ac1354c562e7969e47561f4cba3a859b http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.3-4+etch11_arm.deb Size/MD5 checksum: 346166 a8729d03737330075908c2b8b2f5ce0b http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.3-01-2+etch4+b1_arm.deb Size/MD5 checksum: 157634 53c277ca7e52e7e60a523183e87beec3 http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.3-4+etch11_arm.deb Size/MD5 checksum: 421782 b17f7ce0bfd6fee4877d9bccaf82770e http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.3-4+etch11_arm.deb Size/MD5 checksum: 417026 03b845039bf49fba64f064acda350f43
hppa architecture (HP PA RISC)
http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.3-4+etch11_hppa.deb Size/MD5 checksum: 444058 16fb9ac5807fcf161321ffc8467e963d http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.3-01-2+etch4+b1_hppa.deb Size/MD5 checksum: 179532 b1f7b89ac1e830b72e30c9476b813263 http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.3-4+etch11_hppa.deb Size/MD5 checksum: 352116 f34f19a1bf40a37695ac0aeb3f5b6d10 http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.3-4+etch11_hppa.deb Size/MD5 checksum: 443324 e7106e9195fcd9f34ced7bccb009cbb7 http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.3-4+etch11_hppa.deb Size/MD5 checksum: 1078948 29a60062b3f7676f768dda1d4cdb78fd http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.3-4+etch11_hppa.deb Size/MD5 checksum: 439968 6ff5b95ba06596c04f2fc7dc3adac7ac http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.3-4+etch11_hppa.deb Size/MD5 checksum: 410880 28ce1d24c4e152624c38330d34781636 http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.3-4+etch11_hppa.deb Size/MD5 checksum: 409994 2ce21d9fc51fbbeb5e05ac7c418d7e11
i386 architecture (Intel ia32)
http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.3-4+etch11_i386.deb Size/MD5 checksum: 409776 04bafa059e90c14851f290c02fc7a29e http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.3-4+etch11_i386.deb Size/MD5 checksum: 963818 f2755fd250837dd878a24ffc8527855d http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.3-4+etch11_i386.deb Size/MD5 checksum: 425034 fc0b075a77853494886719b1bf4d7092 http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.3-4+etch11_i386.deb Size/MD5 checksum: 421206 d2758678dc6dcfb2298a5e69dbd199d0 http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.3-4+etch11_i386.deb Size/MD5 checksum: 425510 5df035120241567d62ba4154a7ade25f http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.3-01-2+etch4+b1_i386.deb Size/MD5 checksum: 161256 614f006996e6309829bf7c80bb95e3ed http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.3-4+etch11_i386.deb Size/MD5 checksum: 410518 833b5256083de5f76d83354f63916af2 http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.3-4+etch11_i386.deb Size/MD5 checksum: 343876 435638e472ccb187c7713f96840cf156
ia64 architecture (Intel ia64)
http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.3-4+etch11_ia64.deb Size/MD5 checksum: 407664 9929d570df08ea81c10235d8cfad8cec http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.3-01-2+etch4+b1_ia64.deb Size/MD5 checksum: 231808 505ed0109a851680126951f228f4ed40 http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.3-4+etch11_ia64.deb Size/MD5 checksum: 491120 d1ef23e9bbd457b1c30d50234050b112 http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.3-4+etch11_ia64.deb Size/MD5 checksum: 498202 f430c9b4231122f996799b45d68596a3 http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.3-4+etch11_ia64.deb Size/MD5 checksum: 407018 f721b04b90b8b2b5ec76916488395bdd http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.3-4+etch11_ia64.deb Size/MD5 checksum: 360664 08763e41786b3c5b28cf3e27d234419d http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.3-4+etch11_ia64.deb Size/MD5 checksum: 497388 6ef80d442fbf5046e78b9b2a0637adb9 http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.3-4+etch11_ia64.deb Size/MD5 checksum: 1204566 d1cc5f38e5683c539db6673611585b67
mips architecture (MIPS (Big Endian))
http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.3-4+etch11_mips.deb Size/MD5 checksum: 430112 01c3cf5fc888bff3967c95736b3caf40 http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.3-4+etch11_mips.deb Size/MD5 checksum: 407674 688656128f0f46e8b35da61d731e244f http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.3-4+etch11_mips.deb Size/MD5 checksum: 434122 791a223b58a6a3a00fdd5517decc6ff2 http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.3-4+etch11_mips.deb Size/MD5 checksum: 951736 68a93c433a24dd42b461907c2b61c6d2 http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.3-4+etch11_mips.deb Size/MD5 checksum: 407022 10cf7a6fa3ad60183a80b7fddc08ed98 http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.3-4+etch11_mips.deb Size/MD5 checksum: 350066 ab3498abf9ddc41f0665be9c2912beab http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.3-4+etch11_mips.deb Size/MD5 checksum: 434784 2d07f9376a7c7eb6229e0c5238e604fc http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.3-01-2+etch4+b1_mips.deb Size/MD5 checksum: 169932 db0ecd6b89594ecbff3bacd9d184f808
mipsel architecture (MIPS (Little Endian))
http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.3-4+etch11_mipsel.deb Size/MD5 checksum: 428958 3c7b9e69ccbeb0db17d437ece3717b65 http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.3-4+etch11_mipsel.deb Size/MD5 checksum: 407040 61a67a76dd0acfaeb747d5ee745cb3fa http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.3-4+etch11_mipsel.deb Size/MD5 checksum: 433736 74adf126949edfd4b1af734b3a8255f8 http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.3-4+etch11_mipsel.deb Size/MD5 checksum: 951730 3c9d5a12163e7d1c939d26829a4454f1 http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.3-4+etch11_mipsel.deb Size/MD5 checksum: 407694 0297490b8b4aff5e1a4527a9c897fbee http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.3-4+etch11_mipsel.deb Size/MD5 checksum: 350302 843a3c227ba43dc4b882c96cad62a6eb http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.3-4+etch11_mipsel.deb Size/MD5 checksum: 434220 b18b6688a18a11d7bfa20d486c13ae64 http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.3-01-2+etch4+b1_mipsel.deb Size/MD5 checksum: 168814 6eedc4fb9e8027cf6d11c427a1cc4f8c
powerpc architecture (PowerPC)
http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.3-4+etch11_powerpc.deb Size/MD5 checksum: 1061292 0a43b7054755c361229d5e14db9c3156 http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.3-4+etch11_powerpc.deb Size/MD5 checksum: 432806 ebe9b3113da3361dabf67acd291f9d93 http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.3-01-2+etch4+b1_powerpc.deb Size/MD5 checksum: 168374 ab7eb4de4a4c224a94698ebb67f627ea http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.3-4+etch11_powerpc.deb Size/MD5 checksum: 433416 0c53941e7e8765780e4e4a71f81a592b http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.3-4+etch11_powerpc.deb Size/MD5 checksum: 354920 0682a419e0d59ff5a2af1f322991b157 http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.3-4+etch11_powerpc.deb Size/MD5 checksum: 410150 69ddc8b0b8ec235e65eabde0adbc1db7 http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.3-4+etch11_powerpc.deb Size/MD5 checksum: 428826 f556fd9726b4c66bbe6fdc05b84d9918 http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.3-4+etch11_powerpc.deb Size/MD5 checksum: 409396 d4b779470977873916bff7353829f172
s390 architecture (IBM S/390)
http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.3-4+etch11_s390.deb Size/MD5 checksum: 437364 0d844765789f2fcc4cf0c24e755b4c3d http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.3-4+etch11_s390.deb Size/MD5 checksum: 994710 63d476187cc9eed384ff792ce8b6f471 http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.3-4+etch11_s390.deb Size/MD5 checksum: 443278 114375b6439d8a9cf344dd4829c7b6d2 http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.3-4+etch11_s390.deb Size/MD5 checksum: 407682 e0db3031b4bb381a0f3178569d4c514a http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.3-4+etch11_s390.deb Size/MD5 checksum: 442268 219d9f7f67d2a53a3c3e700c68a6d682 http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.3-4+etch11_s390.deb Size/MD5 checksum: 348624 ac97c9840e0cb11a1cf1e44fd1875015 http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.3-4+etch11_s390.deb Size/MD5 checksum: 407026 6233c65e8860b416d7a6265ae2c2eda4 http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.3-01-2+etch4+b1_s390.deb Size/MD5 checksum: 177986 634687237fd58d539bc9492415a94b77
sparc architecture (Sun SPARC/UltraSPARC)
http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.3-4+etch11_sparc.deb Size/MD5 checksum: 418896 96bdf44ad9d8c1d86ee3aaf383c9dcce http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.3-4+etch11_sparc.deb Size/MD5 checksum: 412078 c9aab17ccba1846ea02df78f636a28a6 http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.3-4+etch11_sparc.deb Size/MD5 checksum: 342696 7dd353d553f6a495c506b22f60ff2a0d http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.3-01-2+etch4+b1_sparc.deb Size/MD5 checksum: 158054 60de9a240c905bdb6ffa0ab6c032096d http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.3-4+etch11_sparc.deb Size/MD5 checksum: 422966 edb7194c73d08c0bdb1eed6bd19ceb53 http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.3-4+etch11_sparc.deb Size/MD5 checksum: 422444 ad0a85ada33d687e1fc67b0fa3c40244 http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.3-4+etch11_sparc.deb Size/MD5 checksum: 960150 0dae013a3e07502409918ff649cb1375 http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.3-4+etch11_sparc.deb Size/MD5 checksum: 411290 88e769a08329b6728c6fd0770d241874
Debian GNU/Linux 5.0 alias lenny (stable)
Stable updates are available for alpha, amd64, arm, armel, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.
Source archives:
http://security.debian.org/pool/updates/main/a/apache2/apache2_2.2.9.orig.tar.gz Size/MD5 checksum: 6396996 80d3754fc278338033296f0d41ef2c04 http://security.debian.org/pool/updates/main/a/apache2/apache2_2.2.9-10+lenny6.dsc Size/MD5 checksum: 1673 f6846ac2d9cbd7887629a9c503154310 http://security.debian.org/pool/updates/main/a/apache2/apache2_2.2.9-10+lenny6.diff.gz Size/MD5 checksum: 145719 fd456ef168b7f1ca1055ffbca1df53db
Architecture independent packages:
http://security.debian.org/pool/updates/main/a/apache2/apache2-doc_2.2.9-10+lenny6_all.deb Size/MD5 checksum: 2060318 c2499fa1040a9ace89c1a969de4db870 http://security.debian.org/pool/updates/main/a/apache2/apache2-src_2.2.9-10+lenny6_all.deb Size/MD5 checksum: 6736558 e09131a305cf2e51d3c14ed7c1beaf5d http://security.debian.org/pool/updates/main/a/apache2/apache2_2.2.9-10+lenny6_all.deb Size/MD5 checksum: 45238 922ce7e9d14885bab9c9cbbfab99fbd3
alpha architecture (DEC Alpha)
http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.9-10+lenny6_alpha.deb Size/MD5 checksum: 209720 29861b61a3ae0912a7eb1ba2096b0421 http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec-custom_2.2.9-10+lenny6_alpha.deb Size/MD5 checksum: 84444 af60f321516a06fc9588433ba2c1a88e http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.9-10+lenny6_alpha.deb Size/MD5 checksum: 256598 730d50c0f57ba7aad84e6897217bf42d http://security.debian.org/pool/updates/main/a/apache2/apache2-dbg_2.2.9-10+lenny6_alpha.deb Size/MD5 checksum: 2402082 b932e642a152e30f948437d7313d2dcf http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec_2.2.9-10+lenny6_alpha.deb Size/MD5 checksum: 82728 bb04bbeae7865acad1ae89e943702623 http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.6-02-1+lenny2+b2_alpha.deb Size/MD5 checksum: 198236 61b2f1529a056145d9ea8a87c5c5e8c0 http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.9-10+lenny6_alpha.deb Size/MD5 checksum: 208690 f6d15e0b6fa15a3738e9130b4044ce37 http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.9-10+lenny6_alpha.deb Size/MD5 checksum: 849014 dddd323a55b010c29a8626194b71a7a1 http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.9-10+lenny6_alpha.deb Size/MD5 checksum: 147844 40f11b60e0f5154680f16c1c67943101 http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.9-10+lenny6_alpha.deb Size/MD5 checksum: 261662 7b88269d9ce2877809a0f47daa4e756d http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.9-10+lenny6_alpha.deb Size/MD5 checksum: 262336 eced46181f89a7f8ee636c0dce4789f7
amd64 architecture (AMD x86_64 (AMD64))
http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.9-10+lenny6_amd64.deb Size/MD5 checksum: 210246 bb629f54f383bfcce66a6bf0bc1a2b6d http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.9-10+lenny6_amd64.deb Size/MD5 checksum: 825462 051201fb8baa9a7a961961dd5082929a http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.9-10+lenny6_amd64.deb Size/MD5 checksum: 257694 3b8c5bff06a870ccd062ce53771a43a4 http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.9-10+lenny6_amd64.deb Size/MD5 checksum: 211268 5e07756440fecd3a3ee3815a6cff3ff5 http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.9-10+lenny6_amd64.deb Size/MD5 checksum: 258424 92c5467fbef1d4da6803507b679df099 http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec_2.2.9-10+lenny6_amd64.deb Size/MD5 checksum: 82532 40718aa8ebb6532404fad4b5ee2a1e09 http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec-custom_2.2.9-10+lenny6_amd64.deb Size/MD5 checksum: 84140 743b1e0fd988539a7346bddbcd573767 http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.9-10+lenny6_amd64.deb Size/MD5 checksum: 253708 bcc5c9f767c1e62913af45827f04b83f http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.6-02-1+lenny2+b2_amd64.deb Size/MD5 checksum: 195214 42f4650b895a51b853c253bbbd1e2cc0 http://security.debian.org/pool/updates/main/a/apache2/apache2-dbg_2.2.9-10+lenny6_amd64.deb Size/MD5 checksum: 2455308 9b8792a5defa5193d825d31dc47b43f2 http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.9-10+lenny6_amd64.deb Size/MD5 checksum: 144980 240232c2f4932579c60ecee786c0af26
arm architecture (ARM)
http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.9-10+lenny6_arm.deb Size/MD5 checksum: 224760 9615e8207a01d2759de57b58cd885286 http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec-custom_2.2.9-10+lenny6_arm.deb Size/MD5 checksum: 83230 c840cb7342a3a83e0587fd3baacce760 http://security.debian.org/pool/updates/main/a/apache2/apache2-dbg_2.2.9-10+lenny6_arm.deb Size/MD5 checksum: 2327178 39819fd5f56728620aaefdbe10887c2b http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.9-10+lenny6_arm.deb Size/MD5 checksum: 147202 f7ebf064272389cf2dd7db7bfe3ff267 http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.6-02-1+lenny2+b2_arm.deb Size/MD5 checksum: 161596 b7a2763998f12394ecae68df6ec73fbb http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.9-10+lenny6_arm.deb Size/MD5 checksum: 223898 fbd3f6bc3340643f55862e5b14947345 http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.9-10+lenny6_arm.deb Size/MD5 checksum: 786918 a142a6fbee216aaa87378bdc53773eb2 http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.9-10+lenny6_arm.deb Size/MD5 checksum: 209812 2e4b61b494abdd8e52b219456a82e499 http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.9-10+lenny6_arm.deb Size/MD5 checksum: 219946 4ac3564788d25b492a833e2df463b41e http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec_2.2.9-10+lenny6_arm.deb Size/MD5 checksum: 81412 abe1efff8619aac89534c3f4d57c5356 http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.9-10+lenny6_arm.deb Size/MD5 checksum: 211008 865b518f1a18de1020feb2212b137a6c
armel architecture (ARM EABI)
http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.9-10+lenny6_armel.deb Size/MD5 checksum: 212612 2b8654bdda7346a2a7804800e9a11d8e http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.9-10+lenny6_armel.deb Size/MD5 checksum: 802766 535b466511548a5264b0da3a3a348381 http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.9-10+lenny6_armel.deb Size/MD5 checksum: 226068 8921ab3294cf45178f3b90fd51fbafc3 http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.9-10+lenny6_armel.deb Size/MD5 checksum: 213694 38498cbd15341da4279e4193a4708c6c http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.9-10+lenny6_armel.deb Size/MD5 checksum: 226354 57f22f55c3ca485b5974e1f2a4ef1414 http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec-custom_2.2.9-10+lenny6_armel.deb Size/MD5 checksum: 83934 6a6a2de840f638874d8ae05611f142b9 http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec_2.2.9-10+lenny6_armel.deb Size/MD5 checksum: 82284 b225eb7806650013baccae619ad08f2b http://security.debian.org/pool/updates/main/a/apache2/apache2-dbg_2.2.9-10+lenny6_armel.deb Size/MD5 checksum: 2340926 83bb45aa97542f6f796780c8a2d24c8b http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.9-10+lenny6_armel.deb Size/MD5 checksum: 221894 872e3f1df2080a84cca36f48e6c8e575 http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.9-10+lenny6_armel.deb Size/MD5 checksum: 151226 3172e8ba667991da2881ea6a7b2781cc
hppa architecture (HP PA RISC)
http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec-custom_2.2.9-10+lenny6_hppa.deb Size/MD5 checksum: 84022 f603a1c369bbc7d05efe1ad99325e020 http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.9-10+lenny6_hppa.deb Size/MD5 checksum: 153048 0568fcb47c9cad398c7fd7abe2276828 http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec_2.2.9-10+lenny6_hppa.deb Size/MD5 checksum: 82214 f27d31e710ba6640471c47a6fc240aad http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.9-10+lenny6_hppa.deb Size/MD5 checksum: 246406 f18257777ba62d65ceb3aa4842415c74 http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.9-10+lenny6_hppa.deb Size/MD5 checksum: 241578 e71e710d7889e79b85e4c20b539a4d26 http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.9-10+lenny6_hppa.deb Size/MD5 checksum: 211730 a9913999aac5559db1e75835d87a2efd http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.9-10+lenny6_hppa.deb Size/MD5 checksum: 896810 e8e2d9459750e5d9be76c00923a25696 http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.9-10+lenny6_hppa.deb Size/MD5 checksum: 245816 6a876fb502903c7bfcb5a4b8dad71a7a http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.9-10+lenny6_hppa.deb Size/MD5 checksum: 213028 f072f0ca44edc122c1b3e1da847f1c8c http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.6-02-1+lenny2+b2_hppa.deb Size/MD5 checksum: 183316 41a32b0fd061c4f2afbd740af5e8325a http://security.debian.org/pool/updates/main/a/apache2/apache2-dbg_2.2.9-10+lenny6_hppa.deb Size/MD5 checksum: 2385020 366e6e9bd1dec0ba6a784813785f13d3
i386 architecture (Intel ia32)
http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec_2.2.9-10+lenny6_i386.deb Size/MD5 checksum: 82366 ab10d1ab26c914777c5296fe9ccfe027 http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.9-10+lenny6_i386.deb Size/MD5 checksum: 241326 2ee9101bf92fcac69249094b3ca11e2a http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.9-10+lenny6_i386.deb Size/MD5 checksum: 240776 43a654cf0439fc97997a57baec5e2995 http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec-custom_2.2.9-10+lenny6_i386.deb Size/MD5 checksum: 84104 f73a1bff0a8a4426e63803c4e5c67c60 http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.9-10+lenny6_i386.deb Size/MD5 checksum: 783440 053ba7ef4fbb56547200c32c35ac8a0e http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.9-10+lenny6_i386.deb Size/MD5 checksum: 143414 c20c10a3eadac1c494a5750888875800 http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.9-10+lenny6_i386.deb Size/MD5 checksum: 237396 06841f14531fab0adb92177af849c8be http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.9-10+lenny6_i386.deb Size/MD5 checksum: 211420 69c67bd0052c70322924b901ba5f5428 http://security.debian.org/pool/updates/main/a/apache2/apache2-dbg_2.2.9-10+lenny6_i386.deb Size/MD5 checksum: 2324892 87c51cc1fb8ae2532adcfa601a7b5af4 http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.9-10+lenny6_i386.deb Size/MD5 checksum: 212726 11b86a68880fa98a130e449dec0fbbcc http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.6-02-1+lenny2+b2_i386.deb Size/MD5 checksum: 179396 4ae5716372fe19991b0d8a4cc751d45f
ia64 architecture (Intel ia64)
http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.9-10+lenny6_ia64.deb Size/MD5 checksum: 162732 0a9a153e3703f9dbd33e325d67373bce http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.6-02-1+lenny2+b2_ia64.deb Size/MD5 checksum: 247068 39445ee73d2076bfa589a5840a3d6024 http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.9-10+lenny6_ia64.deb Size/MD5 checksum: 1036624 80b366704dc888c2bea8d84c316faf33 http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.9-10+lenny6_ia64.deb Size/MD5 checksum: 208668 c2b06d3c767fa737fbf5e1c3d50d001c http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.9-10+lenny6_ia64.deb Size/MD5 checksum: 311692 77ff8879c2853c4b33903299ec3120c8 http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.9-10+lenny6_ia64.deb Size/MD5 checksum: 312616 1c20b667ebbd43b0ee1b01cd1cdd991d http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec_2.2.9-10+lenny6_ia64.deb Size/MD5 checksum: 83920 a383c7aef1758f963c019793af7b5f92 http://security.debian.org/pool/updates/main/a/apache2/apache2-dbg_2.2.9-10+lenny6_ia64.deb Size/MD5 checksum: 2317952 803f0b941814cbbc49f4e37bc3b9ca95 http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.9-10+lenny6_ia64.deb Size/MD5 checksum: 209700 59ab45d2c7c2168a941ff2fc842268e1 http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.9-10+lenny6_ia64.deb Size/MD5 checksum: 304670 067ece69f8b9518f9b18cd948c4df971 http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec-custom_2.2.9-10+lenny6_ia64.deb Size/MD5 checksum: 85802 9294d252435e8026d6135bf8efdfaf46
mips architecture (MIPS (Big Endian))
http://security.debian.org/pool/updates/main/a/apache2/apache2-dbg_2.2.9-10+lenny6_mips.deb Size/MD5 checksum: 2465158 a36366e07810785cd1f2dc3b020d3486 http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.9-10+lenny6_mips.deb Size/MD5 checksum: 780460 a5daeb91029f3b027a810ee22456ebd3 http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.9-10+lenny6_mips.deb Size/MD5 checksum: 233408 ec9001ee4c996d0b14a9e67d9ce380ec http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec_2.2.9-10+lenny6_mips.deb Size/MD5 checksum: 82082 1fc55f0526e3bf90c2156364055a1627 http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.6-02-1+lenny2+b2_mips.deb Size/MD5 checksum: 171444 789208a77578e49ebca9be904c99aff3 http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec-custom_2.2.9-10+lenny6_mips.deb Size/MD5 checksum: 83688 8612d0c31dee19c557723b08354c20d7 http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.9-10+lenny6_mips.deb Size/MD5 checksum: 149712 ac8ddf3ab4a3b0fb255adbc588e57305 http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.9-10+lenny6_mips.deb Size/MD5 checksum: 209718 8af3815f7794f4e60d72ba52d3bd19c4 http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.9-10+lenny6_mips.deb Size/MD5 checksum: 229494 c2ef345862009f2a2b979205fec22567 http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.9-10+lenny6_mips.deb Size/MD5 checksum: 208698 246c0001aaa98be577f6c5f004330285 http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.9-10+lenny6_mips.deb Size/MD5 checksum: 233980 ce7b3760443a98b0ddc0607a7a9842bf
mipsel architecture (MIPS (Little Endian))
http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.9-10+lenny6_mipsel.deb Size/MD5 checksum: 228110 e45b1c3294102e26eee671b860f4aabc http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.9-10+lenny6_mipsel.deb Size/MD5 checksum: 208710 1403636fff03ab43353cdffdef62ffd7 http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec-custom_2.2.9-10+lenny6_mipsel.deb Size/MD5 checksum: 83708 9b1c257025920f6dd0a7a2b231c97141 http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.9-10+lenny6_mipsel.deb Size/MD5 checksum: 209740 546504d6f0a2a449e9bcd618f4700ce5 http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec_2.2.9-10+lenny6_mipsel.deb Size/MD5 checksum: 82128 31209b35ecb423f2d88347df6c08eddb http://security.debian.org/pool/updates/main/a/apache2/apache2-dbg_2.2.9-10+lenny6_mipsel.deb Size/MD5 checksum: 2420074 b57ff2a01ee7f29d0dcba4214dc7fc21 http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.9-10+lenny6_mipsel.deb Size/MD5 checksum: 232140 3dfff4c54077cb221e19533f19538834 http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.9-10+lenny6_mipsel.deb Size/MD5 checksum: 778974 d9d0084ea48aaa56d2f99c632711d084 http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.6-02-1+lenny2+b2_mipsel.deb Size/MD5 checksum: 169470 f04a239ba4f1d6ae4ff8ce0960f784fd http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.9-10+lenny6_mipsel.deb Size/MD5 checksum: 232796 8ced513dc28d7165fd76076803b98188 http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.9-10+lenny6_mipsel.deb Size/MD5 checksum: 150024 c2a66c2c63eeb66df98b136cceadc780
powerpc architecture (PowerPC)
http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec-custom_2.2.9-10+lenny6_powerpc.deb Size/MD5 checksum: 84570 b43f074242385089dda2aae2e9ae1595 http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.9-10+lenny6_powerpc.deb Size/MD5 checksum: 915976 723f3349b829894595b913099f06ecc2 http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.9-10+lenny6_powerpc.deb Size/MD5 checksum: 257408 c4bab781417526a0dfdb2240ab2fef07 http://security.debian.org/pool/updates/main/a/apache2/apache2-dbg_2.2.9-10+lenny6_powerpc.deb Size/MD5 checksum: 2495210 6fb817120bcb095006fd09d2318f28ee http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.6-02-1+lenny2+b2_powerpc.deb Size/MD5 checksum: 195192 6b4d950e48c6cdfd00d403e42b719b40 http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.9-10+lenny6_powerpc.deb Size/MD5 checksum: 208684 ece82cc979cff6832d51a6caf51f38b5 http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec_2.2.9-10+lenny6_powerpc.deb Size/MD5 checksum: 82908 c54a24103b503b5de1b27993ee33610f http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.9-10+lenny6_powerpc.deb Size/MD5 checksum: 160960 361e2bae65d5f1303073d8e4d88ccdb7 http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.9-10+lenny6_powerpc.deb Size/MD5 checksum: 209714 81fbc6671b2d4137dc52232e9d572ea9 http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.9-10+lenny6_powerpc.deb Size/MD5 checksum: 258234 6dbd57dc907e93b5e9dcd3058e99b30f http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.9-10+lenny6_powerpc.deb Size/MD5 checksum: 253294 696e2e9219d6e029c0c6f024045a4d5f
s390 architecture (IBM S/390)
http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec_2.2.9-10+lenny6_s390.deb Size/MD5 checksum: 82544 4e332ccedffd13b1e7b866fe71cf8a9b http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.6-02-1+lenny2+b2_s390.deb Size/MD5 checksum: 197642 e32a924a47b90452356956e3fe39d34e http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.9-10+lenny6_s390.deb Size/MD5 checksum: 255970 197eea5c422ecf37ec592bf9612c3b2f http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.9-10+lenny6_s390.deb Size/MD5 checksum: 208694 33dddaec24eb4475411eb55abb5d5e71 http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.9-10+lenny6_s390.deb Size/MD5 checksum: 150912 2aa00b2fb3b84a536030f5b5635115bc http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.9-10+lenny6_s390.deb Size/MD5 checksum: 209726 cf54089c8a33087820f8c9359e461625 http://security.debian.org/pool/updates/main/a/apache2/apache2-dbg_2.2.9-10+lenny6_s390.deb Size/MD5 checksum: 2409108 1b6e40f5d2772a0a1f26424f4b470136 http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.9-10+lenny6_s390.deb Size/MD5 checksum: 824586 ff52926d953f8b5cbde82ac31176dedb http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.9-10+lenny6_s390.deb Size/MD5 checksum: 259924 655aca8f56383ebd106ded50d8f557ea http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.9-10+lenny6_s390.deb Size/MD5 checksum: 260610 12751082d3f1466735d1b3d395d63690 http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec-custom_2.2.9-10+lenny6_s390.deb Size/MD5 checksum: 84310 9aa451ccb1513c05f4ccc0319124181e
sparc architecture (Sun SPARC/UltraSPARC)
http://security.debian.org/pool/updates/main/a/apache2/apache2-dbg_2.2.9-10+lenny6_sparc.deb Size/MD5 checksum: 2231018 fcdbb08c45ff474592590fac0aa78dac http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec-custom_2.2.9-10+lenny6_sparc.deb Size/MD5 checksum: 84568 6dcf4195e216a22ef2919806d55d5098 http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.9-10+lenny6_sparc.deb Size/MD5 checksum: 237224 9bf96cc5f932643b1c55c6a9fa238af1 http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.9-10+lenny6_sparc.deb Size/MD5 checksum: 241474 ed8557af547d9d55a075fca5cf88488d http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec_2.2.9-10+lenny6_sparc.deb Size/MD5 checksum: 82888 bde0baf83e2e972b398be6a500f77125 http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.6-02-1+lenny2+b2_sparc.deb Size/MD5 checksum: 177562 09cbb49296407c83ef1575b003dfb129 http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.9-10+lenny6_sparc.deb Size/MD5 checksum: 241014 2c10b920cdfec918af3eb148e29fca0f http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.9-10+lenny6_sparc.deb Size/MD5 checksum: 212798 28edff7612bb824fc20d88c29b8b7e1f http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.9-10+lenny6_sparc.deb Size/MD5 checksum: 781748 63e7003956d73b1a04e544c00eaa7728 http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.9-10+lenny6_sparc.deb Size/MD5 checksum: 213976 b7e758d0a2e6574944d27e2d6e40f60c http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.9-10+lenny6_sparc.deb Size/MD5 checksum: 146596 c37cea33bed94a68326b511a66bf050e
These files will probably be moved into the stable distribution on its next update. Patch kit installation instructions are provided in the file SSRT090244 Apache CVE-2009-3094, CVE-2009-3095.txt . The patch kits and installation instructions are available from the following location using ftp:
Host Account Password
ftp.usa.hp.com ewt01 Welcome1
CSWS version 2.1-1 patch kits are available for both ALPHA and ITANIUM platforms.
Itanium Images mod_proxy.exe_ia64 mod_proxy_ftp.exe_ia64
Alpha Images mod_proxy.exe_axp mod_proxy_ftp.exe_axp
The patch images will be provided in the next regularly scheduled update of CSWS 2.1-1. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c02160663 Version: 1
HPSBUX02531 SSRT100108 rev.1 - HP-UX Running Apache-based Web Server, Remote Denial of Service (DoS), Unauthorized Access
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2010-06-02 Last Updated: 2010-06-02
Potential Security Impact: Remote Denial of Service (DoS), unauthorized access
Source: Hewlett-Packard Company, HP Software Security Response Team
VULNERABILITY SUMMARY Potential security vulnerabilities have been identified with HP-UX running Apache-based Web Server. The vulnerabilities could be exploited remotely to cause a Denial of Service (DoS) or unauthorized access. Apache-based Web Server is contained in the Apache Web Server Suite.
References: CVE-2009-3094, CVE-2009-3095, CVE-2010-0408, CVE-2010-0740, CVE-2010-0433, CVE-2010-0434
SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. HP-UX B.11.23, B.11.31 running Apache-based Web Server versions before v2.2.8.09 HP-UX B.11.11, B.11.23, B.11.31 running Apache-based Web Server versions before v2.0.59.15
BACKGROUND
CVSS 2.0 Base Metrics
Reference Base Vector Base Score CVE-2009-3094 (AV:N/AC:H/Au:N/C:N/I:N/A:C) 5.4 CVE-2009-3095 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2010-0408 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 CVE-2010-0740 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 CVE-2010-0433 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3 CVE-2010-0434 (AV:N/AC:M/Au:N/C:P/I:N/A:N) 4.3 =========================================================== Information on CVSS is documented in HP Customer Notice: HPSN-2008-002
Note: CVE-2009-3094, CVE-2009-3095 and 2010-0740 affect only HP-UX Web Server Suite v2.30; CVE-2010-0408, CVE-2010-0433 and CVE-2010-0434 affect only HP-UX Web Server Suite v3.09.
RESOLUTION
HP has provided the following upgrades to resolve these vulnerabilities. The upgrades are available from the following location:
URL http://software.hp.com
Note: HP-UX Web Server Suite v3.09 contains HP-UX Apache-based Web Server v2.2.8.09 Note: HP-UX Web Server Suite v2.30 contains HP-UX Apache-based Web Server v2.0.59.15
Web Server Suite Version / HP-UX Release / Depot name
Web Server v3.09 / B.11.23 and B.11.31 PA-32 / HPUXWS22ATW-B309-32.depot
Web Server v3.09 / B.11.23 and B.11.31 IA-64 / HPUXWS22ATW-B309-64.depot
Web Server v2.30 / B.11.11 PA-32 / HPUXWSATW-B230-1111.depot
Web Server v2.30 / B.11.23 PA-32 / HPUXWSATW-B230-32.depot
Web Server v2.30 / B.11.23 IA-64 / HPUXWSATW-B230-64.depot
Web Server v2.30 / B.11.31 IA-32 / HPUXWSATW-B230-32-1131.depot
Web Server v2.30 / B.11.31 IA-64 / HPUXWSATW-B230-64-1131.depot
MANUAL ACTIONS: Yes - Update
Install Apache-based Web Server from the Apache Web Server Suite v2.30 or subsequent or Install Apache-based Web Server from the Apache Web Server Suite v3.09 or subsequent
PRODUCT SPECIFIC INFORMATION
HP-UX Software Assistant: HP-UX Software Assistant is an enhanced application that replaces HP-UX Security Patch Check. It analyzes all Security Bulletins issued by HP and lists recommended actions that may apply to a specific HP-UX system. It can also download patches and create a depot automatically. For more information see: https://www.hp.com/go/swa
The following text is for use by the HP-UX Software Assistant.
AFFECTED VERSIONS
For Web Server Suite before v3.09 HP-UX B.11.23 ================== hpuxws22APACHE.APACHE hpuxws22APACHE.APACHE2 hpuxws22APACHE.AUTH_LDAP hpuxws22APACHE.AUTH_LDAP2 hpuxws22APACHE.MOD_JK hpuxws22APACHE.MOD_JK2 hpuxws22APACHE.MOD_PERL hpuxws22APACHE.MOD_PERL2 hpuxws22APACHE.PHP hpuxws22APACHE.PHP2 action: install revision B.2.2.8.09 or subsequent
HP-UX B.11.31
hpuxws22APCH32.APACHE hpuxws22APCH32.APACHE2 hpuxws22APCH32.AUTH_LDAP hpuxws22APCH32.AUTH_LDAP2 hpuxws22APCH32.MOD_JK hpuxws22APCH32.MOD_JK2 hpuxws22APCH32.MOD_PERL hpuxws22APCH32.MOD_PERL2 hpuxws22APCH32.PHP hpuxws22APCH32.PHP2 hpuxws22APCH32.WEBPROXY hpuxws22APCH32.WEBPROXY2 action: install revision B.2.2.8.09 or subsequent
For Web Server Suite before v2.30 HP-UX B.11.11 ================== hpuxwsAPACHE.APACHE hpuxwsAPACHE.APACHE2 hpuxwsAPACHE.AUTH_LDAP hpuxwsAPACHE.AUTH_LDAP2 hpuxwsAPACHE.MOD_JK hpuxwsAPACHE.MOD_JK2 hpuxwsAPACHE.MOD_PERL hpuxwsAPACHE.MOD_PERL2 hpuxwsAPACHE.PHP hpuxwsAPACHE.PHP2 hpuxwsAPACHE.WEBPROXY action: install revision B.2.0.59.15 or subsequent
HP-UX B.11.23
hpuxwsAPCH32.APACHE hpuxwsAPCH32.APACHE2 hpuxwsAPCH32.AUTH_LDAP hpuxwsAPCH32.AUTH_LDAP2 hpuxwsAPCH32.MOD_JK hpuxwsAPCH32.MOD_JK2 hpuxwsAPCH32.MOD_PERL hpuxwsAPCH32.MOD_PERL2 hpuxwsAPCH32.PHP hpuxwsAPCH32.PHP2 hpuxwsAPCH32.WEBPROXY action: install revision B.2.0.59.15 or subsequent
HP-UX B.11.31
hpuxwsAPACHE.APACHE hpuxwsAPACHE.APACHE2 hpuxwsAPACHE.AUTH_LDAP hpuxwsAPACHE.AUTH_LDAP2 hpuxwsAPACHE.MOD_JK hpuxwsAPACHE.MOD_JK2 hpuxwsAPACHE.MOD_PERL hpuxwsAPACHE.MOD_PERL2 hpuxwsAPACHE.PHP hpuxwsAPACHE.PHP2 hpuxwsAPACHE.WEBPROXY action: install revision B.2.0.59.15 or subsequent
END AFFECTED VERSIONS
HISTORY Version:1 (rev.1) 2 June 2010 Initial release Third Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy.
Support: For further information, contact normal HP Services support channel.
Report: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com It is strongly recommended that security related information being communicated to HP be encrypted using PGP, especially exploit information. To get the security-alert PGP key, please send an e-mail message as follows: To: security-alert@hp.com Subject: get key Subscribe: To initiate a subscription to receive future HP Security Bulletins via Email: http://h30046.www3.hp.com/driverAlertProfile.php?regioncode=NA&langcode=USENG&jumpid=in_SC-GEN__driverITRC&topiccode=ITRC On the web page: ITRC security bulletins and patch sign-up Under Step1: your ITRC security bulletins and patches -check ALL categories for which alerts are required and continue. Under Step2: your ITRC operating systems -verify your operating system selections are checked and save.
To update an existing subscription: http://h30046.www3.hp.com/subSignIn.php Log in on the web page: Subscriber's choice for Business: sign-in. On the web page: Subscriber's Choice: your profile summary - use Edit Profile to update appropriate sections.
To review previously published Security Bulletins visit: http://www.itrc.hp.com/service/cki/secBullArchive.do
- The Software Product Category that this Security Bulletin relates to is represented by the 5th and 6th characters of the Bulletin number in the title:
GN = HP General SW MA = HP Management Agents MI = Misc. 3rd Party SW MP = HP MPE/iX NS = HP NonStop Servers OV = HP OpenVMS PI = HP Printing & Imaging ST = HP Storage SW TL = HP Trusted Linux TU = HP Tru64 UNIX UX = HP-UX VV = HP VirtualVault
System management and security procedures must be reviewed frequently to maintain system integrity. HP is continually reviewing and enhancing the security features of software products to provide customers with current secure solutions.
"HP is broadly distributing this Security Bulletin in order to bring to the attention of users of the affected HP products the important security information contained in this Bulletin. HP recommends that all users determine the applicability of this information to their individual situations and take appropriate action. HP does not warrant that this information is necessarily accurate or complete for all user situations and, consequently, HP will not be responsible for any damages resulting from user's use or disregard of the information provided in this Bulletin. To the extent permitted by law, HP disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose, title and non-infringement."
Copyright 2009 Hewlett-Packard Development Company, L.P. Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits;damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux)
iEYEARECAAYFAkwG2+IACgkQ4B86/C0qfVm3LACfZ2twc1MNibwpLscDC7giyJJv nksAnR0xfycsdI9Z5RyDC/o+Dnt4Q100 =/Gfl -----END PGP SIGNATURE----- .
BAC v8.07 supplies Apache 2.2.17. For other issues about the content of this Security Bulletin, send e-mail to security-alert@hp.com
Show details on source website{
"affected_products": {
"_id": null,
"data": [
{
"_id": null,
"model": "http server",
"scope": "lt",
"trust": 1.8,
"vendor": "apache",
"version": "2.0.64"
},
{
"_id": null,
"model": "http server",
"scope": "lt",
"trust": 1.8,
"vendor": "apache",
"version": "2.2.14"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 1.3,
"vendor": "debian",
"version": "5.0"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 1.3,
"vendor": "debian",
"version": "4.0"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 1.1,
"vendor": "ibm",
"version": "7.0"
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 1.1,
"vendor": "ibm",
"version": "7.0"
},
{
"_id": null,
"model": "http server",
"scope": "gte",
"trust": 1.0,
"vendor": "apache",
"version": "2.0.35"
},
{
"_id": null,
"model": "http server",
"scope": "gte",
"trust": 1.0,
"vendor": "apache",
"version": "2.2.0"
},
{
"_id": null,
"model": "fedora",
"scope": "eq",
"trust": 1.0,
"vendor": "fedoraproject",
"version": "10"
},
{
"_id": null,
"model": "fedora",
"scope": "eq",
"trust": 1.0,
"vendor": "fedoraproject",
"version": "12"
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "2.0.47.x"
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "6.0"
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "6.1"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "6.0"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "6.1"
},
{
"_id": null,
"model": "opensolaris",
"scope": null,
"trust": 0.8,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "oracle",
"version": "10"
},
{
"_id": null,
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "3 (x86)"
},
{
"_id": null,
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "3 (x86-64)"
},
{
"_id": null,
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "3.0"
},
{
"_id": null,
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "3.0 (x86-64)"
},
{
"_id": null,
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "4.0"
},
{
"_id": null,
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "4.0 (x86-64)"
},
{
"_id": null,
"model": "turbolinux appliance server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "2.0"
},
{
"_id": null,
"model": "turbolinux appliance server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "3.0"
},
{
"_id": null,
"model": "turbolinux appliance server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "3.0 (x64)"
},
{
"_id": null,
"model": "turbolinux client",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "2008"
},
{
"_id": null,
"model": "turbolinux fuji",
"scope": null,
"trust": 0.8,
"vendor": "turbo linux",
"version": null
},
{
"_id": null,
"model": "turbolinux server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "10"
},
{
"_id": null,
"model": "turbolinux server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "10 (x64)"
},
{
"_id": null,
"model": "turbolinux server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "11"
},
{
"_id": null,
"model": "turbolinux server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "11 (x64)"
},
{
"_id": null,
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "11.11"
},
{
"_id": null,
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "11.23"
},
{
"_id": null,
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "11.31"
},
{
"_id": null,
"model": "hp-ux apache-based web server",
"scope": "lt",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "v.2.2.15.03"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3 (as)"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3 (es)"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3 (ws)"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 (as)"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 (es)"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 (ws)"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4.8 (as)"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4.8 (es)"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5 (server)"
},
{
"_id": null,
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3.0"
},
{
"_id": null,
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4.0"
},
{
"_id": null,
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5.0 (client)"
},
{
"_id": null,
"model": "enterprise linux eus",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5.4.z (server)"
},
{
"_id": null,
"model": "rhel desktop workstation",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5 (client)"
},
{
"_id": null,
"model": "interstage application server",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"_id": null,
"model": "interstage studio",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"_id": null,
"model": "interstage web server",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.6,
"vendor": "apache",
"version": "2.2.13"
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.6,
"vendor": "apache",
"version": "2.0.63"
},
{
"_id": null,
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "9.10"
},
{
"_id": null,
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "9.10"
},
{
"_id": null,
"model": "linux lpia",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "9.10"
},
{
"_id": null,
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "9.10"
},
{
"_id": null,
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "9.10"
},
{
"_id": null,
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "9.04"
},
{
"_id": null,
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "9.04"
},
{
"_id": null,
"model": "linux lpia",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "9.04"
},
{
"_id": null,
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "9.04"
},
{
"_id": null,
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "9.04"
},
{
"_id": null,
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "8.10"
},
{
"_id": null,
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "8.10"
},
{
"_id": null,
"model": "linux lpia",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "8.10"
},
{
"_id": null,
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "8.10"
},
{
"_id": null,
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "8.10"
},
{
"_id": null,
"model": "linux lts sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "8.04"
},
{
"_id": null,
"model": "linux lts powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "8.04"
},
{
"_id": null,
"model": "linux lts lpia",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "8.04"
},
{
"_id": null,
"model": "linux lts i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "8.04"
},
{
"_id": null,
"model": "linux lts amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "8.04"
},
{
"_id": null,
"model": "linux lts sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"_id": null,
"model": "linux lts powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"_id": null,
"model": "linux lts i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"_id": null,
"model": "linux lts amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"_id": null,
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10.0"
},
{
"_id": null,
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "11x64"
},
{
"_id": null,
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "11"
},
{
"_id": null,
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10.0.0x64"
},
{
"_id": null,
"model": "fuji",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"_id": null,
"model": "fuji",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "0"
},
{
"_id": null,
"model": "client",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "2008"
},
{
"_id": null,
"model": "appliance server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "3.0x64"
},
{
"_id": null,
"model": "appliance server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "3.0"
},
{
"_id": null,
"model": "appliance server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "2.0"
},
{
"_id": null,
"model": "linux enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "9"
},
{
"_id": null,
"model": "linux enterprise server debuginfo",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"_id": null,
"model": "linux enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"_id": null,
"model": "linux enterprise server sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"_id": null,
"model": "linux enterprise server sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"_id": null,
"model": "linux enterprise sdk sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"_id": null,
"model": "linux enterprise sdk sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"_id": null,
"model": "linux enterprise desktop sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"_id": null,
"model": "linux enterprise desktop sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"_id": null,
"model": "linux enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"_id": null,
"model": "linux enterprise sp3 debuginfo",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"_id": null,
"model": "linux enterprise sp2 debuginfo",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"_id": null,
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10.3"
},
{
"_id": null,
"model": "solaris 10 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "solaris 10 sparc",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "opensolaris build snv 99",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "opensolaris build snv 98",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "opensolaris build snv 96",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "opensolaris build snv 95",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "opensolaris build snv 94",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "opensolaris build snv 93",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "opensolaris build snv 92",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "opensolaris build snv 91",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "opensolaris build snv 90",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "opensolaris build snv 89",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "opensolaris build snv 88",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "opensolaris build snv 87",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "opensolaris build snv 86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "opensolaris build snv 85",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "opensolaris build snv 84",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "opensolaris build snv 83",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "opensolaris build snv 82",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "opensolaris build snv 81",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "opensolaris build snv 80",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "opensolaris build snv 78",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "opensolaris build snv 77",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "opensolaris build snv 76",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "opensolaris build snv 74",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "opensolaris build snv 71",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "opensolaris build snv 68",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "opensolaris build snv 67",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "opensolaris build snv 64",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "opensolaris build snv 61",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "opensolaris build snv 59",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "opensolaris build snv 58",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "opensolaris build snv 57",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "opensolaris build snv 56",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "opensolaris build snv 54",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "opensolaris build snv 51",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "opensolaris build snv 50",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "opensolaris build snv 49",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "opensolaris build snv 48",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "opensolaris build snv 47",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "opensolaris build snv 45",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "opensolaris build snv 41",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "opensolaris build snv 39",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "opensolaris build snv 38",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "opensolaris build snv 37",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "opensolaris build snv 36",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "opensolaris build snv 35",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "opensolaris build snv 29",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "opensolaris build snv 28",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "opensolaris build snv 22",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "opensolaris build snv 19",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "opensolaris build snv 13",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "opensolaris build snv 111a",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "opensolaris build snv 111",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "opensolaris build snv 110",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "opensolaris build snv 109",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "opensolaris build snv 108",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "opensolaris build snv 107",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "opensolaris build snv 106",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "opensolaris build snv 105",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "opensolaris build snv 104",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "opensolaris build snv 103",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "opensolaris build snv 102",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "opensolaris build snv 101a",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "opensolaris build snv 101",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "opensolaris build snv 100",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "opensolaris build snv 02",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "opensolaris build snv 01",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "opensolaris build snv 111b",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "opensolaris",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "0"
},
{
"_id": null,
"model": "linux x86 64 -current",
"scope": null,
"trust": 0.3,
"vendor": "slackware",
"version": null
},
{
"_id": null,
"model": "linux x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "13.0"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "13.0"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "12.2"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "12.1"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "12.0"
},
{
"_id": null,
"model": "linux -current",
"scope": null,
"trust": 0.3,
"vendor": "slackware",
"version": null
},
{
"_id": null,
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "11.1"
},
{
"_id": null,
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "11.0"
},
{
"_id": null,
"model": "open-enterprise-server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "0"
},
{
"_id": null,
"model": "novell linux pos",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9"
},
{
"_id": null,
"model": "novell linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.0"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "rpath",
"version": "2"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "rpath",
"version": "1"
},
{
"_id": null,
"model": "appliance platform linux service",
"scope": "eq",
"trust": 0.3,
"vendor": "rpath",
"version": "2"
},
{
"_id": null,
"model": "appliance platform linux service",
"scope": "eq",
"trust": 0.3,
"vendor": "rpath",
"version": "1"
},
{
"_id": null,
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"_id": null,
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"_id": null,
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"_id": null,
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"_id": null,
"model": "enterprise linux desktop workstation client",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"_id": null,
"model": "enterprise linux desktop version",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"_id": null,
"model": "desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3.0"
},
{
"_id": null,
"model": "certificate server",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7.3"
},
{
"_id": null,
"model": "application stack",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "v20"
},
{
"_id": null,
"model": "hat jboss enterprise web server for rhel server",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "51.0"
},
{
"_id": null,
"model": "hat jboss enterprise web server for rhel es",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "41.0"
},
{
"_id": null,
"model": "hat jboss enterprise web server for rhel as",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "41.0"
},
{
"_id": null,
"model": "hat enterprise linux desktop client",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5"
},
{
"_id": null,
"model": "hat enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "4"
},
{
"_id": null,
"model": "hat enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "3"
},
{
"_id": null,
"model": "hat enterprise linux server",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "pardus",
"version": "20090"
},
{
"_id": null,
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2009.1"
},
{
"_id": null,
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2009.1"
},
{
"_id": null,
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2009.0"
},
{
"_id": null,
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2009.0"
},
{
"_id": null,
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2008.1"
},
{
"_id": null,
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2008.1"
},
{
"_id": null,
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2008.0"
},
{
"_id": null,
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2008.0"
},
{
"_id": null,
"model": "multi network firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "2.0"
},
{
"_id": null,
"model": "enterprise server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "5"
},
{
"_id": null,
"model": "enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "5"
},
{
"_id": null,
"model": "corporate server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "4.0"
},
{
"_id": null,
"model": "corporate server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "3.0"
},
{
"_id": null,
"model": "corporate server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "3.0"
},
{
"_id": null,
"model": "corporate server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "4.0"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.03"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.8"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.1"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.7"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.5"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.1"
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.25"
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.19"
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.17"
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.15"
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.2.35"
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.2.33"
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.2.27"
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.2.13"
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.2"
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0.47.1"
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0.47"
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.5"
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.2"
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.0.13"
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.0.1"
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.0"
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.2.23"
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.2.19"
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.2.12"
},
{
"_id": null,
"model": "hp-ux b.11.31",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "hp-ux b.11.23",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "hp-ux b.11.11",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "compaq secure web server for openvms",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.0"
},
{
"_id": null,
"model": "business availability center",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "8.06"
},
{
"_id": null,
"model": "business availability center",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "8.05"
},
{
"_id": null,
"model": "business availability center",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "8.01"
},
{
"_id": null,
"model": "business availability center",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.55"
},
{
"_id": null,
"model": "business availability center",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6"
},
{
"_id": null,
"model": "business availability center",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"_id": null,
"model": "interstage studio standard-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "9.2"
},
{
"_id": null,
"model": "interstage studio standard-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "9.1"
},
{
"_id": null,
"model": "interstage studio standard-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "9.0"
},
{
"_id": null,
"model": "interstage studio standard-j edition b",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "9.1.0"
},
{
"_id": null,
"model": "interstage studio enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "9.2"
},
{
"_id": null,
"model": "interstage studio enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "9.1"
},
{
"_id": null,
"model": "interstage studio enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "9.0"
},
{
"_id": null,
"model": "interstage studio enterprise edition b",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "9.1.0"
},
{
"_id": null,
"model": "interstage application server standard-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "9.2"
},
{
"_id": null,
"model": "interstage application server standard-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "9.1"
},
{
"_id": null,
"model": "interstage application server standard-j edition b",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "9.0"
},
{
"_id": null,
"model": "interstage application server standard-j edition a",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "9.0"
},
{
"_id": null,
"model": "interstage application server standard-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "9.0"
},
{
"_id": null,
"model": "interstage application server standard-j edition 9.1.0b",
"scope": null,
"trust": 0.3,
"vendor": "fujitsu",
"version": null
},
{
"_id": null,
"model": "interstage application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "9.2"
},
{
"_id": null,
"model": "interstage application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "9.1"
},
{
"_id": null,
"model": "interstage application server enterprise edition a",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "9.0"
},
{
"_id": null,
"model": "interstage application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "9.0"
},
{
"_id": null,
"model": "interstage application server enterprise edition 9.1.0b",
"scope": null,
"trust": 0.3,
"vendor": "fujitsu",
"version": null
},
{
"_id": null,
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"_id": null,
"model": "linux s/390",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"_id": null,
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"_id": null,
"model": "linux mipsel",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"_id": null,
"model": "linux mips",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"_id": null,
"model": "linux m68k",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"_id": null,
"model": "linux ia-64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"_id": null,
"model": "linux ia-32",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"_id": null,
"model": "linux hppa",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"_id": null,
"model": "linux armel",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"_id": null,
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"_id": null,
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"_id": null,
"model": "linux alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"_id": null,
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "4.0"
},
{
"_id": null,
"model": "linux s/390",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "4.0"
},
{
"_id": null,
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "4.0"
},
{
"_id": null,
"model": "linux mipsel",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "4.0"
},
{
"_id": null,
"model": "linux mips",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "4.0"
},
{
"_id": null,
"model": "linux m68k",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "4.0"
},
{
"_id": null,
"model": "linux ia-64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "4.0"
},
{
"_id": null,
"model": "linux ia-32",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "4.0"
},
{
"_id": null,
"model": "linux hppa",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "4.0"
},
{
"_id": null,
"model": "linux armel",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "4.0"
},
{
"_id": null,
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "4.0"
},
{
"_id": null,
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "4.0"
},
{
"_id": null,
"model": "linux alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "4.0"
},
{
"_id": null,
"model": "coat systems director",
"scope": "eq",
"trust": 0.3,
"vendor": "blue",
"version": "5.2.2.5"
},
{
"_id": null,
"model": "coat systems director",
"scope": "eq",
"trust": 0.3,
"vendor": "blue",
"version": "4.2.2.4"
},
{
"_id": null,
"model": "coat systems director",
"scope": "eq",
"trust": 0.3,
"vendor": "blue",
"version": "5.5"
},
{
"_id": null,
"model": "coat systems director",
"scope": "eq",
"trust": 0.3,
"vendor": "blue",
"version": "5.4"
},
{
"_id": null,
"model": "coat systems director",
"scope": "eq",
"trust": 0.3,
"vendor": "blue",
"version": "0"
},
{
"_id": null,
"model": "voice portal sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.0"
},
{
"_id": null,
"model": "voice portal sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.0"
},
{
"_id": null,
"model": "voice portal",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.0"
},
{
"_id": null,
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"_id": null,
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.1"
},
{
"_id": null,
"model": "aura communication manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"_id": null,
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1.6"
},
{
"_id": null,
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1.5"
},
{
"_id": null,
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1.4"
},
{
"_id": null,
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1.3"
},
{
"_id": null,
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"_id": null,
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"_id": null,
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.0"
},
{
"_id": null,
"model": "software foundation mod proxy ftp",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "0"
},
{
"_id": null,
"model": "software foundation apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.2.13"
},
{
"_id": null,
"model": "software foundation apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.2.12"
},
{
"_id": null,
"model": "software foundation apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.2.11"
},
{
"_id": null,
"model": "software foundation apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.2.10"
},
{
"_id": null,
"model": "software foundation apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.2.9"
},
{
"_id": null,
"model": "software foundation apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.2.8"
},
{
"_id": null,
"model": "software foundation apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.2.6"
},
{
"_id": null,
"model": "software foundation apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.2.5"
},
{
"_id": null,
"model": "software foundation apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.2.2"
},
{
"_id": null,
"model": "software foundation apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.2"
},
{
"_id": null,
"model": "software foundation apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.63"
},
{
"_id": null,
"model": "software foundation apache 2.2.7-dev",
"scope": null,
"trust": 0.3,
"vendor": "apache",
"version": null
},
{
"_id": null,
"model": "software foundation apache 2.2.6-dev",
"scope": null,
"trust": 0.3,
"vendor": "apache",
"version": null
},
{
"_id": null,
"model": "software foundation apache 2.2.5-dev",
"scope": null,
"trust": 0.3,
"vendor": "apache",
"version": null
},
{
"_id": null,
"model": "software foundation apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.2.1"
},
{
"_id": null,
"model": "websphere application server",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.9"
},
{
"_id": null,
"model": "business availability center",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "8.07"
},
{
"_id": null,
"model": "coat systems director",
"scope": "ne",
"trust": 0.3,
"vendor": "blue",
"version": "5.5.2.3"
},
{
"_id": null,
"model": "software foundation apache",
"scope": "ne",
"trust": 0.3,
"vendor": "apache",
"version": "2.2.14"
}
],
"sources": [
{
"db": "BID",
"id": "36260"
},
{
"db": "CNNVD",
"id": "CNNVD-200909-107"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-002187"
},
{
"db": "NVD",
"id": "CVE-2009-3094"
}
]
},
"configurations": {
"_id": null,
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:apache:http_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:ibm:http_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:ibm:websphere_application_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:oracle:opensolaris",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:oracle:solaris",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:misc:miraclelinux_asianux_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:turbolinux:turbolinux_appliance_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:turbolinux:turbolinux_client",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:turbolinux:turbolinux_fuji",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:turbolinux:turbolinux_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:hp:hp-ux",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:hp:apache-based_web_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:redhat:enterprise_linux",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:redhat:enterprise_linux_desktop",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:redhat:enterprise_linux_eus",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:redhat:rhel_desktop_workstation",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:fujitsu:interstage_application_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:fujitsu:interstage_studio",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:fujitsu:interstage_web_server",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2009-002187"
}
]
},
"credits": {
"_id": null,
"data": "Evgeny Legerov",
"sources": [
{
"db": "BID",
"id": "36260"
},
{
"db": "CNNVD",
"id": "CNNVD-200909-107"
}
],
"trust": 0.9
},
"cve": "CVE-2009-3094",
"cvss": {
"_id": null,
"data": [
{
"cvssV2": [
{
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 2.6,
"confidentialityImpact": "NONE",
"exploitabilityScore": 4.9,
"id": "CVE-2009-3094",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "LOW",
"trust": 1.1,
"vectorString": "AV:N/AC:H/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "High",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 5.4,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2009-3094",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:H/Au:N/C:N/I:N/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2009-3094",
"trust": 1.0,
"value": "LOW"
},
{
"author": "NVD",
"id": "CVE-2009-3094",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-200909-107",
"trust": 0.6,
"value": "LOW"
},
{
"author": "VULMON",
"id": "CVE-2009-3094",
"trust": 0.1,
"value": "LOW"
}
]
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2009-3094"
},
{
"db": "CNNVD",
"id": "CNNVD-200909-107"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-002187"
},
{
"db": "NVD",
"id": "CVE-2009-3094"
}
]
},
"description": {
"_id": null,
"data": "The ap_proxy_ftp_handler function in modules/proxy/proxy_ftp.c in the mod_proxy_ftp module in the Apache HTTP Server 2.0.63 and 2.2.13 allows remote FTP servers to cause a denial of service (NULL pointer dereference and child process crash) via a malformed reply to an EPSV command. The Apache \u0027mod_proxy_ftp\u0027 module is prone to a denial-of-service vulnerability because of a NULL-pointer dereference. \nSuccessful exploits may allow remote attackers to cause denial-of-service conditions. Given the nature of this issue, attackers may also be able to run arbitrary code, but this has not been confirmed. ===========================================================\nUbuntu Security Notice USN-860-1 November 19, 2009\napache2 vulnerabilities\nCVE-2009-3094, CVE-2009-3095, CVE-2009-3555\n===========================================================\n\nA security issue affects the following Ubuntu releases:\n\nUbuntu 6.06 LTS\nUbuntu 8.04 LTS\nUbuntu 8.10\nUbuntu 9.04\nUbuntu 9.10\n\nThis advisory also applies to the corresponding versions of\nKubuntu, Edubuntu, and Xubuntu. \n\nThe problem can be corrected by upgrading your system to the\nfollowing package versions:\n\nUbuntu 6.06 LTS:\n apache2-common 2.0.55-4ubuntu2.9\n\nUbuntu 8.04 LTS:\n apache2.2-common 2.2.8-1ubuntu0.14\n\nUbuntu 8.10:\n apache2.2-common 2.2.9-7ubuntu3.5\n\nUbuntu 9.04:\n apache2.2-common 2.2.11-2ubuntu2.5\n\nUbuntu 9.10:\n apache2.2-common 2.2.12-1ubuntu2.1\n\nIn general, a standard system upgrade is sufficient to effect the\nnecessary changes. \n\nDetails follow:\n\nMarsh Ray and Steve Dispensa discovered a flaw in the TLS and SSLv3\nprotocols. If an attacker could perform a man in the middle attack at the\nstart of a TLS connection, the attacker could inject arbitrary content at\nthe beginning of the user\u0027s session. The flaw is with TLS renegotiation and\npotentially affects any software that supports this feature. Attacks\nagainst the HTTPS protocol are known, with the severity of the issue\ndepending on the safeguards used in the web application. Until the TLS\nprotocol and underlying libraries are adjusted to defend against this\nvulnerability, a partial, temporary workaround has been applied to Apache\nthat disables client initiated TLS renegotiation. This update does not\nprotect against server initiated TLS renegotiation when using\nSSLVerifyClient and SSLCipherSuite on a per Directory or Location basis. (CVE-2009-3555)\n\nIt was discovered that mod_proxy_ftp in Apache did not properly sanitize\nits input when processing replies to EPASV and PASV commands. \n(CVE-2009-3094)\n\nAnother flaw was discovered in mod_proxy_ftp. \n(CVE-2009-3095)\n\n\nUpdated packages for Ubuntu 6.06 LTS:\n\n Source archives:\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.9.diff.gz\n Size/MD5: 130638 5d172b0ca228238e211940fad6b0935d\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.9.dsc\n Size/MD5: 1156 a6d575c4c0ef0ef9c4c77e7f6ddfb02d\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55.orig.tar.gz\n Size/MD5: 6092031 45e32c9432a8e3cf4227f5af91b03622\n\n Architecture independent packages:\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.0.55-4ubuntu2.9_all.deb\n Size/MD5: 2125884 643115e9135b9bf626f3a65cfc5f2ed3\n\n amd64 architecture (Athlon64, Opteron, EM64T Xeon):\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.9_amd64.deb\n Size/MD5: 834492 818915da9848657833480b1ead6b4a12\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.9_amd64.deb\n Size/MD5: 229578 9086ac3033e0425ecd150b31b377ee76\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.9_amd64.deb\n Size/MD5: 224594 85a4480344a072868758c466f6a98747\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.9_amd64.deb\n Size/MD5: 229128 446b52088b9744fb776e53155403a474\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.9_amd64.deb\n Size/MD5: 172850 17e4cd95ecb9d0390274fca9625c2e5e\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.9_amd64.deb\n Size/MD5: 173636 b501407d01fa07e5807c28cd1db16cd7\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.9_amd64.deb\n Size/MD5: 95454 a06ee30ec14b35003ebcb821624bc2af\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.9_amd64.deb\n Size/MD5: 37510 4c063b1b8d831ea8a02d5ec691995dec\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.9_amd64.deb\n Size/MD5: 287048 9cdc7502ebc526d4bc7df9b59a9d8925\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.9_amd64.deb\n Size/MD5: 145624 4b613a57da2ca57678e8c8f0c1628556\n\n i386 architecture (x86 compatible Intel/AMD):\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.9_i386.deb\n Size/MD5: 787870 67b1855dc984e5296ac9580e2a2f0a0c\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.9_i386.deb\n Size/MD5: 204122 edf40b0ff5c1824b2d6232da247ce480\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.9_i386.deb\n Size/MD5: 200060 6267a56fcef78f6300372810ce36ea41\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.9_i386.deb\n Size/MD5: 203580 c487929bbf45b5a4dc3d035d86f7b3a0\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.9_i386.deb\n Size/MD5: 172876 bae257127c3d137e407a7db744f3d57a\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.9_i386.deb\n Size/MD5: 173660 9dd0e108ab4d3382799b29d901bf4502\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.9_i386.deb\n Size/MD5: 93410 d5d602c75a28873f1cd7523857e0dd80\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.9_i386.deb\n Size/MD5: 37508 22049e1ea8ea88259ff3f6e94482cfb3\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.9_i386.deb\n Size/MD5: 263066 43fa2ae3b43c4743c98c45ac22fb0250\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.9_i386.deb\n Size/MD5: 133484 e70b7f81859cb92e0c50084e92216526\n\n powerpc architecture (Apple Macintosh G3/G4/G5):\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.9_powerpc.deb\n Size/MD5: 860622 6d386da8da90d363414846dbc7fa7f08\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.9_powerpc.deb\n Size/MD5: 221470 8c207b379f7ba646c94759d3e9079dd4\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.9_powerpc.deb\n Size/MD5: 217132 069cab77278b101c3c4a5b172f36ba9b\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.9_powerpc.deb\n Size/MD5: 220968 2f6ba65769fc964eb6dfec8a842f7621\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.9_powerpc.deb\n Size/MD5: 172874 89137c84b5a33f526daf3f8b4c047a7e\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.9_powerpc.deb\n Size/MD5: 173662 23e576721faccb4aef732cf98e2358d4\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.9_powerpc.deb\n Size/MD5: 105198 44f9e698567784555db7d7d971b9fce2\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.9_powerpc.deb\n Size/MD5: 37518 fe7caa2a3cf6d4227ac34692de30635e\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.9_powerpc.deb\n Size/MD5: 282644 ec0306c04778cf8c8edd622aabb0363c\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.9_powerpc.deb\n Size/MD5: 142730 d43356422176ca29440f3e0572678093\n\n sparc architecture (Sun SPARC/UltraSPARC):\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.9_sparc.deb\n Size/MD5: 805078 0f1f6a9b04ad5ce4ea29fd0e44bf18a4\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.9_sparc.deb\n Size/MD5: 211674 eb19532b9b759c806e9a95a4ffbfad9b\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.9_sparc.deb\n Size/MD5: 207344 9e5770a4c94cbc4f9bc8cc11a6a038f1\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.9_sparc.deb\n Size/MD5: 210948 6d1d2357cec5b88c1c2269e5c16724bc\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.9_sparc.deb\n Size/MD5: 172882 d04dd123def1bc4cfbf2ac0095432eea\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.9_sparc.deb\n Size/MD5: 173662 6be46bbb9e92224020da49d657cb4cd4\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.9_sparc.deb\n Size/MD5: 94510 9df6ae07a9218d6159b1eebde5d58606\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.9_sparc.deb\n Size/MD5: 37506 89856bb1433e67fb23c8d34423d3e0a5\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.9_sparc.deb\n Size/MD5: 269070 bf585dec777b0306cd80663c11b020df\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.9_sparc.deb\n Size/MD5: 131466 340eaf2d2c1f129c7676a152776cfcf3\n\nUpdated packages for Ubuntu 8.04 LTS:\n\n Source archives:\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.8-1ubuntu0.14.diff.gz\n Size/MD5: 141838 37d5c93b425758839cbef5afea5353a2\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.8-1ubuntu0.14.dsc\n Size/MD5: 1381 78c9a13cc2af0dbf3958a3fc98aeea84\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.8.orig.tar.gz\n Size/MD5: 6125771 39a755eb0f584c279336387b321e3dfc\n\n Architecture independent packages:\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.2.8-1ubuntu0.14_all.deb\n Size/MD5: 1929318 d4faaf64c2c0af807848ea171a4efa90\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.2.8-1ubuntu0.14_all.deb\n Size/MD5: 72920 065d63c19b22f0f7a8f7c28952b0b408\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-src_2.2.8-1ubuntu0.14_all.deb\n Size/MD5: 6258048 33c48a093bbb868ea108a50c051437cf\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.8-1ubuntu0.14_all.deb\n Size/MD5: 45850 07a9463a8e4fdf1a48766d5ad08b9a3c\n\n amd64 architecture (Athlon64, Opteron, EM64T Xeon):\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.8-1ubuntu0.14_amd64.deb\n Size/MD5: 253080 3c6467ee604002a5b8ebffff8554c568\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.8-1ubuntu0.14_amd64.deb\n Size/MD5: 248676 3c83ce9eb0a27f18b9c3a8c3e651cafa\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.8-1ubuntu0.14_amd64.deb\n Size/MD5: 252490 cf379a515d967d89d2009be9e06d4833\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.8-1ubuntu0.14_amd64.deb\n Size/MD5: 205592 af6cb62114d2e70bf859c32008a66433\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.8-1ubuntu0.14_amd64.deb\n Size/MD5: 206350 9c3d5ef8e55eee98cc3e75f2ed9ffaff\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.8-1ubuntu0.14_amd64.deb\n Size/MD5: 141660 958585d6391847cd5a618464054f7d37\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.8-1ubuntu0.14_amd64.deb\n Size/MD5: 803974 76d23bd94465a2f96711dc1c41b31af0\n\n i386 architecture (x86 compatible Intel/AMD):\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.8-1ubuntu0.14_i386.deb\n Size/MD5: 236060 ad4c00dc10b406cc312982b7113fa468\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.8-1ubuntu0.14_i386.deb\n Size/MD5: 231580 07ae6a192e6c859e49d48f2b2158df40\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.8-1ubuntu0.14_i386.deb\n Size/MD5: 235308 18a44bbffcebde8f2d66fe3a6bdbab6d\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.8-1ubuntu0.14_i386.deb\n Size/MD5: 205594 73ec71599d4c8a42a69ac3099b9d50cf\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.8-1ubuntu0.14_i386.deb\n Size/MD5: 206374 c1524e4fa8265e7eaac046b114b8c463\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.8-1ubuntu0.14_i386.deb\n Size/MD5: 140644 379a125b8b5b51ff8033449755ab87b8\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.8-1ubuntu0.14_i386.deb\n Size/MD5: 755574 9de96c8719740c2525e3c0cf7836d60b\n\n lpia architecture (Low Power Intel Architecture):\n\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-event_2.2.8-1ubuntu0.14_lpia.deb\n Size/MD5: 235578 0265d4f6ccee2d7b5ee10cfff48fed08\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-prefork_2.2.8-1ubuntu0.14_lpia.deb\n Size/MD5: 231234 611499fb33808ecdd232e2c5350f6838\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-worker_2.2.8-1ubuntu0.14_lpia.deb\n Size/MD5: 234738 d7757d2da2e542ce0fdad5994be1d8bd\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-prefork-dev_2.2.8-1ubuntu0.14_lpia.deb\n Size/MD5: 205592 c10ac9eb401184c379b7993b6a62cde3\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-threaded-dev_2.2.8-1ubuntu0.14_lpia.deb\n Size/MD5: 206358 fc91c0159b096e744c42014e6e5f8909\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-utils_2.2.8-1ubuntu0.14_lpia.deb\n Size/MD5: 141212 f87d5f443e5d8e1c3eda6f976b3ceb06\n http://ports.ubuntu.com/pool/main/a/apache2/apache2.2-common_2.2.8-1ubuntu0.14_lpia.deb\n Size/MD5: 749716 86ae389b81b057288ff3c0b69ef68656\n\n powerpc architecture (Apple Macintosh G3/G4/G5):\n\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-event_2.2.8-1ubuntu0.14_powerpc.deb\n Size/MD5: 254134 4337f858972022fa196c9a1f9bb724fb\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-prefork_2.2.8-1ubuntu0.14_powerpc.deb\n Size/MD5: 249596 44a6e21ff8fa81d09dab19cab4caffdb\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-worker_2.2.8-1ubuntu0.14_powerpc.deb\n Size/MD5: 253698 f101a1709f21320716d4c9afb356f24f\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-prefork-dev_2.2.8-1ubuntu0.14_powerpc.deb\n Size/MD5: 205604 3f4d4f6733257a7037e35101ef792352\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-threaded-dev_2.2.8-1ubuntu0.14_powerpc.deb\n Size/MD5: 206386 06402188459de8dab5279b5bfef768fa\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-utils_2.2.8-1ubuntu0.14_powerpc.deb\n Size/MD5: 158390 0acffbdb7e5602b434c4f2805f8dc4d0\n http://ports.ubuntu.com/pool/main/a/apache2/apache2.2-common_2.2.8-1ubuntu0.14_powerpc.deb\n Size/MD5: 906022 28c3e8b63d123a4ca0632b3fed6720b5\n\n sparc architecture (Sun SPARC/UltraSPARC):\n\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-event_2.2.8-1ubuntu0.14_sparc.deb\n Size/MD5: 237422 5651f53b09c0f36e1333c569980a0eb0\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-prefork_2.2.8-1ubuntu0.14_sparc.deb\n Size/MD5: 233152 1165607c64c57c84212b6b106254e885\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-worker_2.2.8-1ubuntu0.14_sparc.deb\n Size/MD5: 236606 bbe00d0707c279a16eca35258dd8f13a\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-prefork-dev_2.2.8-1ubuntu0.14_sparc.deb\n Size/MD5: 205598 76afcd4085fa6f39055a5a3f1ef34a43\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-threaded-dev_2.2.8-1ubuntu0.14_sparc.deb\n Size/MD5: 206372 5c67270e0a19d1558cf17cb21a114833\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-utils_2.2.8-1ubuntu0.14_sparc.deb\n Size/MD5: 143838 28e9c3811feeac70b846279e82c23430\n http://ports.ubuntu.com/pool/main/a/apache2/apache2.2-common_2.2.8-1ubuntu0.14_sparc.deb\n Size/MD5: 765398 92c5b054b80b6258a1c4caac8248a40a\n\nUpdated packages for Ubuntu 8.10:\n\n Source archives:\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.9-7ubuntu3.5.diff.gz\n Size/MD5: 137715 0e8a6128ff37a1c064d4ce881b5d3df9\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.9-7ubuntu3.5.dsc\n Size/MD5: 1788 5e3c3d53b68ea3053bcca3a5e19f5911\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.9.orig.tar.gz\n Size/MD5: 6396996 80d3754fc278338033296f0d41ef2c04\n\n Architecture independent packages:\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.2.9-7ubuntu3.5_all.deb\n Size/MD5: 2041786 cd1e98fb2064bad51f7845f203a07d79\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-src_2.2.9-7ubuntu3.5_all.deb\n Size/MD5: 6538578 32e07db65f1e7b3002aedc3afce1748c\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.9-7ubuntu3.5_all.deb\n Size/MD5: 45474 0f1b4fb499af61a596241bd4f0f4d35d\n\n amd64 architecture (Athlon64, Opteron, EM64T Xeon):\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.9-7ubuntu3.5_amd64.deb\n Size/MD5: 254968 f2004f847cc5cbc730599352ad1f7dc6\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.9-7ubuntu3.5_amd64.deb\n Size/MD5: 249196 fb001fc4f192e9b8ae1bb7161925413c\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.9-7ubuntu3.5_amd64.deb\n Size/MD5: 254360 419b942bad4cf4d959afcfa3ce4314e2\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.9-7ubuntu3.5_amd64.deb\n Size/MD5: 208524 0d87bf6acbf1ab5dc48c68debe7c0d26\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-suexec-custom_2.2.9-7ubuntu3.5_amd64.deb\n Size/MD5: 84490 2a4df4b619debe549f48ac3e9e764305\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-suexec_2.2.9-7ubuntu3.5_amd64.deb\n Size/MD5: 82838 215665711684d5b5dd04cdfa23d36462\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.9-7ubuntu3.5_amd64.deb\n Size/MD5: 209550 496d387e315370c0cd83489db663a356\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.9-7ubuntu3.5_amd64.deb\n Size/MD5: 147762 48061b9015c78b39b7afd834f4c81ae0\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.9-7ubuntu3.5_amd64.deb\n Size/MD5: 820242 3497441009bc9db76a87fd2447ba433c\n\n i386 architecture (x86 compatible Intel/AMD):\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.9-7ubuntu3.5_i386.deb\n Size/MD5: 241376 488812d1a311fd67dafd5b18b6813920\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.9-7ubuntu3.5_i386.deb\n Size/MD5: 236082 9256681808703f40e822c81b53f4ce3e\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.9-7ubuntu3.5_i386.deb\n Size/MD5: 240668 2b6b7c11a88ed5a280f603305bee880e\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.9-7ubuntu3.5_i386.deb\n Size/MD5: 208532 e0eccceba6cae5fb12f431ff0283a23e\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-suexec-custom_2.2.9-7ubuntu3.5_i386.deb\n Size/MD5: 83922 ea5f69f36e344e493cce5d9c0bc69c46\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-suexec_2.2.9-7ubuntu3.5_i386.deb\n Size/MD5: 82320 0d9b2f9afff4b9efe924b59e9bb039ea\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.9-7ubuntu3.5_i386.deb\n Size/MD5: 209554 f4e53148ae30d5c4f060d455e4f11f95\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.9-7ubuntu3.5_i386.deb\n Size/MD5: 146596 5ed6a4af9378bacfb7d4a034d9923915\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.9-7ubuntu3.5_i386.deb\n Size/MD5: 778564 ffd7752394933004094c13b00113b263\n\n lpia architecture (Low Power Intel Architecture):\n\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-event_2.2.9-7ubuntu3.5_lpia.deb\n Size/MD5: 238358 4955c7d577496ea4f3573345fad028a4\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-prefork_2.2.9-7ubuntu3.5_lpia.deb\n Size/MD5: 232964 76aecf38baba17a8a968329b818ec74a\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-worker_2.2.9-7ubuntu3.5_lpia.deb\n Size/MD5: 237626 83f32bd08e2e206bbdb9f92cfb1a37e5\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-prefork-dev_2.2.9-7ubuntu3.5_lpia.deb\n Size/MD5: 208528 6672fb116e108687669c89197732fbb0\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-suexec-custom_2.2.9-7ubuntu3.5_lpia.deb\n Size/MD5: 83870 b8f875f197017aec0fe8203c203065d7\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-suexec_2.2.9-7ubuntu3.5_lpia.deb\n Size/MD5: 82296 d6724391ed540b351e2b660ba98af1ca\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-threaded-dev_2.2.9-7ubuntu3.5_lpia.deb\n Size/MD5: 209550 263b43fb11c6d954d5a4bf7839e720a4\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-utils_2.2.9-7ubuntu3.5_lpia.deb\n Size/MD5: 146282 a225b8d0f48e141eea28b2369d4595c0\n http://ports.ubuntu.com/pool/main/a/apache2/apache2.2-common_2.2.9-7ubuntu3.5_lpia.deb\n Size/MD5: 766494 454c737e191429c43ad3f28c9e0294a0\n\n powerpc architecture (Apple Macintosh G3/G4/G5):\n\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-event_2.2.9-7ubuntu3.5_powerpc.deb\n Size/MD5: 261510 d3e1155682726cc28859156e647d97b3\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-prefork_2.2.9-7ubuntu3.5_powerpc.deb\n Size/MD5: 256082 e49d894a6e9ab612a3cbd2f189ca3d8d\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-worker_2.2.9-7ubuntu3.5_powerpc.deb\n Size/MD5: 260850 bc3cd7677cd630ac00424e73a3a6b343\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-prefork-dev_2.2.9-7ubuntu3.5_powerpc.deb\n Size/MD5: 208542 ae1cc6b1323832528ad8f0e7130ec87d\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-suexec-custom_2.2.9-7ubuntu3.5_powerpc.deb\n Size/MD5: 84558 68452b686e89320007e9c5367ce36345\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-suexec_2.2.9-7ubuntu3.5_powerpc.deb\n Size/MD5: 82908 2b8c5fc4bdec1017735dc16eba41d0a6\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-threaded-dev_2.2.9-7ubuntu3.5_powerpc.deb\n Size/MD5: 209562 a8da7487e3dcd1bdff008956728b8dd3\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-utils_2.2.9-7ubuntu3.5_powerpc.deb\n Size/MD5: 161030 a5ffe07d5e3050c8a54c4fccd3732263\n http://ports.ubuntu.com/pool/main/a/apache2/apache2.2-common_2.2.9-7ubuntu3.5_powerpc.deb\n Size/MD5: 926240 8282583e86e84bd256959540f39a515d\n\n sparc architecture (Sun SPARC/UltraSPARC):\n\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-event_2.2.9-7ubuntu3.5_sparc.deb\n Size/MD5: 246720 e54b4b9b354001a910ec9027dc90b0d2\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-prefork_2.2.9-7ubuntu3.5_sparc.deb\n Size/MD5: 241280 1eea25472875056e34cd2c3283c60171\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-worker_2.2.9-7ubuntu3.5_sparc.deb\n Size/MD5: 246024 5709e7421814ecfb83fff5804d429971\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-prefork-dev_2.2.9-7ubuntu3.5_sparc.deb\n Size/MD5: 208528 25cdfd0177da7e5484d3d44f93257863\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-suexec-custom_2.2.9-7ubuntu3.5_sparc.deb\n Size/MD5: 84096 3ffbacffcc23ffc640a2ce05d35437bf\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-suexec_2.2.9-7ubuntu3.5_sparc.deb\n Size/MD5: 82470 17d1ca84f9455c492013f4f754a1d365\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-threaded-dev_2.2.9-7ubuntu3.5_sparc.deb\n Size/MD5: 209546 696ef3652703523aea6208a4e51e48f1\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-utils_2.2.9-7ubuntu3.5_sparc.deb\n Size/MD5: 150932 44c89e0249c85eed09b6f3a6a23db59d\n http://ports.ubuntu.com/pool/main/a/apache2/apache2.2-common_2.2.9-7ubuntu3.5_sparc.deb\n Size/MD5: 783902 773a80d7a85a452016da3b10b1f3ae43\n\nUpdated packages for Ubuntu 9.04:\n\n Source archives:\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.11-2ubuntu2.5.diff.gz\n Size/MD5: 141023 50d6737005a6d4fe601e223a39293f99\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.11-2ubuntu2.5.dsc\n Size/MD5: 1795 59720f4d7ad291c986d92ec120750c3d\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.11.orig.tar.gz\n Size/MD5: 6806786 03e0a99a5de0f3f568a0087fb9993af9\n\n Architecture independent packages:\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.2.11-2ubuntu2.5_all.deb\n Size/MD5: 2219326 d29c903489b894ddf88b23a0fec23e5c\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.11-2ubuntu2.5_all.deb\n Size/MD5: 46636 ee03585b00f277ed98c0de07a683317a\n http://security.ubuntu.com/ubuntu/pool/universe/a/apache2/apache2-src_2.2.11-2ubuntu2.5_all.deb\n Size/MD5: 6948222 a3505a83c13cf36c86248079127dd84d\n\n amd64 architecture (Athlon64, Opteron, EM64T Xeon):\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.11-2ubuntu2.5_amd64.deb\n Size/MD5: 259028 5e9bddefad4c58c3ef9fd15d7a06988d\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.11-2ubuntu2.5_amd64.deb\n Size/MD5: 253218 ee1bfbb759ffade3a52a6782e2f4b66d\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.11-2ubuntu2.5_amd64.deb\n Size/MD5: 258414 8ef063026de9790bac1965427ce1b584\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.11-2ubuntu2.5_amd64.deb\n Size/MD5: 213294 09701d434bd102e4205e551b4525afd1\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.11-2ubuntu2.5_amd64.deb\n Size/MD5: 214258 e98de48ea01e1132c5f1248a9a018745\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.11-2ubuntu2.5_amd64.deb\n Size/MD5: 151140 2f7c7f14b843b2c24de8c67356406449\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.11-2ubuntu2.5_amd64.deb\n Size/MD5: 826834 28abdf1c7be886e9be2825d351abaec7\n http://security.ubuntu.com/ubuntu/pool/universe/a/apache2/apache2-suexec-custom_2.2.11-2ubuntu2.5_amd64.deb\n Size/MD5: 87818 670c62615e107920c45893b3377ab2a0\n http://security.ubuntu.com/ubuntu/pool/universe/a/apache2/apache2-suexec_2.2.11-2ubuntu2.5_amd64.deb\n Size/MD5: 86094 5a7c68fd37066287b4819cba4cfed1f2\n\n i386 architecture (x86 compatible Intel/AMD):\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.11-2ubuntu2.5_i386.deb\n Size/MD5: 245538 952540b7679ebc8d3ffc953f32d3be0f\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.11-2ubuntu2.5_i386.deb\n Size/MD5: 240048 08a7fd4888ffd9188890e57c613c4be7\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.11-2ubuntu2.5_i386.deb\n Size/MD5: 244914 955bb5121da808d44aa994386d90723f\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.11-2ubuntu2.5_i386.deb\n Size/MD5: 213308 dd16143608ff8c41cb2d5cd27212a57e\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.11-2ubuntu2.5_i386.deb\n Size/MD5: 214280 1e1f5d6feef40413f823a19126a018e3\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.11-2ubuntu2.5_i386.deb\n Size/MD5: 150046 0769d86d26282d1d31615050ae5b8915\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.11-2ubuntu2.5_i386.deb\n Size/MD5: 784198 8760e9c37147d0472dbbfe941c058829\n http://security.ubuntu.com/ubuntu/pool/universe/a/apache2/apache2-suexec-custom_2.2.11-2ubuntu2.5_i386.deb\n Size/MD5: 87182 21980cb1035d05f69b857870bbcbc085\n http://security.ubuntu.com/ubuntu/pool/universe/a/apache2/apache2-suexec_2.2.11-2ubuntu2.5_i386.deb\n Size/MD5: 85572 6a1b8a5e4cb19e815e88335757b06cf3\n\n lpia architecture (Low Power Intel Architecture):\n\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-event_2.2.11-2ubuntu2.5_lpia.deb\n Size/MD5: 242386 859ad63822b7e82c81cd6dcaca088c4a\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-prefork_2.2.11-2ubuntu2.5_lpia.deb\n Size/MD5: 236924 200538ce94218c9d8af8532636bfd40a\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-worker_2.2.11-2ubuntu2.5_lpia.deb\n Size/MD5: 241822 3a3183ea4ee77d2677919d3b698f92a1\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-prefork-dev_2.2.11-2ubuntu2.5_lpia.deb\n Size/MD5: 213286 bf81273b1db0a4a621085171c2b2b421\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-threaded-dev_2.2.11-2ubuntu2.5_lpia.deb\n Size/MD5: 214264 ed278dab71289d2baae2ea409382fbf8\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-utils_2.2.11-2ubuntu2.5_lpia.deb\n Size/MD5: 149758 75f6e2d7bd1cdfe5b1806062c3c859df\n http://ports.ubuntu.com/pool/main/a/apache2/apache2.2-common_2.2.11-2ubuntu2.5_lpia.deb\n Size/MD5: 773424 c7cdc26051bd9443ae25b73776537fb5\n http://ports.ubuntu.com/pool/universe/a/apache2/apache2-suexec-custom_2.2.11-2ubuntu2.5_lpia.deb\n Size/MD5: 87132 32e7ea89c96a0afce7ce1da457d947fb\n http://ports.ubuntu.com/pool/universe/a/apache2/apache2-suexec_2.2.11-2ubuntu2.5_lpia.deb\n Size/MD5: 85550 1d9b5963aa6ea5c01492ec417ab8510a\n\n powerpc architecture (Apple Macintosh G3/G4/G5):\n\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-event_2.2.11-2ubuntu2.5_powerpc.deb\n Size/MD5: 265476 5d03fe6b2da8de98c876941ff78b066f\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-prefork_2.2.11-2ubuntu2.5_powerpc.deb\n Size/MD5: 260478 3e3aeaaf496cc86c62a831c59994c1f2\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-worker_2.2.11-2ubuntu2.5_powerpc.deb\n Size/MD5: 265154 5eae30e7a33c09b37483f3aab595d0e9\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-prefork-dev_2.2.11-2ubuntu2.5_powerpc.deb\n Size/MD5: 213314 879534ebabbb8be86b606e1800dc9cf8\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-threaded-dev_2.2.11-2ubuntu2.5_powerpc.deb\n Size/MD5: 214286 922033231a6aa67ecca1c400d47f09c1\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-utils_2.2.11-2ubuntu2.5_powerpc.deb\n Size/MD5: 164444 74faf68f0baeffcd011155ca9b201039\n http://ports.ubuntu.com/pool/main/a/apache2/apache2.2-common_2.2.11-2ubuntu2.5_powerpc.deb\n Size/MD5: 932416 2911758e4ad1b3b401369621301ea76f\n http://ports.ubuntu.com/pool/universe/a/apache2/apache2-suexec-custom_2.2.11-2ubuntu2.5_powerpc.deb\n Size/MD5: 87876 1d45c033ec5498c092f30188cf1d481e\n http://ports.ubuntu.com/pool/universe/a/apache2/apache2-suexec_2.2.11-2ubuntu2.5_powerpc.deb\n Size/MD5: 86154 52c1d8806d52fef6f43ab53662953953\n\n sparc architecture (Sun SPARC/UltraSPARC):\n\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-event_2.2.11-2ubuntu2.5_sparc.deb\n Size/MD5: 250786 4e8e98dcba5543394ed5f07d141ce408\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-prefork_2.2.11-2ubuntu2.5_sparc.deb\n Size/MD5: 245094 a82bf04fc92b8c275b0c0f25cc81ff91\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-worker_2.2.11-2ubuntu2.5_sparc.deb\n Size/MD5: 250110 092cf734813ae1d127d7b4f498f936c1\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-prefork-dev_2.2.11-2ubuntu2.5_sparc.deb\n Size/MD5: 213312 98d7062a6bdb58637f7e850b76bfbc80\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-threaded-dev_2.2.11-2ubuntu2.5_sparc.deb\n Size/MD5: 214286 a378e2e0418631cec0f398379a446172\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-utils_2.2.11-2ubuntu2.5_sparc.deb\n Size/MD5: 154284 ce8b7bbccd359675b70426df15becfed\n http://ports.ubuntu.com/pool/main/a/apache2/apache2.2-common_2.2.11-2ubuntu2.5_sparc.deb\n Size/MD5: 789298 11f088b18425b97367d5bc141da2ef2f\n http://ports.ubuntu.com/pool/universe/a/apache2/apache2-suexec-custom_2.2.11-2ubuntu2.5_sparc.deb\n Size/MD5: 87384 477b6594866c8c73a8a3603e7e646c68\n http://ports.ubuntu.com/pool/universe/a/apache2/apache2-suexec_2.2.11-2ubuntu2.5_sparc.deb\n Size/MD5: 85686 5562ea5a0e6f01ba12adda3afb65c1b0\n\nUpdated packages for Ubuntu 9.10:\n\n Source archives:\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.12-1ubuntu2.1.diff.gz\n Size/MD5: 185244 1ef59f9642bd9efa35e0808ea804cd0b\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.12-1ubuntu2.1.dsc\n Size/MD5: 1888 d3bfdecefdd8b1adec8ab35dcf85d2b3\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.12.orig.tar.gz\n Size/MD5: 6678149 17f017b571f88aa60abebfe2945d7caf\n\n Architecture independent packages:\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.2.12-1ubuntu2.1_all.deb\n Size/MD5: 2246560 be12bcc117bf165ffd3401486186762e\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.12-1ubuntu2.1_all.deb\n Size/MD5: 2336 009d381342b0be5280835a46c91f01d9\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.12-1ubuntu2.1_all.deb\n Size/MD5: 2374 7545a3750acea08e95bee86f6a3247e2\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.12-1ubuntu2.1_all.deb\n Size/MD5: 2314 17719223d92d46821098ce178b5947d6\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.12-1ubuntu2.1_all.deb\n Size/MD5: 284782 4321e3201d8e8d1a9e3c6fbe6864102b\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.12-1ubuntu2.1_all.deb\n Size/MD5: 1424 7b4d96008368549d5600a8c1f64a7559\n http://security.ubuntu.com/ubuntu/pool/universe/a/apache2/apache2-mpm-itk_2.2.12-1ubuntu2.1_all.deb\n Size/MD5: 2366 46add3d428c97fa69a8848a3e4025bb0\n\n amd64 architecture (Athlon64, Opteron, EM64T Xeon):\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.12-1ubuntu2.1_amd64.deb\n Size/MD5: 137080 91e4f72d0f1f0abe91555e1497558fc2\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.12-1ubuntu2.1_amd64.deb\n Size/MD5: 138176 5fd6a5ed536306528f9f2c1a0281ad70\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.12-1ubuntu2.1_amd64.deb\n Size/MD5: 156646 cfa55666363303b3f44a24fa2929bf01\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-bin_2.2.12-1ubuntu2.1_amd64.deb\n Size/MD5: 1399630 82b36d57faa29a646e72a1125600c11c\n http://security.ubuntu.com/ubuntu/pool/universe/a/apache2/apache2-suexec-custom_2.2.12-1ubuntu2.1_amd64.deb\n Size/MD5: 92488 ddebef9d1a537520380f85b63c512bef\n http://security.ubuntu.com/ubuntu/pool/universe/a/apache2/apache2-suexec_2.2.12-1ubuntu2.1_amd64.deb\n Size/MD5: 90880 c6d163edf145da8ff6d102dc0dd1f8d7\n\n i386 architecture (x86 compatible Intel/AMD):\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.12-1ubuntu2.1_i386.deb\n Size/MD5: 137102 69dcd0519ca612e02102f52dcb50bf7f\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.12-1ubuntu2.1_i386.deb\n Size/MD5: 138200 17221b53903d664823a55faa1ec4d9a9\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.12-1ubuntu2.1_i386.deb\n Size/MD5: 155166 4347806710edff47fc051b4a68d5b448\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-bin_2.2.12-1ubuntu2.1_i386.deb\n Size/MD5: 1309136 d9a7df212b315fc6f77fc87fa8eb4a04\n http://security.ubuntu.com/ubuntu/pool/universe/a/apache2/apache2-suexec-custom_2.2.12-1ubuntu2.1_i386.deb\n Size/MD5: 91876 289bf732dd4750a2ce61ab121b04b079\n http://security.ubuntu.com/ubuntu/pool/universe/a/apache2/apache2-suexec_2.2.12-1ubuntu2.1_i386.deb\n Size/MD5: 90316 add7f446f6b524343c0066a486dd299a\n\n lpia architecture (Low Power Intel Architecture):\n\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-prefork-dev_2.2.12-1ubuntu2.1_lpia.deb\n Size/MD5: 137088 571e9f0370b5687acff25f71c4efe33e\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-threaded-dev_2.2.12-1ubuntu2.1_lpia.deb\n Size/MD5: 138192 816a6e033f02114553bbb3627b9c6f9c\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-utils_2.2.12-1ubuntu2.1_lpia.deb\n Size/MD5: 155090 af8272dc794250c30cd2f66b82486dc2\n http://ports.ubuntu.com/pool/main/a/apache2/apache2.2-bin_2.2.12-1ubuntu2.1_lpia.deb\n Size/MD5: 1290606 4c51de07f5a6fe9612de45369e6f35a5\n http://ports.ubuntu.com/pool/universe/a/apache2/apache2-suexec-custom_2.2.12-1ubuntu2.1_lpia.deb\n Size/MD5: 91830 06866386df811127f4fd71d6fb2a9e2a\n http://ports.ubuntu.com/pool/universe/a/apache2/apache2-suexec_2.2.12-1ubuntu2.1_lpia.deb\n Size/MD5: 90312 9e68bd8111503135a4eae7265b0084ae\n\n powerpc architecture (Apple Macintosh G3/G4/G5):\n\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-prefork-dev_2.2.12-1ubuntu2.1_powerpc.deb\n Size/MD5: 137096 61b24dbeb12d7998e5d7014c26410a99\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-threaded-dev_2.2.12-1ubuntu2.1_powerpc.deb\n Size/MD5: 138202 599898ff374bde8bfa388e2615064c5a\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-utils_2.2.12-1ubuntu2.1_powerpc.deb\n Size/MD5: 161058 fea8f5b9a80bef9c4cb3405bc37160af\n http://ports.ubuntu.com/pool/main/a/apache2/apache2.2-bin_2.2.12-1ubuntu2.1_powerpc.deb\n Size/MD5: 1390150 fb1a244728a509586b77d02930fcf10f\n http://ports.ubuntu.com/pool/universe/a/apache2/apache2-suexec-custom_2.2.12-1ubuntu2.1_powerpc.deb\n Size/MD5: 92400 572c3b0aa5ab717e8c4e4e8248aff1ff\n http://ports.ubuntu.com/pool/universe/a/apache2/apache2-suexec_2.2.12-1ubuntu2.1_powerpc.deb\n Size/MD5: 90774 82011ebc757d31e690698cf9913e3adc\n\n sparc architecture (Sun SPARC/UltraSPARC):\n\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-prefork-dev_2.2.12-1ubuntu2.1_sparc.deb\n Size/MD5: 137098 7f566dfade1678c72eac7dd923ab5987\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-threaded-dev_2.2.12-1ubuntu2.1_sparc.deb\n Size/MD5: 138202 09fbc3145d768cf1f204d47b50e21528\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-utils_2.2.12-1ubuntu2.1_sparc.deb\n Size/MD5: 159488 7cb6c81588adaee162b8c85a1f69e7a7\n http://ports.ubuntu.com/pool/main/a/apache2/apache2.2-bin_2.2.12-1ubuntu2.1_sparc.deb\n Size/MD5: 1297936 106b0b71f5e928c1d543973b5b1f015b\n http://ports.ubuntu.com/pool/universe/a/apache2/apache2-suexec-custom_2.2.12-1ubuntu2.1_sparc.deb\n Size/MD5: 92166 28899fe31226880dfa961d8b05e8fa43\n http://ports.ubuntu.com/pool/universe/a/apache2/apache2-suexec_2.2.12-1ubuntu2.1_sparc.deb\n Size/MD5: 90554 f207de0099ed259e2af736e8c82f91c2\n\n\n. Note\n that this security issue does not really apply as zlib compression\n is not enabled in the openssl build provided by Mandriva, but apache\n is patched to address this issue anyway (conserns 2008.1 only). \n \n Cross-site scripting (XSS) vulnerability in proxy_ftp.c in the\n mod_proxy_ftp module in Apache 2.0.63 and earlier, and mod_proxy_ftp.c\n in the mod_proxy_ftp module in Apache 2.2.9 and earlier 2.2 versions,\n allows remote attackers to inject arbitrary web script or HTML via\n wildcards in a pathname in an FTP URI (CVE-2008-2939). Note that this\n security issue was initially addressed with MDVSA-2008:195 but the\n patch fixing the issue was added but not applied in 2009.0. \n \n The Apache HTTP Server 2.2.11 and earlier 2.2 versions does not\n properly handle Options=IncludesNOEXEC in the AllowOverride directive,\n which allows local users to gain privileges by configuring (1) Options\n Includes, (2) Options +Includes, or (3) Options +IncludesNOEXEC in a\n .htaccess file, and then inserting an exec element in a .shtml file\n (CVE-2009-1195). \n \n Fix a potential Denial-of-Service attack against mod_deflate or other\n modules, by forcing the server to consume CPU time in compressing a\n large file after a client disconnects (CVE-2009-1891). NOTE: as of 20090903,\n this disclosure has no actionable information. However, because the\n VulnDisco Pack author is a reliable researcher, the issue is being\n assigned a CVE identifier for tracking purposes (CVE-2009-3095). \n \n Apache is affected by SSL injection or man-in-the-middle attacks\n due to a design flaw in the SSL and/or TLS protocols. A short term\n solution was released Sat Nov 07 2009 by the ASF team to mitigate\n these problems. Apache will now reject in-session renegotiation\n (CVE-2009-3555). \n \n Packages for 2008.0 are being provided due to extended support for\n Corporate products. \n \n This update provides a solution to these vulnerabilities. \n _______________________________________________________________________\n\n References:\n\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1678\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2939\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1191\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1195\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1890\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1891\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3094\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3095\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3555\n http://marc.info/?l=apache-httpd-announce\u0026m=125755783724966\u0026w=2\n _______________________________________________________________________\n\n Updated Packages:\n\n Mandriva Linux 2008.0:\n dd2bebdd6726d2d865331d37068a90b7 2008.0/i586/apache-base-2.2.6-8.3mdv2008.0.i586.rpm\n 6de9d36a91b125cc03bafe911b7a38a2 2008.0/i586/apache-devel-2.2.6-8.3mdv2008.0.i586.rpm\n ab7963efad1b7951c94a24075a2070e7 2008.0/i586/apache-htcacheclean-2.2.6-8.3mdv2008.0.i586.rpm\n 42a53b597d5547fb88b7427cacd617a1 2008.0/i586/apache-mod_authn_dbd-2.2.6-8.3mdv2008.0.i586.rpm\n 1dff9d313e93c94e907d8c72348ed2e0 2008.0/i586/apache-mod_cache-2.2.6-8.3mdv2008.0.i586.rpm\n b575ede2978ad47e41d355bd8b192725 2008.0/i586/apache-mod_dav-2.2.6-8.3mdv2008.0.i586.rpm\n 8ff3dee24d2d2d9a8d13e567cf1eaced 2008.0/i586/apache-mod_dbd-2.2.6-8.3mdv2008.0.i586.rpm\n 7bae541dfec14b21700878514750de83 2008.0/i586/apache-mod_deflate-2.2.6-8.3mdv2008.0.i586.rpm\n 19cab766a26ce53bd7e7973ed92f0db4 2008.0/i586/apache-mod_disk_cache-2.2.6-8.3mdv2008.0.i586.rpm\n a1336e4ab4f282c388d7565bde4557fd 2008.0/i586/apache-mod_file_cache-2.2.6-8.3mdv2008.0.i586.rpm\n 6b2f2eb949977349390fa3b06cf257e7 2008.0/i586/apache-mod_ldap-2.2.6-8.3mdv2008.0.i586.rpm\n 3640bbef5262ec0407126e31dd5ddde3 2008.0/i586/apache-mod_mem_cache-2.2.6-8.3mdv2008.0.i586.rpm\n 98793747365606baabc08f22e36a0a04 2008.0/i586/apache-mod_proxy-2.2.6-8.3mdv2008.0.i586.rpm\n d7fe4d88f25d2a01b0809ab5292b0999 2008.0/i586/apache-mod_proxy_ajp-2.2.6-8.3mdv2008.0.i586.rpm\n 4c9f48adbd0b1d45a874f06b9275ebe3 2008.0/i586/apache-mod_ssl-2.2.6-8.3mdv2008.0.i586.rpm\n e5a1d9476316ccc9f183cb1ae5bbcf31 2008.0/i586/apache-modules-2.2.6-8.3mdv2008.0.i586.rpm\n 44f7810695a40519c68930695829f124 2008.0/i586/apache-mod_userdir-2.2.6-8.3mdv2008.0.i586.rpm\n d6f666e9954422664d1f029fc147b591 2008.0/i586/apache-mpm-event-2.2.6-8.3mdv2008.0.i586.rpm\n 75e205ddbc9313b8d02519e57919923a 2008.0/i586/apache-mpm-itk-2.2.6-8.3mdv2008.0.i586.rpm\n 6d68e8fa7baccc2ad090c703fb33458e 2008.0/i586/apache-mpm-prefork-2.2.6-8.3mdv2008.0.i586.rpm\n 331f18ce48403472fc7f8af6d5daee8e 2008.0/i586/apache-mpm-worker-2.2.6-8.3mdv2008.0.i586.rpm\n c75e69bcabc104938cb9033e591d1de8 2008.0/i586/apache-source-2.2.6-8.3mdv2008.0.i586.rpm \n 23fcdf29e21b0146fb5646baca2fa63b 2008.0/SRPMS/apache-2.2.6-8.3mdv2008.0.src.rpm\n\n Mandriva Linux 2008.0/X86_64:\n 3d4afe3f8da8369d80b6c195e132c5c0 2008.0/x86_64/apache-base-2.2.6-8.3mdv2008.0.x86_64.rpm\n 37034ee7c7eb813de2a00a6945a10248 2008.0/x86_64/apache-devel-2.2.6-8.3mdv2008.0.x86_64.rpm\n ba296f9aa229a616a2c406d1a16912c3 2008.0/x86_64/apache-htcacheclean-2.2.6-8.3mdv2008.0.x86_64.rpm\n 77fa75d36e7a4bbe154c846e3271e7a3 2008.0/x86_64/apache-mod_authn_dbd-2.2.6-8.3mdv2008.0.x86_64.rpm\n ca29e2db08b29e319f2392b46ea4c3fe 2008.0/x86_64/apache-mod_cache-2.2.6-8.3mdv2008.0.x86_64.rpm\n 3fbf5a0276adaa2d887a92482d81313f 2008.0/x86_64/apache-mod_dav-2.2.6-8.3mdv2008.0.x86_64.rpm\n 9c66e471c2d2d3e43462302d0cc6f1c9 2008.0/x86_64/apache-mod_dbd-2.2.6-8.3mdv2008.0.x86_64.rpm\n 05020102a26a28b96319b23e3b6e43d6 2008.0/x86_64/apache-mod_deflate-2.2.6-8.3mdv2008.0.x86_64.rpm\n 7191542417b30ed77334f1b8366628aa 2008.0/x86_64/apache-mod_disk_cache-2.2.6-8.3mdv2008.0.x86_64.rpm\n f4177dbdcfd2e3dc8e66be731ad731c4 2008.0/x86_64/apache-mod_file_cache-2.2.6-8.3mdv2008.0.x86_64.rpm\n fea417664f0a2689fa12308bd80c2fe4 2008.0/x86_64/apache-mod_ldap-2.2.6-8.3mdv2008.0.x86_64.rpm\n 9cf956fa426e6bdf6497337b6e26a2ab 2008.0/x86_64/apache-mod_mem_cache-2.2.6-8.3mdv2008.0.x86_64.rpm\n 0d9d04ca878bb3f19f4764152da42d82 2008.0/x86_64/apache-mod_proxy-2.2.6-8.3mdv2008.0.x86_64.rpm\n dbbcd75dd83779f54f98fa3e16b59f13 2008.0/x86_64/apache-mod_proxy_ajp-2.2.6-8.3mdv2008.0.x86_64.rpm\n dce8db6742ba28a71e18b86bb38688c8 2008.0/x86_64/apache-mod_ssl-2.2.6-8.3mdv2008.0.x86_64.rpm\n 2ff69d6e9c2cd3250f6746d4a7d921fd 2008.0/x86_64/apache-modules-2.2.6-8.3mdv2008.0.x86_64.rpm\n f298827d4dfa631a77907f7f5733fa29 2008.0/x86_64/apache-mod_userdir-2.2.6-8.3mdv2008.0.x86_64.rpm\n 6f02fb080e308ca0826fdb1ef00a1489 2008.0/x86_64/apache-mpm-event-2.2.6-8.3mdv2008.0.x86_64.rpm\n b886d30d73c60a515b3ed36d7f186378 2008.0/x86_64/apache-mpm-itk-2.2.6-8.3mdv2008.0.x86_64.rpm\n 62d7754a5aa7af596cc06cd540d4025f 2008.0/x86_64/apache-mpm-prefork-2.2.6-8.3mdv2008.0.x86_64.rpm\n d3438e0967978e580be896bd85f1d953 2008.0/x86_64/apache-mpm-worker-2.2.6-8.3mdv2008.0.x86_64.rpm\n e72af335ec7c3c02b5a494fbd6e99e0e 2008.0/x86_64/apache-source-2.2.6-8.3mdv2008.0.x86_64.rpm \n 23fcdf29e21b0146fb5646baca2fa63b 2008.0/SRPMS/apache-2.2.6-8.3mdv2008.0.src.rpm\n _______________________________________________________________________\n\n To upgrade automatically use MandrivaUpdate or urpmi. The verification\n of md5 checksums and GPG signatures is performed automatically for you. \n\n All packages are signed by Mandriva for security. You can obtain the\n GPG public key of the Mandriva Security Team by executing:\n\n gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98\n\n You can view other update advisories for Mandriva Linux at:\n\n http://www.mandriva.com/security/advisories\n\n If you want to report vulnerabilities, please contact\n\n security_(at)_mandriva.com\n _______________________________________________________________________\n\n Type Bits/KeyID Date User ID\n pub 1024D/22458A98 2000-07-10 Mandriva Security Team\n \u003csecurity*mandriva.com\u003e\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.9 (GNU/Linux)\n\niD8DBQFLHQcamqjQ0CJFipgRAsJgAKDf5oc5UbEz3j+qsMn3tL6F8cujygCfY+cu\nMUj4lK2Wsb+qzbv2V+Ih30U=\n=VdZS\n-----END PGP SIGNATURE-----\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n- ------------------------------------------------------------------------\nDebian Security Advisory DSA-1934-1 security@debian.org\nhttp://www.debian.org/security/ Stefan Fritsch\nNovember 16, 2009 http://www.debian.org/security/faq\n- ------------------------------------------------------------------------\n\nPackage : apache2\nVulnerability : multiple issues\nProblem type : remote\nDebian-specific: no\nCVE Id(s) : CVE-2009-3094 CVE-2009-3095 CVE-2009-3555\n\n\nA design flaw has been found in the TLS and SSL protocol that allows\nan attacker to inject arbitrary content at the beginning of a TLS/SSL\nconnection. The attack is related to the way how TLS and SSL handle\nsession renegotiations. CVE-2009-3555 has been assigned to this\nvulnerability. \n\nAs a partial mitigation against this attack, this apache2 update\ndisables client-initiated renegotiations. This should fix the\nvulnerability for the majority of Apache configurations in use. \n\nNOTE: This is not a complete fix for the problem. The attack is\nstill possible in configurations where the server initiates the\nrenegotiation. This is the case for the following configurations\n(the information in the changelog of the updated packages is\nslightly inaccurate):\n\n- - The \"SSLVerifyClient\" directive is used in a Directory or Location\n context. \n- - The \"SSLCipherSuite\" directive is used in a Directory or Location\n context. \n\nAs a workaround, you may rearrange your configuration in a way that\nSSLVerifyClient and SSLCipherSuite are only used on the server or\nvirtual host level. \n\nA complete fix for the problem will require a protocol change. Further\ninformation will be included in a separate announcement about this\nissue. \n\nCVE-2009-3095: Insufficient input validation in the mod_proxy_ftp\nmodule allowed remote authenticated attackers to bypass intended access\nrestrictions and send arbitrary FTP commands to an FTP server. \n\n\nFor the stable distribution (lenny), these problems have been fixed in\nversion 2.2.9-10+lenny6. This version also includes some non-security\nbug fixes that were scheduled for inclusion in the next stable point\nrelease (Debian 5.0.4). \n\nThe oldstable distribution (etch), these problems have been fixed in\nversion 2.2.3-4+etch11. \n\nFor the testing distribution (squeeze) and the unstable distribution\n(sid), these problems will be fixed in version 2.2.14-2. \n\nThis advisory also provides updated apache2-mpm-itk packages which\nhave been recompiled against the new apache2 packages. \n\nUpdated apache2-mpm-itk packages for the armel architecture are not\nincluded yet. They will be released as soon as they become available. \n\n\nWe recommend that you upgrade your apache2 and apache2-mpm-itk packages. \n\nUpgrade instructions\n- --------------------\n\nwget url\n will fetch the file for you\ndpkg -i file.deb\n will install the referenced file. \n\nIf you are using the apt-get package manager, use the line for\nsources.list as given below:\n\napt-get update\n will update the internal database\napt-get upgrade\n will install corrected packages\n\nYou may use an automated update by adding the resources from the\nfooter to the proper configuration. \n\n\nDebian GNU/Linux 4.0 alias etch (oldstable)\n- -------------------------------------------\n\nOldstable updates are available for alpha, amd64, arm, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc. \n\nSource archives:\n\n http://security.debian.org/pool/updates/main/a/apache2/apache2_2.2.3-4+etch11.dsc\n Size/MD5 checksum: 1071 dff8f31d88ede35bb87f92743d2db202\n http://security.debian.org/pool/updates/main/a/apache2/apache2_2.2.3.orig.tar.gz\n Size/MD5 checksum: 6342475 f72ffb176e2dc7b322be16508c09f63c\n http://security.debian.org/pool/updates/main/a/apache2/apache2_2.2.3-4+etch11.diff.gz\n Size/MD5 checksum: 124890 c9b197b2a4bade4e92f3c65b88eea614\n\nArchitecture independent packages:\n\n http://security.debian.org/pool/updates/main/a/apache2/apache2-doc_2.2.3-4+etch11_all.deb\n Size/MD5 checksum: 2247064 357f2daba8360eaf00b0157326c4d258\n http://security.debian.org/pool/updates/main/a/apache2/apache2-src_2.2.3-4+etch11_all.deb\n Size/MD5 checksum: 6668542 043a6a14dc48aae5fa8101715f4ddf81\n http://security.debian.org/pool/updates/main/a/apache2/apache2_2.2.3-4+etch11_all.deb\n Size/MD5 checksum: 41626 27661a99c55641d534a5ffe4ea828c4b\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-perchild_2.2.3-4+etch11_all.deb\n Size/MD5 checksum: 275872 8ff0ac120a46e235a9253df6be09e4d5\n\nalpha architecture (DEC Alpha)\n\n http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.3-4+etch11_alpha.deb\n Size/MD5 checksum: 346016 02b337e48ef627e13d79ad3919bc380d\n http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.3-4+etch11_alpha.deb\n Size/MD5 checksum: 407682 f01d7e23f206baed1e42c60e15fe240f\n http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.3-4+etch11_alpha.deb\n Size/MD5 checksum: 1017408 1c8dccbed0a309ed0b74b83667f1d587\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.3-4+etch11_alpha.deb\n Size/MD5 checksum: 449704 b227ff8c9bceaa81488fec48b81f18f6\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.3-4+etch11_alpha.deb\n Size/MD5 checksum: 450266 766ba095925ee31c175716084f41b3cf\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.3-4+etch11_alpha.deb\n Size/MD5 checksum: 444898 3b1d9a9531c82872d36ce295d6cba581\n http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.3-4+etch11_alpha.deb\n Size/MD5 checksum: 407030 eedabbc4930b3c14012f57ec7956847b\n http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.3-01-2+etch4+b1_alpha.deb\n Size/MD5 checksum: 184920 2d152290678598aeacd32564c2ec37c2\n\namd64 architecture (AMD x86_64 (AMD64))\n\n http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.3-4+etch11_amd64.deb\n Size/MD5 checksum: 409010 15d5dda7eb1e9e8d406cd9ff4b25e60f\n http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.3-4+etch11_amd64.deb\n Size/MD5 checksum: 408330 0bf271280295146f4ded8c02335e8fc1\n http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.3-4+etch11_amd64.deb\n Size/MD5 checksum: 1000068 f92b3deafb9ce263d0d66b753231a003\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.3-4+etch11_amd64.deb\n Size/MD5 checksum: 436268 9ef6b02f0ecf9905c14114a464c86f80\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.3-4+etch11_amd64.deb\n Size/MD5 checksum: 432320 b734b0c2f1d2177a828cff7d8e34d17c\n http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.3-4+etch11_amd64.deb\n Size/MD5 checksum: 342152 ef061f914027b41b788a31758d7c4e96\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.3-4+etch11_amd64.deb\n Size/MD5 checksum: 436766 deb97a3637ae8be3e016e37c038bc470\n http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.3-01-2+etch4+b1_amd64.deb\n Size/MD5 checksum: 172802 0550f661c804ef0c0ec31e1928f5f97d\n\narm architecture (ARM)\n\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.3-4+etch11_arm.deb\n Size/MD5 checksum: 421056 b55b215aee8398e6388a73b421229db7\n http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.3-4+etch11_arm.deb\n Size/MD5 checksum: 408940 8782732ef6487ef268abf2856ec5e2c0\n http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.3-4+etch11_arm.deb\n Size/MD5 checksum: 408140 f3627e52eaf7a011a5a624ea25fa058b\n http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.3-4+etch11_arm.deb\n Size/MD5 checksum: 968448 ac1354c562e7969e47561f4cba3a859b\n http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.3-4+etch11_arm.deb\n Size/MD5 checksum: 346166 a8729d03737330075908c2b8b2f5ce0b\n http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.3-01-2+etch4+b1_arm.deb\n Size/MD5 checksum: 157634 53c277ca7e52e7e60a523183e87beec3\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.3-4+etch11_arm.deb\n Size/MD5 checksum: 421782 b17f7ce0bfd6fee4877d9bccaf82770e\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.3-4+etch11_arm.deb\n Size/MD5 checksum: 417026 03b845039bf49fba64f064acda350f43\n\nhppa architecture (HP PA RISC)\n\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.3-4+etch11_hppa.deb\n Size/MD5 checksum: 444058 16fb9ac5807fcf161321ffc8467e963d\n http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.3-01-2+etch4+b1_hppa.deb\n Size/MD5 checksum: 179532 b1f7b89ac1e830b72e30c9476b813263\n http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.3-4+etch11_hppa.deb\n Size/MD5 checksum: 352116 f34f19a1bf40a37695ac0aeb3f5b6d10\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.3-4+etch11_hppa.deb\n Size/MD5 checksum: 443324 e7106e9195fcd9f34ced7bccb009cbb7\n http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.3-4+etch11_hppa.deb\n Size/MD5 checksum: 1078948 29a60062b3f7676f768dda1d4cdb78fd\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.3-4+etch11_hppa.deb\n Size/MD5 checksum: 439968 6ff5b95ba06596c04f2fc7dc3adac7ac\n http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.3-4+etch11_hppa.deb\n Size/MD5 checksum: 410880 28ce1d24c4e152624c38330d34781636\n http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.3-4+etch11_hppa.deb\n Size/MD5 checksum: 409994 2ce21d9fc51fbbeb5e05ac7c418d7e11\n\ni386 architecture (Intel ia32)\n\n http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.3-4+etch11_i386.deb\n Size/MD5 checksum: 409776 04bafa059e90c14851f290c02fc7a29e\n http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.3-4+etch11_i386.deb\n Size/MD5 checksum: 963818 f2755fd250837dd878a24ffc8527855d\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.3-4+etch11_i386.deb\n Size/MD5 checksum: 425034 fc0b075a77853494886719b1bf4d7092\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.3-4+etch11_i386.deb\n Size/MD5 checksum: 421206 d2758678dc6dcfb2298a5e69dbd199d0\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.3-4+etch11_i386.deb\n Size/MD5 checksum: 425510 5df035120241567d62ba4154a7ade25f\n http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.3-01-2+etch4+b1_i386.deb\n Size/MD5 checksum: 161256 614f006996e6309829bf7c80bb95e3ed\n http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.3-4+etch11_i386.deb\n Size/MD5 checksum: 410518 833b5256083de5f76d83354f63916af2\n http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.3-4+etch11_i386.deb\n Size/MD5 checksum: 343876 435638e472ccb187c7713f96840cf156\n\nia64 architecture (Intel ia64)\n\n http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.3-4+etch11_ia64.deb\n Size/MD5 checksum: 407664 9929d570df08ea81c10235d8cfad8cec\n http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.3-01-2+etch4+b1_ia64.deb\n Size/MD5 checksum: 231808 505ed0109a851680126951f228f4ed40\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.3-4+etch11_ia64.deb\n Size/MD5 checksum: 491120 d1ef23e9bbd457b1c30d50234050b112\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.3-4+etch11_ia64.deb\n Size/MD5 checksum: 498202 f430c9b4231122f996799b45d68596a3\n http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.3-4+etch11_ia64.deb\n Size/MD5 checksum: 407018 f721b04b90b8b2b5ec76916488395bdd\n http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.3-4+etch11_ia64.deb\n Size/MD5 checksum: 360664 08763e41786b3c5b28cf3e27d234419d\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.3-4+etch11_ia64.deb\n Size/MD5 checksum: 497388 6ef80d442fbf5046e78b9b2a0637adb9\n http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.3-4+etch11_ia64.deb\n Size/MD5 checksum: 1204566 d1cc5f38e5683c539db6673611585b67\n\nmips architecture (MIPS (Big Endian))\n\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.3-4+etch11_mips.deb\n Size/MD5 checksum: 430112 01c3cf5fc888bff3967c95736b3caf40\n http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.3-4+etch11_mips.deb\n Size/MD5 checksum: 407674 688656128f0f46e8b35da61d731e244f\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.3-4+etch11_mips.deb\n Size/MD5 checksum: 434122 791a223b58a6a3a00fdd5517decc6ff2\n http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.3-4+etch11_mips.deb\n Size/MD5 checksum: 951736 68a93c433a24dd42b461907c2b61c6d2\n http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.3-4+etch11_mips.deb\n Size/MD5 checksum: 407022 10cf7a6fa3ad60183a80b7fddc08ed98\n http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.3-4+etch11_mips.deb\n Size/MD5 checksum: 350066 ab3498abf9ddc41f0665be9c2912beab\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.3-4+etch11_mips.deb\n Size/MD5 checksum: 434784 2d07f9376a7c7eb6229e0c5238e604fc\n http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.3-01-2+etch4+b1_mips.deb\n Size/MD5 checksum: 169932 db0ecd6b89594ecbff3bacd9d184f808\n\nmipsel architecture (MIPS (Little Endian))\n\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.3-4+etch11_mipsel.deb\n Size/MD5 checksum: 428958 3c7b9e69ccbeb0db17d437ece3717b65\n http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.3-4+etch11_mipsel.deb\n Size/MD5 checksum: 407040 61a67a76dd0acfaeb747d5ee745cb3fa\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.3-4+etch11_mipsel.deb\n Size/MD5 checksum: 433736 74adf126949edfd4b1af734b3a8255f8\n http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.3-4+etch11_mipsel.deb\n Size/MD5 checksum: 951730 3c9d5a12163e7d1c939d26829a4454f1\n http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.3-4+etch11_mipsel.deb\n Size/MD5 checksum: 407694 0297490b8b4aff5e1a4527a9c897fbee\n http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.3-4+etch11_mipsel.deb\n Size/MD5 checksum: 350302 843a3c227ba43dc4b882c96cad62a6eb\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.3-4+etch11_mipsel.deb\n Size/MD5 checksum: 434220 b18b6688a18a11d7bfa20d486c13ae64\n http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.3-01-2+etch4+b1_mipsel.deb\n Size/MD5 checksum: 168814 6eedc4fb9e8027cf6d11c427a1cc4f8c\n\npowerpc architecture (PowerPC)\n\n http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.3-4+etch11_powerpc.deb\n Size/MD5 checksum: 1061292 0a43b7054755c361229d5e14db9c3156\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.3-4+etch11_powerpc.deb\n Size/MD5 checksum: 432806 ebe9b3113da3361dabf67acd291f9d93\n http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.3-01-2+etch4+b1_powerpc.deb\n Size/MD5 checksum: 168374 ab7eb4de4a4c224a94698ebb67f627ea\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.3-4+etch11_powerpc.deb\n Size/MD5 checksum: 433416 0c53941e7e8765780e4e4a71f81a592b\n http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.3-4+etch11_powerpc.deb\n Size/MD5 checksum: 354920 0682a419e0d59ff5a2af1f322991b157\n http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.3-4+etch11_powerpc.deb\n Size/MD5 checksum: 410150 69ddc8b0b8ec235e65eabde0adbc1db7\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.3-4+etch11_powerpc.deb\n Size/MD5 checksum: 428826 f556fd9726b4c66bbe6fdc05b84d9918\n http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.3-4+etch11_powerpc.deb\n Size/MD5 checksum: 409396 d4b779470977873916bff7353829f172\n\ns390 architecture (IBM S/390)\n\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.3-4+etch11_s390.deb\n Size/MD5 checksum: 437364 0d844765789f2fcc4cf0c24e755b4c3d\n http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.3-4+etch11_s390.deb\n Size/MD5 checksum: 994710 63d476187cc9eed384ff792ce8b6f471\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.3-4+etch11_s390.deb\n Size/MD5 checksum: 443278 114375b6439d8a9cf344dd4829c7b6d2\n http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.3-4+etch11_s390.deb\n Size/MD5 checksum: 407682 e0db3031b4bb381a0f3178569d4c514a\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.3-4+etch11_s390.deb\n Size/MD5 checksum: 442268 219d9f7f67d2a53a3c3e700c68a6d682\n http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.3-4+etch11_s390.deb\n Size/MD5 checksum: 348624 ac97c9840e0cb11a1cf1e44fd1875015\n http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.3-4+etch11_s390.deb\n Size/MD5 checksum: 407026 6233c65e8860b416d7a6265ae2c2eda4\n http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.3-01-2+etch4+b1_s390.deb\n Size/MD5 checksum: 177986 634687237fd58d539bc9492415a94b77\n\nsparc architecture (Sun SPARC/UltraSPARC)\n\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.3-4+etch11_sparc.deb\n Size/MD5 checksum: 418896 96bdf44ad9d8c1d86ee3aaf383c9dcce\n http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.3-4+etch11_sparc.deb\n Size/MD5 checksum: 412078 c9aab17ccba1846ea02df78f636a28a6\n http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.3-4+etch11_sparc.deb\n Size/MD5 checksum: 342696 7dd353d553f6a495c506b22f60ff2a0d\n http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.3-01-2+etch4+b1_sparc.deb\n Size/MD5 checksum: 158054 60de9a240c905bdb6ffa0ab6c032096d\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.3-4+etch11_sparc.deb\n Size/MD5 checksum: 422966 edb7194c73d08c0bdb1eed6bd19ceb53\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.3-4+etch11_sparc.deb\n Size/MD5 checksum: 422444 ad0a85ada33d687e1fc67b0fa3c40244\n http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.3-4+etch11_sparc.deb\n Size/MD5 checksum: 960150 0dae013a3e07502409918ff649cb1375\n http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.3-4+etch11_sparc.deb\n Size/MD5 checksum: 411290 88e769a08329b6728c6fd0770d241874\n\n\nDebian GNU/Linux 5.0 alias lenny (stable)\n- -----------------------------------------\n\nStable updates are available for alpha, amd64, arm, armel, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc. \n\nSource archives:\n\n http://security.debian.org/pool/updates/main/a/apache2/apache2_2.2.9.orig.tar.gz\n Size/MD5 checksum: 6396996 80d3754fc278338033296f0d41ef2c04\n http://security.debian.org/pool/updates/main/a/apache2/apache2_2.2.9-10+lenny6.dsc\n Size/MD5 checksum: 1673 f6846ac2d9cbd7887629a9c503154310\n http://security.debian.org/pool/updates/main/a/apache2/apache2_2.2.9-10+lenny6.diff.gz\n Size/MD5 checksum: 145719 fd456ef168b7f1ca1055ffbca1df53db\n\nArchitecture independent packages:\n\n http://security.debian.org/pool/updates/main/a/apache2/apache2-doc_2.2.9-10+lenny6_all.deb\n Size/MD5 checksum: 2060318 c2499fa1040a9ace89c1a969de4db870\n http://security.debian.org/pool/updates/main/a/apache2/apache2-src_2.2.9-10+lenny6_all.deb\n Size/MD5 checksum: 6736558 e09131a305cf2e51d3c14ed7c1beaf5d\n http://security.debian.org/pool/updates/main/a/apache2/apache2_2.2.9-10+lenny6_all.deb\n Size/MD5 checksum: 45238 922ce7e9d14885bab9c9cbbfab99fbd3\n\nalpha architecture (DEC Alpha)\n\n http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.9-10+lenny6_alpha.deb\n Size/MD5 checksum: 209720 29861b61a3ae0912a7eb1ba2096b0421\n http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec-custom_2.2.9-10+lenny6_alpha.deb\n Size/MD5 checksum: 84444 af60f321516a06fc9588433ba2c1a88e\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.9-10+lenny6_alpha.deb\n Size/MD5 checksum: 256598 730d50c0f57ba7aad84e6897217bf42d\n http://security.debian.org/pool/updates/main/a/apache2/apache2-dbg_2.2.9-10+lenny6_alpha.deb\n Size/MD5 checksum: 2402082 b932e642a152e30f948437d7313d2dcf\n http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec_2.2.9-10+lenny6_alpha.deb\n Size/MD5 checksum: 82728 bb04bbeae7865acad1ae89e943702623\n http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.6-02-1+lenny2+b2_alpha.deb\n Size/MD5 checksum: 198236 61b2f1529a056145d9ea8a87c5c5e8c0\n http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.9-10+lenny6_alpha.deb\n Size/MD5 checksum: 208690 f6d15e0b6fa15a3738e9130b4044ce37\n http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.9-10+lenny6_alpha.deb\n Size/MD5 checksum: 849014 dddd323a55b010c29a8626194b71a7a1\n http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.9-10+lenny6_alpha.deb\n Size/MD5 checksum: 147844 40f11b60e0f5154680f16c1c67943101\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.9-10+lenny6_alpha.deb\n Size/MD5 checksum: 261662 7b88269d9ce2877809a0f47daa4e756d\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.9-10+lenny6_alpha.deb\n Size/MD5 checksum: 262336 eced46181f89a7f8ee636c0dce4789f7\n\namd64 architecture (AMD x86_64 (AMD64))\n\n http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.9-10+lenny6_amd64.deb\n Size/MD5 checksum: 210246 bb629f54f383bfcce66a6bf0bc1a2b6d\n http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.9-10+lenny6_amd64.deb\n Size/MD5 checksum: 825462 051201fb8baa9a7a961961dd5082929a\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.9-10+lenny6_amd64.deb\n Size/MD5 checksum: 257694 3b8c5bff06a870ccd062ce53771a43a4\n http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.9-10+lenny6_amd64.deb\n Size/MD5 checksum: 211268 5e07756440fecd3a3ee3815a6cff3ff5\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.9-10+lenny6_amd64.deb\n Size/MD5 checksum: 258424 92c5467fbef1d4da6803507b679df099\n http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec_2.2.9-10+lenny6_amd64.deb\n Size/MD5 checksum: 82532 40718aa8ebb6532404fad4b5ee2a1e09\n http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec-custom_2.2.9-10+lenny6_amd64.deb\n Size/MD5 checksum: 84140 743b1e0fd988539a7346bddbcd573767\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.9-10+lenny6_amd64.deb\n Size/MD5 checksum: 253708 bcc5c9f767c1e62913af45827f04b83f\n http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.6-02-1+lenny2+b2_amd64.deb\n Size/MD5 checksum: 195214 42f4650b895a51b853c253bbbd1e2cc0\n http://security.debian.org/pool/updates/main/a/apache2/apache2-dbg_2.2.9-10+lenny6_amd64.deb\n Size/MD5 checksum: 2455308 9b8792a5defa5193d825d31dc47b43f2\n http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.9-10+lenny6_amd64.deb\n Size/MD5 checksum: 144980 240232c2f4932579c60ecee786c0af26\n\narm architecture (ARM)\n\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.9-10+lenny6_arm.deb\n Size/MD5 checksum: 224760 9615e8207a01d2759de57b58cd885286\n http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec-custom_2.2.9-10+lenny6_arm.deb\n Size/MD5 checksum: 83230 c840cb7342a3a83e0587fd3baacce760\n http://security.debian.org/pool/updates/main/a/apache2/apache2-dbg_2.2.9-10+lenny6_arm.deb\n Size/MD5 checksum: 2327178 39819fd5f56728620aaefdbe10887c2b\n http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.9-10+lenny6_arm.deb\n Size/MD5 checksum: 147202 f7ebf064272389cf2dd7db7bfe3ff267\n http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.6-02-1+lenny2+b2_arm.deb\n Size/MD5 checksum: 161596 b7a2763998f12394ecae68df6ec73fbb\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.9-10+lenny6_arm.deb\n Size/MD5 checksum: 223898 fbd3f6bc3340643f55862e5b14947345\n http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.9-10+lenny6_arm.deb\n Size/MD5 checksum: 786918 a142a6fbee216aaa87378bdc53773eb2\n http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.9-10+lenny6_arm.deb\n Size/MD5 checksum: 209812 2e4b61b494abdd8e52b219456a82e499\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.9-10+lenny6_arm.deb\n Size/MD5 checksum: 219946 4ac3564788d25b492a833e2df463b41e\n http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec_2.2.9-10+lenny6_arm.deb\n Size/MD5 checksum: 81412 abe1efff8619aac89534c3f4d57c5356\n http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.9-10+lenny6_arm.deb\n Size/MD5 checksum: 211008 865b518f1a18de1020feb2212b137a6c\n\narmel architecture (ARM EABI)\n\n http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.9-10+lenny6_armel.deb\n Size/MD5 checksum: 212612 2b8654bdda7346a2a7804800e9a11d8e\n http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.9-10+lenny6_armel.deb\n Size/MD5 checksum: 802766 535b466511548a5264b0da3a3a348381\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.9-10+lenny6_armel.deb\n Size/MD5 checksum: 226068 8921ab3294cf45178f3b90fd51fbafc3\n http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.9-10+lenny6_armel.deb\n Size/MD5 checksum: 213694 38498cbd15341da4279e4193a4708c6c\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.9-10+lenny6_armel.deb\n Size/MD5 checksum: 226354 57f22f55c3ca485b5974e1f2a4ef1414\n http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec-custom_2.2.9-10+lenny6_armel.deb\n Size/MD5 checksum: 83934 6a6a2de840f638874d8ae05611f142b9\n http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec_2.2.9-10+lenny6_armel.deb\n Size/MD5 checksum: 82284 b225eb7806650013baccae619ad08f2b\n http://security.debian.org/pool/updates/main/a/apache2/apache2-dbg_2.2.9-10+lenny6_armel.deb\n Size/MD5 checksum: 2340926 83bb45aa97542f6f796780c8a2d24c8b\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.9-10+lenny6_armel.deb\n Size/MD5 checksum: 221894 872e3f1df2080a84cca36f48e6c8e575\n http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.9-10+lenny6_armel.deb\n Size/MD5 checksum: 151226 3172e8ba667991da2881ea6a7b2781cc\n\nhppa architecture (HP PA RISC)\n\n http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec-custom_2.2.9-10+lenny6_hppa.deb\n Size/MD5 checksum: 84022 f603a1c369bbc7d05efe1ad99325e020\n http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.9-10+lenny6_hppa.deb\n Size/MD5 checksum: 153048 0568fcb47c9cad398c7fd7abe2276828\n http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec_2.2.9-10+lenny6_hppa.deb\n Size/MD5 checksum: 82214 f27d31e710ba6640471c47a6fc240aad\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.9-10+lenny6_hppa.deb\n Size/MD5 checksum: 246406 f18257777ba62d65ceb3aa4842415c74\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.9-10+lenny6_hppa.deb\n Size/MD5 checksum: 241578 e71e710d7889e79b85e4c20b539a4d26\n http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.9-10+lenny6_hppa.deb\n Size/MD5 checksum: 211730 a9913999aac5559db1e75835d87a2efd\n http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.9-10+lenny6_hppa.deb\n Size/MD5 checksum: 896810 e8e2d9459750e5d9be76c00923a25696\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.9-10+lenny6_hppa.deb\n Size/MD5 checksum: 245816 6a876fb502903c7bfcb5a4b8dad71a7a\n http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.9-10+lenny6_hppa.deb\n Size/MD5 checksum: 213028 f072f0ca44edc122c1b3e1da847f1c8c\n http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.6-02-1+lenny2+b2_hppa.deb\n Size/MD5 checksum: 183316 41a32b0fd061c4f2afbd740af5e8325a\n http://security.debian.org/pool/updates/main/a/apache2/apache2-dbg_2.2.9-10+lenny6_hppa.deb\n Size/MD5 checksum: 2385020 366e6e9bd1dec0ba6a784813785f13d3\n\ni386 architecture (Intel ia32)\n\n http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec_2.2.9-10+lenny6_i386.deb\n Size/MD5 checksum: 82366 ab10d1ab26c914777c5296fe9ccfe027\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.9-10+lenny6_i386.deb\n Size/MD5 checksum: 241326 2ee9101bf92fcac69249094b3ca11e2a\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.9-10+lenny6_i386.deb\n Size/MD5 checksum: 240776 43a654cf0439fc97997a57baec5e2995\n http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec-custom_2.2.9-10+lenny6_i386.deb\n Size/MD5 checksum: 84104 f73a1bff0a8a4426e63803c4e5c67c60\n http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.9-10+lenny6_i386.deb\n Size/MD5 checksum: 783440 053ba7ef4fbb56547200c32c35ac8a0e\n http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.9-10+lenny6_i386.deb\n Size/MD5 checksum: 143414 c20c10a3eadac1c494a5750888875800\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.9-10+lenny6_i386.deb\n Size/MD5 checksum: 237396 06841f14531fab0adb92177af849c8be\n http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.9-10+lenny6_i386.deb\n Size/MD5 checksum: 211420 69c67bd0052c70322924b901ba5f5428\n http://security.debian.org/pool/updates/main/a/apache2/apache2-dbg_2.2.9-10+lenny6_i386.deb\n Size/MD5 checksum: 2324892 87c51cc1fb8ae2532adcfa601a7b5af4\n http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.9-10+lenny6_i386.deb\n Size/MD5 checksum: 212726 11b86a68880fa98a130e449dec0fbbcc\n http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.6-02-1+lenny2+b2_i386.deb\n Size/MD5 checksum: 179396 4ae5716372fe19991b0d8a4cc751d45f\n\nia64 architecture (Intel ia64)\n\n http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.9-10+lenny6_ia64.deb\n Size/MD5 checksum: 162732 0a9a153e3703f9dbd33e325d67373bce\n http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.6-02-1+lenny2+b2_ia64.deb\n Size/MD5 checksum: 247068 39445ee73d2076bfa589a5840a3d6024\n http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.9-10+lenny6_ia64.deb\n Size/MD5 checksum: 1036624 80b366704dc888c2bea8d84c316faf33\n http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.9-10+lenny6_ia64.deb\n Size/MD5 checksum: 208668 c2b06d3c767fa737fbf5e1c3d50d001c\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.9-10+lenny6_ia64.deb\n Size/MD5 checksum: 311692 77ff8879c2853c4b33903299ec3120c8\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.9-10+lenny6_ia64.deb\n Size/MD5 checksum: 312616 1c20b667ebbd43b0ee1b01cd1cdd991d\n http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec_2.2.9-10+lenny6_ia64.deb\n Size/MD5 checksum: 83920 a383c7aef1758f963c019793af7b5f92\n http://security.debian.org/pool/updates/main/a/apache2/apache2-dbg_2.2.9-10+lenny6_ia64.deb\n Size/MD5 checksum: 2317952 803f0b941814cbbc49f4e37bc3b9ca95\n http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.9-10+lenny6_ia64.deb\n Size/MD5 checksum: 209700 59ab45d2c7c2168a941ff2fc842268e1\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.9-10+lenny6_ia64.deb\n Size/MD5 checksum: 304670 067ece69f8b9518f9b18cd948c4df971\n http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec-custom_2.2.9-10+lenny6_ia64.deb\n Size/MD5 checksum: 85802 9294d252435e8026d6135bf8efdfaf46\n\nmips architecture (MIPS (Big Endian))\n\n http://security.debian.org/pool/updates/main/a/apache2/apache2-dbg_2.2.9-10+lenny6_mips.deb\n Size/MD5 checksum: 2465158 a36366e07810785cd1f2dc3b020d3486\n http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.9-10+lenny6_mips.deb\n Size/MD5 checksum: 780460 a5daeb91029f3b027a810ee22456ebd3\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.9-10+lenny6_mips.deb\n Size/MD5 checksum: 233408 ec9001ee4c996d0b14a9e67d9ce380ec\n http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec_2.2.9-10+lenny6_mips.deb\n Size/MD5 checksum: 82082 1fc55f0526e3bf90c2156364055a1627\n http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.6-02-1+lenny2+b2_mips.deb\n Size/MD5 checksum: 171444 789208a77578e49ebca9be904c99aff3\n http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec-custom_2.2.9-10+lenny6_mips.deb\n Size/MD5 checksum: 83688 8612d0c31dee19c557723b08354c20d7\n http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.9-10+lenny6_mips.deb\n Size/MD5 checksum: 149712 ac8ddf3ab4a3b0fb255adbc588e57305\n http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.9-10+lenny6_mips.deb\n Size/MD5 checksum: 209718 8af3815f7794f4e60d72ba52d3bd19c4\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.9-10+lenny6_mips.deb\n Size/MD5 checksum: 229494 c2ef345862009f2a2b979205fec22567\n http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.9-10+lenny6_mips.deb\n Size/MD5 checksum: 208698 246c0001aaa98be577f6c5f004330285\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.9-10+lenny6_mips.deb\n Size/MD5 checksum: 233980 ce7b3760443a98b0ddc0607a7a9842bf\n\nmipsel architecture (MIPS (Little Endian))\n\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.9-10+lenny6_mipsel.deb\n Size/MD5 checksum: 228110 e45b1c3294102e26eee671b860f4aabc\n http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.9-10+lenny6_mipsel.deb\n Size/MD5 checksum: 208710 1403636fff03ab43353cdffdef62ffd7\n http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec-custom_2.2.9-10+lenny6_mipsel.deb\n Size/MD5 checksum: 83708 9b1c257025920f6dd0a7a2b231c97141\n http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.9-10+lenny6_mipsel.deb\n Size/MD5 checksum: 209740 546504d6f0a2a449e9bcd618f4700ce5\n http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec_2.2.9-10+lenny6_mipsel.deb\n Size/MD5 checksum: 82128 31209b35ecb423f2d88347df6c08eddb\n http://security.debian.org/pool/updates/main/a/apache2/apache2-dbg_2.2.9-10+lenny6_mipsel.deb\n Size/MD5 checksum: 2420074 b57ff2a01ee7f29d0dcba4214dc7fc21\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.9-10+lenny6_mipsel.deb\n Size/MD5 checksum: 232140 3dfff4c54077cb221e19533f19538834\n http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.9-10+lenny6_mipsel.deb\n Size/MD5 checksum: 778974 d9d0084ea48aaa56d2f99c632711d084\n http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.6-02-1+lenny2+b2_mipsel.deb\n Size/MD5 checksum: 169470 f04a239ba4f1d6ae4ff8ce0960f784fd\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.9-10+lenny6_mipsel.deb\n Size/MD5 checksum: 232796 8ced513dc28d7165fd76076803b98188\n http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.9-10+lenny6_mipsel.deb\n Size/MD5 checksum: 150024 c2a66c2c63eeb66df98b136cceadc780\n\npowerpc architecture (PowerPC)\n\n http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec-custom_2.2.9-10+lenny6_powerpc.deb\n Size/MD5 checksum: 84570 b43f074242385089dda2aae2e9ae1595\n http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.9-10+lenny6_powerpc.deb\n Size/MD5 checksum: 915976 723f3349b829894595b913099f06ecc2\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.9-10+lenny6_powerpc.deb\n Size/MD5 checksum: 257408 c4bab781417526a0dfdb2240ab2fef07\n http://security.debian.org/pool/updates/main/a/apache2/apache2-dbg_2.2.9-10+lenny6_powerpc.deb\n Size/MD5 checksum: 2495210 6fb817120bcb095006fd09d2318f28ee\n http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.6-02-1+lenny2+b2_powerpc.deb\n Size/MD5 checksum: 195192 6b4d950e48c6cdfd00d403e42b719b40\n http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.9-10+lenny6_powerpc.deb\n Size/MD5 checksum: 208684 ece82cc979cff6832d51a6caf51f38b5\n http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec_2.2.9-10+lenny6_powerpc.deb\n Size/MD5 checksum: 82908 c54a24103b503b5de1b27993ee33610f\n http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.9-10+lenny6_powerpc.deb\n Size/MD5 checksum: 160960 361e2bae65d5f1303073d8e4d88ccdb7\n http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.9-10+lenny6_powerpc.deb\n Size/MD5 checksum: 209714 81fbc6671b2d4137dc52232e9d572ea9\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.9-10+lenny6_powerpc.deb\n Size/MD5 checksum: 258234 6dbd57dc907e93b5e9dcd3058e99b30f\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.9-10+lenny6_powerpc.deb\n Size/MD5 checksum: 253294 696e2e9219d6e029c0c6f024045a4d5f\n\ns390 architecture (IBM S/390)\n\n http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec_2.2.9-10+lenny6_s390.deb\n Size/MD5 checksum: 82544 4e332ccedffd13b1e7b866fe71cf8a9b\n http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.6-02-1+lenny2+b2_s390.deb\n Size/MD5 checksum: 197642 e32a924a47b90452356956e3fe39d34e\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.9-10+lenny6_s390.deb\n Size/MD5 checksum: 255970 197eea5c422ecf37ec592bf9612c3b2f\n http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.9-10+lenny6_s390.deb\n Size/MD5 checksum: 208694 33dddaec24eb4475411eb55abb5d5e71\n http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.9-10+lenny6_s390.deb\n Size/MD5 checksum: 150912 2aa00b2fb3b84a536030f5b5635115bc\n http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.9-10+lenny6_s390.deb\n Size/MD5 checksum: 209726 cf54089c8a33087820f8c9359e461625\n http://security.debian.org/pool/updates/main/a/apache2/apache2-dbg_2.2.9-10+lenny6_s390.deb\n Size/MD5 checksum: 2409108 1b6e40f5d2772a0a1f26424f4b470136\n http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.9-10+lenny6_s390.deb\n Size/MD5 checksum: 824586 ff52926d953f8b5cbde82ac31176dedb\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.9-10+lenny6_s390.deb\n Size/MD5 checksum: 259924 655aca8f56383ebd106ded50d8f557ea\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.9-10+lenny6_s390.deb\n Size/MD5 checksum: 260610 12751082d3f1466735d1b3d395d63690\n http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec-custom_2.2.9-10+lenny6_s390.deb\n Size/MD5 checksum: 84310 9aa451ccb1513c05f4ccc0319124181e\n\nsparc architecture (Sun SPARC/UltraSPARC)\n\n http://security.debian.org/pool/updates/main/a/apache2/apache2-dbg_2.2.9-10+lenny6_sparc.deb\n Size/MD5 checksum: 2231018 fcdbb08c45ff474592590fac0aa78dac\n http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec-custom_2.2.9-10+lenny6_sparc.deb\n Size/MD5 checksum: 84568 6dcf4195e216a22ef2919806d55d5098\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.9-10+lenny6_sparc.deb\n Size/MD5 checksum: 237224 9bf96cc5f932643b1c55c6a9fa238af1\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.9-10+lenny6_sparc.deb\n Size/MD5 checksum: 241474 ed8557af547d9d55a075fca5cf88488d\n http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec_2.2.9-10+lenny6_sparc.deb\n Size/MD5 checksum: 82888 bde0baf83e2e972b398be6a500f77125\n http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.6-02-1+lenny2+b2_sparc.deb\n Size/MD5 checksum: 177562 09cbb49296407c83ef1575b003dfb129\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.9-10+lenny6_sparc.deb\n Size/MD5 checksum: 241014 2c10b920cdfec918af3eb148e29fca0f\n http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.9-10+lenny6_sparc.deb\n Size/MD5 checksum: 212798 28edff7612bb824fc20d88c29b8b7e1f\n http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.9-10+lenny6_sparc.deb\n Size/MD5 checksum: 781748 63e7003956d73b1a04e544c00eaa7728\n http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.9-10+lenny6_sparc.deb\n Size/MD5 checksum: 213976 b7e758d0a2e6574944d27e2d6e40f60c\n http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.9-10+lenny6_sparc.deb\n Size/MD5 checksum: 146596 c37cea33bed94a68326b511a66bf050e\n\n\n These files will probably be moved into the stable distribution on\n its next update. \nPatch kit installation instructions are provided in the file SSRT090244 Apache CVE-2009-3094, CVE-2009-3095.txt . \nThe patch kits and installation instructions are available from the following location using ftp:\n\n Host Account Password\n ftp.usa.hp.com ewt01 Welcome1\n\nCSWS version 2.1-1 patch kits are available for both ALPHA and ITANIUM platforms. \n\nItanium Images\n mod_proxy.exe_ia64\n mod_proxy_ftp.exe_ia64\n\nAlpha Images\n mod_proxy.exe_axp\n mod_proxy_ftp.exe_axp\n\nThe patch images will be provided in the next regularly scheduled update of CSWS 2.1-1. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\nSUPPORT COMMUNICATION - SECURITY BULLETIN\n\nDocument ID: c02160663\nVersion: 1\n\nHPSBUX02531 SSRT100108 rev.1 - HP-UX Running Apache-based Web Server, Remote Denial of Service (DoS), Unauthorized Access\n\nNOTICE: The information in this Security Bulletin should be acted upon as soon as possible. \n\nRelease Date: 2010-06-02\nLast Updated: 2010-06-02\n\n- -----------------------------------------------------------------------------\n\nPotential Security Impact: Remote Denial of Service (DoS), unauthorized access\n\nSource: Hewlett-Packard Company, HP Software Security Response Team\n\nVULNERABILITY SUMMARY\nPotential security vulnerabilities have been identified with HP-UX running Apache-based Web Server. The vulnerabilities could be exploited remotely to cause a Denial of Service (DoS) or unauthorized access. Apache-based Web Server is contained in the Apache Web Server Suite. \n\nReferences: CVE-2009-3094, CVE-2009-3095, CVE-2010-0408, CVE-2010-0740, CVE-2010-0433, CVE-2010-0434\n\nSUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. \nHP-UX B.11.23, B.11.31 running Apache-based Web Server versions before v2.2.8.09\nHP-UX B.11.11, B.11.23, B.11.31 running Apache-based Web Server versions before v2.0.59.15\n\nBACKGROUND\n\nCVSS 2.0 Base Metrics\n===========================================================\n Reference Base Vector Base Score\nCVE-2009-3094 (AV:N/AC:H/Au:N/C:N/I:N/A:C) 5.4\nCVE-2009-3095 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5\nCVE-2010-0408 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0\nCVE-2010-0740 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0\nCVE-2010-0433 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3\nCVE-2010-0434 (AV:N/AC:M/Au:N/C:P/I:N/A:N) 4.3\n===========================================================\n Information on CVSS is documented\n in HP Customer Notice: HPSN-2008-002\n\nNote: CVE-2009-3094, CVE-2009-3095 and 2010-0740 affect only HP-UX Web Server Suite v2.30;\nCVE-2010-0408, CVE-2010-0433 and CVE-2010-0434 affect only HP-UX Web Server Suite v3.09. \n\nRESOLUTION\n\nHP has provided the following upgrades to resolve these vulnerabilities. \nThe upgrades are available from the following location:\n\nURL http://software.hp.com\n\nNote: HP-UX Web Server Suite v3.09 contains HP-UX Apache-based Web Server v2.2.8.09\nNote: HP-UX Web Server Suite v2.30 contains HP-UX Apache-based Web Server v2.0.59.15\n\nWeb Server Suite Version / HP-UX Release / Depot name\n\nWeb Server v3.09 / B.11.23 and B.11.31 PA-32 / HPUXWS22ATW-B309-32.depot\n\nWeb Server v3.09 / B.11.23 and B.11.31 IA-64 / HPUXWS22ATW-B309-64.depot\n\nWeb Server v2.30 / B.11.11 PA-32 / HPUXWSATW-B230-1111.depot\n\nWeb Server v2.30 / B.11.23 PA-32 / HPUXWSATW-B230-32.depot\n\nWeb Server v2.30 / B.11.23 IA-64 / HPUXWSATW-B230-64.depot\n\nWeb Server v2.30 / B.11.31 IA-32 / HPUXWSATW-B230-32-1131.depot\n\nWeb Server v2.30 / B.11.31 IA-64 / HPUXWSATW-B230-64-1131.depot\n\nMANUAL ACTIONS: Yes - Update\n\nInstall Apache-based Web Server from the Apache Web Server Suite v2.30 or subsequent\nor\nInstall Apache-based Web Server from the Apache Web Server Suite v3.09 or subsequent\n\nPRODUCT SPECIFIC INFORMATION\n\nHP-UX Software Assistant: HP-UX Software Assistant is an enhanced application that replaces HP-UX Security Patch Check. It analyzes all Security Bulletins issued by HP and lists recommended actions that may apply to a specific HP-UX system. It can also download patches and create a depot automatically. For more information see: https://www.hp.com/go/swa\n\nThe following text is for use by the HP-UX Software Assistant. \n\nAFFECTED VERSIONS\n\nFor Web Server Suite before v3.09\nHP-UX B.11.23\n==================\nhpuxws22APACHE.APACHE\nhpuxws22APACHE.APACHE2\nhpuxws22APACHE.AUTH_LDAP\nhpuxws22APACHE.AUTH_LDAP2\nhpuxws22APACHE.MOD_JK\nhpuxws22APACHE.MOD_JK2\nhpuxws22APACHE.MOD_PERL\nhpuxws22APACHE.MOD_PERL2\nhpuxws22APACHE.PHP\nhpuxws22APACHE.PHP2\naction: install revision B.2.2.8.09 or subsequent\n\nHP-UX B.11.31\n==================\nhpuxws22APCH32.APACHE\nhpuxws22APCH32.APACHE2\nhpuxws22APCH32.AUTH_LDAP\nhpuxws22APCH32.AUTH_LDAP2\nhpuxws22APCH32.MOD_JK\nhpuxws22APCH32.MOD_JK2\nhpuxws22APCH32.MOD_PERL\nhpuxws22APCH32.MOD_PERL2\nhpuxws22APCH32.PHP\nhpuxws22APCH32.PHP2\nhpuxws22APCH32.WEBPROXY\nhpuxws22APCH32.WEBPROXY2\naction: install revision B.2.2.8.09 or subsequent\n\nFor Web Server Suite before v2.30\nHP-UX B.11.11\n==================\nhpuxwsAPACHE.APACHE\nhpuxwsAPACHE.APACHE2\nhpuxwsAPACHE.AUTH_LDAP\nhpuxwsAPACHE.AUTH_LDAP2\nhpuxwsAPACHE.MOD_JK\nhpuxwsAPACHE.MOD_JK2\nhpuxwsAPACHE.MOD_PERL\nhpuxwsAPACHE.MOD_PERL2\nhpuxwsAPACHE.PHP\nhpuxwsAPACHE.PHP2\nhpuxwsAPACHE.WEBPROXY\naction: install revision B.2.0.59.15 or subsequent\n\nHP-UX B.11.23\n==================\nhpuxwsAPCH32.APACHE\nhpuxwsAPCH32.APACHE2\nhpuxwsAPCH32.AUTH_LDAP\nhpuxwsAPCH32.AUTH_LDAP2\nhpuxwsAPCH32.MOD_JK\nhpuxwsAPCH32.MOD_JK2\nhpuxwsAPCH32.MOD_PERL\nhpuxwsAPCH32.MOD_PERL2\nhpuxwsAPCH32.PHP\nhpuxwsAPCH32.PHP2\nhpuxwsAPCH32.WEBPROXY\naction: install revision B.2.0.59.15 or subsequent\n\nHP-UX B.11.31\n==================\nhpuxwsAPACHE.APACHE\nhpuxwsAPACHE.APACHE2\nhpuxwsAPACHE.AUTH_LDAP\nhpuxwsAPACHE.AUTH_LDAP2\nhpuxwsAPACHE.MOD_JK\nhpuxwsAPACHE.MOD_JK2\nhpuxwsAPACHE.MOD_PERL\nhpuxwsAPACHE.MOD_PERL2\nhpuxwsAPACHE.PHP\nhpuxwsAPACHE.PHP2\nhpuxwsAPACHE.WEBPROXY\naction: install revision B.2.0.59.15 or subsequent\n\nEND AFFECTED VERSIONS\n\nHISTORY\nVersion:1 (rev.1) 2 June 2010 Initial release\nThird Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer\u0027s patch management policy. \n\nSupport: For further information, contact normal HP Services support channel. \n\nReport: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com\nIt is strongly recommended that security related information being communicated to HP be encrypted using PGP, especially exploit information. \nTo get the security-alert PGP key, please send an e-mail message as follows:\n To: security-alert@hp.com\n Subject: get key\nSubscribe: To initiate a subscription to receive future HP Security Bulletins via Email:\nhttp://h30046.www3.hp.com/driverAlertProfile.php?regioncode=NA\u0026langcode=USENG\u0026jumpid=in_SC-GEN__driverITRC\u0026topiccode=ITRC\nOn the web page: ITRC security bulletins and patch sign-up\nUnder Step1: your ITRC security bulletins and patches\n -check ALL categories for which alerts are required and continue. \nUnder Step2: your ITRC operating systems\n -verify your operating system selections are checked and save. \n\nTo update an existing subscription: http://h30046.www3.hp.com/subSignIn.php\nLog in on the web page: Subscriber\u0027s choice for Business: sign-in. \nOn the web page: Subscriber\u0027s Choice: your profile summary - use Edit Profile to update appropriate sections. \n\nTo review previously published Security Bulletins visit: http://www.itrc.hp.com/service/cki/secBullArchive.do\n\n* The Software Product Category that this Security Bulletin\nrelates to is represented by the 5th and 6th characters\nof the Bulletin number in the title:\n\nGN = HP General SW\nMA = HP Management Agents\nMI = Misc. 3rd Party SW\nMP = HP MPE/iX\nNS = HP NonStop Servers\nOV = HP OpenVMS\nPI = HP Printing \u0026 Imaging\nST = HP Storage SW\nTL = HP Trusted Linux\nTU = HP Tru64 UNIX\nUX = HP-UX\nVV = HP VirtualVault\n\nSystem management and security procedures must be reviewed frequently to maintain system integrity. HP is continually reviewing and enhancing the security features of software products to provide customers with current secure solutions. \n\n\"HP is broadly distributing this Security Bulletin in order to bring to the attention of users of the affected HP products the important security information contained in this Bulletin. HP recommends that all users determine the applicability of this information to their individual situations and take appropriate action. HP does not warrant that this information is necessarily accurate or complete for all user situations and, consequently, HP will not be responsible for any damages resulting from user\u0027s use or disregard of the information provided in this Bulletin. To the extent permitted by law, HP disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose, title and non-infringement.\"\n\nCopyright 2009 Hewlett-Packard Development Company, L.P. \nHewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided \"as is\" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits;damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.10 (GNU/Linux)\n\niEYEARECAAYFAkwG2+IACgkQ4B86/C0qfVm3LACfZ2twc1MNibwpLscDC7giyJJv\nnksAnR0xfycsdI9Z5RyDC/o+Dnt4Q100\n=/Gfl\n-----END PGP SIGNATURE-----\n. \n\nBAC v8.07 supplies Apache 2.2.17. For other issues about the content of this Security Bulletin, send e-mail to security-alert@hp.com",
"sources": [
{
"db": "NVD",
"id": "CVE-2009-3094"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-002187"
},
{
"db": "BID",
"id": "36260"
},
{
"db": "VULMON",
"id": "CVE-2009-3094"
},
{
"db": "PACKETSTORM",
"id": "82799"
},
{
"db": "PACKETSTORM",
"id": "83521"
},
{
"db": "PACKETSTORM",
"id": "82647"
},
{
"db": "PACKETSTORM",
"id": "81540"
},
{
"db": "PACKETSTORM",
"id": "87839"
},
{
"db": "PACKETSTORM",
"id": "90263"
},
{
"db": "PACKETSTORM",
"id": "111587"
}
],
"trust": 2.61
},
"external_ids": {
"_id": null,
"data": [
{
"db": "NVD",
"id": "CVE-2009-3094",
"trust": 3.5
},
{
"db": "SECUNIA",
"id": "36549",
"trust": 2.5
},
{
"db": "SECUNIA",
"id": "37152",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2010-0609",
"trust": 1.7
},
{
"db": "BID",
"id": "36260",
"trust": 1.1
},
{
"db": "VUPEN",
"id": "ADV-2009-2550",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2009-002187",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-200909-107",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2009-3094",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "82799",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "83521",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "82647",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "81540",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "87839",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "90263",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "111587",
"trust": 0.1
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2009-3094"
},
{
"db": "BID",
"id": "36260"
},
{
"db": "PACKETSTORM",
"id": "82799"
},
{
"db": "PACKETSTORM",
"id": "83521"
},
{
"db": "PACKETSTORM",
"id": "82647"
},
{
"db": "PACKETSTORM",
"id": "81540"
},
{
"db": "PACKETSTORM",
"id": "87839"
},
{
"db": "PACKETSTORM",
"id": "90263"
},
{
"db": "PACKETSTORM",
"id": "111587"
},
{
"db": "CNNVD",
"id": "CNNVD-200909-107"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-002187"
},
{
"db": "NVD",
"id": "CVE-2009-3094"
}
]
},
"id": "VAR-200909-0801",
"iot": {
"_id": null,
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.17203079500000001
},
"last_update_date": "2026-04-10T23:16:40.099000Z",
"patch": {
"_id": null,
"data": [
{
"title": "Fixed in Apache httpd 2.0.64",
"trust": 0.8,
"url": "http://httpd.apache.org/security/vulnerabilities_20.html#2.0.64"
},
{
"title": "Fixed in Apache httpd 2.2.14",
"trust": 0.8,
"url": "http://httpd.apache.org/security/vulnerabilities_22.html"
},
{
"title": "httpd-2.2.3-31.2.1AXS3",
"trust": 0.8,
"url": "https://tsn.miraclelinux.com/tsn_local/index.php?m=errata\u0026a=detail\u0026eid=774"
},
{
"title": "HPUXWSATW313",
"trust": 0.8,
"url": "https://h20392.www2.hp.com/portal/swdepot/displayProductInfo.do?productNumber=HPUXWSATW313"
},
{
"title": "HPSBUX02531",
"trust": 0.8,
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en\u0026cc=us\u0026objectID=c02160663"
},
{
"title": "PM10658",
"trust": 0.8,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PM10658"
},
{
"title": "7014463",
"trust": 0.8,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg27014463#7009"
},
{
"title": "7007033",
"trust": 0.8,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg27007033#60239"
},
{
"title": "7006876",
"trust": 0.8,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg27006876#60239"
},
{
"title": "7007951",
"trust": 0.8,
"url": "http://www-01.ibm.com/support/docview.wss?rs=180\u0026uid=swg27007951#61029"
},
{
"title": "PK96858",
"trust": 0.8,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PK96858\u0026loc=en_US"
},
{
"title": "7008517",
"trust": 0.8,
"url": "http://www-01.ibm.com/support/docview.wss?rs=177\u0026uid=swg27008517#61029"
},
{
"title": "1819",
"trust": 0.8,
"url": "http://www.miraclelinux.com/support/index.php?q=node/99\u0026errata_id=1819"
},
{
"title": "1820",
"trust": 0.8,
"url": "http://www.miraclelinux.com/support/index.php?q=node/99\u0026errata_id=1820"
},
{
"title": "RHSA-2009:1579",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/RHSA-2009-1579.html"
},
{
"title": "RHSA-2009:1580",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/RHSA-2009-1580.html"
},
{
"title": "multiple_vulnerabilities_in_the_apache",
"trust": 0.8,
"url": "http://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_the_apache"
},
{
"title": "TLSA-2009-30",
"trust": 0.8,
"url": "http://www.turbolinux.co.jp/security/2009/TLSA-2009-30j.txt"
},
{
"title": "RHSA-2009:1579",
"trust": 0.8,
"url": "https://www.jp.redhat.com/support/errata/RHSA/RHSA-2009-1579J.html"
},
{
"title": "RHSA-2009:1580",
"trust": 0.8,
"url": "https://www.jp.redhat.com/support/errata/RHSA/RHSA-2009-1580J.html"
},
{
"title": "interstage_as_201007",
"trust": 0.8,
"url": "http://software.fujitsu.com/jp/security/products-fujitsu/solution/interstage_as_201007.html"
},
{
"title": "Red Hat: Moderate: httpd and httpd22 security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20100011 - Security Advisory"
},
{
"title": "Debian CVElist Bug Report Logs: CVE-2009-3094, CVE-2009-3095: mod_proxy_ftp DoS",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs\u0026qid=a36c9e7334a243cf3d9e15331467e21c"
},
{
"title": "Ubuntu Security Notice: apache2 vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-860-1"
},
{
"title": "Debian Security Advisories: DSA-1934-1 apache2 -- multiple issues",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=a5a134c3483f034e2df5ced5ad7428ec"
},
{
"title": "Symantec Security Advisories: SA61 : Director multiple Apache vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=symantec_security_advisories\u0026qid=508649a9a651b4fb32a5cc0f1310d652"
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/Live-Hack-CVE/CVE-2009-3094 "
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2009-3094"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-002187"
}
]
},
"problemtype_data": {
"_id": null,
"data": [
{
"problemtype": "CWE-476",
"trust": 1.0
},
{
"problemtype": "CWE-119",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2009-002187"
},
{
"db": "NVD",
"id": "CVE-2009-3094"
}
]
},
"references": {
"_id": null,
"data": [
{
"trust": 2.5,
"url": "http://secunia.com/advisories/36549"
},
{
"trust": 2.0,
"url": "http://www.intevydis.com/blog/?p=59"
},
{
"trust": 2.0,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1pk96858"
},
{
"trust": 2.0,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1pm09161"
},
{
"trust": 1.7,
"url": "http://intevydis.com/vd-list.shtml"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/37152"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-10/msg00006.html"
},
{
"trust": 1.7,
"url": "http://www.debian.org/security/2009/dsa-1934"
},
{
"trust": 1.7,
"url": "http://wiki.rpath.com/advisories:rpsa-2009-0155"
},
{
"trust": 1.7,
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-december/msg00944.html"
},
{
"trust": 1.7,
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=521619"
},
{
"trust": 1.7,
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-december/msg00645.html"
},
{
"trust": 1.7,
"url": "http://www.vupen.com/english/advisories/2010/0609"
},
{
"trust": 1.7,
"url": "http://marc.info/?l=bugtraq\u0026m=126998684522511\u0026w=2"
},
{
"trust": 1.7,
"url": "http://marc.info/?l=bugtraq\u0026m=133355494609819\u0026w=2"
},
{
"trust": 1.7,
"url": "http://marc.info/?l=bugtraq\u0026m=127557640302499\u0026w=2"
},
{
"trust": 1.7,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a8087"
},
{
"trust": 1.7,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a10981"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/archive/1/508075/100/0/threaded"
},
{
"trust": 1.0,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-3094"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/r2295080a257bad27ea68ca0af12fc715577f9e84801eae116a33107e%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/rad2acee3ab838b52c04a0698b1728a9a43467bf365bd481c993c535d%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/r5f9c22f9c28adbd9f00556059edc7b03a5d5bb71d4bb80257c0d34e4%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/rad01d817195e6cc871cb1d73b207ca326379a20a6e7f30febaf56d24%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/reb7c64aeea604bf948467d9d1cab8ff23fa7d002be1964bcc275aae7%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/rb9c9f42dafa25d2f669dac2a536a03f2575bc5ec1be6f480618aee10%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2009-3094"
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/36260"
},
{
"trust": 0.8,
"url": "http://www.vupen.com/english/advisories/2009/2550"
},
{
"trust": 0.7,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3095"
},
{
"trust": 0.7,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3094"
},
{
"trust": 0.6,
"url": "http://blogs.sun.com/security/entry/multiple_vulnerabilities_in_the_apache"
},
{
"trust": 0.6,
"url": "httpd.apache.org%3e"
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/rb9c9f42dafa25d2f669dac2a536a03f2575bc5ec1be6f480618aee10@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/r5f9c22f9c28adbd9f00556059edc7b03a5d5bb71d4bb80257c0d34e4@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/rad01d817195e6cc871cb1d73b207ca326379a20a6e7f30febaf56d24@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/r2295080a257bad27ea68ca0af12fc715577f9e84801eae116a33107e@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/reb7c64aeea604bf948467d9d1cab8ff23fa7d002be1964bcc275aae7@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/rad2acee3ab838b52c04a0698b1728a9a43467bf365bd481c993c535d@%3ccvs."
},
{
"trust": 0.3,
"url": "http://httpd.apache.org/"
},
{
"trust": 0.3,
"url": "http://httpd.apache.org/docs/2.0/mod/mod_proxy_ftp.html"
},
{
"trust": 0.3,
"url": "http://www.apache.org/dist/httpd/changes_2.2.14"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1pk96157"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1pm10658"
},
{
"trust": 0.3,
"url": "http://intevydis.com/company.shtml"
},
{
"trust": 0.3,
"url": "http://support.avaya.com/css/p8/documents/100074555"
},
{
"trust": 0.3,
"url": "http://h20000.www2.hp.com/bizsupport/techsupport/document.jsp?objectid=c03236227"
},
{
"trust": 0.3,
"url": "http://www11.itrc.hp.com/service/cki/docdisplay.do?docid=emr_na-c02002308"
},
{
"trust": 0.3,
"url": "https://kb.bluecoat.com/index?page=content\u0026id=sa61\u0026actp=list"
},
{
"trust": 0.3,
"url": "http://www.fujitsu.com/global/support/software/security/products-f/interstage-201007e.html"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3555"
},
{
"trust": 0.2,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-3095"
},
{
"trust": 0.2,
"url": "http://www.mandriva.com/security/"
},
{
"trust": 0.2,
"url": "http://www.mandriva.com/security/advisories"
},
{
"trust": 0.2,
"url": "http://www.itrc.hp.com/service/cki/secbullarchive.do"
},
{
"trust": 0.2,
"url": "http://h30046.www3.hp.com/driveralertprofile.php?regioncode=na\u0026langcode=useng\u0026jumpid=in_sc-gen__driveritrc\u0026topiccode=itrc"
},
{
"trust": 0.2,
"url": "http://h30046.www3.hp.com/subsignin.php"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/476.html"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/reb7c64aeea604bf948467d9d1cab8ff23fa7d002be1964bcc275aae7@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/r5f9c22f9c28adbd9f00556059edc7b03a5d5bb71d4bb80257c0d34e4@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/r2295080a257bad27ea68ca0af12fc715577f9e84801eae116a33107e@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/rad01d817195e6cc871cb1d73b207ca326379a20a6e7f30febaf56d24@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/rad2acee3ab838b52c04a0698b1728a9a43467bf365bd481c993c535d@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/rb9c9f42dafa25d2f669dac2a536a03f2575bc5ec1be6f480618aee10@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://github.com/live-hack-cve/cve-2009-3094"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2010:0011"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://usn.ubuntu.com/860-1/"
},
{
"trust": 0.1,
"url": "http://tools.cisco.com/security/center/viewalert.x?alertid=18978"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.11-2ubuntu2.5_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.9_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.12-1ubuntu2.1.diff.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.9_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.9-7ubuntu3.5_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-prefork-dev_2.2.11-2ubuntu2.5_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.12-1ubuntu2.1_all.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-utils_2.2.9-7ubuntu3.5_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-prefork-dev_2.2.11-2ubuntu2.5_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.9-7ubuntu3.5_all.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-prefork-dev_2.2.9-7ubuntu3.5_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-prefork-dev_2.2.12-1ubuntu2.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.9_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.9-7ubuntu3.5_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.9_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-event_2.2.11-2ubuntu2.5_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.12-1ubuntu2.1_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.9-7ubuntu3.5.diff.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.9_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-prefork-dev_2.2.9-7ubuntu3.5_lpia.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-utils_2.2.8-1ubuntu0.14_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2.2-common_2.2.9-7ubuntu3.5_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-suexec_2.2.9-7ubuntu3.5_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.11-2ubuntu2.5_all.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/universe/a/apache2/apache2-suexec-custom_2.2.12-1ubuntu2.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-prefork-dev_2.2.12-1ubuntu2.1_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.9_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/universe/a/apache2/apache2-suexec-custom_2.2.11-2ubuntu2.5_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.9_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/universe/a/apache2/apache2-suexec_2.2.11-2ubuntu2.5_lpia.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-threaded-dev_2.2.9-7ubuntu3.5_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.8-1ubuntu0.14_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.11-2ubuntu2.5_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/universe/a/apache2/apache2-suexec-custom_2.2.11-2ubuntu2.5_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.9_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.9_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.9_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.11-2ubuntu2.5.diff.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.8-1ubuntu0.14.diff.gz"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2.2-common_2.2.11-2ubuntu2.5_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-threaded-dev_2.2.8-1ubuntu0.14_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/universe/a/apache2/apache2-suexec_2.2.11-2ubuntu2.5_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.8-1ubuntu0.14_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-event_2.2.11-2ubuntu2.5_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.9_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-threaded-dev_2.2.12-1ubuntu2.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/a/apache2/apache2-suexec_2.2.11-2ubuntu2.5_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55.orig.tar.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.9_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-worker_2.2.9-7ubuntu3.5_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-prefork-dev_2.2.8-1ubuntu0.14_lpia.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/universe/a/apache2/apache2-suexec_2.2.11-2ubuntu2.5_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.9.orig.tar.gz"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-threaded-dev_2.2.11-2ubuntu2.5_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-threaded-dev_2.2.8-1ubuntu0.14_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.9_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-prefork_2.2.11-2ubuntu2.5_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.8-1ubuntu0.14_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-event_2.2.8-1ubuntu0.14_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.8-1ubuntu0.14_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-threaded-dev_2.2.12-1ubuntu2.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.9_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.11-2ubuntu2.5_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.9_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.12-1ubuntu2.1_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.9_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.12-1ubuntu2.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-utils_2.2.12-1ubuntu2.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-prefork-dev_2.2.12-1ubuntu2.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-prefork-dev_2.2.8-1ubuntu0.14_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-prefork_2.2.9-7ubuntu3.5_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.9_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-worker_2.2.9-7ubuntu3.5_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.12-1ubuntu2.1_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.8-1ubuntu0.14_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-suexec-custom_2.2.9-7ubuntu3.5_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/a/apache2/apache2-suexec_2.2.12-1ubuntu2.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/universe/a/apache2/apache2-suexec_2.2.12-1ubuntu2.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.9_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.9_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.8-1ubuntu0.14_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2.2-common_2.2.9-7ubuntu3.5_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.11-2ubuntu2.5_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.9_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.9-7ubuntu3.5_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.8-1ubuntu0.14.dsc"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/a/apache2/apache2-suexec-custom_2.2.11-2ubuntu2.5_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.12-1ubuntu2.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.8-1ubuntu0.14_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.9_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.9.dsc"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.11-2ubuntu2.5_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/a/apache2/apache2-suexec-custom_2.2.12-1ubuntu2.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-prefork_2.2.8-1ubuntu0.14_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.2.11-2ubuntu2.5_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.8-1ubuntu0.14_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2.2-common_2.2.8-1ubuntu0.14_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-threaded-dev_2.2.12-1ubuntu2.1_lpia.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-utils_2.2.8-1ubuntu0.14_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-utils_2.2.8-1ubuntu0.14_lpia.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-prefork-dev_2.2.8-1ubuntu0.14_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.11-2ubuntu2.5_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.9_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2.2-common_2.2.11-2ubuntu2.5_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.9_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.9_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.2.8-1ubuntu0.14_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.11.orig.tar.gz"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-worker_2.2.11-2ubuntu2.5_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.12-1ubuntu2.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.9-7ubuntu3.5_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-src_2.2.8-1ubuntu0.14_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.9.diff.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-suexec-custom_2.2.9-7ubuntu3.5_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.12.orig.tar.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.9_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2.2-bin_2.2.12-1ubuntu2.1_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.8.orig.tar.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.9_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.9_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.9-7ubuntu3.5_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.9_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.11-2ubuntu2.5.dsc"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.9_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2.2-common_2.2.8-1ubuntu0.14_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.8-1ubuntu0.14_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.9_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-event_2.2.9-7ubuntu3.5_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-prefork_2.2.11-2ubuntu2.5_lpia.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-suexec_2.2.9-7ubuntu3.5_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.8-1ubuntu0.14_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-utils_2.2.9-7ubuntu3.5_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/universe/a/apache2/apache2-suexec_2.2.12-1ubuntu2.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.12-1ubuntu2.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.8-1ubuntu0.14_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.9_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.11-2ubuntu2.5_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.11-2ubuntu2.5_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.9_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-worker_2.2.11-2ubuntu2.5_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.11-2ubuntu2.5_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.0.55-4ubuntu2.9_all.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-worker_2.2.8-1ubuntu0.14_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-event_2.2.9-7ubuntu3.5_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.8-1ubuntu0.14_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.9_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.11-2ubuntu2.5_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2.2-common_2.2.9-7ubuntu3.5_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-src_2.2.9-7ubuntu3.5_all.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2.2-bin_2.2.12-1ubuntu2.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-prefork-dev_2.2.9-7ubuntu3.5_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-suexec-custom_2.2.9-7ubuntu3.5_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.2.9-7ubuntu3.5_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.9-7ubuntu3.5_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-worker_2.2.8-1ubuntu0.14_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.8-1ubuntu0.14_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.11-2ubuntu2.5_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.9_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.9-7ubuntu3.5.dsc"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-suexec-custom_2.2.9-7ubuntu3.5_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.9_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-threaded-dev_2.2.11-2ubuntu2.5_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-threaded-dev_2.2.9-7ubuntu3.5_lpia.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-prefork_2.2.11-2ubuntu2.5_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-suexec_2.2.9-7ubuntu3.5_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2.2-common_2.2.8-1ubuntu0.14_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/a/apache2/apache2-suexec-custom_2.2.12-1ubuntu2.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.8-1ubuntu0.14_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.9_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.2.12-1ubuntu2.1_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-suexec_2.2.9-7ubuntu3.5_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-bin_2.2.12-1ubuntu2.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.9_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-utils_2.2.12-1ubuntu2.1_lpia.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-worker_2.2.9-7ubuntu3.5_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-suexec_2.2.9-7ubuntu3.5_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.12-1ubuntu2.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-worker_2.2.8-1ubuntu0.14_lpia.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-threaded-dev_2.2.11-2ubuntu2.5_lpia.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/universe/a/apache2/apache2-suexec-custom_2.2.11-2ubuntu2.5_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/a/apache2/apache2-suexec_2.2.12-1ubuntu2.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.11-2ubuntu2.5_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.9_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-prefork_2.2.9-7ubuntu3.5_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-utils_2.2.11-2ubuntu2.5_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/universe/a/apache2/apache2-suexec-custom_2.2.12-1ubuntu2.1_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.9-7ubuntu3.5_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.12-1ubuntu2.1_all.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-event_2.2.11-2ubuntu2.5_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-prefork_2.2.8-1ubuntu0.14_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.9_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-bin_2.2.12-1ubuntu2.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-utils_2.2.11-2ubuntu2.5_lpia.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-utils_2.2.11-2ubuntu2.5_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.12-1ubuntu2.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-event_2.2.8-1ubuntu0.14_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.9-7ubuntu3.5_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-worker_2.2.11-2ubuntu2.5_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.9-7ubuntu3.5_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-prefork_2.2.8-1ubuntu0.14_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-utils_2.2.9-7ubuntu3.5_lpia.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-utils_2.2.12-1ubuntu2.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-prefork_2.2.9-7ubuntu3.5_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-threaded-dev_2.2.9-7ubuntu3.5_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.11-2ubuntu2.5_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.9-7ubuntu3.5_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/a/apache2/apache2-mpm-itk_2.2.12-1ubuntu2.1_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.9-7ubuntu3.5_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-suexec-custom_2.2.9-7ubuntu3.5_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.12-1ubuntu2.1.dsc"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/universe/a/apache2/apache2-suexec-custom_2.2.12-1ubuntu2.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.2.8-1ubuntu0.14_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.9-7ubuntu3.5_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-event_2.2.9-7ubuntu3.5_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2.2-common_2.2.11-2ubuntu2.5_lpia.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/universe/a/apache2/apache2-suexec_2.2.12-1ubuntu2.1_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.9_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-event_2.2.8-1ubuntu0.14_lpia.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-threaded-dev_2.2.8-1ubuntu0.14_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.9-7ubuntu3.5_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.9-7ubuntu3.5_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/a/apache2/apache2-suexec-custom_2.2.11-2ubuntu2.5_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/a/apache2/apache2-suexec_2.2.11-2ubuntu2.5_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.11-2ubuntu2.5_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2.2-bin_2.2.12-1ubuntu2.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-prefork-dev_2.2.11-2ubuntu2.5_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/a/apache2/apache2-src_2.2.11-2ubuntu2.5_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.8-1ubuntu0.14_amd64.deb"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-1195"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=apache-httpd-announce\u0026m=125755783724966\u0026w=2"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-1890"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-2939"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-1890"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-1678"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-2939"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-1195"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-3555"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-1891"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-1191"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-1191"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-1678"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-1891"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.3-4+etch11_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.9-10+lenny6_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.9-10+lenny6_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.3-4+etch11_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-src_2.2.3-4+etch11_all.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.3-4+etch11_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec-custom_2.2.9-10+lenny6_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.9-10+lenny6_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.9-10+lenny6_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.3-4+etch11_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec_2.2.9-10+lenny6_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec_2.2.9-10+lenny6_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.3-4+etch11_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.9-10+lenny6_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.9-10+lenny6_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.3-4+etch11_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.3-4+etch11_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.9-10+lenny6_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-dbg_2.2.9-10+lenny6_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec-custom_2.2.9-10+lenny6_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.3-01-2+etch4+b1_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.3-4+etch11_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-dbg_2.2.9-10+lenny6_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.3-4+etch11_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.3-01-2+etch4+b1_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.3-4+etch11_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.3-4+etch11_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.3-4+etch11_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.3-4+etch11_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.3-01-2+etch4+b1_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.3-01-2+etch4+b1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.9-10+lenny6_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.3-4+etch11_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.9-10+lenny6_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec_2.2.9-10+lenny6_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.3-4+etch11_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.3-4+etch11_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.3-4+etch11_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.3-4+etch11_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-dbg_2.2.9-10+lenny6_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.9-10+lenny6_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-dbg_2.2.9-10+lenny6_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-dbg_2.2.9-10+lenny6_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.3-4+etch11_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.9-10+lenny6_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.3-4+etch11_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec_2.2.9-10+lenny6_armel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.3-4+etch11_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.3-01-2+etch4+b1_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.9-10+lenny6_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.9-10+lenny6_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.9-10+lenny6_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2_2.2.9.orig.tar.gz"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.9-10+lenny6_armel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.6-02-1+lenny2+b2_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.3-4+etch11_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.9-10+lenny6_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-perchild_2.2.3-4+etch11_all.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.9-10+lenny6_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec-custom_2.2.9-10+lenny6_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.3-4+etch11_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.9-10+lenny6_armel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2_2.2.3.orig.tar.gz"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.9-10+lenny6_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.3-01-2+etch4+b1_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.9-10+lenny6_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec_2.2.9-10+lenny6_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.3-4+etch11_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.3-4+etch11_mips.deb"
},
{
"trust": 0.1,
"url": "http://www.debian.org/security/faq"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.3-4+etch11_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.3-4+etch11_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.6-02-1+lenny2+b2_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.9-10+lenny6_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.6-02-1+lenny2+b2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.9-10+lenny6_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.9-10+lenny6_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.9-10+lenny6_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.9-10+lenny6_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.3-4+etch11_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.3-4+etch11_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.9-10+lenny6_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.9-10+lenny6_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.3-4+etch11_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.3-4+etch11_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.3-4+etch11_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.9-10+lenny6_armel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.3-4+etch11_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.3-4+etch11_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.9-10+lenny6_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.3-4+etch11_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.9-10+lenny6_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.6-02-1+lenny2+b2_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.9-10+lenny6_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec-custom_2.2.9-10+lenny6_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.9-10+lenny6_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.3-4+etch11_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.3-4+etch11_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.9-10+lenny6_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-doc_2.2.9-10+lenny6_all.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.9-10+lenny6_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.9-10+lenny6_armel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.9-10+lenny6_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.3-4+etch11_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.3-01-2+etch4+b1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.9-10+lenny6_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.9-10+lenny6_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.9-10+lenny6_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.3-4+etch11_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-dbg_2.2.9-10+lenny6_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.3-4+etch11_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec_2.2.9-10+lenny6_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.3-4+etch11_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.9-10+lenny6_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.3-4+etch11_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.9-10+lenny6_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.3-4+etch11_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.3-4+etch11_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.3-4+etch11_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.9-10+lenny6_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.3-4+etch11_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-doc_2.2.3-4+etch11_all.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.3-4+etch11_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.3-4+etch11_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.9-10+lenny6_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.9-10+lenny6_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.9-10+lenny6_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2_2.2.3-4+etch11.diff.gz"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.9-10+lenny6_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.6-02-1+lenny2+b2_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec-custom_2.2.9-10+lenny6_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec-custom_2.2.9-10+lenny6_armel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.3-4+etch11_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.9-10+lenny6_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2_2.2.3-4+etch11.dsc"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.9-10+lenny6_armel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.9-10+lenny6_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.6-02-1+lenny2+b2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.9-10+lenny6_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec_2.2.9-10+lenny6_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.9-10+lenny6_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.3-01-2+etch4+b1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.9-10+lenny6_armel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.9-10+lenny6_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec-custom_2.2.9-10+lenny6_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec-custom_2.2.9-10+lenny6_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.9-10+lenny6_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.3-4+etch11_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.3-4+etch11_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.9-10+lenny6_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.9-10+lenny6_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-dbg_2.2.9-10+lenny6_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.3-4+etch11_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.3-4+etch11_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.3-4+etch11_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.3-4+etch11_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.9-10+lenny6_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.3-01-2+etch4+b1_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-dbg_2.2.9-10+lenny6_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-dbg_2.2.9-10+lenny6_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.3-01-2+etch4+b1_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.9-10+lenny6_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.9-10+lenny6_ia64.deb"
},
{
"trust": 0.1,
"url": "http://www.debian.org/security/"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.6-02-1+lenny2+b2_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.3-4+etch11_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec-custom_2.2.9-10+lenny6_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.9-10+lenny6_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec_2.2.9-10+lenny6_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.9-10+lenny6_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.9-10+lenny6_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec_2.2.9-10+lenny6_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec-custom_2.2.9-10+lenny6_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.3-4+etch11_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.3-01-2+etch4+b1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.9-10+lenny6_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.9-10+lenny6_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.9-10+lenny6_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.9-10+lenny6_armel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2_2.2.3-4+etch11_all.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.9-10+lenny6_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.3-4+etch11_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec_2.2.9-10+lenny6_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.9-10+lenny6_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2_2.2.9-10+lenny6.dsc"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.6-02-1+lenny2+b2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec_2.2.9-10+lenny6_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.3-4+etch11_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.3-4+etch11_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.9-10+lenny6_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.9-10+lenny6_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.6-02-1+lenny2+b2_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.9-10+lenny6_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-dbg_2.2.9-10+lenny6_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.3-4+etch11_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.3-4+etch11_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec-custom_2.2.9-10+lenny6_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.6-02-1+lenny2+b2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.3-4+etch11_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec_2.2.9-10+lenny6_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-dbg_2.2.9-10+lenny6_armel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec-custom_2.2.9-10+lenny6_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.3-4+etch11_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.3-4+etch11_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.9-10+lenny6_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.3-4+etch11_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.9-10+lenny6_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.9-10+lenny6_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.3-4+etch11_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.3-4+etch11_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.3-4+etch11_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.3-4+etch11_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.3-4+etch11_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2_2.2.9-10+lenny6_all.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.9-10+lenny6_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.9-10+lenny6_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.9-10+lenny6_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.9-10+lenny6_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-dbg_2.2.9-10+lenny6_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.9-10+lenny6_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2_2.2.9-10+lenny6.diff.gz"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.9-10+lenny6_hppa.deb"
},
{
"trust": 0.1,
"url": "http://packages.debian.org/\u003cpkg\u003e"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.3-4+etch11_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.9-10+lenny6_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-src_2.2.9-10+lenny6_all.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.9-10+lenny6_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.3-4+etch11_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.9-10+lenny6_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.3-4+etch11_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.3-4+etch11_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.6-02-1+lenny2+b2_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.3-4+etch11_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.3-4+etch11_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.9-10+lenny6_arm.deb"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0740"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0434"
},
{
"trust": 0.1,
"url": "http://software.hp.com"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0408"
},
{
"trust": 0.1,
"url": "https://www.hp.com/go/swa"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0433"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-2699"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-1452"
},
{
"trust": 0.1,
"url": "http://h20566.www2.hp.com/portal/site/hpsc/public/kb/secbullarchive/"
},
{
"trust": 0.1,
"url": "http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins"
},
{
"trust": 0.1,
"url": "https://h20566.www2.hp.com/portal/site/hpsc/public/kb/docdisplay/?docid=emr_na-c02964430"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2009-3094"
},
{
"db": "BID",
"id": "36260"
},
{
"db": "PACKETSTORM",
"id": "82799"
},
{
"db": "PACKETSTORM",
"id": "83521"
},
{
"db": "PACKETSTORM",
"id": "82647"
},
{
"db": "PACKETSTORM",
"id": "81540"
},
{
"db": "PACKETSTORM",
"id": "87839"
},
{
"db": "PACKETSTORM",
"id": "90263"
},
{
"db": "PACKETSTORM",
"id": "111587"
},
{
"db": "CNNVD",
"id": "CNNVD-200909-107"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-002187"
},
{
"db": "NVD",
"id": "CVE-2009-3094"
}
]
},
"sources": {
"_id": null,
"data": [
{
"db": "VULMON",
"id": "CVE-2009-3094",
"ident": null
},
{
"db": "BID",
"id": "36260",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "82799",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "83521",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "82647",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "81540",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "87839",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "90263",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "111587",
"ident": null
},
{
"db": "CNNVD",
"id": "CNNVD-200909-107",
"ident": null
},
{
"db": "JVNDB",
"id": "JVNDB-2009-002187",
"ident": null
},
{
"db": "NVD",
"id": "CVE-2009-3094",
"ident": null
}
]
},
"sources_release_date": {
"_id": null,
"data": [
{
"date": "2009-09-08T00:00:00",
"db": "VULMON",
"id": "CVE-2009-3094",
"ident": null
},
{
"date": "2009-09-03T00:00:00",
"db": "BID",
"id": "36260",
"ident": null
},
{
"date": "2009-11-19T18:46:00",
"db": "PACKETSTORM",
"id": "82799",
"ident": null
},
{
"date": "2009-12-07T21:57:59",
"db": "PACKETSTORM",
"id": "83521",
"ident": null
},
{
"date": "2009-11-16T23:36:55",
"db": "PACKETSTORM",
"id": "82647",
"ident": null
},
{
"date": "2009-09-22T21:58:35",
"db": "PACKETSTORM",
"id": "81540",
"ident": null
},
{
"date": "2010-03-31T15:49:00",
"db": "PACKETSTORM",
"id": "87839",
"ident": null
},
{
"date": "2010-06-04T04:25:14",
"db": "PACKETSTORM",
"id": "90263",
"ident": null
},
{
"date": "2012-04-05T00:55:15",
"db": "PACKETSTORM",
"id": "111587",
"ident": null
},
{
"date": "2009-09-08T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200909-107",
"ident": null
},
{
"date": "2009-11-06T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2009-002187",
"ident": null
},
{
"date": "2009-09-08T18:30:00.657000",
"db": "NVD",
"id": "CVE-2009-3094",
"ident": null
}
]
},
"sources_update_date": {
"_id": null,
"data": [
{
"date": "2022-09-19T00:00:00",
"db": "VULMON",
"id": "CVE-2009-3094",
"ident": null
},
{
"date": "2015-04-13T21:44:00",
"db": "BID",
"id": "36260",
"ident": null
},
{
"date": "2022-09-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200909-107",
"ident": null
},
{
"date": "2010-12-15T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2009-002187",
"ident": null
},
{
"date": "2025-04-09T00:30:58.490000",
"db": "NVD",
"id": "CVE-2009-3094",
"ident": null
}
]
},
"threat_type": {
"_id": null,
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "81540"
},
{
"db": "CNNVD",
"id": "CNNVD-200909-107"
}
],
"trust": 0.7
},
"title": {
"_id": null,
"data": "Apache HTTP Server of ap_proxy_ftp_handler Service disruption in functions (DoS) Vulnerabilities",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2009-002187"
}
],
"trust": 0.8
},
"type": {
"_id": null,
"data": "code problem",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200909-107"
}
],
"trust": 0.6
}
}
VAR-201606-0395
Vulnerability from variot - Updated: 2026-04-10 23:15The xmlParseElementDecl function in parser.c in libxml2 before 2.9.4 allows context-dependent attackers to cause a denial of service (heap-based buffer underread and application crash) via a crafted file, involving xmlParseName. Libxml2 is a C language-based function library for parsing XML documents developed by the GNOME project team. It supports multiple encoding formats, XPath analysis, Well-formed and valid verification, etc. There is a security vulnerability in the 'xmlParseElementDecl' function in the parser.c file of Libxml2 2.9.3 and earlier. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
===================================================================== Red Hat Security Advisory
Synopsis: Important: libxml2 security update Advisory ID: RHSA-2016:1292-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2016:1292 Issue date: 2016-06-23 CVE Names: CVE-2016-1762 CVE-2016-1833 CVE-2016-1834 CVE-2016-1835 CVE-2016-1836 CVE-2016-1837 CVE-2016-1838 CVE-2016-1839 CVE-2016-1840 CVE-2016-3627 CVE-2016-3705 CVE-2016-4447 CVE-2016-4448 CVE-2016-4449 =====================================================================
- Summary:
An update for libxml2 is now available for Red Hat Enterprise Linux 6 and Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
- Relevant releases/architectures:
Red Hat Enterprise Linux Client (v. 7) - x86_64 Red Hat Enterprise Linux Client Optional (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64 Red Hat Enterprise Linux HPC Node (v. 6) - x86_64 Red Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64 Red Hat Enterprise Linux Server (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server (v. 7) - ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 7) - ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation (v. 7) - x86_64 Red Hat Enterprise Linux Workstation Optional (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Optional (v. 7) - x86_64
- Description:
The libxml2 library is a development toolbox providing the implementation of various XML standards.
Security Fix(es):
A heap-based buffer overflow flaw was found in the way libxml2 parsed certain crafted XML input. (CVE-2016-1834, CVE-2016-1840)
Multiple denial of service flaws were found in libxml2. (CVE-2016-1762, CVE-2016-1833, CVE-2016-1835, CVE-2016-1836, CVE-2016-1837, CVE-2016-1838, CVE-2016-1839, CVE-2016-3627, CVE-2016-3705, CVE-2016-4447, CVE-2016-4448, CVE-2016-4449)
- Solution:
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
For the update to take effect, all applications linked to the libxml2 library must be restarted, or the system rebooted.
- Bugs fixed (https://bugzilla.redhat.com/):
1319829 - CVE-2016-3627 libxml2: stack exhaustion while parsing xml files in recovery mode 1332443 - CVE-2016-3705 libxml2: stack overflow before detecting invalid XML file 1338682 - CVE-2016-1833 libxml2: Heap-based buffer overread in htmlCurrentChar 1338686 - CVE-2016-4447 libxml2: Heap-based buffer underreads due to xmlParseName 1338691 - CVE-2016-1835 libxml2: Heap use-after-free in xmlSAX2AttributeNs 1338696 - CVE-2016-1837 libxml2: Heap use-after-free in htmlPArsePubidLiteral and htmlParseSystemiteral 1338700 - CVE-2016-4448 libxml2: Format string vulnerability 1338701 - CVE-2016-4449 libxml2: Inappropriate fetch of entities content 1338702 - CVE-2016-1836 libxml2: Heap use-after-free in xmlDictComputeFastKey 1338703 - CVE-2016-1839 libxml2: Heap-based buffer overread in xmlDictAddString 1338705 - CVE-2016-1838 libxml2: Heap-based buffer overread in xmlPArserPrintFileContextInternal 1338706 - CVE-2016-1840 libxml2: Heap-buffer-overflow in xmlFAParserPosCharGroup 1338708 - CVE-2016-1834 libxml2: Heap-buffer-overflow in xmlStrncat 1338711 - CVE-2016-1762 libxml2: Heap-based buffer-overread in xmlNextChar
- Package List:
Red Hat Enterprise Linux HPC Node (v. 6):
Source: libxml2-2.7.6-21.el6_8.1.src.rpm
x86_64: libxml2-2.7.6-21.el6_8.1.i686.rpm libxml2-2.7.6-21.el6_8.1.x86_64.rpm libxml2-debuginfo-2.7.6-21.el6_8.1.i686.rpm libxml2-debuginfo-2.7.6-21.el6_8.1.x86_64.rpm libxml2-python-2.7.6-21.el6_8.1.x86_64.rpm
Red Hat Enterprise Linux HPC Node Optional (v. 6):
x86_64: libxml2-debuginfo-2.7.6-21.el6_8.1.i686.rpm libxml2-debuginfo-2.7.6-21.el6_8.1.x86_64.rpm libxml2-devel-2.7.6-21.el6_8.1.i686.rpm libxml2-devel-2.7.6-21.el6_8.1.x86_64.rpm libxml2-static-2.7.6-21.el6_8.1.x86_64.rpm
Red Hat Enterprise Linux Server (v. 6):
Source: libxml2-2.7.6-21.el6_8.1.src.rpm
i386: libxml2-2.7.6-21.el6_8.1.i686.rpm libxml2-debuginfo-2.7.6-21.el6_8.1.i686.rpm libxml2-devel-2.7.6-21.el6_8.1.i686.rpm libxml2-python-2.7.6-21.el6_8.1.i686.rpm
ppc64: libxml2-2.7.6-21.el6_8.1.ppc.rpm libxml2-2.7.6-21.el6_8.1.ppc64.rpm libxml2-debuginfo-2.7.6-21.el6_8.1.ppc.rpm libxml2-debuginfo-2.7.6-21.el6_8.1.ppc64.rpm libxml2-devel-2.7.6-21.el6_8.1.ppc.rpm libxml2-devel-2.7.6-21.el6_8.1.ppc64.rpm libxml2-python-2.7.6-21.el6_8.1.ppc64.rpm
s390x: libxml2-2.7.6-21.el6_8.1.s390.rpm libxml2-2.7.6-21.el6_8.1.s390x.rpm libxml2-debuginfo-2.7.6-21.el6_8.1.s390.rpm libxml2-debuginfo-2.7.6-21.el6_8.1.s390x.rpm libxml2-devel-2.7.6-21.el6_8.1.s390.rpm libxml2-devel-2.7.6-21.el6_8.1.s390x.rpm libxml2-python-2.7.6-21.el6_8.1.s390x.rpm
x86_64: libxml2-2.7.6-21.el6_8.1.i686.rpm libxml2-2.7.6-21.el6_8.1.x86_64.rpm libxml2-debuginfo-2.7.6-21.el6_8.1.i686.rpm libxml2-debuginfo-2.7.6-21.el6_8.1.x86_64.rpm libxml2-devel-2.7.6-21.el6_8.1.i686.rpm libxml2-devel-2.7.6-21.el6_8.1.x86_64.rpm libxml2-python-2.7.6-21.el6_8.1.x86_64.rpm
Red Hat Enterprise Linux Server Optional (v. 6):
i386: libxml2-debuginfo-2.7.6-21.el6_8.1.i686.rpm libxml2-static-2.7.6-21.el6_8.1.i686.rpm
ppc64: libxml2-debuginfo-2.7.6-21.el6_8.1.ppc64.rpm libxml2-static-2.7.6-21.el6_8.1.ppc64.rpm
s390x: libxml2-debuginfo-2.7.6-21.el6_8.1.s390x.rpm libxml2-static-2.7.6-21.el6_8.1.s390x.rpm
x86_64: libxml2-debuginfo-2.7.6-21.el6_8.1.x86_64.rpm libxml2-static-2.7.6-21.el6_8.1.x86_64.rpm
Red Hat Enterprise Linux Workstation (v. 6):
Source: libxml2-2.7.6-21.el6_8.1.src.rpm
i386: libxml2-2.7.6-21.el6_8.1.i686.rpm libxml2-debuginfo-2.7.6-21.el6_8.1.i686.rpm libxml2-devel-2.7.6-21.el6_8.1.i686.rpm libxml2-python-2.7.6-21.el6_8.1.i686.rpm
x86_64: libxml2-2.7.6-21.el6_8.1.i686.rpm libxml2-2.7.6-21.el6_8.1.x86_64.rpm libxml2-debuginfo-2.7.6-21.el6_8.1.i686.rpm libxml2-debuginfo-2.7.6-21.el6_8.1.x86_64.rpm libxml2-devel-2.7.6-21.el6_8.1.i686.rpm libxml2-devel-2.7.6-21.el6_8.1.x86_64.rpm libxml2-python-2.7.6-21.el6_8.1.x86_64.rpm
Red Hat Enterprise Linux Workstation Optional (v. 6):
i386: libxml2-debuginfo-2.7.6-21.el6_8.1.i686.rpm libxml2-static-2.7.6-21.el6_8.1.i686.rpm
x86_64: libxml2-debuginfo-2.7.6-21.el6_8.1.x86_64.rpm libxml2-static-2.7.6-21.el6_8.1.x86_64.rpm
Red Hat Enterprise Linux Client (v. 7):
Source: libxml2-2.9.1-6.el7_2.3.src.rpm
x86_64: libxml2-2.9.1-6.el7_2.3.i686.rpm libxml2-2.9.1-6.el7_2.3.x86_64.rpm libxml2-debuginfo-2.9.1-6.el7_2.3.i686.rpm libxml2-debuginfo-2.9.1-6.el7_2.3.x86_64.rpm libxml2-python-2.9.1-6.el7_2.3.x86_64.rpm
Red Hat Enterprise Linux Client Optional (v. 7):
x86_64: libxml2-debuginfo-2.9.1-6.el7_2.3.i686.rpm libxml2-debuginfo-2.9.1-6.el7_2.3.x86_64.rpm libxml2-devel-2.9.1-6.el7_2.3.i686.rpm libxml2-devel-2.9.1-6.el7_2.3.x86_64.rpm libxml2-static-2.9.1-6.el7_2.3.i686.rpm libxml2-static-2.9.1-6.el7_2.3.x86_64.rpm
Red Hat Enterprise Linux ComputeNode (v. 7):
Source: libxml2-2.9.1-6.el7_2.3.src.rpm
x86_64: libxml2-2.9.1-6.el7_2.3.i686.rpm libxml2-2.9.1-6.el7_2.3.x86_64.rpm libxml2-debuginfo-2.9.1-6.el7_2.3.i686.rpm libxml2-debuginfo-2.9.1-6.el7_2.3.x86_64.rpm libxml2-python-2.9.1-6.el7_2.3.x86_64.rpm
Red Hat Enterprise Linux ComputeNode Optional (v. 7):
x86_64: libxml2-debuginfo-2.9.1-6.el7_2.3.i686.rpm libxml2-debuginfo-2.9.1-6.el7_2.3.x86_64.rpm libxml2-devel-2.9.1-6.el7_2.3.i686.rpm libxml2-devel-2.9.1-6.el7_2.3.x86_64.rpm libxml2-static-2.9.1-6.el7_2.3.i686.rpm libxml2-static-2.9.1-6.el7_2.3.x86_64.rpm
Red Hat Enterprise Linux Server (v. 7):
Source: libxml2-2.9.1-6.el7_2.3.src.rpm
ppc64: libxml2-2.9.1-6.el7_2.3.ppc.rpm libxml2-2.9.1-6.el7_2.3.ppc64.rpm libxml2-debuginfo-2.9.1-6.el7_2.3.ppc.rpm libxml2-debuginfo-2.9.1-6.el7_2.3.ppc64.rpm libxml2-devel-2.9.1-6.el7_2.3.ppc.rpm libxml2-devel-2.9.1-6.el7_2.3.ppc64.rpm libxml2-python-2.9.1-6.el7_2.3.ppc64.rpm
ppc64le: libxml2-2.9.1-6.el7_2.3.ppc64le.rpm libxml2-debuginfo-2.9.1-6.el7_2.3.ppc64le.rpm libxml2-devel-2.9.1-6.el7_2.3.ppc64le.rpm libxml2-python-2.9.1-6.el7_2.3.ppc64le.rpm
s390x: libxml2-2.9.1-6.el7_2.3.s390.rpm libxml2-2.9.1-6.el7_2.3.s390x.rpm libxml2-debuginfo-2.9.1-6.el7_2.3.s390.rpm libxml2-debuginfo-2.9.1-6.el7_2.3.s390x.rpm libxml2-devel-2.9.1-6.el7_2.3.s390.rpm libxml2-devel-2.9.1-6.el7_2.3.s390x.rpm libxml2-python-2.9.1-6.el7_2.3.s390x.rpm
x86_64: libxml2-2.9.1-6.el7_2.3.i686.rpm libxml2-2.9.1-6.el7_2.3.x86_64.rpm libxml2-debuginfo-2.9.1-6.el7_2.3.i686.rpm libxml2-debuginfo-2.9.1-6.el7_2.3.x86_64.rpm libxml2-devel-2.9.1-6.el7_2.3.i686.rpm libxml2-devel-2.9.1-6.el7_2.3.x86_64.rpm libxml2-python-2.9.1-6.el7_2.3.x86_64.rpm
Red Hat Enterprise Linux Server Optional (v. 7):
ppc64: libxml2-debuginfo-2.9.1-6.el7_2.3.ppc.rpm libxml2-debuginfo-2.9.1-6.el7_2.3.ppc64.rpm libxml2-static-2.9.1-6.el7_2.3.ppc.rpm libxml2-static-2.9.1-6.el7_2.3.ppc64.rpm
ppc64le: libxml2-debuginfo-2.9.1-6.el7_2.3.ppc64le.rpm libxml2-static-2.9.1-6.el7_2.3.ppc64le.rpm
s390x: libxml2-debuginfo-2.9.1-6.el7_2.3.s390.rpm libxml2-debuginfo-2.9.1-6.el7_2.3.s390x.rpm libxml2-static-2.9.1-6.el7_2.3.s390.rpm libxml2-static-2.9.1-6.el7_2.3.s390x.rpm
x86_64: libxml2-debuginfo-2.9.1-6.el7_2.3.i686.rpm libxml2-debuginfo-2.9.1-6.el7_2.3.x86_64.rpm libxml2-static-2.9.1-6.el7_2.3.i686.rpm libxml2-static-2.9.1-6.el7_2.3.x86_64.rpm
Red Hat Enterprise Linux Workstation (v. 7):
Source: libxml2-2.9.1-6.el7_2.3.src.rpm
x86_64: libxml2-2.9.1-6.el7_2.3.i686.rpm libxml2-2.9.1-6.el7_2.3.x86_64.rpm libxml2-debuginfo-2.9.1-6.el7_2.3.i686.rpm libxml2-debuginfo-2.9.1-6.el7_2.3.x86_64.rpm libxml2-devel-2.9.1-6.el7_2.3.i686.rpm libxml2-devel-2.9.1-6.el7_2.3.x86_64.rpm libxml2-python-2.9.1-6.el7_2.3.x86_64.rpm
Red Hat Enterprise Linux Workstation Optional (v. 7):
x86_64: libxml2-debuginfo-2.9.1-6.el7_2.3.i686.rpm libxml2-debuginfo-2.9.1-6.el7_2.3.x86_64.rpm libxml2-static-2.9.1-6.el7_2.3.i686.rpm libxml2-static-2.9.1-6.el7_2.3.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/
- References:
https://access.redhat.com/security/cve/CVE-2016-1762 https://access.redhat.com/security/cve/CVE-2016-1833 https://access.redhat.com/security/cve/CVE-2016-1834 https://access.redhat.com/security/cve/CVE-2016-1835 https://access.redhat.com/security/cve/CVE-2016-1836 https://access.redhat.com/security/cve/CVE-2016-1837 https://access.redhat.com/security/cve/CVE-2016-1838 https://access.redhat.com/security/cve/CVE-2016-1839 https://access.redhat.com/security/cve/CVE-2016-1840 https://access.redhat.com/security/cve/CVE-2016-3627 https://access.redhat.com/security/cve/CVE-2016-3705 https://access.redhat.com/security/cve/CVE-2016-4447 https://access.redhat.com/security/cve/CVE-2016-4448 https://access.redhat.com/security/cve/CVE-2016-4449 https://access.redhat.com/security/updates/classification/#important
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2016 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iD8DBQFXa8B8XlSAg2UNWIIRAh9ZAJ99xgPhOaIopIxmynm+vlDcmw4jFACeLvTm ZsVLEgJAF0Zt6xZVzqvVW7U= =fREV -----END PGP SIGNATURE-----
-- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce .
For the stable distribution (jessie), these problems have been fixed in version 2.9.1+dfsg1-5+deb8u2. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512
APPLE-SA-2016-07-18-2 iOS 9.3.3
iOS 9.3.3 is now available and addresses the following:
Calendar Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: A maliciously crafted calendar invite may cause a device to unexpectedly restart Description: A null pointer dereference was addressed through improved memory handling. CVE-2016-4592 : Mikhail
WebKit Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Visiting a malicious website may disclose image data from another website Description: A timing issue existed in the processing of SVG. CVE-2016-4587 : Apple
WebKit JavaScript Bindings Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Visiting a maliciously crafted website may lead to script execution in the context of a non-HTTP service Description: A cross-protocol cross-site scripting (XPXSS) issue existed in Safari when submitting forms to non-HTTP services compatible with HTTP/0.9. This issue was addressed by disabling scripts and plugins on resources loaded over HTTP/0.9. CVE-2016-4651 : Obscure
WebKit Page Loading Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: A malicious website may exfiltrate data cross-origin Description: A cross-site scripting issue existed in Safari URL redirection. CVE-2016-4585 : Takeshi Terada of Mitsui Bussan Secure Directions, Inc. CVE-2016-4584 : Chris Vienneau
Installation note:
This update is available through iTunes and Software Update on your iOS device, and will not appear in your computer's Software Update application, or in the Apple Downloads site. Make sure you have an Internet connection and have installed the latest version of iTunes from www.apple.com/itunes/
iTunes and Software Update on the device will automatically check Apple's update server on its weekly schedule. When an update is detected, it is downloaded and the option to be installed is presented to the user when the iOS device is docked. We recommend applying the update immediately if possible. Selecting Don't Install will present the option the next time you connect your iOS device.
The automatic update process may take up to a week depending on the day that iTunes or the device checks for updates. You may manually obtain the update via the Check for Updates button within iTunes, or the Software Update on your device.
To check that the iPhone, iPod touch, or iPad has been updated:
- Navigate to Settings
- Select General
- Select About. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512
APPLE-SA-2016-07-18-1 OS X El Capitan v10.11.6 and Security Update 2016-004
OS X El Capitan v10.11.6 and Security Update 2016-004 is now available and addresses the following:
apache_mod_php
Available for:
OS X Yosemite v10.10.5 and OS X El Capitan v10.11 and later
Impact: A remote attacker may be able to execute arbitrary code
Description: Multiple issues existed in PHP versions prior to
5.5.36. These were addressed by updating PHP to version 5.5.36.
CVE-2016-4650
Audio Available for: OS X El Capitan v10.11 and later Impact: A local user may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed through improved memory handling. CVE-2016-4647 : Juwei Lin (@fuzzerDOTcn) of Trend Micro
Audio Available for: OS X El Capitan v10.11 and later Impact: A local user may be able to determine kernel memory layout Description: An out-of-bounds read was addressed through improved input validation. CVE-2016-4648 : Juwei Lin(@fuzzerDOTcn) of Trend Micro
Audio Available for: OS X El Capitan v10.11 and later Impact: Parsing a maliciously crafted audio file may lead to the disclosure of user information Description: An out-of-bounds read was addressed through improved bounds checking. CVE-2016-4646 : Steven Seeley of Source Incite working with Trend Micro's Zero Day Initiative
Audio Available for: OS X El Capitan v10.11 and later Impact: A local user may be able to cause a system denial of service Description: A null pointer dereference was addressed through improved input validation. CVE-2016-4649 : Juwei Lin(@fuzzerDOTcn) of Trend Micro
bsdiff Available for: OS X El Capitan v10.11 and later Impact: A local attacker may be able to cause unexpected application termination or arbitrary code execution Description: An integer overflow existed in bspatch. This issue was addressed through improved bounds checking. CVE-2014-9862 : an anonymous researcher
CFNetwork Available for: OS X El Capitan v10.11 and later Impact: A local user may be able to view sensitive user information Description: A permissions issue existed in the handling of web browser cookies. This issue was addressed through improved restrictions. CVE-2016-4645 : Abhinav Bansal of Zscaler Inc.
CoreGraphics Available for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan v10.11 and later Impact: A remote attacker may be able to execute arbitrary code Description: A memory corruption issue was addressed through improved memory handling. CVE-2016-4637 : Tyler Bohan of Cisco Talos (talosintel.com /vulnerability-reports)
CoreGraphics Available for: OS X El Capitan v10.11 and later Impact: A local user may be able to elevate privileges Description: An out-of-bounds read issue existed that led to the disclosure of kernel memory. This was addressed through improved input validation. CVE-2016-4652 : Yubin Fu of Tencent KeenLab working with Trend Micro's Zero Day Initiative
FaceTime Available for: OS X El Capitan v10.11 and later Impact: An attacker in a privileged network position may be able to cause a relayed call to continue transmitting audio while appearing as if the call terminated Description: User interface inconsistencies existed in the handling of relayed calls. These issues were addressed through improved FaceTime display logic. CVE-2016-4635 : Martin Vigo
Graphics Drivers Available for: OS X El Capitan v10.11 and later Impact: A local user may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed through improved input validation. CVE-2016-4634 : Stefan Esser of SektionEins
ImageIO Available for: OS X El Capitan v10.11 and later Impact: A remote attacker may be able to cause a denial of service Description: A memory consumption issue was addressed through improved memory handling. CVE-2016-4632 : Evgeny Sidorov of Yandex
ImageIO Available for: OS X El Capitan v10.11 and later Impact: A remote attacker may be able to execute arbitrary code Description: Multiple memory corruption issues were addressed through improved memory handling. CVE-2016-4631 : Tyler Bohan of Cisco Talos (talosintel.com /vulnerability-reports)
ImageIO Available for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan v10.11 and later Impact: A remote attacker may be able to execute arbitrary code Description: Multiple memory corruption issues were addressed through improved memory handling. CVE-2016-4629 : Tyler Bohan of Cisco Talos (talosintel.com /vulnerability-reports) CVE-2016-4630 : Tyler Bohan of Cisco Talos (talosintel.com /vulnerability-reports)
Intel Graphics Driver Available for: OS X El Capitan v10.11 and later Impact: A malicious application may be able to execute arbitrary code with kernel privileges Description: Multiple memory corruption issues were addressed through improved memory handling. CVE-2016-4633 : an anonymous researcher
IOHIDFamily Available for: OS X El Capitan v10.11 and later Impact: A local user may be able to execute arbitrary code with kernel privileges Description: A null pointer dereference was addressed through improved input validation. CVE-2016-4626 : Stefan Esser of SektionEins
IOSurface Available for: OS X El Capitan v10.11 and later Impact: A local user may be able to execute arbitrary code with kernel privileges Description: A use-after-free was addressed through improved memory management. CVE-2016-4625 : Ian Beer of Google Project Zero
Kernel Available for: OS X El Capitan v10.11 and later Impact: A local user may be able to execute arbitrary code with kernel privileges Description: Multiple memory corruption issues were addressed through improved memory handling. CVE-2016-1863 : Ian Beer of Google Project Zero CVE-2016-1864 : Ju Zhu of Trend Micro CVE-2016-4582 : Shrek_wzw and Proteas of Qihoo 360 Nirvan Team
Kernel Available for: OS X El Capitan v10.11 and later Impact: A local user may be able to cause a system denial of service Description: A null pointer dereference was addressed through improved input validation. CVE-2016-1865 : CESG, Marco Grassi (@marcograss) of KeenLab (@keen_lab), Tencent
libc++abi Available for: OS X El Capitan v10.11 and later Impact: An application may be able to execute arbitrary code with root privileges Description: Multiple memory corruption issues were addressed through improved memory handling. CVE-2016-4621 : an anonymous researcher
libexpat Available for: OS X El Capitan v10.11 and later Impact: Processing maliciously crafted XML may lead to unexpected application termination or arbitrary code execution Description: Multiple memory corruption issues were addressed through improved memory handling. CVE-2016-0718 : Gustavo Grieco
LibreSSL Available for: OS X El Capitan v10.11 and later Impact: A remote attacker may be able to execute arbitrary code Description: Multiple issues existed in LibreSSL before 2.2.7. These were addressed by updating LibreSSL to version 2.2.7. CVE-2016-2108 : Huzaifa Sidhpurwala (Red Hat), Hanno Boeck, David Benjamin (Google) Mark Brand, Ian Beer of Google Project Zero CVE-2016-2109 : Brian Carpenter
libxml2 Available for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan v10.11 and later Impact: Parsing a maliciously crafted XML document may lead to disclosure of user information Description: An access issue existed in the parsing of maliciously crafted XML files. This issue was addressed through improved input validation. CVE-2016-4449 : Kostya Serebryany
libxml2 Available for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan v10.11 and later Impact: Multiple vulnerabilities in libxml2 Description: Multiple memory corruption issues were addressed through improved memory handling. CVE-2016-1836 : Wei Lei and Liu Yang of Nanyang Technological University CVE-2016-4447 : Wei Lei and Liu Yang of Nanyang Technological University CVE-2016-4448 : Apple CVE-2016-4483 : Gustavo Grieco CVE-2016-4614 : Nick Wellnhofe CVE-2016-4615 : Nick Wellnhofer CVE-2016-4616 : Michael Paddon CVE-2016-4619 : Hanno Boeck
libxslt Available for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan v10.11 and later Impact: Multiple vulnerabilities in libxslt Description: Multiple memory corruption issues were addressed through improved memory handling. CVE-2016-1684 : Nicolas GrA(c)goire CVE-2016-4607 : Nick Wellnhofer CVE-2016-4608 : Nicolas GrA(c)goire CVE-2016-4609 : Nick Wellnhofer CVE-2016-4610 : Nick Wellnhofer CVE-2016-4612 : Nicolas GrA(c)goire
Login Window Available for: OS X El Capitan v10.11 and later Impact: A malicious application may be able to execute arbitrary code leading to compromise of user information Description: A memory corruption issue was addressed through improved input validation. CVE-2016-4640 : Yubin Fu of Tencent KeenLab working with Trend Micro's Zero Day Initiative
Login Window Available for: OS X El Capitan v10.11 and later Impact: A malicious application may be able to execute arbitrary code leading to the compromise of user information Description: A type confusion issue was addressed through improved memory handling. CVE-2016-4641 : Yubin Fu of Tencent KeenLab working with Trend Micro's Zero Day Initiative
Login Window Available for: OS X El Capitan v10.11 and later Impact: A local user may be able to cause a denial of service Description: A memory initialization issue was addressed through improved memory handling. CVE-2016-4639 : Yubin Fu of Tencent KeenLab working with Trend Micro's Zero Day Initiative
Login Window Available for: OS X El Capitan v10.11 and later Impact: A malicious application may be able to gain root privileges Description: A type confusion issue was addressed through improved memory handling. CVE-2016-4638 : Yubin Fu of Tencent KeenLab working with Trend Micro's Zero Day Initiative
OpenSSL Available for: OS X El Capitan v10.11 and later Impact: A remote attacker may be able to execute arbitrary code Description: Multiple issues existed in OpenSSL. These issues were resolved by backporting the fixes from OpenSSL 1.0.2h/1.0.1 to OpenSSL 0.9.8. CVE-2016-2105 : Guido Vranken CVE-2016-2106 : Guido Vranken CVE-2016-2107 : Juraj Somorovsky CVE-2016-2108 : Huzaifa Sidhpurwala (Red Hat), Hanno Boeck, David Benjamin (Google), Mark Brand and Ian Beer of Google Project Zero CVE-2016-2109 : Brian Carpenter CVE-2016-2176 : Guido Vranken
QuickTime Available for: OS X El Capitan v10.11 and later Impact: Processing a maliciously crafted FlashPix Bitmap Image may lead to unexpected application termination or arbitrary code execution Description: Multiple memory corruption issues were addressed through improved memory handling. CVE-2016-4596 : Ke Liu of Tencent's Xuanwu Lab CVE-2016-4597 : Ke Liu of Tencent's Xuanwu Lab CVE-2016-4600 : Ke Liu of Tencent's Xuanwu Lab CVE-2016-4602 : Ke Liu of Tencent's Xuanwu Lab
QuickTime Available for: OS X El Capitan v10.11 and later Impact: Processing a maliciously crafted image may lead to arbitrary code execution Description: A memory corruption issue was addressed through improved input validation. CVE-2016-4598 : Ke Liu of Tencent's Xuanwu Lab
QuickTime Available for: OS X El Capitan v10.11 and later Impact: Processing a maliciously crafted SGI file may lead to arbitrary code execution Description: A memory corruption issue was addressed through improved input validation. CVE-2016-4601 : Ke Liu of Tencent's Xuanwu Lab
QuickTime Available for: OS X El Capitan v10.11 and later Impact: Processing a maliciously crafted Photoshop document may lead to unexpected application termination or arbitrary code execution Description: A memory corruption issue was addressed through improved input validation. CVE-2016-4599 : Ke Liu of Tencent's Xuanwu Lab
Safari Login AutoFill Available for: OS X El Capitan v10.11 and later Impact: A user's password may be visible on screen Description: An issue existed in Safari's password auto-fill. This issue was addressed through improved matching of form fields. CVE-2016-4595 : Jonathan Lewis from DeARX Services (PTY) LTD
Sandbox Profiles Available for: OS X El Capitan v10.11 and later Impact: A local application may be able to access the process list Description: An access issue existed with privileged API calls. This issue was addressed through additional restrictions. CVE-2016-4594 : Stefan Esser of SektionEins
Note: OS X El Capitan 10.11.6 includes the security content of Safari 9.1.2. For further details see https://support.apple.com/kb/HT206900
OS X El Capitan v10.11.6 and Security Update 2016-004 may be obtained from the Mac App Store or Apple's Software Downloads web site: http://www.apple.com/support/downloads/
Information will also be posted to the Apple Security Updates web site: http://support.apple.com/kb/HT201222
This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- Comment: GPGTools - https://gpgtools.org
iQIcBAEBCgAGBQJXjXAvAAoJEIOj74w0bLRG/5EP/2v9SJTrO+/4b3A1gqC1ch8y +cJ04tXRsO7rvjKT5nCylo30U0Sanz/bUbDx4559YS7/P/IyeyZVheaTJwK8wzEy pSOPpy35hUuVIw0/p4YsuHDThSBPFMmDljTxH7elkfuBV1lPSrCkyDXc0re2HxWV xj68zAxtM0jkkhgcxb2ApZSZVXhrjUZtbY0xEVOoWKKFwbMvKfx+4xSqunwQeS1u wevs1EbxfvsZbc3pG+xYcOonbegBzOy9aCvNO1Yv1zG+AYXC5ERMq1vk3PsWOTQN ZVY1I7mvCaEfvmjq2isRw8XYapAIKISDLwMKBSYrZDQFwPQLRi1VXxQZ67Kq1M3k ah04/lr0RIcoosIcBqxD2+1UAFjUzEUNFkYivjhuaeegN2QdL7Ujegf1QjdAt8lk mmKduxYUDOaRX50Kw7n14ZveJqzE1D5I6QSItaZ9M1vR60a7u91DSj9D87vbt1YC JM/Rvf/4vonp1NjwA2JQwCiZfYliBDdn9iiCl8mzxdsSRD/wXcZCs05nnKmKsCfc 55ET7IwdG3622lVheOJGQZuucwJiTn36zC11XVzZysQd/hLD5rUKUQNX1WOgZdzs xPsslXF5MWx9jcdyWVSWxDrN0sFk+GpQFQDuVozP60xuxqR3qQ0TXir2NP39uIF5 YozOGPQFmX0OviWCQsX6 =ng+m -----END PGP SIGNATURE----- . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Note: the current version of the following document is available here: https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_n a-c05194709
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c05194709 Version: 1
HPSBGN03628 rev.1 - HPE IceWall Federation Agent using libXML2 library, Remote Denial of Service (DoS), Unauthorized Modification, Unauthorized Disclosure of Information
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2016-07-07 Last Updated: 2016-07-07
Potential Security Impact: Remote Denial of Service (DoS), Unauthorized Disclosure of Information, Unauthorized Modification
Source: Hewlett Packard Enterprise, Product Security Response Team
VULNERABILITY SUMMARY Security vulnerabilities in the libXML2 library could potentially impact HPE IceWall Federation Agent resulting in Remote Denial of Service (DoS), or unauthorized modification, or unauthorized disclosure of information.
References:
- CVE-2016-4447: Remote Denial of Service (DoS)
- CVE-2016-4448: Remote unauthorized disclosure of information, unauthorized modification, Denial of Service (DoS)
- CVE-2016-4449: Remote unauthorized disclosure of information, Denial of Service (DoS)
- PSRT110164
SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed.
- IceWall Federation Agent Version 3.0 (RHEL 6/7) using libXML2
BACKGROUND
CVSS Base Metrics ================= Reference, CVSS V3 Score/Vector, CVSS V2 Score/Vector
CVE-2016-4447
7.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
5.0 (AV:N/AC:L/Au:N/C:N/I:N/A:P)
CVE-2016-4448
9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVE-2016-4449
7.1 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H
5.8 (AV:N/AC:M/Au:N/C:P/I:N/A:P)
Information on CVSS is documented in
HPE Customer Notice HPSN-2008-002 here:
https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay/?docI
d=emr_na-c01345499
RESOLUTION
HPE recommends applying the latest OS vendor security patches for libXML2 to resolve the vulnerabilities in the libXML2 library.
HISTORY Version:1 (rev.1) - 7 July 2016 Initial release
Third Party Security Patches: Third party security patches that are to be installed on systems running Hewlett Packard Enterprise (HPE) software products should be applied in accordance with the customer's patch management policy.
Support: For issues about implementing the recommendations of this Security Bulletin, contact normal HPE Services support channel. For other issues about the content of this Security Bulletin, send e-mail to security-alert@hpe.com.
Report: To report a potential security vulnerability with any HPE supported product, send Email to: security-alert@hpe.com
Subscribe: To initiate a subscription to receive future HPE Security Bulletin alerts via Email: http://www.hpe.com/support/Subscriber_Choice
Security Bulletin Archive: A list of recently released Security Bulletins is available here: http://www.hpe.com/support/Security_Bulletin_Archive
Software Product Category: The Software Product Category is represented in the title by the two characters following HPSB.
3C = 3COM 3P = 3rd Party Software GN = HPE General Software HF = HPE Hardware and Firmware MU = Multi-Platform Software NS = NonStop Servers OV = OpenVMS PV = ProCurve ST = Storage Software UX = HP-UX
Copyright 2016 Hewlett Packard Enterprise
Hewlett Packard Enterprise shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett Packard Enterprise and the names of Hewlett Packard Enterprise products referenced herein are trademarks of Hewlett Packard Enterprise in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners.
Here are the details from the Slackware 14.1 ChangeLog: +--------------------------+ patches/packages/libxml2-2.9.4-i486-1_slack14.1.txz: Upgraded. Format string vulnerability (CVE-2016-4448). Inappropriate fetch of entities content (CVE-2016-4449). For more information, see: http://xmlsoft.org/news.html http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4447 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4448 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4449 ( Security fix ) +--------------------------+
Where to find the new packages: +-----------------------------+
Thanks to the friendly folks at the OSU Open Source Lab (http://osuosl.org) for donating FTP and rsync hosting to the Slackware project! :-)
Also see the "Get Slack" section on http://slackware.com for additional mirror sites near you.
Updated package for Slackware 14.0: ftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/libxml2-2.9.4-i486-1_slack14.0.txz
Updated package for Slackware x86_64 14.0: ftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/libxml2-2.9.4-x86_64-1_slack14.0.txz
Updated package for Slackware 14.1: ftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/libxml2-2.9.4-i486-1_slack14.1.txz
Updated package for Slackware x86_64 14.1: ftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/libxml2-2.9.4-x86_64-1_slack14.1.txz
Updated package for Slackware -current: ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/l/libxml2-2.9.4-i586-1.txz
Updated package for Slackware x86_64 -current: ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/l/libxml2-2.9.4-x86_64-1.txz
MD5 signatures: +-------------+
Slackware 14.0 package: c498433ae7d6077a9d5245877aa2c06e libxml2-2.9.4-i486-1_slack14.0.txz
Slackware x86_64 14.0 package: c92258a87bb30a6cdce2b5428d640bd5 libxml2-2.9.4-x86_64-1_slack14.0.txz
Slackware 14.1 package: 2b74b913a164a23ad2da10eebf923e46 libxml2-2.9.4-i486-1_slack14.1.txz
Slackware x86_64 14.1 package: e2dee612c7de77822824e43a61414c2c libxml2-2.9.4-x86_64-1_slack14.1.txz
Slackware -current package: 98d1ede4a347a49f2ad972ac5339b9e6 l/libxml2-2.9.4-i586-1.txz
Slackware x86_64 -current package: c2d5721aac77b74d7e47a2a8a372d47a l/libxml2-2.9.4-x86_64-1.txz
Installation instructions: +------------------------+
Upgrade the package as root:
upgradepkg libxml2-2.9.4-i486-1_slack14.1.txz
+-----+
Slackware Linux Security Team http://slackware.com/gpg-key security@slackware.com
+------------------------------------------------------------------------+ | To leave the slackware-security mailing list: | +------------------------------------------------------------------------+ | Send an email to majordomo@slackware.com with this text in the body of | | the email message: | | | | unsubscribe slackware-security | | | | You will get a confirmation message back containing instructions to | | complete the process. Please do not reply to this email address. Description:
This release of Red Hat JBoss Core Services httpd 2.4.23 serves as a replacement for JBoss Core Services Apache HTTP Server 2.4.6. (CVE-2016-1762, CVE-2016-1833, CVE-2016-1834, CVE-2016-1835, CVE-2016-1836, CVE-2016-1837, CVE-2016-1838, CVE-2016-1839, CVE-2016-1840, CVE-2016-3627, CVE-2016-3705, CVE-2016-4447, CVE-2016-4448, CVE-2016-4449, CVE-2016-4483)
-
This update fixes three flaws in curl. (CVE-2016-5419, CVE-2016-5420, CVE-2016-7141)
-
This update fixes two flaws in httpd. (CVE-2016-4459, CVE-2016-8612)
-
A buffer overflow flaw when concatenating virtual host names and URIs was fixed in mod_jk. (CVE-2016-6808)
-
A memory leak flaw was fixed in expat. Upstream acknowledges Stephen Henson (OpenSSL development team) as the original reporter of CVE-2015-0286; Huzaifa Sidhpurwala (Red Hat), Hanno BAPck, and David Benjamin (Google) as the original reporters of CVE-2016-2108; Guido Vranken as the original reporter of CVE-2016-2105, CVE-2016-2106, CVE-2016-0797, CVE-2016-0799, and CVE-2016-2842; Juraj Somorovsky as the original reporter of CVE-2016-2107; Yuval Yarom (University of Adelaide and NICTA), Daniel Genkin (Technion and Tel Aviv University), and Nadia Heninger (University of Pennsylvania) as the original reporters of CVE-2016-0702; and Adam Langley (Google/BoringSSL) as the original reporter of CVE-2016-0705.
See the corresponding CVE pages linked to in the References section for more information about each of the flaws listed in this advisory. Solution:
The References section of this erratum contains a download link (you must log in to download the update). Before applying the update, back up your existing Red Hat JBoss Web Server installation (including all applications and configuration files).
After installing the updated packages, the httpd daemon will be restarted automatically. JIRA issues fixed (https://issues.jboss.org/):
JBCS-50 - CVE-2012-1148 CVE-2012-0876 expat: various flaws [jbews-3.0.0] JBCS-95 - CVE-2014-3523 httpd: WinNT MPM denial of service
- CVE-2016-4594 : Stefan Esser of SektionEins
Installation note:
Instructions on how to update your Apple Watch software are available at https://support.apple.com/en-us/HT204641
To check the version on your Apple Watch, open the Apple Watch app on your iPhone and select "My Watch > General > About".
Alternatively, on your watch, select "My Watch > General > About"
Show details on source website{
"affected_products": {
"_id": null,
"data": [
{
"_id": null,
"model": "web gateway",
"scope": "lte",
"trust": 1.0,
"vendor": "mcafee",
"version": "7.5.2.10"
},
{
"_id": null,
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "15.10"
},
{
"_id": null,
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "14.04"
},
{
"_id": null,
"model": "iphone os",
"scope": "lte",
"trust": 1.0,
"vendor": "apple",
"version": "9.3.2"
},
{
"_id": null,
"model": "vm server",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "3.4"
},
{
"_id": null,
"model": "web gateway",
"scope": "gte",
"trust": 1.0,
"vendor": "mcafee",
"version": "7.6.0.0"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "debian",
"version": "7.0"
},
{
"_id": null,
"model": "libxml2",
"scope": "lte",
"trust": 1.0,
"vendor": "xmlsoft",
"version": "2.9.3"
},
{
"_id": null,
"model": "tvos",
"scope": "lte",
"trust": 1.0,
"vendor": "apple",
"version": "9.2.1"
},
{
"_id": null,
"model": "mac os x",
"scope": "lte",
"trust": 1.0,
"vendor": "apple",
"version": "10.11.5"
},
{
"_id": null,
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "12.04"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "debian",
"version": "8.0"
},
{
"_id": null,
"model": "icewall federation agent",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": "3.0"
},
{
"_id": null,
"model": "watchos",
"scope": "lte",
"trust": 1.0,
"vendor": "apple",
"version": "2.2.1"
},
{
"_id": null,
"model": "web gateway",
"scope": "gte",
"trust": 1.0,
"vendor": "mcafee",
"version": "7.5.0.0"
},
{
"_id": null,
"model": "web gateway",
"scope": "lte",
"trust": 1.0,
"vendor": "mcafee",
"version": "7.6.2.3"
},
{
"_id": null,
"model": "itunes",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "12.4.1"
},
{
"_id": null,
"model": "vm server",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "3.3"
},
{
"_id": null,
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "16.04"
},
{
"_id": null,
"model": "libxml2",
"scope": "eq",
"trust": 0.6,
"vendor": "xmlsoft",
"version": "2.9.3"
}
],
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201605-637"
},
{
"db": "NVD",
"id": "CVE-2016-4447"
}
]
},
"credits": {
"_id": null,
"data": "Apple",
"sources": [
{
"db": "PACKETSTORM",
"id": "137959"
},
{
"db": "PACKETSTORM",
"id": "137958"
},
{
"db": "PACKETSTORM",
"id": "137960"
}
],
"trust": 0.3
},
"cve": "CVE-2016-4447",
"cvss": {
"_id": null,
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CVE-2016-4447",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.1,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "VHN-93266",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"id": "CVE-2016-4447",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2016-4447",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201605-637",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-93266",
"trust": 0.1,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2016-4447",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-93266"
},
{
"db": "VULMON",
"id": "CVE-2016-4447"
},
{
"db": "CNNVD",
"id": "CNNVD-201605-637"
},
{
"db": "NVD",
"id": "CVE-2016-4447"
}
]
},
"description": {
"_id": null,
"data": "The xmlParseElementDecl function in parser.c in libxml2 before 2.9.4 allows context-dependent attackers to cause a denial of service (heap-based buffer underread and application crash) via a crafted file, involving xmlParseName. Libxml2 is a C language-based function library for parsing XML documents developed by the GNOME project team. It supports multiple encoding formats, XPath analysis, Well-formed and valid verification, etc. There is a security vulnerability in the \u0027xmlParseElementDecl\u0027 function in the parser.c file of Libxml2 2.9.3 and earlier. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=====================================================================\n Red Hat Security Advisory\n\nSynopsis: Important: libxml2 security update\nAdvisory ID: RHSA-2016:1292-01\nProduct: Red Hat Enterprise Linux\nAdvisory URL: https://access.redhat.com/errata/RHSA-2016:1292\nIssue date: 2016-06-23\nCVE Names: CVE-2016-1762 CVE-2016-1833 CVE-2016-1834 \n CVE-2016-1835 CVE-2016-1836 CVE-2016-1837 \n CVE-2016-1838 CVE-2016-1839 CVE-2016-1840 \n CVE-2016-3627 CVE-2016-3705 CVE-2016-4447 \n CVE-2016-4448 CVE-2016-4449 \n=====================================================================\n\n1. Summary:\n\nAn update for libxml2 is now available for Red Hat Enterprise Linux 6 and\nRed Hat Enterprise Linux 7. \n\nRed Hat Product Security has rated this update as having a security impact\nof Important. A Common Vulnerability Scoring System (CVSS) base score,\nwhich gives a detailed severity rating, is available for each vulnerability\nfrom the CVE link(s) in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux Client (v. 7) - x86_64\nRed Hat Enterprise Linux Client Optional (v. 7) - x86_64\nRed Hat Enterprise Linux ComputeNode (v. 7) - x86_64\nRed Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64\nRed Hat Enterprise Linux HPC Node (v. 6) - x86_64\nRed Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64\nRed Hat Enterprise Linux Server (v. 6) - i386, ppc64, s390x, x86_64\nRed Hat Enterprise Linux Server (v. 7) - ppc64, ppc64le, s390x, x86_64\nRed Hat Enterprise Linux Server Optional (v. 6) - i386, ppc64, s390x, x86_64\nRed Hat Enterprise Linux Server Optional (v. 7) - ppc64, ppc64le, s390x, x86_64\nRed Hat Enterprise Linux Workstation (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Workstation (v. 7) - x86_64\nRed Hat Enterprise Linux Workstation Optional (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Workstation Optional (v. 7) - x86_64\n\n3. Description:\n\nThe libxml2 library is a development toolbox providing the implementation\nof various XML standards. \n\nSecurity Fix(es):\n\nA heap-based buffer overflow flaw was found in the way libxml2 parsed\ncertain crafted XML input. (CVE-2016-1834,\nCVE-2016-1840)\n\nMultiple denial of service flaws were found in libxml2. \n(CVE-2016-1762, CVE-2016-1833, CVE-2016-1835, CVE-2016-1836, CVE-2016-1837,\nCVE-2016-1838, CVE-2016-1839, CVE-2016-3627, CVE-2016-3705, CVE-2016-4447,\nCVE-2016-4448, CVE-2016-4449)\n\n4. Solution:\n\nFor details on how to apply this update, which includes the changes\ndescribed in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor the update to take effect, all applications linked to the libxml2\nlibrary must be restarted, or the system rebooted. \n\n5. Bugs fixed (https://bugzilla.redhat.com/):\n\n1319829 - CVE-2016-3627 libxml2: stack exhaustion while parsing xml files in recovery mode\n1332443 - CVE-2016-3705 libxml2: stack overflow before detecting invalid XML file\n1338682 - CVE-2016-1833 libxml2: Heap-based buffer overread in htmlCurrentChar\n1338686 - CVE-2016-4447 libxml2: Heap-based buffer underreads due to xmlParseName\n1338691 - CVE-2016-1835 libxml2: Heap use-after-free in xmlSAX2AttributeNs\n1338696 - CVE-2016-1837 libxml2: Heap use-after-free in htmlPArsePubidLiteral and htmlParseSystemiteral\n1338700 - CVE-2016-4448 libxml2: Format string vulnerability\n1338701 - CVE-2016-4449 libxml2: Inappropriate fetch of entities content\n1338702 - CVE-2016-1836 libxml2: Heap use-after-free in xmlDictComputeFastKey\n1338703 - CVE-2016-1839 libxml2: Heap-based buffer overread in xmlDictAddString\n1338705 - CVE-2016-1838 libxml2: Heap-based buffer overread in xmlPArserPrintFileContextInternal\n1338706 - CVE-2016-1840 libxml2: Heap-buffer-overflow in xmlFAParserPosCharGroup\n1338708 - CVE-2016-1834 libxml2: Heap-buffer-overflow in xmlStrncat\n1338711 - CVE-2016-1762 libxml2: Heap-based buffer-overread in xmlNextChar\n\n6. Package List:\n\nRed Hat Enterprise Linux HPC Node (v. 6):\n\nSource:\nlibxml2-2.7.6-21.el6_8.1.src.rpm\n\nx86_64:\nlibxml2-2.7.6-21.el6_8.1.i686.rpm\nlibxml2-2.7.6-21.el6_8.1.x86_64.rpm\nlibxml2-debuginfo-2.7.6-21.el6_8.1.i686.rpm\nlibxml2-debuginfo-2.7.6-21.el6_8.1.x86_64.rpm\nlibxml2-python-2.7.6-21.el6_8.1.x86_64.rpm\n\nRed Hat Enterprise Linux HPC Node Optional (v. 6):\n\nx86_64:\nlibxml2-debuginfo-2.7.6-21.el6_8.1.i686.rpm\nlibxml2-debuginfo-2.7.6-21.el6_8.1.x86_64.rpm\nlibxml2-devel-2.7.6-21.el6_8.1.i686.rpm\nlibxml2-devel-2.7.6-21.el6_8.1.x86_64.rpm\nlibxml2-static-2.7.6-21.el6_8.1.x86_64.rpm\n\nRed Hat Enterprise Linux Server (v. 6):\n\nSource:\nlibxml2-2.7.6-21.el6_8.1.src.rpm\n\ni386:\nlibxml2-2.7.6-21.el6_8.1.i686.rpm\nlibxml2-debuginfo-2.7.6-21.el6_8.1.i686.rpm\nlibxml2-devel-2.7.6-21.el6_8.1.i686.rpm\nlibxml2-python-2.7.6-21.el6_8.1.i686.rpm\n\nppc64:\nlibxml2-2.7.6-21.el6_8.1.ppc.rpm\nlibxml2-2.7.6-21.el6_8.1.ppc64.rpm\nlibxml2-debuginfo-2.7.6-21.el6_8.1.ppc.rpm\nlibxml2-debuginfo-2.7.6-21.el6_8.1.ppc64.rpm\nlibxml2-devel-2.7.6-21.el6_8.1.ppc.rpm\nlibxml2-devel-2.7.6-21.el6_8.1.ppc64.rpm\nlibxml2-python-2.7.6-21.el6_8.1.ppc64.rpm\n\ns390x:\nlibxml2-2.7.6-21.el6_8.1.s390.rpm\nlibxml2-2.7.6-21.el6_8.1.s390x.rpm\nlibxml2-debuginfo-2.7.6-21.el6_8.1.s390.rpm\nlibxml2-debuginfo-2.7.6-21.el6_8.1.s390x.rpm\nlibxml2-devel-2.7.6-21.el6_8.1.s390.rpm\nlibxml2-devel-2.7.6-21.el6_8.1.s390x.rpm\nlibxml2-python-2.7.6-21.el6_8.1.s390x.rpm\n\nx86_64:\nlibxml2-2.7.6-21.el6_8.1.i686.rpm\nlibxml2-2.7.6-21.el6_8.1.x86_64.rpm\nlibxml2-debuginfo-2.7.6-21.el6_8.1.i686.rpm\nlibxml2-debuginfo-2.7.6-21.el6_8.1.x86_64.rpm\nlibxml2-devel-2.7.6-21.el6_8.1.i686.rpm\nlibxml2-devel-2.7.6-21.el6_8.1.x86_64.rpm\nlibxml2-python-2.7.6-21.el6_8.1.x86_64.rpm\n\nRed Hat Enterprise Linux Server Optional (v. 6):\n\ni386:\nlibxml2-debuginfo-2.7.6-21.el6_8.1.i686.rpm\nlibxml2-static-2.7.6-21.el6_8.1.i686.rpm\n\nppc64:\nlibxml2-debuginfo-2.7.6-21.el6_8.1.ppc64.rpm\nlibxml2-static-2.7.6-21.el6_8.1.ppc64.rpm\n\ns390x:\nlibxml2-debuginfo-2.7.6-21.el6_8.1.s390x.rpm\nlibxml2-static-2.7.6-21.el6_8.1.s390x.rpm\n\nx86_64:\nlibxml2-debuginfo-2.7.6-21.el6_8.1.x86_64.rpm\nlibxml2-static-2.7.6-21.el6_8.1.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation (v. 6):\n\nSource:\nlibxml2-2.7.6-21.el6_8.1.src.rpm\n\ni386:\nlibxml2-2.7.6-21.el6_8.1.i686.rpm\nlibxml2-debuginfo-2.7.6-21.el6_8.1.i686.rpm\nlibxml2-devel-2.7.6-21.el6_8.1.i686.rpm\nlibxml2-python-2.7.6-21.el6_8.1.i686.rpm\n\nx86_64:\nlibxml2-2.7.6-21.el6_8.1.i686.rpm\nlibxml2-2.7.6-21.el6_8.1.x86_64.rpm\nlibxml2-debuginfo-2.7.6-21.el6_8.1.i686.rpm\nlibxml2-debuginfo-2.7.6-21.el6_8.1.x86_64.rpm\nlibxml2-devel-2.7.6-21.el6_8.1.i686.rpm\nlibxml2-devel-2.7.6-21.el6_8.1.x86_64.rpm\nlibxml2-python-2.7.6-21.el6_8.1.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation Optional (v. 6):\n\ni386:\nlibxml2-debuginfo-2.7.6-21.el6_8.1.i686.rpm\nlibxml2-static-2.7.6-21.el6_8.1.i686.rpm\n\nx86_64:\nlibxml2-debuginfo-2.7.6-21.el6_8.1.x86_64.rpm\nlibxml2-static-2.7.6-21.el6_8.1.x86_64.rpm\n\nRed Hat Enterprise Linux Client (v. 7):\n\nSource:\nlibxml2-2.9.1-6.el7_2.3.src.rpm\n\nx86_64:\nlibxml2-2.9.1-6.el7_2.3.i686.rpm\nlibxml2-2.9.1-6.el7_2.3.x86_64.rpm\nlibxml2-debuginfo-2.9.1-6.el7_2.3.i686.rpm\nlibxml2-debuginfo-2.9.1-6.el7_2.3.x86_64.rpm\nlibxml2-python-2.9.1-6.el7_2.3.x86_64.rpm\n\nRed Hat Enterprise Linux Client Optional (v. 7):\n\nx86_64:\nlibxml2-debuginfo-2.9.1-6.el7_2.3.i686.rpm\nlibxml2-debuginfo-2.9.1-6.el7_2.3.x86_64.rpm\nlibxml2-devel-2.9.1-6.el7_2.3.i686.rpm\nlibxml2-devel-2.9.1-6.el7_2.3.x86_64.rpm\nlibxml2-static-2.9.1-6.el7_2.3.i686.rpm\nlibxml2-static-2.9.1-6.el7_2.3.x86_64.rpm\n\nRed Hat Enterprise Linux ComputeNode (v. 7):\n\nSource:\nlibxml2-2.9.1-6.el7_2.3.src.rpm\n\nx86_64:\nlibxml2-2.9.1-6.el7_2.3.i686.rpm\nlibxml2-2.9.1-6.el7_2.3.x86_64.rpm\nlibxml2-debuginfo-2.9.1-6.el7_2.3.i686.rpm\nlibxml2-debuginfo-2.9.1-6.el7_2.3.x86_64.rpm\nlibxml2-python-2.9.1-6.el7_2.3.x86_64.rpm\n\nRed Hat Enterprise Linux ComputeNode Optional (v. 7):\n\nx86_64:\nlibxml2-debuginfo-2.9.1-6.el7_2.3.i686.rpm\nlibxml2-debuginfo-2.9.1-6.el7_2.3.x86_64.rpm\nlibxml2-devel-2.9.1-6.el7_2.3.i686.rpm\nlibxml2-devel-2.9.1-6.el7_2.3.x86_64.rpm\nlibxml2-static-2.9.1-6.el7_2.3.i686.rpm\nlibxml2-static-2.9.1-6.el7_2.3.x86_64.rpm\n\nRed Hat Enterprise Linux Server (v. 7):\n\nSource:\nlibxml2-2.9.1-6.el7_2.3.src.rpm\n\nppc64:\nlibxml2-2.9.1-6.el7_2.3.ppc.rpm\nlibxml2-2.9.1-6.el7_2.3.ppc64.rpm\nlibxml2-debuginfo-2.9.1-6.el7_2.3.ppc.rpm\nlibxml2-debuginfo-2.9.1-6.el7_2.3.ppc64.rpm\nlibxml2-devel-2.9.1-6.el7_2.3.ppc.rpm\nlibxml2-devel-2.9.1-6.el7_2.3.ppc64.rpm\nlibxml2-python-2.9.1-6.el7_2.3.ppc64.rpm\n\nppc64le:\nlibxml2-2.9.1-6.el7_2.3.ppc64le.rpm\nlibxml2-debuginfo-2.9.1-6.el7_2.3.ppc64le.rpm\nlibxml2-devel-2.9.1-6.el7_2.3.ppc64le.rpm\nlibxml2-python-2.9.1-6.el7_2.3.ppc64le.rpm\n\ns390x:\nlibxml2-2.9.1-6.el7_2.3.s390.rpm\nlibxml2-2.9.1-6.el7_2.3.s390x.rpm\nlibxml2-debuginfo-2.9.1-6.el7_2.3.s390.rpm\nlibxml2-debuginfo-2.9.1-6.el7_2.3.s390x.rpm\nlibxml2-devel-2.9.1-6.el7_2.3.s390.rpm\nlibxml2-devel-2.9.1-6.el7_2.3.s390x.rpm\nlibxml2-python-2.9.1-6.el7_2.3.s390x.rpm\n\nx86_64:\nlibxml2-2.9.1-6.el7_2.3.i686.rpm\nlibxml2-2.9.1-6.el7_2.3.x86_64.rpm\nlibxml2-debuginfo-2.9.1-6.el7_2.3.i686.rpm\nlibxml2-debuginfo-2.9.1-6.el7_2.3.x86_64.rpm\nlibxml2-devel-2.9.1-6.el7_2.3.i686.rpm\nlibxml2-devel-2.9.1-6.el7_2.3.x86_64.rpm\nlibxml2-python-2.9.1-6.el7_2.3.x86_64.rpm\n\nRed Hat Enterprise Linux Server Optional (v. 7):\n\nppc64:\nlibxml2-debuginfo-2.9.1-6.el7_2.3.ppc.rpm\nlibxml2-debuginfo-2.9.1-6.el7_2.3.ppc64.rpm\nlibxml2-static-2.9.1-6.el7_2.3.ppc.rpm\nlibxml2-static-2.9.1-6.el7_2.3.ppc64.rpm\n\nppc64le:\nlibxml2-debuginfo-2.9.1-6.el7_2.3.ppc64le.rpm\nlibxml2-static-2.9.1-6.el7_2.3.ppc64le.rpm\n\ns390x:\nlibxml2-debuginfo-2.9.1-6.el7_2.3.s390.rpm\nlibxml2-debuginfo-2.9.1-6.el7_2.3.s390x.rpm\nlibxml2-static-2.9.1-6.el7_2.3.s390.rpm\nlibxml2-static-2.9.1-6.el7_2.3.s390x.rpm\n\nx86_64:\nlibxml2-debuginfo-2.9.1-6.el7_2.3.i686.rpm\nlibxml2-debuginfo-2.9.1-6.el7_2.3.x86_64.rpm\nlibxml2-static-2.9.1-6.el7_2.3.i686.rpm\nlibxml2-static-2.9.1-6.el7_2.3.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation (v. 7):\n\nSource:\nlibxml2-2.9.1-6.el7_2.3.src.rpm\n\nx86_64:\nlibxml2-2.9.1-6.el7_2.3.i686.rpm\nlibxml2-2.9.1-6.el7_2.3.x86_64.rpm\nlibxml2-debuginfo-2.9.1-6.el7_2.3.i686.rpm\nlibxml2-debuginfo-2.9.1-6.el7_2.3.x86_64.rpm\nlibxml2-devel-2.9.1-6.el7_2.3.i686.rpm\nlibxml2-devel-2.9.1-6.el7_2.3.x86_64.rpm\nlibxml2-python-2.9.1-6.el7_2.3.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation Optional (v. 7):\n\nx86_64:\nlibxml2-debuginfo-2.9.1-6.el7_2.3.i686.rpm\nlibxml2-debuginfo-2.9.1-6.el7_2.3.x86_64.rpm\nlibxml2-static-2.9.1-6.el7_2.3.i686.rpm\nlibxml2-static-2.9.1-6.el7_2.3.x86_64.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. References:\n\nhttps://access.redhat.com/security/cve/CVE-2016-1762\nhttps://access.redhat.com/security/cve/CVE-2016-1833\nhttps://access.redhat.com/security/cve/CVE-2016-1834\nhttps://access.redhat.com/security/cve/CVE-2016-1835\nhttps://access.redhat.com/security/cve/CVE-2016-1836\nhttps://access.redhat.com/security/cve/CVE-2016-1837\nhttps://access.redhat.com/security/cve/CVE-2016-1838\nhttps://access.redhat.com/security/cve/CVE-2016-1839\nhttps://access.redhat.com/security/cve/CVE-2016-1840\nhttps://access.redhat.com/security/cve/CVE-2016-3627\nhttps://access.redhat.com/security/cve/CVE-2016-3705\nhttps://access.redhat.com/security/cve/CVE-2016-4447\nhttps://access.redhat.com/security/cve/CVE-2016-4448\nhttps://access.redhat.com/security/cve/CVE-2016-4449\nhttps://access.redhat.com/security/updates/classification/#important\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2016 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niD8DBQFXa8B8XlSAg2UNWIIRAh9ZAJ99xgPhOaIopIxmynm+vlDcmw4jFACeLvTm\nZsVLEgJAF0Zt6xZVzqvVW7U=\n=fREV\n-----END PGP SIGNATURE-----\n\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n. \n\nFor the stable distribution (jessie), these problems have been fixed in\nversion 2.9.1+dfsg1-5+deb8u2. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA512\n\nAPPLE-SA-2016-07-18-2 iOS 9.3.3\n\niOS 9.3.3 is now available and addresses the following:\n\nCalendar\nAvailable for: iPhone 4s and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact: A maliciously crafted calendar invite may cause a device to\nunexpectedly restart\nDescription: A null pointer dereference was addressed through\nimproved memory handling. \nCVE-2016-4592 : Mikhail\n\nWebKit\nAvailable for: iPhone 4s and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact: Visiting a malicious website may disclose image data from\nanother website\nDescription: A timing issue existed in the processing of SVG. \nCVE-2016-4587 : Apple\n\nWebKit JavaScript Bindings\nAvailable for: iPhone 4s and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact: Visiting a maliciously crafted website may lead to script\nexecution in the context of a non-HTTP service\nDescription: A cross-protocol cross-site scripting (XPXSS) issue\nexisted in Safari when submitting forms to non-HTTP services\ncompatible with HTTP/0.9. This issue was addressed by disabling\nscripts and plugins on resources loaded over HTTP/0.9. \nCVE-2016-4651 : Obscure\n\nWebKit Page Loading\nAvailable for: iPhone 4s and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact: A malicious website may exfiltrate data cross-origin\nDescription: A cross-site scripting issue existed in Safari URL\nredirection. \nCVE-2016-4585 : Takeshi Terada of Mitsui Bussan Secure Directions,\nInc. \nCVE-2016-4584 : Chris Vienneau\n\nInstallation note:\n\nThis update is available through iTunes and Software Update on your\niOS device, and will not appear in your computer\u0027s Software Update\napplication, or in the Apple Downloads site. Make sure you have an\nInternet connection and have installed the latest version of iTunes\nfrom www.apple.com/itunes/\n\niTunes and Software Update on the device will automatically check\nApple\u0027s update server on its weekly schedule. When an update is\ndetected, it is downloaded and the option to be installed is\npresented to the user when the iOS device is docked. We recommend\napplying the update immediately if possible. Selecting Don\u0027t Install\nwill present the option the next time you connect your iOS device. \n\nThe automatic update process may take up to a week depending on the\nday that iTunes or the device checks for updates. You may manually\nobtain the update via the Check for Updates button within iTunes, or\nthe Software Update on your device. \n\nTo check that the iPhone, iPod touch, or iPad has been updated:\n\n* Navigate to Settings\n* Select General\n* Select About. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA512\n\nAPPLE-SA-2016-07-18-1 OS X El Capitan v10.11.6 and Security Update\n2016-004\n\nOS X El Capitan v10.11.6 and Security Update 2016-004 is now\navailable and addresses the following:\n\napache_mod_php\nAvailable for: \nOS X Yosemite v10.10.5 and OS X El Capitan v10.11 and later\nImpact: A remote attacker may be able to execute arbitrary code\nDescription: Multiple issues existed in PHP versions prior to\n5.5.36. These were addressed by updating PHP to version 5.5.36. \nCVE-2016-4650\n\nAudio\nAvailable for: OS X El Capitan v10.11 and later\nImpact: A local user may be able to execute arbitrary code with\nkernel privileges\nDescription: A memory corruption issue was addressed through\nimproved memory handling. \nCVE-2016-4647 : Juwei Lin (@fuzzerDOTcn) of Trend Micro\n\nAudio\nAvailable for: OS X El Capitan v10.11 and later\nImpact: A local user may be able to determine kernel memory layout\nDescription: An out-of-bounds read was addressed through improved\ninput validation. \nCVE-2016-4648 : Juwei Lin(@fuzzerDOTcn) of Trend Micro\n\nAudio\nAvailable for: OS X El Capitan v10.11 and later\nImpact: Parsing a maliciously crafted audio file may lead to the\ndisclosure of user information\nDescription: An out-of-bounds read was addressed through improved\nbounds checking. \nCVE-2016-4646 : Steven Seeley of Source Incite working with Trend\nMicro\u0027s Zero Day Initiative\n\nAudio\nAvailable for: OS X El Capitan v10.11 and later\nImpact: A local user may be able to cause a system denial of service\nDescription: A null pointer dereference was addressed through\nimproved input validation. \nCVE-2016-4649 : Juwei Lin(@fuzzerDOTcn) of Trend Micro\n\nbsdiff\nAvailable for: OS X El Capitan v10.11 and later\nImpact: A local attacker may be able to cause unexpected application\ntermination or arbitrary code execution\nDescription: An integer overflow existed in bspatch. This issue was\naddressed through improved bounds checking. \nCVE-2014-9862 : an anonymous researcher\n\nCFNetwork\nAvailable for: OS X El Capitan v10.11 and later\nImpact: A local user may be able to view sensitive user information\nDescription: A permissions issue existed in the handling of web\nbrowser cookies. This issue was addressed through improved\nrestrictions. \nCVE-2016-4645 : Abhinav Bansal of Zscaler Inc. \n\nCoreGraphics\nAvailable for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5,\nand OS X El Capitan v10.11 and later\nImpact: A remote attacker may be able to execute arbitrary code\nDescription: A memory corruption issue was addressed through\nimproved memory handling. \nCVE-2016-4637 : Tyler Bohan of Cisco Talos (talosintel.com\n/vulnerability-reports)\n\nCoreGraphics\nAvailable for: OS X El Capitan v10.11 and later\nImpact: A local user may be able to elevate privileges\nDescription: An out-of-bounds read issue existed that led to the\ndisclosure of kernel memory. This was addressed through improved\ninput validation. \nCVE-2016-4652 : Yubin Fu of Tencent KeenLab working with Trend\nMicro\u0027s Zero Day Initiative\n\nFaceTime\nAvailable for: OS X El Capitan v10.11 and later\nImpact: An attacker in a privileged network position may be able to\ncause a relayed call to continue transmitting audio while appearing\nas if the call terminated\nDescription: User interface inconsistencies existed in the handling\nof relayed calls. These issues were addressed through improved\nFaceTime display logic. \nCVE-2016-4635 : Martin Vigo\n\nGraphics Drivers\nAvailable for: OS X El Capitan v10.11 and later\nImpact: A local user may be able to execute arbitrary code with\nkernel privileges\nDescription: A memory corruption issue was addressed through\nimproved input validation. \nCVE-2016-4634 : Stefan Esser of SektionEins\n\nImageIO\nAvailable for: OS X El Capitan v10.11 and later\nImpact: A remote attacker may be able to cause a denial of service\nDescription: A memory consumption issue was addressed through\nimproved memory handling. \nCVE-2016-4632 : Evgeny Sidorov of Yandex\n\nImageIO\nAvailable for: OS X El Capitan v10.11 and later\nImpact: A remote attacker may be able to execute arbitrary code\nDescription: Multiple memory corruption issues were addressed\nthrough improved memory handling. \nCVE-2016-4631 : Tyler Bohan of Cisco Talos (talosintel.com\n/vulnerability-reports)\n\nImageIO\nAvailable for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5,\nand OS X El Capitan v10.11 and later\nImpact: A remote attacker may be able to execute arbitrary code\nDescription: Multiple memory corruption issues were addressed\nthrough improved memory handling. \nCVE-2016-4629 : Tyler Bohan of Cisco Talos (talosintel.com\n/vulnerability-reports)\nCVE-2016-4630 : Tyler Bohan of Cisco Talos (talosintel.com\n/vulnerability-reports)\n\nIntel Graphics Driver\nAvailable for: OS X El Capitan v10.11 and later\nImpact: A malicious application may be able to execute arbitrary\ncode with kernel privileges\nDescription: Multiple memory corruption issues were addressed\nthrough improved memory handling. \nCVE-2016-4633 : an anonymous researcher\n\nIOHIDFamily\nAvailable for: OS X El Capitan v10.11 and later\nImpact: A local user may be able to execute arbitrary code with\nkernel privileges\nDescription: A null pointer dereference was addressed through\nimproved input validation. \nCVE-2016-4626 : Stefan Esser of SektionEins\n\nIOSurface\nAvailable for: OS X El Capitan v10.11 and later\nImpact: A local user may be able to execute arbitrary code with\nkernel privileges\nDescription: A use-after-free was addressed through improved memory\nmanagement. \nCVE-2016-4625 : Ian Beer of Google Project Zero\n\nKernel\nAvailable for: OS X El Capitan v10.11 and later\nImpact: A local user may be able to execute arbitrary code with\nkernel privileges\nDescription: Multiple memory corruption issues were addressed\nthrough improved memory handling. \nCVE-2016-1863 : Ian Beer of Google Project Zero\nCVE-2016-1864 : Ju Zhu of Trend Micro\nCVE-2016-4582 : Shrek_wzw and Proteas of Qihoo 360 Nirvan Team\n\nKernel\nAvailable for: OS X El Capitan v10.11 and later\nImpact: A local user may be able to cause a system denial of service\nDescription: A null pointer dereference was addressed through\nimproved input validation. \nCVE-2016-1865 : CESG, Marco Grassi (@marcograss) of KeenLab\n(@keen_lab), Tencent\n\nlibc++abi\nAvailable for: OS X El Capitan v10.11 and later\nImpact: An application may be able to execute arbitrary code with\nroot privileges\nDescription: Multiple memory corruption issues were addressed\nthrough improved memory handling. \nCVE-2016-4621 : an anonymous researcher\n\nlibexpat\nAvailable for: OS X El Capitan v10.11 and later\nImpact: Processing maliciously crafted XML may lead to unexpected\napplication termination or arbitrary code execution\nDescription: Multiple memory corruption issues were addressed\nthrough improved memory handling. \nCVE-2016-0718 : Gustavo Grieco\n\nLibreSSL\nAvailable for: OS X El Capitan v10.11 and later\nImpact: A remote attacker may be able to execute arbitrary code\nDescription: Multiple issues existed in LibreSSL before 2.2.7. These\nwere addressed by updating LibreSSL to version 2.2.7. \nCVE-2016-2108 : Huzaifa Sidhpurwala (Red Hat), Hanno Boeck, David Benjamin (Google) Mark Brand,\nIan Beer of Google Project Zero\nCVE-2016-2109 : Brian Carpenter\n\nlibxml2\nAvailable for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5,\nand OS X El Capitan v10.11 and later\nImpact: Parsing a maliciously crafted XML document may lead to\ndisclosure of user information\nDescription: An access issue existed in the parsing of maliciously\ncrafted XML files. This issue was addressed through improved input\nvalidation. \nCVE-2016-4449 : Kostya Serebryany\n\nlibxml2\nAvailable for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5,\nand OS X El Capitan v10.11 and later\nImpact: Multiple vulnerabilities in libxml2\nDescription: Multiple memory corruption issues were addressed\nthrough improved memory handling. \nCVE-2016-1836 : Wei Lei and Liu Yang of Nanyang Technological\nUniversity\nCVE-2016-4447 : Wei Lei and Liu Yang of Nanyang Technological\nUniversity\nCVE-2016-4448 : Apple\nCVE-2016-4483 : Gustavo Grieco\nCVE-2016-4614 : Nick Wellnhofe\nCVE-2016-4615 : Nick Wellnhofer\nCVE-2016-4616 : Michael Paddon\nCVE-2016-4619 : Hanno Boeck\n\nlibxslt\nAvailable for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5,\nand OS X El Capitan v10.11 and later\nImpact: Multiple vulnerabilities in libxslt\nDescription: Multiple memory corruption issues were addressed\nthrough improved memory handling. \nCVE-2016-1684 : Nicolas GrA(c)goire\nCVE-2016-4607 : Nick Wellnhofer\nCVE-2016-4608 : Nicolas GrA(c)goire\nCVE-2016-4609 : Nick Wellnhofer\nCVE-2016-4610 : Nick Wellnhofer\nCVE-2016-4612 : Nicolas GrA(c)goire\n\nLogin Window\nAvailable for: OS X El Capitan v10.11 and later\nImpact: A malicious application may be able to execute arbitrary\ncode leading to compromise of user information\nDescription: A memory corruption issue was addressed through\nimproved input validation. \nCVE-2016-4640 : Yubin Fu of Tencent KeenLab working with Trend\nMicro\u0027s Zero Day Initiative\n\nLogin Window\nAvailable for: OS X El Capitan v10.11 and later\nImpact: A malicious application may be able to execute arbitrary\ncode leading to the compromise of user information\nDescription: A type confusion issue was addressed through improved\nmemory handling. \nCVE-2016-4641 : Yubin Fu of Tencent KeenLab working with Trend\nMicro\u0027s Zero Day Initiative\n\nLogin Window\nAvailable for: OS X El Capitan v10.11 and later\nImpact: A local user may be able to cause a denial of service\nDescription: A memory initialization issue was addressed through\nimproved memory handling. \nCVE-2016-4639 : Yubin Fu of Tencent KeenLab working with Trend\nMicro\u0027s Zero Day Initiative\n\nLogin Window\nAvailable for: OS X El Capitan v10.11 and later\nImpact: A malicious application may be able to gain root privileges\nDescription: A type confusion issue was addressed through improved\nmemory handling. \nCVE-2016-4638 : Yubin Fu of Tencent KeenLab working with Trend\nMicro\u0027s Zero Day Initiative\n\nOpenSSL\nAvailable for: OS X El Capitan v10.11 and later\nImpact: A remote attacker may be able to execute arbitrary code\nDescription: Multiple issues existed in OpenSSL. These issues were resolved by backporting the fixes from OpenSSL 1.0.2h/1.0.1 to OpenSSL 0.9.8. \nCVE-2016-2105 : Guido Vranken\nCVE-2016-2106 : Guido Vranken\nCVE-2016-2107 : Juraj Somorovsky\nCVE-2016-2108 : Huzaifa Sidhpurwala (Red Hat), Hanno Boeck, David Benjamin (Google), Mark Brand and Ian Beer of Google Project Zero\nCVE-2016-2109 : Brian Carpenter\nCVE-2016-2176 : Guido Vranken\n\nQuickTime\nAvailable for: OS X El Capitan v10.11 and later\nImpact: Processing a maliciously crafted FlashPix Bitmap Image may\nlead to unexpected application termination or arbitrary code\nexecution\nDescription: Multiple memory corruption issues were addressed\nthrough improved memory handling. \nCVE-2016-4596 : Ke Liu of Tencent\u0027s Xuanwu Lab\nCVE-2016-4597 : Ke Liu of Tencent\u0027s Xuanwu Lab\nCVE-2016-4600 : Ke Liu of Tencent\u0027s Xuanwu Lab\nCVE-2016-4602 : Ke Liu of Tencent\u0027s Xuanwu Lab\n\nQuickTime\nAvailable for: OS X El Capitan v10.11 and later\nImpact: Processing a maliciously crafted image may lead to arbitrary\ncode execution\nDescription: A memory corruption issue was addressed through\nimproved input validation. \nCVE-2016-4598 : Ke Liu of Tencent\u0027s Xuanwu Lab\n\nQuickTime\nAvailable for: OS X El Capitan v10.11 and later\nImpact: Processing a maliciously crafted SGI file may lead to\narbitrary code execution\nDescription: A memory corruption issue was addressed through\nimproved input validation. \nCVE-2016-4601 : Ke Liu of Tencent\u0027s Xuanwu Lab\n\nQuickTime\nAvailable for: OS X El Capitan v10.11 and later\nImpact: Processing a maliciously crafted Photoshop document may lead\nto unexpected application termination or arbitrary code execution\nDescription: A memory corruption issue was addressed through\nimproved input validation. \nCVE-2016-4599 : Ke Liu of Tencent\u0027s Xuanwu Lab\n\nSafari Login AutoFill\nAvailable for: OS X El Capitan v10.11 and later\nImpact: A user\u0027s password may be visible on screen\nDescription: An issue existed in Safari\u0027s password auto-fill. This\nissue was addressed through improved matching of form fields. \nCVE-2016-4595 : Jonathan Lewis from DeARX Services (PTY) LTD\n\nSandbox Profiles\nAvailable for: OS X El Capitan v10.11 and later\nImpact: A local application may be able to access the process list\nDescription: An access issue existed with privileged API calls. This\nissue was addressed through additional restrictions. \nCVE-2016-4594 : Stefan Esser of SektionEins\n\nNote: OS X El Capitan 10.11.6 includes the security content of Safari\n9.1.2. For further details see https://support.apple.com/kb/HT206900\n\n\nOS X El Capitan v10.11.6 and Security Update 2016-004 may be obtained\nfrom the Mac App Store or Apple\u0027s Software Downloads web site:\nhttp://www.apple.com/support/downloads/\n\nInformation will also be posted to the Apple Security Updates\nweb site: http://support.apple.com/kb/HT201222\n\nThis message is signed with Apple\u0027s Product Security PGP key,\nand details are available at:\nhttps://www.apple.com/support/security/pgp/\n-----BEGIN PGP SIGNATURE-----\nComment: GPGTools - https://gpgtools.org\n\niQIcBAEBCgAGBQJXjXAvAAoJEIOj74w0bLRG/5EP/2v9SJTrO+/4b3A1gqC1ch8y\n+cJ04tXRsO7rvjKT5nCylo30U0Sanz/bUbDx4559YS7/P/IyeyZVheaTJwK8wzEy\npSOPpy35hUuVIw0/p4YsuHDThSBPFMmDljTxH7elkfuBV1lPSrCkyDXc0re2HxWV\nxj68zAxtM0jkkhgcxb2ApZSZVXhrjUZtbY0xEVOoWKKFwbMvKfx+4xSqunwQeS1u\nwevs1EbxfvsZbc3pG+xYcOonbegBzOy9aCvNO1Yv1zG+AYXC5ERMq1vk3PsWOTQN\nZVY1I7mvCaEfvmjq2isRw8XYapAIKISDLwMKBSYrZDQFwPQLRi1VXxQZ67Kq1M3k\nah04/lr0RIcoosIcBqxD2+1UAFjUzEUNFkYivjhuaeegN2QdL7Ujegf1QjdAt8lk\nmmKduxYUDOaRX50Kw7n14ZveJqzE1D5I6QSItaZ9M1vR60a7u91DSj9D87vbt1YC\nJM/Rvf/4vonp1NjwA2JQwCiZfYliBDdn9iiCl8mzxdsSRD/wXcZCs05nnKmKsCfc\n55ET7IwdG3622lVheOJGQZuucwJiTn36zC11XVzZysQd/hLD5rUKUQNX1WOgZdzs\nxPsslXF5MWx9jcdyWVSWxDrN0sFk+GpQFQDuVozP60xuxqR3qQ0TXir2NP39uIF5\nYozOGPQFmX0OviWCQsX6\n=ng+m\n-----END PGP SIGNATURE-----\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\nNote: the current version of the following document is available here:\nhttps://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_n\na-c05194709\n\nSUPPORT COMMUNICATION - SECURITY BULLETIN\n\nDocument ID: c05194709\nVersion: 1\n\nHPSBGN03628 rev.1 - HPE IceWall Federation Agent using libXML2 library,\nRemote Denial of Service (DoS), Unauthorized Modification, Unauthorized\nDisclosure of Information\n\nNOTICE: The information in this Security Bulletin should be acted upon as\nsoon as possible. \n\nRelease Date: 2016-07-07\nLast Updated: 2016-07-07\n\nPotential Security Impact: Remote Denial of Service (DoS), Unauthorized\nDisclosure of Information, Unauthorized Modification\n\nSource: Hewlett Packard Enterprise, Product Security Response Team\n\nVULNERABILITY SUMMARY\nSecurity vulnerabilities in the libXML2 library could potentially impact HPE\nIceWall Federation Agent resulting in Remote Denial of Service (DoS), or\nunauthorized modification, or unauthorized disclosure of information. \n\nReferences:\n\n - CVE-2016-4447: Remote Denial of Service (DoS)\n - CVE-2016-4448: Remote unauthorized disclosure of information,\nunauthorized modification, Denial of Service (DoS)\n - CVE-2016-4449: Remote unauthorized disclosure of information, Denial of\nService (DoS)\n - PSRT110164\n\nSUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. \n\n - IceWall Federation Agent Version 3.0 (RHEL 6/7) using libXML2\n\nBACKGROUND\n\n CVSS Base Metrics\n =================\n Reference, CVSS V3 Score/Vector, CVSS V2 Score/Vector\n\n CVE-2016-4447\n 7.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\n 5.0 (AV:N/AC:L/Au:N/C:N/I:N/A:P)\n\n CVE-2016-4448\n 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\n 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)\n\n CVE-2016-4449\n 7.1 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H\n 5.8 (AV:N/AC:M/Au:N/C:P/I:N/A:P)\n\n Information on CVSS is documented in\n HPE Customer Notice HPSN-2008-002 here:\n\n https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay/?docI\nd=emr_na-c01345499\n\nRESOLUTION\n\nHPE recommends applying the latest OS vendor security patches for libXML2 to\nresolve the vulnerabilities in the libXML2 library. \n\nHISTORY\nVersion:1 (rev.1) - 7 July 2016 Initial release\n\nThird Party Security Patches: Third party security patches that are to be\ninstalled on systems running Hewlett Packard Enterprise (HPE) software\nproducts should be applied in accordance with the customer\u0027s patch management\npolicy. \n\nSupport: For issues about implementing the recommendations of this Security\nBulletin, contact normal HPE Services support channel. For other issues about\nthe content of this Security Bulletin, send e-mail to security-alert@hpe.com. \n\nReport: To report a potential security vulnerability with any HPE supported\nproduct, send Email to: security-alert@hpe.com\n\nSubscribe: To initiate a subscription to receive future HPE Security Bulletin\nalerts via Email: http://www.hpe.com/support/Subscriber_Choice\n\nSecurity Bulletin Archive: A list of recently released Security Bulletins is\navailable here: http://www.hpe.com/support/Security_Bulletin_Archive\n\nSoftware Product Category: The Software Product Category is represented in\nthe title by the two characters following HPSB. \n\n3C = 3COM\n3P = 3rd Party Software\nGN = HPE General Software\nHF = HPE Hardware and Firmware\nMU = Multi-Platform Software\nNS = NonStop Servers\nOV = OpenVMS\nPV = ProCurve\nST = Storage Software\nUX = HP-UX\n\nCopyright 2016 Hewlett Packard Enterprise\n\nHewlett Packard Enterprise shall not be liable for technical or editorial\nerrors or omissions contained herein. The information provided is provided\n\"as is\" without warranty of any kind. To the extent permitted by law, neither\nHP or its affiliates, subcontractors or suppliers will be liable for\nincidental,special or consequential damages including downtime cost; lost\nprofits; damages relating to the procurement of substitute products or\nservices; or damages for loss of data, or software restoration. The\ninformation in this document is subject to change without notice. Hewlett\nPackard Enterprise and the names of Hewlett Packard Enterprise products\nreferenced herein are trademarks of Hewlett Packard Enterprise in the United\nStates and other countries. Other product and company names mentioned herein\nmay be trademarks of their respective owners. \n\n\nHere are the details from the Slackware 14.1 ChangeLog:\n+--------------------------+\npatches/packages/libxml2-2.9.4-i486-1_slack14.1.txz: Upgraded. \n Format string vulnerability (CVE-2016-4448). \n Inappropriate fetch of entities content (CVE-2016-4449). \n For more information, see:\n http://xmlsoft.org/news.html\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4447\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4448\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4449\n (* Security fix *)\n+--------------------------+\n\n\nWhere to find the new packages:\n+-----------------------------+\n\nThanks to the friendly folks at the OSU Open Source Lab\n(http://osuosl.org) for donating FTP and rsync hosting\nto the Slackware project! :-)\n\nAlso see the \"Get Slack\" section on http://slackware.com for\nadditional mirror sites near you. \n\nUpdated package for Slackware 14.0:\nftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/libxml2-2.9.4-i486-1_slack14.0.txz\n\nUpdated package for Slackware x86_64 14.0:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/libxml2-2.9.4-x86_64-1_slack14.0.txz\n\nUpdated package for Slackware 14.1:\nftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/libxml2-2.9.4-i486-1_slack14.1.txz\n\nUpdated package for Slackware x86_64 14.1:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/libxml2-2.9.4-x86_64-1_slack14.1.txz\n\nUpdated package for Slackware -current:\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/l/libxml2-2.9.4-i586-1.txz\n\nUpdated package for Slackware x86_64 -current:\nftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/l/libxml2-2.9.4-x86_64-1.txz\n\n\nMD5 signatures:\n+-------------+\n\nSlackware 14.0 package:\nc498433ae7d6077a9d5245877aa2c06e libxml2-2.9.4-i486-1_slack14.0.txz\n\nSlackware x86_64 14.0 package:\nc92258a87bb30a6cdce2b5428d640bd5 libxml2-2.9.4-x86_64-1_slack14.0.txz\n\nSlackware 14.1 package:\n2b74b913a164a23ad2da10eebf923e46 libxml2-2.9.4-i486-1_slack14.1.txz\n\nSlackware x86_64 14.1 package:\ne2dee612c7de77822824e43a61414c2c libxml2-2.9.4-x86_64-1_slack14.1.txz\n\nSlackware -current package:\n98d1ede4a347a49f2ad972ac5339b9e6 l/libxml2-2.9.4-i586-1.txz\n\nSlackware x86_64 -current package:\nc2d5721aac77b74d7e47a2a8a372d47a l/libxml2-2.9.4-x86_64-1.txz\n\n\nInstallation instructions:\n+------------------------+\n\nUpgrade the package as root:\n# upgradepkg libxml2-2.9.4-i486-1_slack14.1.txz\n\n\n+-----+\n\nSlackware Linux Security Team\nhttp://slackware.com/gpg-key\nsecurity@slackware.com\n\n+------------------------------------------------------------------------+\n| To leave the slackware-security mailing list: |\n+------------------------------------------------------------------------+\n| Send an email to majordomo@slackware.com with this text in the body of |\n| the email message: |\n| |\n| unsubscribe slackware-security |\n| |\n| You will get a confirmation message back containing instructions to |\n| complete the process. Please do not reply to this email address. Description:\n\nThis release of Red Hat JBoss Core Services httpd 2.4.23 serves as a\nreplacement for JBoss Core Services Apache HTTP Server 2.4.6. (CVE-2016-1762,\nCVE-2016-1833, CVE-2016-1834, CVE-2016-1835, CVE-2016-1836, CVE-2016-1837,\nCVE-2016-1838, CVE-2016-1839, CVE-2016-1840, CVE-2016-3627, CVE-2016-3705,\nCVE-2016-4447, CVE-2016-4448, CVE-2016-4449, CVE-2016-4483)\n\n* This update fixes three flaws in curl. (CVE-2016-5419, CVE-2016-5420,\nCVE-2016-7141)\n\n* This update fixes two flaws in httpd. (CVE-2016-4459,\nCVE-2016-8612)\n\n* A buffer overflow flaw when concatenating virtual host names and URIs was\nfixed in mod_jk. (CVE-2016-6808)\n\n* A memory leak flaw was fixed in expat. Upstream acknowledges Stephen Henson (OpenSSL development team)\nas the original reporter of CVE-2015-0286; Huzaifa Sidhpurwala (Red Hat),\nHanno BAPck, and David Benjamin (Google) as the original reporters of\nCVE-2016-2108; Guido Vranken as the original reporter of CVE-2016-2105,\nCVE-2016-2106, CVE-2016-0797, CVE-2016-0799, and CVE-2016-2842; Juraj\nSomorovsky as the original reporter of CVE-2016-2107; Yuval Yarom\n(University of Adelaide and NICTA), Daniel Genkin (Technion and Tel Aviv\nUniversity), and Nadia Heninger (University of Pennsylvania) as the\noriginal reporters of CVE-2016-0702; and Adam Langley (Google/BoringSSL) as\nthe original reporter of CVE-2016-0705. \n\nSee the corresponding CVE pages linked to in the References section for\nmore information about each of the flaws listed in this advisory. Solution:\n\nThe References section of this erratum contains a download link (you must\nlog in to download the update). Before applying the update, back up your\nexisting Red Hat JBoss Web Server installation (including all applications\nand configuration files). \n\nAfter installing the updated packages, the httpd daemon will be restarted\nautomatically. JIRA issues fixed (https://issues.jboss.org/):\n\nJBCS-50 - CVE-2012-1148 CVE-2012-0876 expat: various flaws [jbews-3.0.0]\nJBCS-95 - CVE-2014-3523 httpd: WinNT MPM denial of service\n\n6. \nCVE-2016-4594 : Stefan Esser of SektionEins\n\nInstallation note:\n\nInstructions on how to update your Apple Watch software are\navailable at https://support.apple.com/en-us/HT204641\n\nTo check the version on your Apple Watch, open the Apple Watch app\non your iPhone and select \"My Watch \u003e General \u003e About\". \n\nAlternatively, on your watch, select \"My Watch \u003e General \u003e About\"",
"sources": [
{
"db": "NVD",
"id": "CVE-2016-4447"
},
{
"db": "VULHUB",
"id": "VHN-93266"
},
{
"db": "VULMON",
"id": "CVE-2016-4447"
},
{
"db": "PACKETSTORM",
"id": "137613"
},
{
"db": "PACKETSTORM",
"id": "137298"
},
{
"db": "PACKETSTORM",
"id": "137959"
},
{
"db": "PACKETSTORM",
"id": "137958"
},
{
"db": "PACKETSTORM",
"id": "137808"
},
{
"db": "PACKETSTORM",
"id": "137222"
},
{
"db": "PACKETSTORM",
"id": "140182"
},
{
"db": "PACKETSTORM",
"id": "137960"
}
],
"trust": 1.8
},
"external_ids": {
"_id": null,
"data": [
{
"db": "NVD",
"id": "CVE-2016-4447",
"trust": 2.6
},
{
"db": "MCAFEE",
"id": "SB10170",
"trust": 1.8
},
{
"db": "SECTRACK",
"id": "1036348",
"trust": 1.8
},
{
"db": "BID",
"id": "90864",
"trust": 1.8
},
{
"db": "TENABLE",
"id": "TNS-2016-18",
"trust": 1.8
},
{
"db": "OPENWALL",
"id": "OSS-SECURITY/2016/05/25/2",
"trust": 1.8
},
{
"db": "CNNVD",
"id": "CNNVD-201605-637",
"trust": 0.7
},
{
"db": "AUSCERT",
"id": "ESB-2023.3732",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2020.2340",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "137808",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "137222",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-93266",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2016-4447",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "137613",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "137298",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "137959",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "137958",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "140182",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "137960",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-93266"
},
{
"db": "VULMON",
"id": "CVE-2016-4447"
},
{
"db": "PACKETSTORM",
"id": "137613"
},
{
"db": "PACKETSTORM",
"id": "137298"
},
{
"db": "PACKETSTORM",
"id": "137959"
},
{
"db": "PACKETSTORM",
"id": "137958"
},
{
"db": "PACKETSTORM",
"id": "137808"
},
{
"db": "PACKETSTORM",
"id": "137222"
},
{
"db": "PACKETSTORM",
"id": "140182"
},
{
"db": "PACKETSTORM",
"id": "137960"
},
{
"db": "CNNVD",
"id": "CNNVD-201605-637"
},
{
"db": "NVD",
"id": "CVE-2016-4447"
}
]
},
"id": "VAR-201606-0395",
"iot": {
"_id": null,
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-93266"
}
],
"trust": 0.01
},
"last_update_date": "2026-04-10T23:15:26.893000Z",
"patch": {
"_id": null,
"data": [
{
"title": "Libxml2 Fixes for heap-based buffer overflow vulnerabilities",
"trust": 0.6,
"url": "http://123.124.177.30/web/xxk/bdxqById.tag?id=61947"
},
{
"title": "Apple: iTunes 12.4.2 for Windows",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=apple_security_advisories\u0026qid=339c5983ed5d4c0416124ae9d69fd04c"
},
{
"title": "Apple: iCloud for Windows 5.2.1",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=apple_security_advisories\u0026qid=51a96564f5e244335eb2e803eca179c4"
},
{
"title": "Red Hat: Important: Red Hat JBoss Core Services Apache HTTP 2.4.23 Release",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20162957 - Security Advisory"
},
{
"title": "Ubuntu Security Notice: libxml2 vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-2994-1"
},
{
"title": "Apple: tvOS 9.2.2",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=apple_security_advisories\u0026qid=9cb2b3a54d5cecfa5af6c947e8d6031c"
},
{
"title": "Apple: watchOS 2.2.2",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=apple_security_advisories\u0026qid=fc1eeaa401404fa32e6565c94a51a370"
},
{
"title": "Debian CVElist Bug Report Logs: libxml2: CVE-2016-3705: stack overflow before detecting invalid XML file",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs\u0026qid=ed475d816a8279c18b15a9aac8146ada"
},
{
"title": "Debian CVElist Bug Report Logs: libxml2: Heap-buffer overread in libxml2/dict.c",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs\u0026qid=1b5e8a6bfa7b3b48920376b728b6bbe2"
},
{
"title": "Debian CVElist Bug Report Logs: libxml2: CVE-2016-2073: out-of-bounds read in htmlParseNameComplex()",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs\u0026qid=e21c0505f8306f0416606e1a2ec5e18e"
},
{
"title": "Debian CVElist Bug Report Logs: libxml2: CVE-2016-3627: stack exhaustion in libxml2 parsing xml files in recover mode",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs\u0026qid=7ad6e7048d3904deff82dbbe81adf528"
},
{
"title": "Debian CVElist Bug Report Logs: libxml2: CVE-2016-4483",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs\u0026qid=17d0780fd9f0deb51d01d88ca9e90fe3"
},
{
"title": "Amazon Linux AMI: ALAS-2016-719",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami\u0026qid=ALAS-2016-719"
},
{
"title": "Apple: iOS 9.3.3",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=apple_security_advisories\u0026qid=d61ee6bed9ca45acb3a9ebce2f29da36"
},
{
"title": "Apple: OS X El Capitan v10.11.6 and Security Update 2016-004",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=apple_security_advisories\u0026qid=0d15a2e676b3d7c13f2468e8bb26534c"
},
{
"title": "Oracle Solaris Third Party Bulletins: Oracle Solaris Third Party Bulletin - July 2016",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_solaris_third_party_bulletins\u0026qid=ac5af5dd99788925425f5747ec672707"
},
{
"title": "Symantec Security Advisories: SA129 : Multiple libxml2 Vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=symantec_security_advisories\u0026qid=4306b2beef409e7d3306d20a4621babf"
},
{
"title": "Oracle VM Server for x86 Bulletins: Oracle VM Server for x86 Bulletin - July 2016",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_vm_server_for_x86_bulletins\u0026qid=6c15273f6bf4a785175f27073b98a1ce"
},
{
"title": "Oracle Linux Bulletins: Oracle Linux Bulletin - July 2016",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_linux_bulletins\u0026qid=0bd8c924b56aac98dda0f5b45f425f38"
},
{
"title": "Tenable Security Advisories: [R7] LCE 4.8.1 Fixes Multiple Vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=tenable_security_advisories\u0026qid=TNS-2016-18"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2016-4447"
},
{
"db": "CNNVD",
"id": "CNNVD-201605-637"
}
]
},
"problemtype_data": {
"_id": null,
"data": [
{
"problemtype": "CWE-119",
"trust": 1.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-93266"
},
{
"db": "NVD",
"id": "CVE-2016-4447"
}
]
},
"references": {
"_id": null,
"data": [
{
"trust": 2.4,
"url": "http://www.securityfocus.com/bid/90864"
},
{
"trust": 1.9,
"url": "https://access.redhat.com/errata/rhsa-2016:1292"
},
{
"trust": 1.9,
"url": "http://rhn.redhat.com/errata/rhsa-2016-2957.html"
},
{
"trust": 1.9,
"url": "http://xmlsoft.org/news.html"
},
{
"trust": 1.8,
"url": "http://www.securitytracker.com/id/1036348"
},
{
"trust": 1.8,
"url": "http://lists.apple.com/archives/security-announce/2016/jul/msg00000.html"
},
{
"trust": 1.8,
"url": "http://lists.apple.com/archives/security-announce/2016/jul/msg00001.html"
},
{
"trust": 1.8,
"url": "http://lists.apple.com/archives/security-announce/2016/jul/msg00002.html"
},
{
"trust": 1.8,
"url": "http://lists.apple.com/archives/security-announce/2016/jul/msg00003.html"
},
{
"trust": 1.8,
"url": "http://lists.apple.com/archives/security-announce/2016/jul/msg00005.html"
},
{
"trust": 1.8,
"url": "https://www.debian.org/security/2016/dsa-3593"
},
{
"trust": 1.8,
"url": "http://www.ubuntu.com/usn/usn-2994-1"
},
{
"trust": 1.8,
"url": "http://www.openwall.com/lists/oss-security/2016/05/25/2"
},
{
"trust": 1.8,
"url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html"
},
{
"trust": 1.8,
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html"
},
{
"trust": 1.8,
"url": "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html"
},
{
"trust": 1.8,
"url": "https://git.gnome.org/browse/libxml2/commit/?id=00906759053986b8079985644172085f74331f83"
},
{
"trust": 1.8,
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c05194709"
},
{
"trust": 1.8,
"url": "https://support.apple.com/ht206899"
},
{
"trust": 1.8,
"url": "https://support.apple.com/ht206901"
},
{
"trust": 1.8,
"url": "https://support.apple.com/ht206902"
},
{
"trust": 1.8,
"url": "https://support.apple.com/ht206903"
},
{
"trust": 1.8,
"url": "https://support.apple.com/ht206904"
},
{
"trust": 1.8,
"url": "https://support.apple.com/ht206905"
},
{
"trust": 1.8,
"url": "https://www.tenable.com/security/tns-2016-18"
},
{
"trust": 1.7,
"url": "http://www.slackware.com/security/viewer.php?l=slackware-security\u0026y=2016\u0026m=slackware-security.404722"
},
{
"trust": 1.7,
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=sb10170"
},
{
"trust": 0.8,
"url": "https://access.redhat.com/security/cve/cve-2016-4447"
},
{
"trust": 0.7,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-4449"
},
{
"trust": 0.7,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-4447"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-1836"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-4448"
},
{
"trust": 0.6,
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1338686"
},
{
"trust": 0.6,
"url": "https://access.redhat.com/errata/rhsa-2016:2957"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2020.2340/"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2023.3732"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-4483"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-1837"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-1839"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-1838"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-1833"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-1762"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-1834"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-1835"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-1840"
},
{
"trust": 0.3,
"url": "https://support.apple.com/kb/ht201222"
},
{
"trust": 0.3,
"url": "https://gpgtools.org"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-1865"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-1863"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-4582"
},
{
"trust": 0.3,
"url": "https://www.apple.com/support/security/pgp/"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-1864"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-4607"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-1684"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-4594"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2016-1838"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2016-1837"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-3705"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2016-1834"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2016-4448"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2016-1839"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2016-1833"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/team/contact/"
},
{
"trust": 0.2,
"url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-3627"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2016-1840"
},
{
"trust": 0.2,
"url": "https://bugzilla.redhat.com/):"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2016-1836"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2016-1762"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2016-1835"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2016-4449"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2016-3705"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2016-3627"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-4609"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-4612"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-4610"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-4608"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-2107"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-2109"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-2106"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-2108"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-2105"
},
{
"trust": 0.1,
"url": "http://www.slackware.com/security/viewer.php?l=slackware-security\u0026amp;y=2016\u0026amp;m=slackware-security.404722"
},
{
"trust": 0.1,
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026amp;id=sb10170"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/119.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://support.apple.com/kb/ht206901"
},
{
"trust": 0.1,
"url": "https://usn.ubuntu.com/2994-1/"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/articles/11258"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/team/key/"
},
{
"trust": 0.1,
"url": "https://www.debian.org/security/faq"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-8806"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-2073"
},
{
"trust": 0.1,
"url": "https://www.debian.org/security/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-4605"
},
{
"trust": 0.1,
"url": "https://www.apple.com/itunes/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-4591"
},
{
"trust": 0.1,
"url": "https://www.tencent.com)"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-4589"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-4585"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-4587"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-4603"
},
{
"trust": 0.1,
"url": "https://www.mbsd.jp)"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-4604"
},
{
"trust": 0.1,
"url": "https://www.tencent.com),"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-4593"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-4583"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-4590"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-4592"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-4584"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0718"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-4599"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-4601"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-4600"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-4597"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-4596"
},
{
"trust": 0.1,
"url": "http://www.apple.com/support/downloads/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-4595"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-9862"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-4598"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-4602"
},
{
"trust": 0.1,
"url": "https://support.apple.com/kb/ht206900"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-2176"
},
{
"trust": 0.1,
"url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_n"
},
{
"trust": 0.1,
"url": "http://www.hpe.com/support/security_bulletin_archive"
},
{
"trust": 0.1,
"url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay/?doci"
},
{
"trust": 0.1,
"url": "http://www.hpe.com/support/subscriber_choice"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-4449"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-4448"
},
{
"trust": 0.1,
"url": "http://slackware.com"
},
{
"trust": 0.1,
"url": "http://osuosl.org)"
},
{
"trust": 0.1,
"url": "http://slackware.com/gpg-key"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-4447"
},
{
"trust": 0.1,
"url": "https://issues.jboss.org/):"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0705"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2015-3196"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-3216"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-2106"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0702"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0797"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2014-8176"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-6808"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/documentation/en/red-hat-jboss-core-services-apache-http-server/version-2.4.23/apache-http-server-2423-release-notes/"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-2107"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0799"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-3196"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-3523"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-2177"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-4483"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2014-3523"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-2842"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-8612"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-1148"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0797"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-3185"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0705"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2015-3185"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2015-3194"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/jbossnetwork/restricted/listsoftware.html?product=core.service.apachehttp\u0026downloadtype=distributions\u0026version=2.4.23"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-2105"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-8176"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2015-0286"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-5420"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-2178"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-3194"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-2108"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-0286"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2012-1148"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-2109"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-3195"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-0209"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-5419"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-4459"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2015-0209"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2015-3195"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0702"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2015-3216"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-7141"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0799"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-4637"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-4616"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-4626"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-4627"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-4619"
},
{
"trust": 0.1,
"url": "https://support.apple.com/en-us/ht204641"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-4615"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-4628"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-4632"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-4614"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-4631"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-93266"
},
{
"db": "VULMON",
"id": "CVE-2016-4447"
},
{
"db": "PACKETSTORM",
"id": "137613"
},
{
"db": "PACKETSTORM",
"id": "137298"
},
{
"db": "PACKETSTORM",
"id": "137959"
},
{
"db": "PACKETSTORM",
"id": "137958"
},
{
"db": "PACKETSTORM",
"id": "137808"
},
{
"db": "PACKETSTORM",
"id": "137222"
},
{
"db": "PACKETSTORM",
"id": "140182"
},
{
"db": "PACKETSTORM",
"id": "137960"
},
{
"db": "CNNVD",
"id": "CNNVD-201605-637"
},
{
"db": "NVD",
"id": "CVE-2016-4447"
}
]
},
"sources": {
"_id": null,
"data": [
{
"db": "VULHUB",
"id": "VHN-93266",
"ident": null
},
{
"db": "VULMON",
"id": "CVE-2016-4447",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "137613",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "137298",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "137959",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "137958",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "137808",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "137222",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "140182",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "137960",
"ident": null
},
{
"db": "CNNVD",
"id": "CNNVD-201605-637",
"ident": null
},
{
"db": "NVD",
"id": "CVE-2016-4447",
"ident": null
}
]
},
"sources_release_date": {
"_id": null,
"data": [
{
"date": "2016-06-09T00:00:00",
"db": "VULHUB",
"id": "VHN-93266",
"ident": null
},
{
"date": "2016-06-09T00:00:00",
"db": "VULMON",
"id": "CVE-2016-4447",
"ident": null
},
{
"date": "2016-06-23T13:00:52",
"db": "PACKETSTORM",
"id": "137613",
"ident": null
},
{
"date": "2016-06-02T16:29:00",
"db": "PACKETSTORM",
"id": "137298",
"ident": null
},
{
"date": "2016-07-19T19:47:55",
"db": "PACKETSTORM",
"id": "137959",
"ident": null
},
{
"date": "2016-07-19T19:45:20",
"db": "PACKETSTORM",
"id": "137958",
"ident": null
},
{
"date": "2016-07-07T20:25:00",
"db": "PACKETSTORM",
"id": "137808",
"ident": null
},
{
"date": "2016-05-27T18:18:00",
"db": "PACKETSTORM",
"id": "137222",
"ident": null
},
{
"date": "2016-12-16T16:34:49",
"db": "PACKETSTORM",
"id": "140182",
"ident": null
},
{
"date": "2016-07-19T20:00:50",
"db": "PACKETSTORM",
"id": "137960",
"ident": null
},
{
"date": "2016-05-26T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201605-637",
"ident": null
},
{
"date": "2016-06-09T16:59:05.707000",
"db": "NVD",
"id": "CVE-2016-4447",
"ident": null
}
]
},
"sources_update_date": {
"_id": null,
"data": [
{
"date": "2023-02-12T00:00:00",
"db": "VULHUB",
"id": "VHN-93266",
"ident": null
},
{
"date": "2019-03-26T00:00:00",
"db": "VULMON",
"id": "CVE-2016-4447",
"ident": null
},
{
"date": "2023-06-30T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201605-637",
"ident": null
},
{
"date": "2025-04-12T10:46:40.837000",
"db": "NVD",
"id": "CVE-2016-4447",
"ident": null
}
]
},
"threat_type": {
"_id": null,
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "137613"
},
{
"db": "PACKETSTORM",
"id": "137298"
},
{
"db": "PACKETSTORM",
"id": "137808"
},
{
"db": "CNNVD",
"id": "CNNVD-201605-637"
}
],
"trust": 0.9
},
"title": {
"_id": null,
"data": "libxml2 Buffer error vulnerability",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201605-637"
}
],
"trust": 0.6
},
"type": {
"_id": null,
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201605-637"
}
],
"trust": 0.6
}
}
VAR-200810-0138
Vulnerability from variot - Updated: 2026-04-10 23:15The Hewlett-Packard Graphics Language (HPGL) filter in CUPS before 1.3.9 allows remote attackers to execute arbitrary code via crafted pen width and pen color opcodes that overwrite arbitrary memory. A vulnerability in a common PHP extension module could allow a remote attacker to execute code on a vulnerable system. Authentication is not required to exploit this vulnerability.The specific flaw exists in the Hewlett-Packard Graphics Language filter. CUPS is prone to a remote code-execution vulnerability caused by an error in the 'HP-GL/2 filter. Failed exploit attempts will likely cause a denial-of-service condition. Note that local users may also exploit this vulnerability to elevate privileges. Successful remote exploits may require printer sharing to be enabled on the vulnerable system. The issue affects versions prior to CUPS 1.3.9. NOTE: This issue was previously discussed in BID 31681 (Apple Mac OS X 2008-007 Multiple Security Vulnerabilities), but has been assigned its own record to better document the vulnerability. The security update addresses a total of 11 new vulnerabilities that affect the ColorSync, CUPS, Finder, launchd, Networking, Postfix, PSNormalizer, rlogin, Script Editor, and Weblog components of Mac OS X. The advisory also contains security updates for 30 previously reported issues. An access checking bug in the HP Graphics Language (HPGL) filter could cause arbitrary memory to be overwritten with controlled data. =========================================================== Ubuntu Security Notice USN-656-1 October 15, 2008 cupsys vulnerabilities CVE-2008-1722, CVE-2008-3639, CVE-2008-3640, CVE-2008-3641 ===========================================================
A security issue affects the following Ubuntu releases:
Ubuntu 6.06 LTS Ubuntu 7.04 Ubuntu 7.10 Ubuntu 8.04 LTS
This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu.
The problem can be corrected by upgrading your system to the following package versions:
Ubuntu 6.06 LTS: cupsys 1.2.2-0ubuntu0.6.06.11
Ubuntu 7.04: cupsys 1.2.8-0ubuntu8.6
Ubuntu 7.10: cupsys 1.3.2-1ubuntu7.8
Ubuntu 8.04 LTS: cupsys 1.3.7-1ubuntu3.1
In general, a standard system upgrade is sufficient to effect the necessary changes.
Details follow:
It was discovered that the SGI image filter in CUPS did not perform proper bounds checking. If a user or automated system were tricked into opening a crafted SGI image, an attacker could cause a denial of service. (CVE-2008-3639)
It was discovered that the texttops filter in CUPS did not properly validate page metrics. If a user or automated system were tricked into opening a crafted text file, an attacker could cause a denial of service. (CVE-2008-3640)
It was discovered that the HP-GL filter in CUPS did not properly check for invalid pen parameters. If a user or automated system were tricked into opening a crafted HP-GL or HP-GL/2 file, a remote attacker could cause a denial of service or execute arbitrary code with user privileges. In Ubuntu 7.10 and 8.04 LTS, attackers would be isolated by the AppArmor CUPS profile. (CVE-2008-3641)
NOTE: The previous update for CUPS on Ubuntu 6.06 LTS did not have the the fix for CVE-2008-1722 applied. This update includes fixes for the problem. We apologize for the inconvenience.
Updated packages for Ubuntu 6.06 LTS:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.2-0ubuntu0.6.06.11.diff.gz
Size/MD5: 102981 403c1494b264696702f055fc5cdcc60d
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.2-0ubuntu0.6.06.11.dsc
Size/MD5: 1052 cc47231c220e8d0e1659cf83d9e08445
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.2.orig.tar.gz
Size/MD5: 4070384 2c99b8aa4c8dc25c8a84f9c06aa52e3e
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-gnutls10_1.2.2-0ubuntu0.6.06.11_all.deb
Size/MD5: 994 8b094f8389b70e0153d7bbfcd23ed912
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.2.2-0ubuntu0.6.06.11_amd64.deb
Size/MD5: 36226 ddea26501964356559ee3a11124acd8b
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.2.2-0ubuntu0.6.06.11_amd64.deb
Size/MD5: 81902 670924b1b9a36db787e3b4cc6a7f1782
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.2-0ubuntu0.6.06.11_amd64.deb
Size/MD5: 2286676 455fe7748b3ab167658bb5b42ef0363a
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.2.2-0ubuntu0.6.06.11_amd64.deb
Size/MD5: 6086 dc0bd3799366e32503466ba4588fc4df
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.2.2-0ubuntu0.6.06.11_amd64.deb
Size/MD5: 77226 31e781bf2c8f0f4140799b21b9d0484a
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.2.2-0ubuntu0.6.06.11_amd64.deb
Size/MD5: 25742 6812b0831f37474b50607e4c6eb83fe5
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.2.2-0ubuntu0.6.06.11_amd64.deb
Size/MD5: 129960 88a0b954c9f50df6aa37824b3da7041b
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.2.2-0ubuntu0.6.06.11_i386.deb
Size/MD5: 34768 d04de29dfcca09a4dc70a385e8a0766b
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.2.2-0ubuntu0.6.06.11_i386.deb
Size/MD5: 77974 efed93511d0ee579706e5cf538378dbd
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.2-0ubuntu0.6.06.11_i386.deb
Size/MD5: 2253974 30ac219c7cd66460df6fa2b76c147ae8
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.2.2-0ubuntu0.6.06.11_i386.deb
Size/MD5: 6090 648459c3b58ddaf1fc646c8cd476e9f8
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.2.2-0ubuntu0.6.06.11_i386.deb
Size/MD5: 76350 d044f4fa44a792c81bca198f44687a1e
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.2.2-0ubuntu0.6.06.11_i386.deb
Size/MD5: 25740 4c97e6e30f95bd3c3a32c761db4f5183
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.2.2-0ubuntu0.6.06.11_i386.deb
Size/MD5: 122178 7298a6d762d2edbe6fd107656932f32a
powerpc architecture (Apple Macintosh G3/G4/G5):
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.2.2-0ubuntu0.6.06.11_powerpc.deb
Size/MD5: 40468 24cf01572a6f790296c1accba097352c
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.2.2-0ubuntu0.6.06.11_powerpc.deb
Size/MD5: 89528 0172b346d78458df1a6cd91a371b3b67
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.2-0ubuntu0.6.06.11_powerpc.deb
Size/MD5: 2301292 f1a755a88fde554fdabbfb8081a88e52
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.2.2-0ubuntu0.6.06.11_powerpc.deb
Size/MD5: 6098 f3e962ddc060712ed3ba78bb5625d5e4
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.2.2-0ubuntu0.6.06.11_powerpc.deb
Size/MD5: 79004 de095980afadd9352e5d7e92600d75b5
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.2.2-0ubuntu0.6.06.11_powerpc.deb
Size/MD5: 25744 21a4d908ae8de551cda885d4835d69c0
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.2.2-0ubuntu0.6.06.11_powerpc.deb
Size/MD5: 127932 6e50fa3fa4185c781551e5744331f20b
sparc architecture (Sun SPARC/UltraSPARC):
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.2.2-0ubuntu0.6.06.11_sparc.deb
Size/MD5: 35392 ede504cfaaf1e068c68b3fa759777098
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.2.2-0ubuntu0.6.06.11_sparc.deb
Size/MD5: 78712 49f458e339846bcc2eb9ffdc482de5be
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.2-0ubuntu0.6.06.11_sparc.deb
Size/MD5: 2287588 864ab74a020db94ab2acc1283720a05c
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.2.2-0ubuntu0.6.06.11_sparc.deb
Size/MD5: 6092 58c6f56f79c35af1b0ca47eaeedd7ea3
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.2.2-0ubuntu0.6.06.11_sparc.deb
Size/MD5: 76262 759f3df1a04440d71ae6634109045bf6
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.2.2-0ubuntu0.6.06.11_sparc.deb
Size/MD5: 25740 8bbdc7b4842df909bdfb95b96fd9f884
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.2.2-0ubuntu0.6.06.11_sparc.deb
Size/MD5: 123662 4c4f4a4faae61a0c3901c63fe58bbf26
Updated packages for Ubuntu 7.04:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.8-0ubuntu8.6.diff.gz
Size/MD5: 160216 80696d47933857b9665da1492f9a801b
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.8-0ubuntu8.6.dsc
Size/MD5: 1143 0dbd641692767f4e2e5b7f390c412a9f
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.8.orig.tar.gz
Size/MD5: 4293194 107affe95fcf1cd4aaed4a5c73f4b91f
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-common_1.2.8-0ubuntu8.6_all.deb
Size/MD5: 926804 41e6c60357740e668198976afcce6bd1
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.2.8-0ubuntu8.6_amd64.deb
Size/MD5: 37404 2d7cb4cb3bfeeeb5af3db756f1a0a5be
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.2.8-0ubuntu8.6_amd64.deb
Size/MD5: 83230 361cd5ffca4125245798312c3a9c7eaa
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.8-0ubuntu8.6_amd64.deb
Size/MD5: 1638902 a502a4f981385dcba50ed5b6fc8fe969
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.2.8-0ubuntu8.6_amd64.deb
Size/MD5: 56598 a9f413ff725abe42af63312ea6e826e7
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.2.8-0ubuntu8.6_amd64.deb
Size/MD5: 104860 7bfc0e70546baa2c98421a9dd7a373e6
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.2.8-0ubuntu8.6_amd64.deb
Size/MD5: 144852 9d30fa04e2aa415fb126188aa4d32349
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.2.8-0ubuntu8.6_amd64.deb
Size/MD5: 182728 0ed6d4f8c813e2c36bcaa7b7ca98ccad
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.2.8-0ubuntu8.6_i386.deb
Size/MD5: 36712 014d51e184b4435a28c1e820455fb0a1
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.2.8-0ubuntu8.6_i386.deb
Size/MD5: 80752 4d29ca2e6d3de00e3a10c55c677c8cd6
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.8-0ubuntu8.6_i386.deb
Size/MD5: 1621450 551c9d7c9836efe7a927a609699976ad
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.2.8-0ubuntu8.6_i386.deb
Size/MD5: 55720 b70e3b3a1c86aa782a42fcf1a40ff197
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.2.8-0ubuntu8.6_i386.deb
Size/MD5: 104592 ececfa4f50e077d5049116a47cc44965
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.2.8-0ubuntu8.6_i386.deb
Size/MD5: 139320 b5c4606316c175feac7dd9a8f78acc56
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.2.8-0ubuntu8.6_i386.deb
Size/MD5: 179030 b2bb50b90caac66408739e67ecc9fdb5
powerpc architecture (Apple Macintosh G3/G4/G5):
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.2.8-0ubuntu8.6_powerpc.deb
Size/MD5: 46766 ad2b053736a2165b39f1749b7e3409e0
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.2.8-0ubuntu8.6_powerpc.deb
Size/MD5: 101094 bea4c45325710b1e2d5e67dceb7853bb
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.8-0ubuntu8.6_powerpc.deb
Size/MD5: 1696124 7e3469aa52e2de4e93352e44f7623305
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.2.8-0ubuntu8.6_powerpc.deb
Size/MD5: 56398 47755a89a609e4401d70f6adcfcfb9a5
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.2.8-0ubuntu8.6_powerpc.deb
Size/MD5: 110478 94a5f78770c410fce9a0c88a187fe9c4
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.2.8-0ubuntu8.6_powerpc.deb
Size/MD5: 141178 69f22a6730b291c9df2b0541c07223d6
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.2.8-0ubuntu8.6_powerpc.deb
Size/MD5: 188650 634498a8eb5ab4c75eab74e1655234b1
sparc architecture (Sun SPARC/UltraSPARC):
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.2.8-0ubuntu8.6_sparc.deb
Size/MD5: 37778 cde58d9fa7d256698ef6ba128b16a799
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.2.8-0ubuntu8.6_sparc.deb
Size/MD5: 83740 072c6f65496619d5808c542d3a2ebe97
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.8-0ubuntu8.6_sparc.deb
Size/MD5: 1659626 a5b6c19a436e9737af44cbaee93d093c
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.2.8-0ubuntu8.6_sparc.deb
Size/MD5: 54928 5a8347021b82084600e0d08971cb41a3
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.2.8-0ubuntu8.6_sparc.deb
Size/MD5: 104156 ca7b062c097aa7f92a9085615fc3e828
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.2.8-0ubuntu8.6_sparc.deb
Size/MD5: 141756 299acfe9e1964d21e7ba2fc3a390ded8
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.2.8-0ubuntu8.6_sparc.deb
Size/MD5: 178292 02e3059c98fb42cb83173e0b3a08d469
Updated packages for Ubuntu 7.10:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.3.2-1ubuntu7.8.diff.gz
Size/MD5: 128977 cc7a79b80d0cc2caa8f9c5aea2f9397b
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.3.2-1ubuntu7.8.dsc
Size/MD5: 1218 4f603d11b93e600bd82009983bc88580
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.3.2.orig.tar.gz
Size/MD5: 4848424 9e3e1dee4d872fdff0682041198d3d73
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-common_1.3.2-1ubuntu7.8_all.deb
Size/MD5: 1080404 6419c157fd22fcfb2e1563ccced2fcae
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.3.2-1ubuntu7.8_amd64.deb
Size/MD5: 37204 88b05a4cbb9f5714951edade3dd0609b
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.3.2-1ubuntu7.8_amd64.deb
Size/MD5: 89506 cb352043a1985e24614dc27ffa5ded01
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.3.2-1ubuntu7.8_amd64.deb
Size/MD5: 2034890 3a2c4daded2923691da8fe3f60d93f3e
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.3.2-1ubuntu7.8_amd64.deb
Size/MD5: 60020 5007c193bb8416754a9d7e7ad09c4808
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.3.2-1ubuntu7.8_amd64.deb
Size/MD5: 46884 9a2fd628887a01cc2fcb49131ec8ed0f
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.3.2-1ubuntu7.8_amd64.deb
Size/MD5: 152014 7a9debd353faa26803f0e8707a97697a
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.3.2-1ubuntu7.8_amd64.deb
Size/MD5: 186418 13e510e27e1025732d203a933ded8ade
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.3.2-1ubuntu7.8_i386.deb
Size/MD5: 36486 05cb382029ccb2285530af9de662b686
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.3.2-1ubuntu7.8_i386.deb
Size/MD5: 86494 80b08f6080ed3c46e4fc954da05d9e6d
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.3.2-1ubuntu7.8_i386.deb
Size/MD5: 2018384 16b0a7b694a38e4616fce6415116a7e9
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.3.2-1ubuntu7.8_i386.deb
Size/MD5: 58882 8572d274d06e1a650d2d5199ea5dcf6f
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.3.2-1ubuntu7.8_i386.deb
Size/MD5: 46280 158a4aef965ef1c697c5c7aef53f9e90
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.3.2-1ubuntu7.8_i386.deb
Size/MD5: 145692 36b5af34074b13e44e2d2ae5f76fa6fc
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.3.2-1ubuntu7.8_i386.deb
Size/MD5: 183190 fe12de8de5a779538844e2aecd5ccedb
lpia architecture (Low Power Intel Architecture):
http://ports.ubuntu.com/pool/main/c/cupsys/cupsys-bsd_1.3.2-1ubuntu7.8_lpia.deb
Size/MD5: 36570 f73b632b59630a2727e45be083730c23
http://ports.ubuntu.com/pool/main/c/cupsys/cupsys-client_1.3.2-1ubuntu7.8_lpia.deb
Size/MD5: 88054 07cfc2fdf8615471278b10550f713a3e
http://ports.ubuntu.com/pool/main/c/cupsys/cupsys_1.3.2-1ubuntu7.8_lpia.deb
Size/MD5: 2020696 d97dab5d5a099884f7bca77dd118233a
http://ports.ubuntu.com/pool/main/c/cupsys/libcupsimage2-dev_1.3.2-1ubuntu7.8_lpia.deb
Size/MD5: 59624 d582e3100eaf68e9b10585ca6ce0a078
http://ports.ubuntu.com/pool/main/c/cupsys/libcupsimage2_1.3.2-1ubuntu7.8_lpia.deb
Size/MD5: 47662 a2e2c5cc101d720249efd108b1a724ca
http://ports.ubuntu.com/pool/main/c/cupsys/libcupsys2-dev_1.3.2-1ubuntu7.8_lpia.deb
Size/MD5: 142426 8e91390ca3bb0bd98ab7a43017e38a90
http://ports.ubuntu.com/pool/main/c/cupsys/libcupsys2_1.3.2-1ubuntu7.8_lpia.deb
Size/MD5: 181382 0806d0e1be2fdb48b873ea977107b759
powerpc architecture (Apple Macintosh G3/G4/G5):
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.3.2-1ubuntu7.8_powerpc.deb
Size/MD5: 46502 1f2a7db4dd6dfc7910a9c84f28425537
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.3.2-1ubuntu7.8_powerpc.deb
Size/MD5: 107736 9a34baee6e8356d911d637e52fcb0747
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.3.2-1ubuntu7.8_powerpc.deb
Size/MD5: 2099614 b0f8237ccff1e54e070645e79e085794
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.3.2-1ubuntu7.8_powerpc.deb
Size/MD5: 59494 c3c1a6f415dacee7b5f0e63e0f83ca6c
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.3.2-1ubuntu7.8_powerpc.deb
Size/MD5: 51856 91fcaca5686ce2070e654699b60514f4
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.3.2-1ubuntu7.8_powerpc.deb
Size/MD5: 146952 205fedd96bd614314b2e9ecb18e78f53
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.3.2-1ubuntu7.8_powerpc.deb
Size/MD5: 192204 0033c62b251a505fb7d80b5b8c96f6b6
sparc architecture (Sun SPARC/UltraSPARC):
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.3.2-1ubuntu7.8_sparc.deb
Size/MD5: 37558 f568ceabe0e419d263b75a5c852eb10a
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.3.2-1ubuntu7.8_sparc.deb
Size/MD5: 89606 d916d0d9478082000a0f698347613387
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.3.2-1ubuntu7.8_sparc.deb
Size/MD5: 2061026 a1b9da985d3d0211790f170443e74ac9
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.3.2-1ubuntu7.8_sparc.deb
Size/MD5: 58098 dc5d816068b451c8926dd06a25e1715b
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.3.2-1ubuntu7.8_sparc.deb
Size/MD5: 45572 9976f70a905893735ee445cca7ecda7f
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.3.2-1ubuntu7.8_sparc.deb
Size/MD5: 148486 48954d641e131708913530887d28c064
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.3.2-1ubuntu7.8_sparc.deb
Size/MD5: 182218 074755797d588b92f7030c0a9562cb67
Updated packages for Ubuntu 8.04 LTS:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.3.7-1ubuntu3.1.diff.gz
Size/MD5: 133549 8146f7a668701caad4379707ccedf538
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.3.7-1ubuntu3.1.dsc
Size/MD5: 1433 de3ffa5e20bdbc0bd61cf543cc2d351f
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.3.7.orig.tar.gz
Size/MD5: 4700333 383e556d9841475847da6076c88da467
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-common_1.3.7-1ubuntu3.1_all.deb
Size/MD5: 1143834 7230e79bb0d6a1435f3ce0de114e1ad3
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.3.7-1ubuntu3.1_amd64.deb
Size/MD5: 37530 0362fc9c1260486e4d1dcccca8dc60a3
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.3.7-1ubuntu3.1_amd64.deb
Size/MD5: 89982 9a1ac844025f66fb85357e1807256331
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.3.7-1ubuntu3.1_amd64.deb
Size/MD5: 1880646 233fbeadff826a6b6f22347559fe8bf5
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.3.7-1ubuntu3.1_amd64.deb
Size/MD5: 60892 98a65443be4d97fb1de2f8580dd67e40
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.3.7-1ubuntu3.1_amd64.deb
Size/MD5: 50356 89ca2e97385912ebf2ffe8a0871610d5
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.3.7-1ubuntu3.1_amd64.deb
Size/MD5: 344926 631f297ea0a13321c61ee211d65fceab
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.3.7-1ubuntu3.1_amd64.deb
Size/MD5: 177500 8dd137567dbc9644bda3b0a799cb2f6a
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.3.7-1ubuntu3.1_i386.deb
Size/MD5: 36952 deba752b21bdf04393626cf35ebb79eb
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.3.7-1ubuntu3.1_i386.deb
Size/MD5: 88408 2e76b5856bde6afe82da9a6b03a98026
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.3.7-1ubuntu3.1_i386.deb
Size/MD5: 1862954 aaa0817cb6b67729276e799275ad3346
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.3.7-1ubuntu3.1_i386.deb
Size/MD5: 60090 b37d935af9661002730cd5cb2b3f11d3
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.3.7-1ubuntu3.1_i386.deb
Size/MD5: 49838 a1d85e18616340eed3778b5286890c08
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.3.7-1ubuntu3.1_i386.deb
Size/MD5: 339344 f3d29993795e7172667356c8d255f296
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.3.7-1ubuntu3.1_i386.deb
Size/MD5: 174354 b1d7b741729749c6a3249fbcd0babe56
lpia architecture (Low Power Intel Architecture):
http://ports.ubuntu.com/pool/main/c/cupsys/cupsys-bsd_1.3.7-1ubuntu3.1_lpia.deb
Size/MD5: 36676 c46beddd8f227e1ee0b1c9a80d41b19a
http://ports.ubuntu.com/pool/main/c/cupsys/cupsys-client_1.3.7-1ubuntu3.1_lpia.deb
Size/MD5: 88734 c8b70c2665734c45caa22ae41f60b486
http://ports.ubuntu.com/pool/main/c/cupsys/cupsys_1.3.7-1ubuntu3.1_lpia.deb
Size/MD5: 1865262 27de39c2fbe2471f11b7756b5bc02cc3
http://ports.ubuntu.com/pool/main/c/cupsys/libcupsimage2-dev_1.3.7-1ubuntu3.1_lpia.deb
Size/MD5: 60540 b54c6711e74c55777f0e509f642c42f0
http://ports.ubuntu.com/pool/main/c/cupsys/libcupsimage2_1.3.7-1ubuntu3.1_lpia.deb
Size/MD5: 50860 64989632d1f49f5d25209bb9a68809d5
http://ports.ubuntu.com/pool/main/c/cupsys/libcupsys2-dev_1.3.7-1ubuntu3.1_lpia.deb
Size/MD5: 337020 ca60ea21ad93aca447e1ae04e0ad818f
http://ports.ubuntu.com/pool/main/c/cupsys/libcupsys2_1.3.7-1ubuntu3.1_lpia.deb
Size/MD5: 173276 6e0af5026f452171993817fbd6e6b4e7
powerpc architecture (Apple Macintosh G3/G4/G5):
http://ports.ubuntu.com/pool/main/c/cupsys/cupsys-bsd_1.3.7-1ubuntu3.1_powerpc.deb
Size/MD5: 46932 d8e051bd4e95f28090036d7087437127
http://ports.ubuntu.com/pool/main/c/cupsys/cupsys-client_1.3.7-1ubuntu3.1_powerpc.deb
Size/MD5: 110808 44e0741ccd8b9edab092b835c6831aca
http://ports.ubuntu.com/pool/main/c/cupsys/cupsys_1.3.7-1ubuntu3.1_powerpc.deb
Size/MD5: 1949134 0facca356ce9e5ffdacffde23d0713e3
http://ports.ubuntu.com/pool/main/c/cupsys/libcupsimage2-dev_1.3.7-1ubuntu3.1_powerpc.deb
Size/MD5: 59924 367a29bd4545906374eb27c511d33658
http://ports.ubuntu.com/pool/main/c/cupsys/libcupsimage2_1.3.7-1ubuntu3.1_powerpc.deb
Size/MD5: 54940 d762741ddd48f75e0e54ffd0efc45645
http://ports.ubuntu.com/pool/main/c/cupsys/libcupsys2-dev_1.3.7-1ubuntu3.1_powerpc.deb
Size/MD5: 341670 0958081b22a680ccf1f30abc36c06054
http://ports.ubuntu.com/pool/main/c/cupsys/libcupsys2_1.3.7-1ubuntu3.1_powerpc.deb
Size/MD5: 183238 e303094f36fcc1af0ac40321411bd90a
sparc architecture (Sun SPARC/UltraSPARC):
http://ports.ubuntu.com/pool/main/c/cupsys/cupsys-bsd_1.3.7-1ubuntu3.1_sparc.deb
Size/MD5: 38028 a8ee904a732a7392314b9b4f2faf5557
http://ports.ubuntu.com/pool/main/c/cupsys/cupsys-client_1.3.7-1ubuntu3.1_sparc.deb
Size/MD5: 91034 832edccd7ed2eec51759bbcce97536b1
http://ports.ubuntu.com/pool/main/c/cupsys/cupsys_1.3.7-1ubuntu3.1_sparc.deb
Size/MD5: 1897904 31192c6d2b5a6dca4eaf065c541795fc
http://ports.ubuntu.com/pool/main/c/cupsys/libcupsimage2-dev_1.3.7-1ubuntu3.1_sparc.deb
Size/MD5: 57856 398dadf7e1ee5075e4d3e2a4766b4580
http://ports.ubuntu.com/pool/main/c/cupsys/libcupsimage2_1.3.7-1ubuntu3.1_sparc.deb
Size/MD5: 48242 cc45265b41fd932d084a6bce9888e67f
http://ports.ubuntu.com/pool/main/c/cupsys/libcupsys2-dev_1.3.7-1ubuntu3.1_sparc.deb
Size/MD5: 341388 9411fb065604b882530faf47a0a85d4e
http://ports.ubuntu.com/pool/main/c/cupsys/libcupsys2_1.3.7-1ubuntu3.1_sparc.deb
Size/MD5: 173184 4a5e9e3508932262eefe3b08f94019d0
. ZDI-08-067: Apple CUPS 1.3.7 (HP-GL/2 filter) Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-08-067 October 9, 2008
-- CVE ID: CVE-2008-3641
-- Affected Vendors: Apple
-- Affected Products: Apple OS X
-- TippingPoint(TM) IPS Customer Protection: TippingPoint IPS customers have been protected against this vulnerability by Digital Vaccine protection filter ID 6325.
-- Vendor Response: Apple has issued an update to correct this vulnerability. More details can be found at:
http://support.apple.com/kb/HT3216
-- Disclosure Timeline: 2008-08-19 - Vulnerability reported to vendor 2008-10-09 - Coordinated public release of advisory
-- Credit: This vulnerability was discovered by: * regenrecht
-- About the Zero Day Initiative (ZDI): Established by TippingPoint, The Zero Day Initiative (ZDI) represents a best-of-breed model for rewarding security researchers for responsibly disclosing discovered vulnerabilities.
Researchers interested in getting paid for their security research through the ZDI can find more information and sign-up at:
http://www.zerodayinitiative.com
The ZDI is unique in how the acquired vulnerability information is used. TippingPoint does not re-sell the vulnerability details or any exploit code. Instead, upon notifying the affected product vendor, TippingPoint provides its customers with zero day protection through its intrusion prevention technology. Explicit details regarding the specifics of the vulnerability are not exposed to any parties until an official vendor patch is publicly available. Furthermore, with the altruistic aim of helping to secure a broader user base, TippingPoint provides this vulnerability information confidentially to security vendors (including competitors) who have a vulnerability protection or mitigation product.
Our vulnerability disclosure policy is available online at:
http://www.zerodayinitiative.com/advisories/disclosure_policy/
CONFIDENTIALITY NOTICE: This e-mail message, including any attachments, is being sent by 3Com for the sole use of the intended recipient(s) and may contain confidential, proprietary and/or privileged information. Any unauthorized review, use, disclosure and/or distribution by any recipient is prohibited. If you are not the intended recipient, please delete and/or destroy all copies of this message regardless of form and any included attachments and notify 3Com immediately by contacting the sender via reply e-mail or forwarding to 3Com at postmaster@3com.com.
Bist Du interessiert an einem neuen Job in IT-Sicherheit?
Secunia hat zwei freie Stellen als Junior und Senior Spezialist in IT- Sicherheit: http://secunia.com/secunia_vacancies/
TITLE: Nucleus XML-RPC PHP Code Execution Vulnerability
SECUNIA ADVISORY ID: SA15895
VERIFY ADVISORY: http://secunia.com/advisories/15895/
CRITICAL: Highly critical
IMPACT: System access
WHERE:
From remote
SOFTWARE: Nucleus 3.x http://secunia.com/product/3699/
DESCRIPTION: A vulnerability has been reported in Nucleus, which can be exploited by malicious people to compromise a vulnerable system. http://sourceforge.net/project/showfiles.php?group_id=66479
OTHER REFERENCES: SA15852: http://secunia.com/advisories/15852/
About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
.
CVE-2008-3640
It was discovered that an integer overflow in the Postscript
conversion tool "texttops" may lead to the execution of arbitrary
code.
For the stable distribution (etch), these problems have been fixed in version 1.2.7-4etch5.
For the unstable distribution (sid) and the upcoming stable distribution (lenny), these problems have been fixed in version 1.3.8-1lenny2 of the source package cups.
We recommend that you upgrade your cupsys package.
Upgrade instructions
wget url will fetch the file for you dpkg -i file.deb will install the referenced file.
If you are using the apt-get package manager, use the line for sources.list as given below:
apt-get update will update the internal database apt-get upgrade will install corrected packages
You may use an automated update by adding the resources from the footer to the proper configuration.
Debian GNU/Linux 4.0 alias etch
Stable updates are available for alpha, amd64, arm, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.
Source archives:
http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7.orig.tar.gz Size/MD5 checksum: 4214272 c9ba33356e5bb93efbcf77b6e142e498 http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4etch5.diff.gz Size/MD5 checksum: 108662 eab5aa097eaf3e802b4c6f1c60da9a03 http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4etch5.dsc Size/MD5 checksum: 1084 5fc7ea9d5c6434a9f2a45e3d7652b0fe
Architecture independent packages:
http://security.debian.org/pool/updates/main/c/cupsys/cupsys-common_1.2.7-4etch5_all.deb Size/MD5 checksum: 893832 0e7571a4a56cef8f099ba9300ed7330d http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-gnutls10_1.2.7-4etch5_all.deb Size/MD5 checksum: 46072 63a75f9fe31312a42725a786164f7762
alpha architecture (DEC Alpha)
http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4etch5_alpha.deb Size/MD5 checksum: 39310 8dad5588b86a4e1191025015d8e0c5be http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4etch5_alpha.deb Size/MD5 checksum: 1092376 35c1cd14d3f26fefafbebf1a76983740 http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4etch5_alpha.deb Size/MD5 checksum: 85906 1d07dcf128e7b78992560b2794be29d4 http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4etch5_alpha.deb Size/MD5 checksum: 183726 06377f48f1ee358c494f30f9ab213e6b http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4etch5_alpha.deb Size/MD5 checksum: 1614540 e87b439635e9b7f7c1fa1c6db2f7291c http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4etch5_alpha.deb Size/MD5 checksum: 95570 8638b199a8adb989254cbe88ab11bb7d http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4etch5_alpha.deb Size/MD5 checksum: 175262 08dbbe7e941af9c28f39107f907c618a http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4etch5_alpha.deb Size/MD5 checksum: 72690 1c099120f9fdcb334d8699b6238c0883
amd64 architecture (AMD x86_64 (AMD64))
http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4etch5_amd64.deb Size/MD5 checksum: 142538 4f9183a690ac21a220771db117b1bcea http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4etch5_amd64.deb Size/MD5 checksum: 162520 f04bafe61b0e06d21b67441916a4df2a http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4etch5_amd64.deb Size/MD5 checksum: 36356 eea9b0c14ac248313264474f4a103478 http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4etch5_amd64.deb Size/MD5 checksum: 53022 f864e06d82bd0769e7c73d20aa6c3366 http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4etch5_amd64.deb Size/MD5 checksum: 80708 9e8a7d08f6762753005bc2ac7ac04db7 http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4etch5_amd64.deb Size/MD5 checksum: 86264 3784680669a08745d6c766213e3d60f3 http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4etch5_amd64.deb Size/MD5 checksum: 1576062 c5f275763d3cd0bec5e448965780ea0b http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4etch5_amd64.deb Size/MD5 checksum: 1088040 106654a5c5a746e5bd1043ca4309deae
arm architecture (ARM)
http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4etch5_arm.deb Size/MD5 checksum: 132042 b1da3e68e04c68712a7f2ecebbea59d3 http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4etch5_arm.deb Size/MD5 checksum: 1026238 e776ce47912d97de7758029cddf18c41 http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4etch5_arm.deb Size/MD5 checksum: 155174 2203ae0043e540bb4c083c3f302294a9 http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4etch5_arm.deb Size/MD5 checksum: 78908 a60d8486ab41fe7064d84fdf1c057ce5 http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4etch5_arm.deb Size/MD5 checksum: 48742 9c6f61fb9c5af3f1496c249eb79542ce http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4etch5_arm.deb Size/MD5 checksum: 1569620 943fdc257cdf387c1a161adff88623bd http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4etch5_arm.deb Size/MD5 checksum: 85468 3e9d699071d741d86c5e2fbcc91a5241 http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4etch5_arm.deb Size/MD5 checksum: 35940 0bb609f5c990c932c0fed843bb659062
hppa architecture (HP PA RISC)
http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4etch5_hppa.deb Size/MD5 checksum: 84800 df6569c3eaad919b7f7768a75277838f http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4etch5_hppa.deb Size/MD5 checksum: 91988 08040e0dcc8cc99298d40aa370be50cc http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4etch5_hppa.deb Size/MD5 checksum: 1624214 e5d55a0aeacee0d85d7899018725b3d3 http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4etch5_hppa.deb Size/MD5 checksum: 153956 e11bfd3cb812f0892238a676a3453967 http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4etch5_hppa.deb Size/MD5 checksum: 171790 5b483d2f739ed456d94cf28047b2b2f5 http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4etch5_hppa.deb Size/MD5 checksum: 39548 181a14e58af274287bf02f8a758b70b5 http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4etch5_hppa.deb Size/MD5 checksum: 57398 715a6f4bb1b68b8a384a85ac384de668 http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4etch5_hppa.deb Size/MD5 checksum: 1032836 e1d9158ff6134678b976331566db0076
i386 architecture (Intel ia32)
http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4etch5_i386.deb Size/MD5 checksum: 999302 2ccf6ae0ef6f3d3dd56e484ba2199313 http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4etch5_i386.deb Size/MD5 checksum: 160638 f22f7da23cd3dea82d49cc9900d62512 http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4etch5_i386.deb Size/MD5 checksum: 138276 392028f61da2c29dcab1ffe3b4fe072f http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4etch5_i386.deb Size/MD5 checksum: 1548856 e1e04e47f556586eb83aff005d4870d2 http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4etch5_i386.deb Size/MD5 checksum: 36474 9bea3cd926f04da508b6a714f0a1daac http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4etch5_i386.deb Size/MD5 checksum: 86776 f3188eafaa1bd01a7b92d9403aab03a1 http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4etch5_i386.deb Size/MD5 checksum: 79878 ba1ed2b707101da54b3990b33ee1d877 http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4etch5_i386.deb Size/MD5 checksum: 53276 346cdebc7980089b28610ceb30f65519
ia64 architecture (Intel ia64)
http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4etch5_ia64.deb Size/MD5 checksum: 106226 829b2e5f435c8fb5eee03513654ee12f http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4etch5_ia64.deb Size/MD5 checksum: 106998 08fcec24b8c165542d986a1fd174ddd3 http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4etch5_ia64.deb Size/MD5 checksum: 46336 32d29b5c2986070f5d5b909864952dc3 http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4etch5_ia64.deb Size/MD5 checksum: 1771030 e7b261b4627ee20a3083a4f18a382e24 http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4etch5_ia64.deb Size/MD5 checksum: 192370 576e218a37e677170e9201946f24da5a http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4etch5_ia64.deb Size/MD5 checksum: 1108310 bdee8fbcfd10ba2847ab81ced8e9cc73 http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4etch5_ia64.deb Size/MD5 checksum: 204232 d5eb2138a8584813643dfe4e39d2fefb http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4etch5_ia64.deb Size/MD5 checksum: 74224 846a87584f78285569aee9c037b677d9
mipsel architecture (MIPS (Little Endian))
http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4etch5_mipsel.deb Size/MD5 checksum: 158560 74bc73b9eb3c7494ce762f7beb9ab4cd http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4etch5_mipsel.deb Size/MD5 checksum: 1553460 cd35f3de34290840be09b1b10729d7b3 http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4etch5_mipsel.deb Size/MD5 checksum: 150900 150e5405933cef2a8cf9147d88c9a4fb http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4etch5_mipsel.deb Size/MD5 checksum: 57860 2b7cdd4399e2893d2df0b5568d766239 http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4etch5_mipsel.deb Size/MD5 checksum: 86996 d4776eace76cb37f72557a44d053a677 http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4etch5_mipsel.deb Size/MD5 checksum: 1085494 429194a44228d669ecfa2acdeadf55e6 http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4etch5_mipsel.deb Size/MD5 checksum: 36058 f28b3f705fd293fc82a256d571119452 http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4etch5_mipsel.deb Size/MD5 checksum: 77448 4a9be71b3fc25253b1e77c2594e7f508
powerpc architecture (PowerPC)
http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4etch5_powerpc.deb Size/MD5 checksum: 51880 d1b872415002b54aba1ef54833cd5564 http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4etch5_powerpc.deb Size/MD5 checksum: 90008 fe2be6aba034693532a01b653781f501 http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4etch5_powerpc.deb Size/MD5 checksum: 1576600 d954a84710f9671d34eca72922f8d1d8 http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4etch5_powerpc.deb Size/MD5 checksum: 136868 ee633edb72a9d6d74481d9fe17d887d5 http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4etch5_powerpc.deb Size/MD5 checksum: 1143388 320529a907596704df487d89978e1948 http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4etch5_powerpc.deb Size/MD5 checksum: 41296 8e0fed6ae1645411f4daa52842ead589 http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4etch5_powerpc.deb Size/MD5 checksum: 163206 d0fc59550e27b346adb422e4d82cecaf http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4etch5_powerpc.deb Size/MD5 checksum: 88476 dfe47fbfeef0a714d6397ec9467165af
s390 architecture (IBM S/390)
http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4etch5_s390.deb Size/MD5 checksum: 1037260 a151e36916ffd7eae88e6b82cc0c08d7 http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4etch5_s390.deb Size/MD5 checksum: 37420 b095022e25c603ee57748795c4ec423b http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4etch5_s390.deb Size/MD5 checksum: 82338 3417e5562b6aa064ab5d3d11f15a69fb http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4etch5_s390.deb Size/MD5 checksum: 87928 6eea10e5b223fbd5f5a8d524bb03ab8e http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4etch5_s390.deb Size/MD5 checksum: 1587330 8b66abd7e3156f3beeaa27fbd971cbde http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4etch5_s390.deb Size/MD5 checksum: 166710 10f172f4c48ab9981d7c48564a2142a4 http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4etch5_s390.deb Size/MD5 checksum: 144932 3955c00c6293f7aec0a7cb9edb28a16d http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4etch5_s390.deb Size/MD5 checksum: 52524 b4e639621d58f91a8ec32043534c008f
sparc architecture (Sun SPARC/UltraSPARC)
http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4etch5_sparc.deb Size/MD5 checksum: 51826 8e3613f9041774f1dd42586782780fb5 http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4etch5_sparc.deb Size/MD5 checksum: 159434 d2352f19b51feab43fc17b5e3f17bb2b http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4etch5_sparc.deb Size/MD5 checksum: 138734 8b53d144485267cb99ec8a32262446e8 http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4etch5_sparc.deb Size/MD5 checksum: 1577758 748b77d9e54a363d46cd61548e72df7c http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4etch5_sparc.deb Size/MD5 checksum: 996834 0ad8037cbb3959581a0aeb29eb84a853 http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4etch5_sparc.deb Size/MD5 checksum: 85790 16bf4ce2378a68fc9b0ce4052e463e5d http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4etch5_sparc.deb Size/MD5 checksum: 36062 426fe5dbac939828393d99e561abf0e3 http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4etch5_sparc.deb Size/MD5 checksum: 78608 f469105c5d9f121c333d5e4ac315c7be
These files will probably be moved into the stable distribution on its next update.
For apt-get: deb http://security.debian.org/ stable/updates main For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main Mailing list: debian-security-announce@lists.debian.org Package info: `apt-cache show ' and http://packages.debian.org/ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux)
iEYEARECAAYFAkj8vewACgkQXm3vHE4uylo3VQCfe5/oLteemHII7TUL80ybcnZd REIAn1hdR3STx867KCMafAi58O1fia05 =T/kw -----END PGP SIGNATURE----- . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Mandriva Linux Security Advisory MDVSA-2008:211 http://www.mandriva.com/security/
Package : cups Date : October 10, 2008 Affected: 2007.1, 2008.0, 2008.1, 2009.0, Corporate 3.0, Corporate 4.0
Problem Description:
A buffer overflow in the SGI image format decoding routines used by the CUPS image converting filter imagetops was discovered.
An integer overflow flaw leading to a heap buffer overflow was found in the Text-to-PostScript texttops filter.
Finally, an insufficient buffer bounds checking flaw was found in the HP-GL/2-to-PostScript hpgltops filter.
The updated packages have been patched to prevent this issue; for Mandriva Linux 2009.0 the latest CUPS version (1.3.9) is provided that corrects these issues and also provides other bug fixes.
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3639 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3640 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3641
Updated Packages:
Mandriva Linux 2007.1: d8041b477aac8897e465fd7885c4f046 2007.1/i586/cups-1.2.10-2.8mdv2007.1.i586.rpm 85169e175683eee33f38c3dc6dca555d 2007.1/i586/cups-common-1.2.10-2.8mdv2007.1.i586.rpm 3838db5f9b5313587335232f4bdfadb7 2007.1/i586/cups-serial-1.2.10-2.8mdv2007.1.i586.rpm 4dac70286d0aaa55d0c585c4e485f4d6 2007.1/i586/libcups2-1.2.10-2.8mdv2007.1.i586.rpm 2647b541d7a80ea194d6cc4983342e14 2007.1/i586/libcups2-devel-1.2.10-2.8mdv2007.1.i586.rpm 5bf9cba238150a77016869b2b600e0bd 2007.1/i586/php-cups-1.2.10-2.8mdv2007.1.i586.rpm 3762b10d3a6b962ec6932856d635a119 2007.1/SRPMS/cups-1.2.10-2.8mdv2007.1.src.rpm
Mandriva Linux 2007.1/X86_64: 27098b09dc01c70600c55572cb928422 2007.1/x86_64/cups-1.2.10-2.8mdv2007.1.x86_64.rpm fbd01859759af3a2e32244cfff7aaa33 2007.1/x86_64/cups-common-1.2.10-2.8mdv2007.1.x86_64.rpm 4197004f7a59cc90d8d51f8ff34e2997 2007.1/x86_64/cups-serial-1.2.10-2.8mdv2007.1.x86_64.rpm 6cc45d922f07d379db0de2e08eb1589e 2007.1/x86_64/lib64cups2-1.2.10-2.8mdv2007.1.x86_64.rpm d7443db8a26f27b41c32c95dee129437 2007.1/x86_64/lib64cups2-devel-1.2.10-2.8mdv2007.1.x86_64.rpm eca467e20954fea23fd050ee41d2ca4a 2007.1/x86_64/php-cups-1.2.10-2.8mdv2007.1.x86_64.rpm 3762b10d3a6b962ec6932856d635a119 2007.1/SRPMS/cups-1.2.10-2.8mdv2007.1.src.rpm
Mandriva Linux 2008.0: 837c0714eef677dfcdb1befc56012db5 2008.0/i586/cups-1.3.6-1.3mdv2008.0.i586.rpm cb8d17edacf1dc1dc5915fbb35745d9a 2008.0/i586/cups-common-1.3.6-1.3mdv2008.0.i586.rpm 635eb3405a6b5a4b93ca6373207093df 2008.0/i586/cups-serial-1.3.6-1.3mdv2008.0.i586.rpm 59939c1a2a730a0887750bafb4cabee1 2008.0/i586/libcups2-1.3.6-1.3mdv2008.0.i586.rpm 6183d24df353f4e8082374951636a657 2008.0/i586/libcups2-devel-1.3.6-1.3mdv2008.0.i586.rpm 0f1df17bf9cc86bb607ef28d4b29c6b2 2008.0/i586/php-cups-1.3.6-1.3mdv2008.0.i586.rpm 68ac87937182de901cece9b93ba700fa 2008.0/SRPMS/cups-1.3.6-1.3mdv2008.0.src.rpm
Mandriva Linux 2008.0/X86_64: 5b73d5bfebbc66f8a56922c7b943f351 2008.0/x86_64/cups-1.3.6-1.3mdv2008.0.x86_64.rpm a41d07d80c38b30ee5357b25f7b828ab 2008.0/x86_64/cups-common-1.3.6-1.3mdv2008.0.x86_64.rpm 34d6d4eb79b1ee5a9235843398301646 2008.0/x86_64/cups-serial-1.3.6-1.3mdv2008.0.x86_64.rpm 3157dcaafb55463d8ad149d99e4d0c55 2008.0/x86_64/lib64cups2-1.3.6-1.3mdv2008.0.x86_64.rpm 78b5f7fcedbbbef9c2318977b5f50264 2008.0/x86_64/lib64cups2-devel-1.3.6-1.3mdv2008.0.x86_64.rpm 082094f0923f72890f6dbb47eb9072b4 2008.0/x86_64/php-cups-1.3.6-1.3mdv2008.0.x86_64.rpm 68ac87937182de901cece9b93ba700fa 2008.0/SRPMS/cups-1.3.6-1.3mdv2008.0.src.rpm
Mandriva Linux 2008.1: c22f4c131005e05768b0c45e931015c7 2008.1/i586/cups-1.3.6-5.2mdv2008.1.i586.rpm 8f1ad7b01f0d48aa920cb2378f5fce0a 2008.1/i586/cups-common-1.3.6-5.2mdv2008.1.i586.rpm 763dfee5def4727b34769298beb5c9fe 2008.1/i586/cups-serial-1.3.6-5.2mdv2008.1.i586.rpm dadd48446b97869372535fb2ef02a471 2008.1/i586/libcups2-1.3.6-5.2mdv2008.1.i586.rpm cf48ae8c17120d7d83b638f432620797 2008.1/i586/libcups2-devel-1.3.6-5.2mdv2008.1.i586.rpm 33d7dcb6b32e58bc38e847f827447b54 2008.1/i586/php-cups-1.3.6-5.2mdv2008.1.i586.rpm 25997a30a1fbc24e4a1a5017d15ac526 2008.1/SRPMS/cups-1.3.6-5.2mdv2008.1.src.rpm
Mandriva Linux 2008.1/X86_64: 3804ff0deea819d375cdee86b1d98bf4 2008.1/x86_64/cups-1.3.6-5.2mdv2008.1.x86_64.rpm 9f8550ffbb7778636b18c33c6854e163 2008.1/x86_64/cups-common-1.3.6-5.2mdv2008.1.x86_64.rpm 077652b9f481f72873b6e94a0f54fe17 2008.1/x86_64/cups-serial-1.3.6-5.2mdv2008.1.x86_64.rpm 569bcdcf971b564d3ad3cec8b6281fec 2008.1/x86_64/lib64cups2-1.3.6-5.2mdv2008.1.x86_64.rpm 05ce67f5f2bf9f27b69963bbc0ba3f6e 2008.1/x86_64/lib64cups2-devel-1.3.6-5.2mdv2008.1.x86_64.rpm 8a48fbfa84679702c496744f394ac4f6 2008.1/x86_64/php-cups-1.3.6-5.2mdv2008.1.x86_64.rpm 25997a30a1fbc24e4a1a5017d15ac526 2008.1/SRPMS/cups-1.3.6-5.2mdv2008.1.src.rpm
Mandriva Linux 2009.0: 3480a3533f163c8559254c7dc7dccca4 2009.0/i586/cups-1.3.9-0.1mdv2009.0.i586.rpm 2eda3ae527a0d6477bf2f52f57f37297 2009.0/i586/cups-common-1.3.9-0.1mdv2009.0.i586.rpm 1b0849a0dcd6cc52debfdc23ca347e60 2009.0/i586/cups-serial-1.3.9-0.1mdv2009.0.i586.rpm 9ef6a24d1e8155bea9e7e148252dc4e7 2009.0/i586/libcups2-1.3.9-0.1mdv2009.0.i586.rpm 2a8be000df9a71f506a039e58faaf1b4 2009.0/i586/libcups2-devel-1.3.9-0.1mdv2009.0.i586.rpm 7f04461fd982b387144f73612b3cbd86 2009.0/i586/php-cups-1.3.9-0.1mdv2009.0.i586.rpm 1c16860c6f7af958cb6744dd60ffd63e 2009.0/SRPMS/cups-1.3.9-0.1mdv2009.0.src.rpm
Mandriva Linux 2009.0/X86_64: 926221e97b7c4c52562468b26066f049 2009.0/x86_64/cups-1.3.9-0.1mdv2009.0.x86_64.rpm 96abb10e235084a80cd17c79cc31a360 2009.0/x86_64/cups-common-1.3.9-0.1mdv2009.0.x86_64.rpm cb817300fa6d8c9b40a0f8a01572d691 2009.0/x86_64/cups-serial-1.3.9-0.1mdv2009.0.x86_64.rpm d56cea0645b26b668f9b8a66f2dc090f 2009.0/x86_64/lib64cups2-1.3.9-0.1mdv2009.0.x86_64.rpm f4a04369ad8d202d87ea49a3da4ab67c 2009.0/x86_64/lib64cups2-devel-1.3.9-0.1mdv2009.0.x86_64.rpm 85124180f179ae504ad2f27ef814683d 2009.0/x86_64/php-cups-1.3.9-0.1mdv2009.0.x86_64.rpm 1c16860c6f7af958cb6744dd60ffd63e 2009.0/SRPMS/cups-1.3.9-0.1mdv2009.0.src.rpm
Corporate 3.0: d235e680a70a94ce2c32a556a1fea6d5 corporate/3.0/i586/cups-1.1.20-5.19.C30mdk.i586.rpm eccffd52489f0aca14a11b6b88a5c59f corporate/3.0/i586/cups-common-1.1.20-5.19.C30mdk.i586.rpm 743aad40e707a1c6ec8de19e6ba19668 corporate/3.0/i586/cups-serial-1.1.20-5.19.C30mdk.i586.rpm 931bd82e26396ef7109369893e8fb740 corporate/3.0/i586/libcups2-1.1.20-5.19.C30mdk.i586.rpm 007b156ceb1f78c107a05bba499f544d corporate/3.0/i586/libcups2-devel-1.1.20-5.19.C30mdk.i586.rpm 685d93ef91df7b10faefae3d9c8a2e20 corporate/3.0/SRPMS/cups-1.1.20-5.19.C30mdk.src.rpm
Corporate 3.0/X86_64: c57219da87ef50832e74efbfd3471f64 corporate/3.0/x86_64/cups-1.1.20-5.19.C30mdk.x86_64.rpm 6f9772a800e70f1e3766d76de8dcf6e3 corporate/3.0/x86_64/cups-common-1.1.20-5.19.C30mdk.x86_64.rpm e1221063527caed05a6e94f9cebed9ab corporate/3.0/x86_64/cups-serial-1.1.20-5.19.C30mdk.x86_64.rpm a0b15b24cfc995a7a769c1e87d53a696 corporate/3.0/x86_64/lib64cups2-1.1.20-5.19.C30mdk.x86_64.rpm aaabff95ac9a30ff1d9ce224612bcb50 corporate/3.0/x86_64/lib64cups2-devel-1.1.20-5.19.C30mdk.x86_64.rpm 685d93ef91df7b10faefae3d9c8a2e20 corporate/3.0/SRPMS/cups-1.1.20-5.19.C30mdk.src.rpm
Corporate 4.0: 56f3e394ac8e4b4e7d423c7989d2e6af corporate/4.0/i586/cups-1.2.4-0.10.20060mlcs4.i586.rpm dcb4425723e63a2d094305cde05890f3 corporate/4.0/i586/cups-common-1.2.4-0.10.20060mlcs4.i586.rpm 348427ebb4f1f1f530c3c129850de957 corporate/4.0/i586/cups-serial-1.2.4-0.10.20060mlcs4.i586.rpm d0a8052949416c5ba260b48596cbf415 corporate/4.0/i586/libcups2-1.2.4-0.10.20060mlcs4.i586.rpm ab7637abe249e4369cf39d37113ba37f corporate/4.0/i586/libcups2-devel-1.2.4-0.10.20060mlcs4.i586.rpm 86af12b21de1212e72286e9b2db23caa corporate/4.0/i586/php-cups-1.2.4-0.10.20060mlcs4.i586.rpm 5a7d0a19238e8b654821bb87355f9f27 corporate/4.0/SRPMS/cups-1.2.4-0.10.20060mlcs4.src.rpm
Corporate 4.0/X86_64: 59784628a2385248e8d71c1476773071 corporate/4.0/x86_64/cups-1.2.4-0.10.20060mlcs4.x86_64.rpm a7933ad29b9a77973fcf7feb02c381b9 corporate/4.0/x86_64/cups-common-1.2.4-0.10.20060mlcs4.x86_64.rpm 26da08a5da63053f418e47792cf26280 corporate/4.0/x86_64/cups-serial-1.2.4-0.10.20060mlcs4.x86_64.rpm 0614662f2661171ade097e562a94c635 corporate/4.0/x86_64/lib64cups2-1.2.4-0.10.20060mlcs4.x86_64.rpm a899db16ce3db8ec71aaef67a6650616 corporate/4.0/x86_64/lib64cups2-devel-1.2.4-0.10.20060mlcs4.x86_64.rpm 9e3dc91c4390d7ba60ca26dcc095b8d8 corporate/4.0/x86_64/php-cups-1.2.4-0.10.20060mlcs4.x86_64.rpm 5a7d0a19238e8b654821bb87355f9f27 corporate/4.0/SRPMS/cups-1.2.4-0.10.20060mlcs4.src.rpm
To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandriva Linux at:
http://www.mandriva.com/security/advisories
If you want to report vulnerabilities, please contact
security_(at)_mandriva.com
Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux)
iD8DBQFI8DeJmqjQ0CJFipgRAmbxAKCxSRvJTtancZ/puQkgifGbRQnZIQCg6Bum EnuxPIlaIiQWBIjMSk4WWoo= =aMXC -----END PGP SIGNATURE-----
Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ . - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 200812-11
http://security.gentoo.org/
Severity: High
Title: CUPS: Multiple vulnerabilities
Date: December 10, 2008
Bugs: #238976, #249727
ID: 200812-11
Synopsis
Several remotely exploitable bugs have been found in CUPS, which allow remote execution of arbitrary code.
Background
CUPS is the Common Unix Printing System.
Affected packages
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 net-print/cups < 1.3.9-r1 >= 1.3.9-r1
Description
Several buffer overflows were found in:
-
The read_rle16 function in imagetops (CVE-2008-3639, found by regenrecht, reported via ZDI)
-
The WriteProlog function in texttops (CVE-2008-3640, found by regenrecht, reported via ZDI)
-
The Hewlett-Packard Graphics Language (HPGL) filter (CVE-2008-3641, found by regenrecht, reported via iDefense)
-
The _cupsImageReadPNG function (CVE-2008-5286, reported by iljavs)
Impact
A remote attacker could send specially crafted input to a vulnerable server, resulting in the remote execution of arbitrary code with the privileges of the user running the server.
Workaround
None this time.
Resolution
All CUPS users should upgrade to the latest version.
# emerge --sync
# emerge --ask --oneshot --verbose ">=net-print/cups-1.3.9-r1"
References
[ 1 ] CVE-2008-3639
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3639
[ 2 ] CVE-2008-3640
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3640
[ 3 ] CVE-2008-3641
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3641
[ 4 ] CVE-2008-5286
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5286
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-200812-11.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at http://bugs.gentoo.org.
License
Copyright 2008 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
Show details on source website{
"affected_products": {
"_id": null,
"data": [
{
"_id": null,
"model": "cups",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "1.1.15"
},
{
"_id": null,
"model": "cups",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "1.1.13"
},
{
"_id": null,
"model": "cups",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "1.1.14"
},
{
"_id": null,
"model": "cups",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "1.1.19"
},
{
"_id": null,
"model": "cups",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "1.1.16"
},
{
"_id": null,
"model": "cups",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "1.3"
},
{
"_id": null,
"model": "cups",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "1.1.18"
},
{
"_id": null,
"model": "cups",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "1.1.11"
},
{
"_id": null,
"model": "cups",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "1.1.17"
},
{
"_id": null,
"model": "cups",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "1.1.12"
},
{
"_id": null,
"model": "cups",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.3.1"
},
{
"_id": null,
"model": "cups",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.1.10-1"
},
{
"_id": null,
"model": "cups",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.1.20"
},
{
"_id": null,
"model": "cups",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.3.5"
},
{
"_id": null,
"model": "cups",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.1.7"
},
{
"_id": null,
"model": "cups",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.1.5"
},
{
"_id": null,
"model": "cups",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.2.5"
},
{
"_id": null,
"model": "cups",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.1.9"
},
{
"_id": null,
"model": "cups",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.1.6-3"
},
{
"_id": null,
"model": "cups",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.2.12"
},
{
"_id": null,
"model": "cups",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.1.10"
},
{
"_id": null,
"model": "cups",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.1"
},
{
"_id": null,
"model": "cups",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.1.9-1"
},
{
"_id": null,
"model": "cups",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.2.11"
},
{
"_id": null,
"model": "cups",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.2.3"
},
{
"_id": null,
"model": "cups",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.2.2"
},
{
"_id": null,
"model": "cups",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.3.6"
},
{
"_id": null,
"model": "cups",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.1.5-2"
},
{
"_id": null,
"model": "cups",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.1.4"
},
{
"_id": null,
"model": "cups",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.1.21"
},
{
"_id": null,
"model": "cups",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.1.1"
},
{
"_id": null,
"model": "cups",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.1.8"
},
{
"_id": null,
"model": "cups",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.2.0"
},
{
"_id": null,
"model": "cups",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.3.3"
},
{
"_id": null,
"model": "cups",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.2.8"
},
{
"_id": null,
"model": "cups",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.1.2"
},
{
"_id": null,
"model": "cups",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.2.6"
},
{
"_id": null,
"model": "cups",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.3.4"
},
{
"_id": null,
"model": "cups",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.1.3"
},
{
"_id": null,
"model": "cups",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.1.6-2"
},
{
"_id": null,
"model": "cups",
"scope": "lte",
"trust": 1.0,
"vendor": "apple",
"version": "1.3.8"
},
{
"_id": null,
"model": "cups",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.2.7"
},
{
"_id": null,
"model": "cups",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.3.0"
},
{
"_id": null,
"model": "cups",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.3.7"
},
{
"_id": null,
"model": "cups",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.1.5-1"
},
{
"_id": null,
"model": "cups",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.1.6-1"
},
{
"_id": null,
"model": "cups",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.3.2"
},
{
"_id": null,
"model": "cups",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.2.4"
},
{
"_id": null,
"model": "cups",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.1.23"
},
{
"_id": null,
"model": "cups",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.2.10"
},
{
"_id": null,
"model": "cups",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.2"
},
{
"_id": null,
"model": "cups",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.2.1"
},
{
"_id": null,
"model": "cups",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.2.9"
},
{
"_id": null,
"model": "cups",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.1.22"
},
{
"_id": null,
"model": "cups",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.1.6"
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "drupal",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "gentoo linux",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "mandriva",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "pear xml rpc",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "phpxmlrpc",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "postnuke",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "red hat",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "serendipity",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "trustix secure linux",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ubuntu linux",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "wordpress",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "xoops",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "phpmyfaq",
"version": null
},
{
"_id": null,
"model": "cups",
"scope": "lt",
"trust": 0.8,
"vendor": "cups",
"version": "1.3.9"
},
{
"_id": null,
"model": "mac os x",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "v10.4.11"
},
{
"_id": null,
"model": "mac os x",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "v10.5.5"
},
{
"_id": null,
"model": "mac os x server",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "v10.4.11"
},
{
"_id": null,
"model": "mac os x server",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "v10.5.5"
},
{
"_id": null,
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "3 (x86)"
},
{
"_id": null,
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "3 (x86-64)"
},
{
"_id": null,
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "3.0"
},
{
"_id": null,
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "3.0 (x86-64)"
},
{
"_id": null,
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "4.0"
},
{
"_id": null,
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "4.0 (x86-64)"
},
{
"_id": null,
"model": "turbolinux appliance server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "1.0 (hosting)"
},
{
"_id": null,
"model": "turbolinux appliance server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "1.0 (workgroup)"
},
{
"_id": null,
"model": "turbolinux appliance server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "2.0"
},
{
"_id": null,
"model": "turbolinux appliance server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "3.0"
},
{
"_id": null,
"model": "turbolinux appliance server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "3.0 (x64)"
},
{
"_id": null,
"model": "turbolinux client",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "2008"
},
{
"_id": null,
"model": "turbolinux fuji",
"scope": null,
"trust": 0.8,
"vendor": "turbo linux",
"version": null
},
{
"_id": null,
"model": "turbolinux multimedia",
"scope": null,
"trust": 0.8,
"vendor": "turbo linux",
"version": null
},
{
"_id": null,
"model": "turbolinux personal",
"scope": null,
"trust": 0.8,
"vendor": "turbo linux",
"version": null
},
{
"_id": null,
"model": "turbolinux server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "10"
},
{
"_id": null,
"model": "turbolinux server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "10 (x64)"
},
{
"_id": null,
"model": "turbolinux server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "11"
},
{
"_id": null,
"model": "turbolinux server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "11 (x64)"
},
{
"_id": null,
"model": "wizpy",
"scope": null,
"trust": 0.8,
"vendor": "turbo linux",
"version": null
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3 (as)"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3 (es)"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3 (ws)"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 (as)"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 (es)"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 (ws)"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5 (server)"
},
{
"_id": null,
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3.0"
},
{
"_id": null,
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4.0"
},
{
"_id": null,
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5.0 (client)"
},
{
"_id": null,
"model": "rhel desktop workstation",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5 (client)"
},
{
"_id": null,
"model": "os x",
"scope": null,
"trust": 0.7,
"vendor": "apple",
"version": null
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "x10.5.3"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "x10.4.10"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "x10.5"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "x10.4.5"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "x10.5.4"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "x10.5.1"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "x10.4.4"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "x10.4.6"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "x10.4.11"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "x10.4.8"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "x10.4.9"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "x10.4"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "x10.5.5"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "x10.4.7"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "x10.4.1"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "x10.5.2"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "x10.4.2"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "x10.4.3"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "x10.5.3"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "x10.4.10"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "x10.5"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "x10.4.5"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "x10.5.4"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "x10.5.1"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "x10.4.4"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "x10.4.6"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "x10.4.8"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "x10.4.9"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "x10.5.5"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "x10.4"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "x10.4.1"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "x10.5.2"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "x10.4.7"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "x10.4.2"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "x10.4.3"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "x10.4.11"
},
{
"_id": null,
"model": "software products cups",
"scope": "eq",
"trust": 0.3,
"vendor": "easy",
"version": "1.1.10"
},
{
"_id": null,
"model": "opensolaris build snv 95",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "software products cups",
"scope": "eq",
"trust": 0.3,
"vendor": "easy",
"version": "1.1.4"
},
{
"_id": null,
"model": "linux enterprise desktop sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"_id": null,
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "11x64"
},
{
"_id": null,
"model": "software products cups",
"scope": "eq",
"trust": 0.3,
"vendor": "easy",
"version": "1.1.21"
},
{
"_id": null,
"model": "opensolaris build snv 93",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "rpath",
"version": "1"
},
{
"_id": null,
"model": "corporate server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "4.0"
},
{
"_id": null,
"model": "linux lts powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"_id": null,
"model": "appliance server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "3.0"
},
{
"_id": null,
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "11"
},
{
"_id": null,
"model": "software products cups",
"scope": "eq",
"trust": 0.3,
"vendor": "easy",
"version": "1.1.4-5"
},
{
"_id": null,
"model": "messaging storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"_id": null,
"model": "software products cups",
"scope": "eq",
"trust": 0.3,
"vendor": "easy",
"version": "1.3.5"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "pardus",
"version": "20080"
},
{
"_id": null,
"model": "personal",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"_id": null,
"model": "software products cups",
"scope": "eq",
"trust": 0.3,
"vendor": "easy",
"version": "1.1.4-2"
},
{
"_id": null,
"model": "appliance server hosting edition",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "1.0"
},
{
"_id": null,
"model": "software products cups",
"scope": "eq",
"trust": 0.3,
"vendor": "easy",
"version": "1.1.14"
},
{
"_id": null,
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "7.04"
},
{
"_id": null,
"model": "linux lts amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "8.04"
},
{
"_id": null,
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "11.1"
},
{
"_id": null,
"model": "software products cups",
"scope": "eq",
"trust": 0.3,
"vendor": "easy",
"version": "1.1.15"
},
{
"_id": null,
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2007.1"
},
{
"_id": null,
"model": "desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4.0"
},
{
"_id": null,
"model": "linux lts powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "8.04"
},
{
"_id": null,
"model": "proactive contact",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.0"
},
{
"_id": null,
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "7.04"
},
{
"_id": null,
"model": "software products cups",
"scope": "eq",
"trust": 0.3,
"vendor": "easy",
"version": "1.2.10"
},
{
"_id": null,
"model": "opensolaris build snv 101a",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "hat enterprise linux desktop client",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5"
},
{
"_id": null,
"model": "opensolaris build snv 99",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "software products cups",
"scope": "eq",
"trust": 0.3,
"vendor": "easy",
"version": "1.1.13"
},
{
"_id": null,
"model": "linux lts i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"_id": null,
"model": "linux enterprise server sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"_id": null,
"model": "messaging storage server mm3.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"_id": null,
"model": "opensolaris build snv 87",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"_id": null,
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"_id": null,
"model": "messaging storage server",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"_id": null,
"model": "opensolaris build snv 88",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "4.0"
},
{
"_id": null,
"model": "messaging storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"_id": null,
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2008.0"
},
{
"_id": null,
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"_id": null,
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"_id": null,
"model": "proactive contact",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "0"
},
{
"_id": null,
"model": "linux lts sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "8.04"
},
{
"_id": null,
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2008.1"
},
{
"_id": null,
"model": "linux lts amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"_id": null,
"model": "appliance server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "2.0"
},
{
"_id": null,
"model": "software products cups rc5",
"scope": "eq",
"trust": 0.3,
"vendor": "easy",
"version": "1.1.19"
},
{
"_id": null,
"model": "linux lts i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "8.04"
},
{
"_id": null,
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2007.1"
},
{
"_id": null,
"model": "linux lpia",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "7.10"
},
{
"_id": null,
"model": "opensolaris build snv 100",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2009.0"
},
{
"_id": null,
"model": "software products cups",
"scope": "eq",
"trust": 0.3,
"vendor": "easy",
"version": "1.1.4-3"
},
{
"_id": null,
"model": "software products cups",
"scope": "eq",
"trust": 0.3,
"vendor": "easy",
"version": "1.1.22"
},
{
"_id": null,
"model": "linux alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "4.0"
},
{
"_id": null,
"model": "linux ia-32",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "4.0"
},
{
"_id": null,
"model": "software products cups",
"scope": "eq",
"trust": 0.3,
"vendor": "easy",
"version": "1.1.18"
},
{
"_id": null,
"model": "linux mipsel",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "4.0"
},
{
"_id": null,
"model": "linux mips",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "4.0"
},
{
"_id": null,
"model": "software products cups",
"scope": "eq",
"trust": 0.3,
"vendor": "easy",
"version": "1.2.8"
},
{
"_id": null,
"model": "linux enterprise server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"_id": null,
"model": "software products cups",
"scope": "eq",
"trust": 0.3,
"vendor": "easy",
"version": "1.1.12"
},
{
"_id": null,
"model": "fuji",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "0"
},
{
"_id": null,
"model": "hat enterprise linux server",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5"
},
{
"_id": null,
"model": "linux enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "8"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "12.1"
},
{
"_id": null,
"model": "appliance platform linux service",
"scope": "eq",
"trust": 0.3,
"vendor": "rpath",
"version": "2"
},
{
"_id": null,
"model": "corporate server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "3.0"
},
{
"_id": null,
"model": "message networking",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"_id": null,
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "7.10"
},
{
"_id": null,
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "11.0"
},
{
"_id": null,
"model": "linux lts sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"_id": null,
"model": "corporate server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "4.0"
},
{
"_id": null,
"model": "appliance server workgroup edition",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "1.0"
},
{
"_id": null,
"model": "linux s/390",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "4.0"
},
{
"_id": null,
"model": "opensolaris build snv 96",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "software products cups rc1",
"scope": "eq",
"trust": 0.3,
"vendor": "easy",
"version": "1.1.22"
},
{
"_id": null,
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "4.0"
},
{
"_id": null,
"model": "message networking",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"_id": null,
"model": "software products cups",
"scope": "eq",
"trust": 0.3,
"vendor": "easy",
"version": "1.3.3"
},
{
"_id": null,
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"_id": null,
"model": "desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3.0"
},
{
"_id": null,
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "7.10"
},
{
"_id": null,
"model": "appliance platform linux service",
"scope": "eq",
"trust": 0.3,
"vendor": "rpath",
"version": "1"
},
{
"_id": null,
"model": "enterprise linux desktop workstation client",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"_id": null,
"model": "software products cups",
"scope": "eq",
"trust": 0.3,
"vendor": "easy",
"version": "1.3.6"
},
{
"_id": null,
"model": "linux lts lpia",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "8.04"
},
{
"_id": null,
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10.0"
},
{
"_id": null,
"model": "software products cups",
"scope": "eq",
"trust": 0.3,
"vendor": "easy",
"version": "1.2.9"
},
{
"_id": null,
"model": "opensolaris build snv 91",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "opensolaris build snv 89",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "novell linux pos",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9"
},
{
"_id": null,
"model": "messaging storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.0"
},
{
"_id": null,
"model": "message networking mn",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"_id": null,
"model": "wizpy",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "0"
},
{
"_id": null,
"model": "open-enterprise-server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "0"
},
{
"_id": null,
"model": "linux enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "9"
},
{
"_id": null,
"model": "linux enterprise desktop sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"_id": null,
"model": "software products cups",
"scope": "ne",
"trust": 0.3,
"vendor": "easy",
"version": "1.3.9"
},
{
"_id": null,
"model": "opensolaris build snv 94",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "software products cups",
"scope": "eq",
"trust": 0.3,
"vendor": "easy",
"version": "1.1.6"
},
{
"_id": null,
"model": "opensolaris build snv 101",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "linux m68k",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "4.0"
},
{
"_id": null,
"model": "software products cups",
"scope": "eq",
"trust": 0.3,
"vendor": "easy",
"version": "1.2.12"
},
{
"_id": null,
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "4.0"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "4.0"
},
{
"_id": null,
"model": "software products cups",
"scope": "eq",
"trust": 0.3,
"vendor": "easy",
"version": "1.1.17"
},
{
"_id": null,
"model": "novell linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.0"
},
{
"_id": null,
"model": "voice portal",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.0"
},
{
"_id": null,
"model": "opensolaris build snv 90",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "7.10"
},
{
"_id": null,
"model": "software products cups",
"scope": "eq",
"trust": 0.3,
"vendor": "easy",
"version": "1.2.4"
},
{
"_id": null,
"model": "software products cups",
"scope": "eq",
"trust": 0.3,
"vendor": "easy",
"version": "1.1.1"
},
{
"_id": null,
"model": "linux ia-64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "4.0"
},
{
"_id": null,
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.2"
},
{
"_id": null,
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2008.1"
},
{
"_id": null,
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "4.0"
},
{
"_id": null,
"model": "software products cups",
"scope": "eq",
"trust": 0.3,
"vendor": "easy",
"version": "1.3.2"
},
{
"_id": null,
"model": "software products cups",
"scope": "eq",
"trust": 0.3,
"vendor": "easy",
"version": "1.1.23"
},
{
"_id": null,
"model": "software products cups",
"scope": "eq",
"trust": 0.3,
"vendor": "easy",
"version": "1.1.20"
},
{
"_id": null,
"model": "software products cups",
"scope": "eq",
"trust": 0.3,
"vendor": "easy",
"version": "1.0.4"
},
{
"_id": null,
"model": "linux hppa",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "4.0"
},
{
"_id": null,
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "7.10"
},
{
"_id": null,
"model": "appliance server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "3.0x64"
},
{
"_id": null,
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10.3"
},
{
"_id": null,
"model": "client",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "2008"
},
{
"_id": null,
"model": "proactive contact",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.0"
},
{
"_id": null,
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2008.0"
},
{
"_id": null,
"model": "intuity audix lx",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"_id": null,
"model": "software products cups",
"scope": "eq",
"trust": 0.3,
"vendor": "easy",
"version": "1.2.2"
},
{
"_id": null,
"model": "opensolaris build snv 102",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "corporate server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "3.0"
},
{
"_id": null,
"model": "software products cups",
"scope": "eq",
"trust": 0.3,
"vendor": "easy",
"version": "1.3.7"
},
{
"_id": null,
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "7.04"
},
{
"_id": null,
"model": "software products cups",
"scope": "eq",
"trust": 0.3,
"vendor": "easy",
"version": "1.0.4-8"
},
{
"_id": null,
"model": "messaging storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.0"
},
{
"_id": null,
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10.0.0x64"
},
{
"_id": null,
"model": "software products cups",
"scope": "eq",
"trust": 0.3,
"vendor": "easy",
"version": "1.1.7"
},
{
"_id": null,
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2009.0"
},
{
"_id": null,
"model": "software products cups rc1",
"scope": "eq",
"trust": 0.3,
"vendor": "easy",
"version": "1.1.23"
},
{
"_id": null,
"model": "hat enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "4"
},
{
"_id": null,
"model": "hat enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "3"
},
{
"_id": null,
"model": "software products cups",
"scope": "eq",
"trust": 0.3,
"vendor": "easy",
"version": "1.1.16"
},
{
"_id": null,
"model": "software products cups",
"scope": "eq",
"trust": 0.3,
"vendor": "easy",
"version": "1.1.19"
},
{
"_id": null,
"model": "multimedia",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"_id": null,
"model": "opensolaris build snv 92",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "rpath",
"version": "2"
},
{
"_id": null,
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "7.04"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#442845"
},
{
"db": "ZDI",
"id": "ZDI-08-067"
},
{
"db": "BID",
"id": "31688"
},
{
"db": "BID",
"id": "31681"
},
{
"db": "CNNVD",
"id": "CNNVD-200810-160"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-001826"
},
{
"db": "NVD",
"id": "CVE-2008-3641"
}
]
},
"configurations": {
"_id": null,
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:cups:cups",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:apple:mac_os_x",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:apple:mac_os_x_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:misc:miraclelinux_asianux_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:turbolinux:turbolinux_appliance_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:turbolinux:turbolinux_client",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:turbolinux:turbolinux_fuji",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:turbolinux:turbolinux_multimedia",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:turbolinux:turbolinux_personal",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:turbolinux:turbolinux_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:turbolinux:turbolinux_wizpy",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:redhat:enterprise_linux",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:redhat:enterprise_linux_desktop",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:redhat:rhel_desktop_workstation",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2008-001826"
}
]
},
"credits": {
"_id": null,
"data": "regenrecht",
"sources": [
{
"db": "ZDI",
"id": "ZDI-08-067"
}
],
"trust": 0.7
},
"cve": "CVE-2008-3641",
"cvss": {
"_id": null,
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2008-3641",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-33766",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2008-3641",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#442845",
"trust": 0.8,
"value": "20.75"
},
{
"author": "NVD",
"id": "CVE-2008-3641",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-200810-160",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-33766",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#442845"
},
{
"db": "VULHUB",
"id": "VHN-33766"
},
{
"db": "CNNVD",
"id": "CNNVD-200810-160"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-001826"
},
{
"db": "NVD",
"id": "CVE-2008-3641"
}
]
},
"description": {
"_id": null,
"data": "The Hewlett-Packard Graphics Language (HPGL) filter in CUPS before 1.3.9 allows remote attackers to execute arbitrary code via crafted pen width and pen color opcodes that overwrite arbitrary memory. A vulnerability in a common PHP extension module could allow a remote attacker to execute code on a vulnerable system. Authentication is not required to exploit this vulnerability.The specific flaw exists in the Hewlett-Packard Graphics Language filter. CUPS is prone to a remote code-execution vulnerability caused by an error in the \u0027HP-GL/2 filter. Failed exploit attempts will likely cause a denial-of-service condition. Note that local users may also exploit this vulnerability to elevate privileges. \nSuccessful remote exploits may require printer sharing to be enabled on the vulnerable system. \nThe issue affects versions prior to CUPS 1.3.9. \nNOTE: This issue was previously discussed in BID 31681 (Apple Mac OS X 2008-007 Multiple Security Vulnerabilities), but has been assigned its own record to better document the vulnerability. \nThe security update addresses a total of 11 new vulnerabilities that affect the ColorSync, CUPS, Finder, launchd, Networking, Postfix, PSNormalizer, rlogin, Script Editor, and Weblog components of Mac OS X. The advisory also contains security updates for 30 previously reported issues. An access checking bug in the HP Graphics Language (HPGL) filter could cause arbitrary memory to be overwritten with controlled data. ===========================================================\nUbuntu Security Notice USN-656-1 October 15, 2008\ncupsys vulnerabilities\nCVE-2008-1722, CVE-2008-3639, CVE-2008-3640, CVE-2008-3641\n===========================================================\n\nA security issue affects the following Ubuntu releases:\n\nUbuntu 6.06 LTS\nUbuntu 7.04\nUbuntu 7.10\nUbuntu 8.04 LTS\n\nThis advisory also applies to the corresponding versions of\nKubuntu, Edubuntu, and Xubuntu. \n\nThe problem can be corrected by upgrading your system to the\nfollowing package versions:\n\nUbuntu 6.06 LTS:\n cupsys 1.2.2-0ubuntu0.6.06.11\n\nUbuntu 7.04:\n cupsys 1.2.8-0ubuntu8.6\n\nUbuntu 7.10:\n cupsys 1.3.2-1ubuntu7.8\n\nUbuntu 8.04 LTS:\n cupsys 1.3.7-1ubuntu3.1\n\nIn general, a standard system upgrade is sufficient to effect the\nnecessary changes. \n\nDetails follow:\n\nIt was discovered that the SGI image filter in CUPS did not perform\nproper bounds checking. If a user or automated system were tricked\ninto opening a crafted SGI image, an attacker could cause a denial\nof service. (CVE-2008-3639)\n\nIt was discovered that the texttops filter in CUPS did not properly\nvalidate page metrics. If a user or automated system were tricked into\nopening a crafted text file, an attacker could cause a denial of\nservice. (CVE-2008-3640)\n\nIt was discovered that the HP-GL filter in CUPS did not properly check\nfor invalid pen parameters. If a user or automated system were tricked\ninto opening a crafted HP-GL or HP-GL/2 file, a remote attacker could\ncause a denial of service or execute arbitrary code with user\nprivileges. In Ubuntu 7.10 and 8.04 LTS, attackers would be isolated by\nthe AppArmor CUPS profile. (CVE-2008-3641)\n\nNOTE: The previous update for CUPS on Ubuntu 6.06 LTS did not have the\nthe fix for CVE-2008-1722 applied. This update includes fixes for the\nproblem. We apologize for the inconvenience. \n\n\nUpdated packages for Ubuntu 6.06 LTS:\n\n Source archives:\n\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.2-0ubuntu0.6.06.11.diff.gz\n Size/MD5: 102981 403c1494b264696702f055fc5cdcc60d\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.2-0ubuntu0.6.06.11.dsc\n Size/MD5: 1052 cc47231c220e8d0e1659cf83d9e08445\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.2.orig.tar.gz\n Size/MD5: 4070384 2c99b8aa4c8dc25c8a84f9c06aa52e3e\n\n Architecture independent packages:\n\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-gnutls10_1.2.2-0ubuntu0.6.06.11_all.deb\n Size/MD5: 994 8b094f8389b70e0153d7bbfcd23ed912\n\n amd64 architecture (Athlon64, Opteron, EM64T Xeon):\n\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.2.2-0ubuntu0.6.06.11_amd64.deb\n Size/MD5: 36226 ddea26501964356559ee3a11124acd8b\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.2.2-0ubuntu0.6.06.11_amd64.deb\n Size/MD5: 81902 670924b1b9a36db787e3b4cc6a7f1782\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.2-0ubuntu0.6.06.11_amd64.deb\n Size/MD5: 2286676 455fe7748b3ab167658bb5b42ef0363a\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.2.2-0ubuntu0.6.06.11_amd64.deb\n Size/MD5: 6086 dc0bd3799366e32503466ba4588fc4df\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.2.2-0ubuntu0.6.06.11_amd64.deb\n Size/MD5: 77226 31e781bf2c8f0f4140799b21b9d0484a\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.2.2-0ubuntu0.6.06.11_amd64.deb\n Size/MD5: 25742 6812b0831f37474b50607e4c6eb83fe5\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.2.2-0ubuntu0.6.06.11_amd64.deb\n Size/MD5: 129960 88a0b954c9f50df6aa37824b3da7041b\n\n i386 architecture (x86 compatible Intel/AMD):\n\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.2.2-0ubuntu0.6.06.11_i386.deb\n Size/MD5: 34768 d04de29dfcca09a4dc70a385e8a0766b\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.2.2-0ubuntu0.6.06.11_i386.deb\n Size/MD5: 77974 efed93511d0ee579706e5cf538378dbd\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.2-0ubuntu0.6.06.11_i386.deb\n Size/MD5: 2253974 30ac219c7cd66460df6fa2b76c147ae8\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.2.2-0ubuntu0.6.06.11_i386.deb\n Size/MD5: 6090 648459c3b58ddaf1fc646c8cd476e9f8\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.2.2-0ubuntu0.6.06.11_i386.deb\n Size/MD5: 76350 d044f4fa44a792c81bca198f44687a1e\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.2.2-0ubuntu0.6.06.11_i386.deb\n Size/MD5: 25740 4c97e6e30f95bd3c3a32c761db4f5183\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.2.2-0ubuntu0.6.06.11_i386.deb\n Size/MD5: 122178 7298a6d762d2edbe6fd107656932f32a\n\n powerpc architecture (Apple Macintosh G3/G4/G5):\n\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.2.2-0ubuntu0.6.06.11_powerpc.deb\n Size/MD5: 40468 24cf01572a6f790296c1accba097352c\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.2.2-0ubuntu0.6.06.11_powerpc.deb\n Size/MD5: 89528 0172b346d78458df1a6cd91a371b3b67\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.2-0ubuntu0.6.06.11_powerpc.deb\n Size/MD5: 2301292 f1a755a88fde554fdabbfb8081a88e52\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.2.2-0ubuntu0.6.06.11_powerpc.deb\n Size/MD5: 6098 f3e962ddc060712ed3ba78bb5625d5e4\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.2.2-0ubuntu0.6.06.11_powerpc.deb\n Size/MD5: 79004 de095980afadd9352e5d7e92600d75b5\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.2.2-0ubuntu0.6.06.11_powerpc.deb\n Size/MD5: 25744 21a4d908ae8de551cda885d4835d69c0\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.2.2-0ubuntu0.6.06.11_powerpc.deb\n Size/MD5: 127932 6e50fa3fa4185c781551e5744331f20b\n\n sparc architecture (Sun SPARC/UltraSPARC):\n\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.2.2-0ubuntu0.6.06.11_sparc.deb\n Size/MD5: 35392 ede504cfaaf1e068c68b3fa759777098\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.2.2-0ubuntu0.6.06.11_sparc.deb\n Size/MD5: 78712 49f458e339846bcc2eb9ffdc482de5be\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.2-0ubuntu0.6.06.11_sparc.deb\n Size/MD5: 2287588 864ab74a020db94ab2acc1283720a05c\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.2.2-0ubuntu0.6.06.11_sparc.deb\n Size/MD5: 6092 58c6f56f79c35af1b0ca47eaeedd7ea3\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.2.2-0ubuntu0.6.06.11_sparc.deb\n Size/MD5: 76262 759f3df1a04440d71ae6634109045bf6\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.2.2-0ubuntu0.6.06.11_sparc.deb\n Size/MD5: 25740 8bbdc7b4842df909bdfb95b96fd9f884\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.2.2-0ubuntu0.6.06.11_sparc.deb\n Size/MD5: 123662 4c4f4a4faae61a0c3901c63fe58bbf26\n\nUpdated packages for Ubuntu 7.04:\n\n Source archives:\n\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.8-0ubuntu8.6.diff.gz\n Size/MD5: 160216 80696d47933857b9665da1492f9a801b\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.8-0ubuntu8.6.dsc\n Size/MD5: 1143 0dbd641692767f4e2e5b7f390c412a9f\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.8.orig.tar.gz\n Size/MD5: 4293194 107affe95fcf1cd4aaed4a5c73f4b91f\n\n Architecture independent packages:\n\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-common_1.2.8-0ubuntu8.6_all.deb\n Size/MD5: 926804 41e6c60357740e668198976afcce6bd1\n\n amd64 architecture (Athlon64, Opteron, EM64T Xeon):\n\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.2.8-0ubuntu8.6_amd64.deb\n Size/MD5: 37404 2d7cb4cb3bfeeeb5af3db756f1a0a5be\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.2.8-0ubuntu8.6_amd64.deb\n Size/MD5: 83230 361cd5ffca4125245798312c3a9c7eaa\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.8-0ubuntu8.6_amd64.deb\n Size/MD5: 1638902 a502a4f981385dcba50ed5b6fc8fe969\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.2.8-0ubuntu8.6_amd64.deb\n Size/MD5: 56598 a9f413ff725abe42af63312ea6e826e7\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.2.8-0ubuntu8.6_amd64.deb\n Size/MD5: 104860 7bfc0e70546baa2c98421a9dd7a373e6\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.2.8-0ubuntu8.6_amd64.deb\n Size/MD5: 144852 9d30fa04e2aa415fb126188aa4d32349\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.2.8-0ubuntu8.6_amd64.deb\n Size/MD5: 182728 0ed6d4f8c813e2c36bcaa7b7ca98ccad\n\n i386 architecture (x86 compatible Intel/AMD):\n\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.2.8-0ubuntu8.6_i386.deb\n Size/MD5: 36712 014d51e184b4435a28c1e820455fb0a1\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.2.8-0ubuntu8.6_i386.deb\n Size/MD5: 80752 4d29ca2e6d3de00e3a10c55c677c8cd6\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.8-0ubuntu8.6_i386.deb\n Size/MD5: 1621450 551c9d7c9836efe7a927a609699976ad\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.2.8-0ubuntu8.6_i386.deb\n Size/MD5: 55720 b70e3b3a1c86aa782a42fcf1a40ff197\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.2.8-0ubuntu8.6_i386.deb\n Size/MD5: 104592 ececfa4f50e077d5049116a47cc44965\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.2.8-0ubuntu8.6_i386.deb\n Size/MD5: 139320 b5c4606316c175feac7dd9a8f78acc56\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.2.8-0ubuntu8.6_i386.deb\n Size/MD5: 179030 b2bb50b90caac66408739e67ecc9fdb5\n\n powerpc architecture (Apple Macintosh G3/G4/G5):\n\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.2.8-0ubuntu8.6_powerpc.deb\n Size/MD5: 46766 ad2b053736a2165b39f1749b7e3409e0\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.2.8-0ubuntu8.6_powerpc.deb\n Size/MD5: 101094 bea4c45325710b1e2d5e67dceb7853bb\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.8-0ubuntu8.6_powerpc.deb\n Size/MD5: 1696124 7e3469aa52e2de4e93352e44f7623305\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.2.8-0ubuntu8.6_powerpc.deb\n Size/MD5: 56398 47755a89a609e4401d70f6adcfcfb9a5\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.2.8-0ubuntu8.6_powerpc.deb\n Size/MD5: 110478 94a5f78770c410fce9a0c88a187fe9c4\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.2.8-0ubuntu8.6_powerpc.deb\n Size/MD5: 141178 69f22a6730b291c9df2b0541c07223d6\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.2.8-0ubuntu8.6_powerpc.deb\n Size/MD5: 188650 634498a8eb5ab4c75eab74e1655234b1\n\n sparc architecture (Sun SPARC/UltraSPARC):\n\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.2.8-0ubuntu8.6_sparc.deb\n Size/MD5: 37778 cde58d9fa7d256698ef6ba128b16a799\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.2.8-0ubuntu8.6_sparc.deb\n Size/MD5: 83740 072c6f65496619d5808c542d3a2ebe97\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.8-0ubuntu8.6_sparc.deb\n Size/MD5: 1659626 a5b6c19a436e9737af44cbaee93d093c\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.2.8-0ubuntu8.6_sparc.deb\n Size/MD5: 54928 5a8347021b82084600e0d08971cb41a3\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.2.8-0ubuntu8.6_sparc.deb\n Size/MD5: 104156 ca7b062c097aa7f92a9085615fc3e828\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.2.8-0ubuntu8.6_sparc.deb\n Size/MD5: 141756 299acfe9e1964d21e7ba2fc3a390ded8\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.2.8-0ubuntu8.6_sparc.deb\n Size/MD5: 178292 02e3059c98fb42cb83173e0b3a08d469\n\nUpdated packages for Ubuntu 7.10:\n\n Source archives:\n\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.3.2-1ubuntu7.8.diff.gz\n Size/MD5: 128977 cc7a79b80d0cc2caa8f9c5aea2f9397b\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.3.2-1ubuntu7.8.dsc\n Size/MD5: 1218 4f603d11b93e600bd82009983bc88580\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.3.2.orig.tar.gz\n Size/MD5: 4848424 9e3e1dee4d872fdff0682041198d3d73\n\n Architecture independent packages:\n\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-common_1.3.2-1ubuntu7.8_all.deb\n Size/MD5: 1080404 6419c157fd22fcfb2e1563ccced2fcae\n\n amd64 architecture (Athlon64, Opteron, EM64T Xeon):\n\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.3.2-1ubuntu7.8_amd64.deb\n Size/MD5: 37204 88b05a4cbb9f5714951edade3dd0609b\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.3.2-1ubuntu7.8_amd64.deb\n Size/MD5: 89506 cb352043a1985e24614dc27ffa5ded01\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.3.2-1ubuntu7.8_amd64.deb\n Size/MD5: 2034890 3a2c4daded2923691da8fe3f60d93f3e\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.3.2-1ubuntu7.8_amd64.deb\n Size/MD5: 60020 5007c193bb8416754a9d7e7ad09c4808\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.3.2-1ubuntu7.8_amd64.deb\n Size/MD5: 46884 9a2fd628887a01cc2fcb49131ec8ed0f\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.3.2-1ubuntu7.8_amd64.deb\n Size/MD5: 152014 7a9debd353faa26803f0e8707a97697a\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.3.2-1ubuntu7.8_amd64.deb\n Size/MD5: 186418 13e510e27e1025732d203a933ded8ade\n\n i386 architecture (x86 compatible Intel/AMD):\n\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.3.2-1ubuntu7.8_i386.deb\n Size/MD5: 36486 05cb382029ccb2285530af9de662b686\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.3.2-1ubuntu7.8_i386.deb\n Size/MD5: 86494 80b08f6080ed3c46e4fc954da05d9e6d\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.3.2-1ubuntu7.8_i386.deb\n Size/MD5: 2018384 16b0a7b694a38e4616fce6415116a7e9\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.3.2-1ubuntu7.8_i386.deb\n Size/MD5: 58882 8572d274d06e1a650d2d5199ea5dcf6f\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.3.2-1ubuntu7.8_i386.deb\n Size/MD5: 46280 158a4aef965ef1c697c5c7aef53f9e90\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.3.2-1ubuntu7.8_i386.deb\n Size/MD5: 145692 36b5af34074b13e44e2d2ae5f76fa6fc\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.3.2-1ubuntu7.8_i386.deb\n Size/MD5: 183190 fe12de8de5a779538844e2aecd5ccedb\n\n lpia architecture (Low Power Intel Architecture):\n\n http://ports.ubuntu.com/pool/main/c/cupsys/cupsys-bsd_1.3.2-1ubuntu7.8_lpia.deb\n Size/MD5: 36570 f73b632b59630a2727e45be083730c23\n http://ports.ubuntu.com/pool/main/c/cupsys/cupsys-client_1.3.2-1ubuntu7.8_lpia.deb\n Size/MD5: 88054 07cfc2fdf8615471278b10550f713a3e\n http://ports.ubuntu.com/pool/main/c/cupsys/cupsys_1.3.2-1ubuntu7.8_lpia.deb\n Size/MD5: 2020696 d97dab5d5a099884f7bca77dd118233a\n http://ports.ubuntu.com/pool/main/c/cupsys/libcupsimage2-dev_1.3.2-1ubuntu7.8_lpia.deb\n Size/MD5: 59624 d582e3100eaf68e9b10585ca6ce0a078\n http://ports.ubuntu.com/pool/main/c/cupsys/libcupsimage2_1.3.2-1ubuntu7.8_lpia.deb\n Size/MD5: 47662 a2e2c5cc101d720249efd108b1a724ca\n http://ports.ubuntu.com/pool/main/c/cupsys/libcupsys2-dev_1.3.2-1ubuntu7.8_lpia.deb\n Size/MD5: 142426 8e91390ca3bb0bd98ab7a43017e38a90\n http://ports.ubuntu.com/pool/main/c/cupsys/libcupsys2_1.3.2-1ubuntu7.8_lpia.deb\n Size/MD5: 181382 0806d0e1be2fdb48b873ea977107b759\n\n powerpc architecture (Apple Macintosh G3/G4/G5):\n\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.3.2-1ubuntu7.8_powerpc.deb\n Size/MD5: 46502 1f2a7db4dd6dfc7910a9c84f28425537\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.3.2-1ubuntu7.8_powerpc.deb\n Size/MD5: 107736 9a34baee6e8356d911d637e52fcb0747\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.3.2-1ubuntu7.8_powerpc.deb\n Size/MD5: 2099614 b0f8237ccff1e54e070645e79e085794\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.3.2-1ubuntu7.8_powerpc.deb\n Size/MD5: 59494 c3c1a6f415dacee7b5f0e63e0f83ca6c\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.3.2-1ubuntu7.8_powerpc.deb\n Size/MD5: 51856 91fcaca5686ce2070e654699b60514f4\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.3.2-1ubuntu7.8_powerpc.deb\n Size/MD5: 146952 205fedd96bd614314b2e9ecb18e78f53\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.3.2-1ubuntu7.8_powerpc.deb\n Size/MD5: 192204 0033c62b251a505fb7d80b5b8c96f6b6\n\n sparc architecture (Sun SPARC/UltraSPARC):\n\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.3.2-1ubuntu7.8_sparc.deb\n Size/MD5: 37558 f568ceabe0e419d263b75a5c852eb10a\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.3.2-1ubuntu7.8_sparc.deb\n Size/MD5: 89606 d916d0d9478082000a0f698347613387\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.3.2-1ubuntu7.8_sparc.deb\n Size/MD5: 2061026 a1b9da985d3d0211790f170443e74ac9\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.3.2-1ubuntu7.8_sparc.deb\n Size/MD5: 58098 dc5d816068b451c8926dd06a25e1715b\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.3.2-1ubuntu7.8_sparc.deb\n Size/MD5: 45572 9976f70a905893735ee445cca7ecda7f\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.3.2-1ubuntu7.8_sparc.deb\n Size/MD5: 148486 48954d641e131708913530887d28c064\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.3.2-1ubuntu7.8_sparc.deb\n Size/MD5: 182218 074755797d588b92f7030c0a9562cb67\n\nUpdated packages for Ubuntu 8.04 LTS:\n\n Source archives:\n\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.3.7-1ubuntu3.1.diff.gz\n Size/MD5: 133549 8146f7a668701caad4379707ccedf538\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.3.7-1ubuntu3.1.dsc\n Size/MD5: 1433 de3ffa5e20bdbc0bd61cf543cc2d351f\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.3.7.orig.tar.gz\n Size/MD5: 4700333 383e556d9841475847da6076c88da467\n\n Architecture independent packages:\n\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-common_1.3.7-1ubuntu3.1_all.deb\n Size/MD5: 1143834 7230e79bb0d6a1435f3ce0de114e1ad3\n\n amd64 architecture (Athlon64, Opteron, EM64T Xeon):\n\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.3.7-1ubuntu3.1_amd64.deb\n Size/MD5: 37530 0362fc9c1260486e4d1dcccca8dc60a3\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.3.7-1ubuntu3.1_amd64.deb\n Size/MD5: 89982 9a1ac844025f66fb85357e1807256331\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.3.7-1ubuntu3.1_amd64.deb\n Size/MD5: 1880646 233fbeadff826a6b6f22347559fe8bf5\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.3.7-1ubuntu3.1_amd64.deb\n Size/MD5: 60892 98a65443be4d97fb1de2f8580dd67e40\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.3.7-1ubuntu3.1_amd64.deb\n Size/MD5: 50356 89ca2e97385912ebf2ffe8a0871610d5\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.3.7-1ubuntu3.1_amd64.deb\n Size/MD5: 344926 631f297ea0a13321c61ee211d65fceab\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.3.7-1ubuntu3.1_amd64.deb\n Size/MD5: 177500 8dd137567dbc9644bda3b0a799cb2f6a\n\n i386 architecture (x86 compatible Intel/AMD):\n\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.3.7-1ubuntu3.1_i386.deb\n Size/MD5: 36952 deba752b21bdf04393626cf35ebb79eb\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.3.7-1ubuntu3.1_i386.deb\n Size/MD5: 88408 2e76b5856bde6afe82da9a6b03a98026\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.3.7-1ubuntu3.1_i386.deb\n Size/MD5: 1862954 aaa0817cb6b67729276e799275ad3346\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.3.7-1ubuntu3.1_i386.deb\n Size/MD5: 60090 b37d935af9661002730cd5cb2b3f11d3\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.3.7-1ubuntu3.1_i386.deb\n Size/MD5: 49838 a1d85e18616340eed3778b5286890c08\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.3.7-1ubuntu3.1_i386.deb\n Size/MD5: 339344 f3d29993795e7172667356c8d255f296\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.3.7-1ubuntu3.1_i386.deb\n Size/MD5: 174354 b1d7b741729749c6a3249fbcd0babe56\n\n lpia architecture (Low Power Intel Architecture):\n\n http://ports.ubuntu.com/pool/main/c/cupsys/cupsys-bsd_1.3.7-1ubuntu3.1_lpia.deb\n Size/MD5: 36676 c46beddd8f227e1ee0b1c9a80d41b19a\n http://ports.ubuntu.com/pool/main/c/cupsys/cupsys-client_1.3.7-1ubuntu3.1_lpia.deb\n Size/MD5: 88734 c8b70c2665734c45caa22ae41f60b486\n http://ports.ubuntu.com/pool/main/c/cupsys/cupsys_1.3.7-1ubuntu3.1_lpia.deb\n Size/MD5: 1865262 27de39c2fbe2471f11b7756b5bc02cc3\n http://ports.ubuntu.com/pool/main/c/cupsys/libcupsimage2-dev_1.3.7-1ubuntu3.1_lpia.deb\n Size/MD5: 60540 b54c6711e74c55777f0e509f642c42f0\n http://ports.ubuntu.com/pool/main/c/cupsys/libcupsimage2_1.3.7-1ubuntu3.1_lpia.deb\n Size/MD5: 50860 64989632d1f49f5d25209bb9a68809d5\n http://ports.ubuntu.com/pool/main/c/cupsys/libcupsys2-dev_1.3.7-1ubuntu3.1_lpia.deb\n Size/MD5: 337020 ca60ea21ad93aca447e1ae04e0ad818f\n http://ports.ubuntu.com/pool/main/c/cupsys/libcupsys2_1.3.7-1ubuntu3.1_lpia.deb\n Size/MD5: 173276 6e0af5026f452171993817fbd6e6b4e7\n\n powerpc architecture (Apple Macintosh G3/G4/G5):\n\n http://ports.ubuntu.com/pool/main/c/cupsys/cupsys-bsd_1.3.7-1ubuntu3.1_powerpc.deb\n Size/MD5: 46932 d8e051bd4e95f28090036d7087437127\n http://ports.ubuntu.com/pool/main/c/cupsys/cupsys-client_1.3.7-1ubuntu3.1_powerpc.deb\n Size/MD5: 110808 44e0741ccd8b9edab092b835c6831aca\n http://ports.ubuntu.com/pool/main/c/cupsys/cupsys_1.3.7-1ubuntu3.1_powerpc.deb\n Size/MD5: 1949134 0facca356ce9e5ffdacffde23d0713e3\n http://ports.ubuntu.com/pool/main/c/cupsys/libcupsimage2-dev_1.3.7-1ubuntu3.1_powerpc.deb\n Size/MD5: 59924 367a29bd4545906374eb27c511d33658\n http://ports.ubuntu.com/pool/main/c/cupsys/libcupsimage2_1.3.7-1ubuntu3.1_powerpc.deb\n Size/MD5: 54940 d762741ddd48f75e0e54ffd0efc45645\n http://ports.ubuntu.com/pool/main/c/cupsys/libcupsys2-dev_1.3.7-1ubuntu3.1_powerpc.deb\n Size/MD5: 341670 0958081b22a680ccf1f30abc36c06054\n http://ports.ubuntu.com/pool/main/c/cupsys/libcupsys2_1.3.7-1ubuntu3.1_powerpc.deb\n Size/MD5: 183238 e303094f36fcc1af0ac40321411bd90a\n\n sparc architecture (Sun SPARC/UltraSPARC):\n\n http://ports.ubuntu.com/pool/main/c/cupsys/cupsys-bsd_1.3.7-1ubuntu3.1_sparc.deb\n Size/MD5: 38028 a8ee904a732a7392314b9b4f2faf5557\n http://ports.ubuntu.com/pool/main/c/cupsys/cupsys-client_1.3.7-1ubuntu3.1_sparc.deb\n Size/MD5: 91034 832edccd7ed2eec51759bbcce97536b1\n http://ports.ubuntu.com/pool/main/c/cupsys/cupsys_1.3.7-1ubuntu3.1_sparc.deb\n Size/MD5: 1897904 31192c6d2b5a6dca4eaf065c541795fc\n http://ports.ubuntu.com/pool/main/c/cupsys/libcupsimage2-dev_1.3.7-1ubuntu3.1_sparc.deb\n Size/MD5: 57856 398dadf7e1ee5075e4d3e2a4766b4580\n http://ports.ubuntu.com/pool/main/c/cupsys/libcupsimage2_1.3.7-1ubuntu3.1_sparc.deb\n Size/MD5: 48242 cc45265b41fd932d084a6bce9888e67f\n http://ports.ubuntu.com/pool/main/c/cupsys/libcupsys2-dev_1.3.7-1ubuntu3.1_sparc.deb\n Size/MD5: 341388 9411fb065604b882530faf47a0a85d4e\n http://ports.ubuntu.com/pool/main/c/cupsys/libcupsys2_1.3.7-1ubuntu3.1_sparc.deb\n Size/MD5: 173184 4a5e9e3508932262eefe3b08f94019d0\n\n\n. ZDI-08-067: Apple CUPS 1.3.7 (HP-GL/2 filter) Remote Code Execution \nVulnerability\nhttp://www.zerodayinitiative.com/advisories/ZDI-08-067\nOctober 9, 2008\n\n-- CVE ID:\nCVE-2008-3641\n\n-- Affected Vendors:\nApple\n\n-- Affected Products:\nApple OS X\n\n-- TippingPoint(TM) IPS Customer Protection:\nTippingPoint IPS customers have been protected against this\nvulnerability by Digital Vaccine protection filter ID 6325. \n\n-- Vendor Response:\nApple has issued an update to correct this vulnerability. More\ndetails can be found at:\n\nhttp://support.apple.com/kb/HT3216\n\n-- Disclosure Timeline:\n2008-08-19 - Vulnerability reported to vendor\n2008-10-09 - Coordinated public release of advisory\n\n-- Credit:\nThis vulnerability was discovered by:\n * regenrecht\n\n-- About the Zero Day Initiative (ZDI):\nEstablished by TippingPoint, The Zero Day Initiative (ZDI) represents \na best-of-breed model for rewarding security researchers for responsibly\ndisclosing discovered vulnerabilities. \n\nResearchers interested in getting paid for their security research\nthrough the ZDI can find more information and sign-up at:\n\n http://www.zerodayinitiative.com\n\nThe ZDI is unique in how the acquired vulnerability information is\nused. TippingPoint does not re-sell the vulnerability details or any\nexploit code. Instead, upon notifying the affected product vendor,\nTippingPoint provides its customers with zero day protection through\nits intrusion prevention technology. Explicit details regarding the\nspecifics of the vulnerability are not exposed to any parties until\nan official vendor patch is publicly available. Furthermore, with the\naltruistic aim of helping to secure a broader user base, TippingPoint\nprovides this vulnerability information confidentially to security\nvendors (including competitors) who have a vulnerability protection or\nmitigation product. \n\nOur vulnerability disclosure policy is available online at:\n\n http://www.zerodayinitiative.com/advisories/disclosure_policy/\n\nCONFIDENTIALITY NOTICE: This e-mail message, including any attachments,\nis being sent by 3Com for the sole use of the intended recipient(s) and\nmay contain confidential, proprietary and/or privileged information. \nAny unauthorized review, use, disclosure and/or distribution by any \nrecipient is prohibited. If you are not the intended recipient, please\ndelete and/or destroy all copies of this message regardless of form and\nany included attachments and notify 3Com immediately by contacting the\nsender via reply e-mail or forwarding to 3Com at postmaster@3com.com. \n\n----------------------------------------------------------------------\n\nBist Du interessiert an einem neuen Job in IT-Sicherheit?\n\n\nSecunia hat zwei freie Stellen als Junior und Senior Spezialist in IT-\nSicherheit:\nhttp://secunia.com/secunia_vacancies/\n\n----------------------------------------------------------------------\n\nTITLE:\nNucleus XML-RPC PHP Code Execution Vulnerability\n\nSECUNIA ADVISORY ID:\nSA15895\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/15895/\n\nCRITICAL:\nHighly critical\n\nIMPACT:\nSystem access\n\nWHERE:\n\u003eFrom remote\n\nSOFTWARE:\nNucleus 3.x\nhttp://secunia.com/product/3699/\n\nDESCRIPTION:\nA vulnerability has been reported in Nucleus, which can be exploited\nby malicious people to compromise a vulnerable system. \nhttp://sourceforge.net/project/showfiles.php?group_id=66479\n\nOTHER REFERENCES:\nSA15852:\nhttp://secunia.com/advisories/15852/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n. \n\nCVE-2008-3640\n\n It was discovered that an integer overflow in the Postscript\n conversion tool \"texttops\" may lead to the execution of arbitrary\n code. \n\nFor the stable distribution (etch), these problems have been fixed in\nversion 1.2.7-4etch5. \n\nFor the unstable distribution (sid) and the upcoming stable distribution\n(lenny), these problems have been fixed in version 1.3.8-1lenny2 of\nthe source package cups. \n\nWe recommend that you upgrade your cupsys package. \n\nUpgrade instructions\n- --------------------\n\nwget url\n will fetch the file for you\ndpkg -i file.deb\n will install the referenced file. \n\nIf you are using the apt-get package manager, use the line for\nsources.list as given below:\n\napt-get update\n will update the internal database\napt-get upgrade\n will install corrected packages\n\nYou may use an automated update by adding the resources from the\nfooter to the proper configuration. \n\n\nDebian GNU/Linux 4.0 alias etch\n- -------------------------------\n\nStable updates are available for alpha, amd64, arm, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc. \n\nSource archives:\n\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7.orig.tar.gz\n Size/MD5 checksum: 4214272 c9ba33356e5bb93efbcf77b6e142e498\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4etch5.diff.gz\n Size/MD5 checksum: 108662 eab5aa097eaf3e802b4c6f1c60da9a03\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4etch5.dsc\n Size/MD5 checksum: 1084 5fc7ea9d5c6434a9f2a45e3d7652b0fe\n\nArchitecture independent packages:\n\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys-common_1.2.7-4etch5_all.deb\n Size/MD5 checksum: 893832 0e7571a4a56cef8f099ba9300ed7330d\n http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-gnutls10_1.2.7-4etch5_all.deb\n Size/MD5 checksum: 46072 63a75f9fe31312a42725a786164f7762\n\nalpha architecture (DEC Alpha)\n\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4etch5_alpha.deb\n Size/MD5 checksum: 39310 8dad5588b86a4e1191025015d8e0c5be\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4etch5_alpha.deb\n Size/MD5 checksum: 1092376 35c1cd14d3f26fefafbebf1a76983740\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4etch5_alpha.deb\n Size/MD5 checksum: 85906 1d07dcf128e7b78992560b2794be29d4\n http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4etch5_alpha.deb\n Size/MD5 checksum: 183726 06377f48f1ee358c494f30f9ab213e6b\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4etch5_alpha.deb\n Size/MD5 checksum: 1614540 e87b439635e9b7f7c1fa1c6db2f7291c\n http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4etch5_alpha.deb\n Size/MD5 checksum: 95570 8638b199a8adb989254cbe88ab11bb7d\n http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4etch5_alpha.deb\n Size/MD5 checksum: 175262 08dbbe7e941af9c28f39107f907c618a\n http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4etch5_alpha.deb\n Size/MD5 checksum: 72690 1c099120f9fdcb334d8699b6238c0883\n\namd64 architecture (AMD x86_64 (AMD64))\n\n http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4etch5_amd64.deb\n Size/MD5 checksum: 142538 4f9183a690ac21a220771db117b1bcea\n http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4etch5_amd64.deb\n Size/MD5 checksum: 162520 f04bafe61b0e06d21b67441916a4df2a\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4etch5_amd64.deb\n Size/MD5 checksum: 36356 eea9b0c14ac248313264474f4a103478\n http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4etch5_amd64.deb\n Size/MD5 checksum: 53022 f864e06d82bd0769e7c73d20aa6c3366\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4etch5_amd64.deb\n Size/MD5 checksum: 80708 9e8a7d08f6762753005bc2ac7ac04db7\n http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4etch5_amd64.deb\n Size/MD5 checksum: 86264 3784680669a08745d6c766213e3d60f3\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4etch5_amd64.deb\n Size/MD5 checksum: 1576062 c5f275763d3cd0bec5e448965780ea0b\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4etch5_amd64.deb\n Size/MD5 checksum: 1088040 106654a5c5a746e5bd1043ca4309deae\n\narm architecture (ARM)\n\n http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4etch5_arm.deb\n Size/MD5 checksum: 132042 b1da3e68e04c68712a7f2ecebbea59d3\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4etch5_arm.deb\n Size/MD5 checksum: 1026238 e776ce47912d97de7758029cddf18c41\n http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4etch5_arm.deb\n Size/MD5 checksum: 155174 2203ae0043e540bb4c083c3f302294a9\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4etch5_arm.deb\n Size/MD5 checksum: 78908 a60d8486ab41fe7064d84fdf1c057ce5\n http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4etch5_arm.deb\n Size/MD5 checksum: 48742 9c6f61fb9c5af3f1496c249eb79542ce\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4etch5_arm.deb\n Size/MD5 checksum: 1569620 943fdc257cdf387c1a161adff88623bd\n http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4etch5_arm.deb\n Size/MD5 checksum: 85468 3e9d699071d741d86c5e2fbcc91a5241\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4etch5_arm.deb\n Size/MD5 checksum: 35940 0bb609f5c990c932c0fed843bb659062\n\nhppa architecture (HP PA RISC)\n\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4etch5_hppa.deb\n Size/MD5 checksum: 84800 df6569c3eaad919b7f7768a75277838f\n http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4etch5_hppa.deb\n Size/MD5 checksum: 91988 08040e0dcc8cc99298d40aa370be50cc\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4etch5_hppa.deb\n Size/MD5 checksum: 1624214 e5d55a0aeacee0d85d7899018725b3d3\n http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4etch5_hppa.deb\n Size/MD5 checksum: 153956 e11bfd3cb812f0892238a676a3453967\n http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4etch5_hppa.deb\n Size/MD5 checksum: 171790 5b483d2f739ed456d94cf28047b2b2f5\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4etch5_hppa.deb\n Size/MD5 checksum: 39548 181a14e58af274287bf02f8a758b70b5\n http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4etch5_hppa.deb\n Size/MD5 checksum: 57398 715a6f4bb1b68b8a384a85ac384de668\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4etch5_hppa.deb\n Size/MD5 checksum: 1032836 e1d9158ff6134678b976331566db0076\n\ni386 architecture (Intel ia32)\n\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4etch5_i386.deb\n Size/MD5 checksum: 999302 2ccf6ae0ef6f3d3dd56e484ba2199313\n http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4etch5_i386.deb\n Size/MD5 checksum: 160638 f22f7da23cd3dea82d49cc9900d62512\n http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4etch5_i386.deb\n Size/MD5 checksum: 138276 392028f61da2c29dcab1ffe3b4fe072f\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4etch5_i386.deb\n Size/MD5 checksum: 1548856 e1e04e47f556586eb83aff005d4870d2\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4etch5_i386.deb\n Size/MD5 checksum: 36474 9bea3cd926f04da508b6a714f0a1daac\n http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4etch5_i386.deb\n Size/MD5 checksum: 86776 f3188eafaa1bd01a7b92d9403aab03a1\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4etch5_i386.deb\n Size/MD5 checksum: 79878 ba1ed2b707101da54b3990b33ee1d877\n http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4etch5_i386.deb\n Size/MD5 checksum: 53276 346cdebc7980089b28610ceb30f65519\n\nia64 architecture (Intel ia64)\n\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4etch5_ia64.deb\n Size/MD5 checksum: 106226 829b2e5f435c8fb5eee03513654ee12f\n http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4etch5_ia64.deb\n Size/MD5 checksum: 106998 08fcec24b8c165542d986a1fd174ddd3\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4etch5_ia64.deb\n Size/MD5 checksum: 46336 32d29b5c2986070f5d5b909864952dc3\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4etch5_ia64.deb\n Size/MD5 checksum: 1771030 e7b261b4627ee20a3083a4f18a382e24\n http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4etch5_ia64.deb\n Size/MD5 checksum: 192370 576e218a37e677170e9201946f24da5a\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4etch5_ia64.deb\n Size/MD5 checksum: 1108310 bdee8fbcfd10ba2847ab81ced8e9cc73\n http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4etch5_ia64.deb\n Size/MD5 checksum: 204232 d5eb2138a8584813643dfe4e39d2fefb\n http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4etch5_ia64.deb\n Size/MD5 checksum: 74224 846a87584f78285569aee9c037b677d9\n\nmipsel architecture (MIPS (Little Endian))\n\n http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4etch5_mipsel.deb\n Size/MD5 checksum: 158560 74bc73b9eb3c7494ce762f7beb9ab4cd\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4etch5_mipsel.deb\n Size/MD5 checksum: 1553460 cd35f3de34290840be09b1b10729d7b3\n http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4etch5_mipsel.deb\n Size/MD5 checksum: 150900 150e5405933cef2a8cf9147d88c9a4fb\n http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4etch5_mipsel.deb\n Size/MD5 checksum: 57860 2b7cdd4399e2893d2df0b5568d766239\n http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4etch5_mipsel.deb\n Size/MD5 checksum: 86996 d4776eace76cb37f72557a44d053a677\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4etch5_mipsel.deb\n Size/MD5 checksum: 1085494 429194a44228d669ecfa2acdeadf55e6\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4etch5_mipsel.deb\n Size/MD5 checksum: 36058 f28b3f705fd293fc82a256d571119452\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4etch5_mipsel.deb\n Size/MD5 checksum: 77448 4a9be71b3fc25253b1e77c2594e7f508\n\npowerpc architecture (PowerPC)\n\n http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4etch5_powerpc.deb\n Size/MD5 checksum: 51880 d1b872415002b54aba1ef54833cd5564\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4etch5_powerpc.deb\n Size/MD5 checksum: 90008 fe2be6aba034693532a01b653781f501\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4etch5_powerpc.deb\n Size/MD5 checksum: 1576600 d954a84710f9671d34eca72922f8d1d8\n http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4etch5_powerpc.deb\n Size/MD5 checksum: 136868 ee633edb72a9d6d74481d9fe17d887d5\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4etch5_powerpc.deb\n Size/MD5 checksum: 1143388 320529a907596704df487d89978e1948\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4etch5_powerpc.deb\n Size/MD5 checksum: 41296 8e0fed6ae1645411f4daa52842ead589\n http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4etch5_powerpc.deb\n Size/MD5 checksum: 163206 d0fc59550e27b346adb422e4d82cecaf\n http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4etch5_powerpc.deb\n Size/MD5 checksum: 88476 dfe47fbfeef0a714d6397ec9467165af\n\ns390 architecture (IBM S/390)\n\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4etch5_s390.deb\n Size/MD5 checksum: 1037260 a151e36916ffd7eae88e6b82cc0c08d7\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4etch5_s390.deb\n Size/MD5 checksum: 37420 b095022e25c603ee57748795c4ec423b\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4etch5_s390.deb\n Size/MD5 checksum: 82338 3417e5562b6aa064ab5d3d11f15a69fb\n http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4etch5_s390.deb\n Size/MD5 checksum: 87928 6eea10e5b223fbd5f5a8d524bb03ab8e\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4etch5_s390.deb\n Size/MD5 checksum: 1587330 8b66abd7e3156f3beeaa27fbd971cbde\n http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4etch5_s390.deb\n Size/MD5 checksum: 166710 10f172f4c48ab9981d7c48564a2142a4\n http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4etch5_s390.deb\n Size/MD5 checksum: 144932 3955c00c6293f7aec0a7cb9edb28a16d\n http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4etch5_s390.deb\n Size/MD5 checksum: 52524 b4e639621d58f91a8ec32043534c008f\n\nsparc architecture (Sun SPARC/UltraSPARC)\n\n http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4etch5_sparc.deb\n Size/MD5 checksum: 51826 8e3613f9041774f1dd42586782780fb5\n http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4etch5_sparc.deb\n Size/MD5 checksum: 159434 d2352f19b51feab43fc17b5e3f17bb2b\n http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4etch5_sparc.deb\n Size/MD5 checksum: 138734 8b53d144485267cb99ec8a32262446e8\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4etch5_sparc.deb\n Size/MD5 checksum: 1577758 748b77d9e54a363d46cd61548e72df7c\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4etch5_sparc.deb\n Size/MD5 checksum: 996834 0ad8037cbb3959581a0aeb29eb84a853\n http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4etch5_sparc.deb\n Size/MD5 checksum: 85790 16bf4ce2378a68fc9b0ce4052e463e5d\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4etch5_sparc.deb\n Size/MD5 checksum: 36062 426fe5dbac939828393d99e561abf0e3\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4etch5_sparc.deb\n Size/MD5 checksum: 78608 f469105c5d9f121c333d5e4ac315c7be\n\n\n These files will probably be moved into the stable distribution on\n its next update. \n\n- ---------------------------------------------------------------------------------\nFor apt-get: deb http://security.debian.org/ stable/updates main\nFor dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main\nMailing list: debian-security-announce@lists.debian.org\nPackage info: `apt-cache show \u003cpkg\u003e\u0027 and http://packages.debian.org/\u003cpkg\u003e\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.9 (GNU/Linux)\n\niEYEARECAAYFAkj8vewACgkQXm3vHE4uylo3VQCfe5/oLteemHII7TUL80ybcnZd\nREIAn1hdR3STx867KCMafAi58O1fia05\n=T/kw\n-----END PGP SIGNATURE-----\n. \n-----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n _______________________________________________________________________\n\n Mandriva Linux Security Advisory MDVSA-2008:211\n http://www.mandriva.com/security/\n _______________________________________________________________________\n\n Package : cups\n Date : October 10, 2008\n Affected: 2007.1, 2008.0, 2008.1, 2009.0, Corporate 3.0, Corporate 4.0\n _______________________________________________________________________\n\n Problem Description:\n\n A buffer overflow in the SGI image format decoding routines used by the\n CUPS image converting filter imagetops was discovered. \n \n An integer overflow flaw leading to a heap buffer overflow was found\n in the Text-to-PostScript texttops filter. \n \n Finally, an insufficient buffer bounds checking flaw was found in\n the HP-GL/2-to-PostScript hpgltops filter. \n \n The updated packages have been patched to prevent this issue; for\n Mandriva Linux 2009.0 the latest CUPS version (1.3.9) is provided\n that corrects these issues and also provides other bug fixes. \n _______________________________________________________________________\n\n References:\n\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3639\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3640\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3641\n _______________________________________________________________________\n\n Updated Packages:\n\n Mandriva Linux 2007.1:\n d8041b477aac8897e465fd7885c4f046 2007.1/i586/cups-1.2.10-2.8mdv2007.1.i586.rpm\n 85169e175683eee33f38c3dc6dca555d 2007.1/i586/cups-common-1.2.10-2.8mdv2007.1.i586.rpm\n 3838db5f9b5313587335232f4bdfadb7 2007.1/i586/cups-serial-1.2.10-2.8mdv2007.1.i586.rpm\n 4dac70286d0aaa55d0c585c4e485f4d6 2007.1/i586/libcups2-1.2.10-2.8mdv2007.1.i586.rpm\n 2647b541d7a80ea194d6cc4983342e14 2007.1/i586/libcups2-devel-1.2.10-2.8mdv2007.1.i586.rpm\n 5bf9cba238150a77016869b2b600e0bd 2007.1/i586/php-cups-1.2.10-2.8mdv2007.1.i586.rpm \n 3762b10d3a6b962ec6932856d635a119 2007.1/SRPMS/cups-1.2.10-2.8mdv2007.1.src.rpm\n\n Mandriva Linux 2007.1/X86_64:\n 27098b09dc01c70600c55572cb928422 2007.1/x86_64/cups-1.2.10-2.8mdv2007.1.x86_64.rpm\n fbd01859759af3a2e32244cfff7aaa33 2007.1/x86_64/cups-common-1.2.10-2.8mdv2007.1.x86_64.rpm\n 4197004f7a59cc90d8d51f8ff34e2997 2007.1/x86_64/cups-serial-1.2.10-2.8mdv2007.1.x86_64.rpm\n 6cc45d922f07d379db0de2e08eb1589e 2007.1/x86_64/lib64cups2-1.2.10-2.8mdv2007.1.x86_64.rpm\n d7443db8a26f27b41c32c95dee129437 2007.1/x86_64/lib64cups2-devel-1.2.10-2.8mdv2007.1.x86_64.rpm\n eca467e20954fea23fd050ee41d2ca4a 2007.1/x86_64/php-cups-1.2.10-2.8mdv2007.1.x86_64.rpm \n 3762b10d3a6b962ec6932856d635a119 2007.1/SRPMS/cups-1.2.10-2.8mdv2007.1.src.rpm\n\n Mandriva Linux 2008.0:\n 837c0714eef677dfcdb1befc56012db5 2008.0/i586/cups-1.3.6-1.3mdv2008.0.i586.rpm\n cb8d17edacf1dc1dc5915fbb35745d9a 2008.0/i586/cups-common-1.3.6-1.3mdv2008.0.i586.rpm\n 635eb3405a6b5a4b93ca6373207093df 2008.0/i586/cups-serial-1.3.6-1.3mdv2008.0.i586.rpm\n 59939c1a2a730a0887750bafb4cabee1 2008.0/i586/libcups2-1.3.6-1.3mdv2008.0.i586.rpm\n 6183d24df353f4e8082374951636a657 2008.0/i586/libcups2-devel-1.3.6-1.3mdv2008.0.i586.rpm\n 0f1df17bf9cc86bb607ef28d4b29c6b2 2008.0/i586/php-cups-1.3.6-1.3mdv2008.0.i586.rpm \n 68ac87937182de901cece9b93ba700fa 2008.0/SRPMS/cups-1.3.6-1.3mdv2008.0.src.rpm\n\n Mandriva Linux 2008.0/X86_64:\n 5b73d5bfebbc66f8a56922c7b943f351 2008.0/x86_64/cups-1.3.6-1.3mdv2008.0.x86_64.rpm\n a41d07d80c38b30ee5357b25f7b828ab 2008.0/x86_64/cups-common-1.3.6-1.3mdv2008.0.x86_64.rpm\n 34d6d4eb79b1ee5a9235843398301646 2008.0/x86_64/cups-serial-1.3.6-1.3mdv2008.0.x86_64.rpm\n 3157dcaafb55463d8ad149d99e4d0c55 2008.0/x86_64/lib64cups2-1.3.6-1.3mdv2008.0.x86_64.rpm\n 78b5f7fcedbbbef9c2318977b5f50264 2008.0/x86_64/lib64cups2-devel-1.3.6-1.3mdv2008.0.x86_64.rpm\n 082094f0923f72890f6dbb47eb9072b4 2008.0/x86_64/php-cups-1.3.6-1.3mdv2008.0.x86_64.rpm \n 68ac87937182de901cece9b93ba700fa 2008.0/SRPMS/cups-1.3.6-1.3mdv2008.0.src.rpm\n\n Mandriva Linux 2008.1:\n c22f4c131005e05768b0c45e931015c7 2008.1/i586/cups-1.3.6-5.2mdv2008.1.i586.rpm\n 8f1ad7b01f0d48aa920cb2378f5fce0a 2008.1/i586/cups-common-1.3.6-5.2mdv2008.1.i586.rpm\n 763dfee5def4727b34769298beb5c9fe 2008.1/i586/cups-serial-1.3.6-5.2mdv2008.1.i586.rpm\n dadd48446b97869372535fb2ef02a471 2008.1/i586/libcups2-1.3.6-5.2mdv2008.1.i586.rpm\n cf48ae8c17120d7d83b638f432620797 2008.1/i586/libcups2-devel-1.3.6-5.2mdv2008.1.i586.rpm\n 33d7dcb6b32e58bc38e847f827447b54 2008.1/i586/php-cups-1.3.6-5.2mdv2008.1.i586.rpm \n 25997a30a1fbc24e4a1a5017d15ac526 2008.1/SRPMS/cups-1.3.6-5.2mdv2008.1.src.rpm\n\n Mandriva Linux 2008.1/X86_64:\n 3804ff0deea819d375cdee86b1d98bf4 2008.1/x86_64/cups-1.3.6-5.2mdv2008.1.x86_64.rpm\n 9f8550ffbb7778636b18c33c6854e163 2008.1/x86_64/cups-common-1.3.6-5.2mdv2008.1.x86_64.rpm\n 077652b9f481f72873b6e94a0f54fe17 2008.1/x86_64/cups-serial-1.3.6-5.2mdv2008.1.x86_64.rpm\n 569bcdcf971b564d3ad3cec8b6281fec 2008.1/x86_64/lib64cups2-1.3.6-5.2mdv2008.1.x86_64.rpm\n 05ce67f5f2bf9f27b69963bbc0ba3f6e 2008.1/x86_64/lib64cups2-devel-1.3.6-5.2mdv2008.1.x86_64.rpm\n 8a48fbfa84679702c496744f394ac4f6 2008.1/x86_64/php-cups-1.3.6-5.2mdv2008.1.x86_64.rpm \n 25997a30a1fbc24e4a1a5017d15ac526 2008.1/SRPMS/cups-1.3.6-5.2mdv2008.1.src.rpm\n\n Mandriva Linux 2009.0:\n 3480a3533f163c8559254c7dc7dccca4 2009.0/i586/cups-1.3.9-0.1mdv2009.0.i586.rpm\n 2eda3ae527a0d6477bf2f52f57f37297 2009.0/i586/cups-common-1.3.9-0.1mdv2009.0.i586.rpm\n 1b0849a0dcd6cc52debfdc23ca347e60 2009.0/i586/cups-serial-1.3.9-0.1mdv2009.0.i586.rpm\n 9ef6a24d1e8155bea9e7e148252dc4e7 2009.0/i586/libcups2-1.3.9-0.1mdv2009.0.i586.rpm\n 2a8be000df9a71f506a039e58faaf1b4 2009.0/i586/libcups2-devel-1.3.9-0.1mdv2009.0.i586.rpm\n 7f04461fd982b387144f73612b3cbd86 2009.0/i586/php-cups-1.3.9-0.1mdv2009.0.i586.rpm \n 1c16860c6f7af958cb6744dd60ffd63e 2009.0/SRPMS/cups-1.3.9-0.1mdv2009.0.src.rpm\n\n Mandriva Linux 2009.0/X86_64:\n 926221e97b7c4c52562468b26066f049 2009.0/x86_64/cups-1.3.9-0.1mdv2009.0.x86_64.rpm\n 96abb10e235084a80cd17c79cc31a360 2009.0/x86_64/cups-common-1.3.9-0.1mdv2009.0.x86_64.rpm\n cb817300fa6d8c9b40a0f8a01572d691 2009.0/x86_64/cups-serial-1.3.9-0.1mdv2009.0.x86_64.rpm\n d56cea0645b26b668f9b8a66f2dc090f 2009.0/x86_64/lib64cups2-1.3.9-0.1mdv2009.0.x86_64.rpm\n f4a04369ad8d202d87ea49a3da4ab67c 2009.0/x86_64/lib64cups2-devel-1.3.9-0.1mdv2009.0.x86_64.rpm\n 85124180f179ae504ad2f27ef814683d 2009.0/x86_64/php-cups-1.3.9-0.1mdv2009.0.x86_64.rpm \n 1c16860c6f7af958cb6744dd60ffd63e 2009.0/SRPMS/cups-1.3.9-0.1mdv2009.0.src.rpm\n\n Corporate 3.0:\n d235e680a70a94ce2c32a556a1fea6d5 corporate/3.0/i586/cups-1.1.20-5.19.C30mdk.i586.rpm\n eccffd52489f0aca14a11b6b88a5c59f corporate/3.0/i586/cups-common-1.1.20-5.19.C30mdk.i586.rpm\n 743aad40e707a1c6ec8de19e6ba19668 corporate/3.0/i586/cups-serial-1.1.20-5.19.C30mdk.i586.rpm\n 931bd82e26396ef7109369893e8fb740 corporate/3.0/i586/libcups2-1.1.20-5.19.C30mdk.i586.rpm\n 007b156ceb1f78c107a05bba499f544d corporate/3.0/i586/libcups2-devel-1.1.20-5.19.C30mdk.i586.rpm \n 685d93ef91df7b10faefae3d9c8a2e20 corporate/3.0/SRPMS/cups-1.1.20-5.19.C30mdk.src.rpm\n\n Corporate 3.0/X86_64:\n c57219da87ef50832e74efbfd3471f64 corporate/3.0/x86_64/cups-1.1.20-5.19.C30mdk.x86_64.rpm\n 6f9772a800e70f1e3766d76de8dcf6e3 corporate/3.0/x86_64/cups-common-1.1.20-5.19.C30mdk.x86_64.rpm\n e1221063527caed05a6e94f9cebed9ab corporate/3.0/x86_64/cups-serial-1.1.20-5.19.C30mdk.x86_64.rpm\n a0b15b24cfc995a7a769c1e87d53a696 corporate/3.0/x86_64/lib64cups2-1.1.20-5.19.C30mdk.x86_64.rpm\n aaabff95ac9a30ff1d9ce224612bcb50 corporate/3.0/x86_64/lib64cups2-devel-1.1.20-5.19.C30mdk.x86_64.rpm \n 685d93ef91df7b10faefae3d9c8a2e20 corporate/3.0/SRPMS/cups-1.1.20-5.19.C30mdk.src.rpm\n\n Corporate 4.0:\n 56f3e394ac8e4b4e7d423c7989d2e6af corporate/4.0/i586/cups-1.2.4-0.10.20060mlcs4.i586.rpm\n dcb4425723e63a2d094305cde05890f3 corporate/4.0/i586/cups-common-1.2.4-0.10.20060mlcs4.i586.rpm\n 348427ebb4f1f1f530c3c129850de957 corporate/4.0/i586/cups-serial-1.2.4-0.10.20060mlcs4.i586.rpm\n d0a8052949416c5ba260b48596cbf415 corporate/4.0/i586/libcups2-1.2.4-0.10.20060mlcs4.i586.rpm\n ab7637abe249e4369cf39d37113ba37f corporate/4.0/i586/libcups2-devel-1.2.4-0.10.20060mlcs4.i586.rpm\n 86af12b21de1212e72286e9b2db23caa corporate/4.0/i586/php-cups-1.2.4-0.10.20060mlcs4.i586.rpm \n 5a7d0a19238e8b654821bb87355f9f27 corporate/4.0/SRPMS/cups-1.2.4-0.10.20060mlcs4.src.rpm\n\n Corporate 4.0/X86_64:\n 59784628a2385248e8d71c1476773071 corporate/4.0/x86_64/cups-1.2.4-0.10.20060mlcs4.x86_64.rpm\n a7933ad29b9a77973fcf7feb02c381b9 corporate/4.0/x86_64/cups-common-1.2.4-0.10.20060mlcs4.x86_64.rpm\n 26da08a5da63053f418e47792cf26280 corporate/4.0/x86_64/cups-serial-1.2.4-0.10.20060mlcs4.x86_64.rpm\n 0614662f2661171ade097e562a94c635 corporate/4.0/x86_64/lib64cups2-1.2.4-0.10.20060mlcs4.x86_64.rpm\n a899db16ce3db8ec71aaef67a6650616 corporate/4.0/x86_64/lib64cups2-devel-1.2.4-0.10.20060mlcs4.x86_64.rpm\n 9e3dc91c4390d7ba60ca26dcc095b8d8 corporate/4.0/x86_64/php-cups-1.2.4-0.10.20060mlcs4.x86_64.rpm \n 5a7d0a19238e8b654821bb87355f9f27 corporate/4.0/SRPMS/cups-1.2.4-0.10.20060mlcs4.src.rpm\n _______________________________________________________________________\n\n To upgrade automatically use MandrivaUpdate or urpmi. The verification\n of md5 checksums and GPG signatures is performed automatically for you. \n\n All packages are signed by Mandriva for security. You can obtain the\n GPG public key of the Mandriva Security Team by executing:\n\n gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98\n\n You can view other update advisories for Mandriva Linux at:\n\n http://www.mandriva.com/security/advisories\n\n If you want to report vulnerabilities, please contact\n\n security_(at)_mandriva.com\n _______________________________________________________________________\n\n Type Bits/KeyID Date User ID\n pub 1024D/22458A98 2000-07-10 Mandriva Security Team\n \u003csecurity*mandriva.com\u003e\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.9 (GNU/Linux)\n\niD8DBQFI8DeJmqjQ0CJFipgRAmbxAKCxSRvJTtancZ/puQkgifGbRQnZIQCg6Bum\nEnuxPIlaIiQWBIjMSk4WWoo=\n=aMXC\n-----END PGP SIGNATURE-----\n\n_______________________________________________\nFull-Disclosure - We believe in it. \nCharter: http://lists.grok.org.uk/full-disclosure-charter.html\nHosted and sponsored by Secunia - http://secunia.com/\n. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 200812-11\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n http://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: High\n Title: CUPS: Multiple vulnerabilities\n Date: December 10, 2008\n Bugs: #238976, #249727\n ID: 200812-11\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nSeveral remotely exploitable bugs have been found in CUPS, which allow\nremote execution of arbitrary code. \n\nBackground\n==========\n\nCUPS is the Common Unix Printing System. \n\nAffected packages\n=================\n\n -------------------------------------------------------------------\n Package / Vulnerable / Unaffected\n -------------------------------------------------------------------\n 1 net-print/cups \u003c 1.3.9-r1 \u003e= 1.3.9-r1\n\nDescription\n===========\n\nSeveral buffer overflows were found in:\n\n* The read_rle16 function in imagetops (CVE-2008-3639, found by\n regenrecht, reported via ZDI)\n\n* The WriteProlog function in texttops (CVE-2008-3640, found by\n regenrecht, reported via ZDI)\n\n* The Hewlett-Packard Graphics Language (HPGL) filter (CVE-2008-3641,\n found by regenrecht, reported via iDefense)\n\n* The _cupsImageReadPNG function (CVE-2008-5286, reported by iljavs)\n\nImpact\n======\n\nA remote attacker could send specially crafted input to a vulnerable\nserver, resulting in the remote execution of arbitrary code with the\nprivileges of the user running the server. \n\nWorkaround\n==========\n\nNone this time. \n\nResolution\n==========\n\nAll CUPS users should upgrade to the latest version. \n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=net-print/cups-1.3.9-r1\"\n\nReferences\n==========\n\n [ 1 ] CVE-2008-3639\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3639\n [ 2 ] CVE-2008-3640\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3640\n [ 3 ] CVE-2008-3641\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3641\n [ 4 ] CVE-2008-5286\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5286\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-200812-11.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttp://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2008 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2008-3641"
},
{
"db": "CERT/CC",
"id": "VU#442845"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-001826"
},
{
"db": "ZDI",
"id": "ZDI-08-067"
},
{
"db": "BID",
"id": "31688"
},
{
"db": "BID",
"id": "31681"
},
{
"db": "VULHUB",
"id": "VHN-33766"
},
{
"db": "PACKETSTORM",
"id": "70974"
},
{
"db": "PACKETSTORM",
"id": "70829"
},
{
"db": "PACKETSTORM",
"id": "38388"
},
{
"db": "PACKETSTORM",
"id": "71087"
},
{
"db": "PACKETSTORM",
"id": "70839"
},
{
"db": "PACKETSTORM",
"id": "72870"
}
],
"trust": 4.14
},
"exploit_availability": {
"_id": null,
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-33766",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-33766"
}
]
},
"external_ids": {
"_id": null,
"data": [
{
"db": "NVD",
"id": "CVE-2008-3641",
"trust": 4.3
},
{
"db": "ZDI",
"id": "ZDI-08-067",
"trust": 2.8
},
{
"db": "BID",
"id": "31688",
"trust": 2.8
},
{
"db": "SECTRACK",
"id": "1021031",
"trust": 2.5
},
{
"db": "SECUNIA",
"id": "32222",
"trust": 2.5
},
{
"db": "SECUNIA",
"id": "32226",
"trust": 2.5
},
{
"db": "SECUNIA",
"id": "32084",
"trust": 2.5
},
{
"db": "BID",
"id": "31681",
"trust": 2.0
},
{
"db": "VUPEN",
"id": "ADV-2008-3401",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2008-2780",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2008-2782",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2009-1568",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "33568",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "32316",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "33111",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "33085",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "32284",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "32292",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "32331",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "15895",
"trust": 0.9
},
{
"db": "SECUNIA",
"id": "15810",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "15922",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "15852",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "15855",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "15861",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "15862",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "15872",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "15883",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "15884",
"trust": 0.8
},
{
"db": "BID",
"id": "14088",
"trust": 0.8
},
{
"db": "SECTRACK",
"id": "1014327",
"trust": 0.8
},
{
"db": "CERT/CC",
"id": "VU#442845",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2008-001826",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-367",
"trust": 0.7
},
{
"db": "CNNVD",
"id": "CNNVD-200810-160",
"trust": 0.7
},
{
"db": "CUPS.ORG",
"id": "HTTP://WWW.CUPS.ORG/ARTICLES.PHP?L575",
"trust": 0.6
},
{
"db": "REDHAT",
"id": "RHSA-2008:0937",
"trust": 0.6
},
{
"db": "GENTOO",
"id": "GLSA-200812-11",
"trust": 0.6
},
{
"db": "XF",
"id": "45779",
"trust": 0.6
},
{
"db": "BUGTRAQ",
"id": "20081010 ZDI-08-067: APPLE CUPS 1.3.7 (HP-GL/2 FILTER) REMOTE CODE EXECUTION VULNERABILITY",
"trust": 0.6
},
{
"db": "SUSE",
"id": "SUSE-SR:2008:021",
"trust": 0.6
},
{
"db": "SUSE",
"id": "SUSE-SR:2009:002",
"trust": 0.6
},
{
"db": "UBUNTU",
"id": "USN-656-1",
"trust": 0.6
},
{
"db": "SUNALERT",
"id": "261088",
"trust": 0.6
},
{
"db": "FEDORA",
"id": "FEDORA-2008-8801",
"trust": 0.6
},
{
"db": "FEDORA",
"id": "FEDORA-2008-8844",
"trust": 0.6
},
{
"db": "DEBIAN",
"id": "DSA-1656",
"trust": 0.6
},
{
"db": "APPLE",
"id": "APPLE-SA-2008-10-09",
"trust": 0.6
},
{
"db": "MANDRIVA",
"id": "MDVSA-2008:211",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "70829",
"trust": 0.2
},
{
"db": "EXPLOIT-DB",
"id": "32470",
"trust": 0.1
},
{
"db": "SEEBUG",
"id": "SSVID-85754",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-33766",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "70974",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "38388",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "71087",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "70839",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "72870",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#442845"
},
{
"db": "ZDI",
"id": "ZDI-08-067"
},
{
"db": "VULHUB",
"id": "VHN-33766"
},
{
"db": "BID",
"id": "31688"
},
{
"db": "BID",
"id": "31681"
},
{
"db": "PACKETSTORM",
"id": "70974"
},
{
"db": "PACKETSTORM",
"id": "70829"
},
{
"db": "PACKETSTORM",
"id": "38388"
},
{
"db": "PACKETSTORM",
"id": "71087"
},
{
"db": "PACKETSTORM",
"id": "70839"
},
{
"db": "PACKETSTORM",
"id": "72870"
},
{
"db": "CNNVD",
"id": "CNNVD-200810-160"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-001826"
},
{
"db": "NVD",
"id": "CVE-2008-3641"
}
]
},
"id": "VAR-200810-0138",
"iot": {
"_id": null,
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-33766"
}
],
"trust": 0.01
},
"last_update_date": "2026-04-10T23:15:18.511000Z",
"patch": {
"_id": null,
"data": [
{
"title": "HT3216",
"trust": 1.5,
"url": "http://support.apple.com/kb/HT3216"
},
{
"title": "HT3216",
"trust": 0.8,
"url": "http://support.apple.com/kb/HT3216?viewlocale=ja_JP"
},
{
"title": "cups-1.2.4-11.18.2.1AXS3",
"trust": 0.8,
"url": "https://tsn.miraclelinux.com/tsn_local/index.php?m=errata\u0026a=detail\u0026eid=354"
},
{
"title": "STR #2911",
"trust": 0.8,
"url": "http://www.cups.org/str.php?L2911"
},
{
"title": "1352",
"trust": 0.8,
"url": "http://www.miraclelinux.com/update/linux/list.php?errata_id=1352"
},
{
"title": "RHSA-2008:0937",
"trust": 0.8,
"url": "http://rhn.redhat.com/errata/RHSA-2008-0937.html"
},
{
"title": "TLSA-2008-43",
"trust": 0.8,
"url": "http://www.turbolinux.com/security/2008/TLSA-2008-43.txt"
},
{
"title": "RHSA-2008:0937",
"trust": 0.8,
"url": "http://www.jp.redhat.com/support/errata/RHSA/RHSA-2008-0937J.html"
},
{
"title": "TLSA-2008-43",
"trust": 0.8,
"url": "http://www.turbolinux.co.jp/security/2008/TLSA-2008-43j.txt"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-08-067"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-001826"
}
]
},
"problemtype_data": {
"_id": null,
"data": [
{
"problemtype": "CWE-399",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-33766"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-001826"
},
{
"db": "NVD",
"id": "CVE-2008-3641"
}
]
},
"references": {
"_id": null,
"data": [
{
"trust": 3.1,
"url": "http://support.apple.com/kb/ht3216"
},
{
"trust": 2.5,
"url": "http://www.securityfocus.com/bid/31688"
},
{
"trust": 2.5,
"url": "http://www.securitytracker.com/id?1021031"
},
{
"trust": 2.5,
"url": "http://secunia.com/advisories/32084"
},
{
"trust": 2.5,
"url": "http://secunia.com/advisories/32222"
},
{
"trust": 2.5,
"url": "http://secunia.com/advisories/32226"
},
{
"trust": 2.0,
"url": "http://support.avaya.com/elmodocs2/security/asa-2008-470.htm"
},
{
"trust": 2.0,
"url": "http://www.cups.org/str.php?l2911"
},
{
"trust": 1.8,
"url": "http://www.zerodayinitiative.com/advisories/zdi-08-067"
},
{
"trust": 1.7,
"url": "http://lists.apple.com/archives/security-announce/2008/oct/msg00001.html"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/31681"
},
{
"trust": 1.7,
"url": "http://www.debian.org/security/2008/dsa-1656"
},
{
"trust": 1.7,
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-october/msg00331.html"
},
{
"trust": 1.7,
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-october/msg00380.html"
},
{
"trust": 1.7,
"url": "http://www.gentoo.org/security/en/glsa/glsa-200812-11.xml"
},
{
"trust": 1.7,
"url": "http://www.mandriva.com/security/advisories?name=mdvsa-2008:211"
},
{
"trust": 1.7,
"url": "http://www.redhat.com/support/errata/rhsa-2008-0937.html"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/32284"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/32292"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/32316"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/33085"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/33111"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/33568"
},
{
"trust": 1.7,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-261088-1"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00006.html"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-01/msg00004.html"
},
{
"trust": 1.7,
"url": "http://www.vupen.com/english/advisories/2009/1568"
},
{
"trust": 1.4,
"url": "http://www.cups.org/articles.php?l575"
},
{
"trust": 1.4,
"url": "http://www.frsirt.com/english/advisories/2008/2782"
},
{
"trust": 1.4,
"url": "http://www.frsirt.com/english/advisories/2008/2780"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/archive/1/497221/100/0/threaded"
},
{
"trust": 1.1,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a9666"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/32331"
},
{
"trust": 1.1,
"url": "https://usn.ubuntu.com/656-1/"
},
{
"trust": 1.1,
"url": "http://www.vupen.com/english/advisories/2008/2780"
},
{
"trust": 1.1,
"url": "http://www.vupen.com/english/advisories/2008/2782"
},
{
"trust": 1.1,
"url": "http://www.vupen.com/english/advisories/2008/3401"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45779"
},
{
"trust": 1.0,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-3641"
},
{
"trust": 0.9,
"url": "http://secunia.com/advisories/15895/"
},
{
"trust": 0.9,
"url": "http://secunia.com/advisories/15852/"
},
{
"trust": 0.8,
"url": "http://www.hardened-php.net/advisory-022005.php"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/15861/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/15862/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/15884/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/15883/"
},
{
"trust": 0.8,
"url": "http://news.postnuke.com/modules.php?op=modload\u0026name=news\u0026file=article\u0026sid=2699"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/15855/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/15810/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/15872/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/15922/"
},
{
"trust": 0.8,
"url": "http://securitytracker.com/alerts/2005/jun/1014327.html"
},
{
"trust": 0.8,
"url": "http://www.gulftech.org/?node=research\u0026article_id=00088-07022005"
},
{
"trust": 0.8,
"url": "http://www.gulftech.org/?node=research\u0026article_id=00087-07012005"
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/14088"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2008-3641"
},
{
"trust": 0.6,
"url": "http://www.apple.com/macosx/"
},
{
"trust": 0.6,
"url": "http://cups.org/articles.php?l575"
},
{
"trust": 0.6,
"url": "http://xforce.iss.net/xforce/xfdb/45779"
},
{
"trust": 0.6,
"url": "http://www.ubuntulinux.org/support/documentation/usn/usn-656-1"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/archive/1/archive/1/497221/100/0/threaded"
},
{
"trust": 0.6,
"url": "http://www.frsirt.com/english/advisories/2008/3401"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-3641"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-3639"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-3640"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-261088-1"
},
{
"trust": 0.3,
"url": "http://www.zerodayinitiative.com/advisories/zdi-08-067/"
},
{
"trust": 0.2,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-3639"
},
{
"trust": 0.2,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-3640"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/c/cupsys/cupsys-bsd_1.3.7-1ubuntu3.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.3.2-1ubuntu7.8_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-gnutls10_1.2.2-0ubuntu0.6.06.11_all.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/c/cupsys/cupsys_1.3.7-1ubuntu3.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.3.2-1ubuntu7.8_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.2.2-0ubuntu0.6.06.11_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/c/cupsys/libcupsimage2_1.3.7-1ubuntu3.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.2.2-0ubuntu0.6.06.11_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.2.8-0ubuntu8.6_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.3.2-1ubuntu7.8.diff.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.2.8-0ubuntu8.6_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/c/cupsys/cupsys-client_1.3.7-1ubuntu3.1_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.3.7-1ubuntu3.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.2.2-0ubuntu0.6.06.11_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.3.2-1ubuntu7.8_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.2.2-0ubuntu0.6.06.11_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/c/cupsys/libcupsys2_1.3.7-1ubuntu3.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.3.2-1ubuntu7.8_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.3.2-1ubuntu7.8_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/c/cupsys/cupsys-client_1.3.7-1ubuntu3.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.8-0ubuntu8.6_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.2.8-0ubuntu8.6_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/c/cupsys/libcupsimage2-dev_1.3.7-1ubuntu3.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.3.7-1ubuntu3.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/c/cupsys/libcupsys2-dev_1.3.7-1ubuntu3.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.2.8-0ubuntu8.6_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/c/cupsys/cupsys_1.3.2-1ubuntu7.8_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.3.7-1ubuntu3.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/c/cupsys/cupsys_1.3.7-1ubuntu3.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.2.8-0ubuntu8.6_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.3.2-1ubuntu7.8_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.3.2-1ubuntu7.8_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.3.2-1ubuntu7.8_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.2.8-0ubuntu8.6_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/c/cupsys/cupsys-bsd_1.3.7-1ubuntu3.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.2.2-0ubuntu0.6.06.11_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.3.2-1ubuntu7.8_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.8-0ubuntu8.6_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.2.2-0ubuntu0.6.06.11_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.3.7-1ubuntu3.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.3.7.orig.tar.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.8.orig.tar.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.3.7-1ubuntu3.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.3.7-1ubuntu3.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.8-0ubuntu8.6.diff.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.3.2-1ubuntu7.8.dsc"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/c/cupsys/libcupsys2_1.3.7-1ubuntu3.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.2.2-0ubuntu0.6.06.11_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.3.2-1ubuntu7.8_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.2.2-0ubuntu0.6.06.11_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.8-0ubuntu8.6.dsc"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.3.2-1ubuntu7.8_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.2.2-0ubuntu0.6.06.11_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.2.2-0ubuntu0.6.06.11_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.3.7-1ubuntu3.1.diff.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.2.8-0ubuntu8.6_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.2.8-0ubuntu8.6_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.3.2-1ubuntu7.8_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.3.7-1ubuntu3.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.3.7-1ubuntu3.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.2-0ubuntu0.6.06.11_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.2.2-0ubuntu0.6.06.11_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.3.2-1ubuntu7.8_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.2.2-0ubuntu0.6.06.11_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-common_1.3.2-1ubuntu7.8_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.2.2-0ubuntu0.6.06.11_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.2.8-0ubuntu8.6_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.2.2-0ubuntu0.6.06.11_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.8-0ubuntu8.6_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/c/cupsys/libcupsys2-dev_1.3.7-1ubuntu3.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.2-0ubuntu0.6.06.11_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/c/cupsys/libcupsimage2-dev_1.3.2-1ubuntu7.8_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.3.2-1ubuntu7.8_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.2.8-0ubuntu8.6_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/c/cupsys/cupsys_1.3.7-1ubuntu3.1_lpia.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/c/cupsys/libcupsys2-dev_1.3.2-1ubuntu7.8_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.2.8-0ubuntu8.6_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.3.2-1ubuntu7.8_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.3.2-1ubuntu7.8_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.2.8-0ubuntu8.6_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.3.2-1ubuntu7.8_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.2.8-0ubuntu8.6_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.2.2-0ubuntu0.6.06.11_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.2.2-0ubuntu0.6.06.11_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.2.2-0ubuntu0.6.06.11_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.2.8-0ubuntu8.6_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/c/cupsys/libcupsimage2-dev_1.3.7-1ubuntu3.1_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.3.2-1ubuntu7.8_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.8-0ubuntu8.6_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/c/cupsys/libcupsimage2-dev_1.3.7-1ubuntu3.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.3.7-1ubuntu3.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.2.8-0ubuntu8.6_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.2.8-0ubuntu8.6_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.3.7-1ubuntu3.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/c/cupsys/libcupsys2-dev_1.3.7-1ubuntu3.1_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.2-0ubuntu0.6.06.11_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.2.2-0ubuntu0.6.06.11_i386.deb"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-1722"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.2.2-0ubuntu0.6.06.11_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.2.8-0ubuntu8.6_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.2.8-0ubuntu8.6_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.2.8-0ubuntu8.6_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.3.7-1ubuntu3.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/c/cupsys/libcupsys2_1.3.7-1ubuntu3.1_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-common_1.2.8-0ubuntu8.6_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.2-0ubuntu0.6.06.11.dsc"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/c/cupsys/cupsys-client_1.3.2-1ubuntu7.8_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.3.2-1ubuntu7.8_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.2.8-0ubuntu8.6_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.3.2-1ubuntu7.8_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.2.2-0ubuntu0.6.06.11_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/c/cupsys/cupsys-bsd_1.3.2-1ubuntu7.8_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.3.2-1ubuntu7.8_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.3.7-1ubuntu3.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.3.2-1ubuntu7.8_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.3.2.orig.tar.gz"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/c/cupsys/libcupsys2_1.3.2-1ubuntu7.8_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.3.2-1ubuntu7.8_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.3.7-1ubuntu3.1.dsc"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.2-0ubuntu0.6.06.11_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.2.8-0ubuntu8.6_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.3.2-1ubuntu7.8_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/c/cupsys/libcupsimage2_1.3.7-1ubuntu3.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.3.2-1ubuntu7.8_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.2.2-0ubuntu0.6.06.11_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/c/cupsys/libcupsimage2_1.3.2-1ubuntu7.8_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.3.7-1ubuntu3.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.2.8-0ubuntu8.6_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.3.2-1ubuntu7.8_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.2.orig.tar.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.2.8-0ubuntu8.6_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/c/cupsys/cupsys-bsd_1.3.7-1ubuntu3.1_lpia.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/c/cupsys/cupsys-client_1.3.7-1ubuntu3.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/c/cupsys/libcupsimage2_1.3.7-1ubuntu3.1_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-common_1.3.7-1ubuntu3.1_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.3.2-1ubuntu7.8_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.2-0ubuntu0.6.06.11.diff.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.2.8-0ubuntu8.6_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.3.7-1ubuntu3.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.2.2-0ubuntu0.6.06.11_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.2.2-0ubuntu0.6.06.11_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.2.2-0ubuntu0.6.06.11_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.3.2-1ubuntu7.8_sparc.deb"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/disclosure_policy/"
},
{
"trust": 0.1,
"url": "http://www.tippingpoint.com"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com"
},
{
"trust": 0.1,
"url": "http://secunia.com/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/3699/"
},
{
"trust": 0.1,
"url": "http://sourceforge.net/project/showfiles.php?group_id=66479"
},
{
"trust": 0.1,
"url": "http://secunia.com/secunia_vacancies/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/about_secunia_advisories/"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4etch5_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4etch5_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4etch5_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4etch5_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4etch5_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4etch5_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4etch5_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4etch5_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4etch5_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4etch5_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4etch5_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4etch5_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4etch5_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4etch5_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4etch5_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4etch5_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4etch5_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4etch5_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4etch5_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4etch5_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4etch5_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4etch5_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4etch5_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4etch5_alpha.deb"
},
{
"trust": 0.1,
"url": "http://www.debian.org/security/faq"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4etch5_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4etch5_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4etch5_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4etch5_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4etch5_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4etch5_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4etch5_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4etch5_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4etch5_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4etch5_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4etch5_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4etch5_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4etch5_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4etch5_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4etch5_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4etch5_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4etch5_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4etch5.diff.gz"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4etch5.dsc"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4etch5_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4etch5_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4etch5_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4etch5_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4etch5_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4etch5_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4etch5_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4etch5_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4etch5_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4etch5_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4etch5_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4etch5_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4etch5_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4etch5_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4etch5_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4etch5_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4etch5_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-gnutls10_1.2.7-4etch5_all.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/"
},
{
"trust": 0.1,
"url": "http://www.debian.org/security/"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7.orig.tar.gz"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4etch5_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4etch5_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4etch5_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4etch5_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4etch5_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4etch5_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4etch5_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4etch5_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4etch5_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4etch5_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4etch5_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4etch5_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/cupsys-common_1.2.7-4etch5_all.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4etch5_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4etch5_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4etch5_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4etch5_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4etch5_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4etch5_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4etch5_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4etch5_i386.deb"
},
{
"trust": 0.1,
"url": "http://packages.debian.org/\u003cpkg\u003e"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4etch5_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4etch5_arm.deb"
},
{
"trust": 0.1,
"url": "http://www.mandriva.com/security/"
},
{
"trust": 0.1,
"url": "http://secunia.com/"
},
{
"trust": 0.1,
"url": "http://www.mandriva.com/security/advisories"
},
{
"trust": 0.1,
"url": "http://lists.grok.org.uk/full-disclosure-charter.html"
},
{
"trust": 0.1,
"url": "http://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-5286"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-5286"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/glsa/glsa-200812-11.xml"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#442845"
},
{
"db": "ZDI",
"id": "ZDI-08-067"
},
{
"db": "VULHUB",
"id": "VHN-33766"
},
{
"db": "BID",
"id": "31688"
},
{
"db": "BID",
"id": "31681"
},
{
"db": "PACKETSTORM",
"id": "70974"
},
{
"db": "PACKETSTORM",
"id": "70829"
},
{
"db": "PACKETSTORM",
"id": "38388"
},
{
"db": "PACKETSTORM",
"id": "71087"
},
{
"db": "PACKETSTORM",
"id": "70839"
},
{
"db": "PACKETSTORM",
"id": "72870"
},
{
"db": "CNNVD",
"id": "CNNVD-200810-160"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-001826"
},
{
"db": "NVD",
"id": "CVE-2008-3641"
}
]
},
"sources": {
"_id": null,
"data": [
{
"db": "CERT/CC",
"id": "VU#442845",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-08-067",
"ident": null
},
{
"db": "VULHUB",
"id": "VHN-33766",
"ident": null
},
{
"db": "BID",
"id": "31688",
"ident": null
},
{
"db": "BID",
"id": "31681",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "70974",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "70829",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "38388",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "71087",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "70839",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "72870",
"ident": null
},
{
"db": "CNNVD",
"id": "CNNVD-200810-160",
"ident": null
},
{
"db": "JVNDB",
"id": "JVNDB-2008-001826",
"ident": null
},
{
"db": "NVD",
"id": "CVE-2008-3641",
"ident": null
}
]
},
"sources_release_date": {
"_id": null,
"data": [
{
"date": "2005-07-06T00:00:00",
"db": "CERT/CC",
"id": "VU#442845",
"ident": null
},
{
"date": "2008-10-09T00:00:00",
"db": "ZDI",
"id": "ZDI-08-067",
"ident": null
},
{
"date": "2008-10-10T00:00:00",
"db": "VULHUB",
"id": "VHN-33766",
"ident": null
},
{
"date": "2008-10-09T00:00:00",
"db": "BID",
"id": "31688",
"ident": null
},
{
"date": "2008-10-09T00:00:00",
"db": "BID",
"id": "31681",
"ident": null
},
{
"date": "2008-10-16T00:26:26",
"db": "PACKETSTORM",
"id": "70974",
"ident": null
},
{
"date": "2008-10-11T18:39:14",
"db": "PACKETSTORM",
"id": "70829",
"ident": null
},
{
"date": "2005-07-01T23:31:00",
"db": "PACKETSTORM",
"id": "38388",
"ident": null
},
{
"date": "2008-10-21T00:23:21",
"db": "PACKETSTORM",
"id": "71087",
"ident": null
},
{
"date": "2008-10-11T19:00:49",
"db": "PACKETSTORM",
"id": "70839",
"ident": null
},
{
"date": "2008-12-10T23:04:12",
"db": "PACKETSTORM",
"id": "72870",
"ident": null
},
{
"date": "2007-05-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200810-160",
"ident": null
},
{
"date": "2008-11-10T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2008-001826",
"ident": null
},
{
"date": "2008-10-10T10:30:03.077000",
"db": "NVD",
"id": "CVE-2008-3641",
"ident": null
}
]
},
"sources_update_date": {
"_id": null,
"data": [
{
"date": "2007-03-09T00:00:00",
"db": "CERT/CC",
"id": "VU#442845",
"ident": null
},
{
"date": "2008-10-09T00:00:00",
"db": "ZDI",
"id": "ZDI-08-067",
"ident": null
},
{
"date": "2018-10-11T00:00:00",
"db": "VULHUB",
"id": "VHN-33766",
"ident": null
},
{
"date": "2015-05-07T17:05:00",
"db": "BID",
"id": "31688",
"ident": null
},
{
"date": "2009-03-24T16:56:00",
"db": "BID",
"id": "31681",
"ident": null
},
{
"date": "2009-06-19T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200810-160",
"ident": null
},
{
"date": "2008-12-25T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2008-001826",
"ident": null
},
{
"date": "2025-04-09T00:30:58.490000",
"db": "NVD",
"id": "CVE-2008-3641",
"ident": null
}
]
},
"threat_type": {
"_id": null,
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "70974"
},
{
"db": "PACKETSTORM",
"id": "70829"
},
{
"db": "PACKETSTORM",
"id": "72870"
},
{
"db": "CNNVD",
"id": "CNNVD-200810-160"
}
],
"trust": 0.9
},
"title": {
"_id": null,
"data": "Multiple PHP XML-RPC implementations vulnerable to code injection",
"sources": [
{
"db": "CERT/CC",
"id": "VU#442845"
}
],
"trust": 0.8
},
"type": {
"_id": null,
"data": "resource management error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200810-160"
}
],
"trust": 0.6
}
}
VAR-201504-0362
Vulnerability from variot - Updated: 2026-04-10 22:57The symmetric-key feature in the receive function in ntp_proto.c in ntpd in NTP 3.x and 4.x before 4.2.8p2 performs state-variable updates upon receiving certain invalid packets, which makes it easier for man-in-the-middle attackers to cause a denial of service (synchronization loss) by spoofing the source IP address of a peer. NTP Project ntpd reference implementation accepts unauthenticated packets with symmetric key cryptography and does not protect symmetric associations against denial of service attacks. NTP of ntpd of ntp_proto.c Inside receive of symmetric-key The function is used even when a specific invalid packet is received. state variable Service operation disruption to perform update ( Sync failure ) There are vulnerabilities that are put into a state. Supplementary information : CWE Vulnerability type by CWE-17: Code ( code ) Has been identified. http://cwe.mitre.org/data/definitions/17.htmlMan-in-the-middle attacks (man-in-the-middle attack) By the source of the peer IP Denial of service by spoofing addresses ( Sync failure ) There is a possibility of being put into a state. NTP is prone to a denial-of-service vulnerability. Successful exploits may allow the attacker to cause a denial-of-service condition. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201509-01
https://security.gentoo.org/
Severity: Normal Title: NTP: Multiple vulnerablities Date: September 24, 2015 Bugs: #545836, #553682 ID: 201509-01
Synopsis
Multiple vulnerabilities have been found in NTP, the worst of which could lead to arbitrary code execution.
Background
NTP contains software for the Network Time Protocol.
Affected packages
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 net-misc/ntp < 4.2.8_p3 >= 4.2.8_p3
Description
Multiple vulnerabilities have been discovered in NTP. Please review the CVE identifiers referenced below for details.
Workaround
There is no known workaround at this time.
Resolution
All NTP users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=net-misc/ntp-4.2.8_p3"
References
[ 1 ] CVE-2015-1798 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-1798 [ 2 ] CVE-2015-1799 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-1799 [ 3 ] CVE-2015-5146 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5146
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
https://security.gentoo.org/glsa/201509-01
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2015 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5 .
Here are the details from the Slackware 14.1 ChangeLog: +--------------------------+ patches/packages/ntp-4.2.8p2-i486-1_slack14.1.txz: Upgraded. * Authentication doesn't protect symmetric associations against DoS attacks. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1798 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1799 ( Security fix ) +--------------------------+
Where to find the new packages: +-----------------------------+
Thanks to the friendly folks at the OSU Open Source Lab (http://osuosl.org) for donating FTP and rsync hosting to the Slackware project! :-)
Also see the "Get Slack" section on http://slackware.com for additional mirror sites near you.
Updated package for Slackware 13.0: ftp://ftp.slackware.com/pub/slackware/slackware-13.0/patches/packages/ntp-4.2.8p2-i486-1_slack13.0.txz
Updated package for Slackware x86_64 13.0: ftp://ftp.slackware.com/pub/slackware/slackware64-13.0/patches/packages/ntp-4.2.8p2-x86_64-1_slack13.0.txz
Updated package for Slackware 13.1: ftp://ftp.slackware.com/pub/slackware/slackware-13.1/patches/packages/ntp-4.2.8p2-i486-1_slack13.1.txz
Updated package for Slackware x86_64 13.1: ftp://ftp.slackware.com/pub/slackware/slackware64-13.1/patches/packages/ntp-4.2.8p2-x86_64-1_slack13.1.txz
Updated package for Slackware 13.37: ftp://ftp.slackware.com/pub/slackware/slackware-13.37/patches/packages/ntp-4.2.8p2-i486-1_slack13.37.txz
Updated package for Slackware x86_64 13.37: ftp://ftp.slackware.com/pub/slackware/slackware64-13.37/patches/packages/ntp-4.2.8p2-x86_64-1_slack13.37.txz
Updated package for Slackware 14.0: ftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/ntp-4.2.8p2-i486-1_slack14.0.txz
Updated package for Slackware x86_64 14.0: ftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/ntp-4.2.8p2-x86_64-1_slack14.0.txz
Updated package for Slackware 14.1: ftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/ntp-4.2.8p2-i486-1_slack14.1.txz
Updated package for Slackware x86_64 14.1: ftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/ntp-4.2.8p2-x86_64-1_slack14.1.txz
Updated package for Slackware -current: ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/ntp-4.2.8p2-i486-1.txz
Updated package for Slackware x86_64 -current: ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/ntp-4.2.8p2-x86_64-1.txz
MD5 signatures: +-------------+
Slackware 13.0 package: 570bb3e4bb7b065101fa4963e757d7e7 ntp-4.2.8p2-i486-1_slack13.0.txz
Slackware x86_64 13.0 package: e6add42a70a66496be2d4978370c2799 ntp-4.2.8p2-x86_64-1_slack13.0.txz
Slackware 13.1 package: 99f1cfa5e23a256d840ed0a56b7f9400 ntp-4.2.8p2-i486-1_slack13.1.txz
Slackware x86_64 13.1 package: 0a6622196521e084d36cda13fc6da824 ntp-4.2.8p2-x86_64-1_slack13.1.txz
Slackware 13.37 package: 28cfe042c585cf036582ce5f0c2daadf ntp-4.2.8p2-i486-1_slack13.37.txz
Slackware x86_64 13.37 package: c436da55cd2d113142410a9d982c5ac5 ntp-4.2.8p2-x86_64-1_slack13.37.txz
Slackware 14.0 package: cf69f8ecb5e4c1902dfb22d0f9685278 ntp-4.2.8p2-i486-1_slack14.0.txz
Slackware x86_64 14.0 package: 9c8344ec56d5d2335fd7370e2f9cf639 ntp-4.2.8p2-x86_64-1_slack14.0.txz
Slackware 14.1 package: 9dcf0eafa851ad018f8341c2fb9307b5 ntp-4.2.8p2-i486-1_slack14.1.txz
Slackware x86_64 14.1 package: e0c063f4e46a72ec86012a46299a46df ntp-4.2.8p2-x86_64-1_slack14.1.txz
Slackware -current package: 5f72de16e3bb6cd216e7694a49671cee n/ntp-4.2.8p2-i486-1.txz
Slackware x86_64 -current package: 1ba531770e4a2ae6e8e7116aaa26523e n/ntp-4.2.8p2-x86_64-1.txz
Installation instructions: +------------------------+
Upgrade the package as root:
upgradepkg ntp-4.2.8p2-i486-1_slack14.1.txz
Then, restart the NTP daemon:
sh /etc/rc.d/rc.ntpd restart
+-----+
Slackware Linux Security Team http://slackware.com/gpg-key security@slackware.com
+------------------------------------------------------------------------+ | To leave the slackware-security mailing list: | +------------------------------------------------------------------------+ | Send an email to majordomo@slackware.com with this text in the body of | | the email message: | | | | unsubscribe slackware-security | | | | You will get a confirmation message back containing instructions to | | complete the process. Please do not reply to this email address. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emr_na-c04679309
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c04679309 Version: 1
HPSBUX03333 SSRT102029 rev.1 - HP-UX Running NTP, Remote Denial of Service (DoS), or Other Vulnerabilities
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2015-05-19 Last Updated: 2015-05-19
Potential Security Impact: Remote Denial of Service (DoS), or other vulnerabilities
Source: Hewlett-Packard Company, HP Software Security Response Team
VULNERABILITY SUMMARY Potential security vulnerabilities have been identified with HP-UX running NTP. These could be exploited remotely to create a Denial of Service (DoS), or other vulnerabilities.
References:
CVE-2015-1798 - Symmetric-Key feature allows MAC address spoofing (CWE-17) CVE-2015-1799 - Symmetric-Key feature allows denial of service (CWE-17) SSRT102029 CERT-VU#852879
SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed.
HP-UX B.11.31 running NTP v4.x, specifically version C.4.2.6.5.0 or previous
BACKGROUND
CVSS 2.0 Base Metrics
Reference Base Vector Base Score CVE-2015-1798 (AV:A/AC:H/Au:N/C:N/I:P/A:N) 1.8 CVE-2015-1799 (AV:A/AC:M/Au:N/C:N/I:P/A:P) 4.3 =========================================================== Information on CVSS is documented in HP Customer Notice: HPSN-2008-002
RESOLUTION
HP has provided the following solution for HP-UX B.11.31.
A new B.11.31 depot for HP-UX-NTP_C.4.2.6.6.0 is available here:
https://h20392.www2.hp.com/portal/swdepot/displayProductInfo.do?productNumber =HPUX-NTP
Reference: http://support.ntp.org/bin/view/Main/SecurityNotice
MANUAL ACTIONS: Yes - Update
PRODUCT SPECIFIC INFORMATION
HP-UX Software Assistant: HP-UX Software Assistant is an enhanced application that replaces HP-UX Security Patch Check. It analyzes all Security Bulletins issued by HP and lists recommended actions that may apply to a specific HP-UX system. It can also download patches and create a depot automatically. For more information see: https://www.hp.com/go/swa The following text is for use by the HP-UX Software Assistant.
AFFECTED VERSIONS
HP-UX B.11.31
NTP.INETSVCS2-BOOT NTP.NTP-AUX NTP.NTP-RUN action: install revision C.4.2.6.6.0 or subsequent
END AFFECTED VERSIONS
HISTORY Version:1 (rev.1) - 19 May 2015 Initial release
Third Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy.
Support: For issues about implementing the recommendations of this Security Bulletin, contact normal HP Services support channel. For other issues about the content of this Security Bulletin, send e-mail to security-alert@hp.com.
Report: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com
Subscribe: To initiate a subscription to receive future HP Security Bulletin alerts via Email: http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins
Security Bulletin Archive: A list of recently released Security Bulletins is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/secBullArchive/
Software Product Category: The Software Product Category is represented in the title by the two characters following HPSB.
3C = 3COM 3P = 3rd Party Software GN = HP General Software HF = HP Hardware and Firmware MP = MPE/iX MU = Multi-Platform Software NS = NonStop Servers OV = OpenVMS PI = Printing and Imaging PV = ProCurve ST = Storage Software TU = Tru64 UNIX UX = HP-UX
Copyright 2015 Hewlett-Packard Development Company, L.P. Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners.
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux)
iEYEARECAAYFAlVbxaIACgkQ4B86/C0qfVmiSgCg8hSMo6ue+WJXM0G6Cz7zSw+Z E7wAn1Y5Occ9WtyV0+W9iD/1QWizxwZN =Wku3 -----END PGP SIGNATURE----- . Comware 7 (CW7) Products - all versions prior to the fixed versions in the Resolution section below.
-
12500 (Comware 7) - Version: Fix in R7375
- HP Network Products
- JC085A HP A12518 Switch Chassis
- JC086A HP A12508 Switch Chassis
- JC652A HP 12508 DC Switch Chassis
- JC653A HP 12518 DC Switch Chassis
- JC654A HP 12504 AC Switch Chassis
- JC655A HP 12504 DC Switch Chassis
- JF430A HP A12518 Switch Chassis
- JF430B HP 12518 Switch Chassis
- JF430C HP 12518 AC Switch Chassis
- JF431A HP A12508 Switch Chassis
- JF431B HP 12508 Switch Chassis
- JF431C HP 12508 AC Switch Chassis
- JC072B HP 12500 Main Processing Unit
- JG497A HP 12500 MPU w/Comware V7 OS
- JG782A HP FF 12508E AC Switch Chassis
- JG783A HP FF 12508E DC Switch Chassis
- JG784A HP FF 12518E AC Switch Chassis
- JG785A HP FF 12518E DC Switch Chassis
- JG802A HP FF 12500E MPU
- JG803A HP FlexFabric 12500E TAA-compliant Main Processing Unit
-
10500 (Comware 7) - Version: Fix in R7169P01
- HP Network Products
- JC611A HP 10508-V Switch Chassis
- JC612A HP 10508 Switch Chassis
- JC613A HP 10504 Switch Chassis
- JC748A HP 10512 Switch Chassis
- JG820A HP 10504 TAA Switch Chassis
- JG821A HP 10508 TAA Switch Chassis
- JG822A HP 10508-V TAA Switch Chassis
- JG823A HP 10512 TAA Switch Chassis
- JG496A HP 10500 Type A MPU w/Comware v7 OS
- JH198A HP 10500 Type D Main Processing Unit with Comware v7 Operating System
- JH206A HP 10500 Type D TAA w/Comware v7 OS MPU
-
12900 (Comware 7) - Version: Fix in R1137
- HP Network Products
- JG619A HP FlexFabric 12910 Switch AC Chassis
- JG621A HP FlexFabric 12910 Main Processing Unit
- JG632A HP FlexFabric 12916 Switch AC Chassis
- JG634A HP FlexFabric 12916 Main Processing Unit
- JH104A HP FlexFabric 12900E Main Processing Unit
- JH114A HP FlexFabric 12910 TAA-compliant Main Processing Unit
- JH263A HP FlexFabric 12904E Main Processing Unit
- JH255A HP FlexFabric 12908E Switch Chassis
- JH262A HP FlexFabric 12904E Switch Chassis
- JH113A HP FlexFabric 12910 TAA-compliant Switch AC Chassis
- JH103A HP FlexFabric 12916E Switch Chassis
-
5900 (Comware 7) - Version: Fix in R2422P01
- HP Network Products
- JC772A HP 5900AF-48XG-4QSFP+ Switch
- JG336A HP 5900AF-48XGT-4QSFP+ Switch
- JG510A HP 5900AF-48G-4XG-2QSFP+ Switch
- JG554A HP 5900AF-48XG-4QSFP+ TAA Switch
- JG838A HP FF 5900CP-48XG-4QSFP+ Switch
- JH036A HP FlexFabric 5900CP 48XG 4QSFP+ TAA-Compliant
- JH037A HP 5900AF 48XGT 4QSFP+ TAA-Compliant Switch
- JH038A HP 5900AF 48G 4XG 2QSFP+ TAA-Compliant
- JG296A HP 5920AF-24XG Switch
- JG555A HP 5920AF-24XG TAA Switch
-
MSR1000 (Comware 7) - Version: Fix in R0106P33
- HP Network Products
- JG875A HP MSR1002-4 AC Router
- JH060A HP MSR1003-8S AC Router
-
MSR2000 (Comware 7) - Version: Fix in R0106P33
- HP Network Products
- JG411A HP MSR2003 AC Router
- JG734A HP MSR2004-24 AC Router
- JG735A HP MSR2004-48 Router
- JG866A HP MSR2003 TAA-compliant AC Router
-
MSR3000 (Comware 7) - Version: Fix in R0106P33
- HP Network Products
- JG404A HP MSR3064 Router
- JG405A HP MSR3044 Router
- JG406A HP MSR3024 AC Router
- JG407A HP MSR3024 DC Router
- JG408A HP MSR3024 PoE Router
- JG409A HP MSR3012 AC Router
- JG410A HP MSR3012 DC Router
- JG861A HP MSR3024 TAA-compliant AC Router
-
MSR4000 (Comware 7) - Version: Fix in R0106P33
- HP Network Products
- JG402A HP MSR4080 Router Chassis
- JG403A HP MSR4060 Router Chassis
- JG412A HP MSR4000 MPU-100 Main Processing Unit
- JG869A HP MSR4000 TAA-compliant MPU-100 Main Processing Unit
-
5800 (Comware 7) - Version: Fix in R7006P15
- HP Network Products
- JC099A HP 5800-24G-PoE Switch
- JC099B HP 5800-24G-PoE+ Switch
- JC100A HP 5800-24G Switch
- JC100B HP 5800-24G Switch
- JC101A HP 5800-48G Switch with 2 Slots
- JC101B HP 5800-48G-PoE+ Switch with 2 Interface Slots
- JC103A HP 5800-24G-SFP Switch
- JC103B HP 5800-24G-SFP Switch with 1 Interface Slot
- JC104A HP 5800-48G-PoE Switch
- JC104B HP 5800-48G-PoE+ Switch with 1 Interface Slot
- JC105A HP 5800-48G Switch
- JC105B HP 5800-48G Switch with 1 Interface Slot
- JG254A HP 5800-24G-PoE+ TAA-compliant Switch
- JG254B HP 5800-24G-PoE+ TAA-compliant Switch
- JG255A HP 5800-24G TAA-compliant Switch
- JG255B HP 5800-24G TAA-compliant Switch
- JG256A HP 5800-24G-SFP TAA-compliant Switch with 1 Interface
- JG256B HP 5800-24G-SFP TAA-compliant Switch with 1 Interface
- JG257A HP 5800-48G-PoE+ TAA-compliant Switch with 1 Interface
- JG257B HP 5800-48G-PoE+ TAA-compliant Switch with 1 Interface
- JG258A HP 5800-48G TAA-compliant Switch with 1 Interface Slot
- JG258B HP 5800-48G TAA-compliant Switch with 1 Interface Slot
- JG225A HP 5800AF-48G Switch
- JG225B HP 5800AF-48G Switch
- JG242A HP 5800-48G-PoE+ TAA-compliant Switch with 2 Interface
- JG242B HP 5800-48G-PoE+ TAA-compliant Switch with 2 Interface
- JG243A HP 5820-24XG-SFP+ TAA-compliant Switch
- JG243B HP 5820-24XG-SFP+ TAA-compliant Switch
- JG259A HP 5820X-14XG-SFP+ TAA-compliant Switch with 2 Interface Slots & 1 OAA Slot
- JG259B HP 5820-14XG-SFP+ TAA-compliant Switch with 2 Interface Slots and 1 OAA Slot
- JC106A HP 5820-14XG-SFP+ Switch with 2 Slots
- JC106B HP 5820-14XG-SFP+ Switch with 2 Interface Slots & 1 OAA Slot
- JG219A HP 5820AF-24XG Switch
- JG219B HP 5820AF-24XG Switch
- JC102A HP 5820-24XG-SFP+ Switch
- JC102B HP 5820-24XG-SFP+ Switch
-
VSR (Comware 7) - Version: Fix in E0321
- HP Network Products
- JG810AAE HP VSR1001 Virtual Services Router 60 Day Evaluation Software
- JG811AAE HP VSR1001 Comware 7 Virtual Services Router
- JG812AAE HP VSR1004 Comware 7 Virtual Services Router
- JG813AAE HP VSR1008 Comware 7 Virtual Services Router
-
7900 (Comware 7) - Version: Fix in R2137
- HP Network Products
- JG682A HP FlexFabric 7904 Switch Chassis
- JG841A HP FlexFabric 7910 Switch Chassis
- JG842A HP FlexFabric 7910 7.2Tbps Fabric / Main Processing Unit
- JH001A HP FlexFabric 7910 2.4Tbps Fabric / Main Processing Unit
- JH122A HP FlexFabric 7904 TAA-compliant Switch Chassis
- JH123A HP FlexFabric 7910 TAA-compliant Switch Chassis
- JH124A HP FlexFabric 7910 7.2Tbps TAA-compliant Fabric/Main Processing Unit
- JH125A HP FlexFabric 7910 2.4Tbps TAA-compliant Fabric/Main Processing Unit
-
5130 (Comware 7) - Version: Fix in R3109P05
- HP Network Products
- JG932A HP 5130-24G-4SFP+ EI Switch
- JG933A HP 5130-24G-SFP-4SFP+ EI Switch
- JG934A HP 5130-48G-4SFP+ EI Switch
- JG936A HP 5130-24G-PoE+-4SFP+ (370W) EI Switch
- JG937A HP 5130-48G-PoE+-4SFP+ (370W) EI Switch
- JG975A HP 5130-24G-4SFP+ EI Brazil Switch
- JG976A HP 5130-48G-4SFP+ EI Brazil Switch
- JG977A HP 5130-24G-PoE+-4SFP+ (370W) EI Brazil Switch
- JG978A HP 5130-48G-PoE+-4SFP+ (370W) EI Brazil Switch
- JG938A HP 5130-24G-2SFP+-2XGT EI Switch
- JG939A HP 5130-48G-2SFP+-2XGT EI Switch
- JG940A HP 5130-24G-PoE+-2SFP+-2XGT (370W) EI Switch
- JG941A HP 5130-48G-PoE+-2SFP+-2XGT (370W) EI Switch
-
5700 (Comware 7) - Version: Fix in R2422P01
- HP Network Products
- JG894A HP FlexFabric 5700-48G-4XG-2QSFP+ Switch
- JG895A HP FlexFabric 5700-48G-4XG-2QSFP+ TAA-compliant Switch
- JG896A HP FlexFabric 5700-40XG-2QSFP+ Switch
- JG897A HP FlexFabric 5700-40XG-2QSFP+ TAA-compliant Switch
- JG898A HP FlexFabric 5700-32XGT-8XG-2QSFP+ Switch
- JG899A HP FlexFabric 5700-32XGT-8XG-2QSFP+ TAA-compliant Switch
-
5930 (Comware 7) - Version: Fix in R2422P01
- HP Network Products
- JG726A HP FlexFabric 5930 32QSFP+ Switch
- JG727A HP FlexFabric 5930 32QSFP+ TAA-compliant Switch
- JH178A HP FlexFabric 5930 2QSFP+ 2-slot Switch
- JH179A HP FlexFabric 5930 4-slot Switch
- JH187A HP FlexFabric 5930 2QSFP+ 2-slot TAA-compliant Switch
- JH188A HP FlexFabric 5930 4-slot TAA-compliant Switch
HISTORY Version:1 (rev.1) - 8 March 2016 Initial release
Third Party Security Patches: Third party security patches that are to be installed on systems running Hewlett Packard Enterprise (HPE) software products should be applied in accordance with the customer's patch management policy. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Mandriva Linux Security Advisory MDVSA-2015:202 http://www.mandriva.com/en/support/security/
Package : ntp Date : April 10, 2015 Affected: Business Server 1.0, Business Server 2.0
Problem Description:
Multiple vulnerabilities has been found and corrected in ntp:
The symmetric-key feature in the receive function in ntp_proto.c in ntpd in NTP before 4.2.8p2 requires a correct MAC only if the MAC field has a nonzero length, which makes it easier for man-in-the-middle attackers to spoof packets by omitting the MAC (CVE-2015-1798).
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1798 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1799 http://support.ntp.org/bin/view/Main/SecurityNotice#Recent_Vulnerabilities
Updated Packages:
Mandriva Business Server 1/X86_64: b0f98e6b8700e3e3413582fe28d1ba06 mbs1/x86_64/ntp-4.2.6p5-8.4.mbs1.x86_64.rpm d864780718c95368bf9ec81643e35e5d mbs1/x86_64/ntp-client-4.2.6p5-8.4.mbs1.x86_64.rpm 6f457df52d46fb8e6b0fe44aead752eb mbs1/x86_64/ntp-doc-4.2.6p5-8.4.mbs1.x86_64.rpm b4bff3de733ea6d2839a77a9211ce02b mbs1/SRPMS/ntp-4.2.6p5-8.4.mbs1.src.rpm
Mandriva Business Server 2/X86_64: e9ac2f3465bcc50199aef8a4d553927f mbs2/x86_64/ntp-4.2.6p5-16.3.mbs2.x86_64.rpm cf2970c3c56efbfa84f964532ad64544 mbs2/x86_64/ntp-client-4.2.6p5-16.3.mbs2.x86_64.rpm 1ae1b1d3c2e7bdea25c01c33652b6169 mbs2/x86_64/ntp-doc-4.2.6p5-16.3.mbs2.noarch.rpm d250433009fd187361bda6338dc5eede mbs2/SRPMS/ntp-4.2.6p5-16.3.mbs2.src.rpm
To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandriva for security. ============================================================================ Ubuntu Security Notice USN-2567-1 April 13, 2015
ntp vulnerabilities
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 14.10
- Ubuntu 14.04 LTS
- Ubuntu 12.04 LTS
Summary:
Several security issues were fixed in NTP. A remote attacker could possibly use this issue to bypass authentication and spoof packets. (CVE-2015-1799)
Juergen Perlinger discovered that NTP incorrectly generated MD5 keys on big-endian platforms. This issue could either cause ntp-keygen to hang, or could result in non-random keys. (CVE number pending)
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 14.10: ntp 1:4.2.6.p5+dfsg-3ubuntu2.14.10.3
Ubuntu 14.04 LTS: ntp 1:4.2.6.p5+dfsg-3ubuntu2.14.04.3
Ubuntu 12.04 LTS: ntp 1:4.2.6.p3+dfsg-1ubuntu3.4
In general, a standard system update will make all the necessary changes.
References: http://www.ubuntu.com/usn/usn-2567-1 CVE-2015-1798, CVE-2015-1799
Package Information: https://launchpad.net/ubuntu/+source/ntp/1:4.2.6.p5+dfsg-3ubuntu2.14.10.3 https://launchpad.net/ubuntu/+source/ntp/1:4.2.6.p5+dfsg-3ubuntu2.14.04.3 https://launchpad.net/ubuntu/+source/ntp/1:4.2.6.p3+dfsg-1ubuntu3.4 . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
APPLE-SA-2015-06-30-2 OS X Yosemite v10.10.4 and Security Update 2015-005
OS X Yosemite v10.10.4 and Security Update 2015-005 are now available and address the following:
Admin Framework Available for: OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.3 Impact: A process may gain admin privileges without proper authentication Description: An issue existed when checking XPC entitlements. This issue was addressed through improved entitlement checking. CVE-ID CVE-2015-3671 : Emil Kvarnhammar at TrueSec
Admin Framework Available for: OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.3 Impact: A non-admin user may obtain admin rights Description: An issue existed in the handling of user authentication. This issue was addressed through improved error checking. CVE-ID CVE-2015-3672 : Emil Kvarnhammar at TrueSec
Admin Framework Available for: OS X Yosemite v10.10 to v10.10.3 Impact: An attacker may abuse Directory Utility to gain root privileges Description: Directory Utility was able to be moved and modified to achieve code execution within an entitled process. This issue was addressed by limiting the disk location that writeconfig clients may be executed from. CVE-ID CVE-2015-3673 : Patrick Wardle of Synack, Emil Kvarnhammar at TrueSec
afpserver Available for: OS X Yosemite v10.10 to v10.10.3 Impact: A remote attacker may be able to cause unexpected application termination or arbitrary code execution Description: A memory corruption issue existed in the AFP server. This issue was addressed through improved memory handling. CVE-ID CVE-2015-3674 : Dean Jerkovich of NCC Group
apache Available for: OS X Yosemite v10.10 to v10.10.3 Impact: An attacker may be able to access directories that are protected with HTTP authentication without knowing the correct credentials Description: The default Apache configuration did not include mod_hfs_apple. If Apache was manually enabled and the configuration was not changed, some files that should not be accessible might have been accessible using a specially crafted URL. This issue was addressed by enabling mod_hfs_apple. CVE-ID CVE-2015-3675 : Apple
apache Available for: OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.3 Impact: Multiple vulnerabilities exist in PHP, the most serious of which may lead to arbitrary code execution Description: Multiple vulnerabilities existed in PHP versions prior to 5.5.24 and 5.4.40. These were addressed by updating PHP to versions 5.5.24 and 5.4.40. CVE-ID CVE-2015-0235 CVE-2015-0273
AppleGraphicsControl Available for: OS X Yosemite v10.10 to v10.10.3 Impact: A malicious application may be able to determine kernel memory layout Description: An issue existed in AppleGraphicsControl which could have led to the disclosure of kernel memory layout. This issue was addressed through improved bounds checking. CVE-ID CVE-2015-3676 : Chen Liang of KEEN Team
AppleFSCompression Available for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.3 Impact: A malicious application may be able to determine kernel memory layout Description: An issue existed in LZVN compression that could have led to the disclosure of kernel memory content. This issue was addressed through improved memory handling. CVE-ID CVE-2015-3677 : an anonymous researcher working with HP's Zero Day Initiative
AppleThunderboltEDMService Available for: OS X Yosemite v10.10 to v10.10.3 Impact: A malicious application may be able to execute arbitrary code with system privileges Description: A memory corruption issue existed in the handling of certain Thunderbolt commands from local processes. This issue was addressed through improved memory handling. CVE-ID CVE-2015-3678 : Apple
ATS Available for: OS X Yosemite v10.10 to v10.10.3 Impact: Processing a maliciously crafted font file may lead to an unexpected application termination or arbitrary code execution Description: Multiple memory corruption issues existed in handling of certain fonts. These issues were addressed through improved memory handling. CVE-ID CVE-2015-3679 : Pawel Wylecial working with HP's Zero Day Initiative CVE-2015-3680 : Pawel Wylecial working with HP's Zero Day Initiative CVE-2015-3681 : John Villamil (@day6reak), Yahoo Pentest Team CVE-2015-3682 : Nuode Wei
Bluetooth Available for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.3 Impact: A malicious application may be able to execute arbitrary code with system privileges Description: A memory corruption issue existed in the Bluetooth HCI interface. This issue was addressed through improved memory handling. CVE-ID CVE-2015-3683 : Roberto Paleari and Aristide Fattori of Emaze Networks
Certificate Trust Policy Available for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.3 Impact: An attacker with a privileged network position may be able to intercept network traffic Description: An intermediate certificate was incorrectly issued by the certificate authority CNNIC. This issue was addressed through the addition of a mechanism to trust only a subset of certificates issued prior to the mis-issuance of the intermediate. Further details are available at https://support.apple.com/en-us/HT204938
Certificate Trust Policy Available for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.3 Description: The certificate trust policy was updated. The complete list of certificates may be viewed at https://support.apple.com/en- us/HT202858.
CFNetwork HTTPAuthentication Available for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.3 Impact: Following a maliciously crafted URL may lead to arbitrary code execution Description: A memory corruption issue existed in handling of certain URL credentials. This issue was addressed through improved memory handling. CVE-ID CVE-2015-3684 : Apple
CoreText Available for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.3 Impact: Processing a maliciously crafted text file may lead to an unexpected application termination or arbitrary code execution Description: Multiple memory corruption issues existed in the processing of text files. These issues were addressed through improved bounds checking. CVE-ID CVE-2015-1157 CVE-2015-3685 : Apple CVE-2015-3686 : John Villamil (@day6reak), Yahoo Pentest Team CVE-2015-3687 : John Villamil (@day6reak), Yahoo Pentest Team CVE-2015-3688 : John Villamil (@day6reak), Yahoo Pentest Team CVE-2015-3689 : Apple
coreTLS Available for: OS X Yosemite v10.10 to v10.10.3 Impact: An attacker with a privileged network position may intercept SSL/TLS connections Description: coreTLS accepted short ephemeral Diffie-Hellman (DH) keys, as used in export-strength ephemeral DH cipher suites. This issue, also known as Logjam, allowed an attacker with a privileged network position to downgrade security to 512-bit DH if the server supported an export-strength ephemeral DH cipher suite. The issue was addressed by increasing the default minimum size allowed for DH ephemeral keys to 768 bits. CVE-ID CVE-2015-4000 : The weakdh team at weakdh.org, Hanno Boeck
DiskImages Available for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.3 Impact: A malicious application may be able to determine kernel memory layout Description: An information disclosure issue existed in the processing of disk images. This issue was addressed through improved memory management. CVE-ID CVE-2015-3690 : Peter Rutenbar working with HP's Zero Day Initiative
Display Drivers Available for: OS X Yosemite v10.10 to v10.10.3 Impact: A malicious application may be able to execute arbitrary code with system privileges Description: An issue existed in the Monitor Control Command Set kernel extension by which a userland process could control the value of a function pointer within the kernel. The issue was addressed by removing the affected interface. CVE-ID CVE-2015-3691 : Roberto Paleari and Aristide Fattori of Emaze Networks
EFI Available for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.3 Impact: A malicious application with root privileges may be able to modify EFI flash memory Description: An insufficient locking issue existed with EFI flash when resuming from sleep states. This issue was addressed through improved locking. CVE-ID CVE-2015-3692 : Trammell Hudson of Two Sigma Investments, Xeno Kovah and Corey Kallenberg of LegbaCore LLC, Pedro Vilaca
EFI Available for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.3 Impact: A malicious application may induce memory corruption to escalate privileges Description: A disturbance error, also known as Rowhammer, exists with some DDR3 RAM that could have led to memory corruption. This issue was mitigated by increasing memory refresh rates. CVE-ID CVE-2015-3693 : Mark Seaborn and Thomas Dullien of Google, working from original research by Yoongu Kim et al (2014)
FontParser Available for: OS X Yosemite v10.10 to v10.10.3 Impact: Processing a maliciously crafted font file may lead to an unexpected application termination or arbitrary code execution Description: A memory corruption issue existed in the processing of font files. This issue was addressed through improved input validation. CVE-ID CVE-2015-3694 : John Villamil (@day6reak), Yahoo Pentest Team
Graphics Driver Available for: OS X Yosemite v10.10 to v10.10.3 Impact: A malicious application may be able to execute arbitrary code with system privileges Description: An out of bounds write issue existed in NVIDIA graphics driver. This issue was addressed through improved bounds checking. CVE-ID CVE-2015-3712 : Ian Beer of Google Project Zero
Intel Graphics Driver Available for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.3 Impact: Multiple buffer overflow issues exist in the Intel graphics driver, the most serious of which may lead to arbitrary code execution with system privileges Description: Multiple buffer overflow issues existed in the Intel graphics driver. These were addressed through additional bounds checks. CVE-ID CVE-2015-3695 : Ian Beer of Google Project Zero CVE-2015-3696 : Ian Beer of Google Project Zero CVE-2015-3697 : Ian Beer of Google Project Zero CVE-2015-3698 : Ian Beer of Google Project Zero CVE-2015-3699 : Ian Beer of Google Project Zero CVE-2015-3700 : Ian Beer of Google Project Zero CVE-2015-3701 : Ian Beer of Google Project Zero CVE-2015-3702 : KEEN Team
ImageIO Available for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.3 Impact: Multiple vulnerabilities existed in libtiff, the most serious of which may lead to arbitrary code execution Description: Multiple vulnerabilities existed in libtiff versions prior to 4.0.4. They were addressed by updating libtiff to version 4.0.4. CVE-ID CVE-2014-8127 CVE-2014-8128 CVE-2014-8129 CVE-2014-8130
ImageIO Available for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.3 Impact: Processing a maliciously crafted .tiff file may lead to an unexpected application termination or arbitrary code execution Description: A memory corruption issue existed in the processing of .tiff files. This issue was addressed through improved bounds checking. CVE-ID CVE-2015-3703 : Apple
Install Framework Legacy Available for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.3 Impact: A malicious application may be able to execute arbitrary code with system privileges Description: Several issues existed in how Install.framework's 'runner' setuid binary dropped privileges. This was addressed by properly dropping privileges. CVE-ID CVE-2015-3704 : Ian Beer of Google Project Zero
IOAcceleratorFamily Available for: OS X Yosemite v10.10 to v10.10.3 Impact: A malicious application may be able to execute arbitrary code with system privileges Description: Multiple memory corruption issues existed in IOAcceleratorFamily. These issues were addressed through improved memory handling. CVE-ID CVE-2015-3705 : KEEN Team CVE-2015-3706 : KEEN Team
IOFireWireFamily Available for: OS X Yosemite v10.10 to v10.10.3 Impact: A malicious application may be able to execute arbitrary code with system privileges Description: Multiple null pointer dereference issues existed in the FireWire driver. These issues were addressed through improved error checking. CVE-ID CVE-2015-3707 : Roberto Paleari and Aristide Fattori of Emaze Networks
Kernel Available for: OS X Yosemite v10.10 to v10.10.3 Impact: A malicious application may be able to determine kernel memory layout Description: A memory management issue existed in the handling of APIs related to kernel extensions which could have led to the disclosure of kernel memory layout. This issue was addressed through improved memory management. CVE-ID CVE-2015-3720 : Stefan Esser
Kernel Available for: OS X Yosemite v10.10 to v10.10.3 Impact: A malicious application may be able to determine kernel memory layout Description: A memory management issue existed in the handling of HFS parameters which could have led to the disclosure of kernel memory layout. This issue was addressed through improved memory management. CVE-ID CVE-2015-3721 : Ian Beer of Google Project Zero
kext tools Available for: OS X Yosemite v10.10 to v10.10.3 Impact: A malicious application may be able to overwrite arbitrary files Description: kextd followed symbolic links while creating a new file. This issue was addressed through improved handling of symbolic links. CVE-ID CVE-2015-3708 : Ian Beer of Google Project Zero
kext tools Available for: OS X Yosemite v10.10 to v10.10.3 Impact: A local user may be able to load unsigned kernel extensions Description: A time-of-check time-of-use (TOCTOU) race condition condition existed while validating the paths of kernel extensions. This issue was addressed through improved checks to validate the path of the kernel extensions. CVE-ID CVE-2015-3709 : Ian Beer of Google Project Zero
Mail Available for: OS X Yosemite v10.10 to v10.10.3 Impact: A maliciously crafted email can replace the message content with an arbitrary webpage when the message is viewed Description: An issue existed in the support for HTML email which allowed message content to be refreshed with an arbitrary webpage. The issue was addressed through restricted support for HTML content. CVE-ID CVE-2015-3710 : Aaron Sigel of vtty.com, Jan Soucek
ntfs Available for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.3 Impact: A malicious application may be able to determine kernel memory layout Description: An issue existed in NTFS that could have led to the disclosure of kernel memory content. This issue was addressed through improved memory handling. CVE-ID CVE-2015-3711 : Peter Rutenbar working with HP's Zero Day Initiative
ntp Available for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.3 Impact: An attacker in a privileged position may be able to perform a denial of service attack against two ntp clients Description: Multiple issues existed in the authentication of ntp packets being received by configured end-points. These issues were addressed through improved connection state management. CVE-ID CVE-2015-1798 CVE-2015-1799
OpenSSL Available for: OS X Yosemite v10.10 to v10.10.3 Impact: Multiple issues exist in OpenSSL, including one that may allow an attacker to intercept connections to a server that supports export-grade ciphers Description: Multiple issues existed in OpenSSL 0.9.8zd which were addressed by updating OpenSSL to version 0.9.8zf. CVE-ID CVE-2015-0209 CVE-2015-0286 CVE-2015-0287 CVE-2015-0288 CVE-2015-0289 CVE-2015-0293
QuickTime Available for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.3 Impact: Processing a maliciously crafted movie file may lead to an unexpected application termination or arbitrary code execution Description: Multiple memory corruption issues existed in QuickTime. These issues were addressed through improved memory handling. CVE-ID CVE-2015-3661 : G. Geshev working with HP's Zero Day Initiative CVE-2015-3662 : kdot working with HP's Zero Day Initiative CVE-2015-3663 : kdot working with HP's Zero Day Initiative CVE-2015-3666 : Steven Seeley of Source Incite working with HP's Zero Day Initiative CVE-2015-3667 : Ryan Pentney, Richard Johnson of Cisco Talos and Kai Lu of Fortinet's FortiGuard Labs, Ryan Pentney, and Richard Johnson of Cisco Talos and Kai Lu of Fortinet's FortiGuard Labs CVE-2015-3668 : Kai Lu of Fortinet's FortiGuard Labs CVE-2015-3713 : Apple
Security Available for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.3 Impact: A remote attacker may cause an unexpected application termination or arbitrary code execution Description: An integer overflow existed in the Security framework code for parsing S/MIME e-mail and some other signed or encrypted objects. This issue was addressed through improved validity checking. CVE-ID CVE-2013-1741
Security Available for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.3 Impact: Tampered applications may not be prevented from launching Description: Apps using custom resource rules may have been susceptible to tampering that would not have invalidated the signature. This issue was addressed with improved resource validation. CVE-ID CVE-2015-3714 : Joshua Pitts of Leviathan Security Group
Security Available for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.3 Impact: A malicious application may be able to bypass code signing checks Description: An issue existed where code signing did not verify libraries loaded outside the application bundle. This issue was addressed with improved bundle verification. CVE-ID CVE-2015-3715 : Patrick Wardle of Synack
Spotlight Available for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.3 Impact: Searching for a malicious file with Spotlight may lead to command injection Description: A command injection vulnerability existed in the handling of filenames of photos added to the local photo library. This issue was addressed through improved input validation. CVE-ID CVE-2015-3716 : Apple
SQLite Available for: OS X Yosemite v10.10 to v10.10.3 Impact: A remote attacker may cause an unexpected application termination or arbitrary code execution Description: Multiple buffer overflows existed in SQLite's printf implementation. These issues were addressed through improved bounds checking. CVE-ID CVE-2015-3717 : Peter Rutenbar working with HP's Zero Day Initiative
System Stats Available for: OS X Yosemite v10.10 to v10.10.3 Impact: A malicious app may be able to compromise systemstatsd Description: A type confusion issue existed in systemstatsd's handling of interprocess communication. By sending a maliciously formatted message to systemstatsd, it may have been possible to execute arbitrary code as the systemstatsd process. The issue was addressed through additional type checking. CVE-ID CVE-2015-3718 : Roberto Paleari and Aristide Fattori of Emaze Networks
TrueTypeScaler Available for: OS X Yosemite v10.10 to v10.10.3 Impact: Processing a maliciously crafted font file may lead to an unexpected application termination or arbitrary code execution Description: A memory corruption issue existed in the processing of font files. This issue was addressed through improved input validation. CVE-ID CVE-2015-3719 : John Villamil (@day6reak), Yahoo Pentest Team
zip Available for: OS X Yosemite v10.10 to v10.10.3 Impact: Extracting a maliciously crafted zip file using the unzip tool may lead to an unexpected application termination or arbitrary code execution Description: Multiple memory corruption issues existed in the handling of zip files. These issues were addressed through improved memory handling. CVE-ID
CVE-2014-8139 CVE-2014-8140 CVE-2014-8141
OS X Yosemite 10.10.4 includes the security content of Safari 8.0.7. https://support.apple.com/en-us/HT204950
OS X Yosemite 10.10.4 and Security Update 2015-005 may be obtained from the Mac App Store or Apple's Software Downloads web site: http://www.apple.com/support/downloads/
Information will also be posted to the Apple Security Updates web site: http://support.apple.com/kb/HT1222
This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/
-----BEGIN PGP SIGNATURE----- Version: GnuPG/MacGPG2 v2 Comment: GPGTools - http://gpgtools.org
iQIcBAEBCAAGBQJVksFmAAoJEBcWfLTuOo7tV1AQAIYpkOMpHp181b+70sgyZ/Ue mFM527FFGDfLLuIW6LTcBsEFe9cfZxumB8eOFPirTNRK7krsVMo1W+faHXyWOnx7 kbWylHdhaoxnX+A6Gj0vP71V6TNNsTi9+2dmdmHUnwxZ7Ws5QCNKebumUG3MMXXo EKxE5SNSNKyMSSYmliS26cdl8fWrmg9qTxiZQnxjOCrg/CNAolgVIRRfdMUL7i4w aGAyrlJXOxFOuNkqdHX2luccuHFV7aW/dIXQ4MyjiRNl/bWrBQmQlneLLpPdFZlH cMfGa2/baaNaCbU/GqhNKbO4fKYVaqQWzfUrtqX0+bRv2wmOq33ARy9KE23bYTvL U4E9x9z87LsLXGAdjUi6MDe5g87DcmwIEigfF6/EHbDYa/2VvSdIa74XRv/JCN1+ aftHLotin76h4qV/dCAPf5J/Fr/1KFCM0IphhG7p+7fVTfyy7YDXNBiKCEZzLf8U TUWLUCgQhobtakqwzQJ5qyF8u63xzVXj8oeTOw6iiY/BLlj9def5LMm/z6ZKGTyC 3c4+Sy5XvBHZoeiwdcndTVpnFbmmjZRdeqtdW/zX5mHnxXPa3lZiGoBDhHQgIg6J 1tTVtnO1JSLXVYDR6Evx1EH10Vgkt2wAGTLjljSLwtckoEqc78qMAT1G5U4nFffI +gGm5FbAxjxElgA/gbaq =KLda -----END PGP SIGNATURE-----
Show details on source website{
"affected_products": {
"_id": null,
"data": [
{
"_id": null,
"model": "ntp",
"scope": "lte",
"trust": 1.0,
"vendor": "ntp",
"version": "4.2.7p444"
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "arista",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ntp",
"version": null
},
{
"_id": null,
"model": "mac os x",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "10.9.5"
},
{
"_id": null,
"model": "mac os x",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "10.10 to 10.10.3"
},
{
"_id": null,
"model": "ntp",
"scope": "lt",
"trust": 0.8,
"vendor": "ntp",
"version": "4.x"
},
{
"_id": null,
"model": "ntp",
"scope": "eq",
"trust": 0.8,
"vendor": "ntp",
"version": "3.x"
},
{
"_id": null,
"model": "mac os x",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "10.8.5"
},
{
"_id": null,
"model": "ntp",
"scope": "eq",
"trust": 0.8,
"vendor": "ntp",
"version": "4.2.8p2"
},
{
"_id": null,
"model": "flex system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.2.1.0"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.3.4"
},
{
"_id": null,
"model": "smart analytics system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "56003"
},
{
"_id": null,
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.16"
},
{
"_id": null,
"model": "security access manager for mobile",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1.3"
},
{
"_id": null,
"model": "ids/ips",
"scope": "eq",
"trust": 0.3,
"vendor": "extremenetworks",
"version": "8.3.0.0"
},
{
"_id": null,
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "7.3"
},
{
"_id": null,
"model": "puredata system for operational analytics",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1"
},
{
"_id": null,
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.0.13"
},
{
"_id": null,
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "9.3"
},
{
"_id": null,
"model": "linux ia-64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.2"
},
{
"_id": null,
"model": "smartcloud entry",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.3.0"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.3.50"
},
{
"_id": null,
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.4.1"
},
{
"_id": null,
"model": "extremexos",
"scope": "eq",
"trust": 0.3,
"vendor": "extremenetworks",
"version": "15.7"
},
{
"_id": null,
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.7.16"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.1.8"
},
{
"_id": null,
"model": "purview",
"scope": "ne",
"trust": 0.3,
"vendor": "extremenetworks",
"version": "6.3.0.182"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.10"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.3.2"
},
{
"_id": null,
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.16"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.10.3"
},
{
"_id": null,
"model": "extremexos",
"scope": "ne",
"trust": 0.3,
"vendor": "extremenetworks",
"version": "15.6.4"
},
{
"_id": null,
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.2"
},
{
"_id": null,
"model": "smartcloud entry appliance fp",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1.0.4"
},
{
"_id": null,
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.4"
},
{
"_id": null,
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.8"
},
{
"_id": null,
"model": "smartcloud entry appliance fp",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.4.0.3"
},
{
"_id": null,
"model": "extremexos",
"scope": "eq",
"trust": 0.3,
"vendor": "extremenetworks",
"version": "15.4.1.0"
},
{
"_id": null,
"model": "flex system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.2.0.0"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.0.10"
},
{
"_id": null,
"model": "security access manager for mobile",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.0"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "14.0"
},
{
"_id": null,
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.6"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.10.1"
},
{
"_id": null,
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.3.5"
},
{
"_id": null,
"model": "extremexos",
"scope": "ne",
"trust": 0.3,
"vendor": "extremenetworks",
"version": "16.1.2"
},
{
"_id": null,
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "10.0"
},
{
"_id": null,
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "9.2"
},
{
"_id": null,
"model": "ids/ips",
"scope": "ne",
"trust": 0.3,
"vendor": "extremenetworks",
"version": "8.3.0.350"
},
{
"_id": null,
"model": "smart analytics system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "56002"
},
{
"_id": null,
"model": "ios xr software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.7"
},
{
"_id": null,
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.5"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.3.3"
},
{
"_id": null,
"model": "smart analytics system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "76000"
},
{
"_id": null,
"model": "mac os",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "x10.10.4"
},
{
"_id": null,
"model": "extremexos",
"scope": "eq",
"trust": 0.3,
"vendor": "extremenetworks",
"version": "21.1"
},
{
"_id": null,
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.75"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.9.5"
},
{
"_id": null,
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.3"
},
{
"_id": null,
"model": "flex system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.4.0"
},
{
"_id": null,
"model": "puredata system for operational analytics",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0"
},
{
"_id": null,
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.5"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.3"
},
{
"_id": null,
"model": "network convergence system series routers",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "60005.0.1"
},
{
"_id": null,
"model": "extremexos",
"scope": "eq",
"trust": 0.3,
"vendor": "extremenetworks",
"version": "16.2"
},
{
"_id": null,
"model": "unified computing system central software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.0"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "13.1"
},
{
"_id": null,
"model": "network convergence system series routers",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "60005.0"
},
{
"_id": null,
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "8.3"
},
{
"_id": null,
"model": "nac",
"scope": "ne",
"trust": 0.3,
"vendor": "extremenetworks",
"version": "6.3.0.182"
},
{
"_id": null,
"model": "automation stratix",
"scope": "ne",
"trust": 0.3,
"vendor": "rockwell",
"version": "590015.6.3"
},
{
"_id": null,
"model": "smart analytics system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "56001"
},
{
"_id": null,
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.9.5"
},
{
"_id": null,
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "8.0"
},
{
"_id": null,
"model": "security access manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0"
},
{
"_id": null,
"model": "network time protocol",
"scope": "eq",
"trust": 0.3,
"vendor": "meinberg",
"version": "4.2.6"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "13.0"
},
{
"_id": null,
"model": "netsight",
"scope": "eq",
"trust": 0.3,
"vendor": "extremenetworks",
"version": "6.3.0.0"
},
{
"_id": null,
"model": "flex system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.1.0"
},
{
"_id": null,
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.8.15"
},
{
"_id": null,
"model": "identifi wireless",
"scope": "eq",
"trust": 0.3,
"vendor": "extremenetworks",
"version": "10.11"
},
{
"_id": null,
"model": "network time protocol",
"scope": "eq",
"trust": 0.3,
"vendor": "meinberg",
"version": "4.2.7"
},
{
"_id": null,
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6"
},
{
"_id": null,
"model": "network time protocol",
"scope": "eq",
"trust": 0.3,
"vendor": "meinberg",
"version": "4.2.8"
},
{
"_id": null,
"model": "extremexos",
"scope": "ne",
"trust": 0.3,
"vendor": "extremenetworks",
"version": "21.1.1"
},
{
"_id": null,
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2"
},
{
"_id": null,
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "7.4"
},
{
"_id": null,
"model": "smart analytics system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "77100"
},
{
"_id": null,
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.4"
},
{
"_id": null,
"model": "flex system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.0.0"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "7"
},
{
"_id": null,
"model": "linux lts",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "14.04"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.8.5"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.2.4"
},
{
"_id": null,
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"_id": null,
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "9.0"
},
{
"_id": null,
"model": "automation stratix",
"scope": "eq",
"trust": 0.3,
"vendor": "rockwell",
"version": "59000"
},
{
"_id": null,
"model": "linux lts i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "12.04"
},
{
"_id": null,
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "smart analytics system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "77000"
},
{
"_id": null,
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.68"
},
{
"_id": null,
"model": "purview",
"scope": "eq",
"trust": 0.3,
"vendor": "extremenetworks",
"version": "6.3.0.0"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.10.2"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.2.0"
},
{
"_id": null,
"model": "security access manager for mobile",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1.2"
},
{
"_id": null,
"model": "smartcloud entry appliance fp",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.3.0.3"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.0.12"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.2.5"
},
{
"_id": null,
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.1.1"
},
{
"_id": null,
"model": "extremexos",
"scope": "ne",
"trust": 0.3,
"vendor": "extremenetworks",
"version": "16.2.1"
},
{
"_id": null,
"model": "smartcloud entry",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.4.0"
},
{
"_id": null,
"model": "linux lts amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "12.04"
},
{
"_id": null,
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1"
},
{
"_id": null,
"model": "linux ia-32",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "13.37"
},
{
"_id": null,
"model": "linux mips",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "14.10"
},
{
"_id": null,
"model": "security access manager for mobile",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1.1"
},
{
"_id": null,
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.9.6"
},
{
"_id": null,
"model": "smartcloud entry",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.2"
},
{
"_id": null,
"model": "summit wm3000 series",
"scope": "eq",
"trust": 0.3,
"vendor": "extremenetworks",
"version": "0"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "0"
},
{
"_id": null,
"model": "flex system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.3.0"
},
{
"_id": null,
"model": "smartcloud entry",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "14.1"
},
{
"_id": null,
"model": "hp-ux b.11.31",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.3"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.2.6"
},
{
"_id": null,
"model": "linux s/390",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.14"
},
{
"_id": null,
"model": "ntp",
"scope": "eq",
"trust": 0.3,
"vendor": "meinberg",
"version": "0"
},
{
"_id": null,
"model": "flex system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.0.0"
},
{
"_id": null,
"model": "smartcloud entry appliance fp",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.2.0.4"
},
{
"_id": null,
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.15"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.3.0"
},
{
"_id": null,
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.1.0"
},
{
"_id": null,
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.8.7"
},
{
"_id": null,
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.1"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.1.3"
},
{
"_id": null,
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.6"
},
{
"_id": null,
"model": "smartcloud provisioning for software virtual appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1"
},
{
"_id": null,
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.8.6"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2"
},
{
"_id": null,
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "8.2"
},
{
"_id": null,
"model": "nac",
"scope": "eq",
"trust": 0.3,
"vendor": "extremenetworks",
"version": "6.3.0.0"
},
{
"_id": null,
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "8.1"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.0.11"
},
{
"_id": null,
"model": "flex system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.20"
},
{
"_id": null,
"model": "smartcloud entry",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1"
},
{
"_id": null,
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "8.4"
},
{
"_id": null,
"model": "flex system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.0.1"
},
{
"_id": null,
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.9"
},
{
"_id": null,
"model": "identifi wireless",
"scope": "ne",
"trust": 0.3,
"vendor": "extremenetworks",
"version": "10.11.1"
},
{
"_id": null,
"model": "extremexos",
"scope": "ne",
"trust": 0.3,
"vendor": "extremenetworks",
"version": "15.7.2"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.1.9"
},
{
"_id": null,
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "9.1"
},
{
"_id": null,
"model": "smartcloud entry appliance fp",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.0.3"
},
{
"_id": null,
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.0"
},
{
"_id": null,
"model": "unified computing system central software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.1"
},
{
"_id": null,
"model": "netsight",
"scope": "ne",
"trust": 0.3,
"vendor": "extremenetworks",
"version": "6.3.0.182"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.4.0"
},
{
"_id": null,
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "10.1"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#374268"
},
{
"db": "BID",
"id": "73950"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002116"
},
{
"db": "NVD",
"id": "CVE-2015-1799"
}
]
},
"configurations": {
"_id": null,
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:ntp:ntp",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-002116"
}
]
},
"credits": {
"_id": null,
"data": "Miroslav Lichv\u0026amp;amp;amp;amp;amp;aacute;r of Red Hat",
"sources": [
{
"db": "BID",
"id": "73950"
}
],
"trust": 0.3
},
"cve": "CVE-2015-1799",
"cvss": {
"_id": null,
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 5.5,
"id": "CVE-2015-1799",
"impactScore": 4.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.9,
"vectorString": "AV:A/AC:M/Au:N/C:N/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2015-1799",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2015-1799",
"trust": 0.8,
"value": "Medium"
},
{
"author": "VULMON",
"id": "CVE-2015-1799",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2015-1799"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002116"
},
{
"db": "NVD",
"id": "CVE-2015-1799"
}
]
},
"description": {
"_id": null,
"data": "The symmetric-key feature in the receive function in ntp_proto.c in ntpd in NTP 3.x and 4.x before 4.2.8p2 performs state-variable updates upon receiving certain invalid packets, which makes it easier for man-in-the-middle attackers to cause a denial of service (synchronization loss) by spoofing the source IP address of a peer. NTP Project ntpd reference implementation accepts unauthenticated packets with symmetric key cryptography and does not protect symmetric associations against denial of service attacks. NTP of ntpd of ntp_proto.c Inside receive of symmetric-key The function is used even when a specific invalid packet is received. state variable Service operation disruption to perform update ( Sync failure ) There are vulnerabilities that are put into a state. Supplementary information : CWE Vulnerability type by CWE-17: Code ( code ) Has been identified. http://cwe.mitre.org/data/definitions/17.htmlMan-in-the-middle attacks (man-in-the-middle attack) By the source of the peer IP Denial of service by spoofing addresses ( Sync failure ) There is a possibility of being put into a state. NTP is prone to a denial-of-service vulnerability. \nSuccessful exploits may allow the attacker to cause a denial-of-service condition. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 201509-01\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n https://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: Normal\n Title: NTP: Multiple vulnerablities\n Date: September 24, 2015\n Bugs: #545836, #553682\n ID: 201509-01\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nMultiple vulnerabilities have been found in NTP, the worst of which\ncould lead to arbitrary code execution. \n\nBackground\n==========\n\nNTP contains software for the Network Time Protocol. \n\nAffected packages\n=================\n\n -------------------------------------------------------------------\n Package / Vulnerable / Unaffected\n -------------------------------------------------------------------\n 1 net-misc/ntp \u003c 4.2.8_p3 \u003e= 4.2.8_p3\n\nDescription\n===========\n\nMultiple vulnerabilities have been discovered in NTP. Please review the\nCVE identifiers referenced below for details. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll NTP users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=net-misc/ntp-4.2.8_p3\"\n\nReferences\n==========\n\n[ 1 ] CVE-2015-1798\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-1798\n[ 2 ] CVE-2015-1799\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-1799\n[ 3 ] CVE-2015-5146\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5146\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n https://security.gentoo.org/glsa/201509-01\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2015 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n. \n\n\nHere are the details from the Slackware 14.1 ChangeLog:\n+--------------------------+\npatches/packages/ntp-4.2.8p2-i486-1_slack14.1.txz: Upgraded. \n * Authentication doesn\u0027t protect symmetric associations against DoS attacks. \n For more information, see:\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1798\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1799\n (* Security fix *)\n+--------------------------+\n\n\nWhere to find the new packages:\n+-----------------------------+\n\nThanks to the friendly folks at the OSU Open Source Lab\n(http://osuosl.org) for donating FTP and rsync hosting\nto the Slackware project! :-)\n\nAlso see the \"Get Slack\" section on http://slackware.com for\nadditional mirror sites near you. \n\nUpdated package for Slackware 13.0:\nftp://ftp.slackware.com/pub/slackware/slackware-13.0/patches/packages/ntp-4.2.8p2-i486-1_slack13.0.txz\n\nUpdated package for Slackware x86_64 13.0:\nftp://ftp.slackware.com/pub/slackware/slackware64-13.0/patches/packages/ntp-4.2.8p2-x86_64-1_slack13.0.txz\n\nUpdated package for Slackware 13.1:\nftp://ftp.slackware.com/pub/slackware/slackware-13.1/patches/packages/ntp-4.2.8p2-i486-1_slack13.1.txz\n\nUpdated package for Slackware x86_64 13.1:\nftp://ftp.slackware.com/pub/slackware/slackware64-13.1/patches/packages/ntp-4.2.8p2-x86_64-1_slack13.1.txz\n\nUpdated package for Slackware 13.37:\nftp://ftp.slackware.com/pub/slackware/slackware-13.37/patches/packages/ntp-4.2.8p2-i486-1_slack13.37.txz\n\nUpdated package for Slackware x86_64 13.37:\nftp://ftp.slackware.com/pub/slackware/slackware64-13.37/patches/packages/ntp-4.2.8p2-x86_64-1_slack13.37.txz\n\nUpdated package for Slackware 14.0:\nftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/ntp-4.2.8p2-i486-1_slack14.0.txz\n\nUpdated package for Slackware x86_64 14.0:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/ntp-4.2.8p2-x86_64-1_slack14.0.txz\n\nUpdated package for Slackware 14.1:\nftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/ntp-4.2.8p2-i486-1_slack14.1.txz\n\nUpdated package for Slackware x86_64 14.1:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/ntp-4.2.8p2-x86_64-1_slack14.1.txz\n\nUpdated package for Slackware -current:\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/ntp-4.2.8p2-i486-1.txz\n\nUpdated package for Slackware x86_64 -current:\nftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/ntp-4.2.8p2-x86_64-1.txz\n\n\nMD5 signatures:\n+-------------+\n\nSlackware 13.0 package:\n570bb3e4bb7b065101fa4963e757d7e7 ntp-4.2.8p2-i486-1_slack13.0.txz\n\nSlackware x86_64 13.0 package:\ne6add42a70a66496be2d4978370c2799 ntp-4.2.8p2-x86_64-1_slack13.0.txz\n\nSlackware 13.1 package:\n99f1cfa5e23a256d840ed0a56b7f9400 ntp-4.2.8p2-i486-1_slack13.1.txz\n\nSlackware x86_64 13.1 package:\n0a6622196521e084d36cda13fc6da824 ntp-4.2.8p2-x86_64-1_slack13.1.txz\n\nSlackware 13.37 package:\n28cfe042c585cf036582ce5f0c2daadf ntp-4.2.8p2-i486-1_slack13.37.txz\n\nSlackware x86_64 13.37 package:\nc436da55cd2d113142410a9d982c5ac5 ntp-4.2.8p2-x86_64-1_slack13.37.txz\n\nSlackware 14.0 package:\ncf69f8ecb5e4c1902dfb22d0f9685278 ntp-4.2.8p2-i486-1_slack14.0.txz\n\nSlackware x86_64 14.0 package:\n9c8344ec56d5d2335fd7370e2f9cf639 ntp-4.2.8p2-x86_64-1_slack14.0.txz\n\nSlackware 14.1 package:\n9dcf0eafa851ad018f8341c2fb9307b5 ntp-4.2.8p2-i486-1_slack14.1.txz\n\nSlackware x86_64 14.1 package:\ne0c063f4e46a72ec86012a46299a46df ntp-4.2.8p2-x86_64-1_slack14.1.txz\n\nSlackware -current package:\n5f72de16e3bb6cd216e7694a49671cee n/ntp-4.2.8p2-i486-1.txz\n\nSlackware x86_64 -current package:\n1ba531770e4a2ae6e8e7116aaa26523e n/ntp-4.2.8p2-x86_64-1.txz\n\n\nInstallation instructions:\n+------------------------+\n\nUpgrade the package as root:\n# upgradepkg ntp-4.2.8p2-i486-1_slack14.1.txz\n\nThen, restart the NTP daemon:\n\n# sh /etc/rc.d/rc.ntpd restart\n\n\n+-----+\n\nSlackware Linux Security Team\nhttp://slackware.com/gpg-key\nsecurity@slackware.com\n\n+------------------------------------------------------------------------+\n| To leave the slackware-security mailing list: |\n+------------------------------------------------------------------------+\n| Send an email to majordomo@slackware.com with this text in the body of |\n| the email message: |\n| |\n| unsubscribe slackware-security |\n| |\n| You will get a confirmation message back containing instructions to |\n| complete the process. Please do not reply to this email address. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\nNote: the current version of the following document is available here:\nhttps://h20564.www2.hp.com/portal/site/hpsc/public/kb/\ndocDisplay?docId=emr_na-c04679309\n\nSUPPORT COMMUNICATION - SECURITY BULLETIN\n\nDocument ID: c04679309\nVersion: 1\n\nHPSBUX03333 SSRT102029 rev.1 - HP-UX Running NTP, Remote Denial of Service\n(DoS), or Other Vulnerabilities\n\nNOTICE: The information in this Security Bulletin should be acted upon as\nsoon as possible. \n\nRelease Date: 2015-05-19\nLast Updated: 2015-05-19\n\nPotential Security Impact: Remote Denial of Service (DoS), or other\nvulnerabilities\n\nSource: Hewlett-Packard Company, HP Software Security Response Team\n\nVULNERABILITY SUMMARY\nPotential security vulnerabilities have been identified with HP-UX running\nNTP. These could be exploited remotely to create a Denial of Service (DoS),\nor other vulnerabilities. \n\nReferences:\n\nCVE-2015-1798 - Symmetric-Key feature allows MAC address spoofing (CWE-17)\nCVE-2015-1799 - Symmetric-Key feature allows denial of service (CWE-17)\nSSRT102029\nCERT-VU#852879\n\nSUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. \n\nHP-UX B.11.31 running NTP v4.x, specifically version C.4.2.6.5.0 or previous\n\nBACKGROUND\n\nCVSS 2.0 Base Metrics\n===========================================================\n Reference Base Vector Base Score\nCVE-2015-1798 (AV:A/AC:H/Au:N/C:N/I:P/A:N) 1.8\nCVE-2015-1799 (AV:A/AC:M/Au:N/C:N/I:P/A:P) 4.3\n===========================================================\n Information on CVSS is documented\n in HP Customer Notice: HPSN-2008-002\n\nRESOLUTION\n\nHP has provided the following solution for HP-UX B.11.31. \n\nA new B.11.31 depot for HP-UX-NTP_C.4.2.6.6.0 is available here:\n\nhttps://h20392.www2.hp.com/portal/swdepot/displayProductInfo.do?productNumber\n=HPUX-NTP\n\nReference: http://support.ntp.org/bin/view/Main/SecurityNotice\n\nMANUAL ACTIONS: Yes - Update\n\nPRODUCT SPECIFIC INFORMATION\n\nHP-UX Software Assistant: HP-UX Software Assistant is an enhanced application\nthat replaces HP-UX Security Patch Check. It analyzes all Security Bulletins\nissued by HP and lists recommended actions that may apply to a specific HP-UX\nsystem. It can also download patches and create a depot automatically. For\nmore information see: https://www.hp.com/go/swa\nThe following text is for use by the HP-UX Software Assistant. \n\nAFFECTED VERSIONS\n\nHP-UX B.11.31\n==================\nNTP.INETSVCS2-BOOT\nNTP.NTP-AUX\nNTP.NTP-RUN\naction: install revision C.4.2.6.6.0 or subsequent\n\nEND AFFECTED VERSIONS\n\nHISTORY\nVersion:1 (rev.1) - 19 May 2015 Initial release\n\nThird Party Security Patches: Third party security patches that are to be\ninstalled on systems running HP software products should be applied in\naccordance with the customer\u0027s patch management policy. \n\nSupport: For issues about implementing the recommendations of this Security\nBulletin, contact normal HP Services support channel. For other issues about\nthe content of this Security Bulletin, send e-mail to security-alert@hp.com. \n\nReport: To report a potential security vulnerability with any HP supported\nproduct, send Email to: security-alert@hp.com\n\nSubscribe: To initiate a subscription to receive future HP Security Bulletin\nalerts via Email:\nhttp://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins\n\nSecurity Bulletin Archive: A list of recently released Security Bulletins is\navailable here:\nhttps://h20564.www2.hp.com/portal/site/hpsc/public/kb/secBullArchive/\n\nSoftware Product Category: The Software Product Category is represented in\nthe title by the two characters following HPSB. \n\n3C = 3COM\n3P = 3rd Party Software\nGN = HP General Software\nHF = HP Hardware and Firmware\nMP = MPE/iX\nMU = Multi-Platform Software\nNS = NonStop Servers\nOV = OpenVMS\nPI = Printing and Imaging\nPV = ProCurve\nST = Storage Software\nTU = Tru64 UNIX\nUX = HP-UX\n\nCopyright 2015 Hewlett-Packard Development Company, L.P. \nHewlett-Packard Company shall not be liable for technical or editorial errors\nor omissions contained herein. The information provided is provided \"as is\"\nwithout warranty of any kind. To the extent permitted by law, neither HP or\nits affiliates, subcontractors or suppliers will be liable for\nincidental,special or consequential damages including downtime cost; lost\nprofits; damages relating to the procurement of substitute products or\nservices; or damages for loss of data, or software restoration. The\ninformation in this document is subject to change without notice. \nHewlett-Packard Company and the names of Hewlett-Packard products referenced\nherein are trademarks of Hewlett-Packard Company in the United States and\nother countries. Other product and company names mentioned herein may be\ntrademarks of their respective owners. \n\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.11 (GNU/Linux)\n\niEYEARECAAYFAlVbxaIACgkQ4B86/C0qfVmiSgCg8hSMo6ue+WJXM0G6Cz7zSw+Z\nE7wAn1Y5Occ9WtyV0+W9iD/1QWizxwZN\n=Wku3\n-----END PGP SIGNATURE-----\n. \nComware 7 (CW7) Products - all versions prior to the fixed versions in the\nResolution section below. \n\n + **12500 (Comware 7) - Version: Fix in R7375**\n * HP Network Products\n - JC085A HP A12518 Switch Chassis\n - JC086A HP A12508 Switch Chassis\n - JC652A HP 12508 DC Switch Chassis\n - JC653A HP 12518 DC Switch Chassis\n - JC654A HP 12504 AC Switch Chassis\n - JC655A HP 12504 DC Switch Chassis\n - JF430A HP A12518 Switch Chassis\n - JF430B HP 12518 Switch Chassis\n - JF430C HP 12518 AC Switch Chassis\n - JF431A HP A12508 Switch Chassis\n - JF431B HP 12508 Switch Chassis\n - JF431C HP 12508 AC Switch Chassis\n - JC072B HP 12500 Main Processing Unit\n - JG497A HP 12500 MPU w/Comware V7 OS\n - JG782A HP FF 12508E AC Switch Chassis\n - JG783A HP FF 12508E DC Switch Chassis\n - JG784A HP FF 12518E AC Switch Chassis\n - JG785A HP FF 12518E DC Switch Chassis\n - JG802A HP FF 12500E MPU\n - JG803A HP FlexFabric 12500E TAA-compliant Main Processing Unit\n\n + **10500 (Comware 7) - Version: Fix in R7169P01**\n * HP Network Products\n - JC611A HP 10508-V Switch Chassis\n - JC612A HP 10508 Switch Chassis\n - JC613A HP 10504 Switch Chassis\n - JC748A HP 10512 Switch Chassis\n - JG820A HP 10504 TAA Switch Chassis\n - JG821A HP 10508 TAA Switch Chassis\n - JG822A HP 10508-V TAA Switch Chassis\n - JG823A HP 10512 TAA Switch Chassis\n - JG496A HP 10500 Type A MPU w/Comware v7 OS\n - JH198A HP 10500 Type D Main Processing Unit with Comware v7 Operating\nSystem\n - JH206A HP 10500 Type D TAA w/Comware v7 OS MPU\n\n + **12900 (Comware 7) - Version: Fix in R1137**\n * HP Network Products\n - JG619A HP FlexFabric 12910 Switch AC Chassis\n - JG621A HP FlexFabric 12910 Main Processing Unit\n - JG632A HP FlexFabric 12916 Switch AC Chassis\n - JG634A HP FlexFabric 12916 Main Processing Unit\n - JH104A HP FlexFabric 12900E Main Processing Unit\n - JH114A HP FlexFabric 12910 TAA-compliant Main Processing Unit\n - JH263A HP FlexFabric 12904E Main Processing Unit\n - JH255A HP FlexFabric 12908E Switch Chassis\n - JH262A HP FlexFabric 12904E Switch Chassis\n - JH113A HP FlexFabric 12910 TAA-compliant Switch AC Chassis\n - JH103A HP FlexFabric 12916E Switch Chassis\n\n + **5900 (Comware 7) - Version: Fix in R2422P01**\n * HP Network Products\n - JC772A HP 5900AF-48XG-4QSFP+ Switch\n - JG336A HP 5900AF-48XGT-4QSFP+ Switch\n - JG510A HP 5900AF-48G-4XG-2QSFP+ Switch\n - JG554A HP 5900AF-48XG-4QSFP+ TAA Switch\n - JG838A HP FF 5900CP-48XG-4QSFP+ Switch\n - JH036A HP FlexFabric 5900CP 48XG 4QSFP+ TAA-Compliant\n - JH037A HP 5900AF 48XGT 4QSFP+ TAA-Compliant Switch\n - JH038A HP 5900AF 48G 4XG 2QSFP+ TAA-Compliant\n - JG296A HP 5920AF-24XG Switch\n - JG555A HP 5920AF-24XG TAA Switch\n\n + **MSR1000 (Comware 7) - Version: Fix in R0106P33**\n * HP Network Products\n - JG875A HP MSR1002-4 AC Router\n - JH060A HP MSR1003-8S AC Router\n\n + **MSR2000 (Comware 7) - Version: Fix in R0106P33**\n * HP Network Products\n - JG411A HP MSR2003 AC Router\n - JG734A HP MSR2004-24 AC Router\n - JG735A HP MSR2004-48 Router\n - JG866A HP MSR2003 TAA-compliant AC Router\n\n + **MSR3000 (Comware 7) - Version: Fix in R0106P33**\n * HP Network Products\n - JG404A HP MSR3064 Router\n - JG405A HP MSR3044 Router\n - JG406A HP MSR3024 AC Router\n - JG407A HP MSR3024 DC Router\n - JG408A HP MSR3024 PoE Router\n - JG409A HP MSR3012 AC Router\n - JG410A HP MSR3012 DC Router\n - JG861A HP MSR3024 TAA-compliant AC Router\n\n + **MSR4000 (Comware 7) - Version: Fix in R0106P33**\n * HP Network Products\n - JG402A HP MSR4080 Router Chassis\n - JG403A HP MSR4060 Router Chassis\n - JG412A HP MSR4000 MPU-100 Main Processing Unit\n - JG869A HP MSR4000 TAA-compliant MPU-100 Main Processing Unit\n\n + **5800 (Comware 7) - Version: Fix in R7006P15**\n * HP Network Products\n - JC099A HP 5800-24G-PoE Switch\n - JC099B HP 5800-24G-PoE+ Switch\n - JC100A HP 5800-24G Switch\n - JC100B HP 5800-24G Switch\n - JC101A HP 5800-48G Switch with 2 Slots\n - JC101B HP 5800-48G-PoE+ Switch with 2 Interface Slots\n - JC103A HP 5800-24G-SFP Switch\n - JC103B HP 5800-24G-SFP Switch with 1 Interface Slot\n - JC104A HP 5800-48G-PoE Switch\n - JC104B HP 5800-48G-PoE+ Switch with 1 Interface Slot\n - JC105A HP 5800-48G Switch\n - JC105B HP 5800-48G Switch with 1 Interface Slot\n - JG254A HP 5800-24G-PoE+ TAA-compliant Switch\n - JG254B HP 5800-24G-PoE+ TAA-compliant Switch\n - JG255A HP 5800-24G TAA-compliant Switch\n - JG255B HP 5800-24G TAA-compliant Switch\n - JG256A HP 5800-24G-SFP TAA-compliant Switch with 1 Interface\n - JG256B HP 5800-24G-SFP TAA-compliant Switch with 1 Interface\n - JG257A HP 5800-48G-PoE+ TAA-compliant Switch with 1 Interface\n - JG257B HP 5800-48G-PoE+ TAA-compliant Switch with 1 Interface\n - JG258A HP 5800-48G TAA-compliant Switch with 1 Interface Slot\n - JG258B HP 5800-48G TAA-compliant Switch with 1 Interface Slot\n - JG225A HP 5800AF-48G Switch\n - JG225B HP 5800AF-48G Switch\n - JG242A HP 5800-48G-PoE+ TAA-compliant Switch with 2 Interface\n - JG242B HP 5800-48G-PoE+ TAA-compliant Switch with 2 Interface\n - JG243A HP 5820-24XG-SFP+ TAA-compliant Switch\n - JG243B HP 5820-24XG-SFP+ TAA-compliant Switch\n - JG259A HP 5820X-14XG-SFP+ TAA-compliant Switch with 2 Interface Slots\n\u0026 1 OAA Slot\n - JG259B HP 5820-14XG-SFP+ TAA-compliant Switch with 2 Interface Slots\nand 1 OAA Slot\n - JC106A HP 5820-14XG-SFP+ Switch with 2 Slots\n - JC106B HP 5820-14XG-SFP+ Switch with 2 Interface Slots \u0026 1 OAA Slot\n - JG219A HP 5820AF-24XG Switch\n - JG219B HP 5820AF-24XG Switch\n - JC102A HP 5820-24XG-SFP+ Switch\n - JC102B HP 5820-24XG-SFP+ Switch\n\n + **VSR (Comware 7) - Version: Fix in E0321**\n * HP Network Products\n - JG810AAE HP VSR1001 Virtual Services Router 60 Day Evaluation\nSoftware\n - JG811AAE HP VSR1001 Comware 7 Virtual Services Router\n - JG812AAE HP VSR1004 Comware 7 Virtual Services Router\n - JG813AAE HP VSR1008 Comware 7 Virtual Services Router\n\n + **7900 (Comware 7) - Version: Fix in R2137**\n * HP Network Products\n - JG682A HP FlexFabric 7904 Switch Chassis\n - JG841A HP FlexFabric 7910 Switch Chassis\n - JG842A HP FlexFabric 7910 7.2Tbps Fabric / Main Processing Unit\n - JH001A HP FlexFabric 7910 2.4Tbps Fabric / Main Processing Unit\n - JH122A HP FlexFabric 7904 TAA-compliant Switch Chassis\n - JH123A HP FlexFabric 7910 TAA-compliant Switch Chassis\n - JH124A HP FlexFabric 7910 7.2Tbps TAA-compliant Fabric/Main\nProcessing Unit\n - JH125A HP FlexFabric 7910 2.4Tbps TAA-compliant Fabric/Main\nProcessing Unit\n\n + **5130 (Comware 7) - Version: Fix in R3109P05**\n * HP Network Products\n - JG932A HP 5130-24G-4SFP+ EI Switch\n - JG933A HP 5130-24G-SFP-4SFP+ EI Switch\n - JG934A HP 5130-48G-4SFP+ EI Switch\n - JG936A HP 5130-24G-PoE+-4SFP+ (370W) EI Switch\n - JG937A HP 5130-48G-PoE+-4SFP+ (370W) EI Switch\n - JG975A HP 5130-24G-4SFP+ EI Brazil Switch\n - JG976A HP 5130-48G-4SFP+ EI Brazil Switch\n - JG977A HP 5130-24G-PoE+-4SFP+ (370W) EI Brazil Switch\n - JG978A HP 5130-48G-PoE+-4SFP+ (370W) EI Brazil Switch\n - JG938A HP 5130-24G-2SFP+-2XGT EI Switch\n - JG939A HP 5130-48G-2SFP+-2XGT EI Switch\n - JG940A HP 5130-24G-PoE+-2SFP+-2XGT (370W) EI Switch\n - JG941A HP 5130-48G-PoE+-2SFP+-2XGT (370W) EI Switch\n\n + **5700 (Comware 7) - Version: Fix in R2422P01**\n * HP Network Products\n - JG894A HP FlexFabric 5700-48G-4XG-2QSFP+ Switch\n - JG895A HP FlexFabric 5700-48G-4XG-2QSFP+ TAA-compliant Switch\n - JG896A HP FlexFabric 5700-40XG-2QSFP+ Switch\n - JG897A HP FlexFabric 5700-40XG-2QSFP+ TAA-compliant Switch\n - JG898A HP FlexFabric 5700-32XGT-8XG-2QSFP+ Switch\n - JG899A HP FlexFabric 5700-32XGT-8XG-2QSFP+ TAA-compliant Switch\n\n + **5930 (Comware 7) - Version: Fix in R2422P01**\n * HP Network Products\n - JG726A HP FlexFabric 5930 32QSFP+ Switch\n - JG727A HP FlexFabric 5930 32QSFP+ TAA-compliant Switch\n - JH178A HP FlexFabric 5930 2QSFP+ 2-slot Switch\n - JH179A HP FlexFabric 5930 4-slot Switch\n - JH187A HP FlexFabric 5930 2QSFP+ 2-slot TAA-compliant Switch\n - JH188A HP FlexFabric 5930 4-slot TAA-compliant Switch\n\nHISTORY\nVersion:1 (rev.1) - 8 March 2016 Initial release\n\nThird Party Security Patches: Third party security patches that are to be\ninstalled on systems running Hewlett Packard Enterprise (HPE) software\nproducts should be applied in accordance with the customer\u0027s patch management\npolicy. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n _______________________________________________________________________\n\n Mandriva Linux Security Advisory MDVSA-2015:202\n http://www.mandriva.com/en/support/security/\n _______________________________________________________________________\n\n Package : ntp\n Date : April 10, 2015\n Affected: Business Server 1.0, Business Server 2.0\n _______________________________________________________________________\n\n Problem Description:\n\n Multiple vulnerabilities has been found and corrected in ntp:\n \n The symmetric-key feature in the receive function in ntp_proto.c\n in ntpd in NTP before 4.2.8p2 requires a correct MAC only if the MAC\n field has a nonzero length, which makes it easier for man-in-the-middle\n attackers to spoof packets by omitting the MAC (CVE-2015-1798). \n _______________________________________________________________________\n\n References:\n\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1798\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1799\n http://support.ntp.org/bin/view/Main/SecurityNotice#Recent_Vulnerabilities\n _______________________________________________________________________\n\n Updated Packages:\n\n Mandriva Business Server 1/X86_64:\n b0f98e6b8700e3e3413582fe28d1ba06 mbs1/x86_64/ntp-4.2.6p5-8.4.mbs1.x86_64.rpm\n d864780718c95368bf9ec81643e35e5d mbs1/x86_64/ntp-client-4.2.6p5-8.4.mbs1.x86_64.rpm\n 6f457df52d46fb8e6b0fe44aead752eb mbs1/x86_64/ntp-doc-4.2.6p5-8.4.mbs1.x86_64.rpm \n b4bff3de733ea6d2839a77a9211ce02b mbs1/SRPMS/ntp-4.2.6p5-8.4.mbs1.src.rpm\n\n Mandriva Business Server 2/X86_64:\n e9ac2f3465bcc50199aef8a4d553927f mbs2/x86_64/ntp-4.2.6p5-16.3.mbs2.x86_64.rpm\n cf2970c3c56efbfa84f964532ad64544 mbs2/x86_64/ntp-client-4.2.6p5-16.3.mbs2.x86_64.rpm\n 1ae1b1d3c2e7bdea25c01c33652b6169 mbs2/x86_64/ntp-doc-4.2.6p5-16.3.mbs2.noarch.rpm \n d250433009fd187361bda6338dc5eede mbs2/SRPMS/ntp-4.2.6p5-16.3.mbs2.src.rpm\n _______________________________________________________________________\n\n To upgrade automatically use MandrivaUpdate or urpmi. The verification\n of md5 checksums and GPG signatures is performed automatically for you. \n\n All packages are signed by Mandriva for security. ============================================================================\nUbuntu Security Notice USN-2567-1\nApril 13, 2015\n\nntp vulnerabilities\n============================================================================\n\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 14.10\n- Ubuntu 14.04 LTS\n- Ubuntu 12.04 LTS\n\nSummary:\n\nSeveral security issues were fixed in NTP. A\nremote attacker could possibly use this issue to bypass authentication and\nspoof packets. (CVE-2015-1799)\n\nJuergen Perlinger discovered that NTP incorrectly generated MD5 keys on\nbig-endian platforms. This issue could either cause ntp-keygen to hang, or\ncould result in non-random keys. (CVE number pending)\n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 14.10:\n ntp 1:4.2.6.p5+dfsg-3ubuntu2.14.10.3\n\nUbuntu 14.04 LTS:\n ntp 1:4.2.6.p5+dfsg-3ubuntu2.14.04.3\n\nUbuntu 12.04 LTS:\n ntp 1:4.2.6.p3+dfsg-1ubuntu3.4\n\nIn general, a standard system update will make all the necessary changes. \n\nReferences:\n http://www.ubuntu.com/usn/usn-2567-1\n CVE-2015-1798, CVE-2015-1799\n\nPackage Information:\n https://launchpad.net/ubuntu/+source/ntp/1:4.2.6.p5+dfsg-3ubuntu2.14.10.3\n https://launchpad.net/ubuntu/+source/ntp/1:4.2.6.p5+dfsg-3ubuntu2.14.04.3\n https://launchpad.net/ubuntu/+source/ntp/1:4.2.6.p3+dfsg-1ubuntu3.4\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA256\n\nAPPLE-SA-2015-06-30-2 OS X Yosemite v10.10.4 and Security Update\n2015-005\n\nOS X Yosemite v10.10.4 and Security Update 2015-005 are now available\nand address the following:\n\nAdmin Framework\nAvailable for: OS X Mavericks v10.9.5,\nOS X Yosemite v10.10 to v10.10.3\nImpact: A process may gain admin privileges without proper\nauthentication\nDescription: An issue existed when checking XPC entitlements. This\nissue was addressed through improved entitlement checking. \nCVE-ID\nCVE-2015-3671 : Emil Kvarnhammar at TrueSec\n\nAdmin Framework\nAvailable for: OS X Mavericks v10.9.5,\nOS X Yosemite v10.10 to v10.10.3\nImpact: A non-admin user may obtain admin rights\nDescription: An issue existed in the handling of user\nauthentication. This issue was addressed through improved error\nchecking. \nCVE-ID\nCVE-2015-3672 : Emil Kvarnhammar at TrueSec\n\nAdmin Framework\nAvailable for: OS X Yosemite v10.10 to v10.10.3\nImpact: An attacker may abuse Directory Utility to gain root\nprivileges\nDescription: Directory Utility was able to be moved and modified to\nachieve code execution within an entitled process. This issue was\naddressed by limiting the disk location that writeconfig clients may\nbe executed from. \nCVE-ID\nCVE-2015-3673 : Patrick Wardle of Synack, Emil Kvarnhammar at TrueSec\n\nafpserver\nAvailable for: OS X Yosemite v10.10 to v10.10.3\nImpact: A remote attacker may be able to cause unexpected\napplication termination or arbitrary code execution\nDescription: A memory corruption issue existed in the AFP server. \nThis issue was addressed through improved memory handling. \nCVE-ID\nCVE-2015-3674 : Dean Jerkovich of NCC Group\n\napache\nAvailable for: OS X Yosemite v10.10 to v10.10.3\nImpact: An attacker may be able to access directories that are\nprotected with HTTP authentication without knowing the correct\ncredentials\nDescription: The default Apache configuration did not include\nmod_hfs_apple. If Apache was manually enabled and the configuration\nwas not changed, some files that should not be accessible might have\nbeen accessible using a specially crafted URL. This issue was\naddressed by enabling mod_hfs_apple. \nCVE-ID\nCVE-2015-3675 : Apple\n\napache\nAvailable for: OS X Mavericks v10.9.5,\nOS X Yosemite v10.10 to v10.10.3\nImpact: Multiple vulnerabilities exist in PHP, the most serious of\nwhich may lead to arbitrary code execution\nDescription: Multiple vulnerabilities existed in PHP versions prior\nto 5.5.24 and 5.4.40. These were addressed by updating PHP to\nversions 5.5.24 and 5.4.40. \nCVE-ID\nCVE-2015-0235\nCVE-2015-0273\n\nAppleGraphicsControl\nAvailable for: OS X Yosemite v10.10 to v10.10.3\nImpact: A malicious application may be able to determine kernel\nmemory layout\nDescription: An issue existed in AppleGraphicsControl which could\nhave led to the disclosure of kernel memory layout. This issue was\naddressed through improved bounds checking. \nCVE-ID\nCVE-2015-3676 : Chen Liang of KEEN Team\n\nAppleFSCompression\nAvailable for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5,\nOS X Yosemite v10.10 to v10.10.3\nImpact: A malicious application may be able to determine kernel\nmemory layout\nDescription: An issue existed in LZVN compression that could have\nled to the disclosure of kernel memory content. This issue was\naddressed through improved memory handling. \nCVE-ID\nCVE-2015-3677 : an anonymous researcher working with HP\u0027s Zero Day\nInitiative\n\nAppleThunderboltEDMService\nAvailable for: OS X Yosemite v10.10 to v10.10.3\nImpact: A malicious application may be able to execute arbitrary\ncode with system privileges\nDescription: A memory corruption issue existed in the handling of\ncertain Thunderbolt commands from local processes. This issue was\naddressed through improved memory handling. \nCVE-ID\nCVE-2015-3678 : Apple\n\nATS\nAvailable for: OS X Yosemite v10.10 to v10.10.3\nImpact: Processing a maliciously crafted font file may lead to an\nunexpected application termination or arbitrary code execution\nDescription: Multiple memory corruption issues existed in handling\nof certain fonts. These issues were addressed through improved memory\nhandling. \nCVE-ID\nCVE-2015-3679 : Pawel Wylecial working with HP\u0027s Zero Day Initiative\nCVE-2015-3680 : Pawel Wylecial working with HP\u0027s Zero Day Initiative\nCVE-2015-3681 : John Villamil (@day6reak), Yahoo Pentest Team\nCVE-2015-3682 : Nuode Wei\n\nBluetooth\nAvailable for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5,\nOS X Yosemite v10.10 to v10.10.3\nImpact: A malicious application may be able to execute arbitrary\ncode with system privileges\nDescription: A memory corruption issue existed in the Bluetooth HCI\ninterface. This issue was addressed through improved memory handling. \nCVE-ID\nCVE-2015-3683 : Roberto Paleari and Aristide Fattori of Emaze\nNetworks\n\nCertificate Trust Policy\nAvailable for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5,\nOS X Yosemite v10.10 to v10.10.3\nImpact: An attacker with a privileged network position may be able\nto intercept network traffic\nDescription: An intermediate certificate was incorrectly issued by\nthe certificate authority CNNIC. This issue was addressed through the\naddition of a mechanism to trust only a subset of certificates issued\nprior to the mis-issuance of the intermediate. Further details are\navailable at https://support.apple.com/en-us/HT204938\n\nCertificate Trust Policy\nAvailable for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5,\nOS X Yosemite v10.10 to v10.10.3\nDescription: The certificate trust policy was updated. The complete\nlist of certificates may be viewed at https://support.apple.com/en-\nus/HT202858. \n\nCFNetwork HTTPAuthentication\nAvailable for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5,\nOS X Yosemite v10.10 to v10.10.3\nImpact: Following a maliciously crafted URL may lead to arbitrary\ncode execution\nDescription: A memory corruption issue existed in handling of\ncertain URL credentials. This issue was addressed through improved\nmemory handling. \nCVE-ID\nCVE-2015-3684 : Apple\n\nCoreText\nAvailable for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5,\nOS X Yosemite v10.10 to v10.10.3\nImpact: Processing a maliciously crafted text file may lead to an\nunexpected application termination or arbitrary code execution\nDescription: Multiple memory corruption issues existed in the\nprocessing of text files. These issues were addressed through\nimproved bounds checking. \nCVE-ID\nCVE-2015-1157\nCVE-2015-3685 : Apple\nCVE-2015-3686 : John Villamil (@day6reak), Yahoo Pentest Team\nCVE-2015-3687 : John Villamil (@day6reak), Yahoo Pentest Team\nCVE-2015-3688 : John Villamil (@day6reak), Yahoo Pentest Team\nCVE-2015-3689 : Apple\n\ncoreTLS\nAvailable for: OS X Yosemite v10.10 to v10.10.3\nImpact: An attacker with a privileged network position may intercept\nSSL/TLS connections\nDescription: coreTLS accepted short ephemeral Diffie-Hellman (DH)\nkeys, as used in export-strength ephemeral DH cipher suites. This\nissue, also known as Logjam, allowed an attacker with a privileged\nnetwork position to downgrade security to 512-bit DH if the server\nsupported an export-strength ephemeral DH cipher suite. The issue was\naddressed by increasing the default minimum size allowed for DH\nephemeral keys to 768 bits. \nCVE-ID\nCVE-2015-4000 : The weakdh team at weakdh.org, Hanno Boeck\n\nDiskImages\nAvailable for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5,\nOS X Yosemite v10.10 to v10.10.3\nImpact: A malicious application may be able to determine kernel\nmemory layout\nDescription: An information disclosure issue existed in the\nprocessing of disk images. This issue was addressed through improved\nmemory management. \nCVE-ID\nCVE-2015-3690 : Peter Rutenbar working with HP\u0027s Zero Day Initiative\n\nDisplay Drivers\nAvailable for: OS X Yosemite v10.10 to v10.10.3\nImpact: A malicious application may be able to execute arbitrary\ncode with system privileges\nDescription: An issue existed in the Monitor Control Command Set\nkernel extension by which a userland process could control the value\nof a function pointer within the kernel. The issue was addressed by\nremoving the affected interface. \nCVE-ID\nCVE-2015-3691 : Roberto Paleari and Aristide Fattori of Emaze\nNetworks\n\nEFI\nAvailable for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5,\nOS X Yosemite v10.10 to v10.10.3\nImpact: A malicious application with root privileges may be able to\nmodify EFI flash memory\nDescription: An insufficient locking issue existed with EFI flash\nwhen resuming from sleep states. This issue was addressed through\nimproved locking. \nCVE-ID\nCVE-2015-3692 : Trammell Hudson of Two Sigma Investments, Xeno Kovah\nand Corey Kallenberg of LegbaCore LLC, Pedro Vilaca\n\nEFI\nAvailable for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5,\nOS X Yosemite v10.10 to v10.10.3\nImpact: A malicious application may induce memory corruption to\nescalate privileges\nDescription: A disturbance error, also known as Rowhammer, exists\nwith some DDR3 RAM that could have led to memory corruption. This\nissue was mitigated by increasing memory refresh rates. \nCVE-ID\nCVE-2015-3693 : Mark Seaborn and Thomas Dullien of Google, working\nfrom original research by Yoongu Kim et al (2014)\n\nFontParser\nAvailable for: OS X Yosemite v10.10 to v10.10.3\nImpact: Processing a maliciously crafted font file may lead to an\nunexpected application termination or arbitrary code execution\nDescription: A memory corruption issue existed in the processing of\nfont files. This issue was addressed through improved input\nvalidation. \nCVE-ID\nCVE-2015-3694 : John Villamil (@day6reak), Yahoo Pentest Team\n\nGraphics Driver\nAvailable for: OS X Yosemite v10.10 to v10.10.3\nImpact: A malicious application may be able to execute arbitrary\ncode with system privileges\nDescription: An out of bounds write issue existed in NVIDIA graphics\ndriver. This issue was addressed through improved bounds checking. \nCVE-ID\nCVE-2015-3712 : Ian Beer of Google Project Zero\n\nIntel Graphics Driver\nAvailable for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5,\nOS X Yosemite v10.10 to v10.10.3\nImpact: Multiple buffer overflow issues exist in the Intel graphics\ndriver, the most serious of which may lead to arbitrary code\nexecution with system privileges\nDescription: Multiple buffer overflow issues existed in the Intel\ngraphics driver. These were addressed through additional bounds\nchecks. \nCVE-ID\nCVE-2015-3695 : Ian Beer of Google Project Zero\nCVE-2015-3696 : Ian Beer of Google Project Zero\nCVE-2015-3697 : Ian Beer of Google Project Zero\nCVE-2015-3698 : Ian Beer of Google Project Zero\nCVE-2015-3699 : Ian Beer of Google Project Zero\nCVE-2015-3700 : Ian Beer of Google Project Zero\nCVE-2015-3701 : Ian Beer of Google Project Zero\nCVE-2015-3702 : KEEN Team\n\nImageIO\nAvailable for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5,\nOS X Yosemite v10.10 to v10.10.3\nImpact: Multiple vulnerabilities existed in libtiff, the most\nserious of which may lead to arbitrary code execution\nDescription: Multiple vulnerabilities existed in libtiff versions\nprior to 4.0.4. They were addressed by updating libtiff to version\n4.0.4. \nCVE-ID\nCVE-2014-8127\nCVE-2014-8128\nCVE-2014-8129\nCVE-2014-8130\n\nImageIO\nAvailable for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5,\nOS X Yosemite v10.10 to v10.10.3\nImpact: Processing a maliciously crafted .tiff file may lead to an\nunexpected application termination or arbitrary code execution\nDescription: A memory corruption issue existed in the processing of\n.tiff files. This issue was addressed through improved bounds\nchecking. \nCVE-ID\nCVE-2015-3703 : Apple\n\nInstall Framework Legacy\nAvailable for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5,\nOS X Yosemite v10.10 to v10.10.3\nImpact: A malicious application may be able to execute arbitrary\ncode with system privileges\nDescription: Several issues existed in how Install.framework\u0027s\n\u0027runner\u0027 setuid binary dropped privileges. This was addressed by\nproperly dropping privileges. \nCVE-ID\nCVE-2015-3704 : Ian Beer of Google Project Zero\n\nIOAcceleratorFamily\nAvailable for: OS X Yosemite v10.10 to v10.10.3\nImpact: A malicious application may be able to execute arbitrary\ncode with system privileges\nDescription: Multiple memory corruption issues existed in\nIOAcceleratorFamily. These issues were addressed through improved\nmemory handling. \nCVE-ID\nCVE-2015-3705 : KEEN Team\nCVE-2015-3706 : KEEN Team\n\nIOFireWireFamily\nAvailable for: OS X Yosemite v10.10 to v10.10.3\nImpact: A malicious application may be able to execute arbitrary\ncode with system privileges\nDescription: Multiple null pointer dereference issues existed in the\nFireWire driver. These issues were addressed through improved error\nchecking. \nCVE-ID\nCVE-2015-3707 : Roberto Paleari and Aristide Fattori of Emaze\nNetworks\n\nKernel\nAvailable for: OS X Yosemite v10.10 to v10.10.3\nImpact: A malicious application may be able to determine kernel\nmemory layout\nDescription: A memory management issue existed in the handling of\nAPIs related to kernel extensions which could have led to the\ndisclosure of kernel memory layout. This issue was addressed through\nimproved memory management. \nCVE-ID\nCVE-2015-3720 : Stefan Esser\n\nKernel\nAvailable for: OS X Yosemite v10.10 to v10.10.3\nImpact: A malicious application may be able to determine kernel\nmemory layout\nDescription: A memory management issue existed in the handling of\nHFS parameters which could have led to the disclosure of kernel\nmemory layout. This issue was addressed through improved memory\nmanagement. \nCVE-ID\nCVE-2015-3721 : Ian Beer of Google Project Zero\n\nkext tools\nAvailable for: OS X Yosemite v10.10 to v10.10.3\nImpact: A malicious application may be able to overwrite arbitrary\nfiles\nDescription: kextd followed symbolic links while creating a new\nfile. This issue was addressed through improved handling of symbolic\nlinks. \nCVE-ID\nCVE-2015-3708 : Ian Beer of Google Project Zero\n\nkext tools\nAvailable for: OS X Yosemite v10.10 to v10.10.3\nImpact: A local user may be able to load unsigned kernel extensions\nDescription: A time-of-check time-of-use (TOCTOU) race condition\ncondition existed while validating the paths of kernel extensions. \nThis issue was addressed through improved checks to validate the path\nof the kernel extensions. \nCVE-ID\nCVE-2015-3709 : Ian Beer of Google Project Zero\n\nMail\nAvailable for: OS X Yosemite v10.10 to v10.10.3\nImpact: A maliciously crafted email can replace the message content\nwith an arbitrary webpage when the message is viewed\nDescription: An issue existed in the support for HTML email which\nallowed message content to be refreshed with an arbitrary webpage. \nThe issue was addressed through restricted support for HTML content. \nCVE-ID\nCVE-2015-3710 : Aaron Sigel of vtty.com, Jan Soucek\n\nntfs\nAvailable for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5,\nOS X Yosemite v10.10 to v10.10.3\nImpact: A malicious application may be able to determine kernel\nmemory layout\nDescription: An issue existed in NTFS that could have led to the\ndisclosure of kernel memory content. This issue was addressed through\nimproved memory handling. \nCVE-ID\nCVE-2015-3711 : Peter Rutenbar working with HP\u0027s Zero Day Initiative\n\nntp\nAvailable for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5,\nOS X Yosemite v10.10 to v10.10.3\nImpact: An attacker in a privileged position may be able to perform\na denial of service attack against two ntp clients\nDescription: Multiple issues existed in the authentication of ntp\npackets being received by configured end-points. These issues were\naddressed through improved connection state management. \nCVE-ID\nCVE-2015-1798\nCVE-2015-1799\n\nOpenSSL\nAvailable for: OS X Yosemite v10.10 to v10.10.3\nImpact: Multiple issues exist in OpenSSL, including one that may\nallow an attacker to intercept connections to a server that supports\nexport-grade ciphers\nDescription: Multiple issues existed in OpenSSL 0.9.8zd which were\naddressed by updating OpenSSL to version 0.9.8zf. \nCVE-ID\nCVE-2015-0209\nCVE-2015-0286\nCVE-2015-0287\nCVE-2015-0288\nCVE-2015-0289\nCVE-2015-0293\n\nQuickTime\nAvailable for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5,\nOS X Yosemite v10.10 to v10.10.3\nImpact: Processing a maliciously crafted movie file may lead to an\nunexpected application termination or arbitrary code execution\nDescription: Multiple memory corruption issues existed in QuickTime. \nThese issues were addressed through improved memory handling. \nCVE-ID\nCVE-2015-3661 : G. Geshev working with HP\u0027s Zero Day Initiative\nCVE-2015-3662 : kdot working with HP\u0027s Zero Day Initiative\nCVE-2015-3663 : kdot working with HP\u0027s Zero Day Initiative\nCVE-2015-3666 : Steven Seeley of Source Incite working with HP\u0027s Zero\nDay Initiative\nCVE-2015-3667 : Ryan Pentney, Richard Johnson of Cisco Talos and Kai\nLu of Fortinet\u0027s FortiGuard Labs, Ryan Pentney, and Richard Johnson\nof Cisco Talos and Kai Lu of Fortinet\u0027s FortiGuard Labs\nCVE-2015-3668 : Kai Lu of Fortinet\u0027s FortiGuard Labs\nCVE-2015-3713 : Apple\n\nSecurity\nAvailable for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5,\nOS X Yosemite v10.10 to v10.10.3\nImpact: A remote attacker may cause an unexpected application\ntermination or arbitrary code execution\nDescription: An integer overflow existed in the Security framework\ncode for parsing S/MIME e-mail and some other signed or encrypted\nobjects. This issue was addressed through improved validity checking. \nCVE-ID\nCVE-2013-1741\n\nSecurity\nAvailable for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5,\nOS X Yosemite v10.10 to v10.10.3\nImpact: Tampered applications may not be prevented from launching\nDescription: Apps using custom resource rules may have been\nsusceptible to tampering that would not have invalidated the\nsignature. This issue was addressed with improved resource\nvalidation. \nCVE-ID\nCVE-2015-3714 : Joshua Pitts of Leviathan Security Group\n\nSecurity\nAvailable for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5,\nOS X Yosemite v10.10 to v10.10.3\nImpact: A malicious application may be able to bypass code signing\nchecks\nDescription: An issue existed where code signing did not verify\nlibraries loaded outside the application bundle. This issue was\naddressed with improved bundle verification. \nCVE-ID\nCVE-2015-3715 : Patrick Wardle of Synack\n\nSpotlight\nAvailable for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5,\nOS X Yosemite v10.10 to v10.10.3\nImpact: Searching for a malicious file with Spotlight may lead to\ncommand injection\nDescription: A command injection vulnerability existed in the\nhandling of filenames of photos added to the local photo library. \nThis issue was addressed through improved input validation. \nCVE-ID\nCVE-2015-3716 : Apple\n\nSQLite\nAvailable for: OS X Yosemite v10.10 to v10.10.3\nImpact: A remote attacker may cause an unexpected application\ntermination or arbitrary code execution\nDescription: Multiple buffer overflows existed in SQLite\u0027s printf\nimplementation. These issues were addressed through improved bounds\nchecking. \nCVE-ID\nCVE-2015-3717 : Peter Rutenbar working with HP\u0027s Zero Day Initiative\n\nSystem Stats\nAvailable for: OS X Yosemite v10.10 to v10.10.3\nImpact: A malicious app may be able to compromise systemstatsd\nDescription: A type confusion issue existed in systemstatsd\u0027s\nhandling of interprocess communication. By sending a maliciously\nformatted message to systemstatsd, it may have been possible to\nexecute arbitrary code as the systemstatsd process. The issue was\naddressed through additional type checking. \nCVE-ID\nCVE-2015-3718 : Roberto Paleari and Aristide Fattori of Emaze\nNetworks\n\nTrueTypeScaler\nAvailable for: OS X Yosemite v10.10 to v10.10.3\nImpact: Processing a maliciously crafted font file may lead to an\nunexpected application termination or arbitrary code execution\nDescription: A memory corruption issue existed in the processing of\nfont files. This issue was addressed through improved input\nvalidation. \nCVE-ID\nCVE-2015-3719 : John Villamil (@day6reak), Yahoo Pentest Team\n\nzip\nAvailable for: OS X Yosemite v10.10 to v10.10.3\nImpact: Extracting a maliciously crafted zip file using the unzip\ntool may lead to an unexpected application termination or arbitrary\ncode execution\nDescription: Multiple memory corruption issues existed in the\nhandling of zip files. These issues were addressed through improved\nmemory handling. \nCVE-ID\n\nCVE-2014-8139\nCVE-2014-8140\nCVE-2014-8141\n\n\nOS X Yosemite 10.10.4 includes the security content of Safari 8.0.7. \nhttps://support.apple.com/en-us/HT204950\n\nOS X Yosemite 10.10.4 and Security Update 2015-005 may be obtained\nfrom the Mac App Store or Apple\u0027s Software Downloads web site:\nhttp://www.apple.com/support/downloads/\n\nInformation will also be posted to the Apple Security Updates\nweb site: http://support.apple.com/kb/HT1222\n\nThis message is signed with Apple\u0027s Product Security PGP key,\nand details are available at:\nhttps://www.apple.com/support/security/pgp/\n\n\n\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG/MacGPG2 v2\nComment: GPGTools - http://gpgtools.org\n\niQIcBAEBCAAGBQJVksFmAAoJEBcWfLTuOo7tV1AQAIYpkOMpHp181b+70sgyZ/Ue\nmFM527FFGDfLLuIW6LTcBsEFe9cfZxumB8eOFPirTNRK7krsVMo1W+faHXyWOnx7\nkbWylHdhaoxnX+A6Gj0vP71V6TNNsTi9+2dmdmHUnwxZ7Ws5QCNKebumUG3MMXXo\nEKxE5SNSNKyMSSYmliS26cdl8fWrmg9qTxiZQnxjOCrg/CNAolgVIRRfdMUL7i4w\naGAyrlJXOxFOuNkqdHX2luccuHFV7aW/dIXQ4MyjiRNl/bWrBQmQlneLLpPdFZlH\ncMfGa2/baaNaCbU/GqhNKbO4fKYVaqQWzfUrtqX0+bRv2wmOq33ARy9KE23bYTvL\nU4E9x9z87LsLXGAdjUi6MDe5g87DcmwIEigfF6/EHbDYa/2VvSdIa74XRv/JCN1+\naftHLotin76h4qV/dCAPf5J/Fr/1KFCM0IphhG7p+7fVTfyy7YDXNBiKCEZzLf8U\nTUWLUCgQhobtakqwzQJ5qyF8u63xzVXj8oeTOw6iiY/BLlj9def5LMm/z6ZKGTyC\n3c4+Sy5XvBHZoeiwdcndTVpnFbmmjZRdeqtdW/zX5mHnxXPa3lZiGoBDhHQgIg6J\n1tTVtnO1JSLXVYDR6Evx1EH10Vgkt2wAGTLjljSLwtckoEqc78qMAT1G5U4nFffI\n+gGm5FbAxjxElgA/gbaq\n=KLda\n-----END PGP SIGNATURE-----\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2015-1799"
},
{
"db": "CERT/CC",
"id": "VU#374268"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002116"
},
{
"db": "BID",
"id": "73950"
},
{
"db": "VULMON",
"id": "CVE-2015-1799"
},
{
"db": "PACKETSTORM",
"id": "133699"
},
{
"db": "PACKETSTORM",
"id": "131582"
},
{
"db": "PACKETSTORM",
"id": "131941"
},
{
"db": "PACKETSTORM",
"id": "136119"
},
{
"db": "PACKETSTORM",
"id": "131385"
},
{
"db": "PACKETSTORM",
"id": "131405"
},
{
"db": "PACKETSTORM",
"id": "132518"
}
],
"trust": 3.33
},
"external_ids": {
"_id": null,
"data": [
{
"db": "CERT/CC",
"id": "VU#374268",
"trust": 3.0
},
{
"db": "NVD",
"id": "CVE-2015-1799",
"trust": 2.9
},
{
"db": "BID",
"id": "73950",
"trust": 1.4
},
{
"db": "SECTRACK",
"id": "1032031",
"trust": 1.1
},
{
"db": "MCAFEE",
"id": "SB10114",
"trust": 1.1
},
{
"db": "JVN",
"id": "JVNVU95993136",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002116",
"trust": 0.8
},
{
"db": "ICS CERT",
"id": "ICSA-17-094-04",
"trust": 0.4
},
{
"db": "VULMON",
"id": "CVE-2015-1799",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "133699",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "131582",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "131941",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "136119",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "131385",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "131405",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "132518",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#374268"
},
{
"db": "VULMON",
"id": "CVE-2015-1799"
},
{
"db": "BID",
"id": "73950"
},
{
"db": "PACKETSTORM",
"id": "133699"
},
{
"db": "PACKETSTORM",
"id": "131582"
},
{
"db": "PACKETSTORM",
"id": "131941"
},
{
"db": "PACKETSTORM",
"id": "136119"
},
{
"db": "PACKETSTORM",
"id": "131385"
},
{
"db": "PACKETSTORM",
"id": "131405"
},
{
"db": "PACKETSTORM",
"id": "132518"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002116"
},
{
"db": "NVD",
"id": "CVE-2015-1799"
}
]
},
"id": "VAR-201504-0362",
"iot": {
"_id": null,
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.47613483
},
"last_update_date": "2026-04-10T22:57:36.035000Z",
"patch": {
"_id": null,
"data": [
{
"title": "APPLE-SA-2015-06-30-2 OS X Yosemite v10.10.4 and Security Update 2015-005",
"trust": 0.8,
"url": "http://lists.apple.com/archives/security-announce/2015/Jun/msg00002.html"
},
{
"title": "HT204942",
"trust": 0.8,
"url": "https://support.apple.com/en-us/HT204942"
},
{
"title": "HT204942",
"trust": 0.8,
"url": "https://support.apple.com/ja-jp/HT204942"
},
{
"title": "cisco-sa-20150408-ntpd",
"trust": 0.8,
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150408-ntpd"
},
{
"title": "Bug 2781",
"trust": 0.8,
"url": "http://bugs.ntp.org/show_bug.cgi?id=2781"
},
{
"title": "Oracle Solaris Third Party Bulletin - April 2015",
"trust": 0.8,
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html"
},
{
"title": "Recent Vulnerabilities",
"trust": 0.8,
"url": "http://support.ntp.org/bin/view/Main/SecurityNotice#Recent_Vulnerabilities"
},
{
"title": "38275",
"trust": 0.8,
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=38275"
},
{
"title": "cisco-sa-20150408-ntpd",
"trust": 0.8,
"url": "http://www.cisco.com/cisco/web/support/JP/112/1128/1128965_cisco-sa-20150408-ntpd-j.html"
},
{
"title": "Red Hat: Moderate: ntp security, bug fix, and enhancement update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20152231 - Security Advisory"
},
{
"title": "Ubuntu Security Notice: ntp vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-2567-1"
},
{
"title": "Debian CVElist Bug Report Logs: ntp: CVE-2015-1798 CVE-2015-1799",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs\u0026qid=d133e5923f2516253cdb12d9d3c37c05"
},
{
"title": "Red Hat: CVE-2015-1799",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database\u0026qid=CVE-2015-1799"
},
{
"title": "Debian Security Advisories: DSA-3223-1 ntp -- security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=d552cdc6350071420c8916bcaed96264"
},
{
"title": "Amazon Linux AMI: ALAS-2015-520",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami\u0026qid=ALAS-2015-520"
},
{
"title": "Cisco: Multiple Vulnerabilities in ntpd (April 2015) Affecting Cisco Products",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts\u0026qid=cisco-sa-20150408-ntpd"
},
{
"title": "Apple: OS X Yosemite v10.10.4 and Security Update 2015-005",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=apple_security_advisories\u0026qid=50398602701d671602946005c7864211"
},
{
"title": "Oracle Solaris Third Party Bulletins: Oracle Solaris Third Party Bulletin - April 2015",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_solaris_third_party_bulletins\u0026qid=2a43c5799a7dd07d6c0a92a3b040d12f"
},
{
"title": "Oracle Linux Bulletins: Oracle Linux Bulletin - October 2015",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_linux_bulletins\u0026qid=435ed9abc2fb1e74ce2a69605a01e326"
},
{
"title": "The Register",
"trust": 0.1,
"url": "https://www.theregister.co.uk/2015/04/09/ntp_vulns/"
},
{
"title": "The Register",
"trust": 0.1,
"url": "https://www.theregister.co.uk/2015/04/09/cisco_security_software_needs_security_patch/"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2015-1799"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002116"
}
]
},
"problemtype_data": {
"_id": null,
"data": [
{
"problemtype": "CWE-17",
"trust": 1.0
},
{
"problemtype": "CWE-Other",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-002116"
},
{
"db": "NVD",
"id": "CVE-2015-1799"
}
]
},
"references": {
"_id": null,
"data": [
{
"trust": 2.2,
"url": "http://www.kb.cert.org/vuls/id/374268"
},
{
"trust": 2.0,
"url": "http://support.ntp.org/bin/view/main/securitynotice#recent_vulnerabilities"
},
{
"trust": 1.9,
"url": "http://bugs.ntp.org/show_bug.cgi?id=2781"
},
{
"trust": 1.5,
"url": "http://tools.cisco.com/security/center/viewalert.x?alertid=38275"
},
{
"trust": 1.4,
"url": "http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20150408-ntpd"
},
{
"trust": 1.4,
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html"
},
{
"trust": 1.2,
"url": "http://www.ubuntu.com/usn/usn-2567-1"
},
{
"trust": 1.2,
"url": "https://security.gentoo.org/glsa/201509-01"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1032031"
},
{
"trust": 1.1,
"url": "http://www.mandriva.com/security/advisories?name=mdvsa-2015:202"
},
{
"trust": 1.1,
"url": "http://listengine.tuxfamily.org/chrony.tuxfamily.org/chrony-announce/2015/04/msg00002.html"
},
{
"trust": 1.1,
"url": "http://www.debian.org/security/2015/dsa-3222"
},
{
"trust": 1.1,
"url": "http://www.debian.org/security/2015/dsa-3223"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/bid/73950"
},
{
"trust": 1.1,
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-april/155863.html"
},
{
"trust": 1.1,
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=sb10114"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-updates/2015-04/msg00052.html"
},
{
"trust": 1.1,
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-april/155864.html"
},
{
"trust": 1.1,
"url": "http://lists.apple.com/archives/security-announce/2015/jun/msg00002.html"
},
{
"trust": 1.1,
"url": "http://support.apple.com/kb/ht204942"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=145750740530849\u0026w=2"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=143213867103400\u0026w=2"
},
{
"trust": 1.1,
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html"
},
{
"trust": 1.1,
"url": "http://rhn.redhat.com/errata/rhsa-2015-1459.html"
},
{
"trust": 1.0,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-1799"
},
{
"trust": 0.8,
"url": "http://bugs.ntp.org/show_bug.cgi?id=2779"
},
{
"trust": 0.8,
"url": "http://www.ntp.org/downloads.html"
},
{
"trust": 0.8,
"url": "https://www.freebsd.org/security/advisories/freebsd-sa-15:07.ntp.asc"
},
{
"trust": 0.8,
"url": "http://support.ntp.org/bin/view/main/securitynoticehttp://www.ntp.org/downloads.html"
},
{
"trust": 0.8,
"url": "http://jvn.jp/vu/jvnvu95993136/index.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-1799"
},
{
"trust": 0.7,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-1799"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-1798"
},
{
"trust": 0.4,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-17-094-04"
},
{
"trust": 0.3,
"url": "http://aix.software.ibm.com/aix/efixes/security/ntp_advisory3.asc"
},
{
"trust": 0.3,
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=cve-2015-1799"
},
{
"trust": 0.3,
"url": "http://www.ntp.org"
},
{
"trust": 0.3,
"url": "http://seclists.org/bugtraq/2015/apr/156"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/hpsc/doc/public/display?docid=emr_na-c04679309"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3t1022814"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3t1022831"
},
{
"trust": 0.3,
"url": "http://aix.software.ibm.com/aix/efixes/security/ntp4_advisory.asc"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21966578"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21966675"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21967791"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21975967"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg2c1000111"
},
{
"trust": 0.3,
"url": "https://gtacknowledge.extremenetworks.com/articles/vulnerability_notice/vn-2015-006-symmetric-key-ntp/?q=cve-2015-1798\u0026l=en_us\u0026fs=search\u0026pn=1"
},
{
"trust": 0.2,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-1798"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/17.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://usn.ubuntu.com/2567-1/"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2015-1799"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-1798"
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-1799"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-5146"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-5146"
},
{
"trust": 0.1,
"url": "https://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "http://slackware.com"
},
{
"trust": 0.1,
"url": "http://osuosl.org)"
},
{
"trust": 0.1,
"url": "http://slackware.com/gpg-key"
},
{
"trust": 0.1,
"url": "http://support.ntp.org/bin/view/main/securitynotice"
},
{
"trust": 0.1,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/"
},
{
"trust": 0.1,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/secbullarchive/"
},
{
"trust": 0.1,
"url": "http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins"
},
{
"trust": 0.1,
"url": "https://h20392.www2.hp.com/portal/swdepot/displayproductinfo.do?productnumber"
},
{
"trust": 0.1,
"url": "https://www.hp.com/go/swa"
},
{
"trust": 0.1,
"url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_n"
},
{
"trust": 0.1,
"url": "http://www.hpe.com/support/subscriber_choice"
},
{
"trust": 0.1,
"url": "http://www.hpe.com/support/security_bulletin_archive"
},
{
"trust": 0.1,
"url": "http://www.mandriva.com/en/support/security/"
},
{
"trust": 0.1,
"url": "http://www.mandriva.com/en/support/security/advisories/"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/ntp/1:4.2.6.p5+dfsg-3ubuntu2.14.10.3"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/ntp/1:4.2.6.p3+dfsg-1ubuntu3.4"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/ntp/1:4.2.6.p5+dfsg-3ubuntu2.14.04.3"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-0288"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-0287"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-3673"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-8141"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-8140"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-0235"
},
{
"trust": 0.1,
"url": "http://support.apple.com/kb/ht1222"
},
{
"trust": 0.1,
"url": "https://support.apple.com/en-us/ht204938"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-3672"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-0209"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-8127"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-0289"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-3661"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-3671"
},
{
"trust": 0.1,
"url": "http://www.apple.com/support/downloads/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-1741"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-8128"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-8130"
},
{
"trust": 0.1,
"url": "https://support.apple.com/en-"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-8139"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-3662"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-8129"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-1157"
},
{
"trust": 0.1,
"url": "https://www.apple.com/support/security/pgp/"
},
{
"trust": 0.1,
"url": "https://support.apple.com/en-us/ht204950"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-3663"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-3668"
},
{
"trust": 0.1,
"url": "http://gpgtools.org"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-0293"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-0273"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-3666"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-0286"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-3667"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#374268"
},
{
"db": "VULMON",
"id": "CVE-2015-1799"
},
{
"db": "BID",
"id": "73950"
},
{
"db": "PACKETSTORM",
"id": "133699"
},
{
"db": "PACKETSTORM",
"id": "131582"
},
{
"db": "PACKETSTORM",
"id": "131941"
},
{
"db": "PACKETSTORM",
"id": "136119"
},
{
"db": "PACKETSTORM",
"id": "131385"
},
{
"db": "PACKETSTORM",
"id": "131405"
},
{
"db": "PACKETSTORM",
"id": "132518"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002116"
},
{
"db": "NVD",
"id": "CVE-2015-1799"
}
]
},
"sources": {
"_id": null,
"data": [
{
"db": "CERT/CC",
"id": "VU#374268",
"ident": null
},
{
"db": "VULMON",
"id": "CVE-2015-1799",
"ident": null
},
{
"db": "BID",
"id": "73950",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "133699",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "131582",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "131941",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "136119",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "131385",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "131405",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "132518",
"ident": null
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002116",
"ident": null
},
{
"db": "NVD",
"id": "CVE-2015-1799",
"ident": null
}
]
},
"sources_release_date": {
"_id": null,
"data": [
{
"date": "2015-04-07T00:00:00",
"db": "CERT/CC",
"id": "VU#374268",
"ident": null
},
{
"date": "2015-04-08T00:00:00",
"db": "VULMON",
"id": "CVE-2015-1799",
"ident": null
},
{
"date": "2015-04-07T00:00:00",
"db": "BID",
"id": "73950",
"ident": null
},
{
"date": "2015-09-25T06:54:41",
"db": "PACKETSTORM",
"id": "133699",
"ident": null
},
{
"date": "2015-04-22T20:14:29",
"db": "PACKETSTORM",
"id": "131582",
"ident": null
},
{
"date": "2015-05-20T23:06:21",
"db": "PACKETSTORM",
"id": "131941",
"ident": null
},
{
"date": "2016-03-08T10:18:00",
"db": "PACKETSTORM",
"id": "136119",
"ident": null
},
{
"date": "2015-04-13T14:03:24",
"db": "PACKETSTORM",
"id": "131385",
"ident": null
},
{
"date": "2015-04-14T18:53:39",
"db": "PACKETSTORM",
"id": "131405",
"ident": null
},
{
"date": "2015-07-01T05:31:53",
"db": "PACKETSTORM",
"id": "132518",
"ident": null
},
{
"date": "2015-04-09T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-002116",
"ident": null
},
{
"date": "2015-04-08T10:59:05.717000",
"db": "NVD",
"id": "CVE-2015-1799",
"ident": null
}
]
},
"sources_update_date": {
"_id": null,
"data": [
{
"date": "2015-04-10T00:00:00",
"db": "CERT/CC",
"id": "VU#374268",
"ident": null
},
{
"date": "2018-01-05T00:00:00",
"db": "VULMON",
"id": "CVE-2015-1799",
"ident": null
},
{
"date": "2017-05-23T16:24:00",
"db": "BID",
"id": "73950",
"ident": null
},
{
"date": "2015-07-14T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-002116",
"ident": null
},
{
"date": "2025-04-12T10:46:40.837000",
"db": "NVD",
"id": "CVE-2015-1799",
"ident": null
}
]
},
"threat_type": {
"_id": null,
"data": "network",
"sources": [
{
"db": "BID",
"id": "73950"
}
],
"trust": 0.3
},
"title": {
"_id": null,
"data": "NTP Project ntpd reference implementation contains multiple vulnerabilities",
"sources": [
{
"db": "CERT/CC",
"id": "VU#374268"
}
],
"trust": 0.8
},
"type": {
"_id": null,
"data": "Unknown",
"sources": [
{
"db": "BID",
"id": "73950"
}
],
"trust": 0.3
}
}
VAR-201105-0197
Vulnerability from variot - Updated: 2026-04-10 22:51Unspecified vulnerability in the Java Embedding Plugin (JEP) in Mozilla Firefox before 3.5.19 and 3.6.x before 3.6.17, and SeaMonkey before 2.0.14, on Mac OS X allows remote attackers to bypass intended access restrictions via unknown vectors. Mozilla Firefox and SeaMonkey are prone to a privilege-escalation vulnerability. An attacker can exploit this issue by enticing an unsuspecting user into viewing malicious content. A successful exploit will result in the execution of arbitrary attacker-supplied code with elevated privileges. Failed exploit attempts will likely result in denial-of-service conditions. This issue is fixed in: Firefox 3.6.17 Firefox 3.5.19 SeaMonkey 2.0.14 NOTE: This issue was previously discussed in BID 47635 (Mozilla Firefox/Thunderbird/SeaMonkey MFSA 2011-12 through -18 Multiple Vulnerabilities) but has been moved to its own record to better document it. Firefox is a very popular open source web browser. SeaMonkey is an open source web browser, mail and newsgroup client, IRC session client, and HTML editor. Remote attackers can use unknown vectors to bypass preset access restrictions. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Mandriva Linux Security Advisory MDVSA-2011:079 http://www.mandriva.com/security/
Package : firefox Date : April 30, 2011 Affected: 2009.0, 2010.0, 2010.1, Enterprise Server 5.0
Problem Description:
Chris Evans of the Chrome Security Team reported that the XSLT generate-id() function returned a string that revealed a specific valid address of an object on the memory heap. It is possible that in some cases this address would be valuable information that could be used by an attacker while exploiting a different memory corruption but, in order to make an exploit more reliable or work around mitigation features in the browser or operating system (CVE-2011-1202).
Security researcher Soroush Dalili reported that the resource: protocol could be exploited to allow directory traversal on Windows and the potential loading of resources from non-permitted locations. The impact would depend on whether interesting files existed in predictable locations in a useful format. For example, the existence or non-existence of particular images might indicate whether certain software was installed (CVE-2011-0071).
Security researcher Paul Stone reported that a Java applet could be used to mimic interaction with form autocomplete controls and steal entries from the form history (CVE-2011-0067).
Security researcher regenrecht reported several dangling pointer vulnerabilities via TippingPoint's Zero Day Initiative (CVE-2011-0065, CVE-2011-0066, CVE-2011-0073).
Mozilla developers identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these bugs showed evidence of memory corruption under certain circumstances, and we presume that with enough effort at least some of these could be exploited to run arbitrary code (CVE-2011-0081, CVE-2011-0069, CVE-2011-0070, CVE-2011-0080, CVE-2011-0074, CVE-2011-0075, CVE-2011-0077, CVE-2011-0078, CVE-2011-0072).
Additionally the sqlite3 packages were upgraded to the 3.7.6.2 version. A new package that provides /usr/bin/lemon was added. The lemon software was previousely provided with sqlite3 and is used in some cases when building php.
Packages for 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more: http://store.mandriva.com/product_info.php?cPath=149&products_id=490
Additionally, some packages which require so, have been rebuilt and are being provided as updates.
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1202 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0071 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0076 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0067 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0065 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0066 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0073 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0081 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0069 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0070 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0080 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0074 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0075 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0077 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0078 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0072 http://www.mozilla.org/security/known-vulnerabilities/firefox36.html#firefox3.6.17
Updated Packages:
Mandriva Linux 2009.0: 2973de477d7455b08bbe09f5a570f6aa 2009.0/i586/beagle-0.3.8-13.36mdv2009.0.i586.rpm 7e198710e98eed5835de55a07bcc645d 2009.0/i586/beagle-crawl-system-0.3.8-13.36mdv2009.0.i586.rpm a9955422fa8f5e70cee6df6a3b9fae7c 2009.0/i586/beagle-doc-0.3.8-13.36mdv2009.0.i586.rpm 23513c8d7d383f3b0d20902b30d11790 2009.0/i586/beagle-epiphany-0.3.8-13.36mdv2009.0.i586.rpm 391f72db4d9b334fed1b3d33306ee55f 2009.0/i586/beagle-evolution-0.3.8-13.36mdv2009.0.i586.rpm 7311810525b3483b8754ecc4390033e6 2009.0/i586/beagle-gui-0.3.8-13.36mdv2009.0.i586.rpm 935fdbace81371b2eea685f037caff00 2009.0/i586/beagle-gui-qt-0.3.8-13.36mdv2009.0.i586.rpm 8ca9aa9f40e44a872cf0befa74789302 2009.0/i586/beagle-libs-0.3.8-13.36mdv2009.0.i586.rpm cabf1109de711d8b8b144501263d6d9a 2009.0/i586/devhelp-0.21-3.25mdv2009.0.i586.rpm 5d49d110ca039207523256b93ca0aefb 2009.0/i586/devhelp-plugins-0.21-3.25mdv2009.0.i586.rpm 9da6dcff3078fda7f7b78843400051b7 2009.0/i586/epiphany-2.24.3-0.14mdv2009.0.i586.rpm 0ac6148e0be68f6c9ae8263c1399769e 2009.0/i586/epiphany-devel-2.24.3-0.14mdv2009.0.i586.rpm 0f1ff7a4bfc2067c89b66fd98e62e8f9 2009.0/i586/firefox-3.6.17-0.1mdv2009.0.i586.rpm 68c6d5e2860f7c24f4af09bc313f5164 2009.0/i586/firefox-af-3.6.17-0.1mdv2009.0.i586.rpm 2a63cbcbd840c1ba22ac317e44c36f80 2009.0/i586/firefox-ar-3.6.17-0.1mdv2009.0.i586.rpm 00bca75faebfbd49825d0b03580f5123 2009.0/i586/firefox-be-3.6.17-0.1mdv2009.0.i586.rpm db03eca0613b52f2f077279d6883a0d5 2009.0/i586/firefox-bg-3.6.17-0.1mdv2009.0.i586.rpm 4a552121865938a8912a68de5dab9be6 2009.0/i586/firefox-bn-3.6.17-0.1mdv2009.0.i586.rpm 8f7d1c3f2f79f1d25d14a3cd8d6401e3 2009.0/i586/firefox-ca-3.6.17-0.1mdv2009.0.i586.rpm 228db324dd6cdd307fcf4642c63b48bb 2009.0/i586/firefox-cs-3.6.17-0.1mdv2009.0.i586.rpm 948c6ebab830b48a173c471a1b8526a8 2009.0/i586/firefox-cy-3.6.17-0.1mdv2009.0.i586.rpm 7472f143a13da640d052c40977a027df 2009.0/i586/firefox-da-3.6.17-0.1mdv2009.0.i586.rpm a40f6c2977f79caa31e87d09169d1a0e 2009.0/i586/firefox-de-3.6.17-0.1mdv2009.0.i586.rpm 3861628556d0d7b4a3c8200cbd0dc8d3 2009.0/i586/firefox-devel-3.6.17-0.1mdv2009.0.i586.rpm 3571fa7c7e0cc159ec27d13bbcd18afb 2009.0/i586/firefox-el-3.6.17-0.1mdv2009.0.i586.rpm 71ed13d932446cd071f57370f1c67993 2009.0/i586/firefox-en_GB-3.6.17-0.1mdv2009.0.i586.rpm 7204644845d2f0516c8231604e51be06 2009.0/i586/firefox-eo-3.6.17-0.1mdv2009.0.i586.rpm a304223e23e5ae9d862606aa64eb0473 2009.0/i586/firefox-es_AR-3.6.17-0.1mdv2009.0.i586.rpm e10040850cae86538b035f5795147359 2009.0/i586/firefox-es_ES-3.6.17-0.1mdv2009.0.i586.rpm 0da9a35d0287fe8537e50aad67864861 2009.0/i586/firefox-et-3.6.17-0.1mdv2009.0.i586.rpm e433dcf9f297d3468d02e34c1cdec2f7 2009.0/i586/firefox-eu-3.6.17-0.1mdv2009.0.i586.rpm b8c6a66f15cda3f88e41d251e492b766 2009.0/i586/firefox-ext-beagle-0.3.8-13.36mdv2009.0.i586.rpm 298ffb6cb4907c8fed7013bc1cd8b7cd 2009.0/i586/firefox-ext-blogrovr-1.1.804-0.13mdv2009.0.i586.rpm 346f393bb67e5b07d7f5da620f0a7cfd 2009.0/i586/firefox-ext-mozvoikko-1.0-0.13mdv2009.0.i586.rpm c5549d686d3cf1af3f1af6e76d53710d 2009.0/i586/firefox-ext-scribefire-3.5.1-0.13mdv2009.0.i586.rpm b0bb514e6bc44941c257ab9e9a4886ce 2009.0/i586/firefox-ext-xmarks-3.5.10-0.13mdv2009.0.i586.rpm 45513fb325474a1ab238f0603e277f53 2009.0/i586/firefox-fi-3.6.17-0.1mdv2009.0.i586.rpm f779393326b33faac80b0464423de6b2 2009.0/i586/firefox-fr-3.6.17-0.1mdv2009.0.i586.rpm 53410f5a375a58acf74911b4455408a2 2009.0/i586/firefox-fy-3.6.17-0.1mdv2009.0.i586.rpm b3839dd9b19d38c42ea35a44d618a9c6 2009.0/i586/firefox-ga_IE-3.6.17-0.1mdv2009.0.i586.rpm e05ece41e912c28410ce8c4d5e7aac09 2009.0/i586/firefox-gl-3.6.17-0.1mdv2009.0.i586.rpm 586386851fbe0a16b578cd9cb6268440 2009.0/i586/firefox-gu_IN-3.6.17-0.1mdv2009.0.i586.rpm 854c678ffd13330aec33447c9b197769 2009.0/i586/firefox-he-3.6.17-0.1mdv2009.0.i586.rpm 017389c95a4b6c2d073d318180d5e384 2009.0/i586/firefox-hi-3.6.17-0.1mdv2009.0.i586.rpm 155b3dd9f3d4df8d171c66a304d2fd85 2009.0/i586/firefox-hu-3.6.17-0.1mdv2009.0.i586.rpm 7ba221d915d86a7ff40021d37cbfe985 2009.0/i586/firefox-id-3.6.17-0.1mdv2009.0.i586.rpm 39130b124a73caef8f2b4f9aa6b0e61a 2009.0/i586/firefox-is-3.6.17-0.1mdv2009.0.i586.rpm b71974aed5edda2cc0e65000df3a1011 2009.0/i586/firefox-it-3.6.17-0.1mdv2009.0.i586.rpm 07a88fe9d9beb8ba7b5ee9936f347dc5 2009.0/i586/firefox-ja-3.6.17-0.1mdv2009.0.i586.rpm fe09ec733d5edede980b81e3bb1a9809 2009.0/i586/firefox-ka-3.6.17-0.1mdv2009.0.i586.rpm 1f54c7528e5b7ce3b9b85cfa8e875640 2009.0/i586/firefox-kn-3.6.17-0.1mdv2009.0.i586.rpm a217105802753a4f9d7ed341a1192f63 2009.0/i586/firefox-ko-3.6.17-0.1mdv2009.0.i586.rpm c42801fa51cdf12a07d3afd8f65be5ff 2009.0/i586/firefox-ku-3.6.17-0.1mdv2009.0.i586.rpm fdb5ff5c53e6290f5e543cbbc80f0782 2009.0/i586/firefox-lt-3.6.17-0.1mdv2009.0.i586.rpm a42d147c886a87428e1433081f8fab98 2009.0/i586/firefox-lv-3.6.17-0.1mdv2009.0.i586.rpm 3c9a81ffc3597e21448f5f5a9485b399 2009.0/i586/firefox-mk-3.6.17-0.1mdv2009.0.i586.rpm 799700985d71360d86de7372d0cf0364 2009.0/i586/firefox-mr-3.6.17-0.1mdv2009.0.i586.rpm 8540e2fd37d7e577fa9c770af9360b60 2009.0/i586/firefox-nb_NO-3.6.17-0.1mdv2009.0.i586.rpm 26dbb0a70d552a636dfb22d7725859c2 2009.0/i586/firefox-nl-3.6.17-0.1mdv2009.0.i586.rpm c76027df052ae1cc125e798b07fb9a83 2009.0/i586/firefox-nn_NO-3.6.17-0.1mdv2009.0.i586.rpm 60a2f1bd57c903e7c66c5905e8e192a9 2009.0/i586/firefox-oc-3.6.17-0.1mdv2009.0.i586.rpm a0ce0cff62e5217e50ced505dc22261a 2009.0/i586/firefox-pa_IN-3.6.17-0.1mdv2009.0.i586.rpm 67346320e8159a7c1a351482ae832fdd 2009.0/i586/firefox-pl-3.6.17-0.1mdv2009.0.i586.rpm fc448d8eec4340436fa55350a91a4f24 2009.0/i586/firefox-pt_BR-3.6.17-0.1mdv2009.0.i586.rpm cf72d6ad8a417fd724e52210bf509b74 2009.0/i586/firefox-pt_PT-3.6.17-0.1mdv2009.0.i586.rpm 34ea987f1a28427acd00f07b97038890 2009.0/i586/firefox-ro-3.6.17-0.1mdv2009.0.i586.rpm 305033f355f87f0b4b567d6b7563354e 2009.0/i586/firefox-ru-3.6.17-0.1mdv2009.0.i586.rpm 3c40b9a2484cdabd87784fe09661ecb8 2009.0/i586/firefox-si-3.6.17-0.1mdv2009.0.i586.rpm 7aa26e6bb6d954a5ad008c1e3d909cbc 2009.0/i586/firefox-sk-3.6.17-0.1mdv2009.0.i586.rpm 3f23f9c83f414de0059cb60eebf8d850 2009.0/i586/firefox-sl-3.6.17-0.1mdv2009.0.i586.rpm f5e77819022ca51867af2a8d34f2a066 2009.0/i586/firefox-sq-3.6.17-0.1mdv2009.0.i586.rpm ab6de80851e9b39524a1a9e50508f4b6 2009.0/i586/firefox-sr-3.6.17-0.1mdv2009.0.i586.rpm e3e2d2e7c58ea80d9e518f50f75e11bb 2009.0/i586/firefox-sv_SE-3.6.17-0.1mdv2009.0.i586.rpm 7889dfad70b01797357808b0efd4181a 2009.0/i586/firefox-te-3.6.17-0.1mdv2009.0.i586.rpm 8eb35b7fb3d9717269d656ab0af66d85 2009.0/i586/firefox-th-3.6.17-0.1mdv2009.0.i586.rpm db344c8f85860dc0939ae13cfc0a73ef 2009.0/i586/firefox-theme-kfirefox-0.16-0.13mdv2009.0.i586.rpm b7cbe47a64595ec5c8e323727885eb8c 2009.0/i586/firefox-tr-3.6.17-0.1mdv2009.0.i586.rpm 63c912c7c72a2683fd2749f5a643709e 2009.0/i586/firefox-uk-3.6.17-0.1mdv2009.0.i586.rpm 445eec8f6167567b32046e16d1e4a8ac 2009.0/i586/firefox-zh_CN-3.6.17-0.1mdv2009.0.i586.rpm 36de2012d0dc81e1636912aebe714cd7 2009.0/i586/firefox-zh_TW-3.6.17-0.1mdv2009.0.i586.rpm fea435facb5a727a1769b95ffdd6b7d1 2009.0/i586/gnome-python-extras-2.19.1-20.27mdv2009.0.i586.rpm 44d5541c188e831160c627682823285d 2009.0/i586/gnome-python-gda-2.19.1-20.27mdv2009.0.i586.rpm 09de2acc67f26df4996b244fb720a865 2009.0/i586/gnome-python-gda-devel-2.19.1-20.27mdv2009.0.i586.rpm d78dbc547deafba5525ddef72093099b 2009.0/i586/gnome-python-gdl-2.19.1-20.27mdv2009.0.i586.rpm aaefe570ba5819e6afa4fd49425fdf57 2009.0/i586/gnome-python-gtkhtml2-2.19.1-20.27mdv2009.0.i586.rpm 5868123938a14c88ce61b2604c7ea252 2009.0/i586/gnome-python-gtkmozembed-2.19.1-20.27mdv2009.0.i586.rpm f7e7eb05f7b7fc09db698dc47c187bb5 2009.0/i586/gnome-python-gtkspell-2.19.1-20.27mdv2009.0.i586.rpm 79225cceef1a08a2d7297d088e7b97b4 2009.0/i586/lemon-3.7.4-0.1mdv2009.0.i586.rpm 2c2f28010934dde726a22971771369b9 2009.0/i586/libdevhelp-1_0-0.21-3.25mdv2009.0.i586.rpm 7b6cb5ee62261c8f871c1ad99ca5b635 2009.0/i586/libdevhelp-1-devel-0.21-3.25mdv2009.0.i586.rpm 497c932d9820cc1699102646d2ef218b 2009.0/i586/libsqlite3_0-3.7.6.2-0.1mdv2009.0.i586.rpm fba77facd31656c25a044fedb3ffe3b5 2009.0/i586/libsqlite3-devel-3.7.6.2-0.1mdv2009.0.i586.rpm 530c270b9dd5e1a8c9e678bafedc6d53 2009.0/i586/libsqlite3-static-devel-3.7.6.2-0.1mdv2009.0.i586.rpm 9dd3cb1007979e629daa0d27f78be530 2009.0/i586/libxulrunner1.9.2.17-1.9.2.17-0.1mdv2009.0.i586.rpm 46b0fbc1b5e027120083a1ffd58605a8 2009.0/i586/libxulrunner-devel-1.9.2.17-0.1mdv2009.0.i586.rpm ad5e3d1ffd7382f012a9d57c4fa702e8 2009.0/i586/mozilla-thunderbird-beagle-0.3.8-13.36mdv2009.0.i586.rpm adad587299352a74e675cface6154638 2009.0/i586/sqlite3-tools-3.7.6.2-0.1mdv2009.0.i586.rpm aeb059de62194445a32c7de36faa9e2e 2009.0/i586/xulrunner-1.9.2.17-0.1mdv2009.0.i586.rpm a5caae640a02076364fdd8c189794478 2009.0/i586/yelp-2.24.0-3.28mdv2009.0.i586.rpm 0972d520d57df45393b0aef2da4b12ee 2009.0/SRPMS/beagle-0.3.8-13.36mdv2009.0.src.rpm 3f8b8f723797f0fbbb5e0264bac2bfbf 2009.0/SRPMS/devhelp-0.21-3.25mdv2009.0.src.rpm ebbdbeb5e3ccb2fe3f424a327eb475ef 2009.0/SRPMS/epiphany-2.24.3-0.14mdv2009.0.src.rpm 3350215ced82f1bcf19a8e8188bf0a61 2009.0/SRPMS/firefox-3.6.17-0.1mdv2009.0.src.rpm f11029532df82e7923c4b096af98d3f0 2009.0/SRPMS/firefox-ext-blogrovr-1.1.804-0.13mdv2009.0.src.rpm 5aca99c0285a4412ecf02cf6bf946801 2009.0/SRPMS/firefox-ext-mozvoikko-1.0-0.13mdv2009.0.src.rpm dbb411ce9ba2dc5416b53aea4c6641ae 2009.0/SRPMS/firefox-ext-scribefire-3.5.1-0.13mdv2009.0.src.rpm 96e289aef5dd3795e776125a93b9a11e 2009.0/SRPMS/firefox-ext-xmarks-3.5.10-0.13mdv2009.0.src.rpm 8681188142a3360b17eae804219d934e 2009.0/SRPMS/firefox-l10n-3.6.17-0.1mdv2009.0.src.rpm 0b632cc0d32c20cb4c7458c7c20b0bcf 2009.0/SRPMS/firefox-theme-kfirefox-0.16-0.13mdv2009.0.src.rpm 82b1d9b926a7a183edd6ee0b39ee9fd8 2009.0/SRPMS/gnome-python-extras-2.19.1-20.27mdv2009.0.src.rpm 5bffe9ac14aabf83ea8b5c79f0e8e33f 2009.0/SRPMS/lemon-3.7.4-0.1mdv2009.0.src.rpm aa8e2dcac3269d9836f3dade77086e7f 2009.0/SRPMS/sqlite3-3.7.6.2-0.1mdv2009.0.src.rpm fba6a9ca071ee5648b373d678d67e352 2009.0/SRPMS/xulrunner-1.9.2.17-0.1mdv2009.0.src.rpm 4dc1a3719ef51d45d3af0be61950aef7 2009.0/SRPMS/yelp-2.24.0-3.28mdv2009.0.src.rpm
Mandriva Linux 2009.0/X86_64: b032aed8693b94bf0b5f457b0e7c3eb7 2009.0/x86_64/beagle-0.3.8-13.36mdv2009.0.x86_64.rpm 2fac29c992cd8be8892a4fb91d380336 2009.0/x86_64/beagle-crawl-system-0.3.8-13.36mdv2009.0.x86_64.rpm 055ef55bb8a468a5ec17e87a93a58b0d 2009.0/x86_64/beagle-doc-0.3.8-13.36mdv2009.0.x86_64.rpm 3fcee0a627224a9387b748a4abc461d5 2009.0/x86_64/beagle-epiphany-0.3.8-13.36mdv2009.0.x86_64.rpm 51976fc9309a41ca1ea61541110240b2 2009.0/x86_64/beagle-evolution-0.3.8-13.36mdv2009.0.x86_64.rpm a61243e5f9c5e0758dbfc4bc07b4dc84 2009.0/x86_64/beagle-gui-0.3.8-13.36mdv2009.0.x86_64.rpm 0a61952ef1924995be127129a149fbdf 2009.0/x86_64/beagle-gui-qt-0.3.8-13.36mdv2009.0.x86_64.rpm 734beb1bd9073dd56e5c2088213b7967 2009.0/x86_64/beagle-libs-0.3.8-13.36mdv2009.0.x86_64.rpm 595c25f3843781372230c07b5b33a442 2009.0/x86_64/devhelp-0.21-3.25mdv2009.0.x86_64.rpm 475b50ca8b0fbfeb52b09be5b92ed7ae 2009.0/x86_64/devhelp-plugins-0.21-3.25mdv2009.0.x86_64.rpm 8ddc7628fe244b65a69d4f40cc2f6c53 2009.0/x86_64/epiphany-2.24.3-0.14mdv2009.0.x86_64.rpm e7ae117ed437ad50e8d723818bc05ff9 2009.0/x86_64/epiphany-devel-2.24.3-0.14mdv2009.0.x86_64.rpm 04e2c0401ba7286141e292d0f4be0c6a 2009.0/x86_64/firefox-3.6.17-0.1mdv2009.0.x86_64.rpm e77f3b52a818b35b3b06f6a441221022 2009.0/x86_64/firefox-af-3.6.17-0.1mdv2009.0.x86_64.rpm ca49e550e4970bd20ec5e13d455b7657 2009.0/x86_64/firefox-ar-3.6.17-0.1mdv2009.0.x86_64.rpm 85ab3b431c7de6d7346f2af80724a1e3 2009.0/x86_64/firefox-be-3.6.17-0.1mdv2009.0.x86_64.rpm 9ac78224cc072b8a865eb57ccb44424d 2009.0/x86_64/firefox-bg-3.6.17-0.1mdv2009.0.x86_64.rpm 730388eccf9f9828f64af196ee86c5a6 2009.0/x86_64/firefox-bn-3.6.17-0.1mdv2009.0.x86_64.rpm 58a3decd3e3a3886a19dc40fb820941b 2009.0/x86_64/firefox-ca-3.6.17-0.1mdv2009.0.x86_64.rpm 5a90624d3518ba36ec55eb2a6420204b 2009.0/x86_64/firefox-cs-3.6.17-0.1mdv2009.0.x86_64.rpm db24b27132cb8dca3ea45ebcb6071712 2009.0/x86_64/firefox-cy-3.6.17-0.1mdv2009.0.x86_64.rpm a022a90fe3a6cca94340efcecb5001fe 2009.0/x86_64/firefox-da-3.6.17-0.1mdv2009.0.x86_64.rpm 4d59bf79a75d8213efc9a8f42357c4fe 2009.0/x86_64/firefox-de-3.6.17-0.1mdv2009.0.x86_64.rpm b20662cb8b1635f251d57a0833f9093e 2009.0/x86_64/firefox-devel-3.6.17-0.1mdv2009.0.x86_64.rpm 4c4cff9e136d5174633caf87334cd9cb 2009.0/x86_64/firefox-el-3.6.17-0.1mdv2009.0.x86_64.rpm 93bf8ba5a8e93c7006811d353d4c4f3d 2009.0/x86_64/firefox-en_GB-3.6.17-0.1mdv2009.0.x86_64.rpm a8b2021a6a9677c75f8ed5af7ccf9093 2009.0/x86_64/firefox-eo-3.6.17-0.1mdv2009.0.x86_64.rpm 60ae56632071590bb7b0d1f0f6a7671a 2009.0/x86_64/firefox-es_AR-3.6.17-0.1mdv2009.0.x86_64.rpm 601891ab9929ccf4ddea627b466642b5 2009.0/x86_64/firefox-es_ES-3.6.17-0.1mdv2009.0.x86_64.rpm b23dc67128474e77c02569ed3cf3d03c 2009.0/x86_64/firefox-et-3.6.17-0.1mdv2009.0.x86_64.rpm d6a6ade1469d07ea53dc0a80cd1e3ca6 2009.0/x86_64/firefox-eu-3.6.17-0.1mdv2009.0.x86_64.rpm 5b00c95f5af2960e0ae8885f81b14453 2009.0/x86_64/firefox-ext-beagle-0.3.8-13.36mdv2009.0.x86_64.rpm aa8b9f39a32280974cb7d37ef0f3365b 2009.0/x86_64/firefox-ext-blogrovr-1.1.804-0.13mdv2009.0.x86_64.rpm 90af6af5192a0523b7ca543d9b4f4d48 2009.0/x86_64/firefox-ext-mozvoikko-1.0-0.13mdv2009.0.x86_64.rpm 2ef1da56893a9ee8808c8e8a40f2855b 2009.0/x86_64/firefox-ext-scribefire-3.5.1-0.13mdv2009.0.x86_64.rpm ece9cf46ad4b8968b4804f58b9eede04 2009.0/x86_64/firefox-ext-xmarks-3.5.10-0.13mdv2009.0.x86_64.rpm c3be652781ea8fc04dd51009765a2018 2009.0/x86_64/firefox-fi-3.6.17-0.1mdv2009.0.x86_64.rpm 73b6dfa12df8d2f6d904a429a45aac6a 2009.0/x86_64/firefox-fr-3.6.17-0.1mdv2009.0.x86_64.rpm 88836378097f79cef65b842a71cc4e69 2009.0/x86_64/firefox-fy-3.6.17-0.1mdv2009.0.x86_64.rpm daa588318b69ee3223f472545e4a150c 2009.0/x86_64/firefox-ga_IE-3.6.17-0.1mdv2009.0.x86_64.rpm 1c0759836da6bd094788eef5120db5b1 2009.0/x86_64/firefox-gl-3.6.17-0.1mdv2009.0.x86_64.rpm fe4b9531eeb1fcbb37de47c73464abea 2009.0/x86_64/firefox-gu_IN-3.6.17-0.1mdv2009.0.x86_64.rpm a5981a499f181f788316c4580589ef2e 2009.0/x86_64/firefox-he-3.6.17-0.1mdv2009.0.x86_64.rpm 2550f09a264ffd4f60152fb310be2900 2009.0/x86_64/firefox-hi-3.6.17-0.1mdv2009.0.x86_64.rpm d1fbfc46c8f06b45959c5838e28a23aa 2009.0/x86_64/firefox-hu-3.6.17-0.1mdv2009.0.x86_64.rpm aaadb1c087eefe50e4bc877477abac4c 2009.0/x86_64/firefox-id-3.6.17-0.1mdv2009.0.x86_64.rpm 3314496029094186ee870f310ecab2f7 2009.0/x86_64/firefox-is-3.6.17-0.1mdv2009.0.x86_64.rpm 76dbab7b062c0bd4907c91c322c9a183 2009.0/x86_64/firefox-it-3.6.17-0.1mdv2009.0.x86_64.rpm c711dc2be8d7dc6b47680894e01da605 2009.0/x86_64/firefox-ja-3.6.17-0.1mdv2009.0.x86_64.rpm 527f62d56b9bb634de9c84317f570591 2009.0/x86_64/firefox-ka-3.6.17-0.1mdv2009.0.x86_64.rpm 6c51c819e5abc19f5d8f02efce3ba226 2009.0/x86_64/firefox-kn-3.6.17-0.1mdv2009.0.x86_64.rpm a3ab45d4da1be8b26dcbd457a3e9d3f9 2009.0/x86_64/firefox-ko-3.6.17-0.1mdv2009.0.x86_64.rpm 2e176ce5348d910c8057bc5563faf41c 2009.0/x86_64/firefox-ku-3.6.17-0.1mdv2009.0.x86_64.rpm dab82375106ffe486f47be236f8cb969 2009.0/x86_64/firefox-lt-3.6.17-0.1mdv2009.0.x86_64.rpm 48432620c19fe9808f84c5d1d38d21fe 2009.0/x86_64/firefox-lv-3.6.17-0.1mdv2009.0.x86_64.rpm 79182359d527104abc378941ccf75fad 2009.0/x86_64/firefox-mk-3.6.17-0.1mdv2009.0.x86_64.rpm cd492f6fc1b5f36bb4826f728434c6af 2009.0/x86_64/firefox-mr-3.6.17-0.1mdv2009.0.x86_64.rpm 01d8a87704b226b740c723f08ecc2d65 2009.0/x86_64/firefox-nb_NO-3.6.17-0.1mdv2009.0.x86_64.rpm d7312e9a8d543937d317c1d59b3a34a1 2009.0/x86_64/firefox-nl-3.6.17-0.1mdv2009.0.x86_64.rpm 85d01cb0516ecb676564b1054fda683d 2009.0/x86_64/firefox-nn_NO-3.6.17-0.1mdv2009.0.x86_64.rpm bb0810bd066ae8e63a58764a87e4d820 2009.0/x86_64/firefox-oc-3.6.17-0.1mdv2009.0.x86_64.rpm ddd12841f0c0f4601a4e06d2ceb2f677 2009.0/x86_64/firefox-pa_IN-3.6.17-0.1mdv2009.0.x86_64.rpm 12ac4b4f1e269138d250ca3644a1b36a 2009.0/x86_64/firefox-pl-3.6.17-0.1mdv2009.0.x86_64.rpm ae0839d18977a11b8f9dcafab4d37ad9 2009.0/x86_64/firefox-pt_BR-3.6.17-0.1mdv2009.0.x86_64.rpm 30f7df0cf5761ecbcd9c741e4766680e 2009.0/x86_64/firefox-pt_PT-3.6.17-0.1mdv2009.0.x86_64.rpm 9cc05af0f3a3f2d3d36cc7d2bb74660a 2009.0/x86_64/firefox-ro-3.6.17-0.1mdv2009.0.x86_64.rpm f1044bb9e20f353e4fc648bf0501524d 2009.0/x86_64/firefox-ru-3.6.17-0.1mdv2009.0.x86_64.rpm 84fd90488b116a7dd26787d5416b6b12 2009.0/x86_64/firefox-si-3.6.17-0.1mdv2009.0.x86_64.rpm ac187a0b46b8c1c9dc57d3ce86382dfb 2009.0/x86_64/firefox-sk-3.6.17-0.1mdv2009.0.x86_64.rpm 19102a390fef503416f6f38f53bece23 2009.0/x86_64/firefox-sl-3.6.17-0.1mdv2009.0.x86_64.rpm cc1d2bdfb6f76c667aeb1394560c9f08 2009.0/x86_64/firefox-sq-3.6.17-0.1mdv2009.0.x86_64.rpm 29900dc6cc095ac318cc64e72edd4d8b 2009.0/x86_64/firefox-sr-3.6.17-0.1mdv2009.0.x86_64.rpm b76ad7b6ddf7684a939bcea888d4a432 2009.0/x86_64/firefox-sv_SE-3.6.17-0.1mdv2009.0.x86_64.rpm 1a8c696020c195c83f64aca80bf731eb 2009.0/x86_64/firefox-te-3.6.17-0.1mdv2009.0.x86_64.rpm 239684a41f202c5edbcbf6217909e818 2009.0/x86_64/firefox-th-3.6.17-0.1mdv2009.0.x86_64.rpm 3c289ecc5ac769c4b18a381f6c8e363e 2009.0/x86_64/firefox-theme-kfirefox-0.16-0.13mdv2009.0.x86_64.rpm 3770e9c29be81d282b766d776a392a4f 2009.0/x86_64/firefox-tr-3.6.17-0.1mdv2009.0.x86_64.rpm e1c6942f3f842ae7551c96283c26e72d 2009.0/x86_64/firefox-uk-3.6.17-0.1mdv2009.0.x86_64.rpm aa519f7229db7d3dfdc217d613ebdea0 2009.0/x86_64/firefox-zh_CN-3.6.17-0.1mdv2009.0.x86_64.rpm 2e01ab4446c233d7a4e89ed1c4859274 2009.0/x86_64/firefox-zh_TW-3.6.17-0.1mdv2009.0.x86_64.rpm 39cf269b29e518aa8db16a99a43c18d7 2009.0/x86_64/gnome-python-extras-2.19.1-20.27mdv2009.0.x86_64.rpm b0ba6358ad186d93f5cf23984acdd288 2009.0/x86_64/gnome-python-gda-2.19.1-20.27mdv2009.0.x86_64.rpm c5b9d792230aea0602d696a650cf76ff 2009.0/x86_64/gnome-python-gda-devel-2.19.1-20.27mdv2009.0.x86_64.rpm b882a6e641aad7bc507beda9af730d9d 2009.0/x86_64/gnome-python-gdl-2.19.1-20.27mdv2009.0.x86_64.rpm 7fa08a97cbe98f8ad9707cb401ceef7d 2009.0/x86_64/gnome-python-gtkhtml2-2.19.1-20.27mdv2009.0.x86_64.rpm c577a096e7c627e2910d3d476a94ec95 2009.0/x86_64/gnome-python-gtkmozembed-2.19.1-20.27mdv2009.0.x86_64.rpm aefafa2fbaa7fdfb1ae7e7d484feb84b 2009.0/x86_64/gnome-python-gtkspell-2.19.1-20.27mdv2009.0.x86_64.rpm 6a4dae7f9c6b44e6c11718dce617ba4e 2009.0/x86_64/lemon-3.7.4-0.1mdv2009.0.x86_64.rpm 4befda2bfc13c141078f3b6f157ef014 2009.0/x86_64/lib64devhelp-1_0-0.21-3.25mdv2009.0.x86_64.rpm 91e5fc566a17eadf4c587ce1a7bc014b 2009.0/x86_64/lib64devhelp-1-devel-0.21-3.25mdv2009.0.x86_64.rpm 4b9faa7ba8fb0ef518ee214debf823ea 2009.0/x86_64/lib64sqlite3_0-3.7.6.2-0.1mdv2009.0.x86_64.rpm 26e89fde1f2ddfa51157f246a7a8148a 2009.0/x86_64/lib64sqlite3-devel-3.7.6.2-0.1mdv2009.0.x86_64.rpm 588a88e71749159790ab8f66f1a4b4e8 2009.0/x86_64/lib64sqlite3-static-devel-3.7.6.2-0.1mdv2009.0.x86_64.rpm abe638f2b42c8dff52fd47344d5202c5 2009.0/x86_64/lib64xulrunner1.9.2.17-1.9.2.17-0.1mdv2009.0.x86_64.rpm 368987069ca85079fbd58ec5a3fe503a 2009.0/x86_64/lib64xulrunner-devel-1.9.2.17-0.1mdv2009.0.x86_64.rpm ac35d16e378e015d39049265a1064ca6 2009.0/x86_64/mozilla-thunderbird-beagle-0.3.8-13.36mdv2009.0.x86_64.rpm 12295dfafb906d07b16e21d0773bd24a 2009.0/x86_64/sqlite3-tools-3.7.6.2-0.1mdv2009.0.x86_64.rpm cea2bac5a44774587ec4605f1cb97cbf 2009.0/x86_64/xulrunner-1.9.2.17-0.1mdv2009.0.x86_64.rpm 47f4aca2ef52ab69ac4bb90585e244f3 2009.0/x86_64/yelp-2.24.0-3.28mdv2009.0.x86_64.rpm 0972d520d57df45393b0aef2da4b12ee 2009.0/SRPMS/beagle-0.3.8-13.36mdv2009.0.src.rpm 3f8b8f723797f0fbbb5e0264bac2bfbf 2009.0/SRPMS/devhelp-0.21-3.25mdv2009.0.src.rpm ebbdbeb5e3ccb2fe3f424a327eb475ef 2009.0/SRPMS/epiphany-2.24.3-0.14mdv2009.0.src.rpm 3350215ced82f1bcf19a8e8188bf0a61 2009.0/SRPMS/firefox-3.6.17-0.1mdv2009.0.src.rpm f11029532df82e7923c4b096af98d3f0 2009.0/SRPMS/firefox-ext-blogrovr-1.1.804-0.13mdv2009.0.src.rpm 5aca99c0285a4412ecf02cf6bf946801 2009.0/SRPMS/firefox-ext-mozvoikko-1.0-0.13mdv2009.0.src.rpm dbb411ce9ba2dc5416b53aea4c6641ae 2009.0/SRPMS/firefox-ext-scribefire-3.5.1-0.13mdv2009.0.src.rpm 96e289aef5dd3795e776125a93b9a11e 2009.0/SRPMS/firefox-ext-xmarks-3.5.10-0.13mdv2009.0.src.rpm 8681188142a3360b17eae804219d934e 2009.0/SRPMS/firefox-l10n-3.6.17-0.1mdv2009.0.src.rpm 0b632cc0d32c20cb4c7458c7c20b0bcf 2009.0/SRPMS/firefox-theme-kfirefox-0.16-0.13mdv2009.0.src.rpm 82b1d9b926a7a183edd6ee0b39ee9fd8 2009.0/SRPMS/gnome-python-extras-2.19.1-20.27mdv2009.0.src.rpm 5bffe9ac14aabf83ea8b5c79f0e8e33f 2009.0/SRPMS/lemon-3.7.4-0.1mdv2009.0.src.rpm aa8e2dcac3269d9836f3dade77086e7f 2009.0/SRPMS/sqlite3-3.7.6.2-0.1mdv2009.0.src.rpm fba6a9ca071ee5648b373d678d67e352 2009.0/SRPMS/xulrunner-1.9.2.17-0.1mdv2009.0.src.rpm 4dc1a3719ef51d45d3af0be61950aef7 2009.0/SRPMS/yelp-2.24.0-3.28mdv2009.0.src.rpm
Mandriva Linux 2010.0: b6a1e9e5b9e25830e9b7078924d2696e 2010.0/i586/beagle-0.3.9-20.24mdv2010.0.i586.rpm c157386b79eec41001dcae8b9133af69 2010.0/i586/beagle-crawl-system-0.3.9-20.24mdv2010.0.i586.rpm 4aef4afd0e9651ddad72b188b9351a42 2010.0/i586/beagle-doc-0.3.9-20.24mdv2010.0.i586.rpm 8832c1286824ae275dd9aa35e3ac4f1d 2010.0/i586/beagle-evolution-0.3.9-20.24mdv2010.0.i586.rpm 0e39eb8c59a596efa9315606059a1760 2010.0/i586/beagle-gui-0.3.9-20.24mdv2010.0.i586.rpm b6151aa5af9cd0a36ec8b164a0c90df4 2010.0/i586/beagle-gui-qt-0.3.9-20.24mdv2010.0.i586.rpm e21eb5e62627f34b63ef80efa85adce2 2010.0/i586/beagle-libs-0.3.9-20.24mdv2010.0.i586.rpm ce2e2fb2ac7223bdd59994a3ac2dc718 2010.0/i586/firefox-3.6.17-0.1mdv2010.0.i586.rpm c5d163ba6817bc2b58baa0c6aaade18f 2010.0/i586/firefox-af-3.6.17-0.1mdv2010.0.i586.rpm 309d34256461d7ced6f0f25e48a56ef4 2010.0/i586/firefox-ar-3.6.17-0.1mdv2010.0.i586.rpm 58abfbf8f8050c0b0964922770d41aa3 2010.0/i586/firefox-be-3.6.17-0.1mdv2010.0.i586.rpm ec582b11ef9394620eaed6132d84d839 2010.0/i586/firefox-bg-3.6.17-0.1mdv2010.0.i586.rpm 8093a30d51889561b62eed0f6a4d4e52 2010.0/i586/firefox-bn-3.6.17-0.1mdv2010.0.i586.rpm f104f48ecae85588e16845d7765cce61 2010.0/i586/firefox-ca-3.6.17-0.1mdv2010.0.i586.rpm 6a01b14ba6add339b15a1703508c491f 2010.0/i586/firefox-cs-3.6.17-0.1mdv2010.0.i586.rpm d2b01ad5090cb85cb1ee0c7ddae02e9c 2010.0/i586/firefox-cy-3.6.17-0.1mdv2010.0.i586.rpm d78c752aee982cadd936955e84a37129 2010.0/i586/firefox-da-3.6.17-0.1mdv2010.0.i586.rpm 8009736a3b595f259ed36676cfc1adcf 2010.0/i586/firefox-de-3.6.17-0.1mdv2010.0.i586.rpm cc2f5a0e41a84919685a390e50869193 2010.0/i586/firefox-devel-3.6.17-0.1mdv2010.0.i586.rpm 1f38c9f900932be64993471dd7cfa87d 2010.0/i586/firefox-el-3.6.17-0.1mdv2010.0.i586.rpm 620c598a6201f155fb66b8e8d71253bf 2010.0/i586/firefox-en_GB-3.6.17-0.1mdv2010.0.i586.rpm 44fdf2af3b0ac2497a2dccd3fe4fa6d1 2010.0/i586/firefox-eo-3.6.17-0.1mdv2010.0.i586.rpm 9bf9966d1fa20ca0a3b320e9eb67b3fb 2010.0/i586/firefox-es_AR-3.6.17-0.1mdv2010.0.i586.rpm c1afe2347d18c52e07322b4fc8cd625e 2010.0/i586/firefox-es_ES-3.6.17-0.1mdv2010.0.i586.rpm d3ddf4f0650d7faf3398c58e6f4abb9e 2010.0/i586/firefox-et-3.6.17-0.1mdv2010.0.i586.rpm 41c4ffc76147f9b79952a7372b22bfa4 2010.0/i586/firefox-eu-3.6.17-0.1mdv2010.0.i586.rpm ad261fd5e248f592a1d84ecd3f99c8f8 2010.0/i586/firefox-ext-beagle-0.3.9-20.24mdv2010.0.i586.rpm a7934e327f7c6b0faa8dd81e74b0bbba 2010.0/i586/firefox-ext-blogrovr-1.1.804-6.19mdv2010.0.i586.rpm b0a87ee3ea58549813ce53682528e344 2010.0/i586/firefox-ext-mozvoikko-1.0-6.19mdv2010.0.i586.rpm d5d1ca07987bd14a6d28b89323ac7f6d 2010.0/i586/firefox-ext-plasmanotify-0.3.1-0.14mdv2010.0.i586.rpm 458d326026b0ceb126e1881aede8c066 2010.0/i586/firefox-ext-r-kiosk-0.7.2-9.19mdv2010.0.i586.rpm c7d22e1864faceeb962dd67fbdf21335 2010.0/i586/firefox-ext-scribefire-3.5.1-0.13mdv2010.0.i586.rpm ad519aa8884647ff54ac422549d7b16e 2010.0/i586/firefox-fi-3.6.17-0.1mdv2010.0.i586.rpm b49e76476d75bad4b27770a57a04df23 2010.0/i586/firefox-fr-3.6.17-0.1mdv2010.0.i586.rpm 2fe7eb8092c120755c032e56748aa9b7 2010.0/i586/firefox-fy-3.6.17-0.1mdv2010.0.i586.rpm ce5815c669402fd42bc07d44d93c66d3 2010.0/i586/firefox-ga_IE-3.6.17-0.1mdv2010.0.i586.rpm bba69242827e981627211b2b5eb68931 2010.0/i586/firefox-gl-3.6.17-0.1mdv2010.0.i586.rpm ed338554b350057694e2a6c2d224b387 2010.0/i586/firefox-gu_IN-3.6.17-0.1mdv2010.0.i586.rpm 1b7dc5cab758801b82ac1c242da6d59c 2010.0/i586/firefox-he-3.6.17-0.1mdv2010.0.i586.rpm 007af7a298d36f8895fba605aac15803 2010.0/i586/firefox-hi-3.6.17-0.1mdv2010.0.i586.rpm 476f6ac627f82fc7f7c5543f56482796 2010.0/i586/firefox-hu-3.6.17-0.1mdv2010.0.i586.rpm 88f193ba3b7d0bef97eaac7857293a8f 2010.0/i586/firefox-id-3.6.17-0.1mdv2010.0.i586.rpm d0330a0dd7dcbd3daca42525454994ec 2010.0/i586/firefox-is-3.6.17-0.1mdv2010.0.i586.rpm b261438d53f2f8434efe2b95f7e8d954 2010.0/i586/firefox-it-3.6.17-0.1mdv2010.0.i586.rpm 3d5900d3faefb015dcb0a4d62ef16ebe 2010.0/i586/firefox-ja-3.6.17-0.1mdv2010.0.i586.rpm 292b801681eb21ecbf5778abcff89188 2010.0/i586/firefox-ka-3.6.17-0.1mdv2010.0.i586.rpm 8f540c760b340206cc3bd17698ee88df 2010.0/i586/firefox-kn-3.6.17-0.1mdv2010.0.i586.rpm c8854d6714259850dc92f7fbe6dd17dd 2010.0/i586/firefox-ko-3.6.17-0.1mdv2010.0.i586.rpm 2772412e7edd00b8174f9638cec5db4f 2010.0/i586/firefox-ku-3.6.17-0.1mdv2010.0.i586.rpm 44ad30a9e5c3b2bd10371fba4ed4d2b9 2010.0/i586/firefox-lt-3.6.17-0.1mdv2010.0.i586.rpm ed093c9f9630d13a227371a1f62495a1 2010.0/i586/firefox-lv-3.6.17-0.1mdv2010.0.i586.rpm 00712ffbbdbe194ed03bef8a891e4e57 2010.0/i586/firefox-mk-3.6.17-0.1mdv2010.0.i586.rpm 8c8a612931c31d49fc3f4ae351cd26e3 2010.0/i586/firefox-mr-3.6.17-0.1mdv2010.0.i586.rpm 91ad5facd01c4c4bd31790ca40a640ca 2010.0/i586/firefox-nb_NO-3.6.17-0.1mdv2010.0.i586.rpm b00a5e35e6ac55f895b8f6916f79bde7 2010.0/i586/firefox-nl-3.6.17-0.1mdv2010.0.i586.rpm 0ee6b29ecb2a12136b11c0608360a0a8 2010.0/i586/firefox-nn_NO-3.6.17-0.1mdv2010.0.i586.rpm e79fa37b9006461f4d0ba003b4da69b9 2010.0/i586/firefox-oc-3.6.17-0.1mdv2010.0.i586.rpm af2a2946979a450cf150eff6f2aeca15 2010.0/i586/firefox-pa_IN-3.6.17-0.1mdv2010.0.i586.rpm e2a5272606e7048adadee10f39fbe98f 2010.0/i586/firefox-pl-3.6.17-0.1mdv2010.0.i586.rpm 735f3400c0570124a70792715503ff69 2010.0/i586/firefox-pt_BR-3.6.17-0.1mdv2010.0.i586.rpm 56d8fe829854b44f4a9d7a3dad7f08e8 2010.0/i586/firefox-pt_PT-3.6.17-0.1mdv2010.0.i586.rpm db9d45c53a5ea7311dab8b6dd3136f5b 2010.0/i586/firefox-ro-3.6.17-0.1mdv2010.0.i586.rpm 16cd0acaf4cc9de46f7df27668f804c7 2010.0/i586/firefox-ru-3.6.17-0.1mdv2010.0.i586.rpm 9c79daeb7907e1050f55c77a78e68cc1 2010.0/i586/firefox-si-3.6.17-0.1mdv2010.0.i586.rpm b6d4b76f9ff21b0800839c049df430a6 2010.0/i586/firefox-sk-3.6.17-0.1mdv2010.0.i586.rpm 3826c8dea2da5b4114f440427b95e8b4 2010.0/i586/firefox-sl-3.6.17-0.1mdv2010.0.i586.rpm db491650aba41efba6874835f093f4db 2010.0/i586/firefox-sq-3.6.17-0.1mdv2010.0.i586.rpm d87fc741560c434ebf78d91df37d69c6 2010.0/i586/firefox-sr-3.6.17-0.1mdv2010.0.i586.rpm 4c2c8bf680e06a814ba26c9cf03f513c 2010.0/i586/firefox-sv_SE-3.6.17-0.1mdv2010.0.i586.rpm 2a2b280eb345b0c3f477916b9b739fe6 2010.0/i586/firefox-te-3.6.17-0.1mdv2010.0.i586.rpm 3d472d3c27158912b8aa5dfada66e6cd 2010.0/i586/firefox-th-3.6.17-0.1mdv2010.0.i586.rpm 593aabf00e5d3904c10a970adf428888 2010.0/i586/firefox-theme-kfirefox-0.16-7.18mdv2010.0.i586.rpm 59701c68cba8f4e64e7f522a3416b963 2010.0/i586/firefox-tr-3.6.17-0.1mdv2010.0.i586.rpm c8a8962b397b0bd4cf92b294d8f213ea 2010.0/i586/firefox-uk-3.6.17-0.1mdv2010.0.i586.rpm c802454f74a74d2fd062d356a10cd9fe 2010.0/i586/firefox-zh_CN-3.6.17-0.1mdv2010.0.i586.rpm 54ffb1d848372e37673ee5f0916d87a9 2010.0/i586/firefox-zh_TW-3.6.17-0.1mdv2010.0.i586.rpm e6bb0b44e75dc31a1398d8f1be3b9c05 2010.0/i586/gnome-python-extras-2.25.3-10.19mdv2010.0.i586.rpm cb3a68a90b06a8a3b1b7c4225e6a2434 2010.0/i586/gnome-python-gda-2.25.3-10.19mdv2010.0.i586.rpm 04800b57661c14843f9cb30a0bc492e8 2010.0/i586/gnome-python-gda-devel-2.25.3-10.19mdv2010.0.i586.rpm 6425c25026893e92066095be60cc4c68 2010.0/i586/gnome-python-gdl-2.25.3-10.19mdv2010.0.i586.rpm b399a0ddd65dd348f3d28bacd9c10969 2010.0/i586/gnome-python-gtkhtml2-2.25.3-10.19mdv2010.0.i586.rpm 316d34952b6a1ae3f6fc688684008621 2010.0/i586/gnome-python-gtkmozembed-2.25.3-10.19mdv2010.0.i586.rpm f291f9d540696b985058fed2bcb43f3b 2010.0/i586/gnome-python-gtkspell-2.25.3-10.19mdv2010.0.i586.rpm 03ad25d77e26d447e2eeb2172c983b70 2010.0/i586/google-gadgets-common-0.11.2-0.14mdv2010.0.i586.rpm 2668802eab633e4985ee7d5cae705998 2010.0/i586/google-gadgets-gtk-0.11.2-0.14mdv2010.0.i586.rpm 8934c0ddb3f6fadac35b13daf5d385b9 2010.0/i586/google-gadgets-qt-0.11.2-0.14mdv2010.0.i586.rpm cd109c50db0909b76bca45f7733b5d6e 2010.0/i586/lemon-3.7.4-0.1mdv2010.0.i586.rpm 591d040f58de2df829386de1f7e46afd 2010.0/i586/libggadget1.0_0-0.11.2-0.14mdv2010.0.i586.rpm 0ed830c0e017bf6daebe06e0a4fc130f 2010.0/i586/libggadget-dbus1.0_0-0.11.2-0.14mdv2010.0.i586.rpm eb51fb7f24b1af033488d8123dd63355 2010.0/i586/libggadget-gtk1.0_0-0.11.2-0.14mdv2010.0.i586.rpm e092bd005bf25082a3cd965658c44882 2010.0/i586/libggadget-js1.0_0-0.11.2-0.14mdv2010.0.i586.rpm b22e2ac3a4dc918fae6afb4c38f83be7 2010.0/i586/libggadget-npapi1.0_0-0.11.2-0.14mdv2010.0.i586.rpm e130ea57c3a32005f202924643467014 2010.0/i586/libggadget-qt1.0_0-0.11.2-0.14mdv2010.0.i586.rpm a28b0faef4a1c9f10126abf5e2e263a8 2010.0/i586/libggadget-webkitjs0-0.11.2-0.14mdv2010.0.i586.rpm 1954487379222ae6d2900f049d9c5d8e 2010.0/i586/libggadget-xdg1.0_0-0.11.2-0.14mdv2010.0.i586.rpm a142592d9ad77cbd49cdaaccbaf18ab2 2010.0/i586/libgoogle-gadgets-devel-0.11.2-0.14mdv2010.0.i586.rpm 7439c4f59d7c3e3c0c4053c8497c686d 2010.0/i586/libopensc2-0.11.9-1.19mdv2010.0.i586.rpm 000a04f5477c2191dd18aee1028658c0 2010.0/i586/libopensc-devel-0.11.9-1.19mdv2010.0.i586.rpm d108f2a27ec1602a8e3abfe85a6dd9c4 2010.0/i586/libsqlite3_0-3.7.6.2-0.1mdv2010.0.i586.rpm 25ec3dae2efdd5df8f02daf19aade1b6 2010.0/i586/libsqlite3-devel-3.7.6.2-0.1mdv2010.0.i586.rpm 98115a0368c0fff061a7c6b03ff970a6 2010.0/i586/libsqlite3-static-devel-3.7.6.2-0.1mdv2010.0.i586.rpm 306b910536bbcf02d9388bbac370cc14 2010.0/i586/libxulrunner1.9.2.17-1.9.2.17-0.1mdv2010.0.i586.rpm 3a0ab7f87d735b2788978ca7bbe21655 2010.0/i586/libxulrunner-devel-1.9.2.17-0.1mdv2010.0.i586.rpm 5d733fb6ef9990d58bc260520c2a952c 2010.0/i586/mozilla-plugin-opensc-0.11.9-1.19mdv2010.0.i586.rpm b5e5a4ff8c718c494776e9fcf387d846 2010.0/i586/mozilla-thunderbird-beagle-0.3.9-20.24mdv2010.0.i586.rpm d40e17498c9b2969d53b636f1512a981 2010.0/i586/opensc-0.11.9-1.19mdv2010.0.i586.rpm f59e41d761d46dd8ae5f0848c1268aba 2010.0/i586/sqlite3-tools-3.7.6.2-0.1mdv2010.0.i586.rpm dc8db442ddcdefb7aa85e8b7a2bd1bc1 2010.0/i586/xulrunner-1.9.2.17-0.1mdv2010.0.i586.rpm aa33ff3f1ad317179dfa58784edc5b84 2010.0/i586/yelp-2.28.0-1.21mdv2010.0.i586.rpm 872f3f5473c99556ba3676a2087618ac 2010.0/SRPMS/beagle-0.3.9-20.24mdv2010.0.src.rpm eb7c8b9b8b19f6cf7dab54a0128a7c3b 2010.0/SRPMS/firefox-3.6.17-0.1mdv2010.0.src.rpm b8a28536c5f5b90e1e56fcbccc0f7828 2010.0/SRPMS/firefox-ext-blogrovr-1.1.804-6.19mdv2010.0.src.rpm 0203c855fea4ad16b8bf3490c28a522a 2010.0/SRPMS/firefox-ext-mozvoikko-1.0-6.19mdv2010.0.src.rpm b01922e0aef070ea95b6fa98945fb685 2010.0/SRPMS/firefox-ext-plasmanotify-0.3.1-0.14mdv2010.0.src.rpm 16b3eb2d5945df96a9768051a3093b04 2010.0/SRPMS/firefox-ext-r-kiosk-0.7.2-9.19mdv2010.0.src.rpm 4e57990dc20e6089157a02b0dd7bad97 2010.0/SRPMS/firefox-ext-scribefire-3.5.1-0.13mdv2010.0.src.rpm 1e3f69cadbe70bffd1c7f7220f11792c 2010.0/SRPMS/firefox-l10n-3.6.17-0.1mdv2010.0.src.rpm 13d4fc5888b6dc2c2b7347de5ffe6282 2010.0/SRPMS/firefox-theme-kfirefox-0.16-7.18mdv2010.0.src.rpm 43f53231379e4b1ef09b31f24d329448 2010.0/SRPMS/gnome-python-extras-2.25.3-10.19mdv2010.0.src.rpm 15ead6d66f9b662b9a02a970717a5063 2010.0/SRPMS/google-gadgets-0.11.2-0.14mdv2010.0.src.rpm 24971ad45f4df34e024b071415dfe672 2010.0/SRPMS/lemon-3.7.4-0.1mdv2010.0.src.rpm 23959d528a982971b2f7e9016c3789b4 2010.0/SRPMS/opensc-0.11.9-1.19mdv2010.0.src.rpm 9de0929e70ecda34752e0ab536491e15 2010.0/SRPMS/sqlite3-3.7.6.2-0.1mdv2010.0.src.rpm 5983d5c4fe3694a9875e836334d73d98 2010.0/SRPMS/xulrunner-1.9.2.17-0.1mdv2010.0.src.rpm 4a673f357f57178cc398edbe72b749a9 2010.0/SRPMS/yelp-2.28.0-1.21mdv2010.0.src.rpm
Mandriva Linux 2010.0/X86_64: 3858b66b72089446d943bcef027f17e1 2010.0/x86_64/beagle-0.3.9-20.24mdv2010.0.x86_64.rpm 2f64fc068b962ed27dffbd3166e3f13d 2010.0/x86_64/beagle-crawl-system-0.3.9-20.24mdv2010.0.x86_64.rpm a5d8e8855f04448778a942dc69e4e9ee 2010.0/x86_64/beagle-doc-0.3.9-20.24mdv2010.0.x86_64.rpm 60865274682f6fe2425b49bef9d7e125 2010.0/x86_64/beagle-evolution-0.3.9-20.24mdv2010.0.x86_64.rpm b19d9d4b3a1e4b49e70f02da179f8bcf 2010.0/x86_64/beagle-gui-0.3.9-20.24mdv2010.0.x86_64.rpm 53990e7b90d7feaa22a992ed3c69197f 2010.0/x86_64/beagle-gui-qt-0.3.9-20.24mdv2010.0.x86_64.rpm f0b3683737da726c0aed135fea2bf4ce 2010.0/x86_64/beagle-libs-0.3.9-20.24mdv2010.0.x86_64.rpm 093d44feb8368dd263d0877bcbde1555 2010.0/x86_64/firefox-3.6.17-0.1mdv2010.0.x86_64.rpm 7e3799f4a5ca1eceb6d1fd4eca83afd0 2010.0/x86_64/firefox-af-3.6.17-0.1mdv2010.0.x86_64.rpm f4b0c8b86490fdf9a9c25974a92689ca 2010.0/x86_64/firefox-ar-3.6.17-0.1mdv2010.0.x86_64.rpm 57ffe1be3cdd0af944259ed114231810 2010.0/x86_64/firefox-be-3.6.17-0.1mdv2010.0.x86_64.rpm 8aeadd5d3e3e47715d51ea3a82843128 2010.0/x86_64/firefox-bg-3.6.17-0.1mdv2010.0.x86_64.rpm ff79968fce36b922b8d98e0eb9b816c8 2010.0/x86_64/firefox-bn-3.6.17-0.1mdv2010.0.x86_64.rpm d09d62f420535517de8bf4541b3a8fec 2010.0/x86_64/firefox-ca-3.6.17-0.1mdv2010.0.x86_64.rpm af07bb511e838122ffc241b2209e580e 2010.0/x86_64/firefox-cs-3.6.17-0.1mdv2010.0.x86_64.rpm d2e567af634fb4000251ae2c28bfbd60 2010.0/x86_64/firefox-cy-3.6.17-0.1mdv2010.0.x86_64.rpm 0d86423290f5f10c717e7535e80a3617 2010.0/x86_64/firefox-da-3.6.17-0.1mdv2010.0.x86_64.rpm 6771eac9d9f1b5d3b93dea3fa1eddb43 2010.0/x86_64/firefox-de-3.6.17-0.1mdv2010.0.x86_64.rpm 149d869189abd70972ff431b3fa8c30d 2010.0/x86_64/firefox-devel-3.6.17-0.1mdv2010.0.x86_64.rpm 238759b4136c3b9265bbcb9e0be9bb5f 2010.0/x86_64/firefox-el-3.6.17-0.1mdv2010.0.x86_64.rpm 5b3990e5fd90c56b711a836669d201a3 2010.0/x86_64/firefox-en_GB-3.6.17-0.1mdv2010.0.x86_64.rpm b672e3ff071c07ab7f177c20328db06f 2010.0/x86_64/firefox-eo-3.6.17-0.1mdv2010.0.x86_64.rpm 4b9a27c7bdcb609968c82eaf20b5aee7 2010.0/x86_64/firefox-es_AR-3.6.17-0.1mdv2010.0.x86_64.rpm 9ac337f09f15f9b3a1322630167d4ac6 2010.0/x86_64/firefox-es_ES-3.6.17-0.1mdv2010.0.x86_64.rpm c880f83263f5fa4a1c52dcdaf2c5e861 2010.0/x86_64/firefox-et-3.6.17-0.1mdv2010.0.x86_64.rpm 1ddd1520b4f8b9218650aa613918a33c 2010.0/x86_64/firefox-eu-3.6.17-0.1mdv2010.0.x86_64.rpm 8214d724c4ae2a82b3698dc8d657fe10 2010.0/x86_64/firefox-ext-beagle-0.3.9-20.24mdv2010.0.x86_64.rpm fe0be0de58803f286786cd0e9c889ee6 2010.0/x86_64/firefox-ext-blogrovr-1.1.804-6.19mdv2010.0.x86_64.rpm 304a74743e71b80d8bd13ce2a394985d 2010.0/x86_64/firefox-ext-mozvoikko-1.0-6.19mdv2010.0.x86_64.rpm 9d4f9089e453c405327804fe295009a8 2010.0/x86_64/firefox-ext-plasmanotify-0.3.1-0.14mdv2010.0.x86_64.rpm b803bbf7342e3af31538727458c9f90e 2010.0/x86_64/firefox-ext-r-kiosk-0.7.2-9.19mdv2010.0.x86_64.rpm 9cf49c740dd4865a1564b33b7a41d585 2010.0/x86_64/firefox-ext-scribefire-3.5.1-0.13mdv2010.0.x86_64.rpm 24e754bed0908dc1f951803e707ce567 2010.0/x86_64/firefox-fi-3.6.17-0.1mdv2010.0.x86_64.rpm 79d473fe7d47dabac82fad423557513c 2010.0/x86_64/firefox-fr-3.6.17-0.1mdv2010.0.x86_64.rpm 902c5eac74afbdb862c1b2cfb0c21ef0 2010.0/x86_64/firefox-fy-3.6.17-0.1mdv2010.0.x86_64.rpm 5b064f04e0c27f27ae69a6e8e4cdbf7f 2010.0/x86_64/firefox-ga_IE-3.6.17-0.1mdv2010.0.x86_64.rpm fffe860a112c49980994d476b793eb53 2010.0/x86_64/firefox-gl-3.6.17-0.1mdv2010.0.x86_64.rpm a52c856435cb5c50b8ae2155928b5244 2010.0/x86_64/firefox-gu_IN-3.6.17-0.1mdv2010.0.x86_64.rpm 05ea1476c038511a2b4a46034c6ab290 2010.0/x86_64/firefox-he-3.6.17-0.1mdv2010.0.x86_64.rpm 9273f6a64382ba0dc683fa32e61f1bb2 2010.0/x86_64/firefox-hi-3.6.17-0.1mdv2010.0.x86_64.rpm 4ef3c6fccb7d7bf5b4c0f11abceaf0f5 2010.0/x86_64/firefox-hu-3.6.17-0.1mdv2010.0.x86_64.rpm 0346f17a58b3a444c02fd35fba01458a 2010.0/x86_64/firefox-id-3.6.17-0.1mdv2010.0.x86_64.rpm 2318d466a80d30bf6f2e985647010faa 2010.0/x86_64/firefox-is-3.6.17-0.1mdv2010.0.x86_64.rpm 9a6d1f0e13346155bd81fc3340f89890 2010.0/x86_64/firefox-it-3.6.17-0.1mdv2010.0.x86_64.rpm 63cebbb431c2915c86c4d5c22c5f154a 2010.0/x86_64/firefox-ja-3.6.17-0.1mdv2010.0.x86_64.rpm c384ffcffcd6e3ad4536183ccf5bcd9f 2010.0/x86_64/firefox-ka-3.6.17-0.1mdv2010.0.x86_64.rpm b6ee1fefececab34c485fff2bb2e0340 2010.0/x86_64/firefox-kn-3.6.17-0.1mdv2010.0.x86_64.rpm b0ae37fdeff27404b04b97e4f25b3286 2010.0/x86_64/firefox-ko-3.6.17-0.1mdv2010.0.x86_64.rpm 18bd8f78a8172bbca00432df5d8ab6a2 2010.0/x86_64/firefox-ku-3.6.17-0.1mdv2010.0.x86_64.rpm 06432e71e5f7721c08dc958d3da8db23 2010.0/x86_64/firefox-lt-3.6.17-0.1mdv2010.0.x86_64.rpm 73d6ca4e1e5b5ccb8b2699f985eb46e4 2010.0/x86_64/firefox-lv-3.6.17-0.1mdv2010.0.x86_64.rpm 4d367666ed89679260e7d8c2f747c1cf 2010.0/x86_64/firefox-mk-3.6.17-0.1mdv2010.0.x86_64.rpm ee7c636c3f90c90448117eac31aa87d3 2010.0/x86_64/firefox-mr-3.6.17-0.1mdv2010.0.x86_64.rpm c23330441a1939016356bc7366a683e5 2010.0/x86_64/firefox-nb_NO-3.6.17-0.1mdv2010.0.x86_64.rpm ce40b26758f7aa07d0a778a8c8c9a869 2010.0/x86_64/firefox-nl-3.6.17-0.1mdv2010.0.x86_64.rpm 0951798322644efd44f6c2aff2ca282a 2010.0/x86_64/firefox-nn_NO-3.6.17-0.1mdv2010.0.x86_64.rpm 4e5d2f92e75e0d89ea4360d8fff8046c 2010.0/x86_64/firefox-oc-3.6.17-0.1mdv2010.0.x86_64.rpm 8f4ac7bf6a4d8a013f356ed84c52a5e9 2010.0/x86_64/firefox-pa_IN-3.6.17-0.1mdv2010.0.x86_64.rpm 3a731045099cd9ed850f9a321c0c84e3 2010.0/x86_64/firefox-pl-3.6.17-0.1mdv2010.0.x86_64.rpm 8a53363afc83d26a624f443105237a7e 2010.0/x86_64/firefox-pt_BR-3.6.17-0.1mdv2010.0.x86_64.rpm f59973b7a3072bef189f9a3767cb24ab 2010.0/x86_64/firefox-pt_PT-3.6.17-0.1mdv2010.0.x86_64.rpm 5501412ba991954e58e917fc526ddf60 2010.0/x86_64/firefox-ro-3.6.17-0.1mdv2010.0.x86_64.rpm acb0a6140acb5a4535d837963397a236 2010.0/x86_64/firefox-ru-3.6.17-0.1mdv2010.0.x86_64.rpm dc7d2a7df0902ab3dc633fb74eb9adbd 2010.0/x86_64/firefox-si-3.6.17-0.1mdv2010.0.x86_64.rpm 5067af9af1aabd868b536f310d031900 2010.0/x86_64/firefox-sk-3.6.17-0.1mdv2010.0.x86_64.rpm 0907f9829d35681cf8a6791cef140e54 2010.0/x86_64/firefox-sl-3.6.17-0.1mdv2010.0.x86_64.rpm 57187489089f47923ce21c9ecb51ec4e 2010.0/x86_64/firefox-sq-3.6.17-0.1mdv2010.0.x86_64.rpm 4d70e7d9ebf0bfe9b10a2747c102da70 2010.0/x86_64/firefox-sr-3.6.17-0.1mdv2010.0.x86_64.rpm 6acf58ff03814bb7fd18d8615715a7c1 2010.0/x86_64/firefox-sv_SE-3.6.17-0.1mdv2010.0.x86_64.rpm 267943c59c737740d5bc9755d942d218 2010.0/x86_64/firefox-te-3.6.17-0.1mdv2010.0.x86_64.rpm 6cce1edffc8c33b54a918ce261ed018e 2010.0/x86_64/firefox-th-3.6.17-0.1mdv2010.0.x86_64.rpm e055a883cdd6ca3c32c2cc730bfff8a7 2010.0/x86_64/firefox-theme-kfirefox-0.16-7.18mdv2010.0.x86_64.rpm 8ae0f6456b5cc9df16a92b2fc0bc2b0c 2010.0/x86_64/firefox-tr-3.6.17-0.1mdv2010.0.x86_64.rpm cfa6c76ff6518cf642c052bdc551a18a 2010.0/x86_64/firefox-uk-3.6.17-0.1mdv2010.0.x86_64.rpm 55017d39c0a0087d3bac20ec4ba4eb85 2010.0/x86_64/firefox-zh_CN-3.6.17-0.1mdv2010.0.x86_64.rpm 63dc4f884a0f1297e23fa5dc5e7c3cf5 2010.0/x86_64/firefox-zh_TW-3.6.17-0.1mdv2010.0.x86_64.rpm ee0c18920080702d3595cb7adae275f4 2010.0/x86_64/gnome-python-extras-2.25.3-10.19mdv2010.0.x86_64.rpm 5919c717c5a7f305c57d7c8df48b11a9 2010.0/x86_64/gnome-python-gda-2.25.3-10.19mdv2010.0.x86_64.rpm 562bd44a9be0630f52ce76aad2cefe0a 2010.0/x86_64/gnome-python-gda-devel-2.25.3-10.19mdv2010.0.x86_64.rpm 8cb0d40770f948e918f8c82942fcc761 2010.0/x86_64/gnome-python-gdl-2.25.3-10.19mdv2010.0.x86_64.rpm 4c2f19fef0720a1b23a23b96230df928 2010.0/x86_64/gnome-python-gtkhtml2-2.25.3-10.19mdv2010.0.x86_64.rpm 5e159bd5b05ac4765cac691315ebb389 2010.0/x86_64/gnome-python-gtkmozembed-2.25.3-10.19mdv2010.0.x86_64.rpm 887bebf0c67dd6ee749c05044c5b8ebb 2010.0/x86_64/gnome-python-gtkspell-2.25.3-10.19mdv2010.0.x86_64.rpm 3a1e5f6ee829cc818f287a7efd4d529d 2010.0/x86_64/google-gadgets-common-0.11.2-0.14mdv2010.0.x86_64.rpm a524c9ce952ce767b01b626e3cb816d2 2010.0/x86_64/google-gadgets-gtk-0.11.2-0.14mdv2010.0.x86_64.rpm 46b9c5ddc279d9f1fdf9b743ed651416 2010.0/x86_64/google-gadgets-qt-0.11.2-0.14mdv2010.0.x86_64.rpm bae5a5dd90cd5313f77c2a7ae009069e 2010.0/x86_64/lemon-3.7.4-0.1mdv2010.0.x86_64.rpm fc2b8cfae8a71b058d75c1474f44d1fc 2010.0/x86_64/lib64ggadget1.0_0-0.11.2-0.14mdv2010.0.x86_64.rpm 72a1707675b38a97f6dd8b1e3af79077 2010.0/x86_64/lib64ggadget-dbus1.0_0-0.11.2-0.14mdv2010.0.x86_64.rpm 286b4299556830c2bb109c507e226c15 2010.0/x86_64/lib64ggadget-gtk1.0_0-0.11.2-0.14mdv2010.0.x86_64.rpm 5941285845cdaf816e947e1075cb5262 2010.0/x86_64/lib64ggadget-js1.0_0-0.11.2-0.14mdv2010.0.x86_64.rpm 0cf1545c0ee9e59d85b417653e4fe73b 2010.0/x86_64/lib64ggadget-npapi1.0_0-0.11.2-0.14mdv2010.0.x86_64.rpm 25d8d06e4057f91f3ec5f7aeeeaa88fb 2010.0/x86_64/lib64ggadget-qt1.0_0-0.11.2-0.14mdv2010.0.x86_64.rpm 8372ebd0bb8b13ef269c5e6262683fa5 2010.0/x86_64/lib64ggadget-webkitjs0-0.11.2-0.14mdv2010.0.x86_64.rpm 6b7548e88e5d630c380c8948dd3badf5 2010.0/x86_64/lib64ggadget-xdg1.0_0-0.11.2-0.14mdv2010.0.x86_64.rpm b77e42d31574efb78e25701c50f55ea6 2010.0/x86_64/lib64google-gadgets-devel-0.11.2-0.14mdv2010.0.x86_64.rpm d9d6b24145b1d34e0438b46bb30c37da 2010.0/x86_64/lib64opensc2-0.11.9-1.19mdv2010.0.x86_64.rpm e93eece7e774e29e7890e1d1487d3e1f 2010.0/x86_64/lib64opensc-devel-0.11.9-1.19mdv2010.0.x86_64.rpm a87a4cbec8ff5a04b86817e186139b78 2010.0/x86_64/lib64sqlite3_0-3.7.6.2-0.1mdv2010.0.x86_64.rpm a6df85f41686791ba19d706ea85ef4ce 2010.0/x86_64/lib64sqlite3-devel-3.7.6.2-0.1mdv2010.0.x86_64.rpm 40de3fdcbc3fb1324e0b3240227c447f 2010.0/x86_64/lib64sqlite3-static-devel-3.7.6.2-0.1mdv2010.0.x86_64.rpm 0113d0dc5addcc762b452a01f249c4dc 2010.0/x86_64/lib64xulrunner1.9.2.17-1.9.2.17-0.1mdv2010.0.x86_64.rpm 92b6e05534a1c3eceaca1cdb79112d99 2010.0/x86_64/lib64xulrunner-devel-1.9.2.17-0.1mdv2010.0.x86_64.rpm 9823b87815015254cb08ef4948509249 2010.0/x86_64/mozilla-plugin-opensc-0.11.9-1.19mdv2010.0.x86_64.rpm a95dcd7863f187f9926cc202e14ef578 2010.0/x86_64/mozilla-thunderbird-beagle-0.3.9-20.24mdv2010.0.x86_64.rpm f93d3ed66cde233df336291a66460ecc 2010.0/x86_64/opensc-0.11.9-1.19mdv2010.0.x86_64.rpm e920dc086da22a991f91a53665fedef8 2010.0/x86_64/sqlite3-tools-3.7.6.2-0.1mdv2010.0.x86_64.rpm 1c6c0d52e529171edb60a638c43b8809 2010.0/x86_64/xulrunner-1.9.2.17-0.1mdv2010.0.x86_64.rpm ae9a9a91c9e9ce6f70c29f2aad7fc8f1 2010.0/x86_64/yelp-2.28.0-1.21mdv2010.0.x86_64.rpm 872f3f5473c99556ba3676a2087618ac 2010.0/SRPMS/beagle-0.3.9-20.24mdv2010.0.src.rpm eb7c8b9b8b19f6cf7dab54a0128a7c3b 2010.0/SRPMS/firefox-3.6.17-0.1mdv2010.0.src.rpm b8a28536c5f5b90e1e56fcbccc0f7828 2010.0/SRPMS/firefox-ext-blogrovr-1.1.804-6.19mdv2010.0.src.rpm 0203c855fea4ad16b8bf3490c28a522a 2010.0/SRPMS/firefox-ext-mozvoikko-1.0-6.19mdv2010.0.src.rpm b01922e0aef070ea95b6fa98945fb685 2010.0/SRPMS/firefox-ext-plasmanotify-0.3.1-0.14mdv2010.0.src.rpm 16b3eb2d5945df96a9768051a3093b04 2010.0/SRPMS/firefox-ext-r-kiosk-0.7.2-9.19mdv2010.0.src.rpm 4e57990dc20e6089157a02b0dd7bad97 2010.0/SRPMS/firefox-ext-scribefire-3.5.1-0.13mdv2010.0.src.rpm 1e3f69cadbe70bffd1c7f7220f11792c 2010.0/SRPMS/firefox-l10n-3.6.17-0.1mdv2010.0.src.rpm 13d4fc5888b6dc2c2b7347de5ffe6282 2010.0/SRPMS/firefox-theme-kfirefox-0.16-7.18mdv2010.0.src.rpm 43f53231379e4b1ef09b31f24d329448 2010.0/SRPMS/gnome-python-extras-2.25.3-10.19mdv2010.0.src.rpm 15ead6d66f9b662b9a02a970717a5063 2010.0/SRPMS/google-gadgets-0.11.2-0.14mdv2010.0.src.rpm 24971ad45f4df34e024b071415dfe672 2010.0/SRPMS/lemon-3.7.4-0.1mdv2010.0.src.rpm 23959d528a982971b2f7e9016c3789b4 2010.0/SRPMS/opensc-0.11.9-1.19mdv2010.0.src.rpm 9de0929e70ecda34752e0ab536491e15 2010.0/SRPMS/sqlite3-3.7.6.2-0.1mdv2010.0.src.rpm 5983d5c4fe3694a9875e836334d73d98 2010.0/SRPMS/xulrunner-1.9.2.17-0.1mdv2010.0.src.rpm 4a673f357f57178cc398edbe72b749a9 2010.0/SRPMS/yelp-2.28.0-1.21mdv2010.0.src.rpm
Mandriva Linux 2010.1: b8d77a5d048b82e38083d71ec55acf5b 2010.1/i586/beagle-0.3.9-40.14mdv2010.2.i586.rpm e3d539ad1fb243f6ddcf842a743d49cf 2010.1/i586/beagle-crawl-system-0.3.9-40.14mdv2010.2.i586.rpm d9e4d663700c0f54e19702cf2c53bde5 2010.1/i586/beagle-doc-0.3.9-40.14mdv2010.2.i586.rpm 72f328f300a35d37ed72ca7271049562 2010.1/i586/beagle-evolution-0.3.9-40.14mdv2010.2.i586.rpm 414eed08be2161f5c548f733cdbb29e1 2010.1/i586/beagle-gui-0.3.9-40.14mdv2010.2.i586.rpm e19385deaa5fb16118db1957762d6c23 2010.1/i586/beagle-gui-qt-0.3.9-40.14mdv2010.2.i586.rpm badd30997d1be55d54f9f84ed95c1cad 2010.1/i586/beagle-libs-0.3.9-40.14mdv2010.2.i586.rpm e3b3ae5312158ba23cf391bfdad5f414 2010.1/i586/firefox-3.6.17-0.1mdv2010.2.i586.rpm f92af2f4925734bb1d646486c763f61f 2010.1/i586/firefox-af-3.6.17-0.1mdv2010.2.i586.rpm 1bca461e767ede98a0a75027a7c90dd2 2010.1/i586/firefox-ar-3.6.17-0.1mdv2010.2.i586.rpm bd2e765f5f089c9737a3931dbe725449 2010.1/i586/firefox-be-3.6.17-0.1mdv2010.2.i586.rpm d626a973b6602a5333a6c6daf0fc408c 2010.1/i586/firefox-bg-3.6.17-0.1mdv2010.2.i586.rpm e97feb110482d0875e12e88dc15f307b 2010.1/i586/firefox-bn-3.6.17-0.1mdv2010.2.i586.rpm 71001a353742c8147820cdf9ac5b6800 2010.1/i586/firefox-ca-3.6.17-0.1mdv2010.2.i586.rpm 21627432dd2f58253114486374d61d59 2010.1/i586/firefox-cs-3.6.17-0.1mdv2010.2.i586.rpm 3c99e580e4d0b46870c2e14442b677da 2010.1/i586/firefox-cy-3.6.17-0.1mdv2010.2.i586.rpm 3f86c960410b6c2a5e7f1df15c044aba 2010.1/i586/firefox-da-3.6.17-0.1mdv2010.2.i586.rpm 1fedae2cb5b853bc05d59aaefa6c4e80 2010.1/i586/firefox-de-3.6.17-0.1mdv2010.2.i586.rpm 1b2125c2d7f7a3d1d7911624d57f3066 2010.1/i586/firefox-devel-3.6.17-0.1mdv2010.2.i586.rpm cc8ac2c81fbd8837c669186037aee17a 2010.1/i586/firefox-el-3.6.17-0.1mdv2010.2.i586.rpm 5998d4b9a23ba66596cd63337914102d 2010.1/i586/firefox-en_GB-3.6.17-0.1mdv2010.2.i586.rpm e1e28915674887756aab59c8162010b6 2010.1/i586/firefox-eo-3.6.17-0.1mdv2010.2.i586.rpm a4f356bf8f7658e57e92b37e132dfa2f 2010.1/i586/firefox-es_AR-3.6.17-0.1mdv2010.2.i586.rpm 2813ea1d4c713de227a59b2cd29524f5 2010.1/i586/firefox-es_ES-3.6.17-0.1mdv2010.2.i586.rpm afd3b8604a600cec91b0a4b7895c1f1c 2010.1/i586/firefox-et-3.6.17-0.1mdv2010.2.i586.rpm 00b5358da1d1a00658ebf357047e65ac 2010.1/i586/firefox-eu-3.6.17-0.1mdv2010.2.i586.rpm 567807249360485d9a322456e2e336e3 2010.1/i586/firefox-ext-beagle-0.3.9-40.14mdv2010.2.i586.rpm 1de6adc44baf182a7671f0eeb5eda1a9 2010.1/i586/firefox-ext-blogrovr-1.1.804-13.11mdv2010.2.i586.rpm 0ebcd27f5621c1d9158c142e043ebc3d 2010.1/i586/firefox-ext-mozvoikko-1.0.1-2.11mdv2010.2.i586.rpm 768c0d55de91eea79bd0d40fbaecb1fc 2010.1/i586/firefox-ext-r-kiosk-0.8.1-2.11mdv2010.2.i586.rpm e5d9d4d59a39804c168c94b0d90cec4d 2010.1/i586/firefox-ext-scribefire-3.5.2-2.11mdv2010.2.i586.rpm 4c1d4945db1eba350d96a3590165b376 2010.1/i586/firefox-ext-weave-sync-1.1-5.11mdv2010.2.i586.rpm adb3d90cdf0b58b5f25c51eca963033e 2010.1/i586/firefox-ext-xmarks-3.6.14-2.11mdv2010.2.i586.rpm 0646724c19d31f3a1b6335671b9fb05a 2010.1/i586/firefox-fi-3.6.17-0.1mdv2010.2.i586.rpm 4f604a22b3cd3f3bf60417b02285fc1b 2010.1/i586/firefox-fr-3.6.17-0.1mdv2010.2.i586.rpm a3b1a56c2bbde166e78a9ec485fbcf1f 2010.1/i586/firefox-fy-3.6.17-0.1mdv2010.2.i586.rpm 22ee1bf09632b4d95bfb91a704dfd601 2010.1/i586/firefox-ga_IE-3.6.17-0.1mdv2010.2.i586.rpm 3dd543adec09ff4b13d26eb47f1fb20f 2010.1/i586/firefox-gl-3.6.17-0.1mdv2010.2.i586.rpm cef28501b0781bed9d585632fba33e3e 2010.1/i586/firefox-gu_IN-3.6.17-0.1mdv2010.2.i586.rpm f4ab5aaca98491c489fed8d3a2235f2a 2010.1/i586/firefox-he-3.6.17-0.1mdv2010.2.i586.rpm e3c5485fd9db1ad9add1335457fb6c1e 2010.1/i586/firefox-hi-3.6.17-0.1mdv2010.2.i586.rpm c96b6c27fda6a085f746e37061b9b4a5 2010.1/i586/firefox-hu-3.6.17-0.1mdv2010.2.i586.rpm 1f3f0fe5cbfb262b8ec3b984ef85e70f 2010.1/i586/firefox-id-3.6.17-0.1mdv2010.2.i586.rpm 3dba18e4535dbaf221b0e7a1afe8fa33 2010.1/i586/firefox-is-3.6.17-0.1mdv2010.2.i586.rpm 1dbef08d68ebd0abfd9ee6b28c2de9c6 2010.1/i586/firefox-it-3.6.17-0.1mdv2010.2.i586.rpm 031319b736ca3835b1c76e0fb6b96138 2010.1/i586/firefox-ja-3.6.17-0.1mdv2010.2.i586.rpm c87c40a558b0790324235aa8f53e4c4c 2010.1/i586/firefox-ka-3.6.17-0.1mdv2010.2.i586.rpm 6cfad1e915715810a1a369177b2f5d61 2010.1/i586/firefox-kn-3.6.17-0.1mdv2010.2.i586.rpm 143d89c96b3ba277372b282ddc0dc8a5 2010.1/i586/firefox-ko-3.6.17-0.1mdv2010.2.i586.rpm 4875194da66fc7a25de2a3fea4a79e3c 2010.1/i586/firefox-ku-3.6.17-0.1mdv2010.2.i586.rpm 8e725f3963a96823755dd3867bf28602 2010.1/i586/firefox-lt-3.6.17-0.1mdv2010.2.i586.rpm 66b313862cb22ce6ca3c6968ee26921e 2010.1/i586/firefox-lv-3.6.17-0.1mdv2010.2.i586.rpm 12ee2c6feaa8cf8376fd8fca9f1bb722 2010.1/i586/firefox-mk-3.6.17-0.1mdv2010.2.i586.rpm c170010bfd5482745e1174c003c9d0a8 2010.1/i586/firefox-mr-3.6.17-0.1mdv2010.2.i586.rpm e0bb402c10e5c6b35dc76899edaa6a43 2010.1/i586/firefox-nb_NO-3.6.17-0.1mdv2010.2.i586.rpm 590f7c9ec9227931b504c40e3cfe4c98 2010.1/i586/firefox-nl-3.6.17-0.1mdv2010.2.i586.rpm a1f62132e8eff956ca229b175547bc8a 2010.1/i586/firefox-nn_NO-3.6.17-0.1mdv2010.2.i586.rpm 5d991dbc83349fbb8bb2499d6fe8a095 2010.1/i586/firefox-oc-3.6.17-0.1mdv2010.2.i586.rpm 759972b97f09651b51ba92309f31e2de 2010.1/i586/firefox-pa_IN-3.6.17-0.1mdv2010.2.i586.rpm 6e6b7219d1ecd591e41caa4123f63b76 2010.1/i586/firefox-pl-3.6.17-0.1mdv2010.2.i586.rpm bb83d279fae5a52f76ed0ae3d4a7db5a 2010.1/i586/firefox-pt_BR-3.6.17-0.1mdv2010.2.i586.rpm 187b4443ca26b0e68129ac504e6c5235 2010.1/i586/firefox-pt_PT-3.6.17-0.1mdv2010.2.i586.rpm d22c10d077178fff996622dfde792eae 2010.1/i586/firefox-ro-3.6.17-0.1mdv2010.2.i586.rpm aa705c1d5618f6f6e71326d2a32dd255 2010.1/i586/firefox-ru-3.6.17-0.1mdv2010.2.i586.rpm 5e125511f9e105f55cbd96f317ba803f 2010.1/i586/firefox-si-3.6.17-0.1mdv2010.2.i586.rpm 976971a940193cb0bf70f97b717498a8 2010.1/i586/firefox-sk-3.6.17-0.1mdv2010.2.i586.rpm 1cddfc6bef317349b436a912b003a7f5 2010.1/i586/firefox-sl-3.6.17-0.1mdv2010.2.i586.rpm 879b1deb0aaffaecd078ae7ba7618710 2010.1/i586/firefox-sq-3.6.17-0.1mdv2010.2.i586.rpm 7e6b068856ac8500bcd6aaa9c01e5e14 2010.1/i586/firefox-sr-3.6.17-0.1mdv2010.2.i586.rpm 05ca1b47948e9c5c86c7b17f94d3b2a1 2010.1/i586/firefox-sv_SE-3.6.17-0.1mdv2010.2.i586.rpm 6668f6102d4e613b1ffea6edc6f494e1 2010.1/i586/firefox-te-3.6.17-0.1mdv2010.2.i586.rpm 3931eb722acd12b3b1e8552001260e13 2010.1/i586/firefox-th-3.6.17-0.1mdv2010.2.i586.rpm fe40bc33f98e01c7e6f7245903d248ba 2010.1/i586/firefox-tr-3.6.17-0.1mdv2010.2.i586.rpm 06afc549b7a34202e01401ee90a57f51 2010.1/i586/firefox-uk-3.6.17-0.1mdv2010.2.i586.rpm daf5388854c9c080691f8ad6f2f4c571 2010.1/i586/firefox-zh_CN-3.6.17-0.1mdv2010.2.i586.rpm 2e5dac4baae18fdebeb079b87f0e2764 2010.1/i586/firefox-zh_TW-3.6.17-0.1mdv2010.2.i586.rpm c8ec76b45dd053157d27f447c5f68b38 2010.1/i586/gjs-0.6-4.11mdv2010.2.i586.rpm a6d96cbc1797a5ef4f3adc12890d041a 2010.1/i586/gnome-python-extras-2.25.3-18.11mdv2010.2.i586.rpm 864766bd22a9198507f8815e63164b64 2010.1/i586/gnome-python-gda-2.25.3-18.11mdv2010.2.i586.rpm d17affd30ae42d69c2cdedf964689a22 2010.1/i586/gnome-python-gda-devel-2.25.3-18.11mdv2010.2.i586.rpm be6778f5af28259cdb5863b8f8072c94 2010.1/i586/gnome-python-gdl-2.25.3-18.11mdv2010.2.i586.rpm 4ec3f5f41ab9795f615c4e703b42a0b0 2010.1/i586/gnome-python-gtkhtml2-2.25.3-18.11mdv2010.2.i586.rpm fcd4adc34b35af74db4fbc356f1cd968 2010.1/i586/gnome-python-gtkmozembed-2.25.3-18.11mdv2010.2.i586.rpm 9b48fdb112d3e76c72b98ed90b7b0ea5 2010.1/i586/gnome-python-gtkspell-2.25.3-18.11mdv2010.2.i586.rpm 8e546c115f1f1324554283e50e5c0717 2010.1/i586/lemon-3.7.4-0.1mdv2010.2.i586.rpm ef932e3117540da38e4ccc10cfa496ca 2010.1/i586/libgjs0-0.6-4.11mdv2010.2.i586.rpm 39fac8356ae39f2385561dc05df7c9bc 2010.1/i586/libgjs-devel-0.6-4.11mdv2010.2.i586.rpm 2135e4941c28926152d58b059fef2844 2010.1/i586/libsqlite3_0-3.7.6.2-0.1mdv2010.2.i586.rpm 47078c5879b0b16b3b9e1395401e7fcb 2010.1/i586/libsqlite3-devel-3.7.6.2-0.1mdv2010.2.i586.rpm 3972e1f7e649f3a7c851abcd50d713d2 2010.1/i586/libsqlite3-static-devel-3.7.6.2-0.1mdv2010.2.i586.rpm 2c4c36f08cfbd36d28682810a861ce43 2010.1/i586/libxulrunner1.9.2.17-1.9.2.17-0.1mdv2010.2.i586.rpm b13d7970d7a5ba930a8c514ba220701d 2010.1/i586/libxulrunner-devel-1.9.2.17-0.1mdv2010.2.i586.rpm 47acad2f47c9ba18d718f3abd69e93c2 2010.1/i586/mozilla-thunderbird-beagle-0.3.9-40.14mdv2010.2.i586.rpm c759ba0d2acb577d927a140904e55d1d 2010.1/i586/sqlite3-tools-3.7.6.2-0.1mdv2010.2.i586.rpm 06478b05f0815d4c27f510cbeb41931b 2010.1/i586/xulrunner-1.9.2.17-0.1mdv2010.2.i586.rpm 264d3c3677e06ad021b1cd3d877b3542 2010.1/i586/yelp-2.30.1-4.11mdv2010.2.i586.rpm f03639972840639a315ace5577a3f7d7 2010.1/SRPMS/beagle-0.3.9-40.14mdv2010.2.src.rpm 1b407792bc53910f470fef2aa107c4db 2010.1/SRPMS/firefox-3.6.17-0.1mdv2010.2.src.rpm cffc7531253d821db2a606e56993d5e1 2010.1/SRPMS/firefox-ext-blogrovr-1.1.804-13.11mdv2010.2.src.rpm 84480ce74b027244dc64794cbae17d07 2010.1/SRPMS/firefox-ext-mozvoikko-1.0.1-2.11mdv2010.2.src.rpm ec8e51d467efb46c6fad4d9a5e64af51 2010.1/SRPMS/firefox-ext-r-kiosk-0.8.1-2.11mdv2010.2.src.rpm 9626186349beb04c41ac48c21bf268b1 2010.1/SRPMS/firefox-ext-scribefire-3.5.2-2.11mdv2010.2.src.rpm e65da7beca8fa7edffd5a70da28161ec 2010.1/SRPMS/firefox-ext-weave-sync-1.1-5.11mdv2010.2.src.rpm c4ce7eec413e557445f66f2b167899a7 2010.1/SRPMS/firefox-ext-xmarks-3.6.14-2.11mdv2010.2.src.rpm 55bd4776f283283a5c8ab1906658b9c9 2010.1/SRPMS/firefox-l10n-3.6.17-0.1mdv2010.2.src.rpm e0bcbb8764bd02ec459e7252aec2d042 2010.1/SRPMS/gjs-0.6-4.11mdv2010.2.src.rpm 66f6688cea914918243d9afeefc443b2 2010.1/SRPMS/gnome-python-extras-2.25.3-18.11mdv2010.2.src.rpm f8304df757bbcc2d16d3198e3fda3d23 2010.1/SRPMS/lemon-3.7.4-0.1mdv2010.2.src.rpm 8b4cc9318b6004ece98b4d1057cea92d 2010.1/SRPMS/sqlite3-3.7.6.2-0.1mdv2010.2.src.rpm 6a7d4ed599fbf868d4a02a9e8d2933c8 2010.1/SRPMS/xulrunner-1.9.2.17-0.1mdv2010.2.src.rpm 8f9d8865473f416ec554aa017d0dccb1 2010.1/SRPMS/yelp-2.30.1-4.11mdv2010.2.src.rpm
Mandriva Linux 2010.1/X86_64: 53032f4cd5d44f7b37aeb5cc171e0d1a 2010.1/x86_64/beagle-0.3.9-40.14mdv2010.2.x86_64.rpm de51591c9764ec279edf913edf302217 2010.1/x86_64/beagle-crawl-system-0.3.9-40.14mdv2010.2.x86_64.rpm bf4657dfed2ce3e1578f44930843fafc 2010.1/x86_64/beagle-doc-0.3.9-40.14mdv2010.2.x86_64.rpm a8dadcc375eb256aafeb35fe4526b5ce 2010.1/x86_64/beagle-evolution-0.3.9-40.14mdv2010.2.x86_64.rpm 85b3826eeb31a9aa076d812e0b033fe2 2010.1/x86_64/beagle-gui-0.3.9-40.14mdv2010.2.x86_64.rpm 9bf2efc37288ab863deae5a824dbe50a 2010.1/x86_64/beagle-gui-qt-0.3.9-40.14mdv2010.2.x86_64.rpm 494b0ceba524ee3d54e718173a134c2a 2010.1/x86_64/beagle-libs-0.3.9-40.14mdv2010.2.x86_64.rpm e46b7ca18a34233df87a9d936ad4bb84 2010.1/x86_64/firefox-3.6.17-0.1mdv2010.2.x86_64.rpm 22a39de7d1d7bdada1e59a88b0aa15b7 2010.1/x86_64/firefox-af-3.6.17-0.1mdv2010.2.x86_64.rpm 82fbe86619de87a67c82aa637d66eff9 2010.1/x86_64/firefox-ar-3.6.17-0.1mdv2010.2.x86_64.rpm 667ff12e314e1077d53f857239efcc0e 2010.1/x86_64/firefox-be-3.6.17-0.1mdv2010.2.x86_64.rpm fc89c99c3848b35835a52f7cc0b32472 2010.1/x86_64/firefox-bg-3.6.17-0.1mdv2010.2.x86_64.rpm e0c03dd7a31141fabbad70ad068d5d34 2010.1/x86_64/firefox-bn-3.6.17-0.1mdv2010.2.x86_64.rpm 93a8115d530b7fc9174e1a75c314dfdf 2010.1/x86_64/firefox-ca-3.6.17-0.1mdv2010.2.x86_64.rpm 9388cb5df3bc5d5411d48bc1914edbbc 2010.1/x86_64/firefox-cs-3.6.17-0.1mdv2010.2.x86_64.rpm eafa8fd9f5275d3d5e379341d8ce0c68 2010.1/x86_64/firefox-cy-3.6.17-0.1mdv2010.2.x86_64.rpm b996034e9f08a25be24f1a89277585cd 2010.1/x86_64/firefox-da-3.6.17-0.1mdv2010.2.x86_64.rpm 028096333315b17aae3e5f0dc962e24a 2010.1/x86_64/firefox-de-3.6.17-0.1mdv2010.2.x86_64.rpm d7baf446d20b9786cc28c44d5d0202b5 2010.1/x86_64/firefox-devel-3.6.17-0.1mdv2010.2.x86_64.rpm 3b852a87c33cd0e75d103e097e7d320a 2010.1/x86_64/firefox-el-3.6.17-0.1mdv2010.2.x86_64.rpm 1a19015cab0401d728fe04814c3835a5 2010.1/x86_64/firefox-en_GB-3.6.17-0.1mdv2010.2.x86_64.rpm 26de6d4b2135970f0020b67981dac233 2010.1/x86_64/firefox-eo-3.6.17-0.1mdv2010.2.x86_64.rpm df2fc9e8d2db93ae0812401cb19b231d 2010.1/x86_64/firefox-es_AR-3.6.17-0.1mdv2010.2.x86_64.rpm 8a3b33018ff6f84a9c014df086c5963d 2010.1/x86_64/firefox-es_ES-3.6.17-0.1mdv2010.2.x86_64.rpm b070fca7be42864ee1f7406fc89ac3e2 2010.1/x86_64/firefox-et-3.6.17-0.1mdv2010.2.x86_64.rpm fad4b35f38578d2c72bf750779908db3 2010.1/x86_64/firefox-eu-3.6.17-0.1mdv2010.2.x86_64.rpm c98e6a802a3fdc802558fda32e38fbf4 2010.1/x86_64/firefox-ext-beagle-0.3.9-40.14mdv2010.2.x86_64.rpm 83ad811c61d33c3f1d3efff51f650e49 2010.1/x86_64/firefox-ext-blogrovr-1.1.804-13.11mdv2010.2.x86_64.rpm dd27de519ed45b4911a5854c2aebba01 2010.1/x86_64/firefox-ext-mozvoikko-1.0.1-2.11mdv2010.2.x86_64.rpm d8f0a5553ecae1ea98badfeafd5bb495 2010.1/x86_64/firefox-ext-r-kiosk-0.8.1-2.11mdv2010.2.x86_64.rpm da8529bf5c54bb7089aac5fa34e08fa2 2010.1/x86_64/firefox-ext-scribefire-3.5.2-2.11mdv2010.2.x86_64.rpm 74be4a3dd584ac9614204ec0eee5a76c 2010.1/x86_64/firefox-ext-weave-sync-1.1-5.11mdv2010.2.x86_64.rpm e15889b13af1fca608a2207defcf395f 2010.1/x86_64/firefox-ext-xmarks-3.6.14-2.11mdv2010.2.x86_64.rpm 2fb1491b1038a0fbf4d4b77e77de5d2d 2010.1/x86_64/firefox-fi-3.6.17-0.1mdv2010.2.x86_64.rpm 87aff9990ee27579705647b5f677d1a0 2010.1/x86_64/firefox-fr-3.6.17-0.1mdv2010.2.x86_64.rpm f5fa6b37709ebfc386e8f3186c9bf3e5 2010.1/x86_64/firefox-fy-3.6.17-0.1mdv2010.2.x86_64.rpm f0e79b94e45222e0e811e557be2bc0ad 2010.1/x86_64/firefox-ga_IE-3.6.17-0.1mdv2010.2.x86_64.rpm 58ef7cb55ebd74749501aa199ded7ae3 2010.1/x86_64/firefox-gl-3.6.17-0.1mdv2010.2.x86_64.rpm 384a1b23643a1651465968c608691e07 2010.1/x86_64/firefox-gu_IN-3.6.17-0.1mdv2010.2.x86_64.rpm 7757a222e9272b89a437885e6ce5b31f 2010.1/x86_64/firefox-he-3.6.17-0.1mdv2010.2.x86_64.rpm 8dded891812eab92931d01af412a3ebf 2010.1/x86_64/firefox-hi-3.6.17-0.1mdv2010.2.x86_64.rpm 3a1f1a4d2e0504dfffebeedac06fd757 2010.1/x86_64/firefox-hu-3.6.17-0.1mdv2010.2.x86_64.rpm e342a02179f742297e55beca9a6b8ca6 2010.1/x86_64/firefox-id-3.6.17-0.1mdv2010.2.x86_64.rpm 036b31e88314428055f6e4a2e66fa493 2010.1/x86_64/firefox-is-3.6.17-0.1mdv2010.2.x86_64.rpm bec6bbcfcfdbaf95cdfcd7080feafc33 2010.1/x86_64/firefox-it-3.6.17-0.1mdv2010.2.x86_64.rpm 590f80b0284b1d97100c84b0c0d1635e 2010.1/x86_64/firefox-ja-3.6.17-0.1mdv2010.2.x86_64.rpm b7f833b9c8b8c0c730ff79e2376925ed 2010.1/x86_64/firefox-ka-3.6.17-0.1mdv2010.2.x86_64.rpm 72ac06e97023f95de8bf03493178b68f 2010.1/x86_64/firefox-kn-3.6.17-0.1mdv2010.2.x86_64.rpm d6280f4d487fb74bb58134b86d3b02e0 2010.1/x86_64/firefox-ko-3.6.17-0.1mdv2010.2.x86_64.rpm 2902d4911e52992ff1965776fa55773b 2010.1/x86_64/firefox-ku-3.6.17-0.1mdv2010.2.x86_64.rpm 6749cc63b9ed02c76638143da1a69567 2010.1/x86_64/firefox-lt-3.6.17-0.1mdv2010.2.x86_64.rpm 7fdeafa0a786ffe52ceafc32171b0008 2010.1/x86_64/firefox-lv-3.6.17-0.1mdv2010.2.x86_64.rpm 8a5611333bc64fef5d911ffebed01b71 2010.1/x86_64/firefox-mk-3.6.17-0.1mdv2010.2.x86_64.rpm f26f30c2518c55c4db7ea283cdd980cb 2010.1/x86_64/firefox-mr-3.6.17-0.1mdv2010.2.x86_64.rpm ab55f04a3ca359de4160f36b157dcfdb 2010.1/x86_64/firefox-nb_NO-3.6.17-0.1mdv2010.2.x86_64.rpm 037558db1519c9ebf7fc964ddaf9101d 2010.1/x86_64/firefox-nl-3.6.17-0.1mdv2010.2.x86_64.rpm 3645335e57393ac183a626016de84c4f 2010.1/x86_64/firefox-nn_NO-3.6.17-0.1mdv2010.2.x86_64.rpm 39c1c6d029a0ddaee7f167684622ba47 2010.1/x86_64/firefox-oc-3.6.17-0.1mdv2010.2.x86_64.rpm f24638c4c92fb8c06d7a6f7ffb83ef57 2010.1/x86_64/firefox-pa_IN-3.6.17-0.1mdv2010.2.x86_64.rpm 6501493cba87fdc0380a8f8d9998ed1a 2010.1/x86_64/firefox-pl-3.6.17-0.1mdv2010.2.x86_64.rpm 99ac520214b2fc84dc5ad26a407d5473 2010.1/x86_64/firefox-pt_BR-3.6.17-0.1mdv2010.2.x86_64.rpm 03e2274cd6b99e00822fca70318d6baa 2010.1/x86_64/firefox-pt_PT-3.6.17-0.1mdv2010.2.x86_64.rpm fe066759fb775dfcafe76fc54fdf61c6 2010.1/x86_64/firefox-ro-3.6.17-0.1mdv2010.2.x86_64.rpm 30700e22cea9e182e020adeafb4d0507 2010.1/x86_64/firefox-ru-3.6.17-0.1mdv2010.2.x86_64.rpm ec4f873d8e05b8ab45a19bab482b4949 2010.1/x86_64/firefox-si-3.6.17-0.1mdv2010.2.x86_64.rpm 4835225ee74f3d8f62c0541823582f2c 2010.1/x86_64/firefox-sk-3.6.17-0.1mdv2010.2.x86_64.rpm 2054bedb2c948d9a46c2ec0dae110c38 2010.1/x86_64/firefox-sl-3.6.17-0.1mdv2010.2.x86_64.rpm 61df79a4f54f3bf36eb133465de48cd4 2010.1/x86_64/firefox-sq-3.6.17-0.1mdv2010.2.x86_64.rpm 4e9afd7cd78caed3fdd00ed795f5b597 2010.1/x86_64/firefox-sr-3.6.17-0.1mdv2010.2.x86_64.rpm 8b3ccf29a6280da169e1ed82c065f6e0 2010.1/x86_64/firefox-sv_SE-3.6.17-0.1mdv2010.2.x86_64.rpm 179197adbd3ba25592cbd581108ce5ea 2010.1/x86_64/firefox-te-3.6.17-0.1mdv2010.2.x86_64.rpm d737d709fd550410ebfefdd338758d6e 2010.1/x86_64/firefox-th-3.6.17-0.1mdv2010.2.x86_64.rpm e5936f4c07fb77132172ac02e94ca477 2010.1/x86_64/firefox-tr-3.6.17-0.1mdv2010.2.x86_64.rpm 8192f4a4f31a5b16bd5db044485261d6 2010.1/x86_64/firefox-uk-3.6.17-0.1mdv2010.2.x86_64.rpm 29e39d3eeea7fc56548d8453fe9d562d 2010.1/x86_64/firefox-zh_CN-3.6.17-0.1mdv2010.2.x86_64.rpm f938602338d91d92eda1a0b3bdb1fce7 2010.1/x86_64/firefox-zh_TW-3.6.17-0.1mdv2010.2.x86_64.rpm 2cc9893d0e15e8d6a387dc1858f49095 2010.1/x86_64/gjs-0.6-4.11mdv2010.2.x86_64.rpm a4bd11a7f67b3e932916effa4528c6a7 2010.1/x86_64/gnome-python-extras-2.25.3-18.11mdv2010.2.x86_64.rpm 95cee5d067e61a517fb1a5d117171ec0 2010.1/x86_64/gnome-python-gda-2.25.3-18.11mdv2010.2.x86_64.rpm 91d3209a56123c6d6a0aa694347e872c 2010.1/x86_64/gnome-python-gda-devel-2.25.3-18.11mdv2010.2.x86_64.rpm 34df1edf5e0be2a08528ce1662de63be 2010.1/x86_64/gnome-python-gdl-2.25.3-18.11mdv2010.2.x86_64.rpm d137508cb856c9076d4dc31f5dd7f306 2010.1/x86_64/gnome-python-gtkhtml2-2.25.3-18.11mdv2010.2.x86_64.rpm 21bb6b0f05bca7b9a6940e8e45dd3a96 2010.1/x86_64/gnome-python-gtkmozembed-2.25.3-18.11mdv2010.2.x86_64.rpm 6e524a6d0f00d4c3959c578766e98049 2010.1/x86_64/gnome-python-gtkspell-2.25.3-18.11mdv2010.2.x86_64.rpm e2073b5a80d38b4a04d8ff834d75efdd 2010.1/x86_64/lemon-3.7.4-0.1mdv2010.2.x86_64.rpm 92f6e1c3916ea0eaf167422cb7664879 2010.1/x86_64/lib64gjs0-0.6-4.11mdv2010.2.x86_64.rpm 000331cedd3b7c59b6f31b9299e2db51 2010.1/x86_64/lib64gjs-devel-0.6-4.11mdv2010.2.x86_64.rpm de19237a71b5ac9dd2197557eca1dac8 2010.1/x86_64/lib64sqlite3_0-3.7.6.2-0.1mdv2010.2.x86_64.rpm 81e39244f2d0ca52dad100b3084f4eae 2010.1/x86_64/lib64sqlite3-devel-3.7.6.2-0.1mdv2010.2.x86_64.rpm e7d7123b05e43b447830713352e58799 2010.1/x86_64/lib64sqlite3-static-devel-3.7.6.2-0.1mdv2010.2.x86_64.rpm 141b29ac9c15a48b64f28d26ce97046a 2010.1/x86_64/lib64xulrunner1.9.2.17-1.9.2.17-0.1mdv2010.2.x86_64.rpm 676a62b038fe6e012ae7b868ee472268 2010.1/x86_64/lib64xulrunner-devel-1.9.2.17-0.1mdv2010.2.x86_64.rpm 83fb7cc91a80a62ed919b74401feb855 2010.1/x86_64/mozilla-thunderbird-beagle-0.3.9-40.14mdv2010.2.x86_64.rpm 52cec62fcccfe088c54a215eb3e7cd39 2010.1/x86_64/sqlite3-tools-3.7.6.2-0.1mdv2010.2.x86_64.rpm 1951e652f207a2344b3460d0c06a1c17 2010.1/x86_64/xulrunner-1.9.2.17-0.1mdv2010.2.x86_64.rpm 58f9aa8aa5f6ec8558166674e1224998 2010.1/x86_64/yelp-2.30.1-4.11mdv2010.2.x86_64.rpm f03639972840639a315ace5577a3f7d7 2010.1/SRPMS/beagle-0.3.9-40.14mdv2010.2.src.rpm 1b407792bc53910f470fef2aa107c4db 2010.1/SRPMS/firefox-3.6.17-0.1mdv2010.2.src.rpm cffc7531253d821db2a606e56993d5e1 2010.1/SRPMS/firefox-ext-blogrovr-1.1.804-13.11mdv2010.2.src.rpm 84480ce74b027244dc64794cbae17d07 2010.1/SRPMS/firefox-ext-mozvoikko-1.0.1-2.11mdv2010.2.src.rpm ec8e51d467efb46c6fad4d9a5e64af51 2010.1/SRPMS/firefox-ext-r-kiosk-0.8.1-2.11mdv2010.2.src.rpm 9626186349beb04c41ac48c21bf268b1 2010.1/SRPMS/firefox-ext-scribefire-3.5.2-2.11mdv2010.2.src.rpm e65da7beca8fa7edffd5a70da28161ec 2010.1/SRPMS/firefox-ext-weave-sync-1.1-5.11mdv2010.2.src.rpm c4ce7eec413e557445f66f2b167899a7 2010.1/SRPMS/firefox-ext-xmarks-3.6.14-2.11mdv2010.2.src.rpm 55bd4776f283283a5c8ab1906658b9c9 2010.1/SRPMS/firefox-l10n-3.6.17-0.1mdv2010.2.src.rpm e0bcbb8764bd02ec459e7252aec2d042 2010.1/SRPMS/gjs-0.6-4.11mdv2010.2.src.rpm 66f6688cea914918243d9afeefc443b2 2010.1/SRPMS/gnome-python-extras-2.25.3-18.11mdv2010.2.src.rpm f8304df757bbcc2d16d3198e3fda3d23 2010.1/SRPMS/lemon-3.7.4-0.1mdv2010.2.src.rpm 8b4cc9318b6004ece98b4d1057cea92d 2010.1/SRPMS/sqlite3-3.7.6.2-0.1mdv2010.2.src.rpm 6a7d4ed599fbf868d4a02a9e8d2933c8 2010.1/SRPMS/xulrunner-1.9.2.17-0.1mdv2010.2.src.rpm 8f9d8865473f416ec554aa017d0dccb1 2010.1/SRPMS/yelp-2.30.1-4.11mdv2010.2.src.rpm
Mandriva Enterprise Server 5: cd1e9a42a006aa5adda100679d0cbc93 mes5/i586/firefox-3.6.17-0.1mdvmes5.2.i586.rpm 71d37ac9f0293811bd4520e03dc54157 mes5/i586/firefox-af-3.6.17-0.1mdvmes5.2.i586.rpm 7f0e73e51c41f69de839fc2755d88853 mes5/i586/firefox-ar-3.6.17-0.1mdvmes5.2.i586.rpm 0d3d203788e1c81779a5f9ca31ddb022 mes5/i586/firefox-be-3.6.17-0.1mdvmes5.2.i586.rpm b40754b7ecfd225d8b8192055d275635 mes5/i586/firefox-bg-3.6.17-0.1mdvmes5.2.i586.rpm 28c6bc31a2e4332cc3c0f3b815cf9550 mes5/i586/firefox-bn-3.6.17-0.1mdvmes5.2.i586.rpm 6fd253979012ac8302baa07b257bfa4c mes5/i586/firefox-ca-3.6.17-0.1mdvmes5.2.i586.rpm 28354e9b7daf2993f1f4e550045a20e3 mes5/i586/firefox-cs-3.6.17-0.1mdvmes5.2.i586.rpm 4f4b94dc2cfd87ddaec38d5fb5eb0400 mes5/i586/firefox-cy-3.6.17-0.1mdvmes5.2.i586.rpm 9ebfff1af214cbee62fa37079e2bd7e6 mes5/i586/firefox-da-3.6.17-0.1mdvmes5.2.i586.rpm f549fe10cf71e4ffacfb60882521b2df mes5/i586/firefox-de-3.6.17-0.1mdvmes5.2.i586.rpm 93305ea82f3f0db7a8818cba8a6de264 mes5/i586/firefox-devel-3.6.17-0.1mdvmes5.2.i586.rpm 27dd2d2ecc56883660cd01c1c05c0a64 mes5/i586/firefox-el-3.6.17-0.1mdvmes5.2.i586.rpm eb242443939e1ec934e1a03e927dfcc7 mes5/i586/firefox-en_GB-3.6.17-0.1mdvmes5.2.i586.rpm 70a5b46a1a85af189111d5c903c04e6f mes5/i586/firefox-eo-3.6.17-0.1mdvmes5.2.i586.rpm 045d6b80f006d42b49404862b01228e2 mes5/i586/firefox-es_AR-3.6.17-0.1mdvmes5.2.i586.rpm 4303d5138af4a2ebe3cf3d2ca6a1917d mes5/i586/firefox-es_ES-3.6.17-0.1mdvmes5.2.i586.rpm e75f75febb938386c4900bc1af8af042 mes5/i586/firefox-et-3.6.17-0.1mdvmes5.2.i586.rpm 452955a2a43a62918d190e022c075442 mes5/i586/firefox-eu-3.6.17-0.1mdvmes5.2.i586.rpm 9a248c3c9431b97f65e105824c9361ec mes5/i586/firefox-fi-3.6.17-0.1mdvmes5.2.i586.rpm e404680e82e06af73a581a5c4b508156 mes5/i586/firefox-fr-3.6.17-0.1mdvmes5.2.i586.rpm 13cc1a0d0c0841dae79534feb33e3df3 mes5/i586/firefox-fy-3.6.17-0.1mdvmes5.2.i586.rpm 6e1e56d7854c9f78a1c9813ff929eacc mes5/i586/firefox-ga_IE-3.6.17-0.1mdvmes5.2.i586.rpm a40d04e4b23e315d5138669edcac7f46 mes5/i586/firefox-gl-3.6.17-0.1mdvmes5.2.i586.rpm 003ab3759ad09849c7c75b100cb0493b mes5/i586/firefox-gu_IN-3.6.17-0.1mdvmes5.2.i586.rpm 2c0793b1f9650e6f2fee84cce9614d8c mes5/i586/firefox-he-3.6.17-0.1mdvmes5.2.i586.rpm 15074456de86609bd2f8200e5d9242d4 mes5/i586/firefox-hi-3.6.17-0.1mdvmes5.2.i586.rpm dd2f72897646c7b30dc12775dd82a2d4 mes5/i586/firefox-hu-3.6.17-0.1mdvmes5.2.i586.rpm 29c5aa93bdca6f566cbdcabe4a8e3b9b mes5/i586/firefox-id-3.6.17-0.1mdvmes5.2.i586.rpm 163d2fa3c63d7863ccf7f7bbaf4d0e11 mes5/i586/firefox-is-3.6.17-0.1mdvmes5.2.i586.rpm 47069560437e511140ba5ff1b63291d8 mes5/i586/firefox-it-3.6.17-0.1mdvmes5.2.i586.rpm 6cc9d026a8569b790ba2fcbd8e24a862 mes5/i586/firefox-ja-3.6.17-0.1mdvmes5.2.i586.rpm c2a4b813bfed1a0771505aba9a64b67a mes5/i586/firefox-ka-3.6.17-0.1mdvmes5.2.i586.rpm ae479a045c885c2c887e38f43220a831 mes5/i586/firefox-kn-3.6.17-0.1mdvmes5.2.i586.rpm adbb4ae02ac0592bb6c3164da559fcdd mes5/i586/firefox-ko-3.6.17-0.1mdvmes5.2.i586.rpm 4dade34dbe0124df10e7bc9b944223ad mes5/i586/firefox-ku-3.6.17-0.1mdvmes5.2.i586.rpm 24eb9a94cce3d8ff6108aab01814eddf mes5/i586/firefox-lt-3.6.17-0.1mdvmes5.2.i586.rpm d26f9486102084657ce92ece26daa619 mes5/i586/firefox-lv-3.6.17-0.1mdvmes5.2.i586.rpm 36d6e7bded0d41872f598a3ee7ed3ce3 mes5/i586/firefox-mk-3.6.17-0.1mdvmes5.2.i586.rpm 26fe1eac37c64f4449e5640e2b4fd623 mes5/i586/firefox-mr-3.6.17-0.1mdvmes5.2.i586.rpm 593c15394af9f6269820bef95f5044d2 mes5/i586/firefox-nb_NO-3.6.17-0.1mdvmes5.2.i586.rpm d20476061cc8797e78728e36f26a0e1f mes5/i586/firefox-nl-3.6.17-0.1mdvmes5.2.i586.rpm 7367469b54aba0e799ea78f8e6c57623 mes5/i586/firefox-nn_NO-3.6.17-0.1mdvmes5.2.i586.rpm f57fa32c9d04b1efa5f0bc610aed9310 mes5/i586/firefox-oc-3.6.17-0.1mdvmes5.2.i586.rpm 1373e0a9b280d0955af3cdac49287e3c mes5/i586/firefox-pa_IN-3.6.17-0.1mdvmes5.2.i586.rpm 4db37cc34f95f2050549b2b94ec67e85 mes5/i586/firefox-pl-3.6.17-0.1mdvmes5.2.i586.rpm cf755af35925c6c0039ee29f9c0029d0 mes5/i586/firefox-pt_BR-3.6.17-0.1mdvmes5.2.i586.rpm a2f110045a0ddfff974990f60c4fe64b mes5/i586/firefox-pt_PT-3.6.17-0.1mdvmes5.2.i586.rpm fbe53c4ec1d600b4c42ab3dfa377f15f mes5/i586/firefox-ro-3.6.17-0.1mdvmes5.2.i586.rpm f656ab01daaea25add74112516d57f89 mes5/i586/firefox-ru-3.6.17-0.1mdvmes5.2.i586.rpm 2903d0b3ce028351f70f416088b119ec mes5/i586/firefox-si-3.6.17-0.1mdvmes5.2.i586.rpm 11e1d9a1c1ea08e9ca6edf1c4dead3b7 mes5/i586/firefox-sk-3.6.17-0.1mdvmes5.2.i586.rpm 7a926b7da38eb87ec265a2e8630b405c mes5/i586/firefox-sl-3.6.17-0.1mdvmes5.2.i586.rpm 23d443bb392eebe34cc23645390e5db3 mes5/i586/firefox-sq-3.6.17-0.1mdvmes5.2.i586.rpm 1c863cc5d1ff0ca73463e3fadb49826d mes5/i586/firefox-sr-3.6.17-0.1mdvmes5.2.i586.rpm eefc88ca28558a2aa84916ab68c8784b mes5/i586/firefox-sv_SE-3.6.17-0.1mdvmes5.2.i586.rpm a370f38efa21a805eb7ffcaa3b0ff4e6 mes5/i586/firefox-te-3.6.17-0.1mdvmes5.2.i586.rpm 1938a177263949976d41d331ad88a6fd mes5/i586/firefox-th-3.6.17-0.1mdvmes5.2.i586.rpm 411b0440df40c11a6b6afd2678f88194 mes5/i586/firefox-tr-3.6.17-0.1mdvmes5.2.i586.rpm 19a879814fca5ab264c360a3c2a7bc94 mes5/i586/firefox-uk-3.6.17-0.1mdvmes5.2.i586.rpm 21fb65bdb7b2d072cd856b89f82b5110 mes5/i586/firefox-zh_CN-3.6.17-0.1mdvmes5.2.i586.rpm 48aeb095031ec9bb857d43eaa787c3f3 mes5/i586/firefox-zh_TW-3.6.17-0.1mdvmes5.2.i586.rpm ab0bdd9c6e0ac64cece89ab65dc561c5 mes5/i586/gnome-python-extras-2.19.1-20.27mdvmes5.2.i586.rpm c8d2cbcd8b1aaa8a2a51bcdbb0b2b910 mes5/i586/gnome-python-gda-2.19.1-20.27mdvmes5.2.i586.rpm ec5227d35f1449aaf7efe40f7fbb318f mes5/i586/gnome-python-gda-devel-2.19.1-20.27mdvmes5.2.i586.rpm 7b452ca6f2d66637d394660ea03d9d2a mes5/i586/gnome-python-gdl-2.19.1-20.27mdvmes5.2.i586.rpm fb3c82427b3e7431ad8a258fc9eff104 mes5/i586/gnome-python-gtkhtml2-2.19.1-20.27mdvmes5.2.i586.rpm ab2354cebdc0b8e2aa173ead5532b4ac mes5/i586/gnome-python-gtkmozembed-2.19.1-20.27mdvmes5.2.i586.rpm b534f20edd5f3757349a8c4a50d0a0e6 mes5/i586/gnome-python-gtkspell-2.19.1-20.27mdvmes5.2.i586.rpm 61a1d120a4e4570fb72dad35226769b4 mes5/i586/lemon-3.7.4-0.1mdvmes5.2.i586.rpm 69e75f2466743e6d1400e6fe780040fd mes5/i586/libsqlite3_0-3.7.6.2-0.1mdvmes5.2.i586.rpm a3d24e02c7564b24ba0e1c84e47c1199 mes5/i586/libsqlite3-devel-3.7.6.2-0.1mdvmes5.2.i586.rpm 92f31472aa1598fa93e62e343e58c451 mes5/i586/libsqlite3-static-devel-3.7.6.2-0.1mdvmes5.2.i586.rpm dc34aa3a20ded6207c29571b1442dc61 mes5/i586/libxulrunner1.9.2.17-1.9.2.17-0.1mdvmes5.2.i586.rpm b403f1b78eca1fa166eed7314589d6c3 mes5/i586/libxulrunner-devel-1.9.2.17-0.1mdvmes5.2.i586.rpm 266697bb330b9b48b1c10a5e9f728d63 mes5/i586/sqlite3-tools-3.7.6.2-0.1mdvmes5.2.i586.rpm 076f2a699a8ef53d6c276be266a9af9f mes5/i586/xulrunner-1.9.2.17-0.1mdvmes5.2.i586.rpm f07e55998cada837f50c314833682dbc mes5/i586/yelp-2.24.0-3.28mdvmes5.2.i586.rpm 08e3395dcf5d79aad887b04fccbeca1a mes5/SRPMS/firefox-3.6.17-0.1mdvmes5.2.src.rpm ace71a7037acfef2e442c0f1d472a558 mes5/SRPMS/firefox-l10n-3.6.17-0.1mdvmes5.2.src.rpm f625973d73bdc2c483e16d69d86ed015 mes5/SRPMS/gnome-python-extras-2.19.1-20.27mdvmes5.2.src.rpm 5e72aa3d556fbaadb3feba514417c97f mes5/SRPMS/lemon-3.7.4-0.1mdvmes5.2.src.rpm 42a930801375eab6b2532bbe97f2938d mes5/SRPMS/sqlite3-3.7.6.2-0.1mdvmes5.2.src.rpm 6e2762193b3083bdc03e89d638c1ca59 mes5/SRPMS/xulrunner-1.9.2.17-0.1mdvmes5.2.src.rpm a0115bd0847187c4a21ded2734c2567a mes5/SRPMS/yelp-2.24.0-3.28mdvmes5.2.src.rpm
Mandriva Enterprise Server 5/X86_64: bcbc626f149907e7db0aa880b0986682 mes5/x86_64/firefox-3.6.17-0.1mdvmes5.2.x86_64.rpm 56ce0c4dc89e1f2626b26b61ba0eb1f9 mes5/x86_64/firefox-af-3.6.17-0.1mdvmes5.2.x86_64.rpm 2d8db2677a37b8a1ae081c2a30807bdf mes5/x86_64/firefox-ar-3.6.17-0.1mdvmes5.2.x86_64.rpm 8f13b9c5f31e3baf114d8ff1c4662a0f mes5/x86_64/firefox-be-3.6.17-0.1mdvmes5.2.x86_64.rpm 9b1498c677c64c9a4b5e003f614b66de mes5/x86_64/firefox-bg-3.6.17-0.1mdvmes5.2.x86_64.rpm 17c1cf44b4a4f6acb460bb4745f608bb mes5/x86_64/firefox-bn-3.6.17-0.1mdvmes5.2.x86_64.rpm d24d45ec96e39a93d22a9304e7cf67ac mes5/x86_64/firefox-ca-3.6.17-0.1mdvmes5.2.x86_64.rpm 2c9635ebd5eb01ee812abe1e60fc1a90 mes5/x86_64/firefox-cs-3.6.17-0.1mdvmes5.2.x86_64.rpm 9d6e1fb46850b1ed7e541739e283ac2f mes5/x86_64/firefox-cy-3.6.17-0.1mdvmes5.2.x86_64.rpm 8f7cd04bb995712880ad9f552b08bcea mes5/x86_64/firefox-da-3.6.17-0.1mdvmes5.2.x86_64.rpm 3dc2f1215bd97c95e307bea6d857502b mes5/x86_64/firefox-de-3.6.17-0.1mdvmes5.2.x86_64.rpm c238ee61325ec66dc6b25e617890c2c7 mes5/x86_64/firefox-devel-3.6.17-0.1mdvmes5.2.x86_64.rpm 15fc79ff42e1c5040ff074762ecf9a08 mes5/x86_64/firefox-el-3.6.17-0.1mdvmes5.2.x86_64.rpm f8739033ea7805998e813121b932974d mes5/x86_64/firefox-en_GB-3.6.17-0.1mdvmes5.2.x86_64.rpm 37d15a0e10ea45f53052cb975480ec9c mes5/x86_64/firefox-eo-3.6.17-0.1mdvmes5.2.x86_64.rpm 1080d11107b386d5847a3900bd7f82ec mes5/x86_64/firefox-es_AR-3.6.17-0.1mdvmes5.2.x86_64.rpm eb471420d0ec8c797fed7d9737eb7cd1 mes5/x86_64/firefox-es_ES-3.6.17-0.1mdvmes5.2.x86_64.rpm 466a7b12b2720ba3a2a097a042334d19 mes5/x86_64/firefox-et-3.6.17-0.1mdvmes5.2.x86_64.rpm 62f7faefd2691977ac089b1230777fd1 mes5/x86_64/firefox-eu-3.6.17-0.1mdvmes5.2.x86_64.rpm 43e52f4084a1edb8fc3a98842cccf94f mes5/x86_64/firefox-fi-3.6.17-0.1mdvmes5.2.x86_64.rpm 2e02f68eaea320129bf14462b3f3c1e3 mes5/x86_64/firefox-fr-3.6.17-0.1mdvmes5.2.x86_64.rpm 8b906e8ddb2fc609d706262f892066cb mes5/x86_64/firefox-fy-3.6.17-0.1mdvmes5.2.x86_64.rpm 6c66cdeb261ccf59226e4940325e3ed9 mes5/x86_64/firefox-ga_IE-3.6.17-0.1mdvmes5.2.x86_64.rpm 61d5f0c94ba1fc1d9075d27e6575450d mes5/x86_64/firefox-gl-3.6.17-0.1mdvmes5.2.x86_64.rpm 7879ff61a4cb6c2f5b9b501f7d76ccce mes5/x86_64/firefox-gu_IN-3.6.17-0.1mdvmes5.2.x86_64.rpm 2e95af25ff50975161d817274c70a435 mes5/x86_64/firefox-he-3.6.17-0.1mdvmes5.2.x86_64.rpm e0de5a247cca79950b88b367d7c03eb6 mes5/x86_64/firefox-hi-3.6.17-0.1mdvmes5.2.x86_64.rpm a109e4717ed021a0bf05af9c8364af9b mes5/x86_64/firefox-hu-3.6.17-0.1mdvmes5.2.x86_64.rpm c6750aaa0a1e2b68757ef92bdc9b8820 mes5/x86_64/firefox-id-3.6.17-0.1mdvmes5.2.x86_64.rpm e78ecd366539d9e8826de2d9b9d53475 mes5/x86_64/firefox-is-3.6.17-0.1mdvmes5.2.x86_64.rpm 46d2e1106df05c0a23eb51774e8f3b94 mes5/x86_64/firefox-it-3.6.17-0.1mdvmes5.2.x86_64.rpm daf9972befd078246c1b894da7113bf4 mes5/x86_64/firefox-ja-3.6.17-0.1mdvmes5.2.x86_64.rpm 6b80fa3bb62ddeddd402730ac426fa4c mes5/x86_64/firefox-ka-3.6.17-0.1mdvmes5.2.x86_64.rpm d03328157f05d2d17c4bca57b67a80dd mes5/x86_64/firefox-kn-3.6.17-0.1mdvmes5.2.x86_64.rpm cb0715cd4a81594dcfb2c12ded2f0da9 mes5/x86_64/firefox-ko-3.6.17-0.1mdvmes5.2.x86_64.rpm 915e0f528feef5d0c9977e1226ff054b mes5/x86_64/firefox-ku-3.6.17-0.1mdvmes5.2.x86_64.rpm 5999f9b990455d35c6b7309ce24a5521 mes5/x86_64/firefox-lt-3.6.17-0.1mdvmes5.2.x86_64.rpm ec301658c5d0735dbd4d5bb73b49719f mes5/x86_64/firefox-lv-3.6.17-0.1mdvmes5.2.x86_64.rpm 69cbe297fd4885895dfffc2f82c97613 mes5/x86_64/firefox-mk-3.6.17-0.1mdvmes5.2.x86_64.rpm cc375fff57a189f0eed8b0127b5bac0f mes5/x86_64/firefox-mr-3.6.17-0.1mdvmes5.2.x86_64.rpm 1dea9c1581fb71783f921b44c467f894 mes5/x86_64/firefox-nb_NO-3.6.17-0.1mdvmes5.2.x86_64.rpm 2efeef9a98c5ec444083ee6c0ec28a9e mes5/x86_64/firefox-nl-3.6.17-0.1mdvmes5.2.x86_64.rpm b2a0f77c3a5f144fd9b13e6e18b5668d mes5/x86_64/firefox-nn_NO-3.6.17-0.1mdvmes5.2.x86_64.rpm 459caa344929122196f40a0b03aaa77f mes5/x86_64/firefox-oc-3.6.17-0.1mdvmes5.2.x86_64.rpm 7acc021757df45d4c9a3f0adf5058f4e mes5/x86_64/firefox-pa_IN-3.6.17-0.1mdvmes5.2.x86_64.rpm 4c415b9549be3c5b901a18a751e72e7e mes5/x86_64/firefox-pl-3.6.17-0.1mdvmes5.2.x86_64.rpm b7410e6f949e2e167b6a5ffa13f1d5a4 mes5/x86_64/firefox-pt_BR-3.6.17-0.1mdvmes5.2.x86_64.rpm 43cc010a9f8b133adac9a4eb5fd111f7 mes5/x86_64/firefox-pt_PT-3.6.17-0.1mdvmes5.2.x86_64.rpm 04ed29a15e51451cfa4122eb7c4ada8e mes5/x86_64/firefox-ro-3.6.17-0.1mdvmes5.2.x86_64.rpm c5f071ad5734fc69ed6187ae9f92e72d mes5/x86_64/firefox-ru-3.6.17-0.1mdvmes5.2.x86_64.rpm 7bb7fd81e876495f4ae7ab30da0f9ae4 mes5/x86_64/firefox-si-3.6.17-0.1mdvmes5.2.x86_64.rpm 975dcd619280dbcf17b55d538f01e93e mes5/x86_64/firefox-sk-3.6.17-0.1mdvmes5.2.x86_64.rpm d8e4dfe5ffb9bfc49709b60e7fbf2c92 mes5/x86_64/firefox-sl-3.6.17-0.1mdvmes5.2.x86_64.rpm 1b33061a688a563053bcd50bc4449db1 mes5/x86_64/firefox-sq-3.6.17-0.1mdvmes5.2.x86_64.rpm 5fef483a4f5e020021c2cd4e34749ab7 mes5/x86_64/firefox-sr-3.6.17-0.1mdvmes5.2.x86_64.rpm 6e21f7add5864e8ee26dc8a744fdc30b mes5/x86_64/firefox-sv_SE-3.6.17-0.1mdvmes5.2.x86_64.rpm e86770d480ecd52ed6ee2eeae6f6d24b mes5/x86_64/firefox-te-3.6.17-0.1mdvmes5.2.x86_64.rpm 24a6cd92245b7c16404059228dee56a1 mes5/x86_64/firefox-th-3.6.17-0.1mdvmes5.2.x86_64.rpm fc97ff214f1fd47aa3d270a20c238913 mes5/x86_64/firefox-tr-3.6.17-0.1mdvmes5.2.x86_64.rpm 6d665853c2345607b932f836eeb9ab8a mes5/x86_64/firefox-uk-3.6.17-0.1mdvmes5.2.x86_64.rpm afa7c5c1bc9aec01733382e300770e61 mes5/x86_64/firefox-zh_CN-3.6.17-0.1mdvmes5.2.x86_64.rpm 8bb13a84c1efabc7baf94143e3a78364 mes5/x86_64/firefox-zh_TW-3.6.17-0.1mdvmes5.2.x86_64.rpm b7a1511c5b7ff2d910fb8fa306a9fb50 mes5/x86_64/gnome-python-extras-2.19.1-20.27mdvmes5.2.x86_64.rpm e2df82f36fb325df0797b18847dbb1a5 mes5/x86_64/gnome-python-gda-2.19.1-20.27mdvmes5.2.x86_64.rpm 8253a637a23efef6c15c552b9b0a3459 mes5/x86_64/gnome-python-gda-devel-2.19.1-20.27mdvmes5.2.x86_64.rpm 2a6a42257bc206b8c373315808f89a11 mes5/x86_64/gnome-python-gdl-2.19.1-20.27mdvmes5.2.x86_64.rpm 407ab79e0a50b3c361c528ad0381dc0a mes5/x86_64/gnome-python-gtkhtml2-2.19.1-20.27mdvmes5.2.x86_64.rpm 214a324b266e552e2393e31be905fec0 mes5/x86_64/gnome-python-gtkmozembed-2.19.1-20.27mdvmes5.2.x86_64.rpm f00814fd166c6173473923145f7edb09 mes5/x86_64/gnome-python-gtkspell-2.19.1-20.27mdvmes5.2.x86_64.rpm fb5f99420187bd9d38fca89a3c296779 mes5/x86_64/lemon-3.7.4-0.1mdvmes5.2.x86_64.rpm 5b84fb55152b544c80660e96a1ec63c8 mes5/x86_64/lib64sqlite3_0-3.7.6.2-0.1mdvmes5.2.x86_64.rpm 1e399ecae3c9de83bc4d4f2a91a74dfb mes5/x86_64/lib64sqlite3-devel-3.7.6.2-0.1mdvmes5.2.x86_64.rpm aea22ba2c95d994dd25bd9433aa93bd1 mes5/x86_64/lib64sqlite3-static-devel-3.7.6.2-0.1mdvmes5.2.x86_64.rpm 13bce11c19e821c3d7c2f4cdc1ab402f mes5/x86_64/lib64xulrunner1.9.2.17-1.9.2.17-0.1mdvmes5.2.x86_64.rpm 8a3ca64ce81aadbdd2ecb3a398570762 mes5/x86_64/lib64xulrunner-devel-1.9.2.17-0.1mdvmes5.2.x86_64.rpm 437b579498eb505c806cee54a61abca7 mes5/x86_64/sqlite3-tools-3.7.6.2-0.1mdvmes5.2.x86_64.rpm e29899f953d34097cb5c8679dd7775df mes5/x86_64/xulrunner-1.9.2.17-0.1mdvmes5.2.x86_64.rpm 93bd94819b0b98ead5f8eb7b00bf8703 mes5/x86_64/yelp-2.24.0-3.28mdvmes5.2.x86_64.rpm 08e3395dcf5d79aad887b04fccbeca1a mes5/SRPMS/firefox-3.6.17-0.1mdvmes5.2.src.rpm ace71a7037acfef2e442c0f1d472a558 mes5/SRPMS/firefox-l10n-3.6.17-0.1mdvmes5.2.src.rpm f625973d73bdc2c483e16d69d86ed015 mes5/SRPMS/gnome-python-extras-2.19.1-20.27mdvmes5.2.src.rpm 5e72aa3d556fbaadb3feba514417c97f mes5/SRPMS/lemon-3.7.4-0.1mdvmes5.2.src.rpm 42a930801375eab6b2532bbe97f2938d mes5/SRPMS/sqlite3-3.7.6.2-0.1mdvmes5.2.src.rpm 6e2762193b3083bdc03e89d638c1ca59 mes5/SRPMS/xulrunner-1.9.2.17-0.1mdvmes5.2.src.rpm a0115bd0847187c4a21ded2734c2567a mes5/SRPMS/yelp-2.24.0-3.28mdvmes5.2.src.rpm
To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandriva Linux at:
http://www.mandriva.com/security/advisories
If you want to report vulnerabilities, please contact
security_(at)_mandriva.com
Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux)
iD8DBQFNu9bfmqjQ0CJFipgRAjj2AJ4iav3EMP5XoLEC8nisesrJPy7FSgCeJ9JX uo5K88YBkyVTJhsEYpwVsxA= =nlH5 -----END PGP SIGNATURE-----
Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ . - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201301-01
http://security.gentoo.org/
Severity: High Title: Mozilla Products: Multiple vulnerabilities Date: January 08, 2013 Bugs: #180159, #181361, #207261, #238535, #246602, #251322, #255221, #255234, #255687, #257577, #260062, #261386, #262704, #267234, #273918, #277752, #280226, #280234, #280393, #282549, #284439, #286721, #290892, #292034, #297532, #305689, #307045, #311021, #312361, #312645, #312651, #312675, #312679, #312763, #313003, #324735, #326341, #329279, #336396, #341821, #342847, #348316, #357057, #360055, #360315, #365323, #373595, #379549, #381245, #388045, #390771, #395431, #401701, #403183, #404437, #408161, #413657, #419917, #427224, #433383, #437780, #439586, #439960, #444318 ID: 201301-01
Synopsis
Multiple vulnerabilities have been found in Mozilla Firefox, Thunderbird, SeaMonkey, NSS, GNU IceCat, and XULRunner, some of which may allow execution of arbitrary code or local privilege escalation.
Background
Mozilla Firefox is an open-source web browser and Mozilla Thunderbird an open-source email client, both from the Mozilla Project. The SeaMonkey project is a community effort to deliver production-quality releases of code derived from the application formerly known as the 'Mozilla Application Suite'. XULRunner is a Mozilla runtime package that can be used to bootstrap XUL+XPCOM applications such as Firefox and Thunderbird. NSS is Mozilla's Network Security Services library that implements PKI support. IceCat is the GNU version of Firefox.
Affected packages
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 www-client/firefox < 10.0.11 >= 10.0.11 2 www-client/firefox-bin < 10.0.11 >= 10.0.11 3 mail-client/thunderbird < 10.0.11 >= 10.0.11 4 mail-client/thunderbird-bin < 10.0.11 >= 10.0.11 5 www-client/seamonkey < 2.14-r1 >= 2.14-r1 6 www-client/seamonkey-bin < 2.14 >= 2.14 7 dev-libs/nss < 3.14 >= 3.14 8 www-client/mozilla-firefox <= 3.6.8 Vulnerable! 9 www-client/mozilla-firefox-bin <= 3.5.6 Vulnerable! 10 mail-client/mozilla-thunderbird <= 3.0.4-r1 Vulnerable! 11 mail-client/mozilla-thunderbird-bin <= 3.0 Vulnerable! 12 www-client/icecat <= 10.0-r1 Vulnerable! 13 net-libs/xulrunner <= 2.0-r1 Vulnerable! 14 net-libs/xulrunner-bin <= 1.8.1.19 Vulnerable! ------------------------------------------------------------------- NOTE: Certain packages are still vulnerable. Users should migrate to another package if one is available or wait for the existing packages to be marked stable by their architecture maintainers. ------------------------------------------------------------------- 14 affected packages
Description
Multiple vulnerabilities have been discovered in Mozilla Firefox, Thunderbird, SeaMonkey, NSS, GNU IceCat, and XULRunner. Please review the CVE identifiers referenced below for details.
Impact
A remote attacker could entice a user to view a specially crafted web page or email, possibly resulting in execution of arbitrary code or a Denial of Service condition. Furthermore, a remote attacker may be able to perform Man-in-the-Middle attacks, obtain sensitive information, bypass restrictions and protection mechanisms, force file downloads, conduct XML injection attacks, conduct XSS attacks, bypass the Same Origin Policy, spoof URL's for phishing attacks, trigger a vertical scroll, spoof the location bar, spoof an SSL indicator, modify the browser's font, conduct clickjacking attacks, or have other unspecified impact.
A local attacker could gain escalated privileges, obtain sensitive information, or replace an arbitrary downloaded file.
Workaround
There is no known workaround at this time.
Resolution
All Mozilla Firefox users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=www-client/firefox-10.0.11"
All users of the Mozilla Firefox binary package should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=www-client/firefox-bin-10.0.11"=
All Mozilla Thunderbird users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot -v ">=mail-client/thunderbird-10.0.11"
All users of the Mozilla Thunderbird binary package should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot -v ">=mail-client/thunderbird-bin-10.0.11"
All Mozilla SeaMonkey users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=www-client/seamonkey-2.14-r1"
All users of the Mozilla SeaMonkey binary package should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=www-client/seamonkey-bin-2.14"
All NSS users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=dev-libs/nss-3.14"
The "www-client/mozilla-firefox" package has been merged into the "www-client/firefox" package. To upgrade, please unmerge "www-client/mozilla-firefox" and then emerge the latest "www-client/firefox" package:
# emerge --sync # emerge --unmerge "www-client/mozilla-firefox" # emerge --ask --oneshot --verbose ">=www-client/firefox-10.0.11"
The "www-client/mozilla-firefox-bin" package has been merged into the "www-client/firefox-bin" package. To upgrade, please unmerge "www-client/mozilla-firefox-bin" and then emerge the latest "www-client/firefox-bin" package:
# emerge --sync # emerge --unmerge "www-client/mozilla-firefox-bin" # emerge --ask --oneshot --verbose ">=www-client/firefox-bin-10.0.11"=
The "mail-client/mozilla-thunderbird" package has been merged into the "mail-client/thunderbird" package. To upgrade, please unmerge "mail-client/mozilla-thunderbird" and then emerge the latest "mail-client/thunderbird" package:
# emerge --sync # emerge --unmerge "mail-client/mozilla-thunderbird" # emerge --ask --oneshot -v ">=mail-client/thunderbird-10.0.11"
The "mail-client/mozilla-thunderbird-bin" package has been merged into the "mail-client/thunderbird-bin" package. To upgrade, please unmerge "mail-client/mozilla-thunderbird-bin" and then emerge the latest "mail-client/thunderbird-bin" package:
# emerge --sync # emerge --unmerge "mail-client/mozilla-thunderbird-bin" # emerge --ask --oneshot -v ">=mail-client/thunderbird-bin-10.0.11"
Gentoo discontinued support for GNU IceCat. We recommend that users unmerge GNU IceCat:
# emerge --unmerge "www-client/icecat"
Gentoo discontinued support for XULRunner. We recommend that users unmerge XULRunner:
# emerge --unmerge "net-libs/xulrunner"
Gentoo discontinued support for the XULRunner binary package. We recommend that users unmerge XULRunner:
# emerge --unmerge "net-libs/xulrunner-bin"
References
[ 1 ] CVE-2011-3101 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3101 [ 2 ] CVE-2007-2436 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-2436 [ 3 ] CVE-2007-2437 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-2437 [ 4 ] CVE-2007-2671 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-2671 [ 5 ] CVE-2007-3073 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-3073 [ 6 ] CVE-2008-0016 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0016 [ 7 ] CVE-2008-0017 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0017 [ 8 ] CVE-2008-0367 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0367 [ 9 ] CVE-2008-3835 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3835 [ 10 ] CVE-2008-3836 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3836 [ 11 ] CVE-2008-3837 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3837 [ 12 ] CVE-2008-4058 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4058 [ 13 ] CVE-2008-4059 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4059 [ 14 ] CVE-2008-4060 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4060 [ 15 ] CVE-2008-4061 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4061 [ 16 ] CVE-2008-4062 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4062 [ 17 ] CVE-2008-4063 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4063 [ 18 ] CVE-2008-4064 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4064 [ 19 ] CVE-2008-4065 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4065 [ 20 ] CVE-2008-4066 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4066 [ 21 ] CVE-2008-4067 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4067 [ 22 ] CVE-2008-4068 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4068 [ 23 ] CVE-2008-4069 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4069 [ 24 ] CVE-2008-4070 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4070 [ 25 ] CVE-2008-4582 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4582 [ 26 ] CVE-2008-5012 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5012 [ 27 ] CVE-2008-5013 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5013 [ 28 ] CVE-2008-5014 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5014 [ 29 ] CVE-2008-5015 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5015 [ 30 ] CVE-2008-5016 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5016 [ 31 ] CVE-2008-5017 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5017 [ 32 ] CVE-2008-5018 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5018 [ 33 ] CVE-2008-5019 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5019 [ 34 ] CVE-2008-5021 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5021 [ 35 ] CVE-2008-5022 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5022 [ 36 ] CVE-2008-5023 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5023 [ 37 ] CVE-2008-5024 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5024 [ 38 ] CVE-2008-5052 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5052 [ 39 ] CVE-2008-5500 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5500 [ 40 ] CVE-2008-5501 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5501 [ 41 ] CVE-2008-5502 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5502 [ 42 ] CVE-2008-5503 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5503 [ 43 ] CVE-2008-5504 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5504 [ 44 ] CVE-2008-5505 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5505 [ 45 ] CVE-2008-5506 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5506 [ 46 ] CVE-2008-5507 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5507 [ 47 ] CVE-2008-5508 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5508 [ 48 ] CVE-2008-5510 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5510 [ 49 ] CVE-2008-5511 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5511 [ 50 ] CVE-2008-5512 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5512 [ 51 ] CVE-2008-5513 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5513 [ 52 ] CVE-2008-5822 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5822 [ 53 ] CVE-2008-5913 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5913 [ 54 ] CVE-2008-6961 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-6961 [ 55 ] CVE-2009-0071 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0071 [ 56 ] CVE-2009-0071 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0071 [ 57 ] CVE-2009-0352 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0352 [ 58 ] CVE-2009-0353 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0353 [ 59 ] CVE-2009-0354 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0354 [ 60 ] CVE-2009-0355 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0355 [ 61 ] CVE-2009-0356 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0356 [ 62 ] CVE-2009-0357 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0357 [ 63 ] CVE-2009-0358 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0358 [ 64 ] CVE-2009-0652 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0652 [ 65 ] CVE-2009-0771 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0771 [ 66 ] CVE-2009-0772 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0772 [ 67 ] CVE-2009-0773 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0773 [ 68 ] CVE-2009-0774 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0774 [ 69 ] CVE-2009-0775 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0775 [ 70 ] CVE-2009-0776 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0776 [ 71 ] CVE-2009-0777 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0777 [ 72 ] CVE-2009-1044 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1044 [ 73 ] CVE-2009-1169 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1169 [ 74 ] CVE-2009-1302 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1302 [ 75 ] CVE-2009-1303 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1303 [ 76 ] CVE-2009-1304 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1304 [ 77 ] CVE-2009-1305 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1305 [ 78 ] CVE-2009-1306 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1306 [ 79 ] CVE-2009-1307 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1307 [ 80 ] CVE-2009-1308 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1308 [ 81 ] CVE-2009-1309 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1309 [ 82 ] CVE-2009-1310 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1310 [ 83 ] CVE-2009-1311 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1311 [ 84 ] CVE-2009-1312 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1312 [ 85 ] CVE-2009-1313 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1313 [ 86 ] CVE-2009-1392 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1392 [ 87 ] CVE-2009-1563 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1563 [ 88 ] CVE-2009-1571 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1571 [ 89 ] CVE-2009-1828 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1828 [ 90 ] CVE-2009-1832 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1832 [ 91 ] CVE-2009-1833 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1833 [ 92 ] CVE-2009-1834 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1834 [ 93 ] CVE-2009-1835 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1835 [ 94 ] CVE-2009-1836 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1836 [ 95 ] CVE-2009-1837 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1837 [ 96 ] CVE-2009-1838 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1838 [ 97 ] CVE-2009-1839 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1839 [ 98 ] CVE-2009-1840 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1840 [ 99 ] CVE-2009-1841 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1841 [ 100 ] CVE-2009-2043 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2043 [ 101 ] CVE-2009-2044 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2044 [ 102 ] CVE-2009-2061 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2061 [ 103 ] CVE-2009-2065 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2065 [ 104 ] CVE-2009-2210 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2210 [ 105 ] CVE-2009-2404 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2404 [ 106 ] CVE-2009-2408 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2408 [ 107 ] CVE-2009-2462 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2462 [ 108 ] CVE-2009-2463 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2463 [ 109 ] CVE-2009-2464 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2464 [ 110 ] CVE-2009-2465 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2465 [ 111 ] CVE-2009-2466 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2466 [ 112 ] CVE-2009-2467 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2467 [ 113 ] CVE-2009-2469 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2469 [ 114 ] CVE-2009-2470 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2470 [ 115 ] CVE-2009-2471 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2471 [ 116 ] CVE-2009-2472 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2472 [ 117 ] CVE-2009-2477 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2477 [ 118 ] CVE-2009-2478 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2478 [ 119 ] CVE-2009-2479 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2479 [ 120 ] CVE-2009-2535 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2535 [ 121 ] CVE-2009-2654 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2654 [ 122 ] CVE-2009-2662 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2662 [ 123 ] CVE-2009-2664 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2664 [ 124 ] CVE-2009-2665 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2665 [ 125 ] CVE-2009-3069 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3069 [ 126 ] CVE-2009-3070 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3070 [ 127 ] CVE-2009-3071 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3071 [ 128 ] CVE-2009-3072 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3072 [ 129 ] CVE-2009-3074 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3074 [ 130 ] CVE-2009-3075 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3075 [ 131 ] CVE-2009-3076 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3076 [ 132 ] CVE-2009-3077 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3077 [ 133 ] CVE-2009-3078 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3078 [ 134 ] CVE-2009-3079 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3079 [ 135 ] CVE-2009-3274 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3274 [ 136 ] CVE-2009-3371 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3371 [ 137 ] CVE-2009-3372 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3372 [ 138 ] CVE-2009-3373 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3373 [ 139 ] CVE-2009-3374 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3374 [ 140 ] CVE-2009-3375 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3375 [ 141 ] CVE-2009-3376 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3376 [ 142 ] CVE-2009-3377 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3377 [ 143 ] CVE-2009-3378 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3378 [ 144 ] CVE-2009-3379 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3379 [ 145 ] CVE-2009-3380 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3380 [ 146 ] CVE-2009-3381 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3381 [ 147 ] CVE-2009-3382 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3382 [ 148 ] CVE-2009-3383 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3383 [ 149 ] CVE-2009-3388 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3388 [ 150 ] CVE-2009-3389 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3389 [ 151 ] CVE-2009-3555 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3555 [ 152 ] CVE-2009-3978 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3978 [ 153 ] CVE-2009-3979 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3979 [ 154 ] CVE-2009-3980 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3980 [ 155 ] CVE-2009-3981 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3981 [ 156 ] CVE-2009-3982 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3982 [ 157 ] CVE-2009-3983 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3983 [ 158 ] CVE-2009-3984 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3984 [ 159 ] CVE-2009-3985 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3985 [ 160 ] CVE-2009-3986 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3986 [ 161 ] CVE-2009-3987 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3987 [ 162 ] CVE-2009-3988 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3988 [ 163 ] CVE-2010-0159 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0159 [ 164 ] CVE-2010-0160 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0160 [ 165 ] CVE-2010-0162 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0162 [ 166 ] CVE-2010-0163 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0163 [ 167 ] CVE-2010-0164 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0164 [ 168 ] CVE-2010-0165 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0165 [ 169 ] CVE-2010-0166 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0166 [ 170 ] CVE-2010-0167 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0167 [ 171 ] CVE-2010-0167 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0167 [ 172 ] CVE-2010-0168 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0168 [ 173 ] CVE-2010-0169 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0169 [ 174 ] CVE-2010-0169 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0169 [ 175 ] CVE-2010-0170 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0170 [ 176 ] CVE-2010-0171 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0171 [ 177 ] CVE-2010-0171 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0171 [ 178 ] CVE-2010-0172 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0172 [ 179 ] CVE-2010-0173 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0173 [ 180 ] CVE-2010-0174 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0174 [ 181 ] CVE-2010-0174 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0174 [ 182 ] CVE-2010-0175 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0175 [ 183 ] CVE-2010-0175 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0175 [ 184 ] CVE-2010-0176 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0176 [ 185 ] CVE-2010-0176 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0176 [ 186 ] CVE-2010-0177 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0177 [ 187 ] CVE-2010-0178 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0178 [ 188 ] CVE-2010-0179 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0179 [ 189 ] CVE-2010-0181 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0181 [ 190 ] CVE-2010-0182 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0182 [ 191 ] CVE-2010-0183 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0183 [ 192 ] CVE-2010-0220 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0220 [ 193 ] CVE-2010-0648 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0648 [ 194 ] CVE-2010-0654 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0654 [ 195 ] CVE-2010-1028 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1028 [ 196 ] CVE-2010-1121 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1121 [ 197 ] CVE-2010-1125 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1125 [ 198 ] CVE-2010-1196 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1196 [ 199 ] CVE-2010-1197 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1197 [ 200 ] CVE-2010-1198 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1198 [ 201 ] CVE-2010-1199 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1199 [ 202 ] CVE-2010-1200 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1200 [ 203 ] CVE-2010-1201 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1201 [ 204 ] CVE-2010-1202 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1202 [ 205 ] CVE-2010-1203 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1203 [ 206 ] CVE-2010-1205 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1205 [ 207 ] CVE-2010-1206 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1206 [ 208 ] CVE-2010-1207 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1207 [ 209 ] CVE-2010-1208 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1208 [ 210 ] CVE-2010-1209 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1209 [ 211 ] CVE-2010-1210 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1210 [ 212 ] CVE-2010-1211 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1211 [ 213 ] CVE-2010-1212 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1212 [ 214 ] CVE-2010-1213 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1213 [ 215 ] CVE-2010-1214 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1214 [ 216 ] CVE-2010-1215 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1215 [ 217 ] CVE-2010-1585 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1585 [ 218 ] CVE-2010-2751 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2751 [ 219 ] CVE-2010-2752 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2752 [ 220 ] CVE-2010-2753 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2753 [ 221 ] CVE-2010-2754 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2754 [ 222 ] CVE-2010-2755 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2755 [ 223 ] CVE-2010-2760 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2760 [ 224 ] CVE-2010-2762 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2762 [ 225 ] CVE-2010-2763 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2763 [ 226 ] CVE-2010-2764 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2764 [ 227 ] CVE-2010-2765 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2765 [ 228 ] CVE-2010-2766 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2766 [ 229 ] CVE-2010-2767 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2767 [ 230 ] CVE-2010-2768 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2768 [ 231 ] CVE-2010-2769 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2769 [ 232 ] CVE-2010-2770 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2770 [ 233 ] CVE-2010-3131 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3131 [ 234 ] CVE-2010-3166 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3166 [ 235 ] CVE-2010-3167 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3167 [ 236 ] CVE-2010-3168 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3168 [ 237 ] CVE-2010-3169 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3169 [ 238 ] CVE-2010-3170 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3170 [ 239 ] CVE-2010-3171 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3171 [ 240 ] CVE-2010-3173 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3173 [ 241 ] CVE-2010-3174 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3174 [ 242 ] CVE-2010-3175 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3175 [ 243 ] CVE-2010-3176 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3176 [ 244 ] CVE-2010-3177 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3177 [ 245 ] CVE-2010-3178 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3178 [ 246 ] CVE-2010-3179 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3179 [ 247 ] CVE-2010-3180 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3180 [ 248 ] CVE-2010-3182 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3182 [ 249 ] CVE-2010-3183 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3183 [ 250 ] CVE-2010-3399 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3399 [ 251 ] CVE-2010-3400 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3400 [ 252 ] CVE-2010-3765 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3765 [ 253 ] CVE-2010-3766 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3766 [ 254 ] CVE-2010-3767 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3767 [ 255 ] CVE-2010-3768 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3768 [ 256 ] CVE-2010-3769 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3769 [ 257 ] CVE-2010-3770 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3770 [ 258 ] CVE-2010-3771 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3771 [ 259 ] CVE-2010-3772 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3772 [ 260 ] CVE-2010-3773 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3773 [ 261 ] CVE-2010-3774 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3774 [ 262 ] CVE-2010-3775 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3775 [ 263 ] CVE-2010-3776 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3776 [ 264 ] CVE-2010-3777 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3777 [ 265 ] CVE-2010-3778 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3778 [ 266 ] CVE-2010-4508 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4508 [ 267 ] CVE-2010-5074 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-5074 [ 268 ] CVE-2011-0051 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0051 [ 269 ] CVE-2011-0053 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0053 [ 270 ] CVE-2011-0054 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0054 [ 271 ] CVE-2011-0055 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0055 [ 272 ] CVE-2011-0056 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0056 [ 273 ] CVE-2011-0057 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0057 [ 274 ] CVE-2011-0058 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0058 [ 275 ] CVE-2011-0059 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0059 [ 276 ] CVE-2011-0061 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0061 [ 277 ] CVE-2011-0062 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0062 [ 278 ] CVE-2011-0065 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0065 [ 279 ] CVE-2011-0066 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0066 [ 280 ] CVE-2011-0067 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0067 [ 281 ] CVE-2011-0068 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0068 [ 282 ] CVE-2011-0069 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0069 [ 283 ] CVE-2011-0070 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0070 [ 284 ] CVE-2011-0071 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0071 [ 285 ] CVE-2011-0072 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0072 [ 286 ] CVE-2011-0073 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0073 [ 287 ] CVE-2011-0074 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0074 [ 288 ] CVE-2011-0075 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0075 [ 289 ] CVE-2011-0076 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0076 [ 290 ] CVE-2011-0077 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0077 [ 291 ] CVE-2011-0078 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0078 [ 292 ] CVE-2011-0079 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0079 [ 293 ] CVE-2011-0080 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0080 [ 294 ] CVE-2011-0081 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0081 [ 295 ] CVE-2011-0082 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0082 [ 296 ] CVE-2011-0083 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0083 [ 297 ] CVE-2011-0084 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0084 [ 298 ] CVE-2011-0085 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0085 [ 299 ] CVE-2011-1187 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-1187 [ 300 ] CVE-2011-1202 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-1202 [ 301 ] CVE-2011-1712 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-1712 [ 302 ] CVE-2011-2362 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2362 [ 303 ] CVE-2011-2363 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2363 [ 304 ] CVE-2011-2364 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2364 [ 305 ] CVE-2011-2365 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2365 [ 306 ] CVE-2011-2369 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2369 [ 307 ] CVE-2011-2370 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2370 [ 308 ] CVE-2011-2371 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2371 [ 309 ] CVE-2011-2372 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2372 [ 310 ] CVE-2011-2373 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2373 [ 311 ] CVE-2011-2374 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2374 [ 312 ] CVE-2011-2375 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2375 [ 313 ] CVE-2011-2376 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2376 [ 314 ] CVE-2011-2377 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2377 [ 315 ] CVE-2011-2378 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2378 [ 316 ] CVE-2011-2605 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2605 [ 317 ] CVE-2011-2980 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2980 [ 318 ] CVE-2011-2981 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2981 [ 319 ] CVE-2011-2982 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2982 [ 320 ] CVE-2011-2983 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2983 [ 321 ] CVE-2011-2984 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2984 [ 322 ] CVE-2011-2985 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2985 [ 323 ] CVE-2011-2986 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2986 [ 324 ] CVE-2011-2987 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2987 [ 325 ] CVE-2011-2988 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2988 [ 326 ] CVE-2011-2989 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2989 [ 327 ] CVE-2011-2990 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2990 [ 328 ] CVE-2011-2991 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2991 [ 329 ] CVE-2011-2993 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2993 [ 330 ] CVE-2011-2995 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2995 [ 331 ] CVE-2011-2996 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2996 [ 332 ] CVE-2011-2997 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2997 [ 333 ] CVE-2011-2998 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2998 [ 334 ] CVE-2011-2999 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2999 [ 335 ] CVE-2011-3000 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3000 [ 336 ] CVE-2011-3001 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3001 [ 337 ] CVE-2011-3002 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3002 [ 338 ] CVE-2011-3003 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3003 [ 339 ] CVE-2011-3004 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3004 [ 340 ] CVE-2011-3005 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3005 [ 341 ] CVE-2011-3026 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3026 [ 342 ] CVE-2011-3062 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3062 [ 343 ] CVE-2011-3232 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3232 [ 344 ] CVE-2011-3389 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3389 [ 345 ] CVE-2011-3640 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3640 [ 346 ] CVE-2011-3647 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3647 [ 347 ] CVE-2011-3648 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3648 [ 348 ] CVE-2011-3649 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3649 [ 349 ] CVE-2011-3650 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3650 [ 350 ] CVE-2011-3651 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3651 [ 351 ] CVE-2011-3652 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3652 [ 352 ] CVE-2011-3653 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3653 [ 353 ] CVE-2011-3654 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3654 [ 354 ] CVE-2011-3655 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3655 [ 355 ] CVE-2011-3658 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3658 [ 356 ] CVE-2011-3659 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3659 [ 357 ] CVE-2011-3660 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3660 [ 358 ] CVE-2011-3661 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3661 [ 359 ] CVE-2011-3663 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3663 [ 360 ] CVE-2011-3665 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3665 [ 361 ] CVE-2011-3670 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3670 [ 362 ] CVE-2011-3866 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3866 [ 363 ] CVE-2011-4688 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-4688 [ 364 ] CVE-2012-0441 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0441 [ 365 ] CVE-2012-0442 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0442 [ 366 ] CVE-2012-0443 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0443 [ 367 ] CVE-2012-0444 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0444 [ 368 ] CVE-2012-0445 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0445 [ 369 ] CVE-2012-0446 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0446 [ 370 ] CVE-2012-0447 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0447 [ 371 ] CVE-2012-0449 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0449 [ 372 ] CVE-2012-0450 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0450 [ 373 ] CVE-2012-0451 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0451 [ 374 ] CVE-2012-0452 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0452 [ 375 ] CVE-2012-0455 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0455 [ 376 ] CVE-2012-0456 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0456 [ 377 ] CVE-2012-0457 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0457 [ 378 ] CVE-2012-0458 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0458 [ 379 ] CVE-2012-0459 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0459 [ 380 ] CVE-2012-0460 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0460 [ 381 ] CVE-2012-0461 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0461 [ 382 ] CVE-2012-0462 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0462 [ 383 ] CVE-2012-0463 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0463 [ 384 ] CVE-2012-0464 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0464 [ 385 ] CVE-2012-0467 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0467 [ 386 ] CVE-2012-0468 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0468 [ 387 ] CVE-2012-0469 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0469 [ 388 ] CVE-2012-0470 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0470 [ 389 ] CVE-2012-0471 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0471 [ 390 ] CVE-2012-0473 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0473 [ 391 ] CVE-2012-0474 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0474 [ 392 ] CVE-2012-0475 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0475 [ 393 ] CVE-2012-0477 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0477 [ 394 ] CVE-2012-0478 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0478 [ 395 ] CVE-2012-0479 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0479 [ 396 ] CVE-2012-1937 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1937 [ 397 ] CVE-2012-1938 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1938 [ 398 ] CVE-2012-1939 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1939 [ 399 ] CVE-2012-1940 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1940 [ 400 ] CVE-2012-1941 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1941 [ 401 ] CVE-2012-1945 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1945 [ 402 ] CVE-2012-1946 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1946 [ 403 ] CVE-2012-1947 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1947 [ 404 ] CVE-2012-1948 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1948 [ 405 ] CVE-2012-1949 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1949 [ 406 ] CVE-2012-1950 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1950 [ 407 ] CVE-2012-1951 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1951 [ 408 ] CVE-2012-1952 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1952 [ 409 ] CVE-2012-1953 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1953 [ 410 ] CVE-2012-1954 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1954 [ 411 ] CVE-2012-1955 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1955 [ 412 ] CVE-2012-1956 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1956 [ 413 ] CVE-2012-1957 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1957 [ 414 ] CVE-2012-1958 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1958 [ 415 ] CVE-2012-1959 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1959 [ 416 ] CVE-2012-1960 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1960 [ 417 ] CVE-2012-1961 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1961 [ 418 ] CVE-2012-1962 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1962 [ 419 ] CVE-2012-1963 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1963 [ 420 ] CVE-2012-1964 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1964 [ 421 ] CVE-2012-1965 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1965 [ 422 ] CVE-2012-1966 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1966 [ 423 ] CVE-2012-1967 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1967 [ 424 ] CVE-2012-1970 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1970 [ 425 ] CVE-2012-1971 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1971 [ 426 ] CVE-2012-1972 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1972 [ 427 ] CVE-2012-1973 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1973 [ 428 ] CVE-2012-1974 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1974 [ 429 ] CVE-2012-1975 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1975 [ 430 ] CVE-2012-1976 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1976 [ 431 ] CVE-2012-1994 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1994 [ 432 ] CVE-2012-3956 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3956 [ 433 ] CVE-2012-3957 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3957 [ 434 ] CVE-2012-3958 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3958 [ 435 ] CVE-2012-3959 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3959 [ 436 ] CVE-2012-3960 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3960 [ 437 ] CVE-2012-3961 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3961 [ 438 ] CVE-2012-3962 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3962 [ 439 ] CVE-2012-3963 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3963 [ 440 ] CVE-2012-3964 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3964 [ 441 ] CVE-2012-3965 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3965 [ 442 ] CVE-2012-3966 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3966 [ 443 ] CVE-2012-3967 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3967 [ 444 ] CVE-2012-3968 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3968 [ 445 ] CVE-2012-3969 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3969 [ 446 ] CVE-2012-3970 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3970 [ 447 ] CVE-2012-3971 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3971 [ 448 ] CVE-2012-3972 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3972 [ 449 ] CVE-2012-3973 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3973 [ 450 ] CVE-2012-3975 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3975 [ 451 ] CVE-2012-3976 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3976 [ 452 ] CVE-2012-3977 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3977 [ 453 ] CVE-2012-3978 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3978 [ 454 ] CVE-2012-3980 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3980 [ 455 ] CVE-2012-3982 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3982 [ 456 ] CVE-2012-3984 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3984 [ 457 ] CVE-2012-3985 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3985 [ 458 ] CVE-2012-3986 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3986 [ 459 ] CVE-2012-3988 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3988 [ 460 ] CVE-2012-3989 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3989 [ 461 ] CVE-2012-3990 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3990 [ 462 ] CVE-2012-3991 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3991 [ 463 ] CVE-2012-3992 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3992 [ 464 ] CVE-2012-3993 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3993 [ 465 ] CVE-2012-3994 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3994 [ 466 ] CVE-2012-3995 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3995 [ 467 ] CVE-2012-4179 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4179 [ 468 ] CVE-2012-4180 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4180 [ 469 ] CVE-2012-4181 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4181 [ 470 ] CVE-2012-4182 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4182 [ 471 ] CVE-2012-4183 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4183 [ 472 ] CVE-2012-4184 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4184 [ 473 ] CVE-2012-4185 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4185 [ 474 ] CVE-2012-4186 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4186 [ 475 ] CVE-2012-4187 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4187 [ 476 ] CVE-2012-4188 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4188 [ 477 ] CVE-2012-4190 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4190 [ 478 ] CVE-2012-4191 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4191 [ 479 ] CVE-2012-4192 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4192 [ 480 ] CVE-2012-4193 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4193 [ 481 ] CVE-2012-4194 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4194 [ 482 ] CVE-2012-4195 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4195 [ 483 ] CVE-2012-4196 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4196 [ 484 ] CVE-2012-4201 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4201 [ 485 ] CVE-2012-4202 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4202 [ 486 ] CVE-2012-4204 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4204 [ 487 ] CVE-2012-4205 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4205 [ 488 ] CVE-2012-4206 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4206 [ 489 ] CVE-2012-4207 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4207 [ 490 ] CVE-2012-4208 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4208 [ 491 ] CVE-2012-4209 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4209 [ 492 ] CVE-2012-4210 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4210 [ 493 ] CVE-2012-4212 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4212 [ 494 ] CVE-2012-4215 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4215 [ 495 ] CVE-2012-4216 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4216 [ 496 ] CVE-2012-5354 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5354 [ 497 ] CVE-2012-5829 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5829 [ 498 ] CVE-2012-5830 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5830 [ 499 ] CVE-2012-5833 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5833 [ 500 ] CVE-2012-5835 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5835 [ 501 ] CVE-2012-5836 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5836 [ 502 ] CVE-2012-5838 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5838 [ 503 ] CVE-2012-5839 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5839 [ 504 ] CVE-2012-5840 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5840 [ 505 ] CVE-2012-5841 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5841 [ 506 ] CVE-2012-5842 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5842 [ 507 ] CVE-2012-5843 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5843 [ 508 ] Firefox Blocking Fraudulent Certificates
http://blog.mozilla.org/security/2011/03/22/firefox-blocking-fraudulent-c= ertificates/ [ 509 ] Mozilla Foundation Security Advisory 2011-11 http://www.mozilla.org/security/announce/2011/mfsa2011-11.html [ 510 ] Mozilla Foundation Security Advisory 2011-34 http://www.mozilla.org/security/announce/2011/mfsa2011-34.html
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201301-01.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2013 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5 . ----------------------------------------------------------------------
Secunia is hiring!
http://secunia.com/company/jobs/
TITLE: SUSE update for MozillaFirefox, MozillaThunderbird, mozilla-xulrunner, and seamonkey
SECUNIA ADVISORY ID: SA44472
VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44472/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44472
RELEASE DATE: 2011-05-07
DISCUSS ADVISORY: http://secunia.com/advisories/44472/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)
http://secunia.com/advisories/44472/
ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=44472
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION: SUSE has issued an update for MozillaFirefox, MozillaThunderbird, mozilla-xulrunner, and seamonkey.
For more information: SA44357 SA44406
SOLUTION: Apply updated packages via the zypper package manager.
ORIGINAL ADVISORY: openSUSE-SU-2011:0437-1: http://lists.opensuse.org/opensuse-updates/2011-05/msg00005.html
SUSE-SA:2011:022: http://lists.opensuse.org/opensuse-security-announce/2011-05/msg00001.html
OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{
"affected_products": {
"_id": null,
"data": [
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 1.6,
"vendor": "mozilla",
"version": "1.5.1"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 1.6,
"vendor": "mozilla",
"version": "1.5.0.9"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 1.6,
"vendor": "mozilla",
"version": "1.5.2"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 1.6,
"vendor": "mozilla",
"version": "1.5.3"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 1.6,
"vendor": "mozilla",
"version": "1.5.0.8"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 1.6,
"vendor": "mozilla",
"version": "1.5.0.7"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 1.6,
"vendor": "mozilla",
"version": "1.5.0.10"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 1.6,
"vendor": "mozilla",
"version": "1.5.4"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 1.6,
"vendor": "mozilla",
"version": "1.5"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 1.6,
"vendor": "mozilla",
"version": "1.5.0.11"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 1.3,
"vendor": "mozilla",
"version": "3.6.14"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 1.3,
"vendor": "mozilla",
"version": "3.5.12"
},
{
"_id": null,
"model": "seamonkey",
"scope": "eq",
"trust": 1.3,
"vendor": "mozilla",
"version": "2.0.11"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 1.3,
"vendor": "mozilla",
"version": "3.6"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 1.3,
"vendor": "mozilla",
"version": "3.6.10"
},
{
"_id": null,
"model": "seamonkey",
"scope": "eq",
"trust": 1.3,
"vendor": "mozilla",
"version": "2.0.6"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 1.3,
"vendor": "mozilla",
"version": "3.6.7"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 1.3,
"vendor": "mozilla",
"version": "3.5.7"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 1.3,
"vendor": "mozilla",
"version": "3.6.2"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 1.3,
"vendor": "mozilla",
"version": "3.5.11"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 1.3,
"vendor": "mozilla",
"version": "3.5.10"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 1.3,
"vendor": "mozilla",
"version": "3.5.4"
},
{
"_id": null,
"model": "seamonkey",
"scope": "eq",
"trust": 1.3,
"vendor": "mozilla",
"version": "2.0.7"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 1.3,
"vendor": "mozilla",
"version": "3.6.12"
},
{
"_id": null,
"model": "seamonkey",
"scope": "eq",
"trust": 1.3,
"vendor": "mozilla",
"version": "2.0.5"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 1.3,
"vendor": "mozilla",
"version": "3.5.6"
},
{
"_id": null,
"model": "seamonkey",
"scope": "eq",
"trust": 1.3,
"vendor": "mozilla",
"version": "2.0.9"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 1.3,
"vendor": "mozilla",
"version": "3.5.9"
},
{
"_id": null,
"model": "seamonkey",
"scope": "eq",
"trust": 1.3,
"vendor": "mozilla",
"version": "2.0.12"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 1.3,
"vendor": "mozilla",
"version": "3.5.8"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 1.3,
"vendor": "mozilla",
"version": "3.5.2"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 1.3,
"vendor": "mozilla",
"version": "3.5.14"
},
{
"_id": null,
"model": "seamonkey",
"scope": "eq",
"trust": 1.3,
"vendor": "mozilla",
"version": "2.0"
},
{
"_id": null,
"model": "seamonkey",
"scope": "eq",
"trust": 1.3,
"vendor": "mozilla",
"version": "2.0.2"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 1.3,
"vendor": "mozilla",
"version": "3.5.3"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 1.3,
"vendor": "mozilla",
"version": "3.5.15"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 1.3,
"vendor": "mozilla",
"version": "3.6.4"
},
{
"_id": null,
"model": "seamonkey",
"scope": "eq",
"trust": 1.3,
"vendor": "mozilla",
"version": "2.0.1"
},
{
"_id": null,
"model": "seamonkey",
"scope": "eq",
"trust": 1.3,
"vendor": "mozilla",
"version": "2.0.4"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 1.3,
"vendor": "mozilla",
"version": "3.5"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 1.3,
"vendor": "mozilla",
"version": "3.5.16"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 1.3,
"vendor": "mozilla",
"version": "3.6.8"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 1.3,
"vendor": "mozilla",
"version": "3.6.6"
},
{
"_id": null,
"model": "seamonkey",
"scope": "eq",
"trust": 1.3,
"vendor": "mozilla",
"version": "2.0.10"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 1.3,
"vendor": "mozilla",
"version": "3.5.17"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 1.3,
"vendor": "mozilla",
"version": "3.6.13"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 1.3,
"vendor": "mozilla",
"version": "3.6.15"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 1.3,
"vendor": "mozilla",
"version": "3.5.13"
},
{
"_id": null,
"model": "seamonkey",
"scope": "eq",
"trust": 1.3,
"vendor": "mozilla",
"version": "2.0.3"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 1.3,
"vendor": "mozilla",
"version": "3.6.11"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 1.3,
"vendor": "mozilla",
"version": "3.6.9"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 1.3,
"vendor": "mozilla",
"version": "3.5.1"
},
{
"_id": null,
"model": "seamonkey",
"scope": "eq",
"trust": 1.3,
"vendor": "mozilla",
"version": "2.0.8"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 1.3,
"vendor": "mozilla",
"version": "3.6.16"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 1.3,
"vendor": "mozilla",
"version": "3.6.3"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 1.3,
"vendor": "mozilla",
"version": "3.5.5"
},
{
"_id": null,
"model": "seamonkey",
"scope": "lte",
"trust": 1.0,
"vendor": "mozilla",
"version": "2.0.13"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 1.0,
"vendor": "mozilla",
"version": "3.0.10"
},
{
"_id": null,
"model": "seamonkey",
"scope": "eq",
"trust": 1.0,
"vendor": "mozilla",
"version": "1.1.6"
},
{
"_id": null,
"model": "seamonkey",
"scope": "eq",
"trust": 1.0,
"vendor": "mozilla",
"version": "1.5.0.9"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 1.0,
"vendor": "mozilla",
"version": "1.5.0.3"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 1.0,
"vendor": "mozilla",
"version": "2.0.0.17"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 1.0,
"vendor": "mozilla",
"version": "1.0.3"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 1.0,
"vendor": "mozilla",
"version": "3.0.1"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 1.0,
"vendor": "mozilla",
"version": "3.0.16"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 1.0,
"vendor": "mozilla",
"version": "1.0.2"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 1.0,
"vendor": "mozilla",
"version": "1.0.6"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 1.0,
"vendor": "mozilla",
"version": "2.0.0.18"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 1.0,
"vendor": "mozilla",
"version": "3.0.3"
},
{
"_id": null,
"model": "seamonkey",
"scope": "eq",
"trust": 1.0,
"vendor": "mozilla",
"version": "1.1.2"
},
{
"_id": null,
"model": "seamonkey",
"scope": "eq",
"trust": 1.0,
"vendor": "mozilla",
"version": "1.0.7"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 1.0,
"vendor": "mozilla",
"version": "3.0.8"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 1.0,
"vendor": "mozilla",
"version": "1.5.0.2"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 1.0,
"vendor": "mozilla",
"version": "1.5.0.5"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 1.0,
"vendor": "mozilla",
"version": "2.0.0.3"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 1.0,
"vendor": "mozilla",
"version": "2.0.0.7"
},
{
"_id": null,
"model": "seamonkey",
"scope": "eq",
"trust": 1.0,
"vendor": "mozilla",
"version": "1.0.4"
},
{
"_id": null,
"model": "seamonkey",
"scope": "eq",
"trust": 1.0,
"vendor": "mozilla",
"version": "1.0.9"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 1.0,
"vendor": "mozilla",
"version": "1.5.0.6"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 1.0,
"vendor": "mozilla",
"version": "3.0.11"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 1.0,
"vendor": "mozilla",
"version": "3.0.12"
},
{
"_id": null,
"model": "seamonkey",
"scope": "eq",
"trust": 1.0,
"vendor": "mozilla",
"version": "1.1.16"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 1.0,
"vendor": "mozilla",
"version": "3.0.6"
},
{
"_id": null,
"model": "seamonkey",
"scope": "eq",
"trust": 1.0,
"vendor": "mozilla",
"version": "1.1.7"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 1.0,
"vendor": "mozilla",
"version": "1.5.7"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 1.0,
"vendor": "mozilla",
"version": "2.0.0.2"
},
{
"_id": null,
"model": "seamonkey",
"scope": "eq",
"trust": 1.0,
"vendor": "mozilla",
"version": "1.0.3"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 1.0,
"vendor": "mozilla",
"version": "1.5.0.4"
},
{
"_id": null,
"model": "seamonkey",
"scope": "eq",
"trust": 1.0,
"vendor": "mozilla",
"version": "1.0.2"
},
{
"_id": null,
"model": "seamonkey",
"scope": "eq",
"trust": 1.0,
"vendor": "mozilla",
"version": "1.5.0.10"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 1.0,
"vendor": "mozilla",
"version": "2.0.0.11"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 1.0,
"vendor": "mozilla",
"version": "2.0.0.13"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 1.0,
"vendor": "mozilla",
"version": "1.0.8"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 1.0,
"vendor": "mozilla",
"version": "2.0.0.16"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 1.0,
"vendor": "mozilla",
"version": "3.0.5"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 1.0,
"vendor": "mozilla",
"version": "3.0.7"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 1.0,
"vendor": "mozilla",
"version": "2.0.0.20"
},
{
"_id": null,
"model": "seamonkey",
"scope": "eq",
"trust": 1.0,
"vendor": "mozilla",
"version": "1.1.12"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 1.0,
"vendor": "mozilla",
"version": "1.5.8"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 1.0,
"vendor": "mozilla",
"version": "2.0.0.1"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 1.0,
"vendor": "mozilla",
"version": "2.0.0.9"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 1.0,
"vendor": "mozilla",
"version": "1.0.4"
},
{
"_id": null,
"model": "seamonkey",
"scope": "eq",
"trust": 1.0,
"vendor": "mozilla",
"version": "1.1.9"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 1.0,
"vendor": "mozilla",
"version": "3.0.14"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 1.0,
"vendor": "mozilla",
"version": "3.0"
},
{
"_id": null,
"model": "seamonkey",
"scope": "eq",
"trust": 1.0,
"vendor": "mozilla",
"version": "1.1.4"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 1.0,
"vendor": "mozilla",
"version": "2.0.0.19"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 1.0,
"vendor": "mozilla",
"version": "1.5.5"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 1.0,
"vendor": "mozilla",
"version": "2.0"
},
{
"_id": null,
"model": "seamonkey",
"scope": "eq",
"trust": 1.0,
"vendor": "mozilla",
"version": "1.1.5"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 1.0,
"vendor": "mozilla",
"version": "1.0"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 1.0,
"vendor": "mozilla",
"version": "1.0.5"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 1.0,
"vendor": "mozilla",
"version": "2.0.0.5"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 1.0,
"vendor": "mozilla",
"version": "2.0.0.14"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 1.0,
"vendor": "mozilla",
"version": "3.0.2"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 1.0,
"vendor": "mozilla",
"version": "3.0.15"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 1.0,
"vendor": "mozilla",
"version": "2.0.0.15"
},
{
"_id": null,
"model": "seamonkey",
"scope": "eq",
"trust": 1.0,
"vendor": "mozilla",
"version": "1.1.18"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 1.0,
"vendor": "mozilla",
"version": "2.0.0.10"
},
{
"_id": null,
"model": "seamonkey",
"scope": "eq",
"trust": 1.0,
"vendor": "mozilla",
"version": "1.0.8"
},
{
"_id": null,
"model": "seamonkey",
"scope": "eq",
"trust": 1.0,
"vendor": "mozilla",
"version": "1.1.19"
},
{
"_id": null,
"model": "seamonkey",
"scope": "eq",
"trust": 1.0,
"vendor": "mozilla",
"version": "1.1.10"
},
{
"_id": null,
"model": "seamonkey",
"scope": "eq",
"trust": 1.0,
"vendor": "mozilla",
"version": "1.1.15"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 1.0,
"vendor": "mozilla",
"version": "1.0.1"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 1.0,
"vendor": "mozilla",
"version": "3.0.13"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 1.0,
"vendor": "mozilla",
"version": "2.0.0.4"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 1.0,
"vendor": "mozilla",
"version": "2.0.0.12"
},
{
"_id": null,
"model": "seamonkey",
"scope": "eq",
"trust": 1.0,
"vendor": "mozilla",
"version": "1.1.1"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 1.0,
"vendor": "mozilla",
"version": "3.0.4"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 1.0,
"vendor": "mozilla",
"version": "3.0.9"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 1.0,
"vendor": "mozilla",
"version": "1.5.0.1"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 1.0,
"vendor": "mozilla",
"version": "2.0.0.8"
},
{
"_id": null,
"model": "seamonkey",
"scope": "eq",
"trust": 1.0,
"vendor": "mozilla",
"version": "1.1.11"
},
{
"_id": null,
"model": "seamonkey",
"scope": "eq",
"trust": 1.0,
"vendor": "mozilla",
"version": "1.1.8"
},
{
"_id": null,
"model": "seamonkey",
"scope": "eq",
"trust": 1.0,
"vendor": "mozilla",
"version": "1.0.6"
},
{
"_id": null,
"model": "seamonkey",
"scope": "eq",
"trust": 1.0,
"vendor": "mozilla",
"version": "1.5.0.8"
},
{
"_id": null,
"model": "seamonkey",
"scope": "eq",
"trust": 1.0,
"vendor": "mozilla",
"version": "1.1"
},
{
"_id": null,
"model": "seamonkey",
"scope": "eq",
"trust": 1.0,
"vendor": "mozilla",
"version": "1.0"
},
{
"_id": null,
"model": "seamonkey",
"scope": "eq",
"trust": 1.0,
"vendor": "mozilla",
"version": "1.0.5"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 1.0,
"vendor": "mozilla",
"version": "1.0.7"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 1.0,
"vendor": "mozilla",
"version": "2.0.0.6"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 1.0,
"vendor": "mozilla",
"version": "1.5.0.12"
},
{
"_id": null,
"model": "seamonkey",
"scope": "eq",
"trust": 1.0,
"vendor": "mozilla",
"version": "1.1.14"
},
{
"_id": null,
"model": "seamonkey",
"scope": "eq",
"trust": 1.0,
"vendor": "mozilla",
"version": "1.1.13"
},
{
"_id": null,
"model": "firefox",
"scope": "lte",
"trust": 1.0,
"vendor": "mozilla",
"version": "3.5.18"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 1.0,
"vendor": "mozilla",
"version": "3.0.17"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 1.0,
"vendor": "mozilla",
"version": "1.5.6"
},
{
"_id": null,
"model": "seamonkey",
"scope": "eq",
"trust": 1.0,
"vendor": "mozilla",
"version": "1.1.3"
},
{
"_id": null,
"model": "seamonkey",
"scope": "eq",
"trust": 1.0,
"vendor": "mozilla",
"version": "1.1.17"
},
{
"_id": null,
"model": "seamonkey",
"scope": "eq",
"trust": 1.0,
"vendor": "mozilla",
"version": "1.0.1"
},
{
"_id": null,
"model": "firefox",
"scope": "lt",
"trust": 0.8,
"vendor": "mozilla",
"version": "3.5.19"
},
{
"_id": null,
"model": "firefox",
"scope": "lt",
"trust": 0.8,
"vendor": "mozilla",
"version": "3.6.17"
},
{
"_id": null,
"model": "seamonkey",
"scope": "lt",
"trust": 0.8,
"vendor": "mozilla",
"version": "2.0.14"
},
{
"_id": null,
"model": "linux x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "13.0"
},
{
"_id": null,
"model": "linux enterprise sdk sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.5.18"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "12.2"
},
{
"_id": null,
"model": "enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "5"
},
{
"_id": null,
"model": "seamonkey",
"scope": "ne",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.0.14"
},
{
"_id": null,
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "11.3"
},
{
"_id": null,
"model": "seamonkey",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.0.13"
},
{
"_id": null,
"model": "seamonkey rc1",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.0"
},
{
"_id": null,
"model": "linux enterprise sdk sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"_id": null,
"model": "linux x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "13.37"
},
{
"_id": null,
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "11.4"
},
{
"_id": null,
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2010.0"
},
{
"_id": null,
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2009.0"
},
{
"_id": null,
"model": "linux -current",
"scope": null,
"trust": 0.3,
"vendor": "slackware",
"version": null
},
{
"_id": null,
"model": "linux enterprise desktop sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "13.1"
},
{
"_id": null,
"model": "seamonkey beta",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.01"
},
{
"_id": null,
"model": "linux enterprise server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "13.37"
},
{
"_id": null,
"model": "seamonkey alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.02"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "13.0"
},
{
"_id": null,
"model": "linux enterprise server sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"_id": null,
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2010.1"
},
{
"_id": null,
"model": "firefox beta",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.62"
},
{
"_id": null,
"model": "linux enterprise server sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"_id": null,
"model": "seamonkey alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.01"
},
{
"_id": null,
"model": "seamonkey alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.03"
},
{
"_id": null,
"model": "seamonkey rc2",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.0"
},
{
"_id": null,
"model": "firefox",
"scope": "ne",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.6.17"
},
{
"_id": null,
"model": "firefox beta",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.63"
},
{
"_id": null,
"model": "linux enterprise desktop sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"_id": null,
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "11.2"
},
{
"_id": null,
"model": "firefox",
"scope": "ne",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.5.19"
},
{
"_id": null,
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2010.0"
},
{
"_id": null,
"model": "enterprise server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "5"
},
{
"_id": null,
"model": "seamonkey beta",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.02"
},
{
"_id": null,
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2009.0"
},
{
"_id": null,
"model": "linux x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "13.1"
},
{
"_id": null,
"model": "linux x86 64 -current",
"scope": null,
"trust": 0.3,
"vendor": "slackware",
"version": null
},
{
"_id": null,
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2010.1"
}
],
"sources": [
{
"db": "BID",
"id": "47660"
},
{
"db": "CNNVD",
"id": "CNNVD-201105-083"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001615"
},
{
"db": "NVD",
"id": "CVE-2011-0076"
}
]
},
"configurations": {
"_id": null,
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:mozilla:firefox",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:mozilla:seamonkey",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2011-001615"
}
]
},
"credits": {
"_id": null,
"data": "David Remahl",
"sources": [
{
"db": "BID",
"id": "47660"
}
],
"trust": 0.3
},
"cve": "CVE-2011-0076",
"cvss": {
"_id": null,
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2011-0076",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-48021",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2011-0076",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2011-0076",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201105-083",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-48021",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-48021"
},
{
"db": "CNNVD",
"id": "CNNVD-201105-083"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001615"
},
{
"db": "NVD",
"id": "CVE-2011-0076"
}
]
},
"description": {
"_id": null,
"data": "Unspecified vulnerability in the Java Embedding Plugin (JEP) in Mozilla Firefox before 3.5.19 and 3.6.x before 3.6.17, and SeaMonkey before 2.0.14, on Mac OS X allows remote attackers to bypass intended access restrictions via unknown vectors. Mozilla Firefox and SeaMonkey are prone to a privilege-escalation vulnerability. \nAn attacker can exploit this issue by enticing an unsuspecting user into viewing malicious content. A successful exploit will result in the execution of arbitrary attacker-supplied code with elevated privileges. Failed exploit attempts will likely result in denial-of-service conditions. \nThis issue is fixed in:\nFirefox 3.6.17\nFirefox 3.5.19\nSeaMonkey 2.0.14\nNOTE: This issue was previously discussed in BID 47635 (Mozilla Firefox/Thunderbird/SeaMonkey MFSA 2011-12 through -18 Multiple Vulnerabilities) but has been moved to its own record to better document it. Firefox is a very popular open source web browser. SeaMonkey is an open source web browser, mail and newsgroup client, IRC session client, and HTML editor. Remote attackers can use unknown vectors to bypass preset access restrictions. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n _______________________________________________________________________\n\n Mandriva Linux Security Advisory MDVSA-2011:079\n http://www.mandriva.com/security/\n _______________________________________________________________________\n\n Package : firefox\n Date : April 30, 2011\n Affected: 2009.0, 2010.0, 2010.1, Enterprise Server 5.0\n _______________________________________________________________________\n\n Problem Description:\n\n Chris Evans of the Chrome Security Team reported that the XSLT\n generate-id() function returned a string that revealed a specific valid\n address of an object on the memory heap. It is possible that in some\n cases this address would be valuable information that could be used\n by an attacker while exploiting a different memory corruption but,\n in order to make an exploit more reliable or work around mitigation\n features in the browser or operating system (CVE-2011-1202). \n \n Security researcher Soroush Dalili reported that the resource:\n protocol could be exploited to allow directory traversal on\n Windows and the potential loading of resources from non-permitted\n locations. The impact would depend on whether interesting files\n existed in predictable locations in a useful format. For example,\n the existence or non-existence of particular images might indicate\n whether certain software was installed (CVE-2011-0071). \n \n Security researcher Paul Stone reported that a Java applet could be\n used to mimic interaction with form autocomplete controls and steal\n entries from the form history (CVE-2011-0067). \n \n Security researcher regenrecht reported several dangling pointer\n vulnerabilities via TippingPoint\u0026#039;s Zero Day Initiative (CVE-2011-0065,\n CVE-2011-0066, CVE-2011-0073). \n \n Mozilla developers identified and fixed several memory safety\n bugs in the browser engine used in Firefox and other Mozilla-based\n products. Some of these bugs showed evidence of memory corruption under\n certain circumstances, and we presume that with enough effort at least\n some of these could be exploited to run arbitrary code (CVE-2011-0081,\n CVE-2011-0069, CVE-2011-0070, CVE-2011-0080, CVE-2011-0074,\n CVE-2011-0075, CVE-2011-0077, CVE-2011-0078, CVE-2011-0072). \n \n Additionally the sqlite3 packages were upgraded to the 3.7.6.2\n version. A new package that provides /usr/bin/lemon was added. The\n lemon software was previousely provided with sqlite3 and is used in\n some cases when building php. \n \n Packages for 2009.0 are provided as of the Extended Maintenance\n Program. Please visit this link to learn more:\n http://store.mandriva.com/product_info.php?cPath=149\u0026amp;products_id=490\n \n Additionally, some packages which require so, have been rebuilt and\n are being provided as updates. \n _______________________________________________________________________\n\n References:\n\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1202\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0071\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0076\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0067\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0065\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0066\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0073\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0081\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0069\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0070\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0080\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0074\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0075\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0077\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0078\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0072\n http://www.mozilla.org/security/known-vulnerabilities/firefox36.html#firefox3.6.17\n _______________________________________________________________________\n\n Updated Packages:\n\n Mandriva Linux 2009.0:\n 2973de477d7455b08bbe09f5a570f6aa 2009.0/i586/beagle-0.3.8-13.36mdv2009.0.i586.rpm\n 7e198710e98eed5835de55a07bcc645d 2009.0/i586/beagle-crawl-system-0.3.8-13.36mdv2009.0.i586.rpm\n a9955422fa8f5e70cee6df6a3b9fae7c 2009.0/i586/beagle-doc-0.3.8-13.36mdv2009.0.i586.rpm\n 23513c8d7d383f3b0d20902b30d11790 2009.0/i586/beagle-epiphany-0.3.8-13.36mdv2009.0.i586.rpm\n 391f72db4d9b334fed1b3d33306ee55f 2009.0/i586/beagle-evolution-0.3.8-13.36mdv2009.0.i586.rpm\n 7311810525b3483b8754ecc4390033e6 2009.0/i586/beagle-gui-0.3.8-13.36mdv2009.0.i586.rpm\n 935fdbace81371b2eea685f037caff00 2009.0/i586/beagle-gui-qt-0.3.8-13.36mdv2009.0.i586.rpm\n 8ca9aa9f40e44a872cf0befa74789302 2009.0/i586/beagle-libs-0.3.8-13.36mdv2009.0.i586.rpm\n cabf1109de711d8b8b144501263d6d9a 2009.0/i586/devhelp-0.21-3.25mdv2009.0.i586.rpm\n 5d49d110ca039207523256b93ca0aefb 2009.0/i586/devhelp-plugins-0.21-3.25mdv2009.0.i586.rpm\n 9da6dcff3078fda7f7b78843400051b7 2009.0/i586/epiphany-2.24.3-0.14mdv2009.0.i586.rpm\n 0ac6148e0be68f6c9ae8263c1399769e 2009.0/i586/epiphany-devel-2.24.3-0.14mdv2009.0.i586.rpm\n 0f1ff7a4bfc2067c89b66fd98e62e8f9 2009.0/i586/firefox-3.6.17-0.1mdv2009.0.i586.rpm\n 68c6d5e2860f7c24f4af09bc313f5164 2009.0/i586/firefox-af-3.6.17-0.1mdv2009.0.i586.rpm\n 2a63cbcbd840c1ba22ac317e44c36f80 2009.0/i586/firefox-ar-3.6.17-0.1mdv2009.0.i586.rpm\n 00bca75faebfbd49825d0b03580f5123 2009.0/i586/firefox-be-3.6.17-0.1mdv2009.0.i586.rpm\n db03eca0613b52f2f077279d6883a0d5 2009.0/i586/firefox-bg-3.6.17-0.1mdv2009.0.i586.rpm\n 4a552121865938a8912a68de5dab9be6 2009.0/i586/firefox-bn-3.6.17-0.1mdv2009.0.i586.rpm\n 8f7d1c3f2f79f1d25d14a3cd8d6401e3 2009.0/i586/firefox-ca-3.6.17-0.1mdv2009.0.i586.rpm\n 228db324dd6cdd307fcf4642c63b48bb 2009.0/i586/firefox-cs-3.6.17-0.1mdv2009.0.i586.rpm\n 948c6ebab830b48a173c471a1b8526a8 2009.0/i586/firefox-cy-3.6.17-0.1mdv2009.0.i586.rpm\n 7472f143a13da640d052c40977a027df 2009.0/i586/firefox-da-3.6.17-0.1mdv2009.0.i586.rpm\n a40f6c2977f79caa31e87d09169d1a0e 2009.0/i586/firefox-de-3.6.17-0.1mdv2009.0.i586.rpm\n 3861628556d0d7b4a3c8200cbd0dc8d3 2009.0/i586/firefox-devel-3.6.17-0.1mdv2009.0.i586.rpm\n 3571fa7c7e0cc159ec27d13bbcd18afb 2009.0/i586/firefox-el-3.6.17-0.1mdv2009.0.i586.rpm\n 71ed13d932446cd071f57370f1c67993 2009.0/i586/firefox-en_GB-3.6.17-0.1mdv2009.0.i586.rpm\n 7204644845d2f0516c8231604e51be06 2009.0/i586/firefox-eo-3.6.17-0.1mdv2009.0.i586.rpm\n a304223e23e5ae9d862606aa64eb0473 2009.0/i586/firefox-es_AR-3.6.17-0.1mdv2009.0.i586.rpm\n e10040850cae86538b035f5795147359 2009.0/i586/firefox-es_ES-3.6.17-0.1mdv2009.0.i586.rpm\n 0da9a35d0287fe8537e50aad67864861 2009.0/i586/firefox-et-3.6.17-0.1mdv2009.0.i586.rpm\n e433dcf9f297d3468d02e34c1cdec2f7 2009.0/i586/firefox-eu-3.6.17-0.1mdv2009.0.i586.rpm\n b8c6a66f15cda3f88e41d251e492b766 2009.0/i586/firefox-ext-beagle-0.3.8-13.36mdv2009.0.i586.rpm\n 298ffb6cb4907c8fed7013bc1cd8b7cd 2009.0/i586/firefox-ext-blogrovr-1.1.804-0.13mdv2009.0.i586.rpm\n 346f393bb67e5b07d7f5da620f0a7cfd 2009.0/i586/firefox-ext-mozvoikko-1.0-0.13mdv2009.0.i586.rpm\n c5549d686d3cf1af3f1af6e76d53710d 2009.0/i586/firefox-ext-scribefire-3.5.1-0.13mdv2009.0.i586.rpm\n b0bb514e6bc44941c257ab9e9a4886ce 2009.0/i586/firefox-ext-xmarks-3.5.10-0.13mdv2009.0.i586.rpm\n 45513fb325474a1ab238f0603e277f53 2009.0/i586/firefox-fi-3.6.17-0.1mdv2009.0.i586.rpm\n f779393326b33faac80b0464423de6b2 2009.0/i586/firefox-fr-3.6.17-0.1mdv2009.0.i586.rpm\n 53410f5a375a58acf74911b4455408a2 2009.0/i586/firefox-fy-3.6.17-0.1mdv2009.0.i586.rpm\n b3839dd9b19d38c42ea35a44d618a9c6 2009.0/i586/firefox-ga_IE-3.6.17-0.1mdv2009.0.i586.rpm\n e05ece41e912c28410ce8c4d5e7aac09 2009.0/i586/firefox-gl-3.6.17-0.1mdv2009.0.i586.rpm\n 586386851fbe0a16b578cd9cb6268440 2009.0/i586/firefox-gu_IN-3.6.17-0.1mdv2009.0.i586.rpm\n 854c678ffd13330aec33447c9b197769 2009.0/i586/firefox-he-3.6.17-0.1mdv2009.0.i586.rpm\n 017389c95a4b6c2d073d318180d5e384 2009.0/i586/firefox-hi-3.6.17-0.1mdv2009.0.i586.rpm\n 155b3dd9f3d4df8d171c66a304d2fd85 2009.0/i586/firefox-hu-3.6.17-0.1mdv2009.0.i586.rpm\n 7ba221d915d86a7ff40021d37cbfe985 2009.0/i586/firefox-id-3.6.17-0.1mdv2009.0.i586.rpm\n 39130b124a73caef8f2b4f9aa6b0e61a 2009.0/i586/firefox-is-3.6.17-0.1mdv2009.0.i586.rpm\n b71974aed5edda2cc0e65000df3a1011 2009.0/i586/firefox-it-3.6.17-0.1mdv2009.0.i586.rpm\n 07a88fe9d9beb8ba7b5ee9936f347dc5 2009.0/i586/firefox-ja-3.6.17-0.1mdv2009.0.i586.rpm\n fe09ec733d5edede980b81e3bb1a9809 2009.0/i586/firefox-ka-3.6.17-0.1mdv2009.0.i586.rpm\n 1f54c7528e5b7ce3b9b85cfa8e875640 2009.0/i586/firefox-kn-3.6.17-0.1mdv2009.0.i586.rpm\n a217105802753a4f9d7ed341a1192f63 2009.0/i586/firefox-ko-3.6.17-0.1mdv2009.0.i586.rpm\n c42801fa51cdf12a07d3afd8f65be5ff 2009.0/i586/firefox-ku-3.6.17-0.1mdv2009.0.i586.rpm\n fdb5ff5c53e6290f5e543cbbc80f0782 2009.0/i586/firefox-lt-3.6.17-0.1mdv2009.0.i586.rpm\n a42d147c886a87428e1433081f8fab98 2009.0/i586/firefox-lv-3.6.17-0.1mdv2009.0.i586.rpm\n 3c9a81ffc3597e21448f5f5a9485b399 2009.0/i586/firefox-mk-3.6.17-0.1mdv2009.0.i586.rpm\n 799700985d71360d86de7372d0cf0364 2009.0/i586/firefox-mr-3.6.17-0.1mdv2009.0.i586.rpm\n 8540e2fd37d7e577fa9c770af9360b60 2009.0/i586/firefox-nb_NO-3.6.17-0.1mdv2009.0.i586.rpm\n 26dbb0a70d552a636dfb22d7725859c2 2009.0/i586/firefox-nl-3.6.17-0.1mdv2009.0.i586.rpm\n c76027df052ae1cc125e798b07fb9a83 2009.0/i586/firefox-nn_NO-3.6.17-0.1mdv2009.0.i586.rpm\n 60a2f1bd57c903e7c66c5905e8e192a9 2009.0/i586/firefox-oc-3.6.17-0.1mdv2009.0.i586.rpm\n a0ce0cff62e5217e50ced505dc22261a 2009.0/i586/firefox-pa_IN-3.6.17-0.1mdv2009.0.i586.rpm\n 67346320e8159a7c1a351482ae832fdd 2009.0/i586/firefox-pl-3.6.17-0.1mdv2009.0.i586.rpm\n fc448d8eec4340436fa55350a91a4f24 2009.0/i586/firefox-pt_BR-3.6.17-0.1mdv2009.0.i586.rpm\n cf72d6ad8a417fd724e52210bf509b74 2009.0/i586/firefox-pt_PT-3.6.17-0.1mdv2009.0.i586.rpm\n 34ea987f1a28427acd00f07b97038890 2009.0/i586/firefox-ro-3.6.17-0.1mdv2009.0.i586.rpm\n 305033f355f87f0b4b567d6b7563354e 2009.0/i586/firefox-ru-3.6.17-0.1mdv2009.0.i586.rpm\n 3c40b9a2484cdabd87784fe09661ecb8 2009.0/i586/firefox-si-3.6.17-0.1mdv2009.0.i586.rpm\n 7aa26e6bb6d954a5ad008c1e3d909cbc 2009.0/i586/firefox-sk-3.6.17-0.1mdv2009.0.i586.rpm\n 3f23f9c83f414de0059cb60eebf8d850 2009.0/i586/firefox-sl-3.6.17-0.1mdv2009.0.i586.rpm\n f5e77819022ca51867af2a8d34f2a066 2009.0/i586/firefox-sq-3.6.17-0.1mdv2009.0.i586.rpm\n ab6de80851e9b39524a1a9e50508f4b6 2009.0/i586/firefox-sr-3.6.17-0.1mdv2009.0.i586.rpm\n e3e2d2e7c58ea80d9e518f50f75e11bb 2009.0/i586/firefox-sv_SE-3.6.17-0.1mdv2009.0.i586.rpm\n 7889dfad70b01797357808b0efd4181a 2009.0/i586/firefox-te-3.6.17-0.1mdv2009.0.i586.rpm\n 8eb35b7fb3d9717269d656ab0af66d85 2009.0/i586/firefox-th-3.6.17-0.1mdv2009.0.i586.rpm\n db344c8f85860dc0939ae13cfc0a73ef 2009.0/i586/firefox-theme-kfirefox-0.16-0.13mdv2009.0.i586.rpm\n b7cbe47a64595ec5c8e323727885eb8c 2009.0/i586/firefox-tr-3.6.17-0.1mdv2009.0.i586.rpm\n 63c912c7c72a2683fd2749f5a643709e 2009.0/i586/firefox-uk-3.6.17-0.1mdv2009.0.i586.rpm\n 445eec8f6167567b32046e16d1e4a8ac 2009.0/i586/firefox-zh_CN-3.6.17-0.1mdv2009.0.i586.rpm\n 36de2012d0dc81e1636912aebe714cd7 2009.0/i586/firefox-zh_TW-3.6.17-0.1mdv2009.0.i586.rpm\n fea435facb5a727a1769b95ffdd6b7d1 2009.0/i586/gnome-python-extras-2.19.1-20.27mdv2009.0.i586.rpm\n 44d5541c188e831160c627682823285d 2009.0/i586/gnome-python-gda-2.19.1-20.27mdv2009.0.i586.rpm\n 09de2acc67f26df4996b244fb720a865 2009.0/i586/gnome-python-gda-devel-2.19.1-20.27mdv2009.0.i586.rpm\n d78dbc547deafba5525ddef72093099b 2009.0/i586/gnome-python-gdl-2.19.1-20.27mdv2009.0.i586.rpm\n aaefe570ba5819e6afa4fd49425fdf57 2009.0/i586/gnome-python-gtkhtml2-2.19.1-20.27mdv2009.0.i586.rpm\n 5868123938a14c88ce61b2604c7ea252 2009.0/i586/gnome-python-gtkmozembed-2.19.1-20.27mdv2009.0.i586.rpm\n f7e7eb05f7b7fc09db698dc47c187bb5 2009.0/i586/gnome-python-gtkspell-2.19.1-20.27mdv2009.0.i586.rpm\n 79225cceef1a08a2d7297d088e7b97b4 2009.0/i586/lemon-3.7.4-0.1mdv2009.0.i586.rpm\n 2c2f28010934dde726a22971771369b9 2009.0/i586/libdevhelp-1_0-0.21-3.25mdv2009.0.i586.rpm\n 7b6cb5ee62261c8f871c1ad99ca5b635 2009.0/i586/libdevhelp-1-devel-0.21-3.25mdv2009.0.i586.rpm\n 497c932d9820cc1699102646d2ef218b 2009.0/i586/libsqlite3_0-3.7.6.2-0.1mdv2009.0.i586.rpm\n fba77facd31656c25a044fedb3ffe3b5 2009.0/i586/libsqlite3-devel-3.7.6.2-0.1mdv2009.0.i586.rpm\n 530c270b9dd5e1a8c9e678bafedc6d53 2009.0/i586/libsqlite3-static-devel-3.7.6.2-0.1mdv2009.0.i586.rpm\n 9dd3cb1007979e629daa0d27f78be530 2009.0/i586/libxulrunner1.9.2.17-1.9.2.17-0.1mdv2009.0.i586.rpm\n 46b0fbc1b5e027120083a1ffd58605a8 2009.0/i586/libxulrunner-devel-1.9.2.17-0.1mdv2009.0.i586.rpm\n ad5e3d1ffd7382f012a9d57c4fa702e8 2009.0/i586/mozilla-thunderbird-beagle-0.3.8-13.36mdv2009.0.i586.rpm\n adad587299352a74e675cface6154638 2009.0/i586/sqlite3-tools-3.7.6.2-0.1mdv2009.0.i586.rpm\n aeb059de62194445a32c7de36faa9e2e 2009.0/i586/xulrunner-1.9.2.17-0.1mdv2009.0.i586.rpm\n a5caae640a02076364fdd8c189794478 2009.0/i586/yelp-2.24.0-3.28mdv2009.0.i586.rpm \n 0972d520d57df45393b0aef2da4b12ee 2009.0/SRPMS/beagle-0.3.8-13.36mdv2009.0.src.rpm\n 3f8b8f723797f0fbbb5e0264bac2bfbf 2009.0/SRPMS/devhelp-0.21-3.25mdv2009.0.src.rpm\n ebbdbeb5e3ccb2fe3f424a327eb475ef 2009.0/SRPMS/epiphany-2.24.3-0.14mdv2009.0.src.rpm\n 3350215ced82f1bcf19a8e8188bf0a61 2009.0/SRPMS/firefox-3.6.17-0.1mdv2009.0.src.rpm\n f11029532df82e7923c4b096af98d3f0 2009.0/SRPMS/firefox-ext-blogrovr-1.1.804-0.13mdv2009.0.src.rpm\n 5aca99c0285a4412ecf02cf6bf946801 2009.0/SRPMS/firefox-ext-mozvoikko-1.0-0.13mdv2009.0.src.rpm\n dbb411ce9ba2dc5416b53aea4c6641ae 2009.0/SRPMS/firefox-ext-scribefire-3.5.1-0.13mdv2009.0.src.rpm\n 96e289aef5dd3795e776125a93b9a11e 2009.0/SRPMS/firefox-ext-xmarks-3.5.10-0.13mdv2009.0.src.rpm\n 8681188142a3360b17eae804219d934e 2009.0/SRPMS/firefox-l10n-3.6.17-0.1mdv2009.0.src.rpm\n 0b632cc0d32c20cb4c7458c7c20b0bcf 2009.0/SRPMS/firefox-theme-kfirefox-0.16-0.13mdv2009.0.src.rpm\n 82b1d9b926a7a183edd6ee0b39ee9fd8 2009.0/SRPMS/gnome-python-extras-2.19.1-20.27mdv2009.0.src.rpm\n 5bffe9ac14aabf83ea8b5c79f0e8e33f 2009.0/SRPMS/lemon-3.7.4-0.1mdv2009.0.src.rpm\n aa8e2dcac3269d9836f3dade77086e7f 2009.0/SRPMS/sqlite3-3.7.6.2-0.1mdv2009.0.src.rpm\n fba6a9ca071ee5648b373d678d67e352 2009.0/SRPMS/xulrunner-1.9.2.17-0.1mdv2009.0.src.rpm\n 4dc1a3719ef51d45d3af0be61950aef7 2009.0/SRPMS/yelp-2.24.0-3.28mdv2009.0.src.rpm\n\n Mandriva Linux 2009.0/X86_64:\n b032aed8693b94bf0b5f457b0e7c3eb7 2009.0/x86_64/beagle-0.3.8-13.36mdv2009.0.x86_64.rpm\n 2fac29c992cd8be8892a4fb91d380336 2009.0/x86_64/beagle-crawl-system-0.3.8-13.36mdv2009.0.x86_64.rpm\n 055ef55bb8a468a5ec17e87a93a58b0d 2009.0/x86_64/beagle-doc-0.3.8-13.36mdv2009.0.x86_64.rpm\n 3fcee0a627224a9387b748a4abc461d5 2009.0/x86_64/beagle-epiphany-0.3.8-13.36mdv2009.0.x86_64.rpm\n 51976fc9309a41ca1ea61541110240b2 2009.0/x86_64/beagle-evolution-0.3.8-13.36mdv2009.0.x86_64.rpm\n a61243e5f9c5e0758dbfc4bc07b4dc84 2009.0/x86_64/beagle-gui-0.3.8-13.36mdv2009.0.x86_64.rpm\n 0a61952ef1924995be127129a149fbdf 2009.0/x86_64/beagle-gui-qt-0.3.8-13.36mdv2009.0.x86_64.rpm\n 734beb1bd9073dd56e5c2088213b7967 2009.0/x86_64/beagle-libs-0.3.8-13.36mdv2009.0.x86_64.rpm\n 595c25f3843781372230c07b5b33a442 2009.0/x86_64/devhelp-0.21-3.25mdv2009.0.x86_64.rpm\n 475b50ca8b0fbfeb52b09be5b92ed7ae 2009.0/x86_64/devhelp-plugins-0.21-3.25mdv2009.0.x86_64.rpm\n 8ddc7628fe244b65a69d4f40cc2f6c53 2009.0/x86_64/epiphany-2.24.3-0.14mdv2009.0.x86_64.rpm\n e7ae117ed437ad50e8d723818bc05ff9 2009.0/x86_64/epiphany-devel-2.24.3-0.14mdv2009.0.x86_64.rpm\n 04e2c0401ba7286141e292d0f4be0c6a 2009.0/x86_64/firefox-3.6.17-0.1mdv2009.0.x86_64.rpm\n e77f3b52a818b35b3b06f6a441221022 2009.0/x86_64/firefox-af-3.6.17-0.1mdv2009.0.x86_64.rpm\n ca49e550e4970bd20ec5e13d455b7657 2009.0/x86_64/firefox-ar-3.6.17-0.1mdv2009.0.x86_64.rpm\n 85ab3b431c7de6d7346f2af80724a1e3 2009.0/x86_64/firefox-be-3.6.17-0.1mdv2009.0.x86_64.rpm\n 9ac78224cc072b8a865eb57ccb44424d 2009.0/x86_64/firefox-bg-3.6.17-0.1mdv2009.0.x86_64.rpm\n 730388eccf9f9828f64af196ee86c5a6 2009.0/x86_64/firefox-bn-3.6.17-0.1mdv2009.0.x86_64.rpm\n 58a3decd3e3a3886a19dc40fb820941b 2009.0/x86_64/firefox-ca-3.6.17-0.1mdv2009.0.x86_64.rpm\n 5a90624d3518ba36ec55eb2a6420204b 2009.0/x86_64/firefox-cs-3.6.17-0.1mdv2009.0.x86_64.rpm\n db24b27132cb8dca3ea45ebcb6071712 2009.0/x86_64/firefox-cy-3.6.17-0.1mdv2009.0.x86_64.rpm\n a022a90fe3a6cca94340efcecb5001fe 2009.0/x86_64/firefox-da-3.6.17-0.1mdv2009.0.x86_64.rpm\n 4d59bf79a75d8213efc9a8f42357c4fe 2009.0/x86_64/firefox-de-3.6.17-0.1mdv2009.0.x86_64.rpm\n b20662cb8b1635f251d57a0833f9093e 2009.0/x86_64/firefox-devel-3.6.17-0.1mdv2009.0.x86_64.rpm\n 4c4cff9e136d5174633caf87334cd9cb 2009.0/x86_64/firefox-el-3.6.17-0.1mdv2009.0.x86_64.rpm\n 93bf8ba5a8e93c7006811d353d4c4f3d 2009.0/x86_64/firefox-en_GB-3.6.17-0.1mdv2009.0.x86_64.rpm\n a8b2021a6a9677c75f8ed5af7ccf9093 2009.0/x86_64/firefox-eo-3.6.17-0.1mdv2009.0.x86_64.rpm\n 60ae56632071590bb7b0d1f0f6a7671a 2009.0/x86_64/firefox-es_AR-3.6.17-0.1mdv2009.0.x86_64.rpm\n 601891ab9929ccf4ddea627b466642b5 2009.0/x86_64/firefox-es_ES-3.6.17-0.1mdv2009.0.x86_64.rpm\n b23dc67128474e77c02569ed3cf3d03c 2009.0/x86_64/firefox-et-3.6.17-0.1mdv2009.0.x86_64.rpm\n d6a6ade1469d07ea53dc0a80cd1e3ca6 2009.0/x86_64/firefox-eu-3.6.17-0.1mdv2009.0.x86_64.rpm\n 5b00c95f5af2960e0ae8885f81b14453 2009.0/x86_64/firefox-ext-beagle-0.3.8-13.36mdv2009.0.x86_64.rpm\n aa8b9f39a32280974cb7d37ef0f3365b 2009.0/x86_64/firefox-ext-blogrovr-1.1.804-0.13mdv2009.0.x86_64.rpm\n 90af6af5192a0523b7ca543d9b4f4d48 2009.0/x86_64/firefox-ext-mozvoikko-1.0-0.13mdv2009.0.x86_64.rpm\n 2ef1da56893a9ee8808c8e8a40f2855b 2009.0/x86_64/firefox-ext-scribefire-3.5.1-0.13mdv2009.0.x86_64.rpm\n ece9cf46ad4b8968b4804f58b9eede04 2009.0/x86_64/firefox-ext-xmarks-3.5.10-0.13mdv2009.0.x86_64.rpm\n c3be652781ea8fc04dd51009765a2018 2009.0/x86_64/firefox-fi-3.6.17-0.1mdv2009.0.x86_64.rpm\n 73b6dfa12df8d2f6d904a429a45aac6a 2009.0/x86_64/firefox-fr-3.6.17-0.1mdv2009.0.x86_64.rpm\n 88836378097f79cef65b842a71cc4e69 2009.0/x86_64/firefox-fy-3.6.17-0.1mdv2009.0.x86_64.rpm\n daa588318b69ee3223f472545e4a150c 2009.0/x86_64/firefox-ga_IE-3.6.17-0.1mdv2009.0.x86_64.rpm\n 1c0759836da6bd094788eef5120db5b1 2009.0/x86_64/firefox-gl-3.6.17-0.1mdv2009.0.x86_64.rpm\n fe4b9531eeb1fcbb37de47c73464abea 2009.0/x86_64/firefox-gu_IN-3.6.17-0.1mdv2009.0.x86_64.rpm\n a5981a499f181f788316c4580589ef2e 2009.0/x86_64/firefox-he-3.6.17-0.1mdv2009.0.x86_64.rpm\n 2550f09a264ffd4f60152fb310be2900 2009.0/x86_64/firefox-hi-3.6.17-0.1mdv2009.0.x86_64.rpm\n d1fbfc46c8f06b45959c5838e28a23aa 2009.0/x86_64/firefox-hu-3.6.17-0.1mdv2009.0.x86_64.rpm\n aaadb1c087eefe50e4bc877477abac4c 2009.0/x86_64/firefox-id-3.6.17-0.1mdv2009.0.x86_64.rpm\n 3314496029094186ee870f310ecab2f7 2009.0/x86_64/firefox-is-3.6.17-0.1mdv2009.0.x86_64.rpm\n 76dbab7b062c0bd4907c91c322c9a183 2009.0/x86_64/firefox-it-3.6.17-0.1mdv2009.0.x86_64.rpm\n c711dc2be8d7dc6b47680894e01da605 2009.0/x86_64/firefox-ja-3.6.17-0.1mdv2009.0.x86_64.rpm\n 527f62d56b9bb634de9c84317f570591 2009.0/x86_64/firefox-ka-3.6.17-0.1mdv2009.0.x86_64.rpm\n 6c51c819e5abc19f5d8f02efce3ba226 2009.0/x86_64/firefox-kn-3.6.17-0.1mdv2009.0.x86_64.rpm\n a3ab45d4da1be8b26dcbd457a3e9d3f9 2009.0/x86_64/firefox-ko-3.6.17-0.1mdv2009.0.x86_64.rpm\n 2e176ce5348d910c8057bc5563faf41c 2009.0/x86_64/firefox-ku-3.6.17-0.1mdv2009.0.x86_64.rpm\n dab82375106ffe486f47be236f8cb969 2009.0/x86_64/firefox-lt-3.6.17-0.1mdv2009.0.x86_64.rpm\n 48432620c19fe9808f84c5d1d38d21fe 2009.0/x86_64/firefox-lv-3.6.17-0.1mdv2009.0.x86_64.rpm\n 79182359d527104abc378941ccf75fad 2009.0/x86_64/firefox-mk-3.6.17-0.1mdv2009.0.x86_64.rpm\n cd492f6fc1b5f36bb4826f728434c6af 2009.0/x86_64/firefox-mr-3.6.17-0.1mdv2009.0.x86_64.rpm\n 01d8a87704b226b740c723f08ecc2d65 2009.0/x86_64/firefox-nb_NO-3.6.17-0.1mdv2009.0.x86_64.rpm\n d7312e9a8d543937d317c1d59b3a34a1 2009.0/x86_64/firefox-nl-3.6.17-0.1mdv2009.0.x86_64.rpm\n 85d01cb0516ecb676564b1054fda683d 2009.0/x86_64/firefox-nn_NO-3.6.17-0.1mdv2009.0.x86_64.rpm\n bb0810bd066ae8e63a58764a87e4d820 2009.0/x86_64/firefox-oc-3.6.17-0.1mdv2009.0.x86_64.rpm\n ddd12841f0c0f4601a4e06d2ceb2f677 2009.0/x86_64/firefox-pa_IN-3.6.17-0.1mdv2009.0.x86_64.rpm\n 12ac4b4f1e269138d250ca3644a1b36a 2009.0/x86_64/firefox-pl-3.6.17-0.1mdv2009.0.x86_64.rpm\n ae0839d18977a11b8f9dcafab4d37ad9 2009.0/x86_64/firefox-pt_BR-3.6.17-0.1mdv2009.0.x86_64.rpm\n 30f7df0cf5761ecbcd9c741e4766680e 2009.0/x86_64/firefox-pt_PT-3.6.17-0.1mdv2009.0.x86_64.rpm\n 9cc05af0f3a3f2d3d36cc7d2bb74660a 2009.0/x86_64/firefox-ro-3.6.17-0.1mdv2009.0.x86_64.rpm\n f1044bb9e20f353e4fc648bf0501524d 2009.0/x86_64/firefox-ru-3.6.17-0.1mdv2009.0.x86_64.rpm\n 84fd90488b116a7dd26787d5416b6b12 2009.0/x86_64/firefox-si-3.6.17-0.1mdv2009.0.x86_64.rpm\n ac187a0b46b8c1c9dc57d3ce86382dfb 2009.0/x86_64/firefox-sk-3.6.17-0.1mdv2009.0.x86_64.rpm\n 19102a390fef503416f6f38f53bece23 2009.0/x86_64/firefox-sl-3.6.17-0.1mdv2009.0.x86_64.rpm\n cc1d2bdfb6f76c667aeb1394560c9f08 2009.0/x86_64/firefox-sq-3.6.17-0.1mdv2009.0.x86_64.rpm\n 29900dc6cc095ac318cc64e72edd4d8b 2009.0/x86_64/firefox-sr-3.6.17-0.1mdv2009.0.x86_64.rpm\n b76ad7b6ddf7684a939bcea888d4a432 2009.0/x86_64/firefox-sv_SE-3.6.17-0.1mdv2009.0.x86_64.rpm\n 1a8c696020c195c83f64aca80bf731eb 2009.0/x86_64/firefox-te-3.6.17-0.1mdv2009.0.x86_64.rpm\n 239684a41f202c5edbcbf6217909e818 2009.0/x86_64/firefox-th-3.6.17-0.1mdv2009.0.x86_64.rpm\n 3c289ecc5ac769c4b18a381f6c8e363e 2009.0/x86_64/firefox-theme-kfirefox-0.16-0.13mdv2009.0.x86_64.rpm\n 3770e9c29be81d282b766d776a392a4f 2009.0/x86_64/firefox-tr-3.6.17-0.1mdv2009.0.x86_64.rpm\n e1c6942f3f842ae7551c96283c26e72d 2009.0/x86_64/firefox-uk-3.6.17-0.1mdv2009.0.x86_64.rpm\n aa519f7229db7d3dfdc217d613ebdea0 2009.0/x86_64/firefox-zh_CN-3.6.17-0.1mdv2009.0.x86_64.rpm\n 2e01ab4446c233d7a4e89ed1c4859274 2009.0/x86_64/firefox-zh_TW-3.6.17-0.1mdv2009.0.x86_64.rpm\n 39cf269b29e518aa8db16a99a43c18d7 2009.0/x86_64/gnome-python-extras-2.19.1-20.27mdv2009.0.x86_64.rpm\n b0ba6358ad186d93f5cf23984acdd288 2009.0/x86_64/gnome-python-gda-2.19.1-20.27mdv2009.0.x86_64.rpm\n c5b9d792230aea0602d696a650cf76ff 2009.0/x86_64/gnome-python-gda-devel-2.19.1-20.27mdv2009.0.x86_64.rpm\n b882a6e641aad7bc507beda9af730d9d 2009.0/x86_64/gnome-python-gdl-2.19.1-20.27mdv2009.0.x86_64.rpm\n 7fa08a97cbe98f8ad9707cb401ceef7d 2009.0/x86_64/gnome-python-gtkhtml2-2.19.1-20.27mdv2009.0.x86_64.rpm\n c577a096e7c627e2910d3d476a94ec95 2009.0/x86_64/gnome-python-gtkmozembed-2.19.1-20.27mdv2009.0.x86_64.rpm\n aefafa2fbaa7fdfb1ae7e7d484feb84b 2009.0/x86_64/gnome-python-gtkspell-2.19.1-20.27mdv2009.0.x86_64.rpm\n 6a4dae7f9c6b44e6c11718dce617ba4e 2009.0/x86_64/lemon-3.7.4-0.1mdv2009.0.x86_64.rpm\n 4befda2bfc13c141078f3b6f157ef014 2009.0/x86_64/lib64devhelp-1_0-0.21-3.25mdv2009.0.x86_64.rpm\n 91e5fc566a17eadf4c587ce1a7bc014b 2009.0/x86_64/lib64devhelp-1-devel-0.21-3.25mdv2009.0.x86_64.rpm\n 4b9faa7ba8fb0ef518ee214debf823ea 2009.0/x86_64/lib64sqlite3_0-3.7.6.2-0.1mdv2009.0.x86_64.rpm\n 26e89fde1f2ddfa51157f246a7a8148a 2009.0/x86_64/lib64sqlite3-devel-3.7.6.2-0.1mdv2009.0.x86_64.rpm\n 588a88e71749159790ab8f66f1a4b4e8 2009.0/x86_64/lib64sqlite3-static-devel-3.7.6.2-0.1mdv2009.0.x86_64.rpm\n abe638f2b42c8dff52fd47344d5202c5 2009.0/x86_64/lib64xulrunner1.9.2.17-1.9.2.17-0.1mdv2009.0.x86_64.rpm\n 368987069ca85079fbd58ec5a3fe503a 2009.0/x86_64/lib64xulrunner-devel-1.9.2.17-0.1mdv2009.0.x86_64.rpm\n ac35d16e378e015d39049265a1064ca6 2009.0/x86_64/mozilla-thunderbird-beagle-0.3.8-13.36mdv2009.0.x86_64.rpm\n 12295dfafb906d07b16e21d0773bd24a 2009.0/x86_64/sqlite3-tools-3.7.6.2-0.1mdv2009.0.x86_64.rpm\n cea2bac5a44774587ec4605f1cb97cbf 2009.0/x86_64/xulrunner-1.9.2.17-0.1mdv2009.0.x86_64.rpm\n 47f4aca2ef52ab69ac4bb90585e244f3 2009.0/x86_64/yelp-2.24.0-3.28mdv2009.0.x86_64.rpm \n 0972d520d57df45393b0aef2da4b12ee 2009.0/SRPMS/beagle-0.3.8-13.36mdv2009.0.src.rpm\n 3f8b8f723797f0fbbb5e0264bac2bfbf 2009.0/SRPMS/devhelp-0.21-3.25mdv2009.0.src.rpm\n ebbdbeb5e3ccb2fe3f424a327eb475ef 2009.0/SRPMS/epiphany-2.24.3-0.14mdv2009.0.src.rpm\n 3350215ced82f1bcf19a8e8188bf0a61 2009.0/SRPMS/firefox-3.6.17-0.1mdv2009.0.src.rpm\n f11029532df82e7923c4b096af98d3f0 2009.0/SRPMS/firefox-ext-blogrovr-1.1.804-0.13mdv2009.0.src.rpm\n 5aca99c0285a4412ecf02cf6bf946801 2009.0/SRPMS/firefox-ext-mozvoikko-1.0-0.13mdv2009.0.src.rpm\n dbb411ce9ba2dc5416b53aea4c6641ae 2009.0/SRPMS/firefox-ext-scribefire-3.5.1-0.13mdv2009.0.src.rpm\n 96e289aef5dd3795e776125a93b9a11e 2009.0/SRPMS/firefox-ext-xmarks-3.5.10-0.13mdv2009.0.src.rpm\n 8681188142a3360b17eae804219d934e 2009.0/SRPMS/firefox-l10n-3.6.17-0.1mdv2009.0.src.rpm\n 0b632cc0d32c20cb4c7458c7c20b0bcf 2009.0/SRPMS/firefox-theme-kfirefox-0.16-0.13mdv2009.0.src.rpm\n 82b1d9b926a7a183edd6ee0b39ee9fd8 2009.0/SRPMS/gnome-python-extras-2.19.1-20.27mdv2009.0.src.rpm\n 5bffe9ac14aabf83ea8b5c79f0e8e33f 2009.0/SRPMS/lemon-3.7.4-0.1mdv2009.0.src.rpm\n aa8e2dcac3269d9836f3dade77086e7f 2009.0/SRPMS/sqlite3-3.7.6.2-0.1mdv2009.0.src.rpm\n fba6a9ca071ee5648b373d678d67e352 2009.0/SRPMS/xulrunner-1.9.2.17-0.1mdv2009.0.src.rpm\n 4dc1a3719ef51d45d3af0be61950aef7 2009.0/SRPMS/yelp-2.24.0-3.28mdv2009.0.src.rpm\n\n Mandriva Linux 2010.0:\n b6a1e9e5b9e25830e9b7078924d2696e 2010.0/i586/beagle-0.3.9-20.24mdv2010.0.i586.rpm\n c157386b79eec41001dcae8b9133af69 2010.0/i586/beagle-crawl-system-0.3.9-20.24mdv2010.0.i586.rpm\n 4aef4afd0e9651ddad72b188b9351a42 2010.0/i586/beagle-doc-0.3.9-20.24mdv2010.0.i586.rpm\n 8832c1286824ae275dd9aa35e3ac4f1d 2010.0/i586/beagle-evolution-0.3.9-20.24mdv2010.0.i586.rpm\n 0e39eb8c59a596efa9315606059a1760 2010.0/i586/beagle-gui-0.3.9-20.24mdv2010.0.i586.rpm\n b6151aa5af9cd0a36ec8b164a0c90df4 2010.0/i586/beagle-gui-qt-0.3.9-20.24mdv2010.0.i586.rpm\n e21eb5e62627f34b63ef80efa85adce2 2010.0/i586/beagle-libs-0.3.9-20.24mdv2010.0.i586.rpm\n ce2e2fb2ac7223bdd59994a3ac2dc718 2010.0/i586/firefox-3.6.17-0.1mdv2010.0.i586.rpm\n c5d163ba6817bc2b58baa0c6aaade18f 2010.0/i586/firefox-af-3.6.17-0.1mdv2010.0.i586.rpm\n 309d34256461d7ced6f0f25e48a56ef4 2010.0/i586/firefox-ar-3.6.17-0.1mdv2010.0.i586.rpm\n 58abfbf8f8050c0b0964922770d41aa3 2010.0/i586/firefox-be-3.6.17-0.1mdv2010.0.i586.rpm\n ec582b11ef9394620eaed6132d84d839 2010.0/i586/firefox-bg-3.6.17-0.1mdv2010.0.i586.rpm\n 8093a30d51889561b62eed0f6a4d4e52 2010.0/i586/firefox-bn-3.6.17-0.1mdv2010.0.i586.rpm\n f104f48ecae85588e16845d7765cce61 2010.0/i586/firefox-ca-3.6.17-0.1mdv2010.0.i586.rpm\n 6a01b14ba6add339b15a1703508c491f 2010.0/i586/firefox-cs-3.6.17-0.1mdv2010.0.i586.rpm\n d2b01ad5090cb85cb1ee0c7ddae02e9c 2010.0/i586/firefox-cy-3.6.17-0.1mdv2010.0.i586.rpm\n d78c752aee982cadd936955e84a37129 2010.0/i586/firefox-da-3.6.17-0.1mdv2010.0.i586.rpm\n 8009736a3b595f259ed36676cfc1adcf 2010.0/i586/firefox-de-3.6.17-0.1mdv2010.0.i586.rpm\n cc2f5a0e41a84919685a390e50869193 2010.0/i586/firefox-devel-3.6.17-0.1mdv2010.0.i586.rpm\n 1f38c9f900932be64993471dd7cfa87d 2010.0/i586/firefox-el-3.6.17-0.1mdv2010.0.i586.rpm\n 620c598a6201f155fb66b8e8d71253bf 2010.0/i586/firefox-en_GB-3.6.17-0.1mdv2010.0.i586.rpm\n 44fdf2af3b0ac2497a2dccd3fe4fa6d1 2010.0/i586/firefox-eo-3.6.17-0.1mdv2010.0.i586.rpm\n 9bf9966d1fa20ca0a3b320e9eb67b3fb 2010.0/i586/firefox-es_AR-3.6.17-0.1mdv2010.0.i586.rpm\n c1afe2347d18c52e07322b4fc8cd625e 2010.0/i586/firefox-es_ES-3.6.17-0.1mdv2010.0.i586.rpm\n d3ddf4f0650d7faf3398c58e6f4abb9e 2010.0/i586/firefox-et-3.6.17-0.1mdv2010.0.i586.rpm\n 41c4ffc76147f9b79952a7372b22bfa4 2010.0/i586/firefox-eu-3.6.17-0.1mdv2010.0.i586.rpm\n ad261fd5e248f592a1d84ecd3f99c8f8 2010.0/i586/firefox-ext-beagle-0.3.9-20.24mdv2010.0.i586.rpm\n a7934e327f7c6b0faa8dd81e74b0bbba 2010.0/i586/firefox-ext-blogrovr-1.1.804-6.19mdv2010.0.i586.rpm\n b0a87ee3ea58549813ce53682528e344 2010.0/i586/firefox-ext-mozvoikko-1.0-6.19mdv2010.0.i586.rpm\n d5d1ca07987bd14a6d28b89323ac7f6d 2010.0/i586/firefox-ext-plasmanotify-0.3.1-0.14mdv2010.0.i586.rpm\n 458d326026b0ceb126e1881aede8c066 2010.0/i586/firefox-ext-r-kiosk-0.7.2-9.19mdv2010.0.i586.rpm\n c7d22e1864faceeb962dd67fbdf21335 2010.0/i586/firefox-ext-scribefire-3.5.1-0.13mdv2010.0.i586.rpm\n ad519aa8884647ff54ac422549d7b16e 2010.0/i586/firefox-fi-3.6.17-0.1mdv2010.0.i586.rpm\n b49e76476d75bad4b27770a57a04df23 2010.0/i586/firefox-fr-3.6.17-0.1mdv2010.0.i586.rpm\n 2fe7eb8092c120755c032e56748aa9b7 2010.0/i586/firefox-fy-3.6.17-0.1mdv2010.0.i586.rpm\n ce5815c669402fd42bc07d44d93c66d3 2010.0/i586/firefox-ga_IE-3.6.17-0.1mdv2010.0.i586.rpm\n bba69242827e981627211b2b5eb68931 2010.0/i586/firefox-gl-3.6.17-0.1mdv2010.0.i586.rpm\n ed338554b350057694e2a6c2d224b387 2010.0/i586/firefox-gu_IN-3.6.17-0.1mdv2010.0.i586.rpm\n 1b7dc5cab758801b82ac1c242da6d59c 2010.0/i586/firefox-he-3.6.17-0.1mdv2010.0.i586.rpm\n 007af7a298d36f8895fba605aac15803 2010.0/i586/firefox-hi-3.6.17-0.1mdv2010.0.i586.rpm\n 476f6ac627f82fc7f7c5543f56482796 2010.0/i586/firefox-hu-3.6.17-0.1mdv2010.0.i586.rpm\n 88f193ba3b7d0bef97eaac7857293a8f 2010.0/i586/firefox-id-3.6.17-0.1mdv2010.0.i586.rpm\n d0330a0dd7dcbd3daca42525454994ec 2010.0/i586/firefox-is-3.6.17-0.1mdv2010.0.i586.rpm\n b261438d53f2f8434efe2b95f7e8d954 2010.0/i586/firefox-it-3.6.17-0.1mdv2010.0.i586.rpm\n 3d5900d3faefb015dcb0a4d62ef16ebe 2010.0/i586/firefox-ja-3.6.17-0.1mdv2010.0.i586.rpm\n 292b801681eb21ecbf5778abcff89188 2010.0/i586/firefox-ka-3.6.17-0.1mdv2010.0.i586.rpm\n 8f540c760b340206cc3bd17698ee88df 2010.0/i586/firefox-kn-3.6.17-0.1mdv2010.0.i586.rpm\n c8854d6714259850dc92f7fbe6dd17dd 2010.0/i586/firefox-ko-3.6.17-0.1mdv2010.0.i586.rpm\n 2772412e7edd00b8174f9638cec5db4f 2010.0/i586/firefox-ku-3.6.17-0.1mdv2010.0.i586.rpm\n 44ad30a9e5c3b2bd10371fba4ed4d2b9 2010.0/i586/firefox-lt-3.6.17-0.1mdv2010.0.i586.rpm\n ed093c9f9630d13a227371a1f62495a1 2010.0/i586/firefox-lv-3.6.17-0.1mdv2010.0.i586.rpm\n 00712ffbbdbe194ed03bef8a891e4e57 2010.0/i586/firefox-mk-3.6.17-0.1mdv2010.0.i586.rpm\n 8c8a612931c31d49fc3f4ae351cd26e3 2010.0/i586/firefox-mr-3.6.17-0.1mdv2010.0.i586.rpm\n 91ad5facd01c4c4bd31790ca40a640ca 2010.0/i586/firefox-nb_NO-3.6.17-0.1mdv2010.0.i586.rpm\n b00a5e35e6ac55f895b8f6916f79bde7 2010.0/i586/firefox-nl-3.6.17-0.1mdv2010.0.i586.rpm\n 0ee6b29ecb2a12136b11c0608360a0a8 2010.0/i586/firefox-nn_NO-3.6.17-0.1mdv2010.0.i586.rpm\n e79fa37b9006461f4d0ba003b4da69b9 2010.0/i586/firefox-oc-3.6.17-0.1mdv2010.0.i586.rpm\n af2a2946979a450cf150eff6f2aeca15 2010.0/i586/firefox-pa_IN-3.6.17-0.1mdv2010.0.i586.rpm\n e2a5272606e7048adadee10f39fbe98f 2010.0/i586/firefox-pl-3.6.17-0.1mdv2010.0.i586.rpm\n 735f3400c0570124a70792715503ff69 2010.0/i586/firefox-pt_BR-3.6.17-0.1mdv2010.0.i586.rpm\n 56d8fe829854b44f4a9d7a3dad7f08e8 2010.0/i586/firefox-pt_PT-3.6.17-0.1mdv2010.0.i586.rpm\n db9d45c53a5ea7311dab8b6dd3136f5b 2010.0/i586/firefox-ro-3.6.17-0.1mdv2010.0.i586.rpm\n 16cd0acaf4cc9de46f7df27668f804c7 2010.0/i586/firefox-ru-3.6.17-0.1mdv2010.0.i586.rpm\n 9c79daeb7907e1050f55c77a78e68cc1 2010.0/i586/firefox-si-3.6.17-0.1mdv2010.0.i586.rpm\n b6d4b76f9ff21b0800839c049df430a6 2010.0/i586/firefox-sk-3.6.17-0.1mdv2010.0.i586.rpm\n 3826c8dea2da5b4114f440427b95e8b4 2010.0/i586/firefox-sl-3.6.17-0.1mdv2010.0.i586.rpm\n db491650aba41efba6874835f093f4db 2010.0/i586/firefox-sq-3.6.17-0.1mdv2010.0.i586.rpm\n d87fc741560c434ebf78d91df37d69c6 2010.0/i586/firefox-sr-3.6.17-0.1mdv2010.0.i586.rpm\n 4c2c8bf680e06a814ba26c9cf03f513c 2010.0/i586/firefox-sv_SE-3.6.17-0.1mdv2010.0.i586.rpm\n 2a2b280eb345b0c3f477916b9b739fe6 2010.0/i586/firefox-te-3.6.17-0.1mdv2010.0.i586.rpm\n 3d472d3c27158912b8aa5dfada66e6cd 2010.0/i586/firefox-th-3.6.17-0.1mdv2010.0.i586.rpm\n 593aabf00e5d3904c10a970adf428888 2010.0/i586/firefox-theme-kfirefox-0.16-7.18mdv2010.0.i586.rpm\n 59701c68cba8f4e64e7f522a3416b963 2010.0/i586/firefox-tr-3.6.17-0.1mdv2010.0.i586.rpm\n c8a8962b397b0bd4cf92b294d8f213ea 2010.0/i586/firefox-uk-3.6.17-0.1mdv2010.0.i586.rpm\n c802454f74a74d2fd062d356a10cd9fe 2010.0/i586/firefox-zh_CN-3.6.17-0.1mdv2010.0.i586.rpm\n 54ffb1d848372e37673ee5f0916d87a9 2010.0/i586/firefox-zh_TW-3.6.17-0.1mdv2010.0.i586.rpm\n e6bb0b44e75dc31a1398d8f1be3b9c05 2010.0/i586/gnome-python-extras-2.25.3-10.19mdv2010.0.i586.rpm\n cb3a68a90b06a8a3b1b7c4225e6a2434 2010.0/i586/gnome-python-gda-2.25.3-10.19mdv2010.0.i586.rpm\n 04800b57661c14843f9cb30a0bc492e8 2010.0/i586/gnome-python-gda-devel-2.25.3-10.19mdv2010.0.i586.rpm\n 6425c25026893e92066095be60cc4c68 2010.0/i586/gnome-python-gdl-2.25.3-10.19mdv2010.0.i586.rpm\n b399a0ddd65dd348f3d28bacd9c10969 2010.0/i586/gnome-python-gtkhtml2-2.25.3-10.19mdv2010.0.i586.rpm\n 316d34952b6a1ae3f6fc688684008621 2010.0/i586/gnome-python-gtkmozembed-2.25.3-10.19mdv2010.0.i586.rpm\n f291f9d540696b985058fed2bcb43f3b 2010.0/i586/gnome-python-gtkspell-2.25.3-10.19mdv2010.0.i586.rpm\n 03ad25d77e26d447e2eeb2172c983b70 2010.0/i586/google-gadgets-common-0.11.2-0.14mdv2010.0.i586.rpm\n 2668802eab633e4985ee7d5cae705998 2010.0/i586/google-gadgets-gtk-0.11.2-0.14mdv2010.0.i586.rpm\n 8934c0ddb3f6fadac35b13daf5d385b9 2010.0/i586/google-gadgets-qt-0.11.2-0.14mdv2010.0.i586.rpm\n cd109c50db0909b76bca45f7733b5d6e 2010.0/i586/lemon-3.7.4-0.1mdv2010.0.i586.rpm\n 591d040f58de2df829386de1f7e46afd 2010.0/i586/libggadget1.0_0-0.11.2-0.14mdv2010.0.i586.rpm\n 0ed830c0e017bf6daebe06e0a4fc130f 2010.0/i586/libggadget-dbus1.0_0-0.11.2-0.14mdv2010.0.i586.rpm\n eb51fb7f24b1af033488d8123dd63355 2010.0/i586/libggadget-gtk1.0_0-0.11.2-0.14mdv2010.0.i586.rpm\n e092bd005bf25082a3cd965658c44882 2010.0/i586/libggadget-js1.0_0-0.11.2-0.14mdv2010.0.i586.rpm\n b22e2ac3a4dc918fae6afb4c38f83be7 2010.0/i586/libggadget-npapi1.0_0-0.11.2-0.14mdv2010.0.i586.rpm\n e130ea57c3a32005f202924643467014 2010.0/i586/libggadget-qt1.0_0-0.11.2-0.14mdv2010.0.i586.rpm\n a28b0faef4a1c9f10126abf5e2e263a8 2010.0/i586/libggadget-webkitjs0-0.11.2-0.14mdv2010.0.i586.rpm\n 1954487379222ae6d2900f049d9c5d8e 2010.0/i586/libggadget-xdg1.0_0-0.11.2-0.14mdv2010.0.i586.rpm\n a142592d9ad77cbd49cdaaccbaf18ab2 2010.0/i586/libgoogle-gadgets-devel-0.11.2-0.14mdv2010.0.i586.rpm\n 7439c4f59d7c3e3c0c4053c8497c686d 2010.0/i586/libopensc2-0.11.9-1.19mdv2010.0.i586.rpm\n 000a04f5477c2191dd18aee1028658c0 2010.0/i586/libopensc-devel-0.11.9-1.19mdv2010.0.i586.rpm\n d108f2a27ec1602a8e3abfe85a6dd9c4 2010.0/i586/libsqlite3_0-3.7.6.2-0.1mdv2010.0.i586.rpm\n 25ec3dae2efdd5df8f02daf19aade1b6 2010.0/i586/libsqlite3-devel-3.7.6.2-0.1mdv2010.0.i586.rpm\n 98115a0368c0fff061a7c6b03ff970a6 2010.0/i586/libsqlite3-static-devel-3.7.6.2-0.1mdv2010.0.i586.rpm\n 306b910536bbcf02d9388bbac370cc14 2010.0/i586/libxulrunner1.9.2.17-1.9.2.17-0.1mdv2010.0.i586.rpm\n 3a0ab7f87d735b2788978ca7bbe21655 2010.0/i586/libxulrunner-devel-1.9.2.17-0.1mdv2010.0.i586.rpm\n 5d733fb6ef9990d58bc260520c2a952c 2010.0/i586/mozilla-plugin-opensc-0.11.9-1.19mdv2010.0.i586.rpm\n b5e5a4ff8c718c494776e9fcf387d846 2010.0/i586/mozilla-thunderbird-beagle-0.3.9-20.24mdv2010.0.i586.rpm\n d40e17498c9b2969d53b636f1512a981 2010.0/i586/opensc-0.11.9-1.19mdv2010.0.i586.rpm\n f59e41d761d46dd8ae5f0848c1268aba 2010.0/i586/sqlite3-tools-3.7.6.2-0.1mdv2010.0.i586.rpm\n dc8db442ddcdefb7aa85e8b7a2bd1bc1 2010.0/i586/xulrunner-1.9.2.17-0.1mdv2010.0.i586.rpm\n aa33ff3f1ad317179dfa58784edc5b84 2010.0/i586/yelp-2.28.0-1.21mdv2010.0.i586.rpm \n 872f3f5473c99556ba3676a2087618ac 2010.0/SRPMS/beagle-0.3.9-20.24mdv2010.0.src.rpm\n eb7c8b9b8b19f6cf7dab54a0128a7c3b 2010.0/SRPMS/firefox-3.6.17-0.1mdv2010.0.src.rpm\n b8a28536c5f5b90e1e56fcbccc0f7828 2010.0/SRPMS/firefox-ext-blogrovr-1.1.804-6.19mdv2010.0.src.rpm\n 0203c855fea4ad16b8bf3490c28a522a 2010.0/SRPMS/firefox-ext-mozvoikko-1.0-6.19mdv2010.0.src.rpm\n b01922e0aef070ea95b6fa98945fb685 2010.0/SRPMS/firefox-ext-plasmanotify-0.3.1-0.14mdv2010.0.src.rpm\n 16b3eb2d5945df96a9768051a3093b04 2010.0/SRPMS/firefox-ext-r-kiosk-0.7.2-9.19mdv2010.0.src.rpm\n 4e57990dc20e6089157a02b0dd7bad97 2010.0/SRPMS/firefox-ext-scribefire-3.5.1-0.13mdv2010.0.src.rpm\n 1e3f69cadbe70bffd1c7f7220f11792c 2010.0/SRPMS/firefox-l10n-3.6.17-0.1mdv2010.0.src.rpm\n 13d4fc5888b6dc2c2b7347de5ffe6282 2010.0/SRPMS/firefox-theme-kfirefox-0.16-7.18mdv2010.0.src.rpm\n 43f53231379e4b1ef09b31f24d329448 2010.0/SRPMS/gnome-python-extras-2.25.3-10.19mdv2010.0.src.rpm\n 15ead6d66f9b662b9a02a970717a5063 2010.0/SRPMS/google-gadgets-0.11.2-0.14mdv2010.0.src.rpm\n 24971ad45f4df34e024b071415dfe672 2010.0/SRPMS/lemon-3.7.4-0.1mdv2010.0.src.rpm\n 23959d528a982971b2f7e9016c3789b4 2010.0/SRPMS/opensc-0.11.9-1.19mdv2010.0.src.rpm\n 9de0929e70ecda34752e0ab536491e15 2010.0/SRPMS/sqlite3-3.7.6.2-0.1mdv2010.0.src.rpm\n 5983d5c4fe3694a9875e836334d73d98 2010.0/SRPMS/xulrunner-1.9.2.17-0.1mdv2010.0.src.rpm\n 4a673f357f57178cc398edbe72b749a9 2010.0/SRPMS/yelp-2.28.0-1.21mdv2010.0.src.rpm\n\n Mandriva Linux 2010.0/X86_64:\n 3858b66b72089446d943bcef027f17e1 2010.0/x86_64/beagle-0.3.9-20.24mdv2010.0.x86_64.rpm\n 2f64fc068b962ed27dffbd3166e3f13d 2010.0/x86_64/beagle-crawl-system-0.3.9-20.24mdv2010.0.x86_64.rpm\n a5d8e8855f04448778a942dc69e4e9ee 2010.0/x86_64/beagle-doc-0.3.9-20.24mdv2010.0.x86_64.rpm\n 60865274682f6fe2425b49bef9d7e125 2010.0/x86_64/beagle-evolution-0.3.9-20.24mdv2010.0.x86_64.rpm\n b19d9d4b3a1e4b49e70f02da179f8bcf 2010.0/x86_64/beagle-gui-0.3.9-20.24mdv2010.0.x86_64.rpm\n 53990e7b90d7feaa22a992ed3c69197f 2010.0/x86_64/beagle-gui-qt-0.3.9-20.24mdv2010.0.x86_64.rpm\n f0b3683737da726c0aed135fea2bf4ce 2010.0/x86_64/beagle-libs-0.3.9-20.24mdv2010.0.x86_64.rpm\n 093d44feb8368dd263d0877bcbde1555 2010.0/x86_64/firefox-3.6.17-0.1mdv2010.0.x86_64.rpm\n 7e3799f4a5ca1eceb6d1fd4eca83afd0 2010.0/x86_64/firefox-af-3.6.17-0.1mdv2010.0.x86_64.rpm\n f4b0c8b86490fdf9a9c25974a92689ca 2010.0/x86_64/firefox-ar-3.6.17-0.1mdv2010.0.x86_64.rpm\n 57ffe1be3cdd0af944259ed114231810 2010.0/x86_64/firefox-be-3.6.17-0.1mdv2010.0.x86_64.rpm\n 8aeadd5d3e3e47715d51ea3a82843128 2010.0/x86_64/firefox-bg-3.6.17-0.1mdv2010.0.x86_64.rpm\n ff79968fce36b922b8d98e0eb9b816c8 2010.0/x86_64/firefox-bn-3.6.17-0.1mdv2010.0.x86_64.rpm\n d09d62f420535517de8bf4541b3a8fec 2010.0/x86_64/firefox-ca-3.6.17-0.1mdv2010.0.x86_64.rpm\n af07bb511e838122ffc241b2209e580e 2010.0/x86_64/firefox-cs-3.6.17-0.1mdv2010.0.x86_64.rpm\n d2e567af634fb4000251ae2c28bfbd60 2010.0/x86_64/firefox-cy-3.6.17-0.1mdv2010.0.x86_64.rpm\n 0d86423290f5f10c717e7535e80a3617 2010.0/x86_64/firefox-da-3.6.17-0.1mdv2010.0.x86_64.rpm\n 6771eac9d9f1b5d3b93dea3fa1eddb43 2010.0/x86_64/firefox-de-3.6.17-0.1mdv2010.0.x86_64.rpm\n 149d869189abd70972ff431b3fa8c30d 2010.0/x86_64/firefox-devel-3.6.17-0.1mdv2010.0.x86_64.rpm\n 238759b4136c3b9265bbcb9e0be9bb5f 2010.0/x86_64/firefox-el-3.6.17-0.1mdv2010.0.x86_64.rpm\n 5b3990e5fd90c56b711a836669d201a3 2010.0/x86_64/firefox-en_GB-3.6.17-0.1mdv2010.0.x86_64.rpm\n b672e3ff071c07ab7f177c20328db06f 2010.0/x86_64/firefox-eo-3.6.17-0.1mdv2010.0.x86_64.rpm\n 4b9a27c7bdcb609968c82eaf20b5aee7 2010.0/x86_64/firefox-es_AR-3.6.17-0.1mdv2010.0.x86_64.rpm\n 9ac337f09f15f9b3a1322630167d4ac6 2010.0/x86_64/firefox-es_ES-3.6.17-0.1mdv2010.0.x86_64.rpm\n c880f83263f5fa4a1c52dcdaf2c5e861 2010.0/x86_64/firefox-et-3.6.17-0.1mdv2010.0.x86_64.rpm\n 1ddd1520b4f8b9218650aa613918a33c 2010.0/x86_64/firefox-eu-3.6.17-0.1mdv2010.0.x86_64.rpm\n 8214d724c4ae2a82b3698dc8d657fe10 2010.0/x86_64/firefox-ext-beagle-0.3.9-20.24mdv2010.0.x86_64.rpm\n fe0be0de58803f286786cd0e9c889ee6 2010.0/x86_64/firefox-ext-blogrovr-1.1.804-6.19mdv2010.0.x86_64.rpm\n 304a74743e71b80d8bd13ce2a394985d 2010.0/x86_64/firefox-ext-mozvoikko-1.0-6.19mdv2010.0.x86_64.rpm\n 9d4f9089e453c405327804fe295009a8 2010.0/x86_64/firefox-ext-plasmanotify-0.3.1-0.14mdv2010.0.x86_64.rpm\n b803bbf7342e3af31538727458c9f90e 2010.0/x86_64/firefox-ext-r-kiosk-0.7.2-9.19mdv2010.0.x86_64.rpm\n 9cf49c740dd4865a1564b33b7a41d585 2010.0/x86_64/firefox-ext-scribefire-3.5.1-0.13mdv2010.0.x86_64.rpm\n 24e754bed0908dc1f951803e707ce567 2010.0/x86_64/firefox-fi-3.6.17-0.1mdv2010.0.x86_64.rpm\n 79d473fe7d47dabac82fad423557513c 2010.0/x86_64/firefox-fr-3.6.17-0.1mdv2010.0.x86_64.rpm\n 902c5eac74afbdb862c1b2cfb0c21ef0 2010.0/x86_64/firefox-fy-3.6.17-0.1mdv2010.0.x86_64.rpm\n 5b064f04e0c27f27ae69a6e8e4cdbf7f 2010.0/x86_64/firefox-ga_IE-3.6.17-0.1mdv2010.0.x86_64.rpm\n fffe860a112c49980994d476b793eb53 2010.0/x86_64/firefox-gl-3.6.17-0.1mdv2010.0.x86_64.rpm\n a52c856435cb5c50b8ae2155928b5244 2010.0/x86_64/firefox-gu_IN-3.6.17-0.1mdv2010.0.x86_64.rpm\n 05ea1476c038511a2b4a46034c6ab290 2010.0/x86_64/firefox-he-3.6.17-0.1mdv2010.0.x86_64.rpm\n 9273f6a64382ba0dc683fa32e61f1bb2 2010.0/x86_64/firefox-hi-3.6.17-0.1mdv2010.0.x86_64.rpm\n 4ef3c6fccb7d7bf5b4c0f11abceaf0f5 2010.0/x86_64/firefox-hu-3.6.17-0.1mdv2010.0.x86_64.rpm\n 0346f17a58b3a444c02fd35fba01458a 2010.0/x86_64/firefox-id-3.6.17-0.1mdv2010.0.x86_64.rpm\n 2318d466a80d30bf6f2e985647010faa 2010.0/x86_64/firefox-is-3.6.17-0.1mdv2010.0.x86_64.rpm\n 9a6d1f0e13346155bd81fc3340f89890 2010.0/x86_64/firefox-it-3.6.17-0.1mdv2010.0.x86_64.rpm\n 63cebbb431c2915c86c4d5c22c5f154a 2010.0/x86_64/firefox-ja-3.6.17-0.1mdv2010.0.x86_64.rpm\n c384ffcffcd6e3ad4536183ccf5bcd9f 2010.0/x86_64/firefox-ka-3.6.17-0.1mdv2010.0.x86_64.rpm\n b6ee1fefececab34c485fff2bb2e0340 2010.0/x86_64/firefox-kn-3.6.17-0.1mdv2010.0.x86_64.rpm\n b0ae37fdeff27404b04b97e4f25b3286 2010.0/x86_64/firefox-ko-3.6.17-0.1mdv2010.0.x86_64.rpm\n 18bd8f78a8172bbca00432df5d8ab6a2 2010.0/x86_64/firefox-ku-3.6.17-0.1mdv2010.0.x86_64.rpm\n 06432e71e5f7721c08dc958d3da8db23 2010.0/x86_64/firefox-lt-3.6.17-0.1mdv2010.0.x86_64.rpm\n 73d6ca4e1e5b5ccb8b2699f985eb46e4 2010.0/x86_64/firefox-lv-3.6.17-0.1mdv2010.0.x86_64.rpm\n 4d367666ed89679260e7d8c2f747c1cf 2010.0/x86_64/firefox-mk-3.6.17-0.1mdv2010.0.x86_64.rpm\n ee7c636c3f90c90448117eac31aa87d3 2010.0/x86_64/firefox-mr-3.6.17-0.1mdv2010.0.x86_64.rpm\n c23330441a1939016356bc7366a683e5 2010.0/x86_64/firefox-nb_NO-3.6.17-0.1mdv2010.0.x86_64.rpm\n ce40b26758f7aa07d0a778a8c8c9a869 2010.0/x86_64/firefox-nl-3.6.17-0.1mdv2010.0.x86_64.rpm\n 0951798322644efd44f6c2aff2ca282a 2010.0/x86_64/firefox-nn_NO-3.6.17-0.1mdv2010.0.x86_64.rpm\n 4e5d2f92e75e0d89ea4360d8fff8046c 2010.0/x86_64/firefox-oc-3.6.17-0.1mdv2010.0.x86_64.rpm\n 8f4ac7bf6a4d8a013f356ed84c52a5e9 2010.0/x86_64/firefox-pa_IN-3.6.17-0.1mdv2010.0.x86_64.rpm\n 3a731045099cd9ed850f9a321c0c84e3 2010.0/x86_64/firefox-pl-3.6.17-0.1mdv2010.0.x86_64.rpm\n 8a53363afc83d26a624f443105237a7e 2010.0/x86_64/firefox-pt_BR-3.6.17-0.1mdv2010.0.x86_64.rpm\n f59973b7a3072bef189f9a3767cb24ab 2010.0/x86_64/firefox-pt_PT-3.6.17-0.1mdv2010.0.x86_64.rpm\n 5501412ba991954e58e917fc526ddf60 2010.0/x86_64/firefox-ro-3.6.17-0.1mdv2010.0.x86_64.rpm\n acb0a6140acb5a4535d837963397a236 2010.0/x86_64/firefox-ru-3.6.17-0.1mdv2010.0.x86_64.rpm\n dc7d2a7df0902ab3dc633fb74eb9adbd 2010.0/x86_64/firefox-si-3.6.17-0.1mdv2010.0.x86_64.rpm\n 5067af9af1aabd868b536f310d031900 2010.0/x86_64/firefox-sk-3.6.17-0.1mdv2010.0.x86_64.rpm\n 0907f9829d35681cf8a6791cef140e54 2010.0/x86_64/firefox-sl-3.6.17-0.1mdv2010.0.x86_64.rpm\n 57187489089f47923ce21c9ecb51ec4e 2010.0/x86_64/firefox-sq-3.6.17-0.1mdv2010.0.x86_64.rpm\n 4d70e7d9ebf0bfe9b10a2747c102da70 2010.0/x86_64/firefox-sr-3.6.17-0.1mdv2010.0.x86_64.rpm\n 6acf58ff03814bb7fd18d8615715a7c1 2010.0/x86_64/firefox-sv_SE-3.6.17-0.1mdv2010.0.x86_64.rpm\n 267943c59c737740d5bc9755d942d218 2010.0/x86_64/firefox-te-3.6.17-0.1mdv2010.0.x86_64.rpm\n 6cce1edffc8c33b54a918ce261ed018e 2010.0/x86_64/firefox-th-3.6.17-0.1mdv2010.0.x86_64.rpm\n e055a883cdd6ca3c32c2cc730bfff8a7 2010.0/x86_64/firefox-theme-kfirefox-0.16-7.18mdv2010.0.x86_64.rpm\n 8ae0f6456b5cc9df16a92b2fc0bc2b0c 2010.0/x86_64/firefox-tr-3.6.17-0.1mdv2010.0.x86_64.rpm\n cfa6c76ff6518cf642c052bdc551a18a 2010.0/x86_64/firefox-uk-3.6.17-0.1mdv2010.0.x86_64.rpm\n 55017d39c0a0087d3bac20ec4ba4eb85 2010.0/x86_64/firefox-zh_CN-3.6.17-0.1mdv2010.0.x86_64.rpm\n 63dc4f884a0f1297e23fa5dc5e7c3cf5 2010.0/x86_64/firefox-zh_TW-3.6.17-0.1mdv2010.0.x86_64.rpm\n ee0c18920080702d3595cb7adae275f4 2010.0/x86_64/gnome-python-extras-2.25.3-10.19mdv2010.0.x86_64.rpm\n 5919c717c5a7f305c57d7c8df48b11a9 2010.0/x86_64/gnome-python-gda-2.25.3-10.19mdv2010.0.x86_64.rpm\n 562bd44a9be0630f52ce76aad2cefe0a 2010.0/x86_64/gnome-python-gda-devel-2.25.3-10.19mdv2010.0.x86_64.rpm\n 8cb0d40770f948e918f8c82942fcc761 2010.0/x86_64/gnome-python-gdl-2.25.3-10.19mdv2010.0.x86_64.rpm\n 4c2f19fef0720a1b23a23b96230df928 2010.0/x86_64/gnome-python-gtkhtml2-2.25.3-10.19mdv2010.0.x86_64.rpm\n 5e159bd5b05ac4765cac691315ebb389 2010.0/x86_64/gnome-python-gtkmozembed-2.25.3-10.19mdv2010.0.x86_64.rpm\n 887bebf0c67dd6ee749c05044c5b8ebb 2010.0/x86_64/gnome-python-gtkspell-2.25.3-10.19mdv2010.0.x86_64.rpm\n 3a1e5f6ee829cc818f287a7efd4d529d 2010.0/x86_64/google-gadgets-common-0.11.2-0.14mdv2010.0.x86_64.rpm\n a524c9ce952ce767b01b626e3cb816d2 2010.0/x86_64/google-gadgets-gtk-0.11.2-0.14mdv2010.0.x86_64.rpm\n 46b9c5ddc279d9f1fdf9b743ed651416 2010.0/x86_64/google-gadgets-qt-0.11.2-0.14mdv2010.0.x86_64.rpm\n bae5a5dd90cd5313f77c2a7ae009069e 2010.0/x86_64/lemon-3.7.4-0.1mdv2010.0.x86_64.rpm\n fc2b8cfae8a71b058d75c1474f44d1fc 2010.0/x86_64/lib64ggadget1.0_0-0.11.2-0.14mdv2010.0.x86_64.rpm\n 72a1707675b38a97f6dd8b1e3af79077 2010.0/x86_64/lib64ggadget-dbus1.0_0-0.11.2-0.14mdv2010.0.x86_64.rpm\n 286b4299556830c2bb109c507e226c15 2010.0/x86_64/lib64ggadget-gtk1.0_0-0.11.2-0.14mdv2010.0.x86_64.rpm\n 5941285845cdaf816e947e1075cb5262 2010.0/x86_64/lib64ggadget-js1.0_0-0.11.2-0.14mdv2010.0.x86_64.rpm\n 0cf1545c0ee9e59d85b417653e4fe73b 2010.0/x86_64/lib64ggadget-npapi1.0_0-0.11.2-0.14mdv2010.0.x86_64.rpm\n 25d8d06e4057f91f3ec5f7aeeeaa88fb 2010.0/x86_64/lib64ggadget-qt1.0_0-0.11.2-0.14mdv2010.0.x86_64.rpm\n 8372ebd0bb8b13ef269c5e6262683fa5 2010.0/x86_64/lib64ggadget-webkitjs0-0.11.2-0.14mdv2010.0.x86_64.rpm\n 6b7548e88e5d630c380c8948dd3badf5 2010.0/x86_64/lib64ggadget-xdg1.0_0-0.11.2-0.14mdv2010.0.x86_64.rpm\n b77e42d31574efb78e25701c50f55ea6 2010.0/x86_64/lib64google-gadgets-devel-0.11.2-0.14mdv2010.0.x86_64.rpm\n d9d6b24145b1d34e0438b46bb30c37da 2010.0/x86_64/lib64opensc2-0.11.9-1.19mdv2010.0.x86_64.rpm\n e93eece7e774e29e7890e1d1487d3e1f 2010.0/x86_64/lib64opensc-devel-0.11.9-1.19mdv2010.0.x86_64.rpm\n a87a4cbec8ff5a04b86817e186139b78 2010.0/x86_64/lib64sqlite3_0-3.7.6.2-0.1mdv2010.0.x86_64.rpm\n a6df85f41686791ba19d706ea85ef4ce 2010.0/x86_64/lib64sqlite3-devel-3.7.6.2-0.1mdv2010.0.x86_64.rpm\n 40de3fdcbc3fb1324e0b3240227c447f 2010.0/x86_64/lib64sqlite3-static-devel-3.7.6.2-0.1mdv2010.0.x86_64.rpm\n 0113d0dc5addcc762b452a01f249c4dc 2010.0/x86_64/lib64xulrunner1.9.2.17-1.9.2.17-0.1mdv2010.0.x86_64.rpm\n 92b6e05534a1c3eceaca1cdb79112d99 2010.0/x86_64/lib64xulrunner-devel-1.9.2.17-0.1mdv2010.0.x86_64.rpm\n 9823b87815015254cb08ef4948509249 2010.0/x86_64/mozilla-plugin-opensc-0.11.9-1.19mdv2010.0.x86_64.rpm\n a95dcd7863f187f9926cc202e14ef578 2010.0/x86_64/mozilla-thunderbird-beagle-0.3.9-20.24mdv2010.0.x86_64.rpm\n f93d3ed66cde233df336291a66460ecc 2010.0/x86_64/opensc-0.11.9-1.19mdv2010.0.x86_64.rpm\n e920dc086da22a991f91a53665fedef8 2010.0/x86_64/sqlite3-tools-3.7.6.2-0.1mdv2010.0.x86_64.rpm\n 1c6c0d52e529171edb60a638c43b8809 2010.0/x86_64/xulrunner-1.9.2.17-0.1mdv2010.0.x86_64.rpm\n ae9a9a91c9e9ce6f70c29f2aad7fc8f1 2010.0/x86_64/yelp-2.28.0-1.21mdv2010.0.x86_64.rpm \n 872f3f5473c99556ba3676a2087618ac 2010.0/SRPMS/beagle-0.3.9-20.24mdv2010.0.src.rpm\n eb7c8b9b8b19f6cf7dab54a0128a7c3b 2010.0/SRPMS/firefox-3.6.17-0.1mdv2010.0.src.rpm\n b8a28536c5f5b90e1e56fcbccc0f7828 2010.0/SRPMS/firefox-ext-blogrovr-1.1.804-6.19mdv2010.0.src.rpm\n 0203c855fea4ad16b8bf3490c28a522a 2010.0/SRPMS/firefox-ext-mozvoikko-1.0-6.19mdv2010.0.src.rpm\n b01922e0aef070ea95b6fa98945fb685 2010.0/SRPMS/firefox-ext-plasmanotify-0.3.1-0.14mdv2010.0.src.rpm\n 16b3eb2d5945df96a9768051a3093b04 2010.0/SRPMS/firefox-ext-r-kiosk-0.7.2-9.19mdv2010.0.src.rpm\n 4e57990dc20e6089157a02b0dd7bad97 2010.0/SRPMS/firefox-ext-scribefire-3.5.1-0.13mdv2010.0.src.rpm\n 1e3f69cadbe70bffd1c7f7220f11792c 2010.0/SRPMS/firefox-l10n-3.6.17-0.1mdv2010.0.src.rpm\n 13d4fc5888b6dc2c2b7347de5ffe6282 2010.0/SRPMS/firefox-theme-kfirefox-0.16-7.18mdv2010.0.src.rpm\n 43f53231379e4b1ef09b31f24d329448 2010.0/SRPMS/gnome-python-extras-2.25.3-10.19mdv2010.0.src.rpm\n 15ead6d66f9b662b9a02a970717a5063 2010.0/SRPMS/google-gadgets-0.11.2-0.14mdv2010.0.src.rpm\n 24971ad45f4df34e024b071415dfe672 2010.0/SRPMS/lemon-3.7.4-0.1mdv2010.0.src.rpm\n 23959d528a982971b2f7e9016c3789b4 2010.0/SRPMS/opensc-0.11.9-1.19mdv2010.0.src.rpm\n 9de0929e70ecda34752e0ab536491e15 2010.0/SRPMS/sqlite3-3.7.6.2-0.1mdv2010.0.src.rpm\n 5983d5c4fe3694a9875e836334d73d98 2010.0/SRPMS/xulrunner-1.9.2.17-0.1mdv2010.0.src.rpm\n 4a673f357f57178cc398edbe72b749a9 2010.0/SRPMS/yelp-2.28.0-1.21mdv2010.0.src.rpm\n\n Mandriva Linux 2010.1:\n b8d77a5d048b82e38083d71ec55acf5b 2010.1/i586/beagle-0.3.9-40.14mdv2010.2.i586.rpm\n e3d539ad1fb243f6ddcf842a743d49cf 2010.1/i586/beagle-crawl-system-0.3.9-40.14mdv2010.2.i586.rpm\n d9e4d663700c0f54e19702cf2c53bde5 2010.1/i586/beagle-doc-0.3.9-40.14mdv2010.2.i586.rpm\n 72f328f300a35d37ed72ca7271049562 2010.1/i586/beagle-evolution-0.3.9-40.14mdv2010.2.i586.rpm\n 414eed08be2161f5c548f733cdbb29e1 2010.1/i586/beagle-gui-0.3.9-40.14mdv2010.2.i586.rpm\n e19385deaa5fb16118db1957762d6c23 2010.1/i586/beagle-gui-qt-0.3.9-40.14mdv2010.2.i586.rpm\n badd30997d1be55d54f9f84ed95c1cad 2010.1/i586/beagle-libs-0.3.9-40.14mdv2010.2.i586.rpm\n e3b3ae5312158ba23cf391bfdad5f414 2010.1/i586/firefox-3.6.17-0.1mdv2010.2.i586.rpm\n f92af2f4925734bb1d646486c763f61f 2010.1/i586/firefox-af-3.6.17-0.1mdv2010.2.i586.rpm\n 1bca461e767ede98a0a75027a7c90dd2 2010.1/i586/firefox-ar-3.6.17-0.1mdv2010.2.i586.rpm\n bd2e765f5f089c9737a3931dbe725449 2010.1/i586/firefox-be-3.6.17-0.1mdv2010.2.i586.rpm\n d626a973b6602a5333a6c6daf0fc408c 2010.1/i586/firefox-bg-3.6.17-0.1mdv2010.2.i586.rpm\n e97feb110482d0875e12e88dc15f307b 2010.1/i586/firefox-bn-3.6.17-0.1mdv2010.2.i586.rpm\n 71001a353742c8147820cdf9ac5b6800 2010.1/i586/firefox-ca-3.6.17-0.1mdv2010.2.i586.rpm\n 21627432dd2f58253114486374d61d59 2010.1/i586/firefox-cs-3.6.17-0.1mdv2010.2.i586.rpm\n 3c99e580e4d0b46870c2e14442b677da 2010.1/i586/firefox-cy-3.6.17-0.1mdv2010.2.i586.rpm\n 3f86c960410b6c2a5e7f1df15c044aba 2010.1/i586/firefox-da-3.6.17-0.1mdv2010.2.i586.rpm\n 1fedae2cb5b853bc05d59aaefa6c4e80 2010.1/i586/firefox-de-3.6.17-0.1mdv2010.2.i586.rpm\n 1b2125c2d7f7a3d1d7911624d57f3066 2010.1/i586/firefox-devel-3.6.17-0.1mdv2010.2.i586.rpm\n cc8ac2c81fbd8837c669186037aee17a 2010.1/i586/firefox-el-3.6.17-0.1mdv2010.2.i586.rpm\n 5998d4b9a23ba66596cd63337914102d 2010.1/i586/firefox-en_GB-3.6.17-0.1mdv2010.2.i586.rpm\n e1e28915674887756aab59c8162010b6 2010.1/i586/firefox-eo-3.6.17-0.1mdv2010.2.i586.rpm\n a4f356bf8f7658e57e92b37e132dfa2f 2010.1/i586/firefox-es_AR-3.6.17-0.1mdv2010.2.i586.rpm\n 2813ea1d4c713de227a59b2cd29524f5 2010.1/i586/firefox-es_ES-3.6.17-0.1mdv2010.2.i586.rpm\n afd3b8604a600cec91b0a4b7895c1f1c 2010.1/i586/firefox-et-3.6.17-0.1mdv2010.2.i586.rpm\n 00b5358da1d1a00658ebf357047e65ac 2010.1/i586/firefox-eu-3.6.17-0.1mdv2010.2.i586.rpm\n 567807249360485d9a322456e2e336e3 2010.1/i586/firefox-ext-beagle-0.3.9-40.14mdv2010.2.i586.rpm\n 1de6adc44baf182a7671f0eeb5eda1a9 2010.1/i586/firefox-ext-blogrovr-1.1.804-13.11mdv2010.2.i586.rpm\n 0ebcd27f5621c1d9158c142e043ebc3d 2010.1/i586/firefox-ext-mozvoikko-1.0.1-2.11mdv2010.2.i586.rpm\n 768c0d55de91eea79bd0d40fbaecb1fc 2010.1/i586/firefox-ext-r-kiosk-0.8.1-2.11mdv2010.2.i586.rpm\n e5d9d4d59a39804c168c94b0d90cec4d 2010.1/i586/firefox-ext-scribefire-3.5.2-2.11mdv2010.2.i586.rpm\n 4c1d4945db1eba350d96a3590165b376 2010.1/i586/firefox-ext-weave-sync-1.1-5.11mdv2010.2.i586.rpm\n adb3d90cdf0b58b5f25c51eca963033e 2010.1/i586/firefox-ext-xmarks-3.6.14-2.11mdv2010.2.i586.rpm\n 0646724c19d31f3a1b6335671b9fb05a 2010.1/i586/firefox-fi-3.6.17-0.1mdv2010.2.i586.rpm\n 4f604a22b3cd3f3bf60417b02285fc1b 2010.1/i586/firefox-fr-3.6.17-0.1mdv2010.2.i586.rpm\n a3b1a56c2bbde166e78a9ec485fbcf1f 2010.1/i586/firefox-fy-3.6.17-0.1mdv2010.2.i586.rpm\n 22ee1bf09632b4d95bfb91a704dfd601 2010.1/i586/firefox-ga_IE-3.6.17-0.1mdv2010.2.i586.rpm\n 3dd543adec09ff4b13d26eb47f1fb20f 2010.1/i586/firefox-gl-3.6.17-0.1mdv2010.2.i586.rpm\n cef28501b0781bed9d585632fba33e3e 2010.1/i586/firefox-gu_IN-3.6.17-0.1mdv2010.2.i586.rpm\n f4ab5aaca98491c489fed8d3a2235f2a 2010.1/i586/firefox-he-3.6.17-0.1mdv2010.2.i586.rpm\n e3c5485fd9db1ad9add1335457fb6c1e 2010.1/i586/firefox-hi-3.6.17-0.1mdv2010.2.i586.rpm\n c96b6c27fda6a085f746e37061b9b4a5 2010.1/i586/firefox-hu-3.6.17-0.1mdv2010.2.i586.rpm\n 1f3f0fe5cbfb262b8ec3b984ef85e70f 2010.1/i586/firefox-id-3.6.17-0.1mdv2010.2.i586.rpm\n 3dba18e4535dbaf221b0e7a1afe8fa33 2010.1/i586/firefox-is-3.6.17-0.1mdv2010.2.i586.rpm\n 1dbef08d68ebd0abfd9ee6b28c2de9c6 2010.1/i586/firefox-it-3.6.17-0.1mdv2010.2.i586.rpm\n 031319b736ca3835b1c76e0fb6b96138 2010.1/i586/firefox-ja-3.6.17-0.1mdv2010.2.i586.rpm\n c87c40a558b0790324235aa8f53e4c4c 2010.1/i586/firefox-ka-3.6.17-0.1mdv2010.2.i586.rpm\n 6cfad1e915715810a1a369177b2f5d61 2010.1/i586/firefox-kn-3.6.17-0.1mdv2010.2.i586.rpm\n 143d89c96b3ba277372b282ddc0dc8a5 2010.1/i586/firefox-ko-3.6.17-0.1mdv2010.2.i586.rpm\n 4875194da66fc7a25de2a3fea4a79e3c 2010.1/i586/firefox-ku-3.6.17-0.1mdv2010.2.i586.rpm\n 8e725f3963a96823755dd3867bf28602 2010.1/i586/firefox-lt-3.6.17-0.1mdv2010.2.i586.rpm\n 66b313862cb22ce6ca3c6968ee26921e 2010.1/i586/firefox-lv-3.6.17-0.1mdv2010.2.i586.rpm\n 12ee2c6feaa8cf8376fd8fca9f1bb722 2010.1/i586/firefox-mk-3.6.17-0.1mdv2010.2.i586.rpm\n c170010bfd5482745e1174c003c9d0a8 2010.1/i586/firefox-mr-3.6.17-0.1mdv2010.2.i586.rpm\n e0bb402c10e5c6b35dc76899edaa6a43 2010.1/i586/firefox-nb_NO-3.6.17-0.1mdv2010.2.i586.rpm\n 590f7c9ec9227931b504c40e3cfe4c98 2010.1/i586/firefox-nl-3.6.17-0.1mdv2010.2.i586.rpm\n a1f62132e8eff956ca229b175547bc8a 2010.1/i586/firefox-nn_NO-3.6.17-0.1mdv2010.2.i586.rpm\n 5d991dbc83349fbb8bb2499d6fe8a095 2010.1/i586/firefox-oc-3.6.17-0.1mdv2010.2.i586.rpm\n 759972b97f09651b51ba92309f31e2de 2010.1/i586/firefox-pa_IN-3.6.17-0.1mdv2010.2.i586.rpm\n 6e6b7219d1ecd591e41caa4123f63b76 2010.1/i586/firefox-pl-3.6.17-0.1mdv2010.2.i586.rpm\n bb83d279fae5a52f76ed0ae3d4a7db5a 2010.1/i586/firefox-pt_BR-3.6.17-0.1mdv2010.2.i586.rpm\n 187b4443ca26b0e68129ac504e6c5235 2010.1/i586/firefox-pt_PT-3.6.17-0.1mdv2010.2.i586.rpm\n d22c10d077178fff996622dfde792eae 2010.1/i586/firefox-ro-3.6.17-0.1mdv2010.2.i586.rpm\n aa705c1d5618f6f6e71326d2a32dd255 2010.1/i586/firefox-ru-3.6.17-0.1mdv2010.2.i586.rpm\n 5e125511f9e105f55cbd96f317ba803f 2010.1/i586/firefox-si-3.6.17-0.1mdv2010.2.i586.rpm\n 976971a940193cb0bf70f97b717498a8 2010.1/i586/firefox-sk-3.6.17-0.1mdv2010.2.i586.rpm\n 1cddfc6bef317349b436a912b003a7f5 2010.1/i586/firefox-sl-3.6.17-0.1mdv2010.2.i586.rpm\n 879b1deb0aaffaecd078ae7ba7618710 2010.1/i586/firefox-sq-3.6.17-0.1mdv2010.2.i586.rpm\n 7e6b068856ac8500bcd6aaa9c01e5e14 2010.1/i586/firefox-sr-3.6.17-0.1mdv2010.2.i586.rpm\n 05ca1b47948e9c5c86c7b17f94d3b2a1 2010.1/i586/firefox-sv_SE-3.6.17-0.1mdv2010.2.i586.rpm\n 6668f6102d4e613b1ffea6edc6f494e1 2010.1/i586/firefox-te-3.6.17-0.1mdv2010.2.i586.rpm\n 3931eb722acd12b3b1e8552001260e13 2010.1/i586/firefox-th-3.6.17-0.1mdv2010.2.i586.rpm\n fe40bc33f98e01c7e6f7245903d248ba 2010.1/i586/firefox-tr-3.6.17-0.1mdv2010.2.i586.rpm\n 06afc549b7a34202e01401ee90a57f51 2010.1/i586/firefox-uk-3.6.17-0.1mdv2010.2.i586.rpm\n daf5388854c9c080691f8ad6f2f4c571 2010.1/i586/firefox-zh_CN-3.6.17-0.1mdv2010.2.i586.rpm\n 2e5dac4baae18fdebeb079b87f0e2764 2010.1/i586/firefox-zh_TW-3.6.17-0.1mdv2010.2.i586.rpm\n c8ec76b45dd053157d27f447c5f68b38 2010.1/i586/gjs-0.6-4.11mdv2010.2.i586.rpm\n a6d96cbc1797a5ef4f3adc12890d041a 2010.1/i586/gnome-python-extras-2.25.3-18.11mdv2010.2.i586.rpm\n 864766bd22a9198507f8815e63164b64 2010.1/i586/gnome-python-gda-2.25.3-18.11mdv2010.2.i586.rpm\n d17affd30ae42d69c2cdedf964689a22 2010.1/i586/gnome-python-gda-devel-2.25.3-18.11mdv2010.2.i586.rpm\n be6778f5af28259cdb5863b8f8072c94 2010.1/i586/gnome-python-gdl-2.25.3-18.11mdv2010.2.i586.rpm\n 4ec3f5f41ab9795f615c4e703b42a0b0 2010.1/i586/gnome-python-gtkhtml2-2.25.3-18.11mdv2010.2.i586.rpm\n fcd4adc34b35af74db4fbc356f1cd968 2010.1/i586/gnome-python-gtkmozembed-2.25.3-18.11mdv2010.2.i586.rpm\n 9b48fdb112d3e76c72b98ed90b7b0ea5 2010.1/i586/gnome-python-gtkspell-2.25.3-18.11mdv2010.2.i586.rpm\n 8e546c115f1f1324554283e50e5c0717 2010.1/i586/lemon-3.7.4-0.1mdv2010.2.i586.rpm\n ef932e3117540da38e4ccc10cfa496ca 2010.1/i586/libgjs0-0.6-4.11mdv2010.2.i586.rpm\n 39fac8356ae39f2385561dc05df7c9bc 2010.1/i586/libgjs-devel-0.6-4.11mdv2010.2.i586.rpm\n 2135e4941c28926152d58b059fef2844 2010.1/i586/libsqlite3_0-3.7.6.2-0.1mdv2010.2.i586.rpm\n 47078c5879b0b16b3b9e1395401e7fcb 2010.1/i586/libsqlite3-devel-3.7.6.2-0.1mdv2010.2.i586.rpm\n 3972e1f7e649f3a7c851abcd50d713d2 2010.1/i586/libsqlite3-static-devel-3.7.6.2-0.1mdv2010.2.i586.rpm\n 2c4c36f08cfbd36d28682810a861ce43 2010.1/i586/libxulrunner1.9.2.17-1.9.2.17-0.1mdv2010.2.i586.rpm\n b13d7970d7a5ba930a8c514ba220701d 2010.1/i586/libxulrunner-devel-1.9.2.17-0.1mdv2010.2.i586.rpm\n 47acad2f47c9ba18d718f3abd69e93c2 2010.1/i586/mozilla-thunderbird-beagle-0.3.9-40.14mdv2010.2.i586.rpm\n c759ba0d2acb577d927a140904e55d1d 2010.1/i586/sqlite3-tools-3.7.6.2-0.1mdv2010.2.i586.rpm\n 06478b05f0815d4c27f510cbeb41931b 2010.1/i586/xulrunner-1.9.2.17-0.1mdv2010.2.i586.rpm\n 264d3c3677e06ad021b1cd3d877b3542 2010.1/i586/yelp-2.30.1-4.11mdv2010.2.i586.rpm \n f03639972840639a315ace5577a3f7d7 2010.1/SRPMS/beagle-0.3.9-40.14mdv2010.2.src.rpm\n 1b407792bc53910f470fef2aa107c4db 2010.1/SRPMS/firefox-3.6.17-0.1mdv2010.2.src.rpm\n cffc7531253d821db2a606e56993d5e1 2010.1/SRPMS/firefox-ext-blogrovr-1.1.804-13.11mdv2010.2.src.rpm\n 84480ce74b027244dc64794cbae17d07 2010.1/SRPMS/firefox-ext-mozvoikko-1.0.1-2.11mdv2010.2.src.rpm\n ec8e51d467efb46c6fad4d9a5e64af51 2010.1/SRPMS/firefox-ext-r-kiosk-0.8.1-2.11mdv2010.2.src.rpm\n 9626186349beb04c41ac48c21bf268b1 2010.1/SRPMS/firefox-ext-scribefire-3.5.2-2.11mdv2010.2.src.rpm\n e65da7beca8fa7edffd5a70da28161ec 2010.1/SRPMS/firefox-ext-weave-sync-1.1-5.11mdv2010.2.src.rpm\n c4ce7eec413e557445f66f2b167899a7 2010.1/SRPMS/firefox-ext-xmarks-3.6.14-2.11mdv2010.2.src.rpm\n 55bd4776f283283a5c8ab1906658b9c9 2010.1/SRPMS/firefox-l10n-3.6.17-0.1mdv2010.2.src.rpm\n e0bcbb8764bd02ec459e7252aec2d042 2010.1/SRPMS/gjs-0.6-4.11mdv2010.2.src.rpm\n 66f6688cea914918243d9afeefc443b2 2010.1/SRPMS/gnome-python-extras-2.25.3-18.11mdv2010.2.src.rpm\n f8304df757bbcc2d16d3198e3fda3d23 2010.1/SRPMS/lemon-3.7.4-0.1mdv2010.2.src.rpm\n 8b4cc9318b6004ece98b4d1057cea92d 2010.1/SRPMS/sqlite3-3.7.6.2-0.1mdv2010.2.src.rpm\n 6a7d4ed599fbf868d4a02a9e8d2933c8 2010.1/SRPMS/xulrunner-1.9.2.17-0.1mdv2010.2.src.rpm\n 8f9d8865473f416ec554aa017d0dccb1 2010.1/SRPMS/yelp-2.30.1-4.11mdv2010.2.src.rpm\n\n Mandriva Linux 2010.1/X86_64:\n 53032f4cd5d44f7b37aeb5cc171e0d1a 2010.1/x86_64/beagle-0.3.9-40.14mdv2010.2.x86_64.rpm\n de51591c9764ec279edf913edf302217 2010.1/x86_64/beagle-crawl-system-0.3.9-40.14mdv2010.2.x86_64.rpm\n bf4657dfed2ce3e1578f44930843fafc 2010.1/x86_64/beagle-doc-0.3.9-40.14mdv2010.2.x86_64.rpm\n a8dadcc375eb256aafeb35fe4526b5ce 2010.1/x86_64/beagle-evolution-0.3.9-40.14mdv2010.2.x86_64.rpm\n 85b3826eeb31a9aa076d812e0b033fe2 2010.1/x86_64/beagle-gui-0.3.9-40.14mdv2010.2.x86_64.rpm\n 9bf2efc37288ab863deae5a824dbe50a 2010.1/x86_64/beagle-gui-qt-0.3.9-40.14mdv2010.2.x86_64.rpm\n 494b0ceba524ee3d54e718173a134c2a 2010.1/x86_64/beagle-libs-0.3.9-40.14mdv2010.2.x86_64.rpm\n e46b7ca18a34233df87a9d936ad4bb84 2010.1/x86_64/firefox-3.6.17-0.1mdv2010.2.x86_64.rpm\n 22a39de7d1d7bdada1e59a88b0aa15b7 2010.1/x86_64/firefox-af-3.6.17-0.1mdv2010.2.x86_64.rpm\n 82fbe86619de87a67c82aa637d66eff9 2010.1/x86_64/firefox-ar-3.6.17-0.1mdv2010.2.x86_64.rpm\n 667ff12e314e1077d53f857239efcc0e 2010.1/x86_64/firefox-be-3.6.17-0.1mdv2010.2.x86_64.rpm\n fc89c99c3848b35835a52f7cc0b32472 2010.1/x86_64/firefox-bg-3.6.17-0.1mdv2010.2.x86_64.rpm\n e0c03dd7a31141fabbad70ad068d5d34 2010.1/x86_64/firefox-bn-3.6.17-0.1mdv2010.2.x86_64.rpm\n 93a8115d530b7fc9174e1a75c314dfdf 2010.1/x86_64/firefox-ca-3.6.17-0.1mdv2010.2.x86_64.rpm\n 9388cb5df3bc5d5411d48bc1914edbbc 2010.1/x86_64/firefox-cs-3.6.17-0.1mdv2010.2.x86_64.rpm\n eafa8fd9f5275d3d5e379341d8ce0c68 2010.1/x86_64/firefox-cy-3.6.17-0.1mdv2010.2.x86_64.rpm\n b996034e9f08a25be24f1a89277585cd 2010.1/x86_64/firefox-da-3.6.17-0.1mdv2010.2.x86_64.rpm\n 028096333315b17aae3e5f0dc962e24a 2010.1/x86_64/firefox-de-3.6.17-0.1mdv2010.2.x86_64.rpm\n d7baf446d20b9786cc28c44d5d0202b5 2010.1/x86_64/firefox-devel-3.6.17-0.1mdv2010.2.x86_64.rpm\n 3b852a87c33cd0e75d103e097e7d320a 2010.1/x86_64/firefox-el-3.6.17-0.1mdv2010.2.x86_64.rpm\n 1a19015cab0401d728fe04814c3835a5 2010.1/x86_64/firefox-en_GB-3.6.17-0.1mdv2010.2.x86_64.rpm\n 26de6d4b2135970f0020b67981dac233 2010.1/x86_64/firefox-eo-3.6.17-0.1mdv2010.2.x86_64.rpm\n df2fc9e8d2db93ae0812401cb19b231d 2010.1/x86_64/firefox-es_AR-3.6.17-0.1mdv2010.2.x86_64.rpm\n 8a3b33018ff6f84a9c014df086c5963d 2010.1/x86_64/firefox-es_ES-3.6.17-0.1mdv2010.2.x86_64.rpm\n b070fca7be42864ee1f7406fc89ac3e2 2010.1/x86_64/firefox-et-3.6.17-0.1mdv2010.2.x86_64.rpm\n fad4b35f38578d2c72bf750779908db3 2010.1/x86_64/firefox-eu-3.6.17-0.1mdv2010.2.x86_64.rpm\n c98e6a802a3fdc802558fda32e38fbf4 2010.1/x86_64/firefox-ext-beagle-0.3.9-40.14mdv2010.2.x86_64.rpm\n 83ad811c61d33c3f1d3efff51f650e49 2010.1/x86_64/firefox-ext-blogrovr-1.1.804-13.11mdv2010.2.x86_64.rpm\n dd27de519ed45b4911a5854c2aebba01 2010.1/x86_64/firefox-ext-mozvoikko-1.0.1-2.11mdv2010.2.x86_64.rpm\n d8f0a5553ecae1ea98badfeafd5bb495 2010.1/x86_64/firefox-ext-r-kiosk-0.8.1-2.11mdv2010.2.x86_64.rpm\n da8529bf5c54bb7089aac5fa34e08fa2 2010.1/x86_64/firefox-ext-scribefire-3.5.2-2.11mdv2010.2.x86_64.rpm\n 74be4a3dd584ac9614204ec0eee5a76c 2010.1/x86_64/firefox-ext-weave-sync-1.1-5.11mdv2010.2.x86_64.rpm\n e15889b13af1fca608a2207defcf395f 2010.1/x86_64/firefox-ext-xmarks-3.6.14-2.11mdv2010.2.x86_64.rpm\n 2fb1491b1038a0fbf4d4b77e77de5d2d 2010.1/x86_64/firefox-fi-3.6.17-0.1mdv2010.2.x86_64.rpm\n 87aff9990ee27579705647b5f677d1a0 2010.1/x86_64/firefox-fr-3.6.17-0.1mdv2010.2.x86_64.rpm\n f5fa6b37709ebfc386e8f3186c9bf3e5 2010.1/x86_64/firefox-fy-3.6.17-0.1mdv2010.2.x86_64.rpm\n f0e79b94e45222e0e811e557be2bc0ad 2010.1/x86_64/firefox-ga_IE-3.6.17-0.1mdv2010.2.x86_64.rpm\n 58ef7cb55ebd74749501aa199ded7ae3 2010.1/x86_64/firefox-gl-3.6.17-0.1mdv2010.2.x86_64.rpm\n 384a1b23643a1651465968c608691e07 2010.1/x86_64/firefox-gu_IN-3.6.17-0.1mdv2010.2.x86_64.rpm\n 7757a222e9272b89a437885e6ce5b31f 2010.1/x86_64/firefox-he-3.6.17-0.1mdv2010.2.x86_64.rpm\n 8dded891812eab92931d01af412a3ebf 2010.1/x86_64/firefox-hi-3.6.17-0.1mdv2010.2.x86_64.rpm\n 3a1f1a4d2e0504dfffebeedac06fd757 2010.1/x86_64/firefox-hu-3.6.17-0.1mdv2010.2.x86_64.rpm\n e342a02179f742297e55beca9a6b8ca6 2010.1/x86_64/firefox-id-3.6.17-0.1mdv2010.2.x86_64.rpm\n 036b31e88314428055f6e4a2e66fa493 2010.1/x86_64/firefox-is-3.6.17-0.1mdv2010.2.x86_64.rpm\n bec6bbcfcfdbaf95cdfcd7080feafc33 2010.1/x86_64/firefox-it-3.6.17-0.1mdv2010.2.x86_64.rpm\n 590f80b0284b1d97100c84b0c0d1635e 2010.1/x86_64/firefox-ja-3.6.17-0.1mdv2010.2.x86_64.rpm\n b7f833b9c8b8c0c730ff79e2376925ed 2010.1/x86_64/firefox-ka-3.6.17-0.1mdv2010.2.x86_64.rpm\n 72ac06e97023f95de8bf03493178b68f 2010.1/x86_64/firefox-kn-3.6.17-0.1mdv2010.2.x86_64.rpm\n d6280f4d487fb74bb58134b86d3b02e0 2010.1/x86_64/firefox-ko-3.6.17-0.1mdv2010.2.x86_64.rpm\n 2902d4911e52992ff1965776fa55773b 2010.1/x86_64/firefox-ku-3.6.17-0.1mdv2010.2.x86_64.rpm\n 6749cc63b9ed02c76638143da1a69567 2010.1/x86_64/firefox-lt-3.6.17-0.1mdv2010.2.x86_64.rpm\n 7fdeafa0a786ffe52ceafc32171b0008 2010.1/x86_64/firefox-lv-3.6.17-0.1mdv2010.2.x86_64.rpm\n 8a5611333bc64fef5d911ffebed01b71 2010.1/x86_64/firefox-mk-3.6.17-0.1mdv2010.2.x86_64.rpm\n f26f30c2518c55c4db7ea283cdd980cb 2010.1/x86_64/firefox-mr-3.6.17-0.1mdv2010.2.x86_64.rpm\n ab55f04a3ca359de4160f36b157dcfdb 2010.1/x86_64/firefox-nb_NO-3.6.17-0.1mdv2010.2.x86_64.rpm\n 037558db1519c9ebf7fc964ddaf9101d 2010.1/x86_64/firefox-nl-3.6.17-0.1mdv2010.2.x86_64.rpm\n 3645335e57393ac183a626016de84c4f 2010.1/x86_64/firefox-nn_NO-3.6.17-0.1mdv2010.2.x86_64.rpm\n 39c1c6d029a0ddaee7f167684622ba47 2010.1/x86_64/firefox-oc-3.6.17-0.1mdv2010.2.x86_64.rpm\n f24638c4c92fb8c06d7a6f7ffb83ef57 2010.1/x86_64/firefox-pa_IN-3.6.17-0.1mdv2010.2.x86_64.rpm\n 6501493cba87fdc0380a8f8d9998ed1a 2010.1/x86_64/firefox-pl-3.6.17-0.1mdv2010.2.x86_64.rpm\n 99ac520214b2fc84dc5ad26a407d5473 2010.1/x86_64/firefox-pt_BR-3.6.17-0.1mdv2010.2.x86_64.rpm\n 03e2274cd6b99e00822fca70318d6baa 2010.1/x86_64/firefox-pt_PT-3.6.17-0.1mdv2010.2.x86_64.rpm\n fe066759fb775dfcafe76fc54fdf61c6 2010.1/x86_64/firefox-ro-3.6.17-0.1mdv2010.2.x86_64.rpm\n 30700e22cea9e182e020adeafb4d0507 2010.1/x86_64/firefox-ru-3.6.17-0.1mdv2010.2.x86_64.rpm\n ec4f873d8e05b8ab45a19bab482b4949 2010.1/x86_64/firefox-si-3.6.17-0.1mdv2010.2.x86_64.rpm\n 4835225ee74f3d8f62c0541823582f2c 2010.1/x86_64/firefox-sk-3.6.17-0.1mdv2010.2.x86_64.rpm\n 2054bedb2c948d9a46c2ec0dae110c38 2010.1/x86_64/firefox-sl-3.6.17-0.1mdv2010.2.x86_64.rpm\n 61df79a4f54f3bf36eb133465de48cd4 2010.1/x86_64/firefox-sq-3.6.17-0.1mdv2010.2.x86_64.rpm\n 4e9afd7cd78caed3fdd00ed795f5b597 2010.1/x86_64/firefox-sr-3.6.17-0.1mdv2010.2.x86_64.rpm\n 8b3ccf29a6280da169e1ed82c065f6e0 2010.1/x86_64/firefox-sv_SE-3.6.17-0.1mdv2010.2.x86_64.rpm\n 179197adbd3ba25592cbd581108ce5ea 2010.1/x86_64/firefox-te-3.6.17-0.1mdv2010.2.x86_64.rpm\n d737d709fd550410ebfefdd338758d6e 2010.1/x86_64/firefox-th-3.6.17-0.1mdv2010.2.x86_64.rpm\n e5936f4c07fb77132172ac02e94ca477 2010.1/x86_64/firefox-tr-3.6.17-0.1mdv2010.2.x86_64.rpm\n 8192f4a4f31a5b16bd5db044485261d6 2010.1/x86_64/firefox-uk-3.6.17-0.1mdv2010.2.x86_64.rpm\n 29e39d3eeea7fc56548d8453fe9d562d 2010.1/x86_64/firefox-zh_CN-3.6.17-0.1mdv2010.2.x86_64.rpm\n f938602338d91d92eda1a0b3bdb1fce7 2010.1/x86_64/firefox-zh_TW-3.6.17-0.1mdv2010.2.x86_64.rpm\n 2cc9893d0e15e8d6a387dc1858f49095 2010.1/x86_64/gjs-0.6-4.11mdv2010.2.x86_64.rpm\n a4bd11a7f67b3e932916effa4528c6a7 2010.1/x86_64/gnome-python-extras-2.25.3-18.11mdv2010.2.x86_64.rpm\n 95cee5d067e61a517fb1a5d117171ec0 2010.1/x86_64/gnome-python-gda-2.25.3-18.11mdv2010.2.x86_64.rpm\n 91d3209a56123c6d6a0aa694347e872c 2010.1/x86_64/gnome-python-gda-devel-2.25.3-18.11mdv2010.2.x86_64.rpm\n 34df1edf5e0be2a08528ce1662de63be 2010.1/x86_64/gnome-python-gdl-2.25.3-18.11mdv2010.2.x86_64.rpm\n d137508cb856c9076d4dc31f5dd7f306 2010.1/x86_64/gnome-python-gtkhtml2-2.25.3-18.11mdv2010.2.x86_64.rpm\n 21bb6b0f05bca7b9a6940e8e45dd3a96 2010.1/x86_64/gnome-python-gtkmozembed-2.25.3-18.11mdv2010.2.x86_64.rpm\n 6e524a6d0f00d4c3959c578766e98049 2010.1/x86_64/gnome-python-gtkspell-2.25.3-18.11mdv2010.2.x86_64.rpm\n e2073b5a80d38b4a04d8ff834d75efdd 2010.1/x86_64/lemon-3.7.4-0.1mdv2010.2.x86_64.rpm\n 92f6e1c3916ea0eaf167422cb7664879 2010.1/x86_64/lib64gjs0-0.6-4.11mdv2010.2.x86_64.rpm\n 000331cedd3b7c59b6f31b9299e2db51 2010.1/x86_64/lib64gjs-devel-0.6-4.11mdv2010.2.x86_64.rpm\n de19237a71b5ac9dd2197557eca1dac8 2010.1/x86_64/lib64sqlite3_0-3.7.6.2-0.1mdv2010.2.x86_64.rpm\n 81e39244f2d0ca52dad100b3084f4eae 2010.1/x86_64/lib64sqlite3-devel-3.7.6.2-0.1mdv2010.2.x86_64.rpm\n e7d7123b05e43b447830713352e58799 2010.1/x86_64/lib64sqlite3-static-devel-3.7.6.2-0.1mdv2010.2.x86_64.rpm\n 141b29ac9c15a48b64f28d26ce97046a 2010.1/x86_64/lib64xulrunner1.9.2.17-1.9.2.17-0.1mdv2010.2.x86_64.rpm\n 676a62b038fe6e012ae7b868ee472268 2010.1/x86_64/lib64xulrunner-devel-1.9.2.17-0.1mdv2010.2.x86_64.rpm\n 83fb7cc91a80a62ed919b74401feb855 2010.1/x86_64/mozilla-thunderbird-beagle-0.3.9-40.14mdv2010.2.x86_64.rpm\n 52cec62fcccfe088c54a215eb3e7cd39 2010.1/x86_64/sqlite3-tools-3.7.6.2-0.1mdv2010.2.x86_64.rpm\n 1951e652f207a2344b3460d0c06a1c17 2010.1/x86_64/xulrunner-1.9.2.17-0.1mdv2010.2.x86_64.rpm\n 58f9aa8aa5f6ec8558166674e1224998 2010.1/x86_64/yelp-2.30.1-4.11mdv2010.2.x86_64.rpm \n f03639972840639a315ace5577a3f7d7 2010.1/SRPMS/beagle-0.3.9-40.14mdv2010.2.src.rpm\n 1b407792bc53910f470fef2aa107c4db 2010.1/SRPMS/firefox-3.6.17-0.1mdv2010.2.src.rpm\n cffc7531253d821db2a606e56993d5e1 2010.1/SRPMS/firefox-ext-blogrovr-1.1.804-13.11mdv2010.2.src.rpm\n 84480ce74b027244dc64794cbae17d07 2010.1/SRPMS/firefox-ext-mozvoikko-1.0.1-2.11mdv2010.2.src.rpm\n ec8e51d467efb46c6fad4d9a5e64af51 2010.1/SRPMS/firefox-ext-r-kiosk-0.8.1-2.11mdv2010.2.src.rpm\n 9626186349beb04c41ac48c21bf268b1 2010.1/SRPMS/firefox-ext-scribefire-3.5.2-2.11mdv2010.2.src.rpm\n e65da7beca8fa7edffd5a70da28161ec 2010.1/SRPMS/firefox-ext-weave-sync-1.1-5.11mdv2010.2.src.rpm\n c4ce7eec413e557445f66f2b167899a7 2010.1/SRPMS/firefox-ext-xmarks-3.6.14-2.11mdv2010.2.src.rpm\n 55bd4776f283283a5c8ab1906658b9c9 2010.1/SRPMS/firefox-l10n-3.6.17-0.1mdv2010.2.src.rpm\n e0bcbb8764bd02ec459e7252aec2d042 2010.1/SRPMS/gjs-0.6-4.11mdv2010.2.src.rpm\n 66f6688cea914918243d9afeefc443b2 2010.1/SRPMS/gnome-python-extras-2.25.3-18.11mdv2010.2.src.rpm\n f8304df757bbcc2d16d3198e3fda3d23 2010.1/SRPMS/lemon-3.7.4-0.1mdv2010.2.src.rpm\n 8b4cc9318b6004ece98b4d1057cea92d 2010.1/SRPMS/sqlite3-3.7.6.2-0.1mdv2010.2.src.rpm\n 6a7d4ed599fbf868d4a02a9e8d2933c8 2010.1/SRPMS/xulrunner-1.9.2.17-0.1mdv2010.2.src.rpm\n 8f9d8865473f416ec554aa017d0dccb1 2010.1/SRPMS/yelp-2.30.1-4.11mdv2010.2.src.rpm\n\n Mandriva Enterprise Server 5:\n cd1e9a42a006aa5adda100679d0cbc93 mes5/i586/firefox-3.6.17-0.1mdvmes5.2.i586.rpm\n 71d37ac9f0293811bd4520e03dc54157 mes5/i586/firefox-af-3.6.17-0.1mdvmes5.2.i586.rpm\n 7f0e73e51c41f69de839fc2755d88853 mes5/i586/firefox-ar-3.6.17-0.1mdvmes5.2.i586.rpm\n 0d3d203788e1c81779a5f9ca31ddb022 mes5/i586/firefox-be-3.6.17-0.1mdvmes5.2.i586.rpm\n b40754b7ecfd225d8b8192055d275635 mes5/i586/firefox-bg-3.6.17-0.1mdvmes5.2.i586.rpm\n 28c6bc31a2e4332cc3c0f3b815cf9550 mes5/i586/firefox-bn-3.6.17-0.1mdvmes5.2.i586.rpm\n 6fd253979012ac8302baa07b257bfa4c mes5/i586/firefox-ca-3.6.17-0.1mdvmes5.2.i586.rpm\n 28354e9b7daf2993f1f4e550045a20e3 mes5/i586/firefox-cs-3.6.17-0.1mdvmes5.2.i586.rpm\n 4f4b94dc2cfd87ddaec38d5fb5eb0400 mes5/i586/firefox-cy-3.6.17-0.1mdvmes5.2.i586.rpm\n 9ebfff1af214cbee62fa37079e2bd7e6 mes5/i586/firefox-da-3.6.17-0.1mdvmes5.2.i586.rpm\n f549fe10cf71e4ffacfb60882521b2df mes5/i586/firefox-de-3.6.17-0.1mdvmes5.2.i586.rpm\n 93305ea82f3f0db7a8818cba8a6de264 mes5/i586/firefox-devel-3.6.17-0.1mdvmes5.2.i586.rpm\n 27dd2d2ecc56883660cd01c1c05c0a64 mes5/i586/firefox-el-3.6.17-0.1mdvmes5.2.i586.rpm\n eb242443939e1ec934e1a03e927dfcc7 mes5/i586/firefox-en_GB-3.6.17-0.1mdvmes5.2.i586.rpm\n 70a5b46a1a85af189111d5c903c04e6f mes5/i586/firefox-eo-3.6.17-0.1mdvmes5.2.i586.rpm\n 045d6b80f006d42b49404862b01228e2 mes5/i586/firefox-es_AR-3.6.17-0.1mdvmes5.2.i586.rpm\n 4303d5138af4a2ebe3cf3d2ca6a1917d mes5/i586/firefox-es_ES-3.6.17-0.1mdvmes5.2.i586.rpm\n e75f75febb938386c4900bc1af8af042 mes5/i586/firefox-et-3.6.17-0.1mdvmes5.2.i586.rpm\n 452955a2a43a62918d190e022c075442 mes5/i586/firefox-eu-3.6.17-0.1mdvmes5.2.i586.rpm\n 9a248c3c9431b97f65e105824c9361ec mes5/i586/firefox-fi-3.6.17-0.1mdvmes5.2.i586.rpm\n e404680e82e06af73a581a5c4b508156 mes5/i586/firefox-fr-3.6.17-0.1mdvmes5.2.i586.rpm\n 13cc1a0d0c0841dae79534feb33e3df3 mes5/i586/firefox-fy-3.6.17-0.1mdvmes5.2.i586.rpm\n 6e1e56d7854c9f78a1c9813ff929eacc mes5/i586/firefox-ga_IE-3.6.17-0.1mdvmes5.2.i586.rpm\n a40d04e4b23e315d5138669edcac7f46 mes5/i586/firefox-gl-3.6.17-0.1mdvmes5.2.i586.rpm\n 003ab3759ad09849c7c75b100cb0493b mes5/i586/firefox-gu_IN-3.6.17-0.1mdvmes5.2.i586.rpm\n 2c0793b1f9650e6f2fee84cce9614d8c mes5/i586/firefox-he-3.6.17-0.1mdvmes5.2.i586.rpm\n 15074456de86609bd2f8200e5d9242d4 mes5/i586/firefox-hi-3.6.17-0.1mdvmes5.2.i586.rpm\n dd2f72897646c7b30dc12775dd82a2d4 mes5/i586/firefox-hu-3.6.17-0.1mdvmes5.2.i586.rpm\n 29c5aa93bdca6f566cbdcabe4a8e3b9b mes5/i586/firefox-id-3.6.17-0.1mdvmes5.2.i586.rpm\n 163d2fa3c63d7863ccf7f7bbaf4d0e11 mes5/i586/firefox-is-3.6.17-0.1mdvmes5.2.i586.rpm\n 47069560437e511140ba5ff1b63291d8 mes5/i586/firefox-it-3.6.17-0.1mdvmes5.2.i586.rpm\n 6cc9d026a8569b790ba2fcbd8e24a862 mes5/i586/firefox-ja-3.6.17-0.1mdvmes5.2.i586.rpm\n c2a4b813bfed1a0771505aba9a64b67a mes5/i586/firefox-ka-3.6.17-0.1mdvmes5.2.i586.rpm\n ae479a045c885c2c887e38f43220a831 mes5/i586/firefox-kn-3.6.17-0.1mdvmes5.2.i586.rpm\n adbb4ae02ac0592bb6c3164da559fcdd mes5/i586/firefox-ko-3.6.17-0.1mdvmes5.2.i586.rpm\n 4dade34dbe0124df10e7bc9b944223ad mes5/i586/firefox-ku-3.6.17-0.1mdvmes5.2.i586.rpm\n 24eb9a94cce3d8ff6108aab01814eddf mes5/i586/firefox-lt-3.6.17-0.1mdvmes5.2.i586.rpm\n d26f9486102084657ce92ece26daa619 mes5/i586/firefox-lv-3.6.17-0.1mdvmes5.2.i586.rpm\n 36d6e7bded0d41872f598a3ee7ed3ce3 mes5/i586/firefox-mk-3.6.17-0.1mdvmes5.2.i586.rpm\n 26fe1eac37c64f4449e5640e2b4fd623 mes5/i586/firefox-mr-3.6.17-0.1mdvmes5.2.i586.rpm\n 593c15394af9f6269820bef95f5044d2 mes5/i586/firefox-nb_NO-3.6.17-0.1mdvmes5.2.i586.rpm\n d20476061cc8797e78728e36f26a0e1f mes5/i586/firefox-nl-3.6.17-0.1mdvmes5.2.i586.rpm\n 7367469b54aba0e799ea78f8e6c57623 mes5/i586/firefox-nn_NO-3.6.17-0.1mdvmes5.2.i586.rpm\n f57fa32c9d04b1efa5f0bc610aed9310 mes5/i586/firefox-oc-3.6.17-0.1mdvmes5.2.i586.rpm\n 1373e0a9b280d0955af3cdac49287e3c mes5/i586/firefox-pa_IN-3.6.17-0.1mdvmes5.2.i586.rpm\n 4db37cc34f95f2050549b2b94ec67e85 mes5/i586/firefox-pl-3.6.17-0.1mdvmes5.2.i586.rpm\n cf755af35925c6c0039ee29f9c0029d0 mes5/i586/firefox-pt_BR-3.6.17-0.1mdvmes5.2.i586.rpm\n a2f110045a0ddfff974990f60c4fe64b mes5/i586/firefox-pt_PT-3.6.17-0.1mdvmes5.2.i586.rpm\n fbe53c4ec1d600b4c42ab3dfa377f15f mes5/i586/firefox-ro-3.6.17-0.1mdvmes5.2.i586.rpm\n f656ab01daaea25add74112516d57f89 mes5/i586/firefox-ru-3.6.17-0.1mdvmes5.2.i586.rpm\n 2903d0b3ce028351f70f416088b119ec mes5/i586/firefox-si-3.6.17-0.1mdvmes5.2.i586.rpm\n 11e1d9a1c1ea08e9ca6edf1c4dead3b7 mes5/i586/firefox-sk-3.6.17-0.1mdvmes5.2.i586.rpm\n 7a926b7da38eb87ec265a2e8630b405c mes5/i586/firefox-sl-3.6.17-0.1mdvmes5.2.i586.rpm\n 23d443bb392eebe34cc23645390e5db3 mes5/i586/firefox-sq-3.6.17-0.1mdvmes5.2.i586.rpm\n 1c863cc5d1ff0ca73463e3fadb49826d mes5/i586/firefox-sr-3.6.17-0.1mdvmes5.2.i586.rpm\n eefc88ca28558a2aa84916ab68c8784b mes5/i586/firefox-sv_SE-3.6.17-0.1mdvmes5.2.i586.rpm\n a370f38efa21a805eb7ffcaa3b0ff4e6 mes5/i586/firefox-te-3.6.17-0.1mdvmes5.2.i586.rpm\n 1938a177263949976d41d331ad88a6fd mes5/i586/firefox-th-3.6.17-0.1mdvmes5.2.i586.rpm\n 411b0440df40c11a6b6afd2678f88194 mes5/i586/firefox-tr-3.6.17-0.1mdvmes5.2.i586.rpm\n 19a879814fca5ab264c360a3c2a7bc94 mes5/i586/firefox-uk-3.6.17-0.1mdvmes5.2.i586.rpm\n 21fb65bdb7b2d072cd856b89f82b5110 mes5/i586/firefox-zh_CN-3.6.17-0.1mdvmes5.2.i586.rpm\n 48aeb095031ec9bb857d43eaa787c3f3 mes5/i586/firefox-zh_TW-3.6.17-0.1mdvmes5.2.i586.rpm\n ab0bdd9c6e0ac64cece89ab65dc561c5 mes5/i586/gnome-python-extras-2.19.1-20.27mdvmes5.2.i586.rpm\n c8d2cbcd8b1aaa8a2a51bcdbb0b2b910 mes5/i586/gnome-python-gda-2.19.1-20.27mdvmes5.2.i586.rpm\n ec5227d35f1449aaf7efe40f7fbb318f mes5/i586/gnome-python-gda-devel-2.19.1-20.27mdvmes5.2.i586.rpm\n 7b452ca6f2d66637d394660ea03d9d2a mes5/i586/gnome-python-gdl-2.19.1-20.27mdvmes5.2.i586.rpm\n fb3c82427b3e7431ad8a258fc9eff104 mes5/i586/gnome-python-gtkhtml2-2.19.1-20.27mdvmes5.2.i586.rpm\n ab2354cebdc0b8e2aa173ead5532b4ac mes5/i586/gnome-python-gtkmozembed-2.19.1-20.27mdvmes5.2.i586.rpm\n b534f20edd5f3757349a8c4a50d0a0e6 mes5/i586/gnome-python-gtkspell-2.19.1-20.27mdvmes5.2.i586.rpm\n 61a1d120a4e4570fb72dad35226769b4 mes5/i586/lemon-3.7.4-0.1mdvmes5.2.i586.rpm\n 69e75f2466743e6d1400e6fe780040fd mes5/i586/libsqlite3_0-3.7.6.2-0.1mdvmes5.2.i586.rpm\n a3d24e02c7564b24ba0e1c84e47c1199 mes5/i586/libsqlite3-devel-3.7.6.2-0.1mdvmes5.2.i586.rpm\n 92f31472aa1598fa93e62e343e58c451 mes5/i586/libsqlite3-static-devel-3.7.6.2-0.1mdvmes5.2.i586.rpm\n dc34aa3a20ded6207c29571b1442dc61 mes5/i586/libxulrunner1.9.2.17-1.9.2.17-0.1mdvmes5.2.i586.rpm\n b403f1b78eca1fa166eed7314589d6c3 mes5/i586/libxulrunner-devel-1.9.2.17-0.1mdvmes5.2.i586.rpm\n 266697bb330b9b48b1c10a5e9f728d63 mes5/i586/sqlite3-tools-3.7.6.2-0.1mdvmes5.2.i586.rpm\n 076f2a699a8ef53d6c276be266a9af9f mes5/i586/xulrunner-1.9.2.17-0.1mdvmes5.2.i586.rpm\n f07e55998cada837f50c314833682dbc mes5/i586/yelp-2.24.0-3.28mdvmes5.2.i586.rpm \n 08e3395dcf5d79aad887b04fccbeca1a mes5/SRPMS/firefox-3.6.17-0.1mdvmes5.2.src.rpm\n ace71a7037acfef2e442c0f1d472a558 mes5/SRPMS/firefox-l10n-3.6.17-0.1mdvmes5.2.src.rpm\n f625973d73bdc2c483e16d69d86ed015 mes5/SRPMS/gnome-python-extras-2.19.1-20.27mdvmes5.2.src.rpm\n 5e72aa3d556fbaadb3feba514417c97f mes5/SRPMS/lemon-3.7.4-0.1mdvmes5.2.src.rpm\n 42a930801375eab6b2532bbe97f2938d mes5/SRPMS/sqlite3-3.7.6.2-0.1mdvmes5.2.src.rpm\n 6e2762193b3083bdc03e89d638c1ca59 mes5/SRPMS/xulrunner-1.9.2.17-0.1mdvmes5.2.src.rpm\n a0115bd0847187c4a21ded2734c2567a mes5/SRPMS/yelp-2.24.0-3.28mdvmes5.2.src.rpm\n\n Mandriva Enterprise Server 5/X86_64:\n bcbc626f149907e7db0aa880b0986682 mes5/x86_64/firefox-3.6.17-0.1mdvmes5.2.x86_64.rpm\n 56ce0c4dc89e1f2626b26b61ba0eb1f9 mes5/x86_64/firefox-af-3.6.17-0.1mdvmes5.2.x86_64.rpm\n 2d8db2677a37b8a1ae081c2a30807bdf mes5/x86_64/firefox-ar-3.6.17-0.1mdvmes5.2.x86_64.rpm\n 8f13b9c5f31e3baf114d8ff1c4662a0f mes5/x86_64/firefox-be-3.6.17-0.1mdvmes5.2.x86_64.rpm\n 9b1498c677c64c9a4b5e003f614b66de mes5/x86_64/firefox-bg-3.6.17-0.1mdvmes5.2.x86_64.rpm\n 17c1cf44b4a4f6acb460bb4745f608bb mes5/x86_64/firefox-bn-3.6.17-0.1mdvmes5.2.x86_64.rpm\n d24d45ec96e39a93d22a9304e7cf67ac mes5/x86_64/firefox-ca-3.6.17-0.1mdvmes5.2.x86_64.rpm\n 2c9635ebd5eb01ee812abe1e60fc1a90 mes5/x86_64/firefox-cs-3.6.17-0.1mdvmes5.2.x86_64.rpm\n 9d6e1fb46850b1ed7e541739e283ac2f mes5/x86_64/firefox-cy-3.6.17-0.1mdvmes5.2.x86_64.rpm\n 8f7cd04bb995712880ad9f552b08bcea mes5/x86_64/firefox-da-3.6.17-0.1mdvmes5.2.x86_64.rpm\n 3dc2f1215bd97c95e307bea6d857502b mes5/x86_64/firefox-de-3.6.17-0.1mdvmes5.2.x86_64.rpm\n c238ee61325ec66dc6b25e617890c2c7 mes5/x86_64/firefox-devel-3.6.17-0.1mdvmes5.2.x86_64.rpm\n 15fc79ff42e1c5040ff074762ecf9a08 mes5/x86_64/firefox-el-3.6.17-0.1mdvmes5.2.x86_64.rpm\n f8739033ea7805998e813121b932974d mes5/x86_64/firefox-en_GB-3.6.17-0.1mdvmes5.2.x86_64.rpm\n 37d15a0e10ea45f53052cb975480ec9c mes5/x86_64/firefox-eo-3.6.17-0.1mdvmes5.2.x86_64.rpm\n 1080d11107b386d5847a3900bd7f82ec mes5/x86_64/firefox-es_AR-3.6.17-0.1mdvmes5.2.x86_64.rpm\n eb471420d0ec8c797fed7d9737eb7cd1 mes5/x86_64/firefox-es_ES-3.6.17-0.1mdvmes5.2.x86_64.rpm\n 466a7b12b2720ba3a2a097a042334d19 mes5/x86_64/firefox-et-3.6.17-0.1mdvmes5.2.x86_64.rpm\n 62f7faefd2691977ac089b1230777fd1 mes5/x86_64/firefox-eu-3.6.17-0.1mdvmes5.2.x86_64.rpm\n 43e52f4084a1edb8fc3a98842cccf94f mes5/x86_64/firefox-fi-3.6.17-0.1mdvmes5.2.x86_64.rpm\n 2e02f68eaea320129bf14462b3f3c1e3 mes5/x86_64/firefox-fr-3.6.17-0.1mdvmes5.2.x86_64.rpm\n 8b906e8ddb2fc609d706262f892066cb mes5/x86_64/firefox-fy-3.6.17-0.1mdvmes5.2.x86_64.rpm\n 6c66cdeb261ccf59226e4940325e3ed9 mes5/x86_64/firefox-ga_IE-3.6.17-0.1mdvmes5.2.x86_64.rpm\n 61d5f0c94ba1fc1d9075d27e6575450d mes5/x86_64/firefox-gl-3.6.17-0.1mdvmes5.2.x86_64.rpm\n 7879ff61a4cb6c2f5b9b501f7d76ccce mes5/x86_64/firefox-gu_IN-3.6.17-0.1mdvmes5.2.x86_64.rpm\n 2e95af25ff50975161d817274c70a435 mes5/x86_64/firefox-he-3.6.17-0.1mdvmes5.2.x86_64.rpm\n e0de5a247cca79950b88b367d7c03eb6 mes5/x86_64/firefox-hi-3.6.17-0.1mdvmes5.2.x86_64.rpm\n a109e4717ed021a0bf05af9c8364af9b mes5/x86_64/firefox-hu-3.6.17-0.1mdvmes5.2.x86_64.rpm\n c6750aaa0a1e2b68757ef92bdc9b8820 mes5/x86_64/firefox-id-3.6.17-0.1mdvmes5.2.x86_64.rpm\n e78ecd366539d9e8826de2d9b9d53475 mes5/x86_64/firefox-is-3.6.17-0.1mdvmes5.2.x86_64.rpm\n 46d2e1106df05c0a23eb51774e8f3b94 mes5/x86_64/firefox-it-3.6.17-0.1mdvmes5.2.x86_64.rpm\n daf9972befd078246c1b894da7113bf4 mes5/x86_64/firefox-ja-3.6.17-0.1mdvmes5.2.x86_64.rpm\n 6b80fa3bb62ddeddd402730ac426fa4c mes5/x86_64/firefox-ka-3.6.17-0.1mdvmes5.2.x86_64.rpm\n d03328157f05d2d17c4bca57b67a80dd mes5/x86_64/firefox-kn-3.6.17-0.1mdvmes5.2.x86_64.rpm\n cb0715cd4a81594dcfb2c12ded2f0da9 mes5/x86_64/firefox-ko-3.6.17-0.1mdvmes5.2.x86_64.rpm\n 915e0f528feef5d0c9977e1226ff054b mes5/x86_64/firefox-ku-3.6.17-0.1mdvmes5.2.x86_64.rpm\n 5999f9b990455d35c6b7309ce24a5521 mes5/x86_64/firefox-lt-3.6.17-0.1mdvmes5.2.x86_64.rpm\n ec301658c5d0735dbd4d5bb73b49719f mes5/x86_64/firefox-lv-3.6.17-0.1mdvmes5.2.x86_64.rpm\n 69cbe297fd4885895dfffc2f82c97613 mes5/x86_64/firefox-mk-3.6.17-0.1mdvmes5.2.x86_64.rpm\n cc375fff57a189f0eed8b0127b5bac0f mes5/x86_64/firefox-mr-3.6.17-0.1mdvmes5.2.x86_64.rpm\n 1dea9c1581fb71783f921b44c467f894 mes5/x86_64/firefox-nb_NO-3.6.17-0.1mdvmes5.2.x86_64.rpm\n 2efeef9a98c5ec444083ee6c0ec28a9e mes5/x86_64/firefox-nl-3.6.17-0.1mdvmes5.2.x86_64.rpm\n b2a0f77c3a5f144fd9b13e6e18b5668d mes5/x86_64/firefox-nn_NO-3.6.17-0.1mdvmes5.2.x86_64.rpm\n 459caa344929122196f40a0b03aaa77f mes5/x86_64/firefox-oc-3.6.17-0.1mdvmes5.2.x86_64.rpm\n 7acc021757df45d4c9a3f0adf5058f4e mes5/x86_64/firefox-pa_IN-3.6.17-0.1mdvmes5.2.x86_64.rpm\n 4c415b9549be3c5b901a18a751e72e7e mes5/x86_64/firefox-pl-3.6.17-0.1mdvmes5.2.x86_64.rpm\n b7410e6f949e2e167b6a5ffa13f1d5a4 mes5/x86_64/firefox-pt_BR-3.6.17-0.1mdvmes5.2.x86_64.rpm\n 43cc010a9f8b133adac9a4eb5fd111f7 mes5/x86_64/firefox-pt_PT-3.6.17-0.1mdvmes5.2.x86_64.rpm\n 04ed29a15e51451cfa4122eb7c4ada8e mes5/x86_64/firefox-ro-3.6.17-0.1mdvmes5.2.x86_64.rpm\n c5f071ad5734fc69ed6187ae9f92e72d mes5/x86_64/firefox-ru-3.6.17-0.1mdvmes5.2.x86_64.rpm\n 7bb7fd81e876495f4ae7ab30da0f9ae4 mes5/x86_64/firefox-si-3.6.17-0.1mdvmes5.2.x86_64.rpm\n 975dcd619280dbcf17b55d538f01e93e mes5/x86_64/firefox-sk-3.6.17-0.1mdvmes5.2.x86_64.rpm\n d8e4dfe5ffb9bfc49709b60e7fbf2c92 mes5/x86_64/firefox-sl-3.6.17-0.1mdvmes5.2.x86_64.rpm\n 1b33061a688a563053bcd50bc4449db1 mes5/x86_64/firefox-sq-3.6.17-0.1mdvmes5.2.x86_64.rpm\n 5fef483a4f5e020021c2cd4e34749ab7 mes5/x86_64/firefox-sr-3.6.17-0.1mdvmes5.2.x86_64.rpm\n 6e21f7add5864e8ee26dc8a744fdc30b mes5/x86_64/firefox-sv_SE-3.6.17-0.1mdvmes5.2.x86_64.rpm\n e86770d480ecd52ed6ee2eeae6f6d24b mes5/x86_64/firefox-te-3.6.17-0.1mdvmes5.2.x86_64.rpm\n 24a6cd92245b7c16404059228dee56a1 mes5/x86_64/firefox-th-3.6.17-0.1mdvmes5.2.x86_64.rpm\n fc97ff214f1fd47aa3d270a20c238913 mes5/x86_64/firefox-tr-3.6.17-0.1mdvmes5.2.x86_64.rpm\n 6d665853c2345607b932f836eeb9ab8a mes5/x86_64/firefox-uk-3.6.17-0.1mdvmes5.2.x86_64.rpm\n afa7c5c1bc9aec01733382e300770e61 mes5/x86_64/firefox-zh_CN-3.6.17-0.1mdvmes5.2.x86_64.rpm\n 8bb13a84c1efabc7baf94143e3a78364 mes5/x86_64/firefox-zh_TW-3.6.17-0.1mdvmes5.2.x86_64.rpm\n b7a1511c5b7ff2d910fb8fa306a9fb50 mes5/x86_64/gnome-python-extras-2.19.1-20.27mdvmes5.2.x86_64.rpm\n e2df82f36fb325df0797b18847dbb1a5 mes5/x86_64/gnome-python-gda-2.19.1-20.27mdvmes5.2.x86_64.rpm\n 8253a637a23efef6c15c552b9b0a3459 mes5/x86_64/gnome-python-gda-devel-2.19.1-20.27mdvmes5.2.x86_64.rpm\n 2a6a42257bc206b8c373315808f89a11 mes5/x86_64/gnome-python-gdl-2.19.1-20.27mdvmes5.2.x86_64.rpm\n 407ab79e0a50b3c361c528ad0381dc0a mes5/x86_64/gnome-python-gtkhtml2-2.19.1-20.27mdvmes5.2.x86_64.rpm\n 214a324b266e552e2393e31be905fec0 mes5/x86_64/gnome-python-gtkmozembed-2.19.1-20.27mdvmes5.2.x86_64.rpm\n f00814fd166c6173473923145f7edb09 mes5/x86_64/gnome-python-gtkspell-2.19.1-20.27mdvmes5.2.x86_64.rpm\n fb5f99420187bd9d38fca89a3c296779 mes5/x86_64/lemon-3.7.4-0.1mdvmes5.2.x86_64.rpm\n 5b84fb55152b544c80660e96a1ec63c8 mes5/x86_64/lib64sqlite3_0-3.7.6.2-0.1mdvmes5.2.x86_64.rpm\n 1e399ecae3c9de83bc4d4f2a91a74dfb mes5/x86_64/lib64sqlite3-devel-3.7.6.2-0.1mdvmes5.2.x86_64.rpm\n aea22ba2c95d994dd25bd9433aa93bd1 mes5/x86_64/lib64sqlite3-static-devel-3.7.6.2-0.1mdvmes5.2.x86_64.rpm\n 13bce11c19e821c3d7c2f4cdc1ab402f mes5/x86_64/lib64xulrunner1.9.2.17-1.9.2.17-0.1mdvmes5.2.x86_64.rpm\n 8a3ca64ce81aadbdd2ecb3a398570762 mes5/x86_64/lib64xulrunner-devel-1.9.2.17-0.1mdvmes5.2.x86_64.rpm\n 437b579498eb505c806cee54a61abca7 mes5/x86_64/sqlite3-tools-3.7.6.2-0.1mdvmes5.2.x86_64.rpm\n e29899f953d34097cb5c8679dd7775df mes5/x86_64/xulrunner-1.9.2.17-0.1mdvmes5.2.x86_64.rpm\n 93bd94819b0b98ead5f8eb7b00bf8703 mes5/x86_64/yelp-2.24.0-3.28mdvmes5.2.x86_64.rpm \n 08e3395dcf5d79aad887b04fccbeca1a mes5/SRPMS/firefox-3.6.17-0.1mdvmes5.2.src.rpm\n ace71a7037acfef2e442c0f1d472a558 mes5/SRPMS/firefox-l10n-3.6.17-0.1mdvmes5.2.src.rpm\n f625973d73bdc2c483e16d69d86ed015 mes5/SRPMS/gnome-python-extras-2.19.1-20.27mdvmes5.2.src.rpm\n 5e72aa3d556fbaadb3feba514417c97f mes5/SRPMS/lemon-3.7.4-0.1mdvmes5.2.src.rpm\n 42a930801375eab6b2532bbe97f2938d mes5/SRPMS/sqlite3-3.7.6.2-0.1mdvmes5.2.src.rpm\n 6e2762193b3083bdc03e89d638c1ca59 mes5/SRPMS/xulrunner-1.9.2.17-0.1mdvmes5.2.src.rpm\n a0115bd0847187c4a21ded2734c2567a mes5/SRPMS/yelp-2.24.0-3.28mdvmes5.2.src.rpm\n _______________________________________________________________________\n\n To upgrade automatically use MandrivaUpdate or urpmi. The verification\n of md5 checksums and GPG signatures is performed automatically for you. \n\n All packages are signed by Mandriva for security. You can obtain the\n GPG public key of the Mandriva Security Team by executing:\n\n gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98\n\n You can view other update advisories for Mandriva Linux at:\n\n http://www.mandriva.com/security/advisories\n\n If you want to report vulnerabilities, please contact\n\n security_(at)_mandriva.com\n _______________________________________________________________________\n\n Type Bits/KeyID Date User ID\n pub 1024D/22458A98 2000-07-10 Mandriva Security Team\n \u003csecurity*mandriva.com\u003e\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.9 (GNU/Linux)\n\niD8DBQFNu9bfmqjQ0CJFipgRAjj2AJ4iav3EMP5XoLEC8nisesrJPy7FSgCeJ9JX\nuo5K88YBkyVTJhsEYpwVsxA=\n=nlH5\n-----END PGP SIGNATURE-----\n\n_______________________________________________\nFull-Disclosure - We believe in it. \nCharter: http://lists.grok.org.uk/full-disclosure-charter.html\nHosted and sponsored by Secunia - http://secunia.com/\n. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 201301-01\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n http://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: High\n Title: Mozilla Products: Multiple vulnerabilities\n Date: January 08, 2013\n Bugs: #180159, #181361, #207261, #238535, #246602, #251322,\n #255221, #255234, #255687, #257577, #260062, #261386,\n #262704, #267234, #273918, #277752, #280226, #280234,\n #280393, #282549, #284439, #286721, #290892, #292034,\n #297532, #305689, #307045, #311021, #312361, #312645,\n #312651, #312675, #312679, #312763, #313003, #324735,\n #326341, #329279, #336396, #341821, #342847, #348316,\n #357057, #360055, #360315, #365323, #373595, #379549,\n #381245, #388045, #390771, #395431, #401701, #403183,\n #404437, #408161, #413657, #419917, #427224, #433383,\n #437780, #439586, #439960, #444318\n ID: 201301-01\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nMultiple vulnerabilities have been found in Mozilla Firefox,\nThunderbird, SeaMonkey, NSS, GNU IceCat, and XULRunner, some of which\nmay allow execution of arbitrary code or local privilege escalation. \n\nBackground\n==========\n\nMozilla Firefox is an open-source web browser and Mozilla Thunderbird\nan open-source email client, both from the Mozilla Project. The\nSeaMonkey project is a community effort to deliver production-quality\nreleases of code derived from the application formerly known as the\n\u0027Mozilla Application Suite\u0027. XULRunner is a Mozilla runtime package\nthat can be used to bootstrap XUL+XPCOM applications such as Firefox\nand Thunderbird. NSS is Mozilla\u0027s Network Security Services library\nthat implements PKI support. IceCat is the GNU version of Firefox. \n\nAffected packages\n=================\n\n -------------------------------------------------------------------\n Package / Vulnerable / Unaffected\n -------------------------------------------------------------------\n 1 www-client/firefox \u003c 10.0.11 \u003e= 10.0.11\n 2 www-client/firefox-bin \u003c 10.0.11 \u003e= 10.0.11\n 3 mail-client/thunderbird \u003c 10.0.11 \u003e= 10.0.11\n 4 mail-client/thunderbird-bin\n \u003c 10.0.11 \u003e= 10.0.11\n 5 www-client/seamonkey \u003c 2.14-r1 \u003e= 2.14-r1\n 6 www-client/seamonkey-bin\n \u003c 2.14 \u003e= 2.14\n 7 dev-libs/nss \u003c 3.14 \u003e= 3.14\n 8 www-client/mozilla-firefox\n \u003c= 3.6.8 Vulnerable!\n 9 www-client/mozilla-firefox-bin\n \u003c= 3.5.6 Vulnerable!\n 10 mail-client/mozilla-thunderbird\n \u003c= 3.0.4-r1 Vulnerable!\n 11 mail-client/mozilla-thunderbird-bin\n \u003c= 3.0 Vulnerable!\n 12 www-client/icecat \u003c= 10.0-r1 Vulnerable!\n 13 net-libs/xulrunner \u003c= 2.0-r1 Vulnerable!\n 14 net-libs/xulrunner-bin \u003c= 1.8.1.19 Vulnerable!\n -------------------------------------------------------------------\n NOTE: Certain packages are still vulnerable. Users should migrate\n to another package if one is available or wait for the\n existing packages to be marked stable by their\n architecture maintainers. \n -------------------------------------------------------------------\n 14 affected packages\n\nDescription\n===========\n\nMultiple vulnerabilities have been discovered in Mozilla Firefox,\nThunderbird, SeaMonkey, NSS, GNU IceCat, and XULRunner. Please review\nthe CVE identifiers referenced below for details. \n\nImpact\n======\n\nA remote attacker could entice a user to view a specially crafted web\npage or email, possibly resulting in execution of arbitrary code or a\nDenial of Service condition. Furthermore, a remote attacker may be able\nto perform Man-in-the-Middle attacks, obtain sensitive information,\nbypass restrictions and protection mechanisms, force file downloads,\nconduct XML injection attacks, conduct XSS attacks, bypass the Same\nOrigin Policy, spoof URL\u0027s for phishing attacks, trigger a vertical\nscroll, spoof the location bar, spoof an SSL indicator, modify the\nbrowser\u0027s font, conduct clickjacking attacks, or have other unspecified\nimpact. \n\nA local attacker could gain escalated privileges, obtain sensitive\ninformation, or replace an arbitrary downloaded file. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll Mozilla Firefox users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=www-client/firefox-10.0.11\"\n\nAll users of the Mozilla Firefox binary package should upgrade to the\nlatest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=www-client/firefox-bin-10.0.11\"=\n\n\nAll Mozilla Thunderbird users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot -v \"\u003e=mail-client/thunderbird-10.0.11\"\n\nAll users of the Mozilla Thunderbird binary package should upgrade to\nthe latest version:\n\n # emerge --sync\n # emerge --ask --oneshot -v \"\u003e=mail-client/thunderbird-bin-10.0.11\"\n\nAll Mozilla SeaMonkey users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=www-client/seamonkey-2.14-r1\"\n\nAll users of the Mozilla SeaMonkey binary package should upgrade to the\nlatest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=www-client/seamonkey-bin-2.14\"\n\nAll NSS users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=dev-libs/nss-3.14\"\n\nThe \"www-client/mozilla-firefox\" package has been merged into the\n\"www-client/firefox\" package. To upgrade, please unmerge\n\"www-client/mozilla-firefox\" and then emerge the latest\n\"www-client/firefox\" package:\n\n # emerge --sync\n # emerge --unmerge \"www-client/mozilla-firefox\"\n # emerge --ask --oneshot --verbose \"\u003e=www-client/firefox-10.0.11\"\n\nThe \"www-client/mozilla-firefox-bin\" package has been merged into the\n\"www-client/firefox-bin\" package. To upgrade, please unmerge\n\"www-client/mozilla-firefox-bin\" and then emerge the latest\n\"www-client/firefox-bin\" package:\n\n # emerge --sync\n # emerge --unmerge \"www-client/mozilla-firefox-bin\"\n # emerge --ask --oneshot --verbose \"\u003e=www-client/firefox-bin-10.0.11\"=\n\n\nThe \"mail-client/mozilla-thunderbird\" package has been merged into the\n\"mail-client/thunderbird\" package. To upgrade, please unmerge\n\"mail-client/mozilla-thunderbird\" and then emerge the latest\n\"mail-client/thunderbird\" package:\n\n # emerge --sync\n # emerge --unmerge \"mail-client/mozilla-thunderbird\"\n # emerge --ask --oneshot -v \"\u003e=mail-client/thunderbird-10.0.11\"\n\nThe \"mail-client/mozilla-thunderbird-bin\" package has been merged into\nthe \"mail-client/thunderbird-bin\" package. To upgrade, please unmerge\n\"mail-client/mozilla-thunderbird-bin\" and then emerge the latest\n\"mail-client/thunderbird-bin\" package:\n\n # emerge --sync\n # emerge --unmerge \"mail-client/mozilla-thunderbird-bin\"\n # emerge --ask --oneshot -v \"\u003e=mail-client/thunderbird-bin-10.0.11\"\n\nGentoo discontinued support for GNU IceCat. We recommend that users\nunmerge GNU IceCat:\n\n # emerge --unmerge \"www-client/icecat\"\n\nGentoo discontinued support for XULRunner. We recommend that users\nunmerge XULRunner:\n\n # emerge --unmerge \"net-libs/xulrunner\"\n\nGentoo discontinued support for the XULRunner binary package. We\nrecommend that users unmerge XULRunner:\n\n # emerge --unmerge \"net-libs/xulrunner-bin\"\n\nReferences\n==========\n\n[ 1 ] CVE-2011-3101\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3101\n[ 2 ] CVE-2007-2436\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-2436\n[ 3 ] CVE-2007-2437\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-2437\n[ 4 ] CVE-2007-2671\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-2671\n[ 5 ] CVE-2007-3073\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-3073\n[ 6 ] CVE-2008-0016\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0016\n[ 7 ] CVE-2008-0017\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0017\n[ 8 ] CVE-2008-0367\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0367\n[ 9 ] CVE-2008-3835\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3835\n[ 10 ] CVE-2008-3836\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3836\n[ 11 ] CVE-2008-3837\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3837\n[ 12 ] CVE-2008-4058\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4058\n[ 13 ] CVE-2008-4059\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4059\n[ 14 ] CVE-2008-4060\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4060\n[ 15 ] CVE-2008-4061\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4061\n[ 16 ] CVE-2008-4062\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4062\n[ 17 ] CVE-2008-4063\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4063\n[ 18 ] CVE-2008-4064\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4064\n[ 19 ] CVE-2008-4065\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4065\n[ 20 ] CVE-2008-4066\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4066\n[ 21 ] CVE-2008-4067\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4067\n[ 22 ] CVE-2008-4068\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4068\n[ 23 ] CVE-2008-4069\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4069\n[ 24 ] CVE-2008-4070\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4070\n[ 25 ] CVE-2008-4582\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4582\n[ 26 ] CVE-2008-5012\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5012\n[ 27 ] CVE-2008-5013\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5013\n[ 28 ] CVE-2008-5014\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5014\n[ 29 ] CVE-2008-5015\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5015\n[ 30 ] CVE-2008-5016\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5016\n[ 31 ] CVE-2008-5017\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5017\n[ 32 ] CVE-2008-5018\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5018\n[ 33 ] CVE-2008-5019\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5019\n[ 34 ] CVE-2008-5021\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5021\n[ 35 ] CVE-2008-5022\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5022\n[ 36 ] CVE-2008-5023\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5023\n[ 37 ] CVE-2008-5024\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5024\n[ 38 ] CVE-2008-5052\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5052\n[ 39 ] CVE-2008-5500\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5500\n[ 40 ] CVE-2008-5501\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5501\n[ 41 ] CVE-2008-5502\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5502\n[ 42 ] CVE-2008-5503\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5503\n[ 43 ] CVE-2008-5504\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5504\n[ 44 ] CVE-2008-5505\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5505\n[ 45 ] CVE-2008-5506\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5506\n[ 46 ] CVE-2008-5507\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5507\n[ 47 ] CVE-2008-5508\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5508\n[ 48 ] CVE-2008-5510\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5510\n[ 49 ] CVE-2008-5511\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5511\n[ 50 ] CVE-2008-5512\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5512\n[ 51 ] CVE-2008-5513\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5513\n[ 52 ] CVE-2008-5822\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5822\n[ 53 ] CVE-2008-5913\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5913\n[ 54 ] CVE-2008-6961\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-6961\n[ 55 ] CVE-2009-0071\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0071\n[ 56 ] CVE-2009-0071\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0071\n[ 57 ] CVE-2009-0352\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0352\n[ 58 ] CVE-2009-0353\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0353\n[ 59 ] CVE-2009-0354\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0354\n[ 60 ] CVE-2009-0355\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0355\n[ 61 ] CVE-2009-0356\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0356\n[ 62 ] CVE-2009-0357\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0357\n[ 63 ] CVE-2009-0358\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0358\n[ 64 ] CVE-2009-0652\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0652\n[ 65 ] CVE-2009-0771\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0771\n[ 66 ] CVE-2009-0772\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0772\n[ 67 ] CVE-2009-0773\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0773\n[ 68 ] CVE-2009-0774\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0774\n[ 69 ] CVE-2009-0775\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0775\n[ 70 ] CVE-2009-0776\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0776\n[ 71 ] CVE-2009-0777\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0777\n[ 72 ] CVE-2009-1044\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1044\n[ 73 ] CVE-2009-1169\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1169\n[ 74 ] CVE-2009-1302\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1302\n[ 75 ] CVE-2009-1303\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1303\n[ 76 ] CVE-2009-1304\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1304\n[ 77 ] CVE-2009-1305\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1305\n[ 78 ] CVE-2009-1306\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1306\n[ 79 ] CVE-2009-1307\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1307\n[ 80 ] CVE-2009-1308\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1308\n[ 81 ] CVE-2009-1309\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1309\n[ 82 ] CVE-2009-1310\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1310\n[ 83 ] CVE-2009-1311\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1311\n[ 84 ] CVE-2009-1312\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1312\n[ 85 ] CVE-2009-1313\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1313\n[ 86 ] CVE-2009-1392\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1392\n[ 87 ] CVE-2009-1563\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1563\n[ 88 ] CVE-2009-1571\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1571\n[ 89 ] CVE-2009-1828\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1828\n[ 90 ] CVE-2009-1832\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1832\n[ 91 ] CVE-2009-1833\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1833\n[ 92 ] CVE-2009-1834\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1834\n[ 93 ] CVE-2009-1835\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1835\n[ 94 ] CVE-2009-1836\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1836\n[ 95 ] CVE-2009-1837\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1837\n[ 96 ] CVE-2009-1838\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1838\n[ 97 ] CVE-2009-1839\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1839\n[ 98 ] CVE-2009-1840\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1840\n[ 99 ] CVE-2009-1841\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1841\n[ 100 ] CVE-2009-2043\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2043\n[ 101 ] CVE-2009-2044\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2044\n[ 102 ] CVE-2009-2061\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2061\n[ 103 ] CVE-2009-2065\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2065\n[ 104 ] CVE-2009-2210\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2210\n[ 105 ] CVE-2009-2404\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2404\n[ 106 ] CVE-2009-2408\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2408\n[ 107 ] CVE-2009-2462\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2462\n[ 108 ] CVE-2009-2463\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2463\n[ 109 ] CVE-2009-2464\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2464\n[ 110 ] CVE-2009-2465\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2465\n[ 111 ] CVE-2009-2466\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2466\n[ 112 ] CVE-2009-2467\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2467\n[ 113 ] CVE-2009-2469\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2469\n[ 114 ] CVE-2009-2470\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2470\n[ 115 ] CVE-2009-2471\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2471\n[ 116 ] CVE-2009-2472\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2472\n[ 117 ] CVE-2009-2477\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2477\n[ 118 ] CVE-2009-2478\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2478\n[ 119 ] CVE-2009-2479\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2479\n[ 120 ] CVE-2009-2535\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2535\n[ 121 ] CVE-2009-2654\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2654\n[ 122 ] CVE-2009-2662\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2662\n[ 123 ] CVE-2009-2664\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2664\n[ 124 ] CVE-2009-2665\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2665\n[ 125 ] CVE-2009-3069\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3069\n[ 126 ] CVE-2009-3070\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3070\n[ 127 ] CVE-2009-3071\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3071\n[ 128 ] CVE-2009-3072\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3072\n[ 129 ] CVE-2009-3074\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3074\n[ 130 ] CVE-2009-3075\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3075\n[ 131 ] CVE-2009-3076\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3076\n[ 132 ] CVE-2009-3077\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3077\n[ 133 ] CVE-2009-3078\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3078\n[ 134 ] CVE-2009-3079\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3079\n[ 135 ] CVE-2009-3274\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3274\n[ 136 ] CVE-2009-3371\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3371\n[ 137 ] CVE-2009-3372\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3372\n[ 138 ] CVE-2009-3373\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3373\n[ 139 ] CVE-2009-3374\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3374\n[ 140 ] CVE-2009-3375\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3375\n[ 141 ] CVE-2009-3376\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3376\n[ 142 ] CVE-2009-3377\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3377\n[ 143 ] CVE-2009-3378\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3378\n[ 144 ] CVE-2009-3379\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3379\n[ 145 ] CVE-2009-3380\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3380\n[ 146 ] CVE-2009-3381\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3381\n[ 147 ] CVE-2009-3382\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3382\n[ 148 ] CVE-2009-3383\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3383\n[ 149 ] CVE-2009-3388\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3388\n[ 150 ] CVE-2009-3389\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3389\n[ 151 ] CVE-2009-3555\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3555\n[ 152 ] CVE-2009-3978\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3978\n[ 153 ] CVE-2009-3979\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3979\n[ 154 ] CVE-2009-3980\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3980\n[ 155 ] CVE-2009-3981\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3981\n[ 156 ] CVE-2009-3982\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3982\n[ 157 ] CVE-2009-3983\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3983\n[ 158 ] CVE-2009-3984\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3984\n[ 159 ] CVE-2009-3985\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3985\n[ 160 ] CVE-2009-3986\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3986\n[ 161 ] CVE-2009-3987\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3987\n[ 162 ] CVE-2009-3988\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3988\n[ 163 ] CVE-2010-0159\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0159\n[ 164 ] CVE-2010-0160\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0160\n[ 165 ] CVE-2010-0162\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0162\n[ 166 ] CVE-2010-0163\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0163\n[ 167 ] CVE-2010-0164\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0164\n[ 168 ] CVE-2010-0165\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0165\n[ 169 ] CVE-2010-0166\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0166\n[ 170 ] CVE-2010-0167\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0167\n[ 171 ] CVE-2010-0167\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0167\n[ 172 ] CVE-2010-0168\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0168\n[ 173 ] CVE-2010-0169\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0169\n[ 174 ] CVE-2010-0169\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0169\n[ 175 ] CVE-2010-0170\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0170\n[ 176 ] CVE-2010-0171\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0171\n[ 177 ] CVE-2010-0171\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0171\n[ 178 ] CVE-2010-0172\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0172\n[ 179 ] CVE-2010-0173\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0173\n[ 180 ] CVE-2010-0174\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0174\n[ 181 ] CVE-2010-0174\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0174\n[ 182 ] CVE-2010-0175\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0175\n[ 183 ] CVE-2010-0175\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0175\n[ 184 ] CVE-2010-0176\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0176\n[ 185 ] CVE-2010-0176\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0176\n[ 186 ] CVE-2010-0177\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0177\n[ 187 ] CVE-2010-0178\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0178\n[ 188 ] CVE-2010-0179\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0179\n[ 189 ] CVE-2010-0181\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0181\n[ 190 ] CVE-2010-0182\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0182\n[ 191 ] CVE-2010-0183\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0183\n[ 192 ] CVE-2010-0220\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0220\n[ 193 ] CVE-2010-0648\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0648\n[ 194 ] CVE-2010-0654\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0654\n[ 195 ] CVE-2010-1028\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1028\n[ 196 ] CVE-2010-1121\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1121\n[ 197 ] CVE-2010-1125\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1125\n[ 198 ] CVE-2010-1196\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1196\n[ 199 ] CVE-2010-1197\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1197\n[ 200 ] CVE-2010-1198\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1198\n[ 201 ] CVE-2010-1199\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1199\n[ 202 ] CVE-2010-1200\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1200\n[ 203 ] CVE-2010-1201\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1201\n[ 204 ] CVE-2010-1202\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1202\n[ 205 ] CVE-2010-1203\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1203\n[ 206 ] CVE-2010-1205\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1205\n[ 207 ] CVE-2010-1206\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1206\n[ 208 ] CVE-2010-1207\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1207\n[ 209 ] CVE-2010-1208\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1208\n[ 210 ] CVE-2010-1209\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1209\n[ 211 ] CVE-2010-1210\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1210\n[ 212 ] CVE-2010-1211\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1211\n[ 213 ] CVE-2010-1212\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1212\n[ 214 ] CVE-2010-1213\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1213\n[ 215 ] CVE-2010-1214\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1214\n[ 216 ] CVE-2010-1215\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1215\n[ 217 ] CVE-2010-1585\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1585\n[ 218 ] CVE-2010-2751\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2751\n[ 219 ] CVE-2010-2752\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2752\n[ 220 ] CVE-2010-2753\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2753\n[ 221 ] CVE-2010-2754\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2754\n[ 222 ] CVE-2010-2755\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2755\n[ 223 ] CVE-2010-2760\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2760\n[ 224 ] CVE-2010-2762\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2762\n[ 225 ] CVE-2010-2763\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2763\n[ 226 ] CVE-2010-2764\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2764\n[ 227 ] CVE-2010-2765\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2765\n[ 228 ] CVE-2010-2766\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2766\n[ 229 ] CVE-2010-2767\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2767\n[ 230 ] CVE-2010-2768\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2768\n[ 231 ] CVE-2010-2769\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2769\n[ 232 ] CVE-2010-2770\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2770\n[ 233 ] CVE-2010-3131\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3131\n[ 234 ] CVE-2010-3166\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3166\n[ 235 ] CVE-2010-3167\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3167\n[ 236 ] CVE-2010-3168\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3168\n[ 237 ] CVE-2010-3169\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3169\n[ 238 ] CVE-2010-3170\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3170\n[ 239 ] CVE-2010-3171\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3171\n[ 240 ] CVE-2010-3173\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3173\n[ 241 ] CVE-2010-3174\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3174\n[ 242 ] CVE-2010-3175\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3175\n[ 243 ] CVE-2010-3176\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3176\n[ 244 ] CVE-2010-3177\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3177\n[ 245 ] CVE-2010-3178\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3178\n[ 246 ] CVE-2010-3179\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3179\n[ 247 ] CVE-2010-3180\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3180\n[ 248 ] CVE-2010-3182\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3182\n[ 249 ] CVE-2010-3183\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3183\n[ 250 ] CVE-2010-3399\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3399\n[ 251 ] CVE-2010-3400\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3400\n[ 252 ] CVE-2010-3765\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3765\n[ 253 ] CVE-2010-3766\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3766\n[ 254 ] CVE-2010-3767\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3767\n[ 255 ] CVE-2010-3768\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3768\n[ 256 ] CVE-2010-3769\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3769\n[ 257 ] CVE-2010-3770\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3770\n[ 258 ] CVE-2010-3771\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3771\n[ 259 ] CVE-2010-3772\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3772\n[ 260 ] CVE-2010-3773\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3773\n[ 261 ] CVE-2010-3774\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3774\n[ 262 ] CVE-2010-3775\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3775\n[ 263 ] CVE-2010-3776\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3776\n[ 264 ] CVE-2010-3777\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3777\n[ 265 ] CVE-2010-3778\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3778\n[ 266 ] CVE-2010-4508\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4508\n[ 267 ] CVE-2010-5074\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-5074\n[ 268 ] CVE-2011-0051\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0051\n[ 269 ] CVE-2011-0053\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0053\n[ 270 ] CVE-2011-0054\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0054\n[ 271 ] CVE-2011-0055\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0055\n[ 272 ] CVE-2011-0056\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0056\n[ 273 ] CVE-2011-0057\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0057\n[ 274 ] CVE-2011-0058\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0058\n[ 275 ] CVE-2011-0059\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0059\n[ 276 ] CVE-2011-0061\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0061\n[ 277 ] CVE-2011-0062\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0062\n[ 278 ] CVE-2011-0065\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0065\n[ 279 ] CVE-2011-0066\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0066\n[ 280 ] CVE-2011-0067\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0067\n[ 281 ] CVE-2011-0068\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0068\n[ 282 ] CVE-2011-0069\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0069\n[ 283 ] CVE-2011-0070\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0070\n[ 284 ] CVE-2011-0071\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0071\n[ 285 ] CVE-2011-0072\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0072\n[ 286 ] CVE-2011-0073\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0073\n[ 287 ] CVE-2011-0074\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0074\n[ 288 ] CVE-2011-0075\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0075\n[ 289 ] CVE-2011-0076\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0076\n[ 290 ] CVE-2011-0077\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0077\n[ 291 ] CVE-2011-0078\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0078\n[ 292 ] CVE-2011-0079\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0079\n[ 293 ] CVE-2011-0080\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0080\n[ 294 ] CVE-2011-0081\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0081\n[ 295 ] CVE-2011-0082\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0082\n[ 296 ] CVE-2011-0083\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0083\n[ 297 ] CVE-2011-0084\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0084\n[ 298 ] CVE-2011-0085\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0085\n[ 299 ] CVE-2011-1187\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-1187\n[ 300 ] CVE-2011-1202\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-1202\n[ 301 ] CVE-2011-1712\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-1712\n[ 302 ] CVE-2011-2362\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2362\n[ 303 ] CVE-2011-2363\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2363\n[ 304 ] CVE-2011-2364\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2364\n[ 305 ] CVE-2011-2365\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2365\n[ 306 ] CVE-2011-2369\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2369\n[ 307 ] CVE-2011-2370\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2370\n[ 308 ] CVE-2011-2371\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2371\n[ 309 ] CVE-2011-2372\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2372\n[ 310 ] CVE-2011-2373\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2373\n[ 311 ] CVE-2011-2374\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2374\n[ 312 ] CVE-2011-2375\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2375\n[ 313 ] CVE-2011-2376\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2376\n[ 314 ] CVE-2011-2377\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2377\n[ 315 ] CVE-2011-2378\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2378\n[ 316 ] CVE-2011-2605\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2605\n[ 317 ] CVE-2011-2980\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2980\n[ 318 ] CVE-2011-2981\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2981\n[ 319 ] CVE-2011-2982\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2982\n[ 320 ] CVE-2011-2983\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2983\n[ 321 ] CVE-2011-2984\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2984\n[ 322 ] CVE-2011-2985\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2985\n[ 323 ] CVE-2011-2986\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2986\n[ 324 ] CVE-2011-2987\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2987\n[ 325 ] CVE-2011-2988\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2988\n[ 326 ] CVE-2011-2989\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2989\n[ 327 ] CVE-2011-2990\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2990\n[ 328 ] CVE-2011-2991\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2991\n[ 329 ] CVE-2011-2993\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2993\n[ 330 ] CVE-2011-2995\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2995\n[ 331 ] CVE-2011-2996\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2996\n[ 332 ] CVE-2011-2997\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2997\n[ 333 ] CVE-2011-2998\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2998\n[ 334 ] CVE-2011-2999\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2999\n[ 335 ] CVE-2011-3000\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3000\n[ 336 ] CVE-2011-3001\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3001\n[ 337 ] CVE-2011-3002\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3002\n[ 338 ] CVE-2011-3003\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3003\n[ 339 ] CVE-2011-3004\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3004\n[ 340 ] CVE-2011-3005\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3005\n[ 341 ] CVE-2011-3026\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3026\n[ 342 ] CVE-2011-3062\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3062\n[ 343 ] CVE-2011-3232\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3232\n[ 344 ] CVE-2011-3389\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3389\n[ 345 ] CVE-2011-3640\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3640\n[ 346 ] CVE-2011-3647\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3647\n[ 347 ] CVE-2011-3648\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3648\n[ 348 ] CVE-2011-3649\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3649\n[ 349 ] CVE-2011-3650\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3650\n[ 350 ] CVE-2011-3651\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3651\n[ 351 ] CVE-2011-3652\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3652\n[ 352 ] CVE-2011-3653\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3653\n[ 353 ] CVE-2011-3654\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3654\n[ 354 ] CVE-2011-3655\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3655\n[ 355 ] CVE-2011-3658\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3658\n[ 356 ] CVE-2011-3659\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3659\n[ 357 ] CVE-2011-3660\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3660\n[ 358 ] CVE-2011-3661\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3661\n[ 359 ] CVE-2011-3663\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3663\n[ 360 ] CVE-2011-3665\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3665\n[ 361 ] CVE-2011-3670\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3670\n[ 362 ] CVE-2011-3866\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3866\n[ 363 ] CVE-2011-4688\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-4688\n[ 364 ] CVE-2012-0441\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0441\n[ 365 ] CVE-2012-0442\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0442\n[ 366 ] CVE-2012-0443\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0443\n[ 367 ] CVE-2012-0444\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0444\n[ 368 ] CVE-2012-0445\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0445\n[ 369 ] CVE-2012-0446\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0446\n[ 370 ] CVE-2012-0447\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0447\n[ 371 ] CVE-2012-0449\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0449\n[ 372 ] CVE-2012-0450\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0450\n[ 373 ] CVE-2012-0451\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0451\n[ 374 ] CVE-2012-0452\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0452\n[ 375 ] CVE-2012-0455\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0455\n[ 376 ] CVE-2012-0456\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0456\n[ 377 ] CVE-2012-0457\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0457\n[ 378 ] CVE-2012-0458\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0458\n[ 379 ] CVE-2012-0459\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0459\n[ 380 ] CVE-2012-0460\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0460\n[ 381 ] CVE-2012-0461\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0461\n[ 382 ] CVE-2012-0462\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0462\n[ 383 ] CVE-2012-0463\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0463\n[ 384 ] CVE-2012-0464\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0464\n[ 385 ] CVE-2012-0467\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0467\n[ 386 ] CVE-2012-0468\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0468\n[ 387 ] CVE-2012-0469\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0469\n[ 388 ] CVE-2012-0470\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0470\n[ 389 ] CVE-2012-0471\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0471\n[ 390 ] CVE-2012-0473\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0473\n[ 391 ] CVE-2012-0474\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0474\n[ 392 ] CVE-2012-0475\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0475\n[ 393 ] CVE-2012-0477\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0477\n[ 394 ] CVE-2012-0478\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0478\n[ 395 ] CVE-2012-0479\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0479\n[ 396 ] CVE-2012-1937\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1937\n[ 397 ] CVE-2012-1938\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1938\n[ 398 ] CVE-2012-1939\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1939\n[ 399 ] CVE-2012-1940\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1940\n[ 400 ] CVE-2012-1941\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1941\n[ 401 ] CVE-2012-1945\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1945\n[ 402 ] CVE-2012-1946\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1946\n[ 403 ] CVE-2012-1947\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1947\n[ 404 ] CVE-2012-1948\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1948\n[ 405 ] CVE-2012-1949\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1949\n[ 406 ] CVE-2012-1950\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1950\n[ 407 ] CVE-2012-1951\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1951\n[ 408 ] CVE-2012-1952\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1952\n[ 409 ] CVE-2012-1953\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1953\n[ 410 ] CVE-2012-1954\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1954\n[ 411 ] CVE-2012-1955\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1955\n[ 412 ] CVE-2012-1956\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1956\n[ 413 ] CVE-2012-1957\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1957\n[ 414 ] CVE-2012-1958\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1958\n[ 415 ] CVE-2012-1959\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1959\n[ 416 ] CVE-2012-1960\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1960\n[ 417 ] CVE-2012-1961\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1961\n[ 418 ] CVE-2012-1962\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1962\n[ 419 ] CVE-2012-1963\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1963\n[ 420 ] CVE-2012-1964\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1964\n[ 421 ] CVE-2012-1965\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1965\n[ 422 ] CVE-2012-1966\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1966\n[ 423 ] CVE-2012-1967\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1967\n[ 424 ] CVE-2012-1970\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1970\n[ 425 ] CVE-2012-1971\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1971\n[ 426 ] CVE-2012-1972\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1972\n[ 427 ] CVE-2012-1973\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1973\n[ 428 ] CVE-2012-1974\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1974\n[ 429 ] CVE-2012-1975\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1975\n[ 430 ] CVE-2012-1976\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1976\n[ 431 ] CVE-2012-1994\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1994\n[ 432 ] CVE-2012-3956\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3956\n[ 433 ] CVE-2012-3957\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3957\n[ 434 ] CVE-2012-3958\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3958\n[ 435 ] CVE-2012-3959\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3959\n[ 436 ] CVE-2012-3960\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3960\n[ 437 ] CVE-2012-3961\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3961\n[ 438 ] CVE-2012-3962\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3962\n[ 439 ] CVE-2012-3963\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3963\n[ 440 ] CVE-2012-3964\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3964\n[ 441 ] CVE-2012-3965\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3965\n[ 442 ] CVE-2012-3966\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3966\n[ 443 ] CVE-2012-3967\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3967\n[ 444 ] CVE-2012-3968\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3968\n[ 445 ] CVE-2012-3969\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3969\n[ 446 ] CVE-2012-3970\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3970\n[ 447 ] CVE-2012-3971\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3971\n[ 448 ] CVE-2012-3972\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3972\n[ 449 ] CVE-2012-3973\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3973\n[ 450 ] CVE-2012-3975\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3975\n[ 451 ] CVE-2012-3976\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3976\n[ 452 ] CVE-2012-3977\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3977\n[ 453 ] CVE-2012-3978\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3978\n[ 454 ] CVE-2012-3980\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3980\n[ 455 ] CVE-2012-3982\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3982\n[ 456 ] CVE-2012-3984\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3984\n[ 457 ] CVE-2012-3985\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3985\n[ 458 ] CVE-2012-3986\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3986\n[ 459 ] CVE-2012-3988\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3988\n[ 460 ] CVE-2012-3989\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3989\n[ 461 ] CVE-2012-3990\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3990\n[ 462 ] CVE-2012-3991\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3991\n[ 463 ] CVE-2012-3992\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3992\n[ 464 ] CVE-2012-3993\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3993\n[ 465 ] CVE-2012-3994\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3994\n[ 466 ] CVE-2012-3995\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3995\n[ 467 ] CVE-2012-4179\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4179\n[ 468 ] CVE-2012-4180\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4180\n[ 469 ] CVE-2012-4181\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4181\n[ 470 ] CVE-2012-4182\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4182\n[ 471 ] CVE-2012-4183\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4183\n[ 472 ] CVE-2012-4184\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4184\n[ 473 ] CVE-2012-4185\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4185\n[ 474 ] CVE-2012-4186\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4186\n[ 475 ] CVE-2012-4187\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4187\n[ 476 ] CVE-2012-4188\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4188\n[ 477 ] CVE-2012-4190\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4190\n[ 478 ] CVE-2012-4191\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4191\n[ 479 ] CVE-2012-4192\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4192\n[ 480 ] CVE-2012-4193\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4193\n[ 481 ] CVE-2012-4194\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4194\n[ 482 ] CVE-2012-4195\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4195\n[ 483 ] CVE-2012-4196\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4196\n[ 484 ] CVE-2012-4201\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4201\n[ 485 ] CVE-2012-4202\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4202\n[ 486 ] CVE-2012-4204\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4204\n[ 487 ] CVE-2012-4205\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4205\n[ 488 ] CVE-2012-4206\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4206\n[ 489 ] CVE-2012-4207\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4207\n[ 490 ] CVE-2012-4208\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4208\n[ 491 ] CVE-2012-4209\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4209\n[ 492 ] CVE-2012-4210\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4210\n[ 493 ] CVE-2012-4212\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4212\n[ 494 ] CVE-2012-4215\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4215\n[ 495 ] CVE-2012-4216\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4216\n[ 496 ] CVE-2012-5354\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5354\n[ 497 ] CVE-2012-5829\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5829\n[ 498 ] CVE-2012-5830\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5830\n[ 499 ] CVE-2012-5833\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5833\n[ 500 ] CVE-2012-5835\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5835\n[ 501 ] CVE-2012-5836\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5836\n[ 502 ] CVE-2012-5838\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5838\n[ 503 ] CVE-2012-5839\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5839\n[ 504 ] CVE-2012-5840\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5840\n[ 505 ] CVE-2012-5841\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5841\n[ 506 ] CVE-2012-5842\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5842\n[ 507 ] CVE-2012-5843\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5843\n[ 508 ] Firefox Blocking Fraudulent Certificates\n\nhttp://blog.mozilla.org/security/2011/03/22/firefox-blocking-fraudulent-c=\nertificates/\n[ 509 ] Mozilla Foundation Security Advisory 2011-11\n http://www.mozilla.org/security/announce/2011/mfsa2011-11.html\n[ 510 ] Mozilla Foundation Security Advisory 2011-34\n http://www.mozilla.org/security/announce/2011/mfsa2011-34.html\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-201301-01.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2013 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n. ----------------------------------------------------------------------\n\n\nSecunia is hiring!\n\nhttp://secunia.com/company/jobs/\n\n\n----------------------------------------------------------------------\n\nTITLE:\nSUSE update for MozillaFirefox, MozillaThunderbird,\nmozilla-xulrunner, and seamonkey\n\nSECUNIA ADVISORY ID:\nSA44472\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/44472/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=44472\n\nRELEASE DATE:\n2011-05-07\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/44472/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/44472/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=44472\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nSUSE has issued an update for MozillaFirefox, MozillaThunderbird,\nmozilla-xulrunner, and seamonkey. \n\nFor more information:\nSA44357\nSA44406\n\nSOLUTION:\nApply updated packages via the zypper package manager. \n\nORIGINAL ADVISORY:\nopenSUSE-SU-2011:0437-1:\nhttp://lists.opensuse.org/opensuse-updates/2011-05/msg00005.html\n\nSUSE-SA:2011:022:\nhttp://lists.opensuse.org/opensuse-security-announce/2011-05/msg00001.html\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2011-0076"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001615"
},
{
"db": "BID",
"id": "47660"
},
{
"db": "VULHUB",
"id": "VHN-48021"
},
{
"db": "PACKETSTORM",
"id": "101005"
},
{
"db": "PACKETSTORM",
"id": "119293"
},
{
"db": "PACKETSTORM",
"id": "101190"
}
],
"trust": 2.25
},
"external_ids": {
"_id": null,
"data": [
{
"db": "NVD",
"id": "CVE-2011-0076",
"trust": 3.0
},
{
"db": "VUPEN",
"id": "ADV-2011-1127",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001615",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201105-083",
"trust": 0.7
},
{
"db": "SECUNIA",
"id": "44472",
"trust": 0.7
},
{
"db": "SECUNIA",
"id": "44357",
"trust": 0.6
},
{
"db": "SECUNIA",
"id": "44455",
"trust": 0.6
},
{
"db": "SECUNIA",
"id": "44450",
"trust": 0.6
},
{
"db": "SECUNIA",
"id": "44428",
"trust": 0.6
},
{
"db": "BID",
"id": "47660",
"trust": 0.4
},
{
"db": "VULHUB",
"id": "VHN-48021",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "101005",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "119293",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "101190",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-48021"
},
{
"db": "BID",
"id": "47660"
},
{
"db": "PACKETSTORM",
"id": "101005"
},
{
"db": "PACKETSTORM",
"id": "119293"
},
{
"db": "PACKETSTORM",
"id": "101190"
},
{
"db": "CNNVD",
"id": "CNNVD-201105-083"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001615"
},
{
"db": "NVD",
"id": "CVE-2011-0076"
}
]
},
"id": "VAR-201105-0197",
"iot": {
"_id": null,
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-48021"
}
],
"trust": 0.01
},
"last_update_date": "2026-04-10T22:51:50.789000Z",
"patch": {
"_id": null,
"data": [
{
"title": "mfsa2011-15",
"trust": 0.8,
"url": "http://www.mozilla.org/security/announce/2011/mfsa2011-15.html"
},
{
"title": "mfsa2011-15",
"trust": 0.8,
"url": "http://www.mozilla-japan.org/security/announce/2011/mfsa2011-15.html"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2011-001615"
}
]
},
"problemtype_data": {
"_id": null,
"data": [
{
"problemtype": "NVD-CWE-noinfo",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2011-0076"
}
]
},
"references": {
"_id": null,
"data": [
{
"trust": 2.0,
"url": "http://www.mozilla.org/security/announce/2011/mfsa2011-15.html"
},
{
"trust": 1.7,
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=634724"
},
{
"trust": 1.7,
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=644682"
},
{
"trust": 1.1,
"url": "http://www.mandriva.com/security/advisories?name=mdvsa-2011:079"
},
{
"trust": 1.1,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a14498"
},
{
"trust": 0.9,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-0076"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-0076"
},
{
"trust": 0.8,
"url": "http://www.vupen.com/english/advisories/2011/1127"
},
{
"trust": 0.6,
"url": "http://secunia.com/advisories/44357"
},
{
"trust": 0.6,
"url": "http://secunia.com/advisories/44428"
},
{
"trust": 0.6,
"url": "http://secunia.com/advisories/44450"
},
{
"trust": 0.6,
"url": "http://secunia.com/advisories/44455"
},
{
"trust": 0.6,
"url": "http://secunia.com/advisories/44472"
},
{
"trust": 0.3,
"url": "http://www.mozilla.org/projects/seamonkey/"
},
{
"trust": 0.3,
"url": "http://tools.cisco.com/security/center/content/ciscosecuritynotice/cve-2014-0676"
},
{
"trust": 0.3,
"url": "http://www.mandriva.com/en/support/security/advisories/?dis=2010.1\u0026name=mdvsa-2011:079"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-0066"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0080"
},
{
"trust": 0.1,
"url": "http://store.mandriva.com/product_info.php?cpath=149\u0026amp;products_id=490"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0070"
},
{
"trust": 0.1,
"url": "http://secunia.com/"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-1202"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-0071"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-0075"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-0081"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-0065"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-0069"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-1202"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0074"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-0067"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-0072"
},
{
"trust": 0.1,
"url": "http://www.mozilla.org/security/known-vulnerabilities/firefox36.html#firefox3.6.17"
},
{
"trust": 0.1,
"url": "http://lists.grok.org.uk/full-disclosure-charter.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0072"
},
{
"trust": 0.1,
"url": "http://www.mandriva.com/security/"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-0077"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-0080"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-0070"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0069"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0075"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0067"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0073"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0066"
},
{
"trust": 0.1,
"url": "http://www.mandriva.com/security/advisories"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0081"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0071"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0078"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0077"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-0078"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0065"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-0073"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-0074"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0076"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1965"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-3985"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0079"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-4688"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-4070"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0082"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2371"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-0169"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-4061"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-1210"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4181"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-1832"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1994"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-4058"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-1828"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-0353"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-1838"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-3975"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-2766"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-1205"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-4061"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3767"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0473"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-0172"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1971"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0479"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-2043"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3175"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-3973"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3655"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-2760"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-1187"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1961"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0447"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-2462"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0456"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-2770"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-1125"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-3958"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3777"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3003"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0067"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3174"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-0168"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0057"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0443"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2993"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-3376"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-5017"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-3555"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1940"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-3069"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2989"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5836"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-0182"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4179"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2007-2436"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-3072"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-1208"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-3967"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2375"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2376"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-3971"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3772"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-3977"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-3965"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0469"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-3978"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4183"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-1834"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-2472"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-3378"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-2767"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1952"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0078"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-0170"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-0164"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-0775"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3400"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-1211"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-3372"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-2769"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4188"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-5012"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4206"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5354"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-5504"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-4067"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3648"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-0776"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-3071"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0477"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-2467"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0475"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-3962"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-2408"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-1304"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4201"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4202"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4182"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-1206"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-3990"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1975"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-1392"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-4070"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-2044"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3183"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-3835"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-4068"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-5507"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-4059"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-5023"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-1308"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-1044"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-5508"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-0654"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0070"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-4065"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-1307"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3866"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0080"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2984"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0478"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-1213"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-0352"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-5014"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-2664"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0051"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-3989"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-3984"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-3371"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-3382"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4180"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-4068"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4194"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-4582"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-5502"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4193"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-2437"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-3978"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-1835"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-3993"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-5506"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-3375"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-3078"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-0173"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-3075"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-3969"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0462"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2605"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-1169"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-1311"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-4066"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3658"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1973"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3004"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1950"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1972"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2369"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-1215"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4216"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-4062"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0463"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3001"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-0167"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-3381"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-3988"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0452"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-3837"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-1837"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2374"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-3994"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1960"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1963"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3167"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-0774"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-4065"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-5022"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-5024"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0468"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3026"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-1203"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0074"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-2061"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0085"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-3980"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1966"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1945"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4184"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1959"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-4060"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0077"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3000"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0071"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0068"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1974"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-0016"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-2065"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-4066"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0081"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-4063"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1955"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-1302"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-5503"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-3374"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-3968"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-1028"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-4059"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3005"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4185"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2986"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-0176"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5839"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-1121"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3661"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-2765"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-5913"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3169"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5843"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3663"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3651"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-5016"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2372"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1951"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-3274"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-1197"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-3964"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1953"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-4067"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2997"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3778"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2996"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3232"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0061"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-4063"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2007-3073"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-2654"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-0354"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-5500"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-3380"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-1212"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-0357"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1976"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-0773"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-0220"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-0071"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-0777"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0055"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-5052"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-0165"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-2464"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2378"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3131"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-0160"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-1836"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-5513"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-3986"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-0367"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-2752"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-3388"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-2469"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-2753"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3650"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3002"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-2764"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-3983"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-2751"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4190"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-2477"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-1833"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3389"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2981"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-2768"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2991"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-0358"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2373"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3670"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-3987"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-3976"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-4582"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-3377"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4208"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1956"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4186"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0441"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0054"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3166"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-5014"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2370"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-2671"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-2662"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-1309"
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-1840"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-3957"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-1585"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5840"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-1207"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0445"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2998"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-0355"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-1200"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2362"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-3077"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0056"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2987"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-3101"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-5501"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4195"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4209"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-3985"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1962"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3660"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-2762"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5833"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-1839"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2988"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-0648"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3101"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3168"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0072"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2995"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3399"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-0171"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2983"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5841"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5838"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-5019"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2985"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0458"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-3073"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3659"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-3837"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0066"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-3836"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-0174"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5842"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0457"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3176"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-5511"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-0356"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4205"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-0178"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-3379"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-4064"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-4508"
},
{
"trust": 0.1,
"url": "http://www.mozilla.org/security/announce/2011/mfsa2011-34.html"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-1310"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-0016"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1967"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-1306"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-3079"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-2471"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0073"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0474"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0444"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0455"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1954"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-4062"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3647"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4210"
},
{
"trust": 0.1,
"url": "http://blog.mozilla.org/security/2011/03/22/firefox-blocking-fraudulent-c="
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-0017"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-1305"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0446"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5835"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-3966"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-0181"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0069"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-5013"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-3979"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0450"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-1214"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-1196"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0449"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0062"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-1841"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3179"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-0367"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3765"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1947"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-3070"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-4060"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-3992"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-1563"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0442"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-0175"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-1712"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-1199"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2365"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-2404"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3775"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-1198"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-2535"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1938"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-5505"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1946"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-5512"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-5074"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4187"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3766"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2007-2437"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1949"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3776"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5830"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0075"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-1202"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-0652"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1958"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-5015"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-0163"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-4069"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-0179"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-1313"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-0159"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1939"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-3972"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3182"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4207"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-6961"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2990"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-3970"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3178"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2007-2671"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-4069"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3180"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4191"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-3956"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4204"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-2763"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2982"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-3986"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3654"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2364"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-3389"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2980"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-3963"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0464"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-1209"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-2754"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-2470"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-2210"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-1202"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5829"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-3982"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3173"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3774"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-3995"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-5510"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4192"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-2463"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0467"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1964"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-3959"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3770"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3769"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-0772"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3665"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4196"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-5822"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-2466"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3649"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3653"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3768"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-2478"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-3988"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-1312"
},
{
"trust": 0.1,
"url": "http://www.mozilla.org/security/announce/2011/mfsa2011-11.html"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0058"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3771"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-2479"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-3383"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-1303"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-2465"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3170"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2377"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-3991"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-3982"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-5012"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1957"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-2755"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1948"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-3961"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0470"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3773"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-3076"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-0166"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-1571"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-3984"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3640"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-4064"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-2436"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-3981"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1970"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0461"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4215"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-5021"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-4058"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0451"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-0771"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-0017"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-3836"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-5013"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4212"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0459"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0076"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0083"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0460"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-0183"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-1201"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-3960"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0059"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-0177"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3062"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-5018"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3177"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-3980"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2363"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0084"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3652"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1941"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/glsa/glsa-201301-01.xml"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-3074"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1937"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-3835"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0053"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3171"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2999"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0471"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0065"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-0162"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-3373"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-2665"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=44472"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/44472/#comments"
},
{
"trust": 0.1,
"url": "http://secunia.com/products/corporate/evm/"
},
{
"trust": 0.1,
"url": "http://secunia.com/company/jobs/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
},
{
"trust": 0.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-05/msg00001.html"
},
{
"trust": 0.1,
"url": "http://lists.opensuse.org/opensuse-updates/2011-05/msg00005.html"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/personal/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/44472/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-48021"
},
{
"db": "BID",
"id": "47660"
},
{
"db": "PACKETSTORM",
"id": "101005"
},
{
"db": "PACKETSTORM",
"id": "119293"
},
{
"db": "PACKETSTORM",
"id": "101190"
},
{
"db": "CNNVD",
"id": "CNNVD-201105-083"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001615"
},
{
"db": "NVD",
"id": "CVE-2011-0076"
}
]
},
"sources": {
"_id": null,
"data": [
{
"db": "VULHUB",
"id": "VHN-48021",
"ident": null
},
{
"db": "BID",
"id": "47660",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "101005",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "119293",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "101190",
"ident": null
},
{
"db": "CNNVD",
"id": "CNNVD-201105-083",
"ident": null
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001615",
"ident": null
},
{
"db": "NVD",
"id": "CVE-2011-0076",
"ident": null
}
]
},
"sources_release_date": {
"_id": null,
"data": [
{
"date": "2011-05-07T00:00:00",
"db": "VULHUB",
"id": "VHN-48021",
"ident": null
},
{
"date": "2011-04-28T00:00:00",
"db": "BID",
"id": "47660",
"ident": null
},
{
"date": "2011-04-30T16:45:09",
"db": "PACKETSTORM",
"id": "101005",
"ident": null
},
{
"date": "2013-01-08T03:21:24",
"db": "PACKETSTORM",
"id": "119293",
"ident": null
},
{
"date": "2011-05-08T06:59:35",
"db": "PACKETSTORM",
"id": "101190",
"ident": null
},
{
"date": "2011-05-09T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201105-083",
"ident": null
},
{
"date": "2011-05-23T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2011-001615",
"ident": null
},
{
"date": "2011-05-07T18:55:01.387000",
"db": "NVD",
"id": "CVE-2011-0076",
"ident": null
}
]
},
"sources_update_date": {
"_id": null,
"data": [
{
"date": "2017-09-19T00:00:00",
"db": "VULHUB",
"id": "VHN-48021",
"ident": null
},
{
"date": "2015-04-13T22:10:00",
"db": "BID",
"id": "47660",
"ident": null
},
{
"date": "2011-05-09T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201105-083",
"ident": null
},
{
"date": "2011-05-23T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2011-001615",
"ident": null
},
{
"date": "2025-04-11T00:51:21.963000",
"db": "NVD",
"id": "CVE-2011-0076",
"ident": null
}
]
},
"threat_type": {
"_id": null,
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201105-083"
}
],
"trust": 0.6
},
"title": {
"_id": null,
"data": "Mac OS X Run on Mozilla Firefox and SeaMonkey of JEP Vulnerable to access restrictions",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2011-001615"
}
],
"trust": 0.8
},
"type": {
"_id": null,
"data": "lack of information",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201105-083"
}
],
"trust": 0.6
}
}
VAR-200707-0675
Vulnerability from variot - Updated: 2026-04-10 22:49The DNS protocol, as implemented in (1) BIND 8 and 9 before 9.5.0-P1, 9.4.2-P1, and 9.3.5-P1; (2) Microsoft DNS in Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP1 and SP2; and other implementations allow remote attackers to spoof DNS traffic via a birthday attack that uses in-bailiwick referrals to conduct cache poisoning against recursive resolvers, related to insufficient randomness of DNS transaction IDs and source ports, aka "DNS Insufficient Socket Entropy Vulnerability" or "the Kaminsky bug.". Deficiencies in the DNS protocol and common DNS implementations facilitate DNS cache poisoning attacks. ISC (Internet Systems Consortiuim) BIND generates cryptographically weak DNS query IDs which could allow a remote attacker to poison DNS caches. In IP NAT filtering in Sun Solaris 10 and OpenSolaris series products, when a DNS server runs NAT, it incorrectly changes the original address of the data packet. When the destination address is a DNS port, it will allow remote attackers to bypass CVE-2008 -1447 security protection. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Cisco Security Advisory: Multiple Cisco Products Vulnerable to DNS Cache Poisoning Attacks
Advisory ID: cisco-sa-20080708-dns
http://www.cisco.com/warp/public/707/cisco-sa-20080708-dns.shtml
Revision 1.0
For Public Release 2008 July 08 1800 UTC (GMT)
Summary
Multiple Cisco products are vulnerable to DNS cache poisoning attacks due to their use of insufficiently randomized DNS transaction IDs and UDP source ports in the DNS queries that they produce, which may allow an attacker to more easily forge DNS answers that can poison DNS caches.
To exploit this vulnerability an attacker must be able to cause a vulnerable DNS server to perform recursive DNS queries. Therefore, DNS servers that are only authoritative, or servers where recursion is not allowed, are not affected.
Cisco has released free software updates that address this vulnerability.
This advisory is posted at http://www.cisco.com/warp/public/707/cisco-sa-20080708-dns.shtml.
This security advisory is being published simultaneously with announcements from other affected organizations. Products that process DNS messages with the RD flag set will attempt to answer the question asked on behalf of the client. A product is only affected if using a vulnerable implementation of the DNS protocol, the DNS server functionality for the product is enabled, and the DNS feature for the product is configured to process recursive DNS query messages.
Vulnerable Products +------------------
The following Cisco products are capable of acting as DNS servers and have been found to have the DNS implementation weakness that makes some types of DNS cache poisoning attacks more likely to succeed:
-
Cisco IOS Software
A device that is running Cisco IOS Software will be affected if it is running a vulnerable version and if it is acting as a DNS server.
All Cisco IOS Software releases that support the DNS server functionality and that have not had their DNS implementation improved are affected. For information about specific fixed versions, please refer to the Software Versions and Fixes section.
A device that is running Cisco IOS Software is configured to act as a DNS server if the command "ip dns server" is present in the configuration. This command is not enabled by default.
-
Cisco Network Registrar
All Cisco Network Registrar versions are affected, and DNS services are enabled by default.
The DNS server on CNR is enabled via the command-line interface (CLI) commands "server dns enable start-on-reboot" or "dns enable start-on-reboot" or via the web management interface in the Servers page by selecting the appropriate "Start," "Stop," or "Reload" button.
-
Cisco Application and Content Networking System
All Cisco Application and Content Networking System (ACNS) versions are affected; DNS services are disabled by default.
ACNS is configured to act as a DNS server if the command "dns enable" is present in the configuration.
-
Cisco Global Site Selector Used in Combination with Cisco Network Registrar
The Cisco Global Site Selector (GSS) is affected when it is used in combination with Cisco Network Registrar software to provide a more complete DNS solution. Fixed software would come in the form of an update of the Cisco Network Registrar software rather than an update of the GSS software.
Products Confirmed Not Vulnerable +--------------------------------
Products that do not offer DNS server capabilities are not affected by this vulnerability.
The Cisco GSS by itself is not affected by this vulnerability. However, it is affected when it is used with Cisco Network Registrar software.
No other Cisco products are currently known to be affected by these vulnerabilities.
Details
The Domain Name System is an integral part of networks that are based on TCP/IP such as the Internet. Simply stated, the Domain Name System is a hierarchical database that contains mappings of hostnames and IP addresses. When handling a query from a DNS client, a DNS server can look into its portion of the global DNS database (if the query is for a portion of the DNS database for which the DNS server is authoritative), or it can relay the query to other DNS servers (if it is configured to do so and if the query is for a portion of the DNS database for which the DNS server is not authoritative.)
Because of the processing time and bandwidth that is associated with handling a DNS query, most DNS servers locally store responses that are received from other DNS servers. The area where these responses are stored locally is called a "cache." Once a response is stored in a cache, the DNS server can use the locally stored response for a certain time (called the "time to live") before having to query DNS servers again to refresh the local (cached) copy of the response. For example, if www.example.com is mapped to the IP address 192.168.0.1 and this mapping is present in the cache of a DNS server, an attacker who succeeds in poisoning the DNS cache of this server may be able to map www.example.com to 10.0.0.1 instead. If this happens, a user who is trying to visit www.example.com may end up contacting the wrong web server. The fundamental implementation weakness is that the DNS transaction ID and source port number used to validate DNS responses are not sufficiently randomized and can easily be predicted, which allows an attacker to create forged responses to DNS queries that will match the expected values. The DNS server will consider such responses to be valid.
The following Cisco products that offer DNS server functionality have been found to be susceptible to DNS cache poisoning attacks:
-
Cisco IOS Software: The vulnerability documented in Cisco bug ID CSCso81854.
-
Cisco Network Registrar: The vulnerability documented in Cisco bug ID CSCsq01298.
-
Cisco Application and Content Networking System (ACNS): The vulnerability documented in Cisco bug ID CSCsq21930.
This vulnerability has been assigned Common Vulnerabilities and Exposures (CVE) ID CVE-2008-1447.
Vulnerability Scoring Details +----------------------------
Cisco has provided scores for the vulnerabilities in this advisory based on the Common Vulnerability Scoring System (CVSS). The CVSS scoring in this Security Advisory is done in accordance with CVSS version 2.0.
CVSS is a standards-based scoring method that conveys vulnerability severity and helps determine urgency and priority of response.
Cisco has provided a base and temporal score. Customers can then compute environmental scores to assist in determining the impact of the vulnerability in individual networks.
Cisco has provided an FAQ to answer additional questions regarding CVSS at
http://www.cisco.com/web/about/security/intelligence/cvss-qandas.html
Cisco has also provided a CVSS calculator to help compute the environmental impact for individual networks at
http://intellishield.cisco.com/security/alertmanager/cvss
Cisco Bugs:
-
DNS cache prone to poisoning/forged answers attacks (CSCsq21930)
-
DNS susceptible to forged query response attacks (CSCsq01298)
-
Need to make DNS implementation more resilient against forged answers (CSCso81854)
CVSS Base Score - 6.4 Access Vector - Network Access Complexity - Low Authentication - None Confidentiality Impact - None Integrity Impact - Partial Availability Impact - Partial
CVSS Temporal Score - 5.3 Exploitability - Functional Remediation Level - Official-Fix Report Confidence - Confirmed
(same score for the three Cisco bugs listed above.)
Impact
Successful exploitation of the vulnerability described in this document may result in invalid hostname-to-IP address mappings in the cache of an affected DNS server. This may lead users of this DNS server to contact the wrong provider of network services. The ultimate impact varies greatly, ranging from a simple denial of service (for example, making www.example.com resolve to 127.0.0.1) to phishing and financial fraud.
Software Versions and Fixes
When considering software upgrades, also consult http://www.cisco.com/go/psirt and any subsequent advisories to determine exposure and a complete upgrade solution.
In all cases, customers should exercise caution to be certain the devices to be upgraded contain sufficient memory and that current hardware and software configurations will continue to be supported properly by the new release. If the information is not clear, contact the Cisco Technical Assistance Center (TAC) or your contracted maintenance provider for assistance.
Cisco IOS Software +-----------------
Each row of the Cisco IOS Software table (below) names a Cisco IOS Software release train. If a given release train is vulnerable, then the earliest possible releases that contain the fix (along with the anticipated date of availability for each, if applicable) are listed in the "First Fixed Release" column of the table. The "Recommended Release" column indicates the releases which have fixes for all the published vulnerabilities at the time of this Advisory. A device running a release in the given train that is earlier than the release in a specific column (less than the First Fixed Release) is known to be vulnerable. Cisco recommends upgrading to a release equal to or later than the release in the "Recommended Releases" column of the table.
+----------------------------------------+ | Major | Availability of | | Release | Repaired Releases | |------------+---------------------------| | Affected | First Fixed | Recommended | | 12.0-Based | Release | Release | | Releases | | | |------------+-------------+-------------| | 12.0 | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.0DA | Not | | | | Vulnerable | | |------------+-------------+-------------| | | Releases | | | | prior to | | | | 12.0(7)DB | | | | are | | | | vulnerable, | 12.4(19a) | | 12.0DB | release | | | | 12.0(7)DB | 12.4(19b) | | | and later | | | | are not | | | | vulnerable; | | | | first fixed | | | | in 12.4 | | |------------+-------------+-------------| | | Releases | | | | prior to | | | | 12.0(7)DC | | | | are | | | | vulnerable, | 12.4(19a) | | 12.0DC | release | | | | 12.0(7)DC | 12.4(19b) | | | and later | | | | are not | | | | vulnerable; | | | | first fixed | | | | in 12.4 | | |------------+-------------+-------------| | 12.0S | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.0SC | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.0SL | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.0SP | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.0ST | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.0SX | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.0SY | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.0SZ | Not | | | | Vulnerable | | |------------+-------------+-------------| | | Vulnerable; | 12.4(19a) | | 12.0T | first fixed | | | | in 12.4 | 12.4(19b) | |------------+-------------+-------------| | 12.0W | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.0WC | Vulnerable; | | | | contact TAC | | |------------+-------------+-------------| | 12.0WT | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.0XA | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.0XB | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.0XC | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.0XD | Not | | | | Vulnerable | | |------------+-------------+-------------| | | Note: | | | | Releases | | | | prior to | | | | 12.0(7)XE1 | | | | are | | | 12.0XE | vulnerable, | | | | release | | | | 12.0(7)XE1 | | | | and later | | | | are not | | | | vulnerable; | | |------------+-------------+-------------| | 12.0XF | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.0XG | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.0XH | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.0XI | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.0XJ | Not | | | | Vulnerable | | |------------+-------------+-------------| | | Releases | | | | prior to | | | | 12.0(7)XK2 | | | | are | | | | vulnerable, | 12.4(19a) | | 12.0XK | release | | | | 12.0(7)XK2 | 12.4(19b) | | | and later | | | | are not | | | | vulnerable; | | | | first fixed | | | | in 12.4 | | |------------+-------------+-------------| | 12.0XL | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.0XM | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.0XN | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.0XQ | Not | | | | Vulnerable | | |------------+-------------+-------------| | | Releases | | | | prior to | | | | 12.0(7)XR1 | | | | are | | | | vulnerable, | 12.4(19a) | | 12.0XR | release | | | | 12.0(7)XR1 | 12.4(19b) | | | and later | | | | are not | | | | vulnerable; | | | | first fixed | | | | in 12.4 | | |------------+-------------+-------------| | 12.0XS | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.0XV | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.0XW | Not | | | | Vulnerable | | |------------+-------------+-------------| | Affected | First Fixed | Recommended | | 12.1-Based | Release | Release | | Releases | | | |------------+-------------+-------------| | | Vulnerable; | 12.4(19a) | | 12.1 | first fixed | | | | in 12.4 | 12.4(19b) | |------------+-------------+-------------| | 12.1AA | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.1AX | Not | | | | Vulnerable | | |------------+-------------+-------------| | | Releases | | | | prior to | | | | 12.1(22)AY1 | | | | are | | | 12.1AY | vulnerable, | 12.1(22) | | | release | EA11 | | | 12.1(22)AY1 | | | | and later | | | | are not | | | | vulnerable; | | |------------+-------------+-------------| | 12.1AZ | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.1CX | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.1DA | Not | | | | Vulnerable | | |------------+-------------+-------------| | | Releases | | | | prior to | | | | 12.1(4)DB1 | | | | are | | | | vulnerable, | 12.4(19a) | | 12.1DB | release | | | | 12.1(4)DB1 | 12.4(19b) | | | and later | | | | are not | | | | vulnerable; | | | | first fixed | | | | in 12.4 | | |------------+-------------+-------------| | | Releases | | | | prior to | | | | 12.1(4)DC2 | | | | are | | | | vulnerable, | 12.4(19a) | | 12.1DC | release | | | | 12.1(4)DC2 | 12.4(19b) | | | and later | | | | are not | | | | vulnerable; | | | | first fixed | | | | in 12.4 | | |------------+-------------+-------------| | 12.1E | Not | | | | Vulnerable | | |------------+-------------+-------------| | | Releases | | | | prior to | | | | 12.1(11)EA1 | | | | are | | | 12.1EA | vulnerable, | 12.1(22) | | | release | EA11 | | | 12.1(11)EA1 | | | | and later | | | | are not | | | | vulnerable; | | |------------+-------------+-------------| | 12.1EB | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.1EC | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.1EO | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.1EU | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.1EV | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.1EW | Not | | | | Vulnerable | | |------------+-------------+-------------| | | Note: | | | | Releases | | | | prior to | | | | 12.1(8a)EX | | | | are | | | 12.1EX | vulnerable, | | | | release | | | | 12.1(8a)EX | | | | and later | | | | are not | | | | vulnerable; | | |------------+-------------+-------------| | 12.1EY | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.1EZ | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.1GA | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.1GB | Not | | | | Vulnerable | | |------------+-------------+-------------| | | Vulnerable; | 12.4(19a) | | 12.1T | first fixed | | | | in 12.4 | 12.4(19b) | |------------+-------------+-------------| | 12.1XA | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.1XB | Not | | | | Vulnerable | | |------------+-------------+-------------| | | Releases | | | | prior to | | | | 12.1(1)XC1 | | | | are | | | | vulnerable, | 12.4(19a) | | 12.1XC | release | | | | 12.1(1)XC1 | 12.4(19b) | | | and later | | | | are not | | | | vulnerable; | | | | first fixed | | | | in 12.4 | | |------------+-------------+-------------| | 12.1XD | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.1XE | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.1XF | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.1XG | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.1XH | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.1XI | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.1XJ | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.1XK | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.1XL | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.1XM | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.1XN | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.1XO | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.1XP | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.1XQ | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.1XR | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.1XS | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.1XT | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.1XU | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.1XV | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.1XW | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.1XX | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.1XY | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.1XZ | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.1YA | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.1YB | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.1YC | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.1YD | Not | | | | Vulnerable | | |------------+-------------+-------------| | | Note: | | | | Releases | | | | prior to | | | | 12.1(5)YE1 | | | | are | 12.4(19a) | | 12.1YE | vulnerable, | | | | release | 12.4(19b) | | | 12.1(5)YE1 | | | | and later | | | | are not | | | | vulnerable; | | |------------+-------------+-------------| | 12.1YF | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.1YG | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.1YH | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.1YI | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.1YJ | Not | | | | Vulnerable | | |------------+-------------+-------------| | Affected | First Fixed | Recommended | | 12.2-Based | Release | Release | | Releases | | | |------------+-------------+-------------| | | Vulnerable; | 12.4(19a) | | 12.2 | first fixed | | | | in 12.4 | 12.4(19b) | |------------+-------------+-------------| | | Vulnerable; | 12.4(19a) | | 12.2B | first fixed | | | | in 12.4 | 12.4(19b) | |------------+-------------+-------------| | 12.2BC | Not | | | | Vulnerable | | |------------+-------------+-------------| | | Vulnerable; | 12.4(19a) | | 12.2BW | first fixed | | | | in 12.4 | 12.4(19b) | |------------+-------------+-------------| | | Releases | | | | prior to | | | | 12.2(8)BY | | | | are | | | | vulnerable, | 12.4(19a) | | 12.2BY | release | | | | 12.2(8)BY | 12.4(19b) | | | and later | | | | are not | | | | vulnerable; | | | | first fixed | | | | in 12.4 | | |------------+-------------+-------------| | 12.2BZ | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2CX | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2CY | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2CZ | Vulnerable; | | | | contact TAC | | |------------+-------------+-------------| | 12.2DA | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2DD | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2DX | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2EU | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2EW | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2EWA | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2EX | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2EY | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2EZ | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2FX | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2FY | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2FZ | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2IXA | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2IXB | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2IXC | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2IXD | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2IXE | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2IXF | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2JA | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2JK | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2MB | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2MC | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2S | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2SB | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2SBC | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2SCA | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2SE | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2SEA | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2SEB | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2SEC | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2SED | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2SEE | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2SEF | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2SEG | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2SG | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2SGA | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2SL | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2SM | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2SO | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2SRA | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2SRB | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2SRC | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2SU | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2SV | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2SVA | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2SVC | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2SVD | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2SW | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2SX | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2SXA | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2SXB | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2SXD | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2SXE | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2SXF | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2SXH | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2SXI | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2SY | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2SZ | Not | | | | Vulnerable | | |------------+-------------+-------------| | | Vulnerable; | 12.4(19a) | | 12.2T | first fixed | | | | in 12.4 | 12.4(19b) | |------------+-------------+-------------| | | Releases | | | | prior to | | | | 12.2(8) | | | | TPC10d are | | | | vulnerable, | | | 12.2TPC | release | | | | 12.2(8) | | | | TPC10d and | | | | later are | | | | not | | | | vulnerable; | | |------------+-------------+-------------| | 12.2UZ | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2XA | Not | | | | Vulnerable | | |------------+-------------+-------------| | | Vulnerable; | 12.4(19a) | | 12.2XB | first fixed | | | | in 12.4 | 12.4(19b) | |------------+-------------+-------------| | | Vulnerable; | 12.4(19a) | | 12.2XC | first fixed | | | | in 12.4 | 12.4(19b) | |------------+-------------+-------------| | 12.2XD | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2XE | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2XF | Not | | | | Vulnerable | | |------------+-------------+-------------| | | Vulnerable; | 12.4(19a) | | 12.2XG | first fixed | | | | in 12.4 | 12.4(19b) | |------------+-------------+-------------| | 12.2XH | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2XI | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2XJ | Not | | | | Vulnerable | | |------------+-------------+-------------| | | Vulnerable; | 12.4(19a) | | 12.2XK | first fixed | | | | in 12.4 | 12.4(19b) | |------------+-------------+-------------| | | Vulnerable; | 12.4(19a) | | 12.2XL | first fixed | | | | in 12.4 | 12.4(19b) | |------------+-------------+-------------| | 12.2XM | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2XN | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2XNA | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2XO | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2XQ | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2XR | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2XS | Not | | | | Vulnerable | | |------------+-------------+-------------| | | Vulnerable; | 12.4(19a) | | 12.2XT | first fixed | | | | in 12.4 | 12.4(19b) | |------------+-------------+-------------| | | Vulnerable; | 12.4(19a) | | 12.2XU | first fixed | | | | in 12.4 | 12.4(19b) | |------------+-------------+-------------| | 12.2XV | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2XW | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2YA | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2YB | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2YC | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2YD | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2YE | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2YF | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2YG | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2YH | Not | | | | Vulnerable | | |------------+-------------+-------------| | | Vulnerable; | 12.4(19a) | | 12.2YJ | first fixed | | | | in 12.4 | 12.4(19b) | |------------+-------------+-------------| | 12.2YK | Not | | | | Vulnerable | | |------------+-------------+-------------| | | Vulnerable; | 12.4(19a) | | 12.2YL | first fixed | | | | in 12.4 | 12.4(19b) | |------------+-------------+-------------| | | Vulnerable; | 12.4(19a) | | 12.2YM | first fixed | | | | in 12.4 | 12.4(19b) | |------------+-------------+-------------| | | Vulnerable; | 12.4(19a) | | 12.2YN | first fixed | | | | in 12.4 | 12.4(19b) | |------------+-------------+-------------| | | Vulnerable; | 12.2(18) | | | migrate to | SXF15; | | 12.2YO | any release | Available | | | in 12.2SY | on | | | | 08-AUG-08 | |------------+-------------+-------------| | 12.2YP | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2YQ | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2YR | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2YS | Not | | | | Vulnerable | | |------------+-------------+-------------| | | Vulnerable; | 12.4(19a) | | 12.2YT | first fixed | | | | in 12.4 | 12.4(19b) | |------------+-------------+-------------| | | Vulnerable; | 12.4(19a) | | 12.2YU | first fixed | | | | in 12.4 | 12.4(19b) | |------------+-------------+-------------| | | Vulnerable; | 12.4(19a) | | 12.2YV | first fixed | | | | in 12.4 | 12.4(19b) | |------------+-------------+-------------| | 12.2YW | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2YX | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2YY | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2YZ | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2ZA | Not | | | | Vulnerable | | |------------+-------------+-------------| | | Vulnerable; | 12.4(19a) | | 12.2ZB | first fixed | | | | in 12.4 | 12.4(19b) | |------------+-------------+-------------| | 12.2ZC | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2ZD | Vulnerable; | | | | contact TAC | | |------------+-------------+-------------| | | Vulnerable; | 12.4(19a) | | 12.2ZE | first fixed | | | | in 12.4 | 12.4(19b) | |------------+-------------+-------------| | | Vulnerable; | 12.4(19a) | | 12.2ZF | first fixed | | | | in 12.4 | 12.4(19b) | |------------+-------------+-------------| | | | 12.4(19a) | | | | | | | Vulnerable; | 12.4(19b) | | 12.2ZG | first fixed | | | | in 12.4T | 12.4(20)T; | | | | Available | | | | on | | | | 11-JUL-08 | |------------+-------------+-------------| | | | 12.4(19a) | | | | | | | Vulnerable; | 12.4(19b) | | 12.2ZH | first fixed | | | | in 12.4 | 12.4(20)T; | | | | Available | | | | on | | | | 11-JUL-08 | |------------+-------------+-------------| | | Vulnerable; | 12.4(19a) | | 12.2ZJ | first fixed | | | | in 12.4 | 12.4(19b) | |------------+-------------+-------------| | | | 12.4(19a) | | | | | | | Vulnerable; | 12.4(19b) | | 12.2ZL | first fixed | | | | in 12.4 | 12.4(20)T; | | | | Available | | | | on | | | | 11-JUL-08 | |------------+-------------+-------------| | 12.2ZP | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2ZU | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2ZY | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2ZYA | Not | | | | Vulnerable | | |------------+-------------+-------------| | Affected | First Fixed | Recommended | | 12.3-Based | Release | Release | | Releases | | | |------------+-------------+-------------| | | Vulnerable; | 12.4(19a) | | 12.3 | first fixed | | | | in 12.4 | 12.4(19b) | |------------+-------------+-------------| | | Vulnerable; | 12.4(19a) | | 12.3B | first fixed | | | | in 12.4 | 12.4(19b) | |------------+-------------+-------------| | 12.3BC | Not | | | | Vulnerable | | |------------+-------------+-------------| | | Vulnerable; | 12.4(19a) | | 12.3BW | first fixed | | | | in 12.4 | 12.4(19b) | |------------+-------------+-------------| | 12.3EU | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.3JA | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.3JEA | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.3JEB | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.3JEC | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.3JK | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.3JL | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.3JX | Not | | | | Vulnerable | | |------------+-------------+-------------| | | Vulnerable; | 12.4(19a) | | 12.3T | first fixed | | | | in 12.4 | 12.4(19b) | |------------+-------------+-------------| | 12.3TPC | Vulnerable; | | | | contact TAC | | |------------+-------------+-------------| | 12.3VA | Vulnerable; | | | | contact TAC | | |------------+-------------+-------------| | | | 12.4(19a) | | | | | | | Vulnerable; | 12.4(19b) | | 12.3XA | first fixed | | | | in 12.4 | 12.4(20)T; | | | | Available | | | | on | | | | 11-JUL-08 | |------------+-------------+-------------| | | Vulnerable; | 12.4(19a) | | 12.3XB | first fixed | | | | in 12.4 | 12.4(19b) | |------------+-------------+-------------| | | | 12.4(19a) | | | | | | | Vulnerable; | 12.4(19b) | | 12.3XC | first fixed | | | | in 12.4 | 12.4(20)T; | | | | Available | | | | on | | | | 11-JUL-08 | |------------+-------------+-------------| | | Vulnerable; | 12.4(19a) | | 12.3XD | first fixed | | | | in 12.4 | 12.4(19b) | |------------+-------------+-------------| | | | 12.4(19a) | | | | | | | Vulnerable; | 12.4(19b) | | 12.3XE | first fixed | | | | in 12.4 | 12.4(20)T; | | | | Available | | | | on | | | | 11-JUL-08 | |------------+-------------+-------------| | | Vulnerable; | 12.4(19a) | | 12.3XF | first fixed | | | | in 12.4 | 12.4(19b) | |------------+-------------+-------------| | | | 12.4(19a) | | | | | | | Vulnerable; | 12.4(19b) | | 12.3XG | first fixed | | | | in 12.4T | 12.4(20)T; | | | | Available | | | | on | | | | 11-JUL-08 | |------------+-------------+-------------| | | Vulnerable; | 12.4(19a) | | 12.3XH | first fixed | | | | in 12.4 | 12.4(19b) | |------------+-------------+-------------| | 12.3XI | Vulnerable; | | | | contact TAC | | |------------+-------------+-------------| | | | 12.3(14) | | | | YX12 | | | Vulnerable; | | | 12.3XJ | first fixed | 12.4(20)T; | | | in 12.3YX | Available | | | | on | | | | 11-JUL-08 | |------------+-------------+-------------| | | Vulnerable; | 12.4(19a) | | 12.3XK | first fixed | | | | in 12.4 | 12.4(19b) | |------------+-------------+-------------| | | Vulnerable; | 12.4(19a) | | 12.3XQ | first fixed | | | | in 12.4 | 12.4(19b) | |------------+-------------+-------------| | | | 12.4(19a) | | | | | | | Vulnerable; | 12.4(19b) | | 12.3XR | first fixed | | | | in 12.4 | 12.4(20)T; | | | | Available | | | | on | | | | 11-JUL-08 | |------------+-------------+-------------| | | Vulnerable; | 12.4(19a) | | 12.3XS | first fixed | | | | in 12.4 | 12.4(19b) | |------------+-------------+-------------| | 12.3XU | Not | | | | Vulnerable | | |------------+-------------+-------------| | | | 12.3(14) | | | | YX12 | | | Vulnerable; | | | 12.3XW | first fixed | 12.4(20)T; | | | in 12.3YX | Available | | | | on | | | | 11-JUL-08 | |------------+-------------+-------------| | 12.3XY | Not | | | | Vulnerable | | |------------+-------------+-------------| | | | 12.4(19a) | | | | | | | Vulnerable; | 12.4(19b) | | 12.3YA | first fixed | | | | in 12.4 | 12.4(20)T; | | | | Available | | | | on | | | | 11-JUL-08 | |------------+-------------+-------------| | | Vulnerable; | 12.4(20)T; | | 12.3YD | first fixed | Available | | | in 12.4T | on | | | | 11-JUL-08 | |------------+-------------+-------------| | | | 12.3(14) | | | | YX12 | | | Vulnerable; | | | 12.3YF | first fixed | 12.4(20)T; | | | in 12.3YX | Available | | | | on | | | | 11-JUL-08 | |------------+-------------+-------------| | | Vulnerable; | 12.4(20)T; | | 12.3YG | first fixed | Available | | | in 12.4T | on | | | | 11-JUL-08 | |------------+-------------+-------------| | | Vulnerable; | 12.4(20)T; | | 12.3YH | first fixed | Available | | | in 12.4T | on | | | | 11-JUL-08 | |------------+-------------+-------------| | | Vulnerable; | 12.4(20)T; | | 12.3YI | first fixed | Available | | | in 12.4T | on | | | | 11-JUL-08 | |------------+-------------+-------------| | 12.3YJ | Not | | | | Vulnerable | | |------------+-------------+-------------| | | Vulnerable; | 12.4(20)T; | | 12.3YK | first fixed | Available | | | in 12.4T | on | | | | 11-JUL-08 | |------------+-------------+-------------| | | Releases | | | | prior to | | | | 12.3(14) | | | | YM12 are | | | | vulnerable, | 12.3(14) | | 12.3YM | release | YM12 | | | 12.3(14) | | | | YM12 and | | | | later are | | | | not | | | | vulnerable; | | |------------+-------------+-------------| | 12.3YQ | Not | | | | Vulnerable | | |------------+-------------+-------------| | | Vulnerable; | 12.4(20)T; | | 12.3YS | first fixed | Available | | | in 12.4T | on | | | | 11-JUL-08 | |------------+-------------+-------------| | | Vulnerable; | 12.4(20)T; | | 12.3YT | first fixed | Available | | | in 12.4T | on | | | | 11-JUL-08 | |------------+-------------+-------------| | | Vulnerable; | | | 12.3YU | first fixed | | | | in 12.4XB | | |------------+-------------+-------------| | 12.3YX | 12.3(14) | 12.3(14) | | | YX12 | YX12 | |------------+-------------+-------------| | 12.3YZ | Vulnerable; | | | | contact TAC | | |------------+-------------+-------------| | Affected | First Fixed | Recommended | | 12.4-Based | Release | Release | | Releases | | | |------------+-------------+-------------| | | 12.4(18b) | | | | | | | | 12.4(19a) | 12.4(19a) | | 12.4 | | | | | 12.4(19b) | 12.4(19b) | | | | | | | 12.4(21) | | |------------+-------------+-------------| | 12.4JA | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.4JK | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.4JMA | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.4JMB | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.4JMC | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.4JX | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.4MD | 12.4(15)MD | 12.4(15)MD | |------------+-------------+-------------| | 12.4MR | 12.4(19)MR | 12.4(19)MR | |------------+-------------+-------------| | 12.4SW | Vulnerable; | | | | contact TAC | | |------------+-------------+-------------| | | 12.4(15)T6 | | | | | 12.4(20)T; | | 12.4T | 12.4(20)T; | Available | | | Available | on | | | on | 11-JUL-08 | | | 11-JUL-08 | | |------------+-------------+-------------| | | Vulnerable; | 12.4(20)T; | | 12.4XA | first fixed | Available | | | in 12.4T | on | | | | 11-JUL-08 | |------------+-------------+-------------| | 12.4XB | 12.4(2)XB10 | | |------------+-------------+-------------| | 12.4XC | Vulnerable; | | | | contact TAC | | |------------+-------------+-------------| | | 12.4(4) | 12.4(20)T; | | | XD11; | Available | | 12.4XD | Available | on | | | on | 11-JUL-08 | | | 31-JUL-08 | | |------------+-------------+-------------| | | Vulnerable; | 12.4(20)T; | | 12.4XE | first fixed | Available | | | in 12.4T | on | | | | 11-JUL-08 | |------------+-------------+-------------| | 12.4XF | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.4XG | Not | | | | Vulnerable | | |------------+-------------+-------------| | | Vulnerable; | 12.4(20)T; | | 12.4XJ | first fixed | Available | | | in 12.4T | on | | | | 11-JUL-08 | |------------+-------------+-------------| | 12.4XK | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.4XL | 12.4(15)XL2 | 12.4(15)XL2 | |------------+-------------+-------------| | 12.4XM | 12.4(15)XM1 | 12.4(15)XM1 | |------------+-------------+-------------| | 12.4XN | Vulnerable; | | | | contact TAC | | |------------+-------------+-------------| | 12.4XQ | Vulnerable; | | | | contact TAC | | |------------+-------------+-------------| | 12.4XT | Vulnerable; | | | | contact TAC | | |------------+-------------+-------------| | 12.4XV | Vulnerable; | | | | contact TAC | | |------------+-------------+-------------| | 12.4XW | 12.4(11)XW8 | 12.4(11)XW6 | |------------+-------------+-------------| | 12.4XY | 12.4(15)XY3 | | |------------+-------------+-------------| | | Vulnerable; | 12.4(20)T; | | 12.4XZ | first fixed | Available | | | in 12.4T | on | | | | 11-JUL-08 | +----------------------------------------+
Cisco Network Registrar +----------------------
+---------------------------------------+ | Affected | | | Release | First Fixed Release | | Train | | |--------------+------------------------| | 6.1.x | Contact TAC | |--------------+------------------------| | | 6.3.1.1 patch; | | 6.3.x | available mid-July | | | 2008 | |--------------+------------------------| | 7.0.x | 7.0.1; available in | | | mid-July 2008 | +---------------------------------------+
Cisco Network Registrar software is available for download at:
http://www.cisco.com/pcgi-bin/Software/Tablebuild/tablebuild.pl/nr-eval
Cisco Application and Content Networking System +----------------------------------------------
This issue is fixed in version 5.5.11 of Cisco ACNS software. This release will be available for download from www.cisco.com in late July 2008.
Cisco ACNS 5.5 software is available for download at:
http://www.cisco.com/pcgi-bin/tablebuild.pl/acns55
Workarounds
There are no workarounds.
Additional information about identification and mitigation of attacks against DNS is in the Cisco Applied Intelligence white paper "DNS Best Practices, Network Protections, and Attack Identification," available at http://www.cisco.com/web/about/security/intelligence/dns-bcp.html.
Obtaining Fixed Software
Cisco has released free software updates that address these vulnerabilities. Prior to deploying software, customers should consult their maintenance provider or check the software for feature set compatibility and known issues specific to their environment.
Customers may only install and expect support for the feature sets they have purchased. By installing, downloading, accessing or otherwise using such software upgrades, customers agree to be bound by the terms of Cisco's software license terms found at http://www.cisco.com/en/US/products/prod_warranties_item09186a008088e31f.html, or as otherwise set forth at Cisco.com Downloads at http://www.cisco.com/public/sw-center/sw-usingswc.shtml.
Do not contact psirt@cisco.com or security-alert@cisco.com for software upgrades.
Customers with Service Contracts +-------------------------------
Customers with contracts should obtain upgraded software through their regular update channels. For most customers, this means that upgrades should be obtained through the Software Center on Cisco's worldwide website at http://www.cisco.com.
Customers using Third Party Support Organizations +------------------------------------------------
Customers whose Cisco products are provided or maintained through prior or existing agreements with third-party support organizations, such as Cisco Partners, authorized resellers, or service providers should contact that support organization for guidance and assistance with the appropriate course of action in regards to this advisory.
The effectiveness of any workaround or fix is dependent on specific customer situations, such as product mix, network topology, traffic behavior, and organizational mission. Due to the variety of affected products and releases, customers should consult with their service provider or support organization to ensure any applied workaround or fix is the most appropriate for use in the intended network before it is deployed.
Customers without Service Contracts +----------------------------------
Customers who purchase direct from Cisco but do not hold a Cisco service contract, and customers who purchase through third-party vendors but are unsuccessful in obtaining fixed software through their point of sale should acquire upgrades by contacting the Cisco Technical Assistance Center (TAC). TAC contacts are as follows.
- +1 800 553 2447 (toll free from within North America)
- +1 408 526 7209 (toll call from anywhere in the world)
- e-mail: tac@cisco.com
Customers should have their product serial number available and be prepared to give the URL of this notice as evidence of entitlement to a free upgrade. Free upgrades for non-contract customers must be requested through the TAC.
Refer to http://www.cisco.com/warp/public/687/Directory/DirTAC.shtml for additional TAC contact information, including localized telephone numbers, and instructions and e-mail addresses for use in various languages.
Exploitation and Public Announcements
The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability described in this advisory. Cisco would like to thank Dan Kaminsky for notifying vendors about his findings.
Note that vulnerability information for Cisco IOS Software is being provided in this advisory outside of the announced publication schedule for Cisco IOS Software described at http://www.cisco.com/go/psirt due to industry-wide disclosure of the vulnerability.
Status of this Notice: FINAL
THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES THE RIGHT TO CHANGE OR UPDATE THIS DOCUMENT AT ANY TIME.
A stand-alone copy or Paraphrase of the text of this document that omits the distribution URL in the following section is an uncontrolled copy, and may lack important information or contain factual errors.
Distribution
This advisory is posted on Cisco's worldwide website at
http://www.cisco.com/warp/public/707/cisco-sa-20080708-dns.shtml
In addition to worldwide web posting, a text version of this notice is clear-signed with the Cisco PSIRT PGP key and is posted to the following e-mail and Usenet news recipients.
- cust-security-announce@cisco.com
- first-teams@first.org
- bugtraq@securityfocus.com
- vulnwatch@vulnwatch.org
- cisco@spot.colorado.edu
- cisco-nsp@puck.nether.net
- full-disclosure@lists.grok.org.uk
- comp.dcom.sys.cisco@newsgate.cisco.com
Future updates of this advisory, if any, will be placed on Cisco's worldwide website, but may or may not be actively announced on mailing lists or newsgroups. Users concerned about this problem are encouraged to check the above URL for any updates.
Revision History
+-----------------------------------------------------------+ | Revision 1.0 | 2008-July-08 | Initial public release | +-----------------------------------------------------------+
Cisco Security Procedures
Complete information on reporting security vulnerabilities in Cisco products, obtaining assistance with security incidents, and registering to receive security information from Cisco, is available on Cisco's worldwide website at http://www.cisco.com/en/US/products/products_security_vulnerability_policy.html. This includes instructions for press inquiries regarding Cisco security notices. All Cisco security advisories are available at http://www.cisco.com/go/psirt.
+-------------------------------------------------------------------- Copyright 2007-2008 Cisco Systems, Inc. All rights reserved. +--------------------------------------------------------------------
Updated: Jul 08, 2008 Document ID: 107064
+--------------------------------------------------------------------
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux)
iEYEARECAAYFAkhztUIACgkQ86n/Gc8U/uCAgACfVRRoJO4w4defnpwbNlfgBm4t 2SMAnjKCKECHtsjN9umqqPrPd2DW4IcC =XGZw -----END PGP SIGNATURE----- . This could be used to misdirect users and services; i.e.
This update provides the latest stable BIND releases for all platforms except Corporate Server/Desktop 3.0 and MNF2, which have been patched to correct the issue.
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1447
Updated Packages:
Mandriva Linux 2007.1: 73cc24fc9586b7ab290d755012c16a79 2007.1/i586/bind-9.4.2-0.1mdv2007.1.i586.rpm 70867c50cfd64b4406aa002d627d740b 2007.1/i586/bind-devel-9.4.2-0.1mdv2007.1.i586.rpm 3603e9d9115466753397a1f472011703 2007.1/i586/bind-utils-9.4.2-0.1mdv2007.1.i586.rpm cf5e4100ecb21a4eb603831e5a6ec23d 2007.1/SRPMS/bind-9.4.2-0.1mdv2007.1.src.rpm
Mandriva Linux 2007.1/X86_64: 4eb7ce0984d3ce3befff667392e3bf3e 2007.1/x86_64/bind-9.4.2-0.1mdv2007.1.x86_64.rpm d7b9a9e7d4c52a5b0c54f59ca20bf2d5 2007.1/x86_64/bind-devel-9.4.2-0.1mdv2007.1.x86_64.rpm c5c66c9609615029d2f07f7b09a63118 2007.1/x86_64/bind-utils-9.4.2-0.1mdv2007.1.x86_64.rpm cf5e4100ecb21a4eb603831e5a6ec23d 2007.1/SRPMS/bind-9.4.2-0.1mdv2007.1.src.rpm
Mandriva Linux 2008.0: 52dfe3970fcd9495b2bb9379a9312b25 2008.0/i586/bind-9.4.2-1mdv2008.0.i586.rpm 97d20d35b6814aa2f9fab549ca6237c0 2008.0/i586/bind-devel-9.4.2-1mdv2008.0.i586.rpm 87a7bb3dd25abd8cd882a8f2fdc2398e 2008.0/i586/bind-utils-9.4.2-1mdv2008.0.i586.rpm da4444a8074e6ede39dfa557fb258db7 2008.0/SRPMS/bind-9.4.2-1mdv2008.0.src.rpm
Mandriva Linux 2008.0/X86_64: b9d0337363bc1e2b14505f25d4ee5f99 2008.0/x86_64/bind-9.4.2-1mdv2008.0.x86_64.rpm 9b75e2a96784c00c2912bc3bf333d089 2008.0/x86_64/bind-devel-9.4.2-1mdv2008.0.x86_64.rpm 0a593b090d9e6bda3666e234056e19ba 2008.0/x86_64/bind-utils-9.4.2-1mdv2008.0.x86_64.rpm da4444a8074e6ede39dfa557fb258db7 2008.0/SRPMS/bind-9.4.2-1mdv2008.0.src.rpm
Mandriva Linux 2008.1: 2534ef007262d4ea2d219bab0190466c 2008.1/i586/bind-9.5.0-3mdv2008.1.i586.rpm c3feee5d05aa3aee14cd70a2d295d0b1 2008.1/i586/bind-devel-9.5.0-3mdv2008.1.i586.rpm f306c06665b723a2530258e6d1dbdae2 2008.1/i586/bind-doc-9.5.0-3mdv2008.1.i586.rpm 967ef80628f92160930bc3a3827a216e 2008.1/i586/bind-utils-9.5.0-3mdv2008.1.i586.rpm 70fc7a7964944a2926979710c5148ed1 2008.1/SRPMS/bind-9.5.0-3mdv2008.1.src.rpm
Mandriva Linux 2008.1/X86_64: 3f4d96d7a7f913c141e1f63cdc7e7336 2008.1/x86_64/bind-9.5.0-3mdv2008.1.x86_64.rpm 420db658366763686198f41394aa72b3 2008.1/x86_64/bind-devel-9.5.0-3mdv2008.1.x86_64.rpm 6f3674f68311494c5a9ff0dbce831e82 2008.1/x86_64/bind-doc-9.5.0-3mdv2008.1.x86_64.rpm 4294b3a086b89bf53c5c967c17962447 2008.1/x86_64/bind-utils-9.5.0-3mdv2008.1.x86_64.rpm 70fc7a7964944a2926979710c5148ed1 2008.1/SRPMS/bind-9.5.0-3mdv2008.1.src.rpm
Corporate 3.0: de2a4372d1c25d73f343c9fcb044c9dd corporate/3.0/i586/bind-9.2.3-6.5.C30mdk.i586.rpm 1f24f6dbdb6c02e21cbbef99555049cb corporate/3.0/i586/bind-devel-9.2.3-6.5.C30mdk.i586.rpm 00405b98290d5a41f226081baa57e18d corporate/3.0/i586/bind-utils-9.2.3-6.5.C30mdk.i586.rpm 6a237dc290f4f7c463b1996e6a4a4515 corporate/3.0/SRPMS/bind-9.2.3-6.5.C30mdk.src.rpm
Corporate 3.0/X86_64: 628162f3d6a414828d2231fefc46842b corporate/3.0/x86_64/bind-9.2.3-6.5.C30mdk.x86_64.rpm dd29ff31a9cffcc1b20fd045869d7013 corporate/3.0/x86_64/bind-devel-9.2.3-6.5.C30mdk.x86_64.rpm c475c1a4d048e04da1fc27dcbb17c3f3 corporate/3.0/x86_64/bind-utils-9.2.3-6.5.C30mdk.x86_64.rpm 6a237dc290f4f7c463b1996e6a4a4515 corporate/3.0/SRPMS/bind-9.2.3-6.5.C30mdk.src.rpm
Corporate 4.0: 271ead204904be302d197cd542f5ae23 corporate/4.0/i586/bind-9.3.5-0.4.20060mlcs4.i586.rpm 42413dcc1cf053e735216f767eff4e5d corporate/4.0/i586/bind-devel-9.3.5-0.4.20060mlcs4.i586.rpm 0201afe493a41e1deedc9bf7e9725f4a corporate/4.0/i586/bind-utils-9.3.5-0.4.20060mlcs4.i586.rpm 86bc0cdc9ed1b959b6f56e0660268f2e corporate/4.0/SRPMS/bind-9.3.5-0.4.20060mlcs4.src.rpm
Corporate 4.0/X86_64: b1a18a7d0578dab7bd825eda6c682b3d corporate/4.0/x86_64/bind-9.3.5-0.4.20060mlcs4.x86_64.rpm 6a2ebd550feb9147058de05b1a1ef04d corporate/4.0/x86_64/bind-devel-9.3.5-0.4.20060mlcs4.x86_64.rpm 670a1b934ce4974b8505018ab69ade0b corporate/4.0/x86_64/bind-utils-9.3.5-0.4.20060mlcs4.x86_64.rpm 86bc0cdc9ed1b959b6f56e0660268f2e corporate/4.0/SRPMS/bind-9.3.5-0.4.20060mlcs4.src.rpm
Multi Network Firewall 2.0: 5b694c24cc2092e38f531dbfdd5c9d41 mnf/2.0/i586/bind-9.2.3-6.5.C30mdk.i586.rpm c08bc805027059c47bed32215f17eacb mnf/2.0/i586/bind-utils-9.2.3-6.5.C30mdk.i586.rpm 39225289516498e1b071c5059306f2b9 mnf/2.0/SRPMS/bind-9.2.3-6.5.C30mdk.src.rpm
To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandriva for security. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 200901-03
http://security.gentoo.org/
Severity: Normal Title: pdnsd: Denial of Service and cache poisoning Date: January 11, 2009 Bugs: #231285 ID: 200901-03
Synopsis
Two errors in pdnsd allow for Denial of Service and cache poisoning.
Affected packages
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 net-dns/pdnsd < 1.2.7 >= 1.2.7
Description
Two issues have been reported in pdnsd:
- The p_exec_query() function in src/dns_query.c does not properly handle many entries in the answer section of a DNS reply, related to a "dangling pointer bug" (CVE-2008-4194). The first issue can be exploited by enticing pdnsd to send a query to a malicious DNS server, or using the port randomization weakness, and might lead to a Denial of Service.
Workaround
Port randomization can be enabled by setting the "query_port_start" option to 1024 which would resolve the CVE-2008-1447 issue.
Resolution
All pdnsd users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=net-dns/pdnsd-1.2.7"
References
[ 1 ] CVE-2008-1447 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1447 [ 2 ] CVE-2008-4194 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4194
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-200901-03.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at http://bugs.gentoo.org.
License
Copyright 2009 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5 . Among other things, successful attacks can lead to misdirected web traffic and email rerouting.
This update changes Debian's dnsmasq packages to implement the recommended countermeasure: UDP query source port randomization. This change increases the size of the space from which an attacker has to guess values in a backwards-compatible fashion and makes successful attacks significantly more difficult.
This update also switches the random number generator to Dan Bernstein's SURF.
For the stable distribution (etch), this problem has been fixed in version 2.35-1+etch4. Packages for alpha will be provided later.
For the unstable distribution (sid), this problem has been fixed in version 2.43-1.
We recommend that you upgrade your dnsmasq package.
Upgrade instructions
wget url will fetch the file for you dpkg -i file.deb will install the referenced file.
If you are using the apt-get package manager, use the line for sources.list as given below:
apt-get update will update the internal database apt-get upgrade will install corrected packages
You may use an automated update by adding the resources from the footer to the proper configuration.
Debian GNU/Linux 4.0 alias etch
Stable updates are available for amd64, arm, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.
Source archives:
http://security.debian.org/pool/updates/main/d/dnsmasq/dnsmasq_2.35-1+etch4.dsc Size/MD5 checksum: 596 3834461c89e55467b4b65ed4ac209e81 http://security.debian.org/pool/updates/main/d/dnsmasq/dnsmasq_2.35.orig.tar.gz Size/MD5 checksum: 252901 ad1fafeaf3442685cfe16613e0f8b777 http://security.debian.org/pool/updates/main/d/dnsmasq/dnsmasq_2.35-1+etch4.diff.gz Size/MD5 checksum: 19202 4ced7768f49198bd43bbbd24f2a3d3e4
amd64 architecture (AMD x86_64 (AMD64))
http://security.debian.org/pool/updates/main/d/dnsmasq/dnsmasq_2.35-1+etch4_amd64.deb Size/MD5 checksum: 188278 8fb55f694db9fdfccaa86d134e937777
arm architecture (ARM)
http://security.debian.org/pool/updates/main/d/dnsmasq/dnsmasq_2.35-1+etch4_arm.deb Size/MD5 checksum: 181746 4caf23f31de937b817e12ade7d132eac
hppa architecture (HP PA RISC)
http://security.debian.org/pool/updates/main/d/dnsmasq/dnsmasq_2.35-1+etch4_hppa.deb Size/MD5 checksum: 190490 66730e785683655b058d11aa70346be4
i386 architecture (Intel ia32)
http://security.debian.org/pool/updates/main/d/dnsmasq/dnsmasq_2.35-1+etch4_i386.deb Size/MD5 checksum: 184546 1fbdd71e81a1e05d68b0f88eaeb00b10
ia64 architecture (Intel ia64)
http://security.debian.org/pool/updates/main/d/dnsmasq/dnsmasq_2.35-1+etch4_ia64.deb Size/MD5 checksum: 223758 011f283b71ef0f9e07d5a9dce25db505
mips architecture (MIPS (Big Endian))
http://security.debian.org/pool/updates/main/d/dnsmasq/dnsmasq_2.35-1+etch4_mips.deb Size/MD5 checksum: 189846 5c67cca2eaedc1dff80c5fd05aa1d33f
mipsel architecture (MIPS (Little Endian))
http://security.debian.org/pool/updates/main/d/dnsmasq/dnsmasq_2.35-1+etch4_mipsel.deb Size/MD5 checksum: 191824 dfd87d69a7751f1e6ef2d0f1ede052ff
powerpc architecture (PowerPC)
http://security.debian.org/pool/updates/main/d/dnsmasq/dnsmasq_2.35-1+etch4_powerpc.deb Size/MD5 checksum: 186890 93701abcca5421beddab015a7f35af99
s390 architecture (IBM S/390)
http://security.debian.org/pool/updates/main/d/dnsmasq/dnsmasq_2.35-1+etch4_s390.deb Size/MD5 checksum: 186396 6f19f6c8d803c3d57e01e73fe1e11886
sparc architecture (Sun SPARC/UltraSPARC)
http://security.debian.org/pool/updates/main/d/dnsmasq/dnsmasq_2.35-1+etch4_sparc.deb Size/MD5 checksum: 182910 f360078c14f715e90e60124b4ede2be9
These files will probably be moved into the stable distribution on its next update. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c01506861 Version: 3
HPSBUX02351 SSRT080058 rev.3 - HP-UX Running BIND, Remote DNS Cache Poisoning
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2008-07-16 Last Updated: 2008-08-06
Potential Security Impact: Remote DNS cache poisoning
Source: Hewlett-Packard Company, HP Software Security Response Team
VULNERABILITY SUMMARY A potential security vulnerability has been identified with HP-UX running BIND. HP-UX B.11.11, B.11.23, B.11.31 running BIND v9.3.2 or BIND v9.2.0, HP-UX B.11.11 running BIND v8.1.2
BACKGROUND
CVSS 2.0 Base Metrics
Reference Base Vector Base Score CVE-2008-1447 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 =============================================== Information on CVSS is documented in HP Customer Notice: HPSN-2008-002.
RESOLUTION
HP has provided the following software updates / patch to resolve the vulnerabilities for BIND v9.2.0 and BIND v9.3.2.
Customers running BIND v8.1.2 on HP-UX B.11.11 should upgrade to BIND v9.2.0 or BIND v9.3.2 and apply the updates listed below.
The BIND v9.2.0 update is available for download from: ftp://ss080058:ss080058@hprc.external.hp.com
The patch PHNE_37865 is available from: http://itrc.hp.com
The BIND v9.3.2 updates are available for download from: http://software.hp.com
HP-UX Release - B.11.11 running v8.1.2 Action - Upgrade to BIND v9.2.0 or BIND v9.3.2 and apply the updates listed below
HP-UX Release - B.11.11 running v9.2.0 BIND Depot name - BIND920v11.depot MD5 Sum - F6999280DE19645EF86FF52083AACD72
HP-UX Release - B.11.23 running v9.2.0 Action - Install PHNE_37865
HP-UX Release - B.11.11 running v9.3.2 Action - Install revision C.9.3.2.3.0 or subsequent
HP-UX Release - B.11.23 running v9.3.2 Action - Install revision C.9.3.2.3.0 or subsequent
HP-UX Release - B.11.31 running v9.3.2 Action - Install revision C.9.3.2.3.0 or subsequent
Note: HP is aware of performance issues with these updates / patch. All customers should test the updates / patch in their environment. HP is investigating changes to reduce the performance issues. This bulletin will be revised when new updates / patch become available.
MANUAL ACTIONS: Yes - NonUpdate For B.11.11 running v8.1.2, upgrade to BIND v9.2.0 or BIND v9.3.2 and apply the updates For B.11.11 running v9.2.0 install BIND920v11.depot
PRODUCT SPECIFIC INFORMATION HP-UX Software Assistant: HP-UX Software Assistant is an enhanced application that replaces HP-UX Security Patch Check. It analyzes all HP-issued Security Bulletins and lists recommended actions that may apply to a specific HP-UX system. It can also download patches and create a depot automatically. For more information see: https://www.hp.com/go/swa
AFFECTED VERSIONS
For BIND v8.1.2 HP-UX B.11.11 ============= InternetSrvcs.INETSVCS-RUN action: upgrade to BIND v9.2.0 or BIND v9.3.2 and apply the updates
For BIND v9.3.2 HP-UX B.11.11 ============= BindUpgrade.BIND-UPGRADE action: install revision C.9.3.2.3.0 or subsequent URL: http://software.hp.com
HP-UX B.11.23
BindUpgrade.BIND-UPGRADE BindUpgrade.BIND2-UPGRADE action: install revision C.9.3.2.3.0 or subsequent URL: http://software.hp.com
HP-UX B.11.31
NameService.BIND-AUX NameService.BIND-RUN action: install revision C.9.3.2.3.0 or subsequent URL: http://software.hp.com
For BIND v9.2.0 HP-UX B.11.11 ============= BINDv920.INETSVCS-BIND action: install revision B.11.11.01.011 or subsequent URL: ftp://ss080058:ss080058@hprc.external.hp.com
HP-UX B.11.23
InternetSrvcs.INETSVCS-INETD InternetSrvcs.INETSVCS-RUN InternetSrvcs.INETSVCS2-RUN action: install patch PHNE_37865 or subsequent URL: http://itrc.hp.com
END AFFECTED VERSIONS
HISTORY Version:1 (rev.1) - 16 July 2008 Initial release Version:2 (rev.2) - 19 July 2008 Added BIND v9.2.0 depot information Version:3 (rev.3) - 06 August 2008 Updated patch location, revised BIND v9.2.0 depot information, added BIND v8.1.2
Third Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy.
Support: For further information, contact normal HP Services support channel.
Report: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com It is strongly recommended that security related information being communicated to HP be encrypted using PGP, especially exploit information. To get the security-alert PGP key, please send an e-mail message as follows: To: security-alert@hp.com Subject: get key
Subscribe: To initiate a subscription to receive future HP Security Bulletins via Email: http://h30046.www3.hp.com/driverAlertProfile.php?regioncode=NA&langcode=USENG&jumpid=in_SC-GEN__driverITRC&topiccode=ITRC On the web page: ITRC security bulletins and patch sign-up Under Step1: your ITRC security bulletins and patches - check ALL categories for which alerts are required and continue. Under Step2: your ITRC operating systems - verify your operating system selections are checked and save.
To update an existing subscription: http://h30046.www3.hp.com/subSignIn.php Log in on the web page: Subscriber's choice for Business: sign-in. On the web page: Subscriber's Choice: your profile summary - use Edit Profile to update appropriate sections.
To review previously published Security Bulletins visit: http://www.itrc.hp.com/service/cki/secBullArchive.do
- The Software Product Category that this Security Bulletin relates to is represented by the 5th and 6th characters of the Bulletin number in the title:
GN = HP General SW MA = HP Management Agents MI = Misc. 3rd Party SW MP = HP MPE/iX NS = HP NonStop Servers OV = HP OpenVMS PI = HP Printing & Imaging ST = HP Storage SW TL = HP Trusted Linux TU = HP Tru64 UNIX UX = HP-UX VV = HP VirtualVault
System management and security procedures must be reviewed frequently to maintain system integrity. HP is continually reviewing and enhancing the security features of software products to provide customers with current secure solutions.
"HP is broadly distributing this Security Bulletin in order to bring to the attention of users of the affected HP products the important security information contained in this Bulletin. HP recommends that all users determine the applicability of this information to their individual situations and take appropriate action. HP does not warrant that this information is necessarily accurate or complete for all user situations and, consequently, HP will not be responsible for any damages resulting from user's use or disregard of the information provided in this Bulletin.
Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental, special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. =========================================================== Ubuntu Security Notice USN-622-1 July 08, 2008 bind9 vulnerability CVE-2008-1447 ===========================================================
A security issue affects the following Ubuntu releases:
Ubuntu 6.06 LTS Ubuntu 7.04 Ubuntu 7.10 Ubuntu 8.04 LTS
This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu.
The problem can be corrected by upgrading your system to the following package versions:
Ubuntu 6.06 LTS: libdns21 1:9.3.2-2ubuntu1.5
Ubuntu 7.04: libdns22 1:9.3.4-2ubuntu2.3
Ubuntu 7.10: libdns32 1:9.4.1-P1-3ubuntu2
Ubuntu 8.04 LTS: libdns35 1:9.4.2-10ubuntu0.1
In general, a standard system upgrade is sufficient to effect the necessary changes.
Details follow:
Dan Kaminsky discovered weaknesses in the DNS protocol as implemented by Bind.
Description
== Several vulnerabilities in safe level ==
Multiple errors in the implementation of safe level restrictions can be exploited to call "untrace_var()", perform syslog operations, and modify "$PROGRAM_NAME" at safe level 4, or call insecure methods at safe levels 1 through 3.
(These vulnerabilities were reported by Keita Yamaguchi.)
== DoS vulnerability in WEBrick ==
An error exists in the usage of regular expressions in "WEBrick::HTTPUtils.split_header_value()". This can be exploited to consume large amounts of CPU via a specially crafted HTTP request.
(This vulnerability was reported by Christian Neukirchen.)
== Lack of taintness check in dl ==
An error in "DL" can be exploited to bypass security restrictions and call potentially dangerous functions.
(This vulnerability was reported by Tanaka Akira.)
Affected packages:
Pardus 2008: ruby, all before 1.8.7_p72-16-4 ruby-mode, all before 1.8.7_p72-16-4
Pardus 2007: ruby, all before 1.8.7_p72-16-13 ruby-mode, all before 1.8.7_p72-16-4
Resolution
There are update(s) for ruby, ruby-mode. You can update them via Package Manager or with a single command from console:
Pardus 2008: pisi up ruby ruby-mode
Pardus 2007: pisi up ruby ruby-mode
References
- http://www.ruby-lang.org/en/news/2008/08/08/multiple-vulnerabilities-in-ruby
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1447
- http://secunia.com/advisories/31430/
-- Pınar Yanardağ http://pinguar.org
Full-Disclosure - We believe in it. There are two ways to deal with this situation:
- The documentation included with BIND 9 contains a migration guide. Configure the BIND 8 resolver to forward queries to a BIND 9 resolver. Provided that the network between both resolvers is trusted, this protects the BIND 8 resolver from cache poisoning attacks (to the same degree that the BIND 9 resolver is protected). It is theoretically possible to safely use BIND 8 in this way, but updating to BIND 9 is strongly recommended. BIND 8 (that is, the bind package) will be removed from the etch distribution in a future point release. Scott Kitterman noted that python-dns is vulnerable to this predictability, as it randomizes neither its transaction ID nor its source port. Taken together, this lack of entropy leaves applications using python-dns to perform DNS queries highly susceptible to response forgery.
Try a new way to discover vulnerabilities that ALREADY EXIST in your IT infrastructure.
The Full Featured Secunia Network Software Inspector (NSI) is now available: http://secunia.com/network_software_inspector/
The Secunia NSI enables you to INSPECT, DISCOVER, and DOCUMENT vulnerabilities in more than 4,000 different Windows applications.
TITLE: Red Hat update for bind
SECUNIA ADVISORY ID: SA26195
VERIFY ADVISORY: http://secunia.com/advisories/26195/
CRITICAL: Moderately critical
IMPACT: Spoofing
WHERE:
From remote
OPERATING SYSTEM: Red Hat Enterprise Linux (v. 5 server) http://secunia.com/product/13652/ Red Hat Enterprise Linux Desktop (v. 5 client) http://secunia.com/product/13653/ Red Hat Enterprise Linux Desktop Workstation (v. 5 client) http://secunia.com/product/13651/ RedHat Enterprise Linux AS 2.1 http://secunia.com/product/48/ RedHat Enterprise Linux AS 3 http://secunia.com/product/2534/ RedHat Enterprise Linux AS 4 http://secunia.com/product/4669/ RedHat Enterprise Linux ES 2.1 http://secunia.com/product/1306/ RedHat Enterprise Linux ES 3 http://secunia.com/product/2535/ RedHat Enterprise Linux ES 4 http://secunia.com/product/4668/ RedHat Enterprise Linux WS 3 http://secunia.com/product/2536/ RedHat Enterprise Linux WS 2.1 http://secunia.com/product/1044/ RedHat Enterprise Linux WS 4 http://secunia.com/product/4670/ RedHat Linux Advanced Workstation 2.1 for Itanium http://secunia.com/product/1326/
DESCRIPTION: Red Hat has issued an update for bind.
For more information: SA26152
SOLUTION: Updated packages are available from Red Hat Network. http://rhn.redhat.com
ORIGINAL ADVISORY: http://rhn.redhat.com/errata/RHSA-2007-0740.html
OTHER REFERENCES: SA26152: http://secunia.com/advisories/26152/
About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. Security Advisory (08-AUG-2008) (CVE-2008-3280) ===============================================
Ben Laurie of Google's Applied Security team, while working with an external researcher, Dr. Richard Clayton of the Computer Laboratory, Cambridge University, found that various OpenID Providers (OPs) had TLS Server Certificates that used weak keys, as a result of the Debian Predictable Random Number Generator (CVE-2008-0166).
In combination with the DNS Cache Poisoning issue (CVE-2008-1447) and the fact that almost all SSL/TLS implementations do not consult CRLs (currently an untracked issue), this means that it is impossible to rely on these OPs.
Attack Description
In order to mount an attack against a vulnerable OP, the attacker first finds the private key corresponding to the weak TLS certificate. He then sets up a website masquerading as the original OP, both for the OpenID protocol and also for HTTP/HTTPS.
There are two cases, one is where the victim is a user trying to identify themselves, in which case, even if they use HTTPS to "ensure" that the site they are visiting is indeed their provider, they will be unable to detect the substitution and will give their login credentials to the attacker.
The second case is where the victim is the Relying Party (RP). In this case, even if the RP uses TLS to connect to the OP, as is recommended for higher assurance, he will not be defended, as the vast majority of OpenID implementations do not check CRLs, and will, therefore, accept the malicious site as the true OP.
Mitigation
Mitigation is surprisingly hard. In theory the vulnerable site should revoke their weak certificate and issue a new one.
However, since the CRLs will almost certainly not be checked, this means the site will still be vulnerable to attack for the lifetime of the certificate (and perhaps beyond, depending on user behaviour). Note that shutting down the site DOES NOT prevent the attack.
Therefore mitigation falls to other parties.
-
Browsers must check CRLs by default.
-
OpenID libraries must check CRLs.
-
Until either 1 and 2 or 3 have been done, OpenID cannot be trusted for any OP that cannot demonstrate it has never had a weak certificate.
Discussion
Normally, when security problems are encountered with a single piece of software, the responsible thing to do is to is to wait until fixes are available before making any announcement. However, as a number of examples in the past have demonstrated, this approach does not work particularly well when many different pieces of software are involved because it is necessary to coordinate a simultaneous release of the fixes, whilst hoping that the very large number of people involved will cooperate in keeping the vulnerability secret.
In the present situation, the fixes will involve considerable development work in adding CRL handling to a great many pieces of openID code. This is a far from trivial amount of work.
The fixes will also involve changes to browser preferences to ensure that CRLs are checked by default -- which many vendors have resisted for years. We are extremely pessimistic that a security vulnerability in OpenID will be seen as sufficiently important to change the browser vendors minds.
Hence, we see no value in delaying this announcement; and by making the details public as soon as possible, we believe that individuals who rely on OpenID will be better able to take their own individual steps to avoid relying upon the flawed certificates we have identified.
OpenID is at heart quite a weak protocol, when used in its most general form[1], and consequently there is very limited reliance upon its security. This means that the consequences of the combination of attacks that are now possible is nothing like as serious as might otherwise have been the case.
However, it does give an insight into the type of security disaster that may occur in the future if we do not start to take CRLs seriously, but merely stick them onto "to-do" lists or disable them in the name of tiny performance improvements.
Affected Sites
There is no central registry of OpenID systems, and so we cannot be sure that we have identified all of the weak certificates that are currently being served. The list of those we have found so far is:
openid.sun.com www.xopenid.net openid.net.nz
Notes
[1] There are ways of using OpenID that are significantly more secure than the commonly deployed scheme, I shall describe those in a separate article.
Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Show details on source website{
"affected_products": {
"_id": null,
"data": [
{
"_id": null,
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "debian gnu linux",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "fujitsu",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "internet consortium",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "openwall gnu linux",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "red hat",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "suse linux",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "sun microsystems",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "ubuntu",
"version": null
},
{
"_id": null,
"model": "bind",
"scope": "eq",
"trust": 1.0,
"vendor": "isc",
"version": "8"
},
{
"_id": null,
"model": "bind",
"scope": "eq",
"trust": 1.0,
"vendor": "isc",
"version": "4"
},
{
"_id": null,
"model": "bind",
"scope": "eq",
"trust": 1.0,
"vendor": "isc",
"version": "9.2.9"
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "alcatel lucent",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "apple computer",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "avaya",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "blue coat",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "bluecat",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "f5",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "force10",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "funkwerk",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "gentoo linux",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "hewlett packard",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "infoblox",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "mandriva",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "microsoft",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "nec",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "nixu",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "nominum",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "nortel",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "novell",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "openbsd",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "qnx",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "secure computing network security division",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "slackware linux",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "wind river",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "yamaha",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "dnsmasq",
"version": null
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#800113"
},
{
"db": "CERT/CC",
"id": "VU#252735"
},
{
"db": "NVD",
"id": "CVE-2008-1447"
}
]
},
"credits": {
"_id": null,
"data": "Debian",
"sources": [
{
"db": "PACKETSTORM",
"id": "68691"
},
{
"db": "PACKETSTORM",
"id": "68037"
},
{
"db": "PACKETSTORM",
"id": "68546"
}
],
"trust": 0.3
},
"cve": "CVE-2008-1447",
"cvss": {
"_id": null,
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CVE-2008-1447",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.0,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "VHN-31572",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:N/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"exploitabilityScore": 2.2,
"id": "CVE-2008-1447",
"impactScore": 4.0,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N",
"version": "3.1"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2008-1447",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#800113",
"trust": 0.8,
"value": "27.54"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#252735",
"trust": 0.8,
"value": "3.83"
},
{
"author": "VULHUB",
"id": "VHN-31572",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#800113"
},
{
"db": "CERT/CC",
"id": "VU#252735"
},
{
"db": "VULHUB",
"id": "VHN-31572"
},
{
"db": "NVD",
"id": "CVE-2008-1447"
}
]
},
"description": {
"_id": null,
"data": "The DNS protocol, as implemented in (1) BIND 8 and 9 before 9.5.0-P1, 9.4.2-P1, and 9.3.5-P1; (2) Microsoft DNS in Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP1 and SP2; and other implementations allow remote attackers to spoof DNS traffic via a birthday attack that uses in-bailiwick referrals to conduct cache poisoning against recursive resolvers, related to insufficient randomness of DNS transaction IDs and source ports, aka \"DNS Insufficient Socket Entropy Vulnerability\" or \"the Kaminsky bug.\". Deficiencies in the DNS protocol and common DNS implementations facilitate DNS cache poisoning attacks. ISC (Internet Systems Consortiuim) BIND generates cryptographically weak DNS query IDs which could allow a remote attacker to poison DNS caches. In IP NAT filtering in Sun Solaris 10 and OpenSolaris series products, when a DNS server runs NAT, it incorrectly changes the original address of the data packet. When the destination address is a DNS port, it will allow remote attackers to bypass CVE-2008 -1447 security protection. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\nCisco Security Advisory: Multiple Cisco Products Vulnerable to DNS Cache\nPoisoning Attacks\n\nAdvisory ID: cisco-sa-20080708-dns\n\nhttp://www.cisco.com/warp/public/707/cisco-sa-20080708-dns.shtml\n\nRevision 1.0\n\nFor Public Release 2008 July 08 1800 UTC (GMT)\n\nSummary\n=======\n\nMultiple Cisco products are vulnerable to DNS cache poisoning attacks\ndue to their use of insufficiently randomized DNS transaction IDs and\nUDP source ports in the DNS queries that they produce, which may allow\nan attacker to more easily forge DNS answers that can poison DNS caches. \n\nTo exploit this vulnerability an attacker must be able to cause a\nvulnerable DNS server to perform recursive DNS queries. Therefore, DNS\nservers that are only authoritative, or servers where recursion is not\nallowed, are not affected. \n\nCisco has released free software updates that address this vulnerability. \n\nThis advisory is posted at\nhttp://www.cisco.com/warp/public/707/cisco-sa-20080708-dns.shtml. \n\nThis security advisory is being published simultaneously with\nannouncements from other affected organizations. \nProducts that process DNS messages with the RD flag set will attempt to\nanswer the question asked on behalf of the client. A product is only\naffected if using a vulnerable implementation of the DNS protocol, the\nDNS server functionality for the product is enabled, and the DNS feature\nfor the product is configured to process recursive DNS query messages. \n\nVulnerable Products\n+------------------\n\nThe following Cisco products are capable of acting as DNS servers and\nhave been found to have the DNS implementation weakness that makes some\ntypes of DNS cache poisoning attacks more likely to succeed:\n\n * Cisco IOS Software\n\n A device that is running Cisco IOS Software will be affected if it\n is running a vulnerable version and if it is acting as a DNS server. \n\n All Cisco IOS Software releases that support the DNS server\n functionality and that have not had their DNS implementation\n improved are affected. For information about specific fixed\n versions, please refer to the Software Versions and Fixes section. \n\n A device that is running Cisco IOS Software is configured to act\n as a DNS server if the command \"ip dns server\" is present in the\n configuration. This command is not enabled by default. \n\n * Cisco Network Registrar\n\n All Cisco Network Registrar versions are affected, and DNS services\n are enabled by default. \n\n The DNS server on CNR is enabled via the command-line interface\n (CLI) commands \"server dns enable start-on-reboot\" or \"dns enable\n start-on-reboot\" or via the web management interface in the Servers\n page by selecting the appropriate \"Start,\" \"Stop,\" or \"Reload\"\n button. \n\n * Cisco Application and Content Networking System\n\n All Cisco Application and Content Networking System (ACNS) versions\n are affected; DNS services are disabled by default. \n\n ACNS is configured to act as a DNS server if the command\n \"dns enable\" is present in the configuration. \n\n * Cisco Global Site Selector Used in Combination with Cisco Network\n Registrar\n\n The Cisco Global Site Selector (GSS) is affected when it is used in\n combination with Cisco Network Registrar software to provide a more\n complete DNS solution. Fixed software would come in the form of an\n update of the Cisco Network Registrar software rather than an update\n of the GSS software. \n\nProducts Confirmed Not Vulnerable\n+--------------------------------\n\nProducts that do not offer DNS server capabilities are not affected by\nthis vulnerability. \n\nThe Cisco GSS by itself is not affected by this vulnerability. However,\nit is affected when it is used with Cisco Network Registrar software. \n\nNo other Cisco products are currently known to be affected by these\nvulnerabilities. \n\nDetails\n=======\n\nThe Domain Name System is an integral part of networks that are based\non TCP/IP such as the Internet. Simply stated, the Domain Name System\nis a hierarchical database that contains mappings of hostnames and IP\naddresses. When handling\na query from a DNS client, a DNS server can look into its portion of the\nglobal DNS database (if the query is for a portion of the DNS database\nfor which the DNS server is authoritative), or it can relay the query\nto other DNS servers (if it is configured to do so and if the query\nis for a portion of the DNS database for which the DNS server is not\nauthoritative.)\n\nBecause of the processing time and bandwidth that is associated with\nhandling a DNS query, most DNS servers locally store responses that\nare received from other DNS servers. The area where these responses\nare stored locally is called a \"cache.\" Once a response is stored in a\ncache, the DNS server can use the locally stored response for a certain\ntime (called the \"time to live\") before having to query DNS servers\nagain to refresh the local (cached) copy of the response. For\nexample, if www.example.com is mapped to the IP address 192.168.0.1\nand this mapping is present in the cache of a DNS server, an attacker\nwho succeeds in poisoning the DNS cache of this server may be able to\nmap www.example.com to 10.0.0.1 instead. If this happens, a user who\nis trying to visit www.example.com may end up contacting the wrong web\nserver. The fundamental implementation\nweakness is that the DNS transaction ID and source port number used to\nvalidate DNS responses are not sufficiently randomized and can easily\nbe predicted, which allows an attacker to create forged responses to\nDNS queries that will match the expected values. The DNS server will\nconsider such responses to be valid. \n\nThe following Cisco products that offer DNS server functionality have\nbeen found to be susceptible to DNS cache poisoning attacks:\n\n * Cisco IOS Software: The vulnerability documented in Cisco bug ID\n CSCso81854. \n\n * Cisco Network Registrar: The vulnerability documented in Cisco\n bug ID CSCsq01298. \n\n * Cisco Application and Content Networking System (ACNS): The\n vulnerability documented in Cisco bug ID CSCsq21930. \n\nThis vulnerability has been assigned Common Vulnerabilities and\nExposures (CVE) ID CVE-2008-1447. \n\nVulnerability Scoring Details\n+----------------------------\n\nCisco has provided scores for the vulnerabilities in this advisory based\non the Common Vulnerability Scoring System (CVSS). The CVSS scoring in\nthis Security Advisory is done in accordance with CVSS version 2.0. \n\nCVSS is a standards-based scoring method that conveys vulnerability\nseverity and helps determine urgency and priority of response. \n\nCisco has provided a base and temporal score. Customers can then\ncompute environmental scores to assist in determining the impact of the\nvulnerability in individual networks. \n\nCisco has provided an FAQ to answer additional questions regarding CVSS\nat\n\nhttp://www.cisco.com/web/about/security/intelligence/cvss-qandas.html\n\nCisco has also provided a CVSS calculator to help compute the\nenvironmental impact for individual networks at\n\nhttp://intellishield.cisco.com/security/alertmanager/cvss\n\nCisco Bugs:\n\n* DNS cache prone to poisoning/forged answers attacks (CSCsq21930)\n\n* DNS susceptible to forged query response attacks (CSCsq01298)\n\n* Need to make DNS implementation more resilient against forged answers\n(CSCso81854)\n\nCVSS Base Score - 6.4\n Access Vector - Network\n Access Complexity - Low\n Authentication - None\n Confidentiality Impact - None\n Integrity Impact - Partial\n Availability Impact - Partial\n\nCVSS Temporal Score - 5.3\n Exploitability - Functional\n Remediation Level - Official-Fix\n Report Confidence - Confirmed\n\n(same score for the three Cisco bugs listed above.)\n\nImpact\n======\n\nSuccessful exploitation of the vulnerability described in this document\nmay result in invalid hostname-to-IP address mappings in the cache of an\naffected DNS server. This may lead users of this DNS server to contact\nthe wrong provider of network services. The ultimate impact varies\ngreatly, ranging from a simple denial of service (for example, making\nwww.example.com resolve to 127.0.0.1) to phishing and financial fraud. \n\nSoftware Versions and Fixes\n===========================\n\nWhen considering software upgrades, also consult\nhttp://www.cisco.com/go/psirt and any subsequent advisories to determine\nexposure and a complete upgrade solution. \n\nIn all cases, customers should exercise caution to be certain the\ndevices to be upgraded contain sufficient memory and that current\nhardware and software configurations will continue to be supported\nproperly by the new release. If the information is not clear, contact\nthe Cisco Technical Assistance Center (TAC) or your contracted\nmaintenance provider for assistance. \n\nCisco IOS Software\n+-----------------\n\nEach row of the Cisco IOS Software table (below) names a Cisco IOS\nSoftware release train. If a given release train is vulnerable, then\nthe earliest possible releases that contain the fix (along with the\nanticipated date of availability for each, if applicable) are listed in\nthe \"First Fixed Release\" column of the table. The \"Recommended Release\"\ncolumn indicates the releases which have fixes for all the published\nvulnerabilities at the time of this Advisory. A device running a release\nin the given train that is earlier than the release in a specific column\n(less than the First Fixed Release) is known to be vulnerable. Cisco\nrecommends upgrading to a release equal to or later than the release in\nthe \"Recommended Releases\" column of the table. \n\n+----------------------------------------+\n| Major | Availability of |\n| Release | Repaired Releases |\n|------------+---------------------------|\n| Affected | First Fixed | Recommended |\n| 12.0-Based | Release | Release |\n| Releases | | |\n|------------+-------------+-------------|\n| 12.0 | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.0DA | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| | Releases | |\n| | prior to | |\n| | 12.0(7)DB | |\n| | are | |\n| | vulnerable, | 12.4(19a) |\n| 12.0DB | release | |\n| | 12.0(7)DB | 12.4(19b) |\n| | and later | |\n| | are not | |\n| | vulnerable; | |\n| | first fixed | |\n| | in 12.4 | |\n|------------+-------------+-------------|\n| | Releases | |\n| | prior to | |\n| | 12.0(7)DC | |\n| | are | |\n| | vulnerable, | 12.4(19a) |\n| 12.0DC | release | |\n| | 12.0(7)DC | 12.4(19b) |\n| | and later | |\n| | are not | |\n| | vulnerable; | |\n| | first fixed | |\n| | in 12.4 | |\n|------------+-------------+-------------|\n| 12.0S | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.0SC | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.0SL | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.0SP | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.0ST | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.0SX | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.0SY | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.0SZ | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| | Vulnerable; | 12.4(19a) |\n| 12.0T | first fixed | |\n| | in 12.4 | 12.4(19b) |\n|------------+-------------+-------------|\n| 12.0W | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.0WC | Vulnerable; | |\n| | contact TAC | |\n|------------+-------------+-------------|\n| 12.0WT | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.0XA | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.0XB | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.0XC | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.0XD | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| | Note: | |\n| | Releases | |\n| | prior to | |\n| | 12.0(7)XE1 | |\n| | are | |\n| 12.0XE | vulnerable, | |\n| | release | |\n| | 12.0(7)XE1 | |\n| | and later | |\n| | are not | |\n| | vulnerable; | |\n|------------+-------------+-------------|\n| 12.0XF | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.0XG | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.0XH | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.0XI | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.0XJ | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| | Releases | |\n| | prior to | |\n| | 12.0(7)XK2 | |\n| | are | |\n| | vulnerable, | 12.4(19a) |\n| 12.0XK | release | |\n| | 12.0(7)XK2 | 12.4(19b) |\n| | and later | |\n| | are not | |\n| | vulnerable; | |\n| | first fixed | |\n| | in 12.4 | |\n|------------+-------------+-------------|\n| 12.0XL | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.0XM | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.0XN | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.0XQ | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| | Releases | |\n| | prior to | |\n| | 12.0(7)XR1 | |\n| | are | |\n| | vulnerable, | 12.4(19a) |\n| 12.0XR | release | |\n| | 12.0(7)XR1 | 12.4(19b) |\n| | and later | |\n| | are not | |\n| | vulnerable; | |\n| | first fixed | |\n| | in 12.4 | |\n|------------+-------------+-------------|\n| 12.0XS | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.0XV | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.0XW | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| Affected | First Fixed | Recommended |\n| 12.1-Based | Release | Release |\n| Releases | | |\n|------------+-------------+-------------|\n| | Vulnerable; | 12.4(19a) |\n| 12.1 | first fixed | |\n| | in 12.4 | 12.4(19b) |\n|------------+-------------+-------------|\n| 12.1AA | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.1AX | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| | Releases | |\n| | prior to | |\n| | 12.1(22)AY1 | |\n| | are | |\n| 12.1AY | vulnerable, | 12.1(22) |\n| | release | EA11 |\n| | 12.1(22)AY1 | |\n| | and later | |\n| | are not | |\n| | vulnerable; | |\n|------------+-------------+-------------|\n| 12.1AZ | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.1CX | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.1DA | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| | Releases | |\n| | prior to | |\n| | 12.1(4)DB1 | |\n| | are | |\n| | vulnerable, | 12.4(19a) |\n| 12.1DB | release | |\n| | 12.1(4)DB1 | 12.4(19b) |\n| | and later | |\n| | are not | |\n| | vulnerable; | |\n| | first fixed | |\n| | in 12.4 | |\n|------------+-------------+-------------|\n| | Releases | |\n| | prior to | |\n| | 12.1(4)DC2 | |\n| | are | |\n| | vulnerable, | 12.4(19a) |\n| 12.1DC | release | |\n| | 12.1(4)DC2 | 12.4(19b) |\n| | and later | |\n| | are not | |\n| | vulnerable; | |\n| | first fixed | |\n| | in 12.4 | |\n|------------+-------------+-------------|\n| 12.1E | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| | Releases | |\n| | prior to | |\n| | 12.1(11)EA1 | |\n| | are | |\n| 12.1EA | vulnerable, | 12.1(22) |\n| | release | EA11 |\n| | 12.1(11)EA1 | |\n| | and later | |\n| | are not | |\n| | vulnerable; | |\n|------------+-------------+-------------|\n| 12.1EB | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.1EC | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.1EO | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.1EU | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.1EV | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.1EW | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| | Note: | |\n| | Releases | |\n| | prior to | |\n| | 12.1(8a)EX | |\n| | are | |\n| 12.1EX | vulnerable, | |\n| | release | |\n| | 12.1(8a)EX | |\n| | and later | |\n| | are not | |\n| | vulnerable; | |\n|------------+-------------+-------------|\n| 12.1EY | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.1EZ | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.1GA | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.1GB | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| | Vulnerable; | 12.4(19a) |\n| 12.1T | first fixed | |\n| | in 12.4 | 12.4(19b) |\n|------------+-------------+-------------|\n| 12.1XA | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.1XB | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| | Releases | |\n| | prior to | |\n| | 12.1(1)XC1 | |\n| | are | |\n| | vulnerable, | 12.4(19a) |\n| 12.1XC | release | |\n| | 12.1(1)XC1 | 12.4(19b) |\n| | and later | |\n| | are not | |\n| | vulnerable; | |\n| | first fixed | |\n| | in 12.4 | |\n|------------+-------------+-------------|\n| 12.1XD | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.1XE | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.1XF | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.1XG | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.1XH | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.1XI | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.1XJ | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.1XK | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.1XL | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.1XM | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.1XN | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.1XO | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.1XP | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.1XQ | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.1XR | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.1XS | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.1XT | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.1XU | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.1XV | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.1XW | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.1XX | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.1XY | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.1XZ | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.1YA | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.1YB | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.1YC | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.1YD | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| | Note: | |\n| | Releases | |\n| | prior to | |\n| | 12.1(5)YE1 | |\n| | are | 12.4(19a) |\n| 12.1YE | vulnerable, | |\n| | release | 12.4(19b) |\n| | 12.1(5)YE1 | |\n| | and later | |\n| | are not | |\n| | vulnerable; | |\n|------------+-------------+-------------|\n| 12.1YF | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.1YG | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.1YH | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.1YI | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.1YJ | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| Affected | First Fixed | Recommended |\n| 12.2-Based | Release | Release |\n| Releases | | |\n|------------+-------------+-------------|\n| | Vulnerable; | 12.4(19a) |\n| 12.2 | first fixed | |\n| | in 12.4 | 12.4(19b) |\n|------------+-------------+-------------|\n| | Vulnerable; | 12.4(19a) |\n| 12.2B | first fixed | |\n| | in 12.4 | 12.4(19b) |\n|------------+-------------+-------------|\n| 12.2BC | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| | Vulnerable; | 12.4(19a) |\n| 12.2BW | first fixed | |\n| | in 12.4 | 12.4(19b) |\n|------------+-------------+-------------|\n| | Releases | |\n| | prior to | |\n| | 12.2(8)BY | |\n| | are | |\n| | vulnerable, | 12.4(19a) |\n| 12.2BY | release | |\n| | 12.2(8)BY | 12.4(19b) |\n| | and later | |\n| | are not | |\n| | vulnerable; | |\n| | first fixed | |\n| | in 12.4 | |\n|------------+-------------+-------------|\n| 12.2BZ | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.2CX | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.2CY | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.2CZ | Vulnerable; | |\n| | contact TAC | |\n|------------+-------------+-------------|\n| 12.2DA | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.2DD | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.2DX | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.2EU | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.2EW | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.2EWA | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.2EX | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.2EY | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.2EZ | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.2FX | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.2FY | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.2FZ | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.2IXA | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.2IXB | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.2IXC | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.2IXD | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.2IXE | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.2IXF | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.2JA | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.2JK | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.2MB | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.2MC | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.2S | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.2SB | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.2SBC | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.2SCA | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.2SE | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.2SEA | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.2SEB | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.2SEC | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.2SED | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.2SEE | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.2SEF | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.2SEG | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.2SG | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.2SGA | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.2SL | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.2SM | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.2SO | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.2SRA | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.2SRB | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.2SRC | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.2SU | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.2SV | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.2SVA | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.2SVC | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.2SVD | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.2SW | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.2SX | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.2SXA | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.2SXB | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.2SXD | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.2SXE | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.2SXF | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.2SXH | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.2SXI | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.2SY | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.2SZ | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| | Vulnerable; | 12.4(19a) |\n| 12.2T | first fixed | |\n| | in 12.4 | 12.4(19b) |\n|------------+-------------+-------------|\n| | Releases | |\n| | prior to | |\n| | 12.2(8) | |\n| | TPC10d are | |\n| | vulnerable, | |\n| 12.2TPC | release | |\n| | 12.2(8) | |\n| | TPC10d and | |\n| | later are | |\n| | not | |\n| | vulnerable; | |\n|------------+-------------+-------------|\n| 12.2UZ | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.2XA | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| | Vulnerable; | 12.4(19a) |\n| 12.2XB | first fixed | |\n| | in 12.4 | 12.4(19b) |\n|------------+-------------+-------------|\n| | Vulnerable; | 12.4(19a) |\n| 12.2XC | first fixed | |\n| | in 12.4 | 12.4(19b) |\n|------------+-------------+-------------|\n| 12.2XD | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.2XE | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.2XF | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| | Vulnerable; | 12.4(19a) |\n| 12.2XG | first fixed | |\n| | in 12.4 | 12.4(19b) |\n|------------+-------------+-------------|\n| 12.2XH | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.2XI | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.2XJ | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| | Vulnerable; | 12.4(19a) |\n| 12.2XK | first fixed | |\n| | in 12.4 | 12.4(19b) |\n|------------+-------------+-------------|\n| | Vulnerable; | 12.4(19a) |\n| 12.2XL | first fixed | |\n| | in 12.4 | 12.4(19b) |\n|------------+-------------+-------------|\n| 12.2XM | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.2XN | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.2XNA | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.2XO | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.2XQ | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.2XR | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.2XS | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| | Vulnerable; | 12.4(19a) |\n| 12.2XT | first fixed | |\n| | in 12.4 | 12.4(19b) |\n|------------+-------------+-------------|\n| | Vulnerable; | 12.4(19a) |\n| 12.2XU | first fixed | |\n| | in 12.4 | 12.4(19b) |\n|------------+-------------+-------------|\n| 12.2XV | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.2XW | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.2YA | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.2YB | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.2YC | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.2YD | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.2YE | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.2YF | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.2YG | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.2YH | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| | Vulnerable; | 12.4(19a) |\n| 12.2YJ | first fixed | |\n| | in 12.4 | 12.4(19b) |\n|------------+-------------+-------------|\n| 12.2YK | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| | Vulnerable; | 12.4(19a) |\n| 12.2YL | first fixed | |\n| | in 12.4 | 12.4(19b) |\n|------------+-------------+-------------|\n| | Vulnerable; | 12.4(19a) |\n| 12.2YM | first fixed | |\n| | in 12.4 | 12.4(19b) |\n|------------+-------------+-------------|\n| | Vulnerable; | 12.4(19a) |\n| 12.2YN | first fixed | |\n| | in 12.4 | 12.4(19b) |\n|------------+-------------+-------------|\n| | Vulnerable; | 12.2(18) |\n| | migrate to | SXF15; |\n| 12.2YO | any release | Available |\n| | in 12.2SY | on |\n| | | 08-AUG-08 |\n|------------+-------------+-------------|\n| 12.2YP | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.2YQ | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.2YR | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.2YS | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| | Vulnerable; | 12.4(19a) |\n| 12.2YT | first fixed | |\n| | in 12.4 | 12.4(19b) |\n|------------+-------------+-------------|\n| | Vulnerable; | 12.4(19a) |\n| 12.2YU | first fixed | |\n| | in 12.4 | 12.4(19b) |\n|------------+-------------+-------------|\n| | Vulnerable; | 12.4(19a) |\n| 12.2YV | first fixed | |\n| | in 12.4 | 12.4(19b) |\n|------------+-------------+-------------|\n| 12.2YW | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.2YX | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.2YY | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.2YZ | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.2ZA | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| | Vulnerable; | 12.4(19a) |\n| 12.2ZB | first fixed | |\n| | in 12.4 | 12.4(19b) |\n|------------+-------------+-------------|\n| 12.2ZC | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.2ZD | Vulnerable; | |\n| | contact TAC | |\n|------------+-------------+-------------|\n| | Vulnerable; | 12.4(19a) |\n| 12.2ZE | first fixed | |\n| | in 12.4 | 12.4(19b) |\n|------------+-------------+-------------|\n| | Vulnerable; | 12.4(19a) |\n| 12.2ZF | first fixed | |\n| | in 12.4 | 12.4(19b) |\n|------------+-------------+-------------|\n| | | 12.4(19a) |\n| | | |\n| | Vulnerable; | 12.4(19b) |\n| 12.2ZG | first fixed | |\n| | in 12.4T | 12.4(20)T; |\n| | | Available |\n| | | on |\n| | | 11-JUL-08 |\n|------------+-------------+-------------|\n| | | 12.4(19a) |\n| | | |\n| | Vulnerable; | 12.4(19b) |\n| 12.2ZH | first fixed | |\n| | in 12.4 | 12.4(20)T; |\n| | | Available |\n| | | on |\n| | | 11-JUL-08 |\n|------------+-------------+-------------|\n| | Vulnerable; | 12.4(19a) |\n| 12.2ZJ | first fixed | |\n| | in 12.4 | 12.4(19b) |\n|------------+-------------+-------------|\n| | | 12.4(19a) |\n| | | |\n| | Vulnerable; | 12.4(19b) |\n| 12.2ZL | first fixed | |\n| | in 12.4 | 12.4(20)T; |\n| | | Available |\n| | | on |\n| | | 11-JUL-08 |\n|------------+-------------+-------------|\n| 12.2ZP | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.2ZU | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.2ZY | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.2ZYA | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| Affected | First Fixed | Recommended |\n| 12.3-Based | Release | Release |\n| Releases | | |\n|------------+-------------+-------------|\n| | Vulnerable; | 12.4(19a) |\n| 12.3 | first fixed | |\n| | in 12.4 | 12.4(19b) |\n|------------+-------------+-------------|\n| | Vulnerable; | 12.4(19a) |\n| 12.3B | first fixed | |\n| | in 12.4 | 12.4(19b) |\n|------------+-------------+-------------|\n| 12.3BC | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| | Vulnerable; | 12.4(19a) |\n| 12.3BW | first fixed | |\n| | in 12.4 | 12.4(19b) |\n|------------+-------------+-------------|\n| 12.3EU | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.3JA | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.3JEA | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.3JEB | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.3JEC | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.3JK | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.3JL | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.3JX | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| | Vulnerable; | 12.4(19a) |\n| 12.3T | first fixed | |\n| | in 12.4 | 12.4(19b) |\n|------------+-------------+-------------|\n| 12.3TPC | Vulnerable; | |\n| | contact TAC | |\n|------------+-------------+-------------|\n| 12.3VA | Vulnerable; | |\n| | contact TAC | |\n|------------+-------------+-------------|\n| | | 12.4(19a) |\n| | | |\n| | Vulnerable; | 12.4(19b) |\n| 12.3XA | first fixed | |\n| | in 12.4 | 12.4(20)T; |\n| | | Available |\n| | | on |\n| | | 11-JUL-08 |\n|------------+-------------+-------------|\n| | Vulnerable; | 12.4(19a) |\n| 12.3XB | first fixed | |\n| | in 12.4 | 12.4(19b) |\n|------------+-------------+-------------|\n| | | 12.4(19a) |\n| | | |\n| | Vulnerable; | 12.4(19b) |\n| 12.3XC | first fixed | |\n| | in 12.4 | 12.4(20)T; |\n| | | Available |\n| | | on |\n| | | 11-JUL-08 |\n|------------+-------------+-------------|\n| | Vulnerable; | 12.4(19a) |\n| 12.3XD | first fixed | |\n| | in 12.4 | 12.4(19b) |\n|------------+-------------+-------------|\n| | | 12.4(19a) |\n| | | |\n| | Vulnerable; | 12.4(19b) |\n| 12.3XE | first fixed | |\n| | in 12.4 | 12.4(20)T; |\n| | | Available |\n| | | on |\n| | | 11-JUL-08 |\n|------------+-------------+-------------|\n| | Vulnerable; | 12.4(19a) |\n| 12.3XF | first fixed | |\n| | in 12.4 | 12.4(19b) |\n|------------+-------------+-------------|\n| | | 12.4(19a) |\n| | | |\n| | Vulnerable; | 12.4(19b) |\n| 12.3XG | first fixed | |\n| | in 12.4T | 12.4(20)T; |\n| | | Available |\n| | | on |\n| | | 11-JUL-08 |\n|------------+-------------+-------------|\n| | Vulnerable; | 12.4(19a) |\n| 12.3XH | first fixed | |\n| | in 12.4 | 12.4(19b) |\n|------------+-------------+-------------|\n| 12.3XI | Vulnerable; | |\n| | contact TAC | |\n|------------+-------------+-------------|\n| | | 12.3(14) |\n| | | YX12 |\n| | Vulnerable; | |\n| 12.3XJ | first fixed | 12.4(20)T; |\n| | in 12.3YX | Available |\n| | | on |\n| | | 11-JUL-08 |\n|------------+-------------+-------------|\n| | Vulnerable; | 12.4(19a) |\n| 12.3XK | first fixed | |\n| | in 12.4 | 12.4(19b) |\n|------------+-------------+-------------|\n| | Vulnerable; | 12.4(19a) |\n| 12.3XQ | first fixed | |\n| | in 12.4 | 12.4(19b) |\n|------------+-------------+-------------|\n| | | 12.4(19a) |\n| | | |\n| | Vulnerable; | 12.4(19b) |\n| 12.3XR | first fixed | |\n| | in 12.4 | 12.4(20)T; |\n| | | Available |\n| | | on |\n| | | 11-JUL-08 |\n|------------+-------------+-------------|\n| | Vulnerable; | 12.4(19a) |\n| 12.3XS | first fixed | |\n| | in 12.4 | 12.4(19b) |\n|------------+-------------+-------------|\n| 12.3XU | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| | | 12.3(14) |\n| | | YX12 |\n| | Vulnerable; | |\n| 12.3XW | first fixed | 12.4(20)T; |\n| | in 12.3YX | Available |\n| | | on |\n| | | 11-JUL-08 |\n|------------+-------------+-------------|\n| 12.3XY | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| | | 12.4(19a) |\n| | | |\n| | Vulnerable; | 12.4(19b) |\n| 12.3YA | first fixed | |\n| | in 12.4 | 12.4(20)T; |\n| | | Available |\n| | | on |\n| | | 11-JUL-08 |\n|------------+-------------+-------------|\n| | Vulnerable; | 12.4(20)T; |\n| 12.3YD | first fixed | Available |\n| | in 12.4T | on |\n| | | 11-JUL-08 |\n|------------+-------------+-------------|\n| | | 12.3(14) |\n| | | YX12 |\n| | Vulnerable; | |\n| 12.3YF | first fixed | 12.4(20)T; |\n| | in 12.3YX | Available |\n| | | on |\n| | | 11-JUL-08 |\n|------------+-------------+-------------|\n| | Vulnerable; | 12.4(20)T; |\n| 12.3YG | first fixed | Available |\n| | in 12.4T | on |\n| | | 11-JUL-08 |\n|------------+-------------+-------------|\n| | Vulnerable; | 12.4(20)T; |\n| 12.3YH | first fixed | Available |\n| | in 12.4T | on |\n| | | 11-JUL-08 |\n|------------+-------------+-------------|\n| | Vulnerable; | 12.4(20)T; |\n| 12.3YI | first fixed | Available |\n| | in 12.4T | on |\n| | | 11-JUL-08 |\n|------------+-------------+-------------|\n| 12.3YJ | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| | Vulnerable; | 12.4(20)T; |\n| 12.3YK | first fixed | Available |\n| | in 12.4T | on |\n| | | 11-JUL-08 |\n|------------+-------------+-------------|\n| | Releases | |\n| | prior to | |\n| | 12.3(14) | |\n| | YM12 are | |\n| | vulnerable, | 12.3(14) |\n| 12.3YM | release | YM12 |\n| | 12.3(14) | |\n| | YM12 and | |\n| | later are | |\n| | not | |\n| | vulnerable; | |\n|------------+-------------+-------------|\n| 12.3YQ | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| | Vulnerable; | 12.4(20)T; |\n| 12.3YS | first fixed | Available |\n| | in 12.4T | on |\n| | | 11-JUL-08 |\n|------------+-------------+-------------|\n| | Vulnerable; | 12.4(20)T; |\n| 12.3YT | first fixed | Available |\n| | in 12.4T | on |\n| | | 11-JUL-08 |\n|------------+-------------+-------------|\n| | Vulnerable; | |\n| 12.3YU | first fixed | |\n| | in 12.4XB | |\n|------------+-------------+-------------|\n| 12.3YX | 12.3(14) | 12.3(14) |\n| | YX12 | YX12 |\n|------------+-------------+-------------|\n| 12.3YZ | Vulnerable; | |\n| | contact TAC | |\n|------------+-------------+-------------|\n| Affected | First Fixed | Recommended |\n| 12.4-Based | Release | Release |\n| Releases | | |\n|------------+-------------+-------------|\n| | 12.4(18b) | |\n| | | |\n| | 12.4(19a) | 12.4(19a) |\n| 12.4 | | |\n| | 12.4(19b) | 12.4(19b) |\n| | | |\n| | 12.4(21) | |\n|------------+-------------+-------------|\n| 12.4JA | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.4JK | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.4JMA | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.4JMB | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.4JMC | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.4JX | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.4MD | 12.4(15)MD | 12.4(15)MD |\n|------------+-------------+-------------|\n| 12.4MR | 12.4(19)MR | 12.4(19)MR |\n|------------+-------------+-------------|\n| 12.4SW | Vulnerable; | |\n| | contact TAC | |\n|------------+-------------+-------------|\n| | 12.4(15)T6 | |\n| | | 12.4(20)T; |\n| 12.4T | 12.4(20)T; | Available |\n| | Available | on |\n| | on | 11-JUL-08 |\n| | 11-JUL-08 | |\n|------------+-------------+-------------|\n| | Vulnerable; | 12.4(20)T; |\n| 12.4XA | first fixed | Available |\n| | in 12.4T | on |\n| | | 11-JUL-08 |\n|------------+-------------+-------------|\n| 12.4XB | 12.4(2)XB10 | |\n|------------+-------------+-------------|\n| 12.4XC | Vulnerable; | |\n| | contact TAC | |\n|------------+-------------+-------------|\n| | 12.4(4) | 12.4(20)T; |\n| | XD11; | Available |\n| 12.4XD | Available | on |\n| | on | 11-JUL-08 |\n| | 31-JUL-08 | |\n|------------+-------------+-------------|\n| | Vulnerable; | 12.4(20)T; |\n| 12.4XE | first fixed | Available |\n| | in 12.4T | on |\n| | | 11-JUL-08 |\n|------------+-------------+-------------|\n| 12.4XF | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.4XG | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| | Vulnerable; | 12.4(20)T; |\n| 12.4XJ | first fixed | Available |\n| | in 12.4T | on |\n| | | 11-JUL-08 |\n|------------+-------------+-------------|\n| 12.4XK | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.4XL | 12.4(15)XL2 | 12.4(15)XL2 |\n|------------+-------------+-------------|\n| 12.4XM | 12.4(15)XM1 | 12.4(15)XM1 |\n|------------+-------------+-------------|\n| 12.4XN | Vulnerable; | |\n| | contact TAC | |\n|------------+-------------+-------------|\n| 12.4XQ | Vulnerable; | |\n| | contact TAC | |\n|------------+-------------+-------------|\n| 12.4XT | Vulnerable; | |\n| | contact TAC | |\n|------------+-------------+-------------|\n| 12.4XV | Vulnerable; | |\n| | contact TAC | |\n|------------+-------------+-------------|\n| 12.4XW | 12.4(11)XW8 | 12.4(11)XW6 |\n|------------+-------------+-------------|\n| 12.4XY | 12.4(15)XY3 | |\n|------------+-------------+-------------|\n| | Vulnerable; | 12.4(20)T; |\n| 12.4XZ | first fixed | Available |\n| | in 12.4T | on |\n| | | 11-JUL-08 |\n+----------------------------------------+\n\nCisco Network Registrar\n+----------------------\n\n+---------------------------------------+\n| Affected | |\n| Release | First Fixed Release |\n| Train | |\n|--------------+------------------------|\n| 6.1.x | Contact TAC |\n|--------------+------------------------|\n| | 6.3.1.1 patch; |\n| 6.3.x | available mid-July |\n| | 2008 |\n|--------------+------------------------|\n| 7.0.x | 7.0.1; available in |\n| | mid-July 2008 |\n+---------------------------------------+\n\nCisco Network Registrar software is available for download at:\n\nhttp://www.cisco.com/pcgi-bin/Software/Tablebuild/tablebuild.pl/nr-eval\n\nCisco Application and Content Networking System\n+----------------------------------------------\n\nThis issue is fixed in version 5.5.11 of Cisco ACNS software. This\nrelease will be available for download from www.cisco.com in late July\n2008. \n\nCisco ACNS 5.5 software is available for download at:\n\nhttp://www.cisco.com/pcgi-bin/tablebuild.pl/acns55\n\nWorkarounds\n===========\n\nThere are no workarounds. \n\nAdditional information about identification and mitigation of attacks\nagainst DNS is in the Cisco Applied Intelligence white paper \"DNS Best\nPractices, Network Protections, and Attack Identification,\" available at\nhttp://www.cisco.com/web/about/security/intelligence/dns-bcp.html. \n\nObtaining Fixed Software\n========================\n\nCisco has released free software updates that address these\nvulnerabilities. Prior to deploying software, customers should consult\ntheir maintenance provider or check the software for feature set\ncompatibility and known issues specific to their environment. \n\nCustomers may only install and expect support for the feature sets\nthey have purchased. By installing, downloading, accessing or\notherwise using such software upgrades, customers agree to be bound\nby the terms of Cisco\u0027s software license terms found at\nhttp://www.cisco.com/en/US/products/prod_warranties_item09186a008088e31f.html,\nor as otherwise set forth at Cisco.com Downloads at\nhttp://www.cisco.com/public/sw-center/sw-usingswc.shtml. \n\nDo not contact psirt@cisco.com or security-alert@cisco.com for software\nupgrades. \n\nCustomers with Service Contracts\n+-------------------------------\n\nCustomers with contracts should obtain upgraded software through their\nregular update channels. For most customers, this means that upgrades\nshould be obtained through the Software Center on Cisco\u0027s worldwide\nwebsite at http://www.cisco.com. \n\nCustomers using Third Party Support Organizations\n+------------------------------------------------\n\nCustomers whose Cisco products are provided or maintained through prior\nor existing agreements with third-party support organizations, such\nas Cisco Partners, authorized resellers, or service providers should\ncontact that support organization for guidance and assistance with the\nappropriate course of action in regards to this advisory. \n\nThe effectiveness of any workaround or fix is dependent on specific\ncustomer situations, such as product mix, network topology, traffic\nbehavior, and organizational mission. Due to the variety of affected\nproducts and releases, customers should consult with their service\nprovider or support organization to ensure any applied workaround or fix\nis the most appropriate for use in the intended network before it is\ndeployed. \n\nCustomers without Service Contracts\n+----------------------------------\n\nCustomers who purchase direct from Cisco but do not hold a Cisco service\ncontract, and customers who purchase through third-party vendors but are\nunsuccessful in obtaining fixed software through their point of sale\nshould acquire upgrades by contacting the Cisco Technical Assistance\nCenter (TAC). TAC contacts are as follows. \n\n * +1 800 553 2447 (toll free from within North America)\n * +1 408 526 7209 (toll call from anywhere in the world)\n * e-mail: tac@cisco.com\n\nCustomers should have their product serial number available and be\nprepared to give the URL of this notice as evidence of entitlement to a\nfree upgrade. Free upgrades for non-contract customers must be requested\nthrough the TAC. \n\nRefer to http://www.cisco.com/warp/public/687/Directory/DirTAC.shtml\nfor additional TAC contact information, including localized telephone\nnumbers, and instructions and e-mail addresses for use in various\nlanguages. \n\nExploitation and Public Announcements\n=====================================\n\nThe Cisco PSIRT is not aware of any public announcements or malicious\nuse of the vulnerability described in this advisory. Cisco would like to\nthank Dan Kaminsky for notifying vendors about his findings. \n\nNote that vulnerability information for Cisco IOS Software is being\nprovided in this advisory outside of the announced publication schedule\nfor Cisco IOS Software described at http://www.cisco.com/go/psirt due to\nindustry-wide disclosure of the vulnerability. \n\nStatus of this Notice: FINAL\n============================\n\nTHIS DOCUMENT IS PROVIDED ON AN \"AS IS\" BASIS AND DOES NOT IMPLY\nANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF\nMERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE\nINFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS\nAT YOUR OWN RISK. CISCO RESERVES THE RIGHT TO CHANGE OR UPDATE THIS\nDOCUMENT AT ANY TIME. \n\nA stand-alone copy or Paraphrase of the text of this document that omits\nthe distribution URL in the following section is an uncontrolled copy,\nand may lack important information or contain factual errors. \n\nDistribution\n============\n\nThis advisory is posted on Cisco\u0027s worldwide website at\n\nhttp://www.cisco.com/warp/public/707/cisco-sa-20080708-dns.shtml\n\nIn addition to worldwide web posting, a text version of this notice is\nclear-signed with the Cisco PSIRT PGP key and is posted to the following\ne-mail and Usenet news recipients. \n\n * cust-security-announce@cisco.com\n * first-teams@first.org\n * bugtraq@securityfocus.com\n * vulnwatch@vulnwatch.org\n * cisco@spot.colorado.edu\n * cisco-nsp@puck.nether.net\n * full-disclosure@lists.grok.org.uk\n * comp.dcom.sys.cisco@newsgate.cisco.com\n\nFuture updates of this advisory, if any, will be placed on Cisco\u0027s\nworldwide website, but may or may not be actively announced on mailing\nlists or newsgroups. Users concerned about this problem are encouraged\nto check the above URL for any updates. \n\nRevision History\n================\n\n+-----------------------------------------------------------+\n| Revision 1.0 | 2008-July-08 | Initial public release |\n+-----------------------------------------------------------+\n\nCisco Security Procedures\n=========================\n\nComplete information on reporting security vulnerabilities in\nCisco products, obtaining assistance with security incidents, and\nregistering to receive security information from Cisco, is available\non Cisco\u0027s worldwide website at\nhttp://www.cisco.com/en/US/products/products_security_vulnerability_policy.html. \nThis includes instructions for press inquiries regarding Cisco security\nnotices. All Cisco security advisories are available at\nhttp://www.cisco.com/go/psirt. \n\n+--------------------------------------------------------------------\nCopyright 2007-2008 Cisco Systems, Inc. All rights reserved. \n+--------------------------------------------------------------------\n\nUpdated: Jul 08, 2008 Document ID: 107064\n\n+--------------------------------------------------------------------\n\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.9 (GNU/Linux)\n\niEYEARECAAYFAkhztUIACgkQ86n/Gc8U/uCAgACfVRRoJO4w4defnpwbNlfgBm4t\n2SMAnjKCKECHtsjN9umqqPrPd2DW4IcC\n=XGZw\n-----END PGP SIGNATURE-----\n. This could be used to misdirect users and services;\n i.e. \n \n This update provides the latest stable BIND releases for all platforms\n except Corporate Server/Desktop 3.0 and MNF2, which have been patched\n to correct the issue. \n _______________________________________________________________________\n\n References:\n \n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1447\n _______________________________________________________________________\n \n Updated Packages:\n \n Mandriva Linux 2007.1:\n 73cc24fc9586b7ab290d755012c16a79 2007.1/i586/bind-9.4.2-0.1mdv2007.1.i586.rpm\n 70867c50cfd64b4406aa002d627d740b 2007.1/i586/bind-devel-9.4.2-0.1mdv2007.1.i586.rpm\n 3603e9d9115466753397a1f472011703 2007.1/i586/bind-utils-9.4.2-0.1mdv2007.1.i586.rpm \n cf5e4100ecb21a4eb603831e5a6ec23d 2007.1/SRPMS/bind-9.4.2-0.1mdv2007.1.src.rpm\n\n Mandriva Linux 2007.1/X86_64:\n 4eb7ce0984d3ce3befff667392e3bf3e 2007.1/x86_64/bind-9.4.2-0.1mdv2007.1.x86_64.rpm\n d7b9a9e7d4c52a5b0c54f59ca20bf2d5 2007.1/x86_64/bind-devel-9.4.2-0.1mdv2007.1.x86_64.rpm\n c5c66c9609615029d2f07f7b09a63118 2007.1/x86_64/bind-utils-9.4.2-0.1mdv2007.1.x86_64.rpm \n cf5e4100ecb21a4eb603831e5a6ec23d 2007.1/SRPMS/bind-9.4.2-0.1mdv2007.1.src.rpm\n\n Mandriva Linux 2008.0:\n 52dfe3970fcd9495b2bb9379a9312b25 2008.0/i586/bind-9.4.2-1mdv2008.0.i586.rpm\n 97d20d35b6814aa2f9fab549ca6237c0 2008.0/i586/bind-devel-9.4.2-1mdv2008.0.i586.rpm\n 87a7bb3dd25abd8cd882a8f2fdc2398e 2008.0/i586/bind-utils-9.4.2-1mdv2008.0.i586.rpm \n da4444a8074e6ede39dfa557fb258db7 2008.0/SRPMS/bind-9.4.2-1mdv2008.0.src.rpm\n\n Mandriva Linux 2008.0/X86_64:\n b9d0337363bc1e2b14505f25d4ee5f99 2008.0/x86_64/bind-9.4.2-1mdv2008.0.x86_64.rpm\n 9b75e2a96784c00c2912bc3bf333d089 2008.0/x86_64/bind-devel-9.4.2-1mdv2008.0.x86_64.rpm\n 0a593b090d9e6bda3666e234056e19ba 2008.0/x86_64/bind-utils-9.4.2-1mdv2008.0.x86_64.rpm \n da4444a8074e6ede39dfa557fb258db7 2008.0/SRPMS/bind-9.4.2-1mdv2008.0.src.rpm\n\n Mandriva Linux 2008.1:\n 2534ef007262d4ea2d219bab0190466c 2008.1/i586/bind-9.5.0-3mdv2008.1.i586.rpm\n c3feee5d05aa3aee14cd70a2d295d0b1 2008.1/i586/bind-devel-9.5.0-3mdv2008.1.i586.rpm\n f306c06665b723a2530258e6d1dbdae2 2008.1/i586/bind-doc-9.5.0-3mdv2008.1.i586.rpm\n 967ef80628f92160930bc3a3827a216e 2008.1/i586/bind-utils-9.5.0-3mdv2008.1.i586.rpm \n 70fc7a7964944a2926979710c5148ed1 2008.1/SRPMS/bind-9.5.0-3mdv2008.1.src.rpm\n\n Mandriva Linux 2008.1/X86_64:\n 3f4d96d7a7f913c141e1f63cdc7e7336 2008.1/x86_64/bind-9.5.0-3mdv2008.1.x86_64.rpm\n 420db658366763686198f41394aa72b3 2008.1/x86_64/bind-devel-9.5.0-3mdv2008.1.x86_64.rpm\n 6f3674f68311494c5a9ff0dbce831e82 2008.1/x86_64/bind-doc-9.5.0-3mdv2008.1.x86_64.rpm\n 4294b3a086b89bf53c5c967c17962447 2008.1/x86_64/bind-utils-9.5.0-3mdv2008.1.x86_64.rpm \n 70fc7a7964944a2926979710c5148ed1 2008.1/SRPMS/bind-9.5.0-3mdv2008.1.src.rpm\n\n Corporate 3.0:\n de2a4372d1c25d73f343c9fcb044c9dd corporate/3.0/i586/bind-9.2.3-6.5.C30mdk.i586.rpm\n 1f24f6dbdb6c02e21cbbef99555049cb corporate/3.0/i586/bind-devel-9.2.3-6.5.C30mdk.i586.rpm\n 00405b98290d5a41f226081baa57e18d corporate/3.0/i586/bind-utils-9.2.3-6.5.C30mdk.i586.rpm \n 6a237dc290f4f7c463b1996e6a4a4515 corporate/3.0/SRPMS/bind-9.2.3-6.5.C30mdk.src.rpm\n\n Corporate 3.0/X86_64:\n 628162f3d6a414828d2231fefc46842b corporate/3.0/x86_64/bind-9.2.3-6.5.C30mdk.x86_64.rpm\n dd29ff31a9cffcc1b20fd045869d7013 corporate/3.0/x86_64/bind-devel-9.2.3-6.5.C30mdk.x86_64.rpm\n c475c1a4d048e04da1fc27dcbb17c3f3 corporate/3.0/x86_64/bind-utils-9.2.3-6.5.C30mdk.x86_64.rpm \n 6a237dc290f4f7c463b1996e6a4a4515 corporate/3.0/SRPMS/bind-9.2.3-6.5.C30mdk.src.rpm\n\n Corporate 4.0:\n 271ead204904be302d197cd542f5ae23 corporate/4.0/i586/bind-9.3.5-0.4.20060mlcs4.i586.rpm\n 42413dcc1cf053e735216f767eff4e5d corporate/4.0/i586/bind-devel-9.3.5-0.4.20060mlcs4.i586.rpm\n 0201afe493a41e1deedc9bf7e9725f4a corporate/4.0/i586/bind-utils-9.3.5-0.4.20060mlcs4.i586.rpm \n 86bc0cdc9ed1b959b6f56e0660268f2e corporate/4.0/SRPMS/bind-9.3.5-0.4.20060mlcs4.src.rpm\n\n Corporate 4.0/X86_64:\n b1a18a7d0578dab7bd825eda6c682b3d corporate/4.0/x86_64/bind-9.3.5-0.4.20060mlcs4.x86_64.rpm\n 6a2ebd550feb9147058de05b1a1ef04d corporate/4.0/x86_64/bind-devel-9.3.5-0.4.20060mlcs4.x86_64.rpm\n 670a1b934ce4974b8505018ab69ade0b corporate/4.0/x86_64/bind-utils-9.3.5-0.4.20060mlcs4.x86_64.rpm \n 86bc0cdc9ed1b959b6f56e0660268f2e corporate/4.0/SRPMS/bind-9.3.5-0.4.20060mlcs4.src.rpm\n\n Multi Network Firewall 2.0:\n 5b694c24cc2092e38f531dbfdd5c9d41 mnf/2.0/i586/bind-9.2.3-6.5.C30mdk.i586.rpm\n c08bc805027059c47bed32215f17eacb mnf/2.0/i586/bind-utils-9.2.3-6.5.C30mdk.i586.rpm \n 39225289516498e1b071c5059306f2b9 mnf/2.0/SRPMS/bind-9.2.3-6.5.C30mdk.src.rpm\n _______________________________________________________________________\n\n To upgrade automatically use MandrivaUpdate or urpmi. The verification\n of md5 checksums and GPG signatures is performed automatically for you. \n\n All packages are signed by Mandriva for security. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 200901-03\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n http://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: Normal\n Title: pdnsd: Denial of Service and cache poisoning\n Date: January 11, 2009\n Bugs: #231285\n ID: 200901-03\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nTwo errors in pdnsd allow for Denial of Service and cache poisoning. \n\nAffected packages\n=================\n\n -------------------------------------------------------------------\n Package / Vulnerable / Unaffected\n -------------------------------------------------------------------\n 1 net-dns/pdnsd \u003c 1.2.7 \u003e= 1.2.7\n\nDescription\n===========\n\nTwo issues have been reported in pdnsd:\n\n* The p_exec_query() function in src/dns_query.c does not properly\n handle many entries in the answer section of a DNS reply, related to\n a \"dangling pointer bug\" (CVE-2008-4194). The first issue\ncan be exploited by enticing pdnsd to send a query to a malicious DNS\nserver, or using the port randomization weakness, and might lead to a\nDenial of Service. \n\nWorkaround\n==========\n\nPort randomization can be enabled by setting the \"query_port_start\"\noption to 1024 which would resolve the CVE-2008-1447 issue. \n\nResolution\n==========\n\nAll pdnsd users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=net-dns/pdnsd-1.2.7\"\n\nReferences\n==========\n\n [ 1 ] CVE-2008-1447\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1447\n [ 2 ] CVE-2008-4194\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4194\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-200901-03.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttp://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2009 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n. Among other things,\nsuccessful attacks can lead to misdirected web traffic and email\nrerouting. \n\nThis update changes Debian\u0027s dnsmasq packages to implement the\nrecommended countermeasure: UDP query source port randomization. This\nchange increases the size of the space from which an attacker has to\nguess values in a backwards-compatible fashion and makes successful\nattacks significantly more difficult. \n\nThis update also switches the random number generator to Dan\nBernstein\u0027s SURF. \n\nFor the stable distribution (etch), this problem has been fixed in\nversion 2.35-1+etch4. Packages for alpha will be provided later. \n\nFor the unstable distribution (sid), this problem has been fixed in\nversion 2.43-1. \n\nWe recommend that you upgrade your dnsmasq package. \n\nUpgrade instructions\n- --------------------\n\nwget url\n will fetch the file for you\ndpkg -i file.deb\n will install the referenced file. \n\nIf you are using the apt-get package manager, use the line for\nsources.list as given below:\n\napt-get update\n will update the internal database\napt-get upgrade\n will install corrected packages\n\nYou may use an automated update by adding the resources from the\nfooter to the proper configuration. \n\n\nDebian GNU/Linux 4.0 alias etch\n- -------------------------------\n\nStable updates are available for amd64, arm, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc. \n\nSource archives:\n\n http://security.debian.org/pool/updates/main/d/dnsmasq/dnsmasq_2.35-1+etch4.dsc\n Size/MD5 checksum: 596 3834461c89e55467b4b65ed4ac209e81\n http://security.debian.org/pool/updates/main/d/dnsmasq/dnsmasq_2.35.orig.tar.gz\n Size/MD5 checksum: 252901 ad1fafeaf3442685cfe16613e0f8b777\n http://security.debian.org/pool/updates/main/d/dnsmasq/dnsmasq_2.35-1+etch4.diff.gz\n Size/MD5 checksum: 19202 4ced7768f49198bd43bbbd24f2a3d3e4\n\namd64 architecture (AMD x86_64 (AMD64))\n\n http://security.debian.org/pool/updates/main/d/dnsmasq/dnsmasq_2.35-1+etch4_amd64.deb\n Size/MD5 checksum: 188278 8fb55f694db9fdfccaa86d134e937777\n\narm architecture (ARM)\n\n http://security.debian.org/pool/updates/main/d/dnsmasq/dnsmasq_2.35-1+etch4_arm.deb\n Size/MD5 checksum: 181746 4caf23f31de937b817e12ade7d132eac\n\nhppa architecture (HP PA RISC)\n\n http://security.debian.org/pool/updates/main/d/dnsmasq/dnsmasq_2.35-1+etch4_hppa.deb\n Size/MD5 checksum: 190490 66730e785683655b058d11aa70346be4\n\ni386 architecture (Intel ia32)\n\n http://security.debian.org/pool/updates/main/d/dnsmasq/dnsmasq_2.35-1+etch4_i386.deb\n Size/MD5 checksum: 184546 1fbdd71e81a1e05d68b0f88eaeb00b10\n\nia64 architecture (Intel ia64)\n\n http://security.debian.org/pool/updates/main/d/dnsmasq/dnsmasq_2.35-1+etch4_ia64.deb\n Size/MD5 checksum: 223758 011f283b71ef0f9e07d5a9dce25db505\n\nmips architecture (MIPS (Big Endian))\n\n http://security.debian.org/pool/updates/main/d/dnsmasq/dnsmasq_2.35-1+etch4_mips.deb\n Size/MD5 checksum: 189846 5c67cca2eaedc1dff80c5fd05aa1d33f\n\nmipsel architecture (MIPS (Little Endian))\n\n http://security.debian.org/pool/updates/main/d/dnsmasq/dnsmasq_2.35-1+etch4_mipsel.deb\n Size/MD5 checksum: 191824 dfd87d69a7751f1e6ef2d0f1ede052ff\n\npowerpc architecture (PowerPC)\n\n http://security.debian.org/pool/updates/main/d/dnsmasq/dnsmasq_2.35-1+etch4_powerpc.deb\n Size/MD5 checksum: 186890 93701abcca5421beddab015a7f35af99\n\ns390 architecture (IBM S/390)\n\n http://security.debian.org/pool/updates/main/d/dnsmasq/dnsmasq_2.35-1+etch4_s390.deb\n Size/MD5 checksum: 186396 6f19f6c8d803c3d57e01e73fe1e11886\n\nsparc architecture (Sun SPARC/UltraSPARC)\n\n http://security.debian.org/pool/updates/main/d/dnsmasq/dnsmasq_2.35-1+etch4_sparc.deb\n Size/MD5 checksum: 182910 f360078c14f715e90e60124b4ede2be9\n\n\n These files will probably be moved into the stable distribution on\n its next update. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\nSUPPORT COMMUNICATION - SECURITY BULLETIN\n\nDocument ID: c01506861\nVersion: 3\n\nHPSBUX02351 SSRT080058 rev.3 - HP-UX Running BIND, Remote DNS Cache Poisoning\n\nNOTICE: The information in this Security Bulletin should be acted upon as soon as possible. \n\nRelease Date: 2008-07-16\nLast Updated: 2008-08-06\n\nPotential Security Impact: Remote DNS cache poisoning\n\nSource: Hewlett-Packard Company, HP Software Security Response Team\n\nVULNERABILITY SUMMARY\nA potential security vulnerability has been identified with HP-UX running BIND. \nHP-UX B.11.11, B.11.23, B.11.31 running BIND v9.3.2 or BIND v9.2.0, HP-UX B.11.11 running BIND v8.1.2 \n\nBACKGROUND\n\nCVSS 2.0 Base Metrics \n===============================================\nReference Base Vector Base Score \nCVE-2008-1447 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5\n===============================================\nInformation on CVSS is documented in HP Customer Notice: HPSN-2008-002. \n\nRESOLUTION\n\nHP has provided the following software updates / patch to resolve the vulnerabilities for BIND v9.2.0 and BIND v9.3.2. \n\nCustomers running BIND v8.1.2 on HP-UX B.11.11 should upgrade to BIND v9.2.0 or BIND v9.3.2 and apply the updates listed below. \n\nThe BIND v9.2.0 update is available for download from: ftp://ss080058:ss080058@hprc.external.hp.com \n\nThe patch PHNE_37865 is available from: http://itrc.hp.com \n\nThe BIND v9.3.2 updates are available for download from: http://software.hp.com \n\n \nHP-UX Release - B.11.11 running v8.1.2\nAction - Upgrade to BIND v9.2.0 or BIND v9.3.2 and apply the updates listed below \n \nHP-UX Release - B.11.11 running v9.2.0\nBIND Depot name - BIND920v11.depot\n MD5 Sum - F6999280DE19645EF86FF52083AACD72\n \nHP-UX Release - B.11.23 running v9.2.0 \nAction - Install PHNE_37865\n\nHP-UX Release - B.11.11 running v9.3.2\nAction - Install revision C.9.3.2.3.0 or subsequent \n \nHP-UX Release - B.11.23 running v9.3.2\nAction - Install revision C.9.3.2.3.0 or subsequent\n \nHP-UX Release - B.11.31 running v9.3.2\nAction - Install revision C.9.3.2.3.0 or subsequent\n\nNote: HP is aware of performance issues with these updates / patch. All customers should test the updates / patch in their environment. HP is investigating changes to reduce the performance issues. This bulletin will be revised when new updates / patch become available. \n\nMANUAL ACTIONS: Yes - NonUpdate \nFor B.11.11 running v8.1.2, upgrade to BIND v9.2.0 or BIND v9.3.2 and apply the updates \nFor B.11.11 running v9.2.0 install BIND920v11.depot \n\nPRODUCT SPECIFIC INFORMATION \nHP-UX Software Assistant: HP-UX Software Assistant is an enhanced application that replaces HP-UX Security Patch Check. It analyzes all HP-issued Security Bulletins and lists recommended actions that may apply to a specific HP-UX system. It can also download patches and create a depot automatically. For more information see: https://www.hp.com/go/swa \n\nAFFECTED VERSIONS \n\nFor BIND v8.1.2 \nHP-UX B.11.11 \n============= \nInternetSrvcs.INETSVCS-RUN \naction: upgrade to BIND v9.2.0 or BIND v9.3.2 and apply the updates \n\nFor BIND v9.3.2 \nHP-UX B.11.11 \n============= \nBindUpgrade.BIND-UPGRADE \naction: install revision C.9.3.2.3.0 or subsequent \nURL: http://software.hp.com \n\nHP-UX B.11.23 \n============= \nBindUpgrade.BIND-UPGRADE \nBindUpgrade.BIND2-UPGRADE \naction: install revision C.9.3.2.3.0 or subsequent \nURL: http://software.hp.com \n\nHP-UX B.11.31 \n============= \nNameService.BIND-AUX \nNameService.BIND-RUN \naction: install revision C.9.3.2.3.0 or subsequent \nURL: http://software.hp.com \n\nFor BIND v9.2.0 \nHP-UX B.11.11 \n============= \nBINDv920.INETSVCS-BIND \naction: install revision B.11.11.01.011 or subsequent \nURL: ftp://ss080058:ss080058@hprc.external.hp.com \n\nHP-UX B.11.23 \n============= \nInternetSrvcs.INETSVCS-INETD \nInternetSrvcs.INETSVCS-RUN \nInternetSrvcs.INETSVCS2-RUN \naction: install patch PHNE_37865 or subsequent \nURL: http://itrc.hp.com \n\nEND AFFECTED VERSIONS \n\nHISTORY \nVersion:1 (rev.1) - 16 July 2008 Initial release \nVersion:2 (rev.2) - 19 July 2008 Added BIND v9.2.0 depot information \nVersion:3 (rev.3) - 06 August 2008 Updated patch location, revised BIND v9.2.0 depot information, added BIND v8.1.2 \n\nThird Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer\u0027s patch management policy. \n\nSupport: For further information, contact normal HP Services support channel. \n\nReport: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com \nIt is strongly recommended that security related information being communicated to HP be encrypted using PGP, especially exploit information. \nTo get the security-alert PGP key, please send an e-mail message as follows:\n To: security-alert@hp.com \n Subject: get key\n\nSubscribe: To initiate a subscription to receive future HP Security Bulletins via Email: \nhttp://h30046.www3.hp.com/driverAlertProfile.php?regioncode=NA\u0026langcode=USENG\u0026jumpid=in_SC-GEN__driverITRC\u0026topiccode=ITRC \nOn the web page: ITRC security bulletins and patch sign-up \nUnder Step1: your ITRC security bulletins and patches \n - check ALL categories for which alerts are required and continue. \nUnder Step2: your ITRC operating systems \n - verify your operating system selections are checked and save. \n\n\nTo update an existing subscription: http://h30046.www3.hp.com/subSignIn.php \nLog in on the web page: Subscriber\u0027s choice for Business: sign-in. \nOn the web page: Subscriber\u0027s Choice: your profile summary - use Edit Profile to update appropriate sections. \n\n\nTo review previously published Security Bulletins visit: http://www.itrc.hp.com/service/cki/secBullArchive.do \n\n\n* The Software Product Category that this Security Bulletin relates to is represented by the 5th and 6th characters of the Bulletin number in the title: \n\nGN = HP General SW\nMA = HP Management Agents\nMI = Misc. 3rd Party SW\nMP = HP MPE/iX\nNS = HP NonStop Servers\nOV = HP OpenVMS\nPI = HP Printing \u0026 Imaging\nST = HP Storage SW\nTL = HP Trusted Linux\nTU = HP Tru64 UNIX\nUX = HP-UX\nVV = HP VirtualVault\n \nSystem management and security procedures must be reviewed frequently to maintain system integrity. HP is continually reviewing and enhancing the security features of software products to provide customers with current secure solutions. \n\n\n\"HP is broadly distributing this Security Bulletin in order to bring to the attention of users of the affected HP products the important security information contained in this Bulletin. HP recommends that all users determine the applicability of this information to their individual situations and take appropriate action. HP does not warrant that this information is necessarily accurate or complete for all user situations and, consequently, HP will not be responsible for any damages resulting from user\u0027s use or disregard of the information provided in this Bulletin. \n\nHewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental, special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. =========================================================== \nUbuntu Security Notice USN-622-1 July 08, 2008\nbind9 vulnerability\nCVE-2008-1447\n===========================================================\n\nA security issue affects the following Ubuntu releases:\n\nUbuntu 6.06 LTS\nUbuntu 7.04\nUbuntu 7.10\nUbuntu 8.04 LTS\n\nThis advisory also applies to the corresponding versions of\nKubuntu, Edubuntu, and Xubuntu. \n\nThe problem can be corrected by upgrading your system to the\nfollowing package versions:\n\nUbuntu 6.06 LTS:\n libdns21 1:9.3.2-2ubuntu1.5\n\nUbuntu 7.04:\n libdns22 1:9.3.4-2ubuntu2.3\n\nUbuntu 7.10:\n libdns32 1:9.4.1-P1-3ubuntu2\n\nUbuntu 8.04 LTS:\n libdns35 1:9.4.2-10ubuntu0.1\n\nIn general, a standard system upgrade is sufficient to effect the\nnecessary changes. \n\nDetails follow:\n\nDan Kaminsky discovered weaknesses in the DNS protocol as implemented\nby Bind. \n\n\nDescription\n===========\n\n== Several vulnerabilities in safe level ==\n\nMultiple errors in the implementation of safe level restrictions can be\nexploited to call \"untrace_var()\", perform syslog operations, and modify\n\"$PROGRAM_NAME\" at safe level 4, or call insecure methods at safe levels\n1 through 3. \n\n(These vulnerabilities were reported by Keita Yamaguchi.)\n\n\n== DoS vulnerability in WEBrick ==\n\nAn error exists in the usage of regular expressions in\n\"WEBrick::HTTPUtils.split_header_value()\". This can be exploited to\nconsume large amounts of CPU via a specially crafted HTTP request. \n\n(This vulnerability was reported by Christian Neukirchen.)\n\n\n== Lack of taintness check in dl ==\n\nAn error in \"DL\" can be exploited to bypass security restrictions and\ncall potentially dangerous functions. \n\n(This vulnerability was reported by Tanaka Akira.)\n\n\nAffected packages:\n\n Pardus 2008:\n ruby, all before 1.8.7_p72-16-4\n ruby-mode, all before 1.8.7_p72-16-4\n\n Pardus 2007:\n ruby, all before 1.8.7_p72-16-13\n ruby-mode, all before 1.8.7_p72-16-4\n\n\n\nResolution\n==========\n\nThere are update(s) for ruby, ruby-mode. You can update them via Package\nManager or with a single command from console:\n\n Pardus 2008:\n pisi up ruby ruby-mode\n\n Pardus 2007:\n pisi up ruby ruby-mode\n\n\nReferences\n==========\n\n * http://www.ruby-lang.org/en/news/2008/08/08/multiple-vulnerabilities-in-ruby\n * http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1447\n * http://secunia.com/advisories/31430/\n\n------------------------------------------------------------------------\n\n-- \nP\u0131nar Yanarda\u011f\nhttp://pinguar.org\n\n\n_______________________________________________\nFull-Disclosure - We believe in it. There are two ways to deal with this situation:\n\n1. The documentation included with BIND 9 contains a\nmigration guide. Configure the BIND 8 resolver to forward queries to a BIND 9\nresolver. Provided that the network between both resolvers is trusted,\nthis protects the BIND 8 resolver from cache poisoning attacks (to the\nsame degree that the BIND 9 resolver is protected). It is theoretically possible to safely use\nBIND 8 in this way, but updating to BIND 9 is strongly recommended. \nBIND 8 (that is, the bind package) will be removed from the etch\ndistribution in a future point release. Scott\nKitterman noted that python-dns is vulnerable to this predictability,\nas it randomizes neither its transaction ID nor its source port. \nTaken together, this lack of entropy leaves applications using\npython-dns to perform DNS queries highly susceptible to response\nforgery. \n\n----------------------------------------------------------------------\n\nTry a new way to discover vulnerabilities that ALREADY EXIST in your\nIT infrastructure. \n\nThe Full Featured Secunia Network Software Inspector (NSI) is now\navailable:\nhttp://secunia.com/network_software_inspector/\n\nThe Secunia NSI enables you to INSPECT, DISCOVER, and DOCUMENT\nvulnerabilities in more than 4,000 different Windows applications. \n\n----------------------------------------------------------------------\n\nTITLE:\nRed Hat update for bind\n\nSECUNIA ADVISORY ID:\nSA26195\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/26195/\n\nCRITICAL:\nModerately critical\n\nIMPACT:\nSpoofing\n\nWHERE:\n\u003eFrom remote\n\nOPERATING SYSTEM:\nRed Hat Enterprise Linux (v. 5 server)\nhttp://secunia.com/product/13652/\nRed Hat Enterprise Linux Desktop (v. 5 client)\nhttp://secunia.com/product/13653/\nRed Hat Enterprise Linux Desktop Workstation (v. 5 client)\nhttp://secunia.com/product/13651/\nRedHat Enterprise Linux AS 2.1\nhttp://secunia.com/product/48/\nRedHat Enterprise Linux AS 3\nhttp://secunia.com/product/2534/\nRedHat Enterprise Linux AS 4\nhttp://secunia.com/product/4669/\nRedHat Enterprise Linux ES 2.1\nhttp://secunia.com/product/1306/\nRedHat Enterprise Linux ES 3\nhttp://secunia.com/product/2535/\nRedHat Enterprise Linux ES 4\nhttp://secunia.com/product/4668/\nRedHat Enterprise Linux WS 3\nhttp://secunia.com/product/2536/\nRedHat Enterprise Linux WS 2.1\nhttp://secunia.com/product/1044/\nRedHat Enterprise Linux WS 4\nhttp://secunia.com/product/4670/\nRedHat Linux Advanced Workstation 2.1 for Itanium\nhttp://secunia.com/product/1326/\n\nDESCRIPTION:\nRed Hat has issued an update for bind. \n\nFor more information:\nSA26152\n\nSOLUTION:\nUpdated packages are available from Red Hat Network. \nhttp://rhn.redhat.com\n\nORIGINAL ADVISORY:\nhttp://rhn.redhat.com/errata/RHSA-2007-0740.html\n\nOTHER REFERENCES:\nSA26152:\nhttp://secunia.com/advisories/26152/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. Security Advisory (08-AUG-2008) (CVE-2008-3280)\n===============================================\n\nBen Laurie of Google\u0027s Applied Security team, while working with an\nexternal researcher, Dr. Richard Clayton of the Computer Laboratory,\nCambridge University, found that various OpenID Providers (OPs) had\nTLS Server Certificates that used weak keys, as a result of the Debian\nPredictable Random Number Generator (CVE-2008-0166). \n\nIn combination with the DNS Cache Poisoning issue (CVE-2008-1447) and\nthe fact that almost all SSL/TLS implementations do not consult CRLs\n(currently an untracked issue), this means that it is impossible to\nrely on these OPs. \n\nAttack Description\n------------------\n\nIn order to mount an attack against a vulnerable OP, the attacker\nfirst finds the private key corresponding to the weak TLS\ncertificate. He then sets up a website masquerading as the original\nOP, both for the OpenID protocol and also for HTTP/HTTPS. \n\nThere are two cases, one is where the victim is a user trying to\nidentify themselves, in which case, even if they use HTTPS to \"ensure\"\nthat the site they are visiting is indeed their provider, they will be\nunable to detect the substitution and will give their login\ncredentials to the attacker. \n\nThe second case is where the victim is the Relying Party (RP). In this\ncase, even if the RP uses TLS to connect to the OP, as is recommended\nfor higher assurance, he will not be defended, as the vast majority of\nOpenID implementations do not check CRLs, and will, therefore, accept\nthe malicious site as the true OP. \n\nMitigation\n----------\n\nMitigation is surprisingly hard. In theory the vulnerable site should\nrevoke their weak certificate and issue a new one. \n\nHowever, since the CRLs will almost certainly not be checked, this\nmeans the site will still be vulnerable to attack for the lifetime of\nthe certificate (and perhaps beyond, depending on user\nbehaviour). Note that shutting down the site DOES NOT prevent the\nattack. \n\nTherefore mitigation falls to other parties. \n\n1. Browsers must check CRLs by default. \n\n2. OpenID libraries must check CRLs. \n\n3. \n\n4. Until either 1 and 2 or 3 have been done, OpenID cannot be trusted\n for any OP that cannot demonstrate it has never had a weak\n certificate. \n\nDiscussion\n----------\n\nNormally, when security problems are encountered with a single piece\nof software, the responsible thing to do is to is to wait until fixes\nare available before making any announcement. However, as a number of\nexamples in the past have demonstrated, this approach does not work\nparticularly well when many different pieces of software are involved\nbecause it is necessary to coordinate a simultaneous release of the\nfixes, whilst hoping that the very large number of people involved\nwill cooperate in keeping the vulnerability secret. \n\nIn the present situation, the fixes will involve considerable\ndevelopment work in adding CRL handling to a great many pieces of\nopenID code. This is a far from trivial amount of work. \n\nThe fixes will also involve changes to browser preferences to ensure\nthat CRLs are checked by default -- which many vendors have resisted\nfor years. We are extremely pessimistic that a security vulnerability\nin OpenID will be seen as sufficiently important to change the browser\nvendors minds. \n\nHence, we see no value in delaying this announcement; and by making\nthe details public as soon as possible, we believe that individuals\nwho rely on OpenID will be better able to take their own individual\nsteps to avoid relying upon the flawed certificates we have\nidentified. \n\nOpenID is at heart quite a weak protocol, when used in its most\ngeneral form[1], and consequently there is very limited reliance upon\nits security. This means that the consequences of the combination of\nattacks that are now possible is nothing like as serious as might\notherwise have been the case. \n\nHowever, it does give an insight into the type of security disaster\nthat may occur in the future if we do not start to take CRLs\nseriously, but merely stick them onto \"to-do\" lists or disable them in\nthe name of tiny performance improvements. \n\nAffected Sites\n--------------\n\nThere is no central registry of OpenID systems, and so we cannot be\nsure that we have identified all of the weak certificates that are\ncurrently being served. The list of those we have found so far is:\n\nopenid.sun.com\nwww.xopenid.net\nopenid.net.nz\n\nNotes\n-----\n\n[1] There are ways of using OpenID that are significantly more secure\n than the commonly deployed scheme, I shall describe those in a\n separate article. \n\n_______________________________________________\nFull-Disclosure - We believe in it. \nCharter: http://lists.grok.org.uk/full-disclosure-charter.html\nHosted and sponsored by Secunia - http://secunia.com/\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2008-1447"
},
{
"db": "CERT/CC",
"id": "VU#800113"
},
{
"db": "CERT/CC",
"id": "VU#252735"
},
{
"db": "VULHUB",
"id": "VHN-31572"
},
{
"db": "PACKETSTORM",
"id": "68039"
},
{
"db": "PACKETSTORM",
"id": "68068"
},
{
"db": "PACKETSTORM",
"id": "73732"
},
{
"db": "PACKETSTORM",
"id": "68288"
},
{
"db": "PACKETSTORM",
"id": "68691"
},
{
"db": "PACKETSTORM",
"id": "68878"
},
{
"db": "PACKETSTORM",
"id": "68063"
},
{
"db": "PACKETSTORM",
"id": "69021"
},
{
"db": "PACKETSTORM",
"id": "68037"
},
{
"db": "PACKETSTORM",
"id": "68546"
},
{
"db": "PACKETSTORM",
"id": "58035"
},
{
"db": "PACKETSTORM",
"id": "68924"
}
],
"trust": 3.51
},
"exploit_availability": {
"_id": null,
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-31572",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-31572"
}
]
},
"external_ids": {
"_id": null,
"data": [
{
"db": "NVD",
"id": "CVE-2008-1447",
"trust": 2.2
},
{
"db": "CERT/CC",
"id": "VU#800113",
"trust": 1.9
},
{
"db": "SECUNIA",
"id": "31430",
"trust": 1.2
},
{
"db": "VUPEN",
"id": "ADV-2008-2025",
"trust": 1.1
},
{
"db": "VUPEN",
"id": "ADV-2009-0297",
"trust": 1.1
},
{
"db": "VUPEN",
"id": "ADV-2008-2334",
"trust": 1.1
},
{
"db": "VUPEN",
"id": "ADV-2008-2383",
"trust": 1.1
},
{
"db": "VUPEN",
"id": "ADV-2008-2113",
"trust": 1.1
},
{
"db": "VUPEN",
"id": "ADV-2008-2558",
"trust": 1.1
},
{
"db": "VUPEN",
"id": "ADV-2008-2019",
"trust": 1.1
},
{
"db": "VUPEN",
"id": "ADV-2008-2377",
"trust": 1.1
},
{
"db": "VUPEN",
"id": "ADV-2008-2584",
"trust": 1.1
},
{
"db": "VUPEN",
"id": "ADV-2008-2342",
"trust": 1.1
},
{
"db": "VUPEN",
"id": "ADV-2010-0622",
"trust": 1.1
},
{
"db": "VUPEN",
"id": "ADV-2008-2166",
"trust": 1.1
},
{
"db": "VUPEN",
"id": "ADV-2008-2051",
"trust": 1.1
},
{
"db": "VUPEN",
"id": "ADV-2008-2092",
"trust": 1.1
},
{
"db": "VUPEN",
"id": "ADV-2008-2029",
"trust": 1.1
},
{
"db": "VUPEN",
"id": "ADV-2008-2384",
"trust": 1.1
},
{
"db": "VUPEN",
"id": "ADV-2008-2268",
"trust": 1.1
},
{
"db": "VUPEN",
"id": "ADV-2008-2052",
"trust": 1.1
},
{
"db": "VUPEN",
"id": "ADV-2008-2549",
"trust": 1.1
},
{
"db": "VUPEN",
"id": "ADV-2008-2197",
"trust": 1.1
},
{
"db": "VUPEN",
"id": "ADV-2009-0311",
"trust": 1.1
},
{
"db": "VUPEN",
"id": "ADV-2008-2055",
"trust": 1.1
},
{
"db": "VUPEN",
"id": "ADV-2008-2467",
"trust": 1.1
},
{
"db": "VUPEN",
"id": "ADV-2008-2123",
"trust": 1.1
},
{
"db": "VUPEN",
"id": "ADV-2008-2482",
"trust": 1.1
},
{
"db": "VUPEN",
"id": "ADV-2008-2525",
"trust": 1.1
},
{
"db": "VUPEN",
"id": "ADV-2008-2023",
"trust": 1.1
},
{
"db": "VUPEN",
"id": "ADV-2008-2582",
"trust": 1.1
},
{
"db": "VUPEN",
"id": "ADV-2008-2114",
"trust": 1.1
},
{
"db": "VUPEN",
"id": "ADV-2008-2196",
"trust": 1.1
},
{
"db": "VUPEN",
"id": "ADV-2008-2139",
"trust": 1.1
},
{
"db": "VUPEN",
"id": "ADV-2008-2466",
"trust": 1.1
},
{
"db": "VUPEN",
"id": "ADV-2008-2050",
"trust": 1.1
},
{
"db": "VUPEN",
"id": "ADV-2008-2195",
"trust": 1.1
},
{
"db": "VUPEN",
"id": "ADV-2008-2291",
"trust": 1.1
},
{
"db": "VUPEN",
"id": "ADV-2008-2030",
"trust": 1.1
},
{
"db": "SECTRACK",
"id": "1020548",
"trust": 1.1
},
{
"db": "SECTRACK",
"id": "1020578",
"trust": 1.1
},
{
"db": "SECTRACK",
"id": "1020448",
"trust": 1.1
},
{
"db": "SECTRACK",
"id": "1020558",
"trust": 1.1
},
{
"db": "SECTRACK",
"id": "1020702",
"trust": 1.1
},
{
"db": "SECTRACK",
"id": "1020440",
"trust": 1.1
},
{
"db": "SECTRACK",
"id": "1020575",
"trust": 1.1
},
{
"db": "SECTRACK",
"id": "1020437",
"trust": 1.1
},
{
"db": "SECTRACK",
"id": "1020802",
"trust": 1.1
},
{
"db": "SECTRACK",
"id": "1020449",
"trust": 1.1
},
{
"db": "SECTRACK",
"id": "1020579",
"trust": 1.1
},
{
"db": "SECTRACK",
"id": "1020561",
"trust": 1.1
},
{
"db": "SECTRACK",
"id": "1020804",
"trust": 1.1
},
{
"db": "SECTRACK",
"id": "1020577",
"trust": 1.1
},
{
"db": "SECTRACK",
"id": "1020560",
"trust": 1.1
},
{
"db": "SECTRACK",
"id": "1020651",
"trust": 1.1
},
{
"db": "SECTRACK",
"id": "1020653",
"trust": 1.1
},
{
"db": "SECTRACK",
"id": "1020438",
"trust": 1.1
},
{
"db": "SECTRACK",
"id": "1020576",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "31209",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "31197",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "31422",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "30977",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "31151",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "31354",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "31093",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "31212",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "31207",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "31221",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "31254",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "31451",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "31169",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "30988",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "30973",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "31687",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "31199",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "30980",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "31137",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "30998",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "31014",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "31065",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "31882",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "31019",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "31153",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "31482",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "31495",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "33178",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "33714",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "31213",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "31326",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "31052",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "31011",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "31588",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "31033",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "31031",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "30979",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "31022",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "31094",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "31030",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "31204",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "30925",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "31072",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "31152",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "31237",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "31012",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "33786",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "31143",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "31236",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "31900",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "30989",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "31823",
"trust": 1.1
},
{
"db": "USCERT",
"id": "TA08-190B",
"trust": 1.1
},
{
"db": "USCERT",
"id": "TA08-260A",
"trust": 1.1
},
{
"db": "USCERT",
"id": "TA08-190A",
"trust": 1.1
},
{
"db": "BID",
"id": "30131",
"trust": 1.1
},
{
"db": "EXPLOIT-DB",
"id": "6130",
"trust": 1.1
},
{
"db": "EXPLOIT-DB",
"id": "6123",
"trust": 1.1
},
{
"db": "EXPLOIT-DB",
"id": "6122",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "26195",
"trust": 0.9
},
{
"db": "EXPLOIT-DB",
"id": "4266",
"trust": 0.8
},
{
"db": "CERT/CC",
"id": "VU#252735",
"trust": 0.8
},
{
"db": "PACKETSTORM",
"id": "68878",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "68288",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "68068",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "73732",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "68039",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "68691",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "68037",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "68546",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "68063",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "68038",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "68755",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "68412",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "68118",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "73060",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "68502",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "68061",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "74443",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "96747",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "94774",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "68199",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "68183",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "68471",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "70207",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "68036",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "68500",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "68360",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "68473",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "68129",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "68554",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "68543",
"trust": 0.1
},
{
"db": "SEEBUG",
"id": "SSVID-65607",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-31572",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "69021",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "58035",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "68924",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#800113"
},
{
"db": "CERT/CC",
"id": "VU#252735"
},
{
"db": "VULHUB",
"id": "VHN-31572"
},
{
"db": "PACKETSTORM",
"id": "68039"
},
{
"db": "PACKETSTORM",
"id": "68068"
},
{
"db": "PACKETSTORM",
"id": "73732"
},
{
"db": "PACKETSTORM",
"id": "68288"
},
{
"db": "PACKETSTORM",
"id": "68691"
},
{
"db": "PACKETSTORM",
"id": "68878"
},
{
"db": "PACKETSTORM",
"id": "68063"
},
{
"db": "PACKETSTORM",
"id": "69021"
},
{
"db": "PACKETSTORM",
"id": "68037"
},
{
"db": "PACKETSTORM",
"id": "68546"
},
{
"db": "PACKETSTORM",
"id": "58035"
},
{
"db": "PACKETSTORM",
"id": "68924"
},
{
"db": "NVD",
"id": "CVE-2008-1447"
}
]
},
"id": "VAR-200707-0675",
"iot": {
"_id": null,
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-31572"
}
],
"trust": 0.01
},
"last_update_date": "2026-04-10T22:49:38.575000Z",
"problemtype_data": {
"_id": null,
"data": [
{
"problemtype": "CWE-331",
"trust": 1.1
},
{
"problemtype": "CWE-310",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-31572"
},
{
"db": "NVD",
"id": "CVE-2008-1447"
}
]
},
"references": {
"_id": null,
"data": [
{
"trust": 1.1,
"url": "http://www.ibm.com/support/docview.wss?uid=isg1iz26667"
},
{
"trust": 1.1,
"url": "http://www.ibm.com/support/docview.wss?uid=isg1iz26668"
},
{
"trust": 1.1,
"url": "http://www.ibm.com/support/docview.wss?uid=isg1iz26669"
},
{
"trust": 1.1,
"url": "http://www.ibm.com/support/docview.wss?uid=isg1iz26670"
},
{
"trust": 1.1,
"url": "http://www.ibm.com/support/docview.wss?uid=isg1iz26671"
},
{
"trust": 1.1,
"url": "http://www.ibm.com/support/docview.wss?uid=isg1iz26672"
},
{
"trust": 1.1,
"url": "http://lists.apple.com/archives/security-announce//2008/jul/msg00003.html"
},
{
"trust": 1.1,
"url": "http://lists.apple.com/archives/security-announce//2008/sep/msg00003.html"
},
{
"trust": 1.1,
"url": "http://lists.apple.com/archives/security-announce//2008/sep/msg00004.html"
},
{
"trust": 1.1,
"url": "http://lists.apple.com/archives/security-announce//2008/sep/msg00005.html"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/bid/30131"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/archive/1/495289/100/0/threaded"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/archive/1/495869/100/0/threaded"
},
{
"trust": 1.1,
"url": "http://www.us-cert.gov/cas/techalerts/ta08-190a.html"
},
{
"trust": 1.1,
"url": "http://www.us-cert.gov/cas/techalerts/ta08-190b.html"
},
{
"trust": 1.1,
"url": "http://www.us-cert.gov/cas/techalerts/ta08-260a.html"
},
{
"trust": 1.1,
"url": "http://www.kb.cert.org/vuls/id/800113"
},
{
"trust": 1.1,
"url": "http://www.cisco.com/en/us/products/products_security_advisory09186a00809c2168.shtml"
},
{
"trust": 1.1,
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=494401"
},
{
"trust": 1.1,
"url": "http://support.apple.com/kb/ht3026"
},
{
"trust": 1.1,
"url": "http://support.apple.com/kb/ht3129"
},
{
"trust": 1.1,
"url": "http://support.citrix.com/article/ctx117991"
},
{
"trust": 1.1,
"url": "http://support.citrix.com/article/ctx118183"
},
{
"trust": 1.1,
"url": "http://up2date.astaro.com/2008/08/up2date_7202_released.html"
},
{
"trust": 1.1,
"url": "http://wiki.rpath.com/wiki/advisories:rpsa-2008-0231"
},
{
"trust": 1.1,
"url": "http://wiki.rpath.com/wiki/advisories:rpsa-2010-0018"
},
{
"trust": 1.1,
"url": "http://www.bluecoat.com/support/security-advisories/dns_cache_poisoning"
},
{
"trust": 1.1,
"url": "http://www.isc.org/index.pl?/sw/bind/bind-security.php"
},
{
"trust": 1.1,
"url": "http://www.kb.cert.org/vuls/id/mimg-7dwr4j"
},
{
"trust": 1.1,
"url": "http://www.kb.cert.org/vuls/id/mimg-7ecl8q"
},
{
"trust": 1.1,
"url": "http://www.novell.com/support/viewcontent.do?externalid=7000912"
},
{
"trust": 1.1,
"url": "http://www.phys.uu.nl/~rombouts/pdnsd.html"
},
{
"trust": 1.1,
"url": "http://www.phys.uu.nl/~rombouts/pdnsd/changelog"
},
{
"trust": 1.1,
"url": "http://www.rtpro.yamaha.co.jp/rt/faq/security/vu800113.html"
},
{
"trust": 1.1,
"url": "http://www.ruby-lang.org/en/news/2008/08/08/multiple-vulnerabilities-in-ruby/"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/security/advisories/vmsa-2008-0014.html"
},
{
"trust": 1.1,
"url": "http://www.debian.org/security/2008/dsa-1603"
},
{
"trust": 1.1,
"url": "http://www.debian.org/security/2008/dsa-1604"
},
{
"trust": 1.1,
"url": "http://www.debian.org/security/2008/dsa-1605"
},
{
"trust": 1.1,
"url": "http://www.debian.org/security/2008/dsa-1619"
},
{
"trust": 1.1,
"url": "http://www.debian.org/security/2008/dsa-1623"
},
{
"trust": 1.1,
"url": "https://www.exploit-db.com/exploits/6122"
},
{
"trust": 1.1,
"url": "https://www.exploit-db.com/exploits/6123"
},
{
"trust": 1.1,
"url": "https://www.exploit-db.com/exploits/6130"
},
{
"trust": 1.1,
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-july/msg00402.html"
},
{
"trust": 1.1,
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-july/msg00458.html"
},
{
"trust": 1.1,
"url": "http://security.freebsd.org/advisories/freebsd-sa-08:06.bind.asc"
},
{
"trust": 1.1,
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2008-august/064118.html"
},
{
"trust": 1.1,
"url": "http://security.gentoo.org/glsa/glsa-200807-08.xml"
},
{
"trust": 1.1,
"url": "http://security.gentoo.org/glsa/glsa-200812-17.xml"
},
{
"trust": 1.1,
"url": "http://security.gentoo.org/glsa/glsa-201209-25.xml"
},
{
"trust": 1.1,
"url": "http://h20000.www2.hp.com/bizsupport/techsupport/document.jsp?objectid=c01662368"
},
{
"trust": 1.1,
"url": "http://h20000.www2.hp.com/bizsupport/techsupport/document.jsp?objectid=c01523520"
},
{
"trust": 1.1,
"url": "http://www.mandriva.com/security/advisories?name=mdvsa-2008:139"
},
{
"trust": 1.1,
"url": "http://blog.invisibledenizen.org/2008/07/kaminskys-dns-issue-accidentally-leaked.html"
},
{
"trust": 1.1,
"url": "http://www.caughq.org/exploits/cau-ex-2008-0002.txt"
},
{
"trust": 1.1,
"url": "http://www.caughq.org/exploits/cau-ex-2008-0003.txt"
},
{
"trust": 1.1,
"url": "http://www.doxpara.com/?p=1176"
},
{
"trust": 1.1,
"url": "http://www.doxpara.com/dmk_bo2k8.ppt"
},
{
"trust": 1.1,
"url": "http://www.nominum.com/asset_upload_file741_2661.pdf"
},
{
"trust": 1.1,
"url": "http://www.unixwiz.net/techtips/iguide-kaminsky-dns-vuln.html"
},
{
"trust": 1.1,
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-037"
},
{
"trust": 1.1,
"url": "ftp://ftp.netbsd.org/pub/netbsd/security/advisories/netbsd-sa2008-009.txt.asc"
},
{
"trust": 1.1,
"url": "http://www.openbsd.org/errata42.html#013_bind"
},
{
"trust": 1.1,
"url": "http://www.openbsd.org/errata43.html#004_bind"
},
{
"trust": 1.1,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a12117"
},
{
"trust": 1.1,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a5725"
},
{
"trust": 1.1,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a5761"
},
{
"trust": 1.1,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a5917"
},
{
"trust": 1.1,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a9627"
},
{
"trust": 1.1,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0533.html"
},
{
"trust": 1.1,
"url": "http://www.redhat.com/support/errata/rhsa-2008-0789.html"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id?1020437"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id?1020438"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id?1020440"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id?1020448"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id?1020449"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id?1020548"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id?1020558"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id?1020560"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id?1020561"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id?1020575"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id?1020576"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id?1020577"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id?1020578"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id?1020579"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id?1020651"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id?1020653"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id?1020702"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id?1020802"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id?1020804"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/30925"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/30973"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/30977"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/30979"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/30980"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/30988"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/30989"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/30998"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/31011"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/31012"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/31014"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/31019"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/31022"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/31030"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/31031"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/31033"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/31052"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/31065"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/31072"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/31093"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/31094"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/31137"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/31143"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/31151"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/31152"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/31153"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/31169"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/31197"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/31199"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/31204"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/31207"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/31209"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/31212"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/31213"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/31221"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/31236"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/31237"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/31254"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/31326"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/31354"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/31422"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/31430"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/31451"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/31482"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/31495"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/31588"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/31687"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/31823"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/31882"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/31900"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/33178"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/33714"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/33786"
},
{
"trust": 1.1,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-239392-1"
},
{
"trust": 1.1,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-240048-1"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00003.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.html"
},
{
"trust": 1.1,
"url": "http://www.ubuntu.com/usn/usn-622-1"
},
{
"trust": 1.1,
"url": "http://www.ubuntu.com/usn/usn-627-1"
},
{
"trust": 1.1,
"url": "http://www.vupen.com/english/advisories/2008/2019/references"
},
{
"trust": 1.1,
"url": "http://www.vupen.com/english/advisories/2008/2023/references"
},
{
"trust": 1.1,
"url": "http://www.vupen.com/english/advisories/2008/2025/references"
},
{
"trust": 1.1,
"url": "http://www.vupen.com/english/advisories/2008/2029/references"
},
{
"trust": 1.1,
"url": "http://www.vupen.com/english/advisories/2008/2030/references"
},
{
"trust": 1.1,
"url": "http://www.vupen.com/english/advisories/2008/2050/references"
},
{
"trust": 1.1,
"url": "http://www.vupen.com/english/advisories/2008/2051/references"
},
{
"trust": 1.1,
"url": "http://www.vupen.com/english/advisories/2008/2052/references"
},
{
"trust": 1.1,
"url": "http://www.vupen.com/english/advisories/2008/2055/references"
},
{
"trust": 1.1,
"url": "http://www.vupen.com/english/advisories/2008/2092/references"
},
{
"trust": 1.1,
"url": "http://www.vupen.com/english/advisories/2008/2113/references"
},
{
"trust": 1.1,
"url": "http://www.vupen.com/english/advisories/2008/2114/references"
},
{
"trust": 1.1,
"url": "http://www.vupen.com/english/advisories/2008/2123/references"
},
{
"trust": 1.1,
"url": "http://www.vupen.com/english/advisories/2008/2139/references"
},
{
"trust": 1.1,
"url": "http://www.vupen.com/english/advisories/2008/2166/references"
},
{
"trust": 1.1,
"url": "http://www.vupen.com/english/advisories/2008/2195/references"
},
{
"trust": 1.1,
"url": "http://www.vupen.com/english/advisories/2008/2196/references"
},
{
"trust": 1.1,
"url": "http://www.vupen.com/english/advisories/2008/2197/references"
},
{
"trust": 1.1,
"url": "http://www.vupen.com/english/advisories/2008/2268"
},
{
"trust": 1.1,
"url": "http://www.vupen.com/english/advisories/2008/2291"
},
{
"trust": 1.1,
"url": "http://www.vupen.com/english/advisories/2008/2334"
},
{
"trust": 1.1,
"url": "http://www.vupen.com/english/advisories/2008/2342"
},
{
"trust": 1.1,
"url": "http://www.vupen.com/english/advisories/2008/2377"
},
{
"trust": 1.1,
"url": "http://www.vupen.com/english/advisories/2008/2383"
},
{
"trust": 1.1,
"url": "http://www.vupen.com/english/advisories/2008/2384"
},
{
"trust": 1.1,
"url": "http://www.vupen.com/english/advisories/2008/2466"
},
{
"trust": 1.1,
"url": "http://www.vupen.com/english/advisories/2008/2467"
},
{
"trust": 1.1,
"url": "http://www.vupen.com/english/advisories/2008/2482"
},
{
"trust": 1.1,
"url": "http://www.vupen.com/english/advisories/2008/2525"
},
{
"trust": 1.1,
"url": "http://www.vupen.com/english/advisories/2008/2549"
},
{
"trust": 1.1,
"url": "http://www.vupen.com/english/advisories/2008/2558"
},
{
"trust": 1.1,
"url": "http://www.vupen.com/english/advisories/2008/2582"
},
{
"trust": 1.1,
"url": "http://www.vupen.com/english/advisories/2008/2584"
},
{
"trust": 1.1,
"url": "http://www.vupen.com/english/advisories/2009/0297"
},
{
"trust": 1.1,
"url": "http://www.vupen.com/english/advisories/2009/0311"
},
{
"trust": 1.1,
"url": "http://www.vupen.com/english/advisories/2010/0622"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43637"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43334"
},
{
"trust": 1.0,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-1447"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=121866517322103\u0026w=2"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=123324863916385\u0026w=2"
},
{
"trust": 1.0,
"url": "http://www.ipcop.org/index.php?name=news\u0026file=article\u0026sid=40"
},
{
"trust": 1.0,
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2008\u0026m=slackware-security.539239"
},
{
"trust": 1.0,
"url": "http://support.nortel.com/go/main.jsp?cscat=bltndetail\u0026id=762152"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=141879471518471\u0026w=2"
},
{
"trust": 1.0,
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2008\u0026m=slackware-security.452680"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=121630706004256\u0026w=2"
},
{
"trust": 0.9,
"url": "http://secunia.com/advisories/26195/"
},
{
"trust": 0.8,
"url": "http://csrc.nist.gov/publications/nistpubs/800-81/sp800-81.pdf"
},
{
"trust": 0.8,
"url": "http://tools.ietf.org/html/draft-ietf-dnsext-forgery-resilience"
},
{
"trust": 0.8,
"url": "http://tools.ietf.org/html/rfc3833"
},
{
"trust": 0.8,
"url": "http://tools.ietf.org/html/rfc2827"
},
{
"trust": 0.8,
"url": "http://tools.ietf.org/html/rfc3704"
},
{
"trust": 0.8,
"url": "http://tools.ietf.org/html/rfc3013"
},
{
"trust": 0.8,
"url": "http://tools.ietf.org/html/rfc4033"
},
{
"trust": 0.8,
"url": "http://tools.ietf.org/html/draft-ietf-tsvwg-port-randomization"
},
{
"trust": 0.8,
"url": "http://cr.yp.to/djbdns/dns_random.html"
},
{
"trust": 0.8,
"url": "http://cr.yp.to/djbdns/dns_transmit.html"
},
{
"trust": 0.8,
"url": "http://cr.yp.to/djbdns/forgery.html"
},
{
"trust": 0.8,
"url": "http://www.trusteer.com/microsoftdns"
},
{
"trust": 0.8,
"url": "http://www.trusteer.com/bind9dns"
},
{
"trust": 0.8,
"url": "http://www.trusteer.com/bind8dns"
},
{
"trust": 0.8,
"url": "http://www.sans.org/reading_room/whitepapers/dns/1567.php"
},
{
"trust": 0.8,
"url": "http://blogs.iss.net/archive/morednsnat.html"
},
{
"trust": 0.8,
"url": "https://jvn.jp/cert/jvnvu800113/"
},
{
"trust": 0.8,
"url": "http://www.cert.at/static/cert.at-0802-dns-patchanalysis.pdf"
},
{
"trust": 0.8,
"url": "http://www.isc.org/sw/bind/bind-security.php"
},
{
"trust": 0.8,
"url": "http://www.trusteer.com/docs/bind9dns.html"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnvu%23252735/index.html"
},
{
"trust": 0.8,
"url": "http://www.milw0rm.com/exploits/4266"
},
{
"trust": 0.8,
"url": "http://docs.info.apple.com/article.html?artnum=307041"
},
{
"trust": 0.4,
"url": "http://secunia.com/"
},
{
"trust": 0.4,
"url": "http://lists.grok.org.uk/full-disclosure-charter.html"
},
{
"trust": 0.3,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-1447"
},
{
"trust": 0.3,
"url": "http://packages.debian.org/\u003cpkg\u003e"
},
{
"trust": 0.3,
"url": "http://security.debian.org/"
},
{
"trust": 0.3,
"url": "http://www.debian.org/security/faq"
},
{
"trust": 0.3,
"url": "http://www.debian.org/security/"
},
{
"trust": 0.2,
"url": "http://www.itrc.hp.com/service/cki/secbullarchive.do"
},
{
"trust": 0.2,
"url": "http://h30046.www3.hp.com/driveralertprofile.php?regioncode=na\u0026langcode=useng\u0026jumpid=in_sc-gen__driveritrc\u0026topiccode=itrc"
},
{
"trust": 0.2,
"url": "https://www.hp.com/go/swa"
},
{
"trust": 0.2,
"url": "http://h30046.www3.hp.com/subsignin.php"
},
{
"trust": 0.1,
"url": "http://support.nortel.com/go/main.jsp?cscat=bltndetail\u0026amp;id=762152"
},
{
"trust": 0.1,
"url": "http://www.ipcop.org/index.php?name=news\u0026amp;file=article\u0026amp;sid=40"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=123324863916385\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=141879471518471\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=121866517322103\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=121630706004256\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026amp;y=2008\u0026amp;m=slackware-security.539239"
},
{
"trust": 0.1,
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026amp;y=2008\u0026amp;m=slackware-security.452680"
},
{
"trust": 0.1,
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20080708-dns.shtml."
},
{
"trust": 0.1,
"url": "http://www.cisco.com/en/us/products/products_security_vulnerability_policy.html."
},
{
"trust": 0.1,
"url": "http://www.cisco.com/go/psirt"
},
{
"trust": 0.1,
"url": "http://www.cisco.com/web/about/security/intelligence/dns-bcp.html."
},
{
"trust": 0.1,
"url": "http://www.cisco.com/en/us/products/prod_warranties_item09186a008088e31f.html,"
},
{
"trust": 0.1,
"url": "http://www.cisco.com/pcgi-bin/software/tablebuild/tablebuild.pl/nr-eval"
},
{
"trust": 0.1,
"url": "http://www.cisco.com/web/about/security/intelligence/cvss-qandas.html"
},
{
"trust": 0.1,
"url": "http://www.cisco.com/pcgi-bin/tablebuild.pl/acns55"
},
{
"trust": 0.1,
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20080708-dns.shtml"
},
{
"trust": 0.1,
"url": "http://www.cisco.com."
},
{
"trust": 0.1,
"url": "http://www.cisco.com/go/psirt."
},
{
"trust": 0.1,
"url": "https://www.example.com"
},
{
"trust": 0.1,
"url": "http://www.cisco.com/warp/public/687/directory/dirtac.shtml"
},
{
"trust": 0.1,
"url": "http://www.cisco.com/public/sw-center/sw-usingswc.shtml."
},
{
"trust": 0.1,
"url": "http://intellishield.cisco.com/security/alertmanager/cvss"
},
{
"trust": 0.1,
"url": "http://www.mandriva.com/security/"
},
{
"trust": 0.1,
"url": "http://www.mandriva.com/security/advisories"
},
{
"trust": 0.1,
"url": "http://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-4194"
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/glsa/glsa-200901-03.xml"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-4194"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/d/dnsmasq/dnsmasq_2.35-1+etch4_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/d/dnsmasq/dnsmasq_2.35-1+etch4_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/d/dnsmasq/dnsmasq_2.35-1+etch4_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/d/dnsmasq/dnsmasq_2.35-1+etch4_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/d/dnsmasq/dnsmasq_2.35-1+etch4.diff.gz"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/d/dnsmasq/dnsmasq_2.35-1+etch4_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/d/dnsmasq/dnsmasq_2.35-1+etch4_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/d/dnsmasq/dnsmasq_2.35-1+etch4_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/d/dnsmasq/dnsmasq_2.35-1+etch4_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/d/dnsmasq/dnsmasq_2.35-1+etch4_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/d/dnsmasq/dnsmasq_2.35.orig.tar.gz"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/d/dnsmasq/dnsmasq_2.35-1+etch4_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/d/dnsmasq/dnsmasq_2.35-1+etch4.dsc"
},
{
"trust": 0.1,
"url": "http://software.hp.com"
},
{
"trust": 0.1,
"url": "http://itrc.hp.com"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind9-30_9.4.1-p1-3ubuntu2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccc0_9.3.2-2ubuntu1.5_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9-host_9.4.1-p1-3ubuntu2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9-host_9.3.4-2ubuntu2.3_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/b/bind9/lwresd_9.4.1-p1-3ubuntu2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/liblwres9_9.3.4-2ubuntu2.3_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind9-0_9.3.2-2ubuntu1.5_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/dnsutils_9.3.4-2ubuntu2.3_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind-dev_9.4.1-p1-3ubuntu2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/b/bind9/libbind-dev_9.4.2-10ubuntu0.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/b/bind9/lwresd_9.3.2-2ubuntu1.5_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.3.4-2ubuntu2.3.diff.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/b/bind9/lwresd_9.4.1-p1-3ubuntu2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/b/bind9/libbind9-30_9.4.2-10ubuntu0.1_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/liblwres9_9.3.4-2ubuntu2.3_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisc32_9.4.1-p1-3ubuntu2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind-dev_9.4.1-p1-3ubuntu2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.4.2-10ubuntu0.1.dsc"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind9-0_9.3.2-2ubuntu1.5_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind-dev_9.4.2-10ubuntu0.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccc0_9.3.4-2ubuntu2.3_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind9-0_9.3.4-2ubuntu2.3_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/b/bind9/dnsutils_9.4.2-10ubuntu0.1_lpia.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/b/bind9/libdns35_9.4.2-10ubuntu0.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.3.4-2ubuntu2.3_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9-doc_9.3.4-2ubuntu2.3_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libdns21_9.3.2-2ubuntu1.5_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/b/bind9/bind9_9.4.2-10ubuntu0.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/dnsutils_9.3.4-2ubuntu2.3_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/dnsutils_9.3.2-2ubuntu1.5_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.4.1-p1-3ubuntu2.diff.gz"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/b/bind9/bind9-host_9.4.2-10ubuntu0.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/liblwres30_9.4.1-p1-3ubuntu2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/liblwres30_9.4.2-10ubuntu0.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/b/bind9/libisccfg30_9.4.2-10ubuntu0.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.3.2-2ubuntu1.5_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libdns32_9.4.1-p1-3ubuntu2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.4.2-10ubuntu0.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/liblwres30_9.4.1-p1-3ubuntu2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisc32_9.4.1-p1-3ubuntu2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/b/bind9/libisc32_9.4.2-10ubuntu0.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind9-30_9.4.2-10ubuntu0.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccc0_9.3.2-2ubuntu1.5_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/liblwres9_9.3.4-2ubuntu2.3_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/dnsutils_9.4.1-p1-3ubuntu2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9-host_9.4.1-p1-3ubuntu2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libdns21_9.3.2-2ubuntu1.5_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/b/bind9/libisccc30_9.4.1-p1-3ubuntu2_lpia.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/b/bind9/libisccc30_9.4.2-10ubuntu0.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccc30_9.4.2-10ubuntu0.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisc11_9.3.2-2ubuntu1.5_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind-dev_9.3.2-2ubuntu1.5_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/b/bind9/libisc32_9.4.1-p1-3ubuntu2_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind9-0_9.3.4-2ubuntu2.3_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9-host_9.3.2-2ubuntu1.5_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccfg1_9.3.4-2ubuntu2.3_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.4.1-p1-3ubuntu2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisc11_9.3.4-2ubuntu2.3_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisc11_9.3.4-2ubuntu2.3_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisc11_9.3.4-2ubuntu2.3_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9-host_9.3.2-2ubuntu1.5_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.3.2-2ubuntu1.5_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/b/bind9/liblwres30_9.4.1-p1-3ubuntu2_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccc30_9.4.2-10ubuntu0.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccc0_9.3.2-2ubuntu1.5_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind-dev_9.3.4-2ubuntu2.3_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/liblwres9_9.3.2-2ubuntu1.5_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind9-0_9.3.4-2ubuntu2.3_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.3.4-2ubuntu2.3_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libdns22_9.3.4-2ubuntu2.3_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccfg30_9.4.1-p1-3ubuntu2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/b/bind9/libbind-dev_9.4.1-p1-3ubuntu2_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/dnsutils_9.4.1-p1-3ubuntu2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libdns32_9.4.1-p1-3ubuntu2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.4.2-10ubuntu0.1.diff.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/b/bind9/lwresd_9.4.2-10ubuntu0.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9-doc_9.3.2-2ubuntu1.5_all.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/b/bind9/libbind-dev_9.4.2-10ubuntu0.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/b/bind9/libdns35_9.4.2-10ubuntu0.1_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9-host_9.3.4-2ubuntu2.3_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccfg30_9.4.1-p1-3ubuntu2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccfg1_9.3.2-2ubuntu1.5_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9-host_9.3.4-2ubuntu2.3_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/dnsutils_9.3.2-2ubuntu1.5_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/b/bind9/liblwres30_9.4.2-10ubuntu0.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/b/bind9/bind9-host_9.4.2-10ubuntu0.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/b/bind9/lwresd_9.3.4-2ubuntu2.3_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind-dev_9.3.4-2ubuntu2.3_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.3.2.orig.tar.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libdns32_9.4.1-p1-3ubuntu2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/liblwres9_9.3.4-2ubuntu2.3_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/b/bind9/dnsutils_9.4.1-p1-3ubuntu2_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9-host_9.4.1-p1-3ubuntu2_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/universe/b/bind9/lwresd_9.4.1-p1-3ubuntu2_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccfg1_9.3.2-2ubuntu1.5_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind-dev_9.3.2-2ubuntu1.5_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/b/bind9/bind9-host_9.4.1-p1-3ubuntu2_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libdns22_9.3.4-2ubuntu2.3_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/b/bind9/bind9_9.4.2-10ubuntu0.1_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.3.4-2ubuntu2.3.dsc"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/dnsutils_9.3.4-2ubuntu2.3_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind-dev_9.4.1-p1-3ubuntu2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/liblwres9_9.3.2-2ubuntu1.5_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/b/bind9/libisc32_9.4.2-10ubuntu0.1_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9-host_9.4.2-10ubuntu0.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccc30_9.4.1-p1-3ubuntu2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/dnsutils_9.4.2-10ubuntu0.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/b/bind9/libbind-dev_9.4.2-10ubuntu0.1_lpia.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/b/bind9/liblwres30_9.4.2-10ubuntu0.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind-dev_9.3.2-2ubuntu1.5_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/b/bind9/libisc32_9.4.2-10ubuntu0.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/liblwres9_9.3.2-2ubuntu1.5_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccc30_9.4.1-p1-3ubuntu2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/b/bind9/lwresd_9.4.1-p1-3ubuntu2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccfg1_9.3.4-2ubuntu2.3_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9-doc_9.4.2-10ubuntu0.1_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.4.2.orig.tar.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/b/bind9/lwresd_9.3.4-2ubuntu2.3_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/b/bind9/libisccfg30_9.4.1-p1-3ubuntu2_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/dnsutils_9.4.2-10ubuntu0.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/b/bind9/libdns32_9.4.1-p1-3ubuntu2_lpia.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/b/bind9/libisccfg30_9.4.2-10ubuntu0.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/liblwres30_9.4.2-10ubuntu0.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/b/bind9/liblwres30_9.4.2-10ubuntu0.1_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisc32_9.4.1-p1-3ubuntu2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.4.1-p1-3ubuntu2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/dnsutils_9.3.4-2ubuntu2.3_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.3.2-2ubuntu1.5.diff.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccfg30_9.4.1-p1-3ubuntu2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind9-0_9.3.4-2ubuntu2.3_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind-dev_9.4.1-p1-3ubuntu2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccfg30_9.4.2-10ubuntu0.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/b/bind9/libdns35_9.4.2-10ubuntu0.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/b/bind9/libbind9-30_9.4.1-p1-3ubuntu2_lpia.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/universe/b/bind9/lwresd_9.4.2-10ubuntu0.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisc11_9.3.2-2ubuntu1.5_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind9-0_9.3.2-2ubuntu1.5_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/liblwres9_9.3.2-2ubuntu1.5_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisc32_9.4.2-10ubuntu0.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccc0_9.3.4-2ubuntu2.3_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind-dev_9.4.2-10ubuntu0.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/b/bind9/libbind9-30_9.4.2-10ubuntu0.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccc0_9.3.4-2ubuntu2.3_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/universe/b/bind9/lwresd_9.4.2-10ubuntu0.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9-host_9.4.2-10ubuntu0.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libdns22_9.3.4-2ubuntu2.3_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/b/bind9/lwresd_9.3.2-2ubuntu1.5_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccc0_9.3.4-2ubuntu2.3_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind-dev_9.3.4-2ubuntu2.3_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind-dev_9.3.4-2ubuntu2.3_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind9-30_9.4.2-10ubuntu0.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccfg30_9.4.1-p1-3ubuntu2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccfg1_9.3.4-2ubuntu2.3_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/dnsutils_9.4.1-p1-3ubuntu2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/liblwres30_9.4.1-p1-3ubuntu2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisc32_9.4.2-10ubuntu0.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9-host_9.3.2-2ubuntu1.5_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.4.1-p1-3ubuntu2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind-dev_9.3.2-2ubuntu1.5_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/b/bind9/libisccfg30_9.4.2-10ubuntu0.1_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisc11_9.3.2-2ubuntu1.5_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/b/bind9/bind9_9.4.1-p1-3ubuntu2_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccfg30_9.4.2-10ubuntu0.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccc30_9.4.1-p1-3ubuntu2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccfg1_9.3.4-2ubuntu2.3_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/b/bind9/bind9-host_9.4.2-10ubuntu0.1_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind9-0_9.3.2-2ubuntu1.5_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/b/bind9/lwresd_9.3.2-2ubuntu1.5_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/dnsutils_9.3.2-2ubuntu1.5_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9-host_9.4.1-p1-3ubuntu2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind9-30_9.4.1-p1-3ubuntu2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisc11_9.3.2-2ubuntu1.5_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind9-30_9.4.1-p1-3ubuntu2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libdns22_9.3.4-2ubuntu2.3_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccfg1_9.3.2-2ubuntu1.5_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisc32_9.4.1-p1-3ubuntu2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.3.2-2ubuntu1.5.dsc"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libdns21_9.3.2-2ubuntu1.5_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.4.1-p1-3ubuntu2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.3.4-2ubuntu2.3_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.3.4-2ubuntu2.3_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisc11_9.3.4-2ubuntu2.3_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccc30_9.4.1-p1-3ubuntu2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9-host_9.3.2-2ubuntu1.5_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.4.2-10ubuntu0.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/b/bind9/libisccc30_9.4.2-10ubuntu0.1_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libdns21_9.3.2-2ubuntu1.5_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/dnsutils_9.3.2-2ubuntu1.5_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind9-30_9.4.1-p1-3ubuntu2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9-doc_9.4.1-p1-3ubuntu2_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/b/bind9/lwresd_9.4.1-p1-3ubuntu2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccc0_9.3.2-2ubuntu1.5_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.4.1-p1.orig.tar.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libdns32_9.4.1-p1-3ubuntu2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/b/bind9/libbind9-30_9.4.2-10ubuntu0.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libdns35_9.4.2-10ubuntu0.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.3.2-2ubuntu1.5_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.3.2-2ubuntu1.5_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.3.4.orig.tar.gz"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/b/bind9/dnsutils_9.4.2-10ubuntu0.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/b/bind9/lwresd_9.4.2-10ubuntu0.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/b/bind9/dnsutils_9.4.2-10ubuntu0.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/universe/b/bind9/lwresd_9.4.2-10ubuntu0.1_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.4.1-p1-3ubuntu2.dsc"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/b/bind9/lwresd_9.3.4-2ubuntu2.3_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/b/bind9/lwresd_9.3.4-2ubuntu2.3_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9-host_9.3.4-2ubuntu2.3_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/liblwres30_9.4.1-p1-3ubuntu2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/b/bind9/lwresd_9.3.2-2ubuntu1.5_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/dnsutils_9.4.1-p1-3ubuntu2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccfg1_9.3.2-2ubuntu1.5_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/b/bind9/libisccc30_9.4.2-10ubuntu0.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libdns35_9.4.2-10ubuntu0.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/b/bind9/bind9_9.4.2-10ubuntu0.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/31430/"
},
{
"trust": 0.1,
"url": "http://pinguar.org"
},
{
"trust": 0.1,
"url": "http://www.ruby-lang.org/en/news/2008/08/08/multiple-vulnerabilities-in-ruby"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/p/python-dns/python-dns_2.3.0.orig.tar.gz"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/p/python-dns/python-dns_2.3.0-5.2+etch1.dsc"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/p/python-dns/python-dns_2.3.0-5.2+etch1_all.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/p/python-dns/python-dns_2.3.0-5.2+etch1.diff.gz"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/2536/"
},
{
"trust": 0.1,
"url": "http://rhn.redhat.com/errata/rhsa-2007-0740.html"
},
{
"trust": 0.1,
"url": "http://secunia.com/network_software_inspector/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/2535/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/13653/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/48/"
},
{
"trust": 0.1,
"url": "http://rhn.redhat.com"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/13651/"
},
{
"trust": 0.1,
"url": "http://secunia.com/about_secunia_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/4669/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/4668/"
},
{
"trust": 0.1,
"url": "http://secunia.com/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/13652/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/1326/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/26152/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/1306/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/4670/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/2534/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/1044/"
},
{
"trust": 0.1,
"url": "https://www.xopenid.net"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-3280"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-0166"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#800113"
},
{
"db": "CERT/CC",
"id": "VU#252735"
},
{
"db": "VULHUB",
"id": "VHN-31572"
},
{
"db": "PACKETSTORM",
"id": "68039"
},
{
"db": "PACKETSTORM",
"id": "68068"
},
{
"db": "PACKETSTORM",
"id": "73732"
},
{
"db": "PACKETSTORM",
"id": "68288"
},
{
"db": "PACKETSTORM",
"id": "68691"
},
{
"db": "PACKETSTORM",
"id": "68878"
},
{
"db": "PACKETSTORM",
"id": "68063"
},
{
"db": "PACKETSTORM",
"id": "69021"
},
{
"db": "PACKETSTORM",
"id": "68037"
},
{
"db": "PACKETSTORM",
"id": "68546"
},
{
"db": "PACKETSTORM",
"id": "58035"
},
{
"db": "PACKETSTORM",
"id": "68924"
},
{
"db": "NVD",
"id": "CVE-2008-1447"
}
]
},
"sources": {
"_id": null,
"data": [
{
"db": "CERT/CC",
"id": "VU#800113",
"ident": null
},
{
"db": "CERT/CC",
"id": "VU#252735",
"ident": null
},
{
"db": "VULHUB",
"id": "VHN-31572",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "68039",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "68068",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "73732",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "68288",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "68691",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "68878",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "68063",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "69021",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "68037",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "68546",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "58035",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "68924",
"ident": null
},
{
"db": "NVD",
"id": "CVE-2008-1447",
"ident": null
}
]
},
"sources_release_date": {
"_id": null,
"data": [
{
"date": "2008-07-08T00:00:00",
"db": "CERT/CC",
"id": "VU#800113",
"ident": null
},
{
"date": "2007-07-27T00:00:00",
"db": "CERT/CC",
"id": "VU#252735",
"ident": null
},
{
"date": "2008-07-08T00:00:00",
"db": "VULHUB",
"id": "VHN-31572",
"ident": null
},
{
"date": "2008-07-10T06:26:35",
"db": "PACKETSTORM",
"id": "68039",
"ident": null
},
{
"date": "2008-07-10T07:29:30",
"db": "PACKETSTORM",
"id": "68068",
"ident": null
},
{
"date": "2009-01-12T19:16:04",
"db": "PACKETSTORM",
"id": "73732",
"ident": null
},
{
"date": "2008-07-17T19:16:48",
"db": "PACKETSTORM",
"id": "68288",
"ident": null
},
{
"date": "2008-07-31T22:22:45",
"db": "PACKETSTORM",
"id": "68691",
"ident": null
},
{
"date": "2008-08-06T21:52:19",
"db": "PACKETSTORM",
"id": "68878",
"ident": null
},
{
"date": "2008-07-10T07:10:37",
"db": "PACKETSTORM",
"id": "68063",
"ident": null
},
{
"date": "2008-08-13T04:21:24",
"db": "PACKETSTORM",
"id": "69021",
"ident": null
},
{
"date": "2008-07-10T06:23:57",
"db": "PACKETSTORM",
"id": "68037",
"ident": null
},
{
"date": "2008-07-28T15:27:39",
"db": "PACKETSTORM",
"id": "68546",
"ident": null
},
{
"date": "2007-07-26T04:26:32",
"db": "PACKETSTORM",
"id": "58035",
"ident": null
},
{
"date": "2008-08-08T20:46:25",
"db": "PACKETSTORM",
"id": "68924",
"ident": null
},
{
"date": "2008-07-08T23:41:00",
"db": "NVD",
"id": "CVE-2008-1447",
"ident": null
}
]
},
"sources_update_date": {
"_id": null,
"data": [
{
"date": "2014-04-14T00:00:00",
"db": "CERT/CC",
"id": "VU#800113",
"ident": null
},
{
"date": "2008-08-06T00:00:00",
"db": "CERT/CC",
"id": "VU#252735",
"ident": null
},
{
"date": "2020-03-24T00:00:00",
"db": "VULHUB",
"id": "VHN-31572",
"ident": null
},
{
"date": "2025-04-09T00:30:58.490000",
"db": "NVD",
"id": "CVE-2008-1447",
"ident": null
}
]
},
"threat_type": {
"_id": null,
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "68068"
},
{
"db": "PACKETSTORM",
"id": "68063"
}
],
"trust": 0.2
},
"title": {
"_id": null,
"data": "Multiple DNS implementations vulnerable to cache poisoning",
"sources": [
{
"db": "CERT/CC",
"id": "VU#800113"
}
],
"trust": 0.8
},
"type": {
"_id": null,
"data": "spoof",
"sources": [
{
"db": "PACKETSTORM",
"id": "68068"
},
{
"db": "PACKETSTORM",
"id": "68063"
},
{
"db": "PACKETSTORM",
"id": "69021"
},
{
"db": "PACKETSTORM",
"id": "68546"
}
],
"trust": 0.4
}
}
VAR-201605-0037
Vulnerability from variot - Updated: 2026-04-10 22:45The X509_NAME_oneline function in crypto/x509/x509_obj.c in OpenSSL before 1.0.1t and 1.0.2 before 1.0.2h allows remote attackers to obtain sensitive information from process stack memory or cause a denial of service (buffer over-read) via crafted EBCDIC ASN.1 data. OpenSSL is prone to an information-disclosure vulnerability. An attacker can exploit this issue to gain access to sensitive information that may aid in further attacks. Following product versions are affected: OpenSSL versions 1.0.2 prior to 1.0.2h OpenSSL versions 1.0.1 prior to 1.0.1t. The bug causing the vulnerability was fixed on April 18th 2015, and released as part of the June 11th 2015 security releases. The security impact of the bug was not known at the time.
In previous versions of OpenSSL, ASN.1 encoding the value zero represented as a negative integer can cause a buffer underflow with an out-of-bounds write in i2c_ASN1_INTEGER. The ASN.1 parser does not normally create "negative zeroes" when parsing ASN.1 input, and therefore, an attacker cannot trigger this bug.
However, a second, independent bug revealed that the ASN.1 parser (specifically, d2i_ASN1_TYPE) can misinterpret a large universal tag as a negative zero value. Large universal tags are not present in any common ASN.1 structures (such as X509) but are accepted as part of ANY structures.
Therefore, if an application deserializes untrusted ASN.1 structures containing an ANY field, and later reserializes them, an attacker may be able to trigger an out-of-bounds write. This has been shown to cause memory corruption that is potentially exploitable with some malloc implementations.
Applications that parse and re-encode X509 certificates are known to be vulnerable. Applications that verify RSA signatures on X509 certificates may also be vulnerable; however, only certificates with valid signatures trigger ASN.1 re-encoding and hence the bug. Specifically, since OpenSSL's default TLS X509 chain verification code verifies the certificate chain from root to leaf, TLS handshakes could only be targeted with valid certificates issued by trusted Certification Authorities.
OpenSSL 1.0.2 users should upgrade to 1.0.2c OpenSSL 1.0.1 users should upgrade to 1.0.1o
This vulnerability is a combination of two bugs, neither of which individually has security impact. The first bug (mishandling of negative zero integers) was reported to OpenSSL by Huzaifa Sidhpurwala (Red Hat) and independently by Hanno Böck in April 2015. The second issue (mishandling of large universal tags) was found using libFuzzer, and reported on the public issue tracker on March 1st 2016. The fact that these two issues combined present a security vulnerability was reported by David Benjamin (Google) on March 31st 2016. The fixes were developed by Steve Henson of the OpenSSL development team, and David Benjamin. The OpenSSL team would also like to thank Mark Brand and Ian Beer from the Google Project Zero team for their careful analysis of the impact.
The fix for the "negative zero" memory corruption bug can be identified by commits
3661bb4e7934668bd99ca777ea8b30eedfafa871 (1.0.2) and 32d3b0f52f77ce86d53f38685336668d47c5bdfe (1.0.1)
Padding oracle in AES-NI CBC MAC check (CVE-2016-2107)
Severity: High
A MITM attacker can use a padding oracle attack to decrypt traffic when the connection uses an AES CBC cipher and the server support AES-NI.
This issue was introduced as part of the fix for Lucky 13 padding attack (CVE-2013-0169). The padding check was rewritten to be in constant time by making sure that always the same bytes are read and compared against either the MAC or padding bytes. But it no longer checked that there was enough data to have both the MAC and padding bytes.
OpenSSL 1.0.2 users should upgrade to 1.0.2h OpenSSL 1.0.1 users should upgrade to 1.0.1t
This issue was reported to OpenSSL on 13th of April 2016 by Juraj Somorovsky using TLS-Attacker. The fix was developed by Kurt Roeckx of the OpenSSL development team.
EVP_EncodeUpdate overflow (CVE-2016-2105)
Severity: Low
An overflow can occur in the EVP_EncodeUpdate() function which is used for Base64 encoding of binary data. If an attacker is able to supply very large amounts of input data then a length check can overflow resulting in a heap corruption.
Internally to OpenSSL the EVP_EncodeUpdate() function is primarly used by the PEM_write_bio family of functions. These are mainly used within the OpenSSL command line applications. These internal uses are not considered vulnerable because all calls are bounded with length checks so no overflow is possible. User applications that call these APIs directly with large amounts of untrusted data may be vulnerable. (Note: Initial analysis suggested that the PEM_write_bio were vulnerable, and this is reflected in the patch commit message. This is no longer believed to be the case).
OpenSSL 1.0.2 users should upgrade to 1.0.2h OpenSSL 1.0.1 users should upgrade to 1.0.1t
This issue was reported to OpenSSL on 3rd March 2016 by Guido Vranken. The fix was developed by Matt Caswell of the OpenSSL development team.
EVP_EncryptUpdate overflow (CVE-2016-2106)
Severity: Low
An overflow can occur in the EVP_EncryptUpdate() function. If an attacker is able to supply very large amounts of input data after a previous call to EVP_EncryptUpdate() with a partial block then a length check can overflow resulting in a heap corruption. Following an analysis of all OpenSSL internal usage of the EVP_EncryptUpdate() function all usage is one of two forms. The first form is where the EVP_EncryptUpdate() call is known to be the first called function after an EVP_EncryptInit(), and therefore that specific call must be safe. The second form is where the length passed to EVP_EncryptUpdate() can be seen from the code to be some small value and therefore there is no possibility of an overflow. Since all instances are one of these two forms, it is believed that there can be no overflows in internal code due to this problem. It should be noted that EVP_DecryptUpdate() can call EVP_EncryptUpdate() in certain code paths. Also EVP_CipherUpdate() is a synonym for EVP_EncryptUpdate(). All instances of these calls have also been analysed too and it is believed there are no instances in internal usage where an overflow could occur.
This could still represent a security issue for end user code that calls this function directly.
OpenSSL 1.0.2 users should upgrade to 1.0.2h OpenSSL 1.0.1 users should upgrade to 1.0.1t
This issue was reported to OpenSSL on 3rd March 2016 by Guido Vranken. The fix was developed by Matt Caswell of the OpenSSL development team.
ASN.1 BIO excessive memory allocation (CVE-2016-2109)
Severity: Low
When ASN.1 data is read from a BIO using functions such as d2i_CMS_bio() a short invalid encoding can casuse allocation of large amounts of memory potentially consuming excessive resources or exhausting memory.
Any application parsing untrusted data through d2i BIO functions is affected. The memory based functions such as d2i_X509() are not affected. Since the memory based functions are used by the TLS library, TLS applications are not affected.
OpenSSL 1.0.2 users should upgrade to 1.0.2h OpenSSL 1.0.1 users should upgrade to 1.0.1t
This issue was reported to OpenSSL on 4th April 2016 by Brian Carpenter. The fix was developed by Stephen Henson of the OpenSSL development team.
EBCDIC overread (CVE-2016-2176)
Severity: Low
ASN1 Strings that are over 1024 bytes can cause an overread in applications using the X509_NAME_oneline() function on EBCDIC systems. This could result in arbitrary stack data being returned in the buffer.
OpenSSL 1.0.2 users should upgrade to 1.0.2h OpenSSL 1.0.1 users should upgrade to 1.0.1t
This issue was reported to OpenSSL on 5th March 2016 by Guido Vranken. The fix was developed by Matt Caswell of the OpenSSL development team.
Note
As per our previous announcements and our Release Strategy (https://www.openssl.org/policies/releasestrat.html), support for OpenSSL version 1.0.1 will cease on 31st December 2016. No security updates for that version will be provided after that date. Users of 1.0.1 are advised to upgrade.
Support for versions 0.9.8 and 1.0.0 ended on 31st December 2015. Those versions are no longer receiving security updates.
References
URL for this Security Advisory: https://www.openssl.org/news/secadv/20160503.txt
Note: the online version of the advisory may be updated with additional details over time.
For details of OpenSSL severity classifications please see: https://www.openssl.org/policies/secpolicy.html . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512
============================================================================= FreeBSD-SA-16:17.openssl Security Advisory The FreeBSD Project
Topic: Multiple OpenSSL vulnerabilities
Category: contrib Module: openssl Announced: 2016-05-04 Credits: OpenSSL Project Affects: All supported versions of FreeBSD. Corrected: 2016-05-03 18:54:20 UTC (stable/10, 10.3-STABLE) 2016-05-04 15:25:47 UTC (releng/10.3, 10.3-RELEASE-p2) 2016-05-04 15:26:23 UTC (releng/10.2, 10.2-RELEASE-p16) 2016-05-04 15:27:09 UTC (releng/10.1, 10.1-RELEASE-p33) 2016-05-04 06:53:02 UTC (stable/9, 9.3-STABLE) 2016-05-04 15:27:09 UTC (releng/9.3, 9.3-RELEASE-p41) CVE Name: CVE-2016-2105, CVE-2016-2106, CVE-2016-2107, CVE-2016-2109, CVE-2016-2176
For general information regarding FreeBSD Security Advisories, including descriptions of the fields above, security branches, and the following sections, please visit .
I. Background
FreeBSD includes software from the OpenSSL Project. The OpenSSL Project is a collaborative effort to develop a robust, commercial-grade, full-featured Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols as well as a full-strength general purpose cryptography library.
II. [CVE-2016-2176] FreeBSD does not run on any EBCDIC systems and therefore is not affected.
III.
IV. Workaround
No workaround is available.
V. Solution
Perform one of the following:
1) Upgrade your vulnerable system to a supported FreeBSD stable or release / security branch (releng) dated after the correction date.
Restart all daemons that use the library, or reboot the system.
2) To update your vulnerable system via a binary patch:
Systems running a RELEASE version of FreeBSD on the i386 or amd64 platforms can be updated via the freebsd-update(8) utility:
freebsd-update fetch
freebsd-update install
Restart all daemons that use the library, or reboot the system.
3) To update your vulnerable system via a source code patch:
The following patches have been verified to apply to the applicable FreeBSD release branches.
a) Download the relevant patch from the location below, and verify the detached PGP signature using your PGP utility.
[FreeBSD 10.x]
fetch https://security.FreeBSD.org/patches/SA-16:17/openssl-10.patch
fetch https://security.FreeBSD.org/patches/SA-16:17/openssl-10.patch.asc
gpg --verify openssl-10.patch.asc
[FreeBSD 9.3]
fetch https://security.FreeBSD.org/patches/SA-16:17/openssl-9.patc
fetch https://security.FreeBSD.org/patches/SA-16:17/openssl-9.patch.asc
gpg --verify openssl-9.patch.asc
b) Apply the patch. Execute the following commands as root:
cd /usr/src
patch < /path/to/patch
c) Recompile the operating system using buildworld and installworld as described in .
Restart all daemons that use the library, or reboot the system.
VI. Correction details
The following list contains the correction revision numbers for each affected branch.
Branch/path Revision
stable/9/ r299053 releng/9.3/ r299068 stable/10/ r298999 releng/10.1/ r299068 releng/10.2/ r299067 releng/10.3/ r299066
To see which files were modified by a particular revision, run the following command, replacing NNNNNN with the revision number, on a machine with Subversion installed:
svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base
Or visit the following URL, replacing NNNNNN with the revision number:
VII. References
The latest revision of this advisory is available at -----BEGIN PGP SIGNATURE-----
iQIcBAEBCgAGBQJXKjuIAAoJEO1n7NZdz2rneZoP/jqsWr9q5MkCel2aZzfmSVhU 8CjzPwm3t48ibZqrkolAak4dbjJGhidUM/S83BvIcCdtKWyoG8D0fzemB7bBIP2L fqvd1314vuy82CgZlAyJIqzokckUPfyHhTAz9FPZW46f8A+s8znzJcaaD81tt1Xe qg9JZ61e2DZJ2NdZSJSjOpBl55gZqQq3tIwGYw027GKjiflJSvOG1n/531R4rppI x0IZpLor7XBWuiC44hPc4yasC4khWzmdaRpqcUoWVEex8g6Il6xByS2o4AgX7kE/ NBZ0mj4IMYZNQW4VUYbnkmLtWXJYYScboBKh4FRljNCG/t5u/YoSfOY8SbS9LT9K KVj56C6tQRq+/frKbPt26HbqqRTFNVn3FKxJWNQ9CLzsebobXPUYATTN2NVC8gkj S0A/lT2xnvA2YqB9HfmHOvlHS2LDv8SivJWNK4dCPOwhVm624H4qH/N+VFcwU7zc ue+BPvDYU/czsyoJDdQoWxTdkreaOY6eLAWkYAh9dEDIkZSOxgsZR7C4th6THXMu ybIy544elc3bf9vS4tGR552Wi9VntE0B1/LJ2la8l+MnYE6qZL1hbAYpvNyuPWVP EDPjOc4inaMpV62fuL1UrKH1g1HMmFUnoWhC70iS+cuLeXWFdvwBFyL420Ixkd5H zvcsfJCrazlcZ6j83Qfd =PGTh -----END PGP SIGNATURE----- .
Gentoo Linux Security Advisory GLSA 201612-16
https://security.gentoo.org/
Severity: Normal Title: OpenSSL: Multiple vulnerabilities Date: December 07, 2016 Bugs: #581234, #585142, #585276, #591454, #592068, #592074, #592082, #594500, #595186 ID: 201612-16
Synopsis
Multiple vulnerabilities have been found in OpenSSL, the worst of which allows attackers to conduct a time based side-channel attack.
Affected packages
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 dev-libs/openssl < 1.0.2j >= 1.0.2j
Description
Multiple vulnerabilities have been discovered in OpenSSL. Please review the CVE identifiers and the International Association for Cryptologic Research's (IACR) paper, "Make Sure DSA Signing Exponentiations Really are Constant-Time" for further details.
Impact
Remote attackers could cause a Denial of Service condition or have other unspecified impacts. Additionally, a time based side-channel attack may allow a local attacker to recover a private DSA key.
Resolution
All OpenSSL users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=dev-libs/openssl-1.0.2j"
References
[ 1 ] CVE-2016-2105 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2105 [ 2 ] CVE-2016-2106 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2106 [ 3 ] CVE-2016-2107 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2107 [ 4 ] CVE-2016-2108 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2108 [ 5 ] CVE-2016-2109 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2109 [ 6 ] CVE-2016-2176 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2176 [ 7 ] CVE-2016-2177 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2177 [ 8 ] CVE-2016-2178 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2178 [ 9 ] CVE-2016-2180 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2180 [ 10 ] CVE-2016-2183 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2183 [ 11 ] CVE-2016-6304 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-6304 [ 12 ] CVE-2016-6305 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-6305 [ 13 ] CVE-2016-6306 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-6306 [ 14 ] CVE-2016-7052 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7052 [ 15 ] Make Sure DSA Signing Exponentiations Really are Constant-Time http://eprint.iacr.org/2016/594.pdf
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
https://security.gentoo.org/glsa/201612-16
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us.
License
Copyright 2016 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
.
Here are the details from the Slackware 14.1 ChangeLog: +--------------------------+ patches/packages/openssl-1.0.1t-i486-1_slack14.1.txz: Upgraded. This update fixes the following security issues: Memory corruption in the ASN.1 encoder (CVE-2016-2108) Padding oracle in AES-NI CBC MAC check (CVE-2016-2107) EVP_EncodeUpdate overflow (CVE-2016-2105) EVP_EncryptUpdate overflow (CVE-2016-2106) ASN.1 BIO excessive memory allocation (CVE-2016-2109) EBCDIC overread (CVE-2016-2176) For more information, see: https://www.openssl.org/news/secadv/20160503.txt http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2108 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2107 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2105 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2106 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2109 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2176 ( Security fix ) patches/packages/openssl-solibs-1.0.1t-i486-1_slack14.1.txz: Upgraded. +--------------------------+
Where to find the new packages: +-----------------------------+
Thanks to the friendly folks at the OSU Open Source Lab (http://osuosl.org) for donating FTP and rsync hosting to the Slackware project! :-)
Also see the "Get Slack" section on http://slackware.com for additional mirror sites near you.
Updated packages for Slackware 14.0: ftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/openssl-1.0.1t-i486-1_slack14.0.txz ftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/openssl-solibs-1.0.1t-i486-1_slack14.0.txz
Updated packages for Slackware x86_64 14.0: ftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/openssl-1.0.1t-x86_64-1_slack14.0.txz ftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/openssl-solibs-1.0.1t-x86_64-1_slack14.0.txz
Updated packages for Slackware 14.1: ftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/openssl-1.0.1t-i486-1_slack14.1.txz ftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/openssl-solibs-1.0.1t-i486-1_slack14.1.txz
Updated packages for Slackware x86_64 14.1: ftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/openssl-1.0.1t-x86_64-1_slack14.1.txz ftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/openssl-solibs-1.0.1t-x86_64-1_slack14.1.txz
Updated packages for Slackware -current: ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/a/openssl-solibs-1.0.2h-i586-1.txz ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/openssl-1.0.2h-i586-1.txz
Updated packages for Slackware x86_64 -current: ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/a/openssl-solibs-1.0.2h-x86_64-1.txz ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/openssl-1.0.2h-x86_64-1.txz
MD5 signatures: +-------------+
Slackware 14.0 packages: 033bd9509aeb07712e6bb3adf89c18e4 openssl-1.0.1t-i486-1_slack14.0.txz 9e91d781e33f7af80cbad08b245e84ed openssl-solibs-1.0.1t-i486-1_slack14.0.txz
Slackware x86_64 14.0 packages: e5c77ec16e3f2fcb2f1d53d84a6ba951 openssl-1.0.1t-x86_64-1_slack14.0.txz 2de7b6196a905233036d7f38008984bd openssl-solibs-1.0.1t-x86_64-1_slack14.0.txz
Slackware 14.1 packages: 96dcae05ae2f585c30de852a55eb870f openssl-1.0.1t-i486-1_slack14.1.txz 59618b061e62fd9d73ba17df7626b2e7 openssl-solibs-1.0.1t-i486-1_slack14.1.txz
Slackware x86_64 14.1 packages: 3d5ebfce099917703d537ab603e58a9b openssl-1.0.1t-x86_64-1_slack14.1.txz bf3a6bbdbe835dd2ce73333822cc9f06 openssl-solibs-1.0.1t-x86_64-1_slack14.1.txz
Slackware -current packages: 4889a10c5f3aa7104167c7d50eedf7ea a/openssl-solibs-1.0.2h-i586-1.txz 8e3439f35c3cb4e11ca64eebb238a52f n/openssl-1.0.2h-i586-1.txz
Slackware x86_64 -current packages: b4a852bb7e86389ec228288ccb7e79bb a/openssl-solibs-1.0.2h-x86_64-1.txz bcf9dc7bb04173f002644e3ce33ab4ab n/openssl-1.0.2h-x86_64-1.txz
Installation instructions: +------------------------+
Upgrade the packages as root:
upgradepkg openssl-1.0.1t-i486-1_slack14.1.txz openssl-solibs-1.0.1t-i486-1_slack14.1.txz
Then, reboot the machine or restart any network services that use OpenSSL.
+-----+
Slackware Linux Security Team http://slackware.com/gpg-key security@slackware.com
+------------------------------------------------------------------------+ | To leave the slackware-security mailing list: | +------------------------------------------------------------------------+ | Send an email to majordomo@slackware.com with this text in the body of | | the email message: | | | | unsubscribe slackware-security | | | | You will get a confirmation message back containing instructions to | | complete the process. Please do not reply to this email address. This could lead to a heap corruption. This could lead to a heap corruption.
CVE-2016-2108
David Benjamin from Google discovered that two separate bugs in the
ASN.1 encoder, related to handling of negative zero integer values
and large universal tags, could lead to an out-of-bounds write.
For the unstable distribution (sid), these problems have been fixed in version 1.0.2h-1. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
Note: the current version of the following document is available here: https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03765en_us
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: hpesbhf03765en_us Version: 1
HPESBHF03765 rev.1 - HPE ConvergedSystem 700 Solution with Comware v7 Switches using OpenSSL, Remote Denial of Service (DoS) and Disclosure of Sensitive Information
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2017-07-20 Last Updated: 2017-07-20
Potential Security Impact: Remote: Denial of Service (DoS), Disclosure of Sensitive Information
Source: Hewlett Packard Enterprise, Product Security Response Team
VULNERABILITY SUMMARY Potential security vulnerabilities in OpenSSL have been addressed in HPE Network Products including Comware v7 that is applicable for ConvergedSystem 700 solutions. The vulnerabilities could be remotely exploited resulting in Denial of Service (DoS) or disclosure of sensitive information.
- HP ConvergedSystem 700 for Virtualization 1.0
- HP ConvergedSystem 700 for Virtualization 1.1 1.1
- HP ConvergedSystem 700 Virtualization 2.0 Foundation Kit 2.0
- HP ConvergedSystem 700 Virtualization 2.0 VMware Kit 2.0
- HP ConvergedSystem 700x 1.0
- HP ConvergedSystem 700x for Microsoft Solution Kit 1.0
- HP ConvergedSystem 700x v1.1 Microsoft Kit 1.1
- HP ConvergedSystem 700x v1.1 VMware Kit 1.1
BACKGROUND
CVSS Base Metrics ================= Reference, CVSS V3 Score/Vector, CVSS V2 Score/Vector
CVE-2016-2105
5.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
5.0 (AV:N/AC:L/Au:N/C:N/I:N/A:P)
CVE-2016-2106
5.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
5.0 (AV:N/AC:L/Au:N/C:N/I:N/A:P)
CVE-2016-2107
3.7 CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L
2.6 (AV:N/AC:H/Au:N/C:P/I:N/A:N)
CVE-2016-2108
9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVE-2016-2109
7.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.8 (AV:N/AC:L/Au:N/C:N/I:N/A:C)
CVE-2016-2176
6.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L
6.4 (AV:N/AC:L/Au:N/C:P/I:N/A:P)
Information on CVSS is documented in
HPE Customer Notice HPSN-2008-002 here:
https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c01345499
RESOLUTION
HPE recommends upgrading your network switches to Comware v7 Version R2422P02 which is part of the HPE ConvergedSystem 700 Solution as listed below:
- CS700/CS700x 1.0 and 1.1 solution:
-
HPN 5900 Switch (JG510A/JH038A) (JC772A/JG554A) (JG296A)
-
CS700 2.0 solution:
-
HPE FlexFabric 5930 Switch 4slot (JH179A/JH188A) 2slot+2QSFP+ (JH178A/JH187A)
-
HPE has provided the following Customer Notice that includes links to documentation to assist you in maintaining your HPE ConvergedSystem 700 solution:
+ http://h20565.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-a00006123en_ s
Note: Please contact HPE Technical Support if any assistance is needed acquiring the software updates.
HISTORY Version:1 (rev.1) - 21 July 2017 Initial release
Third Party Security Patches: Third party security patches that are to be installed on systems running Hewlett Packard Enterprise (HPE) software products should be applied in accordance with the customer's patch management policy.
Support: For issues about implementing the recommendations of this Security Bulletin, contact normal HPE Services support channel. For other issues about the content of this Security Bulletin, send e-mail to security-alert@hpe.com.
Report: To report a potential security vulnerability for any HPE supported product: Web form: https://www.hpe.com/info/report-security-vulnerability Email: security-alert@hpe.com
Subscribe: To initiate a subscription to receive future HPE Security Bulletin alerts via Email: http://www.hpe.com/support/Subscriber_Choice
Security Bulletin Archive: A list of recently released Security Bulletins is available here: http://www.hpe.com/support/Security_Bulletin_Archive
Software Product Category: The Software Product Category is represented in the title by the two characters following HPSB.
3C = 3COM 3P = 3rd Party Software GN = HPE General Software HF = HPE Hardware and Firmware MU = Multi-Platform Software NS = NonStop Servers OV = OpenVMS PV = ProCurve ST = Storage Software UX = HP-UX
Copyright 2016 Hewlett Packard Enterprise
Hewlett Packard Enterprise shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett Packard Enterprise and the names of Hewlett Packard Enterprise products referenced herein are trademarks of Hewlett Packard Enterprise in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512
APPLE-SA-2016-07-18-1 OS X El Capitan v10.11.6 and Security Update 2016-004
OS X El Capitan v10.11.6 and Security Update 2016-004 is now available and addresses the following:
apache_mod_php
Available for:
OS X Yosemite v10.10.5 and OS X El Capitan v10.11 and later
Impact: A remote attacker may be able to execute arbitrary code
Description: Multiple issues existed in PHP versions prior to
5.5.36. These were addressed by updating PHP to version 5.5.36.
CVE-2016-4650
Audio Available for: OS X El Capitan v10.11 and later Impact: A local user may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed through improved memory handling. CVE-2016-4647 : Juwei Lin (@fuzzerDOTcn) of Trend Micro
Audio Available for: OS X El Capitan v10.11 and later Impact: A local user may be able to determine kernel memory layout Description: An out-of-bounds read was addressed through improved input validation. CVE-2016-4648 : Juwei Lin(@fuzzerDOTcn) of Trend Micro
Audio Available for: OS X El Capitan v10.11 and later Impact: Parsing a maliciously crafted audio file may lead to the disclosure of user information Description: An out-of-bounds read was addressed through improved bounds checking. CVE-2016-4646 : Steven Seeley of Source Incite working with Trend Micro's Zero Day Initiative
Audio Available for: OS X El Capitan v10.11 and later Impact: A local user may be able to cause a system denial of service Description: A null pointer dereference was addressed through improved input validation. CVE-2016-4649 : Juwei Lin(@fuzzerDOTcn) of Trend Micro
bsdiff Available for: OS X El Capitan v10.11 and later Impact: A local attacker may be able to cause unexpected application termination or arbitrary code execution Description: An integer overflow existed in bspatch. This issue was addressed through improved bounds checking. CVE-2014-9862 : an anonymous researcher
CFNetwork Available for: OS X El Capitan v10.11 and later Impact: A local user may be able to view sensitive user information Description: A permissions issue existed in the handling of web browser cookies. This issue was addressed through improved restrictions. CVE-2016-4645 : Abhinav Bansal of Zscaler Inc.
CoreGraphics Available for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan v10.11 and later Impact: A remote attacker may be able to execute arbitrary code Description: A memory corruption issue was addressed through improved memory handling. CVE-2016-4637 : Tyler Bohan of Cisco Talos (talosintel.com /vulnerability-reports)
CoreGraphics Available for: OS X El Capitan v10.11 and later Impact: A local user may be able to elevate privileges Description: An out-of-bounds read issue existed that led to the disclosure of kernel memory. This was addressed through improved input validation. CVE-2016-4652 : Yubin Fu of Tencent KeenLab working with Trend Micro's Zero Day Initiative
FaceTime Available for: OS X El Capitan v10.11 and later Impact: An attacker in a privileged network position may be able to cause a relayed call to continue transmitting audio while appearing as if the call terminated Description: User interface inconsistencies existed in the handling of relayed calls. These issues were addressed through improved FaceTime display logic. CVE-2016-4635 : Martin Vigo
Graphics Drivers Available for: OS X El Capitan v10.11 and later Impact: A local user may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed through improved input validation. CVE-2016-4634 : Stefan Esser of SektionEins
ImageIO Available for: OS X El Capitan v10.11 and later Impact: A remote attacker may be able to cause a denial of service Description: A memory consumption issue was addressed through improved memory handling. CVE-2016-4632 : Evgeny Sidorov of Yandex
ImageIO Available for: OS X El Capitan v10.11 and later Impact: A remote attacker may be able to execute arbitrary code Description: Multiple memory corruption issues were addressed through improved memory handling. CVE-2016-4631 : Tyler Bohan of Cisco Talos (talosintel.com /vulnerability-reports)
ImageIO Available for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan v10.11 and later Impact: A remote attacker may be able to execute arbitrary code Description: Multiple memory corruption issues were addressed through improved memory handling. CVE-2016-4629 : Tyler Bohan of Cisco Talos (talosintel.com /vulnerability-reports) CVE-2016-4630 : Tyler Bohan of Cisco Talos (talosintel.com /vulnerability-reports)
Intel Graphics Driver Available for: OS X El Capitan v10.11 and later Impact: A malicious application may be able to execute arbitrary code with kernel privileges Description: Multiple memory corruption issues were addressed through improved memory handling. CVE-2016-4633 : an anonymous researcher
IOHIDFamily Available for: OS X El Capitan v10.11 and later Impact: A local user may be able to execute arbitrary code with kernel privileges Description: A null pointer dereference was addressed through improved input validation. CVE-2016-4626 : Stefan Esser of SektionEins
IOSurface Available for: OS X El Capitan v10.11 and later Impact: A local user may be able to execute arbitrary code with kernel privileges Description: A use-after-free was addressed through improved memory management. CVE-2016-4625 : Ian Beer of Google Project Zero
Kernel Available for: OS X El Capitan v10.11 and later Impact: A local user may be able to execute arbitrary code with kernel privileges Description: Multiple memory corruption issues were addressed through improved memory handling. CVE-2016-1863 : Ian Beer of Google Project Zero CVE-2016-1864 : Ju Zhu of Trend Micro CVE-2016-4582 : Shrek_wzw and Proteas of Qihoo 360 Nirvan Team
Kernel Available for: OS X El Capitan v10.11 and later Impact: A local user may be able to cause a system denial of service Description: A null pointer dereference was addressed through improved input validation. CVE-2016-1865 : CESG, Marco Grassi (@marcograss) of KeenLab (@keen_lab), Tencent
libc++abi Available for: OS X El Capitan v10.11 and later Impact: An application may be able to execute arbitrary code with root privileges Description: Multiple memory corruption issues were addressed through improved memory handling. CVE-2016-4621 : an anonymous researcher
libexpat Available for: OS X El Capitan v10.11 and later Impact: Processing maliciously crafted XML may lead to unexpected application termination or arbitrary code execution Description: Multiple memory corruption issues were addressed through improved memory handling. CVE-2016-0718 : Gustavo Grieco
LibreSSL Available for: OS X El Capitan v10.11 and later Impact: A remote attacker may be able to execute arbitrary code Description: Multiple issues existed in LibreSSL before 2.2.7. These were addressed by updating LibreSSL to version 2.2.7. CVE-2016-2108 : Huzaifa Sidhpurwala (Red Hat), Hanno Boeck, David Benjamin (Google) Mark Brand, Ian Beer of Google Project Zero CVE-2016-2109 : Brian Carpenter
libxml2 Available for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan v10.11 and later Impact: Parsing a maliciously crafted XML document may lead to disclosure of user information Description: An access issue existed in the parsing of maliciously crafted XML files. This issue was addressed through improved input validation. CVE-2016-4449 : Kostya Serebryany
libxml2 Available for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan v10.11 and later Impact: Multiple vulnerabilities in libxml2 Description: Multiple memory corruption issues were addressed through improved memory handling. CVE-2016-1836 : Wei Lei and Liu Yang of Nanyang Technological University CVE-2016-4447 : Wei Lei and Liu Yang of Nanyang Technological University CVE-2016-4448 : Apple CVE-2016-4483 : Gustavo Grieco CVE-2016-4614 : Nick Wellnhofe CVE-2016-4615 : Nick Wellnhofer CVE-2016-4616 : Michael Paddon CVE-2016-4619 : Hanno Boeck
libxslt Available for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan v10.11 and later Impact: Multiple vulnerabilities in libxslt Description: Multiple memory corruption issues were addressed through improved memory handling. CVE-2016-1684 : Nicolas GrA(c)goire CVE-2016-4607 : Nick Wellnhofer CVE-2016-4608 : Nicolas GrA(c)goire CVE-2016-4609 : Nick Wellnhofer CVE-2016-4610 : Nick Wellnhofer CVE-2016-4612 : Nicolas GrA(c)goire
Login Window Available for: OS X El Capitan v10.11 and later Impact: A malicious application may be able to execute arbitrary code leading to compromise of user information Description: A memory corruption issue was addressed through improved input validation. CVE-2016-4640 : Yubin Fu of Tencent KeenLab working with Trend Micro's Zero Day Initiative
Login Window Available for: OS X El Capitan v10.11 and later Impact: A malicious application may be able to execute arbitrary code leading to the compromise of user information Description: A type confusion issue was addressed through improved memory handling. CVE-2016-4641 : Yubin Fu of Tencent KeenLab working with Trend Micro's Zero Day Initiative
Login Window Available for: OS X El Capitan v10.11 and later Impact: A local user may be able to cause a denial of service Description: A memory initialization issue was addressed through improved memory handling. CVE-2016-4639 : Yubin Fu of Tencent KeenLab working with Trend Micro's Zero Day Initiative
Login Window Available for: OS X El Capitan v10.11 and later Impact: A malicious application may be able to gain root privileges Description: A type confusion issue was addressed through improved memory handling. CVE-2016-4638 : Yubin Fu of Tencent KeenLab working with Trend Micro's Zero Day Initiative
OpenSSL Available for: OS X El Capitan v10.11 and later Impact: A remote attacker may be able to execute arbitrary code Description: Multiple issues existed in OpenSSL. CVE-2016-2105 : Guido Vranken CVE-2016-2106 : Guido Vranken CVE-2016-2107 : Juraj Somorovsky CVE-2016-2108 : Huzaifa Sidhpurwala (Red Hat), Hanno Boeck, David Benjamin (Google), Mark Brand and Ian Beer of Google Project Zero CVE-2016-2109 : Brian Carpenter CVE-2016-2176 : Guido Vranken
QuickTime Available for: OS X El Capitan v10.11 and later Impact: Processing a maliciously crafted FlashPix Bitmap Image may lead to unexpected application termination or arbitrary code execution Description: Multiple memory corruption issues were addressed through improved memory handling. CVE-2016-4596 : Ke Liu of Tencent's Xuanwu Lab CVE-2016-4597 : Ke Liu of Tencent's Xuanwu Lab CVE-2016-4600 : Ke Liu of Tencent's Xuanwu Lab CVE-2016-4602 : Ke Liu of Tencent's Xuanwu Lab
QuickTime Available for: OS X El Capitan v10.11 and later Impact: Processing a maliciously crafted image may lead to arbitrary code execution Description: A memory corruption issue was addressed through improved input validation. CVE-2016-4598 : Ke Liu of Tencent's Xuanwu Lab
QuickTime Available for: OS X El Capitan v10.11 and later Impact: Processing a maliciously crafted SGI file may lead to arbitrary code execution Description: A memory corruption issue was addressed through improved input validation. CVE-2016-4601 : Ke Liu of Tencent's Xuanwu Lab
QuickTime Available for: OS X El Capitan v10.11 and later Impact: Processing a maliciously crafted Photoshop document may lead to unexpected application termination or arbitrary code execution Description: A memory corruption issue was addressed through improved input validation. CVE-2016-4599 : Ke Liu of Tencent's Xuanwu Lab
Safari Login AutoFill Available for: OS X El Capitan v10.11 and later Impact: A user's password may be visible on screen Description: An issue existed in Safari's password auto-fill. This issue was addressed through improved matching of form fields. CVE-2016-4595 : Jonathan Lewis from DeARX Services (PTY) LTD
Sandbox Profiles Available for: OS X El Capitan v10.11 and later Impact: A local application may be able to access the process list Description: An access issue existed with privileged API calls. This issue was addressed through additional restrictions. CVE-2016-4594 : Stefan Esser of SektionEins
Note: OS X El Capitan 10.11.6 includes the security content of Safari 9.1.2. For further details see https://support.apple.com/kb/HT206900
OS X El Capitan v10.11.6 and Security Update 2016-004 may be obtained from the Mac App Store or Apple's Software Downloads web site: http://www.apple.com/support/downloads/
Information will also be posted to the Apple Security Updates web site: http://support.apple.com/kb/HT201222
This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- Comment: GPGTools - https://gpgtools.org
iQIcBAEBCgAGBQJXjXAvAAoJEIOj74w0bLRG/5EP/2v9SJTrO+/4b3A1gqC1ch8y +cJ04tXRsO7rvjKT5nCylo30U0Sanz/bUbDx4559YS7/P/IyeyZVheaTJwK8wzEy pSOPpy35hUuVIw0/p4YsuHDThSBPFMmDljTxH7elkfuBV1lPSrCkyDXc0re2HxWV xj68zAxtM0jkkhgcxb2ApZSZVXhrjUZtbY0xEVOoWKKFwbMvKfx+4xSqunwQeS1u wevs1EbxfvsZbc3pG+xYcOonbegBzOy9aCvNO1Yv1zG+AYXC5ERMq1vk3PsWOTQN ZVY1I7mvCaEfvmjq2isRw8XYapAIKISDLwMKBSYrZDQFwPQLRi1VXxQZ67Kq1M3k ah04/lr0RIcoosIcBqxD2+1UAFjUzEUNFkYivjhuaeegN2QdL7Ujegf1QjdAt8lk mmKduxYUDOaRX50Kw7n14ZveJqzE1D5I6QSItaZ9M1vR60a7u91DSj9D87vbt1YC JM/Rvf/4vonp1NjwA2JQwCiZfYliBDdn9iiCl8mzxdsSRD/wXcZCs05nnKmKsCfc 55ET7IwdG3622lVheOJGQZuucwJiTn36zC11XVzZysQd/hLD5rUKUQNX1WOgZdzs xPsslXF5MWx9jcdyWVSWxDrN0sFk+GpQFQDuVozP60xuxqR3qQ0TXir2NP39uIF5 YozOGPQFmX0OviWCQsX6 =ng+m -----END PGP SIGNATURE-----
Show details on source website{
"affected_products": {
"_id": null,
"data": [
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "1.0.2d"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "1.0.2c"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "1.0.2e"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "1.0.2"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "1.0.2a"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "1.0.2b"
},
{
"_id": null,
"model": "openssl",
"scope": "lte",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1s"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.2f"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.2g"
},
{
"_id": null,
"model": "registered envelope service",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "telepresence video communication server",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "paging server",
"scope": "ne",
"trust": 0.6,
"vendor": "cisco",
"version": "11.5.1"
},
{
"_id": null,
"model": "nexus series switches 5.2 sv3",
"scope": "ne",
"trust": 0.6,
"vendor": "cisco",
"version": "1000v"
},
{
"_id": null,
"model": "network performance analytics",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "ironport encryption appliance",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 0.6,
"vendor": "openssl",
"version": "1.0.1s"
},
{
"_id": null,
"model": "spa51x series ip phones",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "mate collector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "ata series analog terminal adaptor",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1900"
},
{
"_id": null,
"model": "video surveillance series ip cameras",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "30000"
},
{
"_id": null,
"model": "network health framework",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "telepresence server on virtual machine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"_id": null,
"model": "spa232d multi-line dect ata",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "cloud manager with openstack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2"
},
{
"_id": null,
"model": "show and share",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.2(1)"
},
{
"_id": null,
"model": "digital media manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.2.2.1"
},
{
"_id": null,
"model": "unified series ip phones",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "780011.5.2"
},
{
"_id": null,
"model": "clean access manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "lancope stealthwatch flowcollector netflow",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6.8"
},
{
"_id": null,
"model": "emergency responder",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "10.5(3.10000.9)"
},
{
"_id": null,
"model": "websphere cast iron",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.3.0.2"
},
{
"_id": null,
"model": "10.2-release-p8",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "hosted collaboration mediation fulfillment",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "10.6(3)"
},
{
"_id": null,
"model": "cloud manager with openstack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1.0.3"
},
{
"_id": null,
"model": "proactive network operations center",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "telepresence server mr2",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "87104.2"
},
{
"_id": null,
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.2"
},
{
"_id": null,
"model": "video distribution suite for internet streaming",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.3.2"
},
{
"_id": null,
"model": "digital media manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.2.2"
},
{
"_id": null,
"model": "peoplesoft enterprise peopletools",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "8.53"
},
{
"_id": null,
"model": "emergency responder",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.5"
},
{
"_id": null,
"model": "systems director",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.3.6.0"
},
{
"_id": null,
"model": "video surveillance media server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.11"
},
{
"_id": null,
"model": "project openssl 1.0.1e",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "lancope stealthwatch udp director",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6.8.2"
},
{
"_id": null,
"model": "nexus series blade switches 0.9.8zf",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4000"
},
{
"_id": null,
"model": "telepresence isdn link",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "1.1.6"
},
{
"_id": null,
"model": "project openssl 1.0.2g",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "tivoli composite application manager for transactions",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.3.0.1"
},
{
"_id": null,
"model": "tandberg codian isdn gw",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "32400"
},
{
"_id": null,
"model": "cognos insight fp if",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "10.216"
},
{
"_id": null,
"model": "project openssl 1.0.1a",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "telepresence sx series",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "7.3.7"
},
{
"_id": null,
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.5.1.6"
},
{
"_id": null,
"model": "unified intelligent contact management enterprise",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.51"
},
{
"_id": null,
"model": "telepresence mcu",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "85100"
},
{
"_id": null,
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.5.1.131"
},
{
"_id": null,
"model": "unified workforce optimization",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "digital media manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.2.1"
},
{
"_id": null,
"model": "enterprise manager",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "12.1.4"
},
{
"_id": null,
"model": "cloud manager with openstack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1"
},
{
"_id": null,
"model": "lancope stealthwatch flowcollector netflow",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6.8.1"
},
{
"_id": null,
"model": "mediasense 9.0",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "abyp-4tl-p",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"_id": null,
"model": "rational tau",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.35"
},
{
"_id": null,
"model": "cognos business intelligence interim fix",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "10.1.119"
},
{
"_id": null,
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0"
},
{
"_id": null,
"model": "asr series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "50000"
},
{
"_id": null,
"model": "aspera shares",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "1.9.6"
},
{
"_id": null,
"model": "10.1-release-p26",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "edge digital media player",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3400"
},
{
"_id": null,
"model": "enterprise content delivery system",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "2.6.8"
},
{
"_id": null,
"model": "cloud manager with openstack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2.0.2"
},
{
"_id": null,
"model": "prime collaboration assurance sp1",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.5"
},
{
"_id": null,
"model": "tivoli netcool system service monitors fp3",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.1"
},
{
"_id": null,
"model": "emergency responder",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "10.5(1)"
},
{
"_id": null,
"model": "unified contact center enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "unified ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "88310"
},
{
"_id": null,
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.0.11"
},
{
"_id": null,
"model": "intelligent automation for cloud",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "jabber guest",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "10.0(2)"
},
{
"_id": null,
"model": "cognos insight fp",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2.26"
},
{
"_id": null,
"model": "websphere cast iron",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.0.1"
},
{
"_id": null,
"model": "10.1-release-p5",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "unified ip phones",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "69010"
},
{
"_id": null,
"model": "prime security manager",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "9.5.4.3"
},
{
"_id": null,
"model": "security proventia network active bypass",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.13-34"
},
{
"_id": null,
"model": "cognos business intelligence server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.1.1"
},
{
"_id": null,
"model": "flex system fc3171 8gb san pass-thru",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1"
},
{
"_id": null,
"model": "im and presence service",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.5"
},
{
"_id": null,
"model": "ata analog telephone adaptor",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "1879.2.5"
},
{
"_id": null,
"model": "websphere cast iron",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.0.15"
},
{
"_id": null,
"model": "tivoli netcool system service monitors fp15",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.0"
},
{
"_id": null,
"model": "show and share",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5(2)"
},
{
"_id": null,
"model": "jabber guest",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "real-time compression appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1.2"
},
{
"_id": null,
"model": "tivoli composite application manager for transactions",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.4.0.1"
},
{
"_id": null,
"model": "cloud manager with openstack interim fix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2.0.3"
},
{
"_id": null,
"model": "systems director",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2"
},
{
"_id": null,
"model": "prime license manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "ucs central 1.5",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "prime collaboration deployment",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.5"
},
{
"_id": null,
"model": "mobile foundation consumer edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.2.0.1"
},
{
"_id": null,
"model": "web security appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "series ip phones vpn feature",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "8800-11.5.2"
},
{
"_id": null,
"model": "cloud manager with openstack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1.0.2"
},
{
"_id": null,
"model": "visual quality experience server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "filenet system monitor",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.5"
},
{
"_id": null,
"model": "project openssl 1.0.1t",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "anyconnect secure mobility client for windows",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.3"
},
{
"_id": null,
"model": "content security management appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "10.1-release-p28",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "agent for openflow",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "flex system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.4.0"
},
{
"_id": null,
"model": "rational insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.1"
},
{
"_id": null,
"model": "cloud manager with openstack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1.0.1"
},
{
"_id": null,
"model": "webex recording playback client",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "prime collaboration assurance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "asa next-generation firewall services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "9.3-release-p38",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "telepresence content server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "tandberg codian mse model",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "83200"
},
{
"_id": null,
"model": "mysql enterprise backup",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "3.10.1"
},
{
"_id": null,
"model": "local collector appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2.8"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.11.2"
},
{
"_id": null,
"model": "9.3-release-p10",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.3-release-p1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "digital media players series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "44000"
},
{
"_id": null,
"model": "mds series multilayer switches",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "90008.3"
},
{
"_id": null,
"model": "security proventia network active bypass",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.16-37"
},
{
"_id": null,
"model": "10.2-release-p13",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "nexus series switches 7.3.1nx",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5000"
},
{
"_id": null,
"model": "service delivery manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.1"
},
{
"_id": null,
"model": "prime infrastructure standalone plug and play gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "spa50x series ip phones",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "webex meetings for blackberry",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "tivoli netcool system service monitors interim fix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.014-01"
},
{
"_id": null,
"model": "lancope stealthwatch flowcollector sflow",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "project openssl 1.0.1g",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "media experience engines",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "3.5.1"
},
{
"_id": null,
"model": "exalogic infrastructure",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "2.0"
},
{
"_id": null,
"model": "tivoli netcool system service monitors fp1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"_id": null,
"model": "cloud manager with openstack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3.0.4"
},
{
"_id": null,
"model": "telepresence integrator c series",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "7.3.7"
},
{
"_id": null,
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.5"
},
{
"_id": null,
"model": "anyconnect secure mobility client",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2"
},
{
"_id": null,
"model": "wide area application services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "security virtual server protection for vmware",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.0.1"
},
{
"_id": null,
"model": "telepresence server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "87100"
},
{
"_id": null,
"model": "cloud manager with openstack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3.0.1"
},
{
"_id": null,
"model": "security proventia network active bypass",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.4-23"
},
{
"_id": null,
"model": "10.2-release-p14",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "10.1-release-p17",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "security proventia network active bypass",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.25-57"
},
{
"_id": null,
"model": "sterling connect:express for unix ifix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.4.6.1146-109"
},
{
"_id": null,
"model": "security proventia network active bypass",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.18-43"
},
{
"_id": null,
"model": "cloud manager with openstack interim fix",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1.0.5"
},
{
"_id": null,
"model": "cognos business intelligence server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2.1"
},
{
"_id": null,
"model": "media services interface",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "nexus intercloud",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1000v0"
},
{
"_id": null,
"model": "media experience engines",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "3.5"
},
{
"_id": null,
"model": "mediasense",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.1"
},
{
"_id": null,
"model": "buildforge",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.4"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.11.1"
},
{
"_id": null,
"model": "ips",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "project openssl 1.0.1i",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "cloud manager with openstack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1.0.4.2"
},
{
"_id": null,
"model": "unified workforce optimization quality management sr3 es5",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.0"
},
{
"_id": null,
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.0"
},
{
"_id": null,
"model": "meetingplace",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "2.7"
},
{
"_id": null,
"model": "commerce guided search",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "11.2"
},
{
"_id": null,
"model": "prime access registrar",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "7.0.1.7"
},
{
"_id": null,
"model": "anyconnect secure mobility client for ios",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"_id": null,
"model": "unified attendant console advanced",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "webex messenger service ep1",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.9.9"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.11.3"
},
{
"_id": null,
"model": "tivoli provisioning manager for os deployment",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1"
},
{
"_id": null,
"model": "mediasense",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.5.1"
},
{
"_id": null,
"model": "unified ip phone 9.4.2sr3",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "8961"
},
{
"_id": null,
"model": "systems director",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.3.1.1"
},
{
"_id": null,
"model": "10.2-release-p9",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "unified wireless ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "project openssl 1.0.1s",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "10.1-release-p27",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "spa122 ata with router",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "1.4.5"
},
{
"_id": null,
"model": "media experience engines",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "sterling connect:express for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.4.6"
},
{
"_id": null,
"model": "webex meeting center",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "3.9.1"
},
{
"_id": null,
"model": "lancope stealthwatch flowcollector netflow",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6.8.2"
},
{
"_id": null,
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2"
},
{
"_id": null,
"model": "webex node for mcs",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "3.12.9.8"
},
{
"_id": null,
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.1"
},
{
"_id": null,
"model": "jabber for android",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "video surveillance 4300e/4500e high-definition ip cameras",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "3.2.8"
},
{
"_id": null,
"model": "mobilefirst platform foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.3.0.0"
},
{
"_id": null,
"model": "10.2-release-p6",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "cloud manager with openstack interix fix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2.0.3"
},
{
"_id": null,
"model": "unified sip proxy",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "virtual security gateway for microsoft hyper-v",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5.2(1)"
},
{
"_id": null,
"model": "tandberg codian isdn gw",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "32100"
},
{
"_id": null,
"model": "unified attendant console premium edition",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "digital media players series 5.4 rb",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4300"
},
{
"_id": null,
"model": "security proventia network active bypass",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.11-28"
},
{
"_id": null,
"model": "buildforge",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0"
},
{
"_id": null,
"model": "mysql workbench",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.1.5"
},
{
"_id": null,
"model": "sterling connect:express for unix ifix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.5.0.12150-12"
},
{
"_id": null,
"model": "prime optical for sps",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "abyp-2t-1s-1l-p-m",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"_id": null,
"model": "mds series multilayer switches",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "90006.2.17"
},
{
"_id": null,
"model": "cognos tm1 interim fix",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "10.1.1.2"
},
{
"_id": null,
"model": "rational tau",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.36"
},
{
"_id": null,
"model": "project openssl 1.0.1r",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "websphere cast iron",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.0.8"
},
{
"_id": null,
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.1"
},
{
"_id": null,
"model": "anyconnect secure mobility client for linux",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.3"
},
{
"_id": null,
"model": "websphere cast iron",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.3"
},
{
"_id": null,
"model": "aspera console",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1.1"
},
{
"_id": null,
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.5.0.997"
},
{
"_id": null,
"model": "anyconnect secure mobility client for os",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "x4.3"
},
{
"_id": null,
"model": "unified ip phone series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "79000"
},
{
"_id": null,
"model": "anyconnect secure mobility client for android",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.3"
},
{
"_id": null,
"model": "lancope stealthwatch flowsensor",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "connected analytics for collaboration 1.0.1q",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "systems director",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.3.20"
},
{
"_id": null,
"model": "websphere cast iron",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.0.7"
},
{
"_id": null,
"model": "cognos insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2.1"
},
{
"_id": null,
"model": "jabber guest",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.0"
},
{
"_id": null,
"model": "rational tau",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.34"
},
{
"_id": null,
"model": "abyp-2t-1s-1l-p",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"_id": null,
"model": "show and share",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.2(2)"
},
{
"_id": null,
"model": "lancope stealthwatch flowcollector sflow",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6.7.3"
},
{
"_id": null,
"model": "mmp server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "websphere cast iron",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.1"
},
{
"_id": null,
"model": "tivoli provisioning manager for images",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.19"
},
{
"_id": null,
"model": "security proventia network active bypass",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.30.0-13"
},
{
"_id": null,
"model": "commerce guided search",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "11.1"
},
{
"_id": null,
"model": "abyp-10g-2sr-2lr-1-p-m",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"_id": null,
"model": "tivoli provisioning manager for images build",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.20280.6"
},
{
"_id": null,
"model": "computer telephony integration object server",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.51"
},
{
"_id": null,
"model": "unified communications for microsoft lync",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "10.6.7"
},
{
"_id": null,
"model": "prime security manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.3.4.2-4"
},
{
"_id": null,
"model": "anyres live",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "ons series multiservice provisioning platforms",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "1545410.6.1"
},
{
"_id": null,
"model": "websphere cast iron",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.2"
},
{
"_id": null,
"model": "telepresence isdn link",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "telepresence server",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "70104.4"
},
{
"_id": null,
"model": "packet tracer",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.2"
},
{
"_id": null,
"model": "systems director",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.3.7.0"
},
{
"_id": null,
"model": "openssh for gpfs for windows",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "3.5.0.31"
},
{
"_id": null,
"model": "unified attendant console business edition",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "agent for openflow",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "2.0.7"
},
{
"_id": null,
"model": "cloud manager with openstack interim fix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1.0.5"
},
{
"_id": null,
"model": "cognos business intelligence interim fix",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2.117"
},
{
"_id": null,
"model": "unified contact center enterprise",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.51"
},
{
"_id": null,
"model": "tandberg codian isdn gw",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "32200"
},
{
"_id": null,
"model": "show and share",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.2(3)"
},
{
"_id": null,
"model": "globalprotect agent",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "3.1.0"
},
{
"_id": null,
"model": "webex meetings for wp8",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0"
},
{
"_id": null,
"model": "peoplesoft enterprise peopletools",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "8.54"
},
{
"_id": null,
"model": "abyp-2t-2s-0l-p",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"_id": null,
"model": "linux ia-64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "webex meetings for android",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "9.1"
},
{
"_id": null,
"model": "systems director",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.3.5.0"
},
{
"_id": null,
"model": "mds series multilayer switches 7.3.1nx",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "9000"
},
{
"_id": null,
"model": "mds series multilayer switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "90000"
},
{
"_id": null,
"model": "flex system fc3171 8gb san pass-thru",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.8.01.00"
},
{
"_id": null,
"model": "ios software and cisco ios xe software",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "16.3.1"
},
{
"_id": null,
"model": "tivoli common reporting",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1.0.2"
},
{
"_id": null,
"model": "webex meeting center",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "3.9.0.5"
},
{
"_id": null,
"model": "cognos insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2"
},
{
"_id": null,
"model": "security proventia network active bypass",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.15-36"
},
{
"_id": null,
"model": "ace application control engine module",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "300"
},
{
"_id": null,
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0"
},
{
"_id": null,
"model": "lancope stealthwatch flowsensor",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6.7.3"
},
{
"_id": null,
"model": "exalogic infrastructure",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.0"
},
{
"_id": null,
"model": "proventia network enterprise scanner",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.3"
},
{
"_id": null,
"model": "rational insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.1.4"
},
{
"_id": null,
"model": "websphere cast iron",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.0.6"
},
{
"_id": null,
"model": "nac guest server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "local collector appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2.10"
},
{
"_id": null,
"model": "enterprise content delivery system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "mediasense",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "10.5(1)"
},
{
"_id": null,
"model": "email security appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "tivoli provisioning manager for os deployment build",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1.1051.08"
},
{
"_id": null,
"model": "vm virtualbox",
"scope": "ne",
"trust": 0.3,
"vendor": "oracle",
"version": "5.0.22"
},
{
"_id": null,
"model": "cognos business intelligence server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2.11"
},
{
"_id": null,
"model": "mobile foundation consumer edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.2.0.0"
},
{
"_id": null,
"model": "prime collaboration deployment",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "webex meetings client hosted t31r1sp6",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "cloud manager with openstack interim fix1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3.0.6"
},
{
"_id": null,
"model": "9.3-release-p35",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "dx series ip phones",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "virtualization experience media engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "video surveillance series ip cameras",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "60002.8"
},
{
"_id": null,
"model": "nexus series switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3x000"
},
{
"_id": null,
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.0.18"
},
{
"_id": null,
"model": "packet tracer",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.3"
},
{
"_id": null,
"model": "unified sip proxy",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "10.0"
},
{
"_id": null,
"model": "10.2-release-p10",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "aspera shares",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.9.3"
},
{
"_id": null,
"model": "abyp-0t-4s-0l-p",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"_id": null,
"model": "spa50x series ip phones",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "7.6.5"
},
{
"_id": null,
"model": "security network controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10"
},
{
"_id": null,
"model": "abyp-4ts-p-m",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"_id": null,
"model": "emergency responder",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "8.5"
},
{
"_id": null,
"model": "ata series analog terminal adaptor",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "1901.3"
},
{
"_id": null,
"model": "commerce guided search",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "11.0"
},
{
"_id": null,
"model": "digital media players series 5.4 rb",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4400"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.11.4"
},
{
"_id": null,
"model": "virtualization experience media engine",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.5.1"
},
{
"_id": null,
"model": "abyp-10g-4lr-1-p",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"_id": null,
"model": "telepresence server on multiparty media",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3200"
},
{
"_id": null,
"model": "abyp-10g-4lr-1-p-m",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"_id": null,
"model": "video surveillance ptz ip cameras",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "2.8"
},
{
"_id": null,
"model": "9.3-release-p2",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "emergency responder",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "8.6"
},
{
"_id": null,
"model": "unified communications for microsoft lync",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "jabber software development kit",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "spa122 ata with router",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "10.1-release-p1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.3-stable",
"scope": "ne",
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "tivoli composite application manager for transactions if03",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.4.0.1"
},
{
"_id": null,
"model": "cloud manager with openstack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1.0.4"
},
{
"_id": null,
"model": "identity services engine",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2.1"
},
{
"_id": null,
"model": "commerce experience manager",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "11.2"
},
{
"_id": null,
"model": "linux x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "14.1"
},
{
"_id": null,
"model": "tivoli provisioning manager for os deployment build",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1.151.05"
},
{
"_id": null,
"model": "10.1-release-p9",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.4"
},
{
"_id": null,
"model": "webex meetings server",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "2.7"
},
{
"_id": null,
"model": "i",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.3"
},
{
"_id": null,
"model": "unified communications manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "10.5(2.10000.5)"
},
{
"_id": null,
"model": "project openssl 1.0.1c",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "telepresence mx series",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "7.3.7"
},
{
"_id": null,
"model": "websphere cast iron",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.4.0.0"
},
{
"_id": null,
"model": "telepresence server on multiparty media",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "3204.4"
},
{
"_id": null,
"model": "lancope stealthwatch flowcollector sflow",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6.8"
},
{
"_id": null,
"model": "digital media players series 5.3 rb",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4300"
},
{
"_id": null,
"model": "telepresence profile series",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "7.3.7"
},
{
"_id": null,
"model": "openssh for gpfs for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.5"
},
{
"_id": null,
"model": "mac os",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "x10.11.6"
},
{
"_id": null,
"model": "abyp-0t-0s-4l-p-m",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"_id": null,
"model": "project openssl 1.0.1f",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "nexus series switches 7.3.1nx",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "7000"
},
{
"_id": null,
"model": "jabber for android mr",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.6"
},
{
"_id": null,
"model": "project openssl 1.0.2a",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "abyp-4t-0s-0l-p-m",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"_id": null,
"model": "websphere cast iron",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.0.12"
},
{
"_id": null,
"model": "algo audit and compliance",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1"
},
{
"_id": null,
"model": "project openssl 1.0.2f",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "rational reporting for development intelligence",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0.5"
},
{
"_id": null,
"model": "connected grid router-cgos",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "security proventia network active bypass",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.2919"
},
{
"_id": null,
"model": "worklight enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.0.0"
},
{
"_id": null,
"model": "lancope stealthwatch smc",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "tivoli provisioning manager for images",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.0"
},
{
"_id": null,
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.2"
},
{
"_id": null,
"model": "telepresence server on virtual machine mr2",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2"
},
{
"_id": null,
"model": "service delivery manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.4"
},
{
"_id": null,
"model": "unified ip phones",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "69450"
},
{
"_id": null,
"model": "anyconnect secure mobility client",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.3"
},
{
"_id": null,
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.7"
},
{
"_id": null,
"model": "nexus series switches",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "60008.3"
},
{
"_id": null,
"model": "security proventia network active bypass",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.30.2-9"
},
{
"_id": null,
"model": "abyp-0t-2s-2l-p",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"_id": null,
"model": "nexus series switches",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "70008.3"
},
{
"_id": null,
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.5"
},
{
"_id": null,
"model": "integration bus",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0"
},
{
"_id": null,
"model": "unified communications manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "10.0"
},
{
"_id": null,
"model": "cloud manager with openstack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3.0.2"
},
{
"_id": null,
"model": "webex meetings server ssl gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "-0"
},
{
"_id": null,
"model": "sterling connect:express for unix ifix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.4.6.1146-110"
},
{
"_id": null,
"model": "lancope stealthwatch flowcollector sflow",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6.8.1"
},
{
"_id": null,
"model": "prime network services controller",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "ironport email security appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "9.3-release-p3",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "prime collaboration provisioning",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.2"
},
{
"_id": null,
"model": "sterling connect:express for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.5.0.12"
},
{
"_id": null,
"model": "sterling connect:express for unix ifix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.4.6.1146-113"
},
{
"_id": null,
"model": "lancope stealthwatch flowsensor",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6.8"
},
{
"_id": null,
"model": "spa30x series ip phones",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "security proventia network active bypass",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.30-12"
},
{
"_id": null,
"model": "webex meetings client on premises",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "-0"
},
{
"_id": null,
"model": "cloud manager with openstack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3.0.3"
},
{
"_id": null,
"model": "cognos tm1 fix pack",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2.26"
},
{
"_id": null,
"model": "tivoli provisioning manager for os deployment",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.19"
},
{
"_id": null,
"model": "telepresence server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "70100"
},
{
"_id": null,
"model": "unified communications manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "10.3(1)"
},
{
"_id": null,
"model": "hosted collaboration mediation fulfillment",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "digital media manager",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5.4"
},
{
"_id": null,
"model": "websphere cast iron",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.0.0"
},
{
"_id": null,
"model": "rational reporting for development intelligence",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.2"
},
{
"_id": null,
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0.2"
},
{
"_id": null,
"model": "security manager",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.12"
},
{
"_id": null,
"model": "mobilefirst platform foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.0"
},
{
"_id": null,
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.3"
},
{
"_id": null,
"model": "rational insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.1.7"
},
{
"_id": null,
"model": "systems director",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.3.2.2"
},
{
"_id": null,
"model": "cognos tm1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.1.0"
},
{
"_id": null,
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.5(.1.131)"
},
{
"_id": null,
"model": "project openssl 1.0.2d",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "10.3"
},
{
"_id": null,
"model": "prime access registrar",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "linux mips",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "onepk all-in-one vm",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "mediasense",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.1(1)"
},
{
"_id": null,
"model": "prime lan management solution",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "-0"
},
{
"_id": null,
"model": "buildforge",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.2"
},
{
"_id": null,
"model": "algo audit and compliance if",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1.0.32"
},
{
"_id": null,
"model": "spa525g",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "cloud manager with openstack interim fix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3.0.4"
},
{
"_id": null,
"model": "lancope stealthwatch flowsensor",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6.8.1"
},
{
"_id": null,
"model": "9.3-release-p25",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.0"
},
{
"_id": null,
"model": "abyp-0t-2s-2l-p-m",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"_id": null,
"model": "websphere cast iron",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.3.0.1"
},
{
"_id": null,
"model": "unified attendant console department edition",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "unified ip phone 9.4.2sr3",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "9971"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "14.1"
},
{
"_id": null,
"model": "security proventia network active bypass",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.29-9"
},
{
"_id": null,
"model": "series ip phones vpn feature",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "8800-0"
},
{
"_id": null,
"model": "nexus series switches 7.3.1dx",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6000"
},
{
"_id": null,
"model": "abyp-2t-0s-2l-p",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"_id": null,
"model": "spa112 2-port phone adapter",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "1.4.5"
},
{
"_id": null,
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.0.6"
},
{
"_id": null,
"model": "cognos tm1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2.2"
},
{
"_id": null,
"model": "digital media manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.2.1.1"
},
{
"_id": null,
"model": "telepresence server mr2",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "70104.2"
},
{
"_id": null,
"model": "webex messenger service",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "7.20"
},
{
"_id": null,
"model": "abyp-10g-4sr-1-p-m",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"_id": null,
"model": "media experience engines",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "3.2"
},
{
"_id": null,
"model": "10.3-stable",
"scope": "ne",
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "commerce guided search",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.1.4"
},
{
"_id": null,
"model": "enterprise manager",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "12.2.2"
},
{
"_id": null,
"model": "mysql enterprise backup",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "3.10"
},
{
"_id": null,
"model": "systems director",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.3.3.1"
},
{
"_id": null,
"model": "rational tau interim fix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3.0.6"
},
{
"_id": null,
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1"
},
{
"_id": null,
"model": "video distribution suite for internet streaming",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "digital media players series 5.4 rb",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4300"
},
{
"_id": null,
"model": "telepresence server on multiparty media mr2",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "3204.2"
},
{
"_id": null,
"model": "connected grid router 15.6.2.15t",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "tivoli provisioning manager for os deployment",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1.116"
},
{
"_id": null,
"model": "cloupia unified infrastructure controller",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "hosted collaboration mediation fulfillment",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.5:20"
},
{
"_id": null,
"model": "jabber for mac",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.7"
},
{
"_id": null,
"model": "flex system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.20"
},
{
"_id": null,
"model": "agent desktop for cisco unified contact center express",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "video surveillance series ip cameras",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "70000"
},
{
"_id": null,
"model": "counter fraud management for safer payments",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.0"
},
{
"_id": null,
"model": "telepresence server on multiparty media mr2",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "3104.2"
},
{
"_id": null,
"model": "adaptive security appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "flex system fc3171 8gb san switch",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1"
},
{
"_id": null,
"model": "nexus series switches",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "70006.2.17"
},
{
"_id": null,
"model": "digital media players series 5.3 rb",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4400"
},
{
"_id": null,
"model": "systems director",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.2.1.0"
},
{
"_id": null,
"model": "project openssl 1.0.1n",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "telepresence server on multiparty media",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3204.1"
},
{
"_id": null,
"model": "lancope stealthwatch smc",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6.7.3"
},
{
"_id": null,
"model": "packet tracer",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "7.0"
},
{
"_id": null,
"model": "network analysis module",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6.3.1"
},
{
"_id": null,
"model": "project openssl 1.0.1o",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "video surveillance series ip cameras",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "60000"
},
{
"_id": null,
"model": "unified wireless ip phone",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "1.5.1"
},
{
"_id": null,
"model": "anyconnect secure mobility client for windows",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"_id": null,
"model": "virtual security gateway vsg2",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "systems director",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.3.1.0"
},
{
"_id": null,
"model": "linux x86 64 -current",
"scope": null,
"trust": 0.3,
"vendor": "slackware",
"version": null
},
{
"_id": null,
"model": "policy suite",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "10.1"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "14.0"
},
{
"_id": null,
"model": "webex meetings client on premises",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "-2.7"
},
{
"_id": null,
"model": "10.2-release-p12",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "spa51x series ip phones",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "7.6.5"
},
{
"_id": null,
"model": "peoplesoft enterprise peopletools",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "8.55"
},
{
"_id": null,
"model": "unified ip conference phone for third-party call control",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "88310"
},
{
"_id": null,
"model": "unified intelligence center",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.5.1"
},
{
"_id": null,
"model": "telepresence server on virtual machine",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.4"
},
{
"_id": null,
"model": "common services platform collector",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "1.9.1"
},
{
"_id": null,
"model": "emergency responder",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "8.7"
},
{
"_id": null,
"model": "project openssl 1.0.2e",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "unified communications manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "10.5(3.10000.9)"
},
{
"_id": null,
"model": "hosted collaboration mediation fulfillment",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.5"
},
{
"_id": null,
"model": "project openssl 1.0.1q",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "dcm series 9900-digital content manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "9.3"
},
{
"_id": null,
"model": "digital media manager",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5.3"
},
{
"_id": null,
"model": "anyconnect secure mobility client for ios",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2"
},
{
"_id": null,
"model": "systems director",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.2.1.2"
},
{
"_id": null,
"model": "tivoli provisioning manager for os deployment intirim fix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.133"
},
{
"_id": null,
"model": "telepresence sx series",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "8.1.2"
},
{
"_id": null,
"model": "lancope stealthwatch flowcollector sflow",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6.8.2"
},
{
"_id": null,
"model": "anyconnect secure mobility client for windows",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2"
},
{
"_id": null,
"model": "cognos business intelligence server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2.2"
},
{
"_id": null,
"model": "webex meetings client hosted",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "-0"
},
{
"_id": null,
"model": "webex meetings for wp8",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "rational insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.13"
},
{
"_id": null,
"model": "sterling connect:express for unix ifix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.4.6.1146-108"
},
{
"_id": null,
"model": "sterling connect:express for unix",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "1.5.0.13"
},
{
"_id": null,
"model": "show and share",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.2(2.1)"
},
{
"_id": null,
"model": "security virtual server protection for vmware",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1"
},
{
"_id": null,
"model": "webex meetings for wp8",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "2.6.1"
},
{
"_id": null,
"model": "physical access control gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "wide area application services",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5.5.7"
},
{
"_id": null,
"model": "9.3-release-p24",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "webex messenger service",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "10.1-release-p19",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "mmp server",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "3.10"
},
{
"_id": null,
"model": "tivoli common reporting",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1.0.1"
},
{
"_id": null,
"model": "prime ip express",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "application and content networking system",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5.5.41"
},
{
"_id": null,
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3"
},
{
"_id": null,
"model": "mysql workbench",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.1.4"
},
{
"_id": null,
"model": "10.1-release-p30",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.3-release-p13",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "tivoli common reporting",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1.2.1"
},
{
"_id": null,
"model": "cloud manager with openstack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3"
},
{
"_id": null,
"model": "intelligent automation for cloud",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "0.9.8"
},
{
"_id": null,
"model": "cognos business intelligence",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.1.1"
},
{
"_id": null,
"model": "rational reporting for development intelligence",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.1"
},
{
"_id": null,
"model": "edge digital media player 1.6rb4 5",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "300"
},
{
"_id": null,
"model": "mds series multilayer switches 7.3.1dx",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "9000"
},
{
"_id": null,
"model": "unified ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "99510"
},
{
"_id": null,
"model": "abyp-10g-4sr-1-p",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"_id": null,
"model": "9.3-release-p36",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.6"
},
{
"_id": null,
"model": "unified ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "89450"
},
{
"_id": null,
"model": "digital media manager",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5.4.1"
},
{
"_id": null,
"model": "tivoli provisioning manager for os deployment build",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.20280.6"
},
{
"_id": null,
"model": "lancope stealthwatch flowsensor",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6.8.2"
},
{
"_id": null,
"model": "video surveillance series ip cameras",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "30002.8"
},
{
"_id": null,
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.0.10"
},
{
"_id": null,
"model": "emergency responder",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.2"
},
{
"_id": null,
"model": "rational insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.12"
},
{
"_id": null,
"model": "webex meeting center",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "rational insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.11"
},
{
"_id": null,
"model": "partner supporting service",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.0"
},
{
"_id": null,
"model": "mobility services engine",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "8.0"
},
{
"_id": null,
"model": "edge digital media player",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "3401.2.0.20"
},
{
"_id": null,
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.1"
},
{
"_id": null,
"model": "abyp-0t-4s-0l-p-m",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"_id": null,
"model": "spa30x series ip phones",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "7.6.5"
},
{
"_id": null,
"model": "unified series ip phones",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "78000"
},
{
"_id": null,
"model": "digital media players series 5.4 rb",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4400"
},
{
"_id": null,
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.0.13"
},
{
"_id": null,
"model": "10.2-release-p11",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "service delivery manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.2"
},
{
"_id": null,
"model": "enterprise content management system monitor",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1"
},
{
"_id": null,
"model": "telepresence mcu",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "42000"
},
{
"_id": null,
"model": "socialminer",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "standalone rack server cimc",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.5"
},
{
"_id": null,
"model": "systems director",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.3.2.1"
},
{
"_id": null,
"model": "systems director",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.2.0.0"
},
{
"_id": null,
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.0"
},
{
"_id": null,
"model": "spa112 2-port phone adapter",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "mysql enterprise backup",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "3.12.2"
},
{
"_id": null,
"model": "tivoli netcool system service monitors fp14",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.0"
},
{
"_id": null,
"model": "intracer",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "lancope stealthwatch smc",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6.8"
},
{
"_id": null,
"model": "jabber for apple ios",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.6.2"
},
{
"_id": null,
"model": "video surveillance series high-definition ip cameras",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "40002.4.7"
},
{
"_id": null,
"model": "video surveillance media server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.7"
},
{
"_id": null,
"model": "9.3-release-p33",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.11.5"
},
{
"_id": null,
"model": "tivoli provisioning manager for os deployment build",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1.1051.07"
},
{
"_id": null,
"model": "telepresence mcu",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "84200"
},
{
"_id": null,
"model": "jabber for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "ironport email security appliance",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "10.5"
},
{
"_id": null,
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "10.2"
},
{
"_id": null,
"model": "anyconnect secure mobility client for linux",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"_id": null,
"model": "meetingplace",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "spa525g",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "7.6.5"
},
{
"_id": null,
"model": "cloud manager with openstack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2.0.3"
},
{
"_id": null,
"model": "mmp server",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "3.9.0.5"
},
{
"_id": null,
"model": "websphere cast iron",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.4.0.1"
},
{
"_id": null,
"model": "9.3-release-p41",
"scope": "ne",
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "tivoli netcool system service monitors fp1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.1"
},
{
"_id": null,
"model": "flex system fc3171 8gb san switch",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.8.01.00"
},
{
"_id": null,
"model": "lancope stealthwatch udp director",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "telepresence integrator c series",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "8.1.2"
},
{
"_id": null,
"model": "prime network registrar",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "cloud object store",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "3.8"
},
{
"_id": null,
"model": "buildforge",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.3"
},
{
"_id": null,
"model": "anyconnect secure mobility client for android",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"_id": null,
"model": "cognos business intelligence fixpack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2.12"
},
{
"_id": null,
"model": "commerce experience manager",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.1.4"
},
{
"_id": null,
"model": "telepresence sx series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "10.1-release-p25",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "rational reporting for development intelligence",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0"
},
{
"_id": null,
"model": "enterprise content management system monitor",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2"
},
{
"_id": null,
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.5.1.5"
},
{
"_id": null,
"model": "registered envelope service",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0"
},
{
"_id": null,
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.1.0"
},
{
"_id": null,
"model": "lancope stealthwatch smc",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6.8.1"
},
{
"_id": null,
"model": "tivoli netcool system service monitors fp2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.1"
},
{
"_id": null,
"model": "cognos business intelligence",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2.1"
},
{
"_id": null,
"model": "rational insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1"
},
{
"_id": null,
"model": "unified ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "99710"
},
{
"_id": null,
"model": "telepresence content server",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "7.2"
},
{
"_id": null,
"model": "mediasense",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "8.5(4)"
},
{
"_id": null,
"model": "meetingplace",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "telepresence server on multiparty media",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "3104.4"
},
{
"_id": null,
"model": "websphere message broker",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0"
},
{
"_id": null,
"model": "tivoli provisioning manager for os deployment",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1.0.2"
},
{
"_id": null,
"model": "anyconnect secure mobility client for linux",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2"
},
{
"_id": null,
"model": "cloud manager with openstack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3.0.6"
},
{
"_id": null,
"model": "ata analog telephone adaptor",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1870"
},
{
"_id": null,
"model": "asa cx and prime security manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "universal small cell series",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "50003.5.12.21"
},
{
"_id": null,
"model": "project openssl 1.0.1m",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "expressway series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "rational reporting for development intelligence",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0"
},
{
"_id": null,
"model": "anyconnect secure mobility client for android",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2"
},
{
"_id": null,
"model": "mediasense",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "10.0(1)"
},
{
"_id": null,
"model": "nexus series switches",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "50007.3.1"
},
{
"_id": null,
"model": "mediasense",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "8.5(3)"
},
{
"_id": null,
"model": "tivoli common reporting",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1"
},
{
"_id": null,
"model": "systems director",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.3.3.0"
},
{
"_id": null,
"model": "systems director",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.0.0"
},
{
"_id": null,
"model": "10.1-release-p6",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "edge digital media player",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3000"
},
{
"_id": null,
"model": "unified ip phone 9.4.2sr3",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "8945"
},
{
"_id": null,
"model": "security proventia network active bypass",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.18-49"
},
{
"_id": null,
"model": "unified communications manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "10.0(1.10000.12)"
},
{
"_id": null,
"model": "telepresence ex series",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "8.1.2"
},
{
"_id": null,
"model": "nexus series switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1000v0"
},
{
"_id": null,
"model": "tivoli common reporting",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1.3"
},
{
"_id": null,
"model": "digital media manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.2.3"
},
{
"_id": null,
"model": "rational insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.1.6"
},
{
"_id": null,
"model": "mate design",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0.1"
},
{
"_id": null,
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.6"
},
{
"_id": null,
"model": "rational insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.1.5"
},
{
"_id": null,
"model": "10.3-rc2",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "security proventia network active bypass",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.13-41"
},
{
"_id": null,
"model": "websphere cast iron",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.0.9"
},
{
"_id": null,
"model": "linux s/390",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "aspera console",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.1"
},
{
"_id": null,
"model": "linux x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "14.0"
},
{
"_id": null,
"model": "show and share",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "network admission control",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "unified communications for microsoft lync",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.6"
},
{
"_id": null,
"model": "identity services engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "rational reporting for development intelligence",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0.4"
},
{
"_id": null,
"model": "project openssl 1.0.1j",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "rational tau",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.31"
},
{
"_id": null,
"model": "universal small cell series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "70003.4.2.0"
},
{
"_id": null,
"model": "10.1-release-p33",
"scope": "ne",
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "nexus series switches 7.3.1dx",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5000"
},
{
"_id": null,
"model": "telepresence conductor",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.3"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2"
},
{
"_id": null,
"model": "abyp-0t-0s-4l-p",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"_id": null,
"model": "unified attendant console standard",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "tivoli composite application manager for transactions",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.4.0.0"
},
{
"_id": null,
"model": "jazz reporting service",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0"
},
{
"_id": null,
"model": "connected grid routers",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "mate live",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.5(.1.6)"
},
{
"_id": null,
"model": "commerce experience manager",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "11.1"
},
{
"_id": null,
"model": "telepresence integrator c series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "unified workforce optimization sr3 es5",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.0"
},
{
"_id": null,
"model": "project openssl 1.0.1d",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "unified communications manager 10.5 su3",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "lancope stealthwatch udp director",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6.7.3"
},
{
"_id": null,
"model": "abyp-2t-2s-0l-p-m",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"_id": null,
"model": "jazz reporting service",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.2"
},
{
"_id": null,
"model": "aspera shares",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.9.4"
},
{
"_id": null,
"model": "application policy infrastructure controller",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "2.0(0.400)"
},
{
"_id": null,
"model": "abyp-4tl-p-m",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"_id": null,
"model": "nac server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "security proventia network active bypass",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.9-34"
},
{
"_id": null,
"model": "enterprise manager",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "12.3.2"
},
{
"_id": null,
"model": "rational reporting for development intelligence",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0.3"
},
{
"_id": null,
"model": "abyp-4ts-p",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"_id": null,
"model": "digital media players series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "43000"
},
{
"_id": null,
"model": "service delivery manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.3"
},
{
"_id": null,
"model": "9.3-release-p31",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "telepresence server on multiparty media",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3100"
},
{
"_id": null,
"model": "security proventia network active bypass 0343c3c",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "cloud manager with openstack interim fix1",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3.0.6"
},
{
"_id": null,
"model": "unified ip phones 9.3 sr3",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6901"
},
{
"_id": null,
"model": "digital media manager",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5.3.6"
},
{
"_id": null,
"model": "unified communications manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "11.0(0.98000.225)"
},
{
"_id": null,
"model": "prime network",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "anyconnect secure mobility client for ios",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.3"
},
{
"_id": null,
"model": "prime performance manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "prime collaboration provisioning",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "network analysis module",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "digital media manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0"
},
{
"_id": null,
"model": "websphere application server liberty profile",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.5"
},
{
"_id": null,
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.0.12"
},
{
"_id": null,
"model": "unity connection",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.5"
},
{
"_id": null,
"model": "telepresence video communication server",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "8.8"
},
{
"_id": null,
"model": "lancope stealthwatch flowcollector netflow",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "lancope stealthwatch smc",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6.8.2"
},
{
"_id": null,
"model": "unified communications manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "10.5(1.98991.13)"
},
{
"_id": null,
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.0.16"
},
{
"_id": null,
"model": "abyp-10g-2sr-2lr-1-p",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"_id": null,
"model": "prime optical for sps",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "10.6"
},
{
"_id": null,
"model": "telepresence mcu",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "45000"
},
{
"_id": null,
"model": "telepresence server",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "87104.4"
},
{
"_id": null,
"model": "telepresence isdn gw",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "32410"
},
{
"_id": null,
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.1"
},
{
"_id": null,
"model": "aspera console",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.4"
},
{
"_id": null,
"model": "nexus series switches",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "50008.3"
},
{
"_id": null,
"model": "10.1-release-p31",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "tivoli netcool system service monitors interim fix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.12-04"
},
{
"_id": null,
"model": "netflow generation appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "aspera shares",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.9.2"
},
{
"_id": null,
"model": "telepresence server on multiparty media",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3104.1"
},
{
"_id": null,
"model": "telepresence ex series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "webex meetings server ssl gateway",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "-2.7"
},
{
"_id": null,
"model": "telepresence server on virtual machine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "cognos tm1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2"
},
{
"_id": null,
"model": "cloud manager with openstack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1.0.5"
},
{
"_id": null,
"model": "emergency responder",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "10.5(1.10000.5)"
},
{
"_id": null,
"model": "webex meetings for android",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "aspera console",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.6"
},
{
"_id": null,
"model": "tivoli composite application manager for transactions if37",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.3.0.1"
},
{
"_id": null,
"model": "rational reporting for development intelligence",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0.6"
},
{
"_id": null,
"model": "tivoli network manager ip edition fix pack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.94"
},
{
"_id": null,
"model": "prime license manager",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.5"
},
{
"_id": null,
"model": "commerce experience manager",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "11.0"
},
{
"_id": null,
"model": "unified communications manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "video surveillance series ip cameras",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "70002.8"
},
{
"_id": null,
"model": "tivoli provisioning manager for os deployment",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1.3"
},
{
"_id": null,
"model": "security proventia network active bypass",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.18-42"
},
{
"_id": null,
"model": "expressway series",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "8.8"
},
{
"_id": null,
"model": "abyp-4t-0s-0l-p",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"_id": null,
"model": "email security appliance",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "10.5"
},
{
"_id": null,
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "worklight enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.0.2"
},
{
"_id": null,
"model": "virtual security gateway for microsoft hyper-v vsg2",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.0.14"
},
{
"_id": null,
"model": "connected grid router cgos 15.6.2.15t",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "wide area application services",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6.2.3"
},
{
"_id": null,
"model": "9.3-release-p5",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "tivoli netcool system service monitors interim fix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.12-01"
},
{
"_id": null,
"model": "unified intelligent contact management enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "nexus series switches 7.3.1nx",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6000"
},
{
"_id": null,
"model": "application and content networking system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "mmp server",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "3.9.1"
},
{
"_id": null,
"model": "project openssl 1.0.1k",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "9.3-release-p39",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "anyconnect secure mobility client for ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "sterling connect:express for unix ifix",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "1.4.6.1146-114"
},
{
"_id": null,
"model": "telepresence mx series",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "8.1.2"
},
{
"_id": null,
"model": "aspera console",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.5"
},
{
"_id": null,
"model": "spa232d multi-line dect ata",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "1.4.5"
},
{
"_id": null,
"model": "linux -current",
"scope": null,
"trust": 0.3,
"vendor": "slackware",
"version": null
},
{
"_id": null,
"model": "tivoli provisioning manager for images build",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.20290.1"
},
{
"_id": null,
"model": "project openssl 1.0.1b",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "telepresence profile series",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "8.1.2"
},
{
"_id": null,
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.13"
},
{
"_id": null,
"model": "anyconnect secure mobility client for os",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "x4.2"
},
{
"_id": null,
"model": "tivoli netcool system service monitors interim fix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.014-08"
},
{
"_id": null,
"model": "lancope stealthwatch udp director",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6.8"
},
{
"_id": null,
"model": "universal small cell series",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "70003.5.12.21"
},
{
"_id": null,
"model": "telepresence conductor",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "application policy infrastructure controller",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "jabber for mac",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "globalprotect agent",
"scope": "ne",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "3.1.1"
},
{
"_id": null,
"model": "dcm series 9900-digital content manager",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "19.0"
},
{
"_id": null,
"model": "10.3-release-p1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "unified ip phone 9.4.2sr3",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "9951"
},
{
"_id": null,
"model": "video surveillance 4300e/4500e high-definition ip cameras",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "security proventia network active bypass",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.1876"
},
{
"_id": null,
"model": "mediasense",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.0"
},
{
"_id": null,
"model": "10.3-release-p2",
"scope": "ne",
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "local collector appliance",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2.12"
},
{
"_id": null,
"model": "i",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1"
},
{
"_id": null,
"model": "worklight enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.0.1"
},
{
"_id": null,
"model": "content security appliance updater servers",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "10.1-release-p29",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "connected analytics for collaboration",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "cognos tm1 interim fix",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2.0.2"
},
{
"_id": null,
"model": "multicast manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "10.1-release-p23",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "cognos business intelligence server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2"
},
{
"_id": null,
"model": "telepresence ex series",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "7.3.7"
},
{
"_id": null,
"model": "mac os security update",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "x2016"
},
{
"_id": null,
"model": "10.1-release-p16",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "jazz reporting service",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.1"
},
{
"_id": null,
"model": "digital media manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1"
},
{
"_id": null,
"model": "nexus series switches",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "50006.2.17"
},
{
"_id": null,
"model": "security proventia network active bypass",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.30.4-12"
},
{
"_id": null,
"model": "webex node for mcs",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "emergency responder 10.5",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "nexus",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "900012.0"
},
{
"_id": null,
"model": "lancope stealthwatch udp director",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6.8.1"
},
{
"_id": null,
"model": "unified communications manager session management edition",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "lancope stealthwatch flowcollector netflow",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6.7.3"
},
{
"_id": null,
"model": "9.3-release-p6",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "video surveillance ptz ip cameras",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "virtualization experience media engine",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.7(0)"
},
{
"_id": null,
"model": "telepresence serial gateway series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "i",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2"
},
{
"_id": null,
"model": "9.3-release-p9",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "aspera console",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.3"
},
{
"_id": null,
"model": "project openssl 1.0.2c",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "rational tau",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.32"
},
{
"_id": null,
"model": "webex meetings server 2.5mr2",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "virtual security gateway for microsoft hyper-v",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "services analytic platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "jabber for apple ios",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.7"
},
{
"_id": null,
"model": "unified ip phone series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "79009.4(2)"
},
{
"_id": null,
"model": "unified ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "89610"
},
{
"_id": null,
"model": "nexus series switches",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "60006.2.17"
},
{
"_id": null,
"model": "tivoli common reporting",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1.2"
},
{
"_id": null,
"model": "unified series ip conference phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "88310"
},
{
"_id": null,
"model": "video surveillance media server",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "7.9"
},
{
"_id": null,
"model": "unified communications manager",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.5"
},
{
"_id": null,
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1"
},
{
"_id": null,
"model": "agent for openflow",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "2.1.5"
},
{
"_id": null,
"model": "10.2-release-p16",
"scope": "ne",
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "project openssl 1.0.2h",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "virtual security gateway",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5.2(1)"
},
{
"_id": null,
"model": "unified attendant console enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "unified contact center express",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "rational tau",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3"
},
{
"_id": null,
"model": "linux ia-32",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "buildforge",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.1"
},
{
"_id": null,
"model": "cognos insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2.2"
},
{
"_id": null,
"model": "policy suite",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "10.0"
},
{
"_id": null,
"model": "tivoli provisioning manager for os deployment",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1"
},
{
"_id": null,
"model": "digital media manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.2"
},
{
"_id": null,
"model": "project openssl 1.0.2b",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "prime data center network manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "unified computing system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "unified communications manager session management edition",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.5"
},
{
"_id": null,
"model": "videoscape control suite",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "telepresence mcu",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "53000"
},
{
"_id": null,
"model": "prime access registrar",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "7.1"
},
{
"_id": null,
"model": "anyres live",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "9.4.5"
},
{
"_id": null,
"model": "flex system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.3.0"
},
{
"_id": null,
"model": "mobilefirst platform foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.0"
},
{
"_id": null,
"model": "9.3-release-p34",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "unified communications manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "10.0(1)"
},
{
"_id": null,
"model": "tivoli provisioning manager for images system edition build",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "x7.1.1.20290.1"
},
{
"_id": null,
"model": "sterling connect:express for unix ifix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.5.0.12150-13"
},
{
"_id": null,
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.10"
},
{
"_id": null,
"model": "integration bus",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.0"
},
{
"_id": null,
"model": "jabber software development kit",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.7"
},
{
"_id": null,
"model": "unified contact center express",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.5.1"
},
{
"_id": null,
"model": "webex meetings server mr1",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.5"
},
{
"_id": null,
"model": "telepresence mx series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "systems director",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.3.0.0"
},
{
"_id": null,
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.5.99.2"
},
{
"_id": null,
"model": "rational reporting for development intelligence",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0.1"
},
{
"_id": null,
"model": "jazz reporting service",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0"
},
{
"_id": null,
"model": "telepresence isdn gw mse",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "83210"
},
{
"_id": null,
"model": "telepresence profile series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "abyp-2t-0s-2l-p-m",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"_id": null,
"model": "visual quality experience tools server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "cloud manager with openstack interim fix",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2.0.3"
},
{
"_id": null,
"model": "rational tau",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.33"
},
{
"_id": null,
"model": "prime access registrar",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "7.2"
},
{
"_id": null,
"model": "mysql enterprise backup",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.0.1"
},
{
"_id": null,
"model": "nexus series switches 7.3.1dx",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "7000"
},
{
"_id": null,
"model": "asa cx and cisco prime security manager",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "9.5.4.3"
},
{
"_id": null,
"model": "project openssl 1.0.1l",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "im and presence service",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.2"
},
{
"_id": null,
"model": "digital media manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.3"
},
{
"_id": null,
"model": "9.3-release-p29",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"_id": null,
"model": "firesight system software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "security virtual server protection for vmware",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.1"
},
{
"_id": null,
"model": "management appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "cognos insight fp if",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2.126"
},
{
"_id": null,
"model": "aspera console",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.2"
},
{
"_id": null,
"model": "tivoli provisioning manager for images system edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x7.1.1.0"
},
{
"_id": null,
"model": "unity connection",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.0.1"
},
{
"_id": null,
"model": "cloud object store",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "anyconnect secure mobility client for os",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "x4.0"
},
{
"_id": null,
"model": "project openssl 1.0.1h",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "unified communications manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "10.5(2.13900.9)"
},
{
"_id": null,
"model": "ip interoperability and collaboration system",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0"
},
{
"_id": null,
"model": "unified communications manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "10.5(0.98000.88)"
},
{
"_id": null,
"model": "cloud manager with openstack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2.0.1"
},
{
"_id": null,
"model": "project openssl 1.0.1p",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
}
],
"sources": [
{
"db": "BID",
"id": "89746"
},
{
"db": "CNNVD",
"id": "CNNVD-201605-084"
},
{
"db": "NVD",
"id": "CVE-2016-2176"
}
]
},
"credits": {
"_id": null,
"data": "Guido Vranken",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201605-084"
}
],
"trust": 0.6
},
"cve": "CVE-2016-2176",
"cvss": {
"_id": null,
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 6.4,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2016-2176",
"impactScore": 4.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.1,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"exploitabilityScore": 3.9,
"id": "CVE-2016-2176",
"impactScore": 4.2,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2016-2176",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201605-084",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2016-2176",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2016-2176"
},
{
"db": "CNNVD",
"id": "CNNVD-201605-084"
},
{
"db": "NVD",
"id": "CVE-2016-2176"
}
]
},
"description": {
"_id": null,
"data": "The X509_NAME_oneline function in crypto/x509/x509_obj.c in OpenSSL before 1.0.1t and 1.0.2 before 1.0.2h allows remote attackers to obtain sensitive information from process stack memory or cause a denial of service (buffer over-read) via crafted EBCDIC ASN.1 data. OpenSSL is prone to an information-disclosure vulnerability. \nAn attacker can exploit this issue to gain access to sensitive information that may aid in further attacks. \nFollowing product versions are affected:\nOpenSSL versions 1.0.2 prior to 1.0.2h\nOpenSSL versions 1.0.1 prior to 1.0.1t. The bug\ncausing the vulnerability was fixed on April 18th 2015, and released\nas part of the June 11th 2015 security releases. The security impact\nof the bug was not known at the time. \n\nIn previous versions of OpenSSL, ASN.1 encoding the value zero\nrepresented as a negative integer can cause a buffer underflow\nwith an out-of-bounds write in i2c_ASN1_INTEGER. The ASN.1 parser does\nnot normally create \"negative zeroes\" when parsing ASN.1 input, and\ntherefore, an attacker cannot trigger this bug. \n\nHowever, a second, independent bug revealed that the ASN.1 parser\n(specifically, d2i_ASN1_TYPE) can misinterpret a large universal tag\nas a negative zero value. Large universal tags are not present in any\ncommon ASN.1 structures (such as X509) but are accepted as part of ANY\nstructures. \n\nTherefore, if an application deserializes untrusted ASN.1 structures\ncontaining an ANY field, and later reserializes them, an attacker may\nbe able to trigger an out-of-bounds write. This has been shown to\ncause memory corruption that is potentially exploitable with some\nmalloc implementations. \n\nApplications that parse and re-encode X509 certificates are known to\nbe vulnerable. Applications that verify RSA signatures on X509\ncertificates may also be vulnerable; however, only certificates with\nvalid signatures trigger ASN.1 re-encoding and hence the\nbug. Specifically, since OpenSSL\u0027s default TLS X509 chain verification\ncode verifies the certificate chain from root to leaf, TLS handshakes\ncould only be targeted with valid certificates issued by trusted\nCertification Authorities. \n\nOpenSSL 1.0.2 users should upgrade to 1.0.2c\nOpenSSL 1.0.1 users should upgrade to 1.0.1o\n\nThis vulnerability is a combination of two bugs, neither of which\nindividually has security impact. The first bug (mishandling of\nnegative zero integers) was reported to OpenSSL by Huzaifa Sidhpurwala\n(Red Hat) and independently by Hanno B\u00f6ck in April 2015. The second\nissue (mishandling of large universal tags) was found using libFuzzer,\nand reported on the public issue tracker on March 1st 2016. The fact\nthat these two issues combined present a security vulnerability was\nreported by David Benjamin (Google) on March 31st 2016. The fixes were\ndeveloped by Steve Henson of the OpenSSL development team, and David\nBenjamin. The OpenSSL team would also like to thank Mark Brand and\nIan Beer from the Google Project Zero team for their careful analysis\nof the impact. \n\nThe fix for the \"negative zero\" memory corruption bug can be\nidentified by commits\n\n3661bb4e7934668bd99ca777ea8b30eedfafa871 (1.0.2)\nand\n32d3b0f52f77ce86d53f38685336668d47c5bdfe (1.0.1)\n\nPadding oracle in AES-NI CBC MAC check (CVE-2016-2107)\n======================================================\n\nSeverity: High\n\nA MITM attacker can use a padding oracle attack to decrypt traffic\nwhen the connection uses an AES CBC cipher and the server support\nAES-NI. \n\nThis issue was introduced as part of the fix for Lucky 13 padding\nattack (CVE-2013-0169). The padding check was rewritten to be in\nconstant time by making sure that always the same bytes are read and\ncompared against either the MAC or padding bytes. But it no longer\nchecked that there was enough data to have both the MAC and padding\nbytes. \n\nOpenSSL 1.0.2 users should upgrade to 1.0.2h\nOpenSSL 1.0.1 users should upgrade to 1.0.1t\n\nThis issue was reported to OpenSSL on 13th of April 2016 by Juraj\nSomorovsky using TLS-Attacker. The fix was developed by Kurt Roeckx\nof the OpenSSL development team. \n\nEVP_EncodeUpdate overflow (CVE-2016-2105)\n=========================================\n\nSeverity: Low\n\nAn overflow can occur in the EVP_EncodeUpdate() function which is used for\nBase64 encoding of binary data. If an attacker is able to supply very large\namounts of input data then a length check can overflow resulting in a heap\ncorruption. \n\nInternally to OpenSSL the EVP_EncodeUpdate() function is primarly used by the\nPEM_write_bio* family of functions. These are mainly used within the OpenSSL\ncommand line applications. These internal uses are not considered vulnerable\nbecause all calls are bounded with length checks so no overflow is possible. \nUser applications that call these APIs directly with large amounts of untrusted\ndata may be vulnerable. (Note: Initial analysis suggested that the\nPEM_write_bio* were vulnerable, and this is reflected in the patch commit\nmessage. This is no longer believed to be the case). \n\nOpenSSL 1.0.2 users should upgrade to 1.0.2h\nOpenSSL 1.0.1 users should upgrade to 1.0.1t\n\nThis issue was reported to OpenSSL on 3rd March 2016 by Guido Vranken. The\nfix was developed by Matt Caswell of the OpenSSL development team. \n\nEVP_EncryptUpdate overflow (CVE-2016-2106)\n==========================================\n\nSeverity: Low\n\nAn overflow can occur in the EVP_EncryptUpdate() function. If an attacker is\nable to supply very large amounts of input data after a previous call to\nEVP_EncryptUpdate() with a partial block then a length check can overflow\nresulting in a heap corruption. Following an analysis of all OpenSSL internal\nusage of the EVP_EncryptUpdate() function all usage is one of two forms. \nThe first form is where the EVP_EncryptUpdate() call is known to be the first\ncalled function after an EVP_EncryptInit(), and therefore that specific call\nmust be safe. The second form is where the length passed to EVP_EncryptUpdate()\ncan be seen from the code to be some small value and therefore there is no\npossibility of an overflow. Since all instances are one of these two forms, it\nis believed that there can be no overflows in internal code due to this problem. \nIt should be noted that EVP_DecryptUpdate() can call EVP_EncryptUpdate() in\ncertain code paths. Also EVP_CipherUpdate() is a synonym for\nEVP_EncryptUpdate(). All instances of these calls have also been analysed too\nand it is believed there are no instances in internal usage where an overflow\ncould occur. \n\nThis could still represent a security issue for end user code that calls this\nfunction directly. \n\nOpenSSL 1.0.2 users should upgrade to 1.0.2h\nOpenSSL 1.0.1 users should upgrade to 1.0.1t\n\nThis issue was reported to OpenSSL on 3rd March 2016 by Guido Vranken. The\nfix was developed by Matt Caswell of the OpenSSL development team. \n\nASN.1 BIO excessive memory allocation (CVE-2016-2109)\n=====================================================\n\nSeverity: Low\n\nWhen ASN.1 data is read from a BIO using functions such as d2i_CMS_bio()\na short invalid encoding can casuse allocation of large amounts of memory\npotentially consuming excessive resources or exhausting memory. \n\nAny application parsing untrusted data through d2i BIO functions is affected. \nThe memory based functions such as d2i_X509() are *not* affected. Since the\nmemory based functions are used by the TLS library, TLS applications are not\naffected. \n\nOpenSSL 1.0.2 users should upgrade to 1.0.2h\nOpenSSL 1.0.1 users should upgrade to 1.0.1t\n\nThis issue was reported to OpenSSL on 4th April 2016 by Brian Carpenter. \nThe fix was developed by Stephen Henson of the OpenSSL development team. \n\nEBCDIC overread (CVE-2016-2176)\n===============================\n\nSeverity: Low\n\nASN1 Strings that are over 1024 bytes can cause an overread in applications\nusing the X509_NAME_oneline() function on EBCDIC systems. This could result in\narbitrary stack data being returned in the buffer. \n\nOpenSSL 1.0.2 users should upgrade to 1.0.2h\nOpenSSL 1.0.1 users should upgrade to 1.0.1t\n\nThis issue was reported to OpenSSL on 5th March 2016 by Guido Vranken. The\nfix was developed by Matt Caswell of the OpenSSL development team. \n\nNote\n====\n\nAs per our previous announcements and our Release Strategy\n(https://www.openssl.org/policies/releasestrat.html), support for OpenSSL\nversion 1.0.1 will cease on 31st December 2016. No security updates for that\nversion will be provided after that date. Users of 1.0.1 are advised to\nupgrade. \n\nSupport for versions 0.9.8 and 1.0.0 ended on 31st December 2015. Those\nversions are no longer receiving security updates. \n\nReferences\n==========\n\nURL for this Security Advisory:\nhttps://www.openssl.org/news/secadv/20160503.txt\n\nNote: the online version of the advisory may be updated with additional details\nover time. \n\nFor details of OpenSSL severity classifications please see:\nhttps://www.openssl.org/policies/secpolicy.html\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA512\n\n=============================================================================\nFreeBSD-SA-16:17.openssl Security Advisory\n The FreeBSD Project\n\nTopic: Multiple OpenSSL vulnerabilities\n\nCategory: contrib\nModule: openssl\nAnnounced: 2016-05-04\nCredits: OpenSSL Project\nAffects: All supported versions of FreeBSD. \nCorrected: 2016-05-03 18:54:20 UTC (stable/10, 10.3-STABLE)\n 2016-05-04 15:25:47 UTC (releng/10.3, 10.3-RELEASE-p2)\n 2016-05-04 15:26:23 UTC (releng/10.2, 10.2-RELEASE-p16)\n 2016-05-04 15:27:09 UTC (releng/10.1, 10.1-RELEASE-p33)\n 2016-05-04 06:53:02 UTC (stable/9, 9.3-STABLE)\n 2016-05-04 15:27:09 UTC (releng/9.3, 9.3-RELEASE-p41)\nCVE Name: CVE-2016-2105, CVE-2016-2106, CVE-2016-2107, CVE-2016-2109,\n CVE-2016-2176\n\nFor general information regarding FreeBSD Security Advisories,\nincluding descriptions of the fields above, security branches, and the\nfollowing sections, please visit \u003cURL:https://security.FreeBSD.org/\u003e. \n\nI. Background\n\nFreeBSD includes software from the OpenSSL Project. The OpenSSL Project is\na collaborative effort to develop a robust, commercial-grade, full-featured\nOpen Source toolkit implementing the Secure Sockets Layer (SSL v2/v3)\nand Transport Layer Security (TLS v1) protocols as well as a full-strength\ngeneral purpose cryptography library. \n\nII. [CVE-2016-2176]\nFreeBSD does not run on any EBCDIC systems and therefore is not affected. \n\nIII. \n\nIV. Workaround\n\nNo workaround is available. \n\nV. Solution\n\nPerform one of the following:\n\n1) Upgrade your vulnerable system to a supported FreeBSD stable or\nrelease / security branch (releng) dated after the correction date. \n\nRestart all daemons that use the library, or reboot the system. \n\n2) To update your vulnerable system via a binary patch:\n\nSystems running a RELEASE version of FreeBSD on the i386 or amd64\nplatforms can be updated via the freebsd-update(8) utility:\n\n# freebsd-update fetch\n# freebsd-update install\n\nRestart all daemons that use the library, or reboot the system. \n\n3) To update your vulnerable system via a source code patch:\n\nThe following patches have been verified to apply to the applicable\nFreeBSD release branches. \n\na) Download the relevant patch from the location below, and verify the\ndetached PGP signature using your PGP utility. \n\n[FreeBSD 10.x]\n# fetch https://security.FreeBSD.org/patches/SA-16:17/openssl-10.patch\n# fetch https://security.FreeBSD.org/patches/SA-16:17/openssl-10.patch.asc\n# gpg --verify openssl-10.patch.asc\n\n[FreeBSD 9.3]\n# fetch https://security.FreeBSD.org/patches/SA-16:17/openssl-9.patc\n# fetch https://security.FreeBSD.org/patches/SA-16:17/openssl-9.patch.asc\n# gpg --verify openssl-9.patch.asc\n\nb) Apply the patch. Execute the following commands as root:\n\n# cd /usr/src\n# patch \u003c /path/to/patch\n\nc) Recompile the operating system using buildworld and installworld as\ndescribed in \u003cURL:https://www.FreeBSD.org/handbook/makeworld.html\u003e. \n\nRestart all daemons that use the library, or reboot the system. \n\nVI. Correction details\n\nThe following list contains the correction revision numbers for each\naffected branch. \n\nBranch/path Revision\n- -------------------------------------------------------------------------\nstable/9/ r299053\nreleng/9.3/ r299068\nstable/10/ r298999\nreleng/10.1/ r299068\nreleng/10.2/ r299067\nreleng/10.3/ r299066\n- -------------------------------------------------------------------------\n\nTo see which files were modified by a particular revision, run the\nfollowing command, replacing NNNNNN with the revision number, on a\nmachine with Subversion installed:\n\n# svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base\n\nOr visit the following URL, replacing NNNNNN with the revision number:\n\n\u003cURL:https://svnweb.freebsd.org/base?view=revision\u0026revision=NNNNNN\u003e\n\nVII. References\n\n\u003cURL:https://www.openssl.org/news/secadv/20160503.txt\u003e\n\n\u003cURL:https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2105\u003e\n\n\u003cURL:https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2106\u003e\n\n\u003cURL:https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2107\u003e\n\n\u003cURL:https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2109\u003e\n\n\u003cURL:https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2176\u003e\n\nThe latest revision of this advisory is available at\n\u003cURL:https://security.FreeBSD.org/advisories/FreeBSD-SA-16:17.openssl.asc\u003e\n-----BEGIN PGP SIGNATURE-----\n\niQIcBAEBCgAGBQJXKjuIAAoJEO1n7NZdz2rneZoP/jqsWr9q5MkCel2aZzfmSVhU\n8CjzPwm3t48ibZqrkolAak4dbjJGhidUM/S83BvIcCdtKWyoG8D0fzemB7bBIP2L\nfqvd1314vuy82CgZlAyJIqzokckUPfyHhTAz9FPZW46f8A+s8znzJcaaD81tt1Xe\nqg9JZ61e2DZJ2NdZSJSjOpBl55gZqQq3tIwGYw027GKjiflJSvOG1n/531R4rppI\nx0IZpLor7XBWuiC44hPc4yasC4khWzmdaRpqcUoWVEex8g6Il6xByS2o4AgX7kE/\nNBZ0mj4IMYZNQW4VUYbnkmLtWXJYYScboBKh4FRljNCG/t5u/YoSfOY8SbS9LT9K\nKVj56C6tQRq+/frKbPt26HbqqRTFNVn3FKxJWNQ9CLzsebobXPUYATTN2NVC8gkj\nS0A/lT2xnvA2YqB9HfmHOvlHS2LDv8SivJWNK4dCPOwhVm624H4qH/N+VFcwU7zc\nue+BPvDYU/czsyoJDdQoWxTdkreaOY6eLAWkYAh9dEDIkZSOxgsZR7C4th6THXMu\nybIy544elc3bf9vS4tGR552Wi9VntE0B1/LJ2la8l+MnYE6qZL1hbAYpvNyuPWVP\nEDPjOc4inaMpV62fuL1UrKH1g1HMmFUnoWhC70iS+cuLeXWFdvwBFyL420Ixkd5H\nzvcsfJCrazlcZ6j83Qfd\n=PGTh\n-----END PGP SIGNATURE-----\n. \n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 201612-16\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n https://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: Normal\n Title: OpenSSL: Multiple vulnerabilities\n Date: December 07, 2016\n Bugs: #581234, #585142, #585276, #591454, #592068, #592074,\n #592082, #594500, #595186\n ID: 201612-16\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nMultiple vulnerabilities have been found in OpenSSL, the worst of which\nallows attackers to conduct a time based side-channel attack. \n\nAffected packages\n=================\n\n -------------------------------------------------------------------\n Package / Vulnerable / Unaffected\n -------------------------------------------------------------------\n 1 dev-libs/openssl \u003c 1.0.2j \u003e= 1.0.2j\n\nDescription\n===========\n\nMultiple vulnerabilities have been discovered in OpenSSL. Please review\nthe CVE identifiers and the International Association for Cryptologic\nResearch\u0027s (IACR) paper, \"Make Sure DSA Signing Exponentiations Really\nare Constant-Time\" for further details. \n\nImpact\n======\n\nRemote attackers could cause a Denial of Service condition or have\nother unspecified impacts. Additionally, a time based side-channel\nattack may allow a local attacker to recover a private DSA key. \n\nResolution\n==========\n\nAll OpenSSL users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=dev-libs/openssl-1.0.2j\"\n\nReferences\n==========\n\n[ 1 ] CVE-2016-2105\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2105\n[ 2 ] CVE-2016-2106\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2106\n[ 3 ] CVE-2016-2107\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2107\n[ 4 ] CVE-2016-2108\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2108\n[ 5 ] CVE-2016-2109\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2109\n[ 6 ] CVE-2016-2176\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2176\n[ 7 ] CVE-2016-2177\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2177\n[ 8 ] CVE-2016-2178\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2178\n[ 9 ] CVE-2016-2180\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2180\n[ 10 ] CVE-2016-2183\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2183\n[ 11 ] CVE-2016-6304\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-6304\n[ 12 ] CVE-2016-6305\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-6305\n[ 13 ] CVE-2016-6306\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-6306\n[ 14 ] CVE-2016-7052\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7052\n[ 15 ] Make Sure DSA Signing Exponentiations Really are Constant-Time\n http://eprint.iacr.org/2016/594.pdf\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n https://security.gentoo.org/glsa/201612-16\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. \n\nLicense\n=======\n\nCopyright 2016 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n\n\n. \n\n\nHere are the details from the Slackware 14.1 ChangeLog:\n+--------------------------+\npatches/packages/openssl-1.0.1t-i486-1_slack14.1.txz: Upgraded. \n This update fixes the following security issues:\n Memory corruption in the ASN.1 encoder (CVE-2016-2108)\n Padding oracle in AES-NI CBC MAC check (CVE-2016-2107)\n EVP_EncodeUpdate overflow (CVE-2016-2105)\n EVP_EncryptUpdate overflow (CVE-2016-2106)\n ASN.1 BIO excessive memory allocation (CVE-2016-2109)\n EBCDIC overread (CVE-2016-2176)\n For more information, see:\n https://www.openssl.org/news/secadv/20160503.txt\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2108\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2107\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2105\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2106\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2109\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2176\n (* Security fix *)\npatches/packages/openssl-solibs-1.0.1t-i486-1_slack14.1.txz: Upgraded. \n+--------------------------+\n\n\nWhere to find the new packages:\n+-----------------------------+\n\nThanks to the friendly folks at the OSU Open Source Lab\n(http://osuosl.org) for donating FTP and rsync hosting\nto the Slackware project! :-)\n\nAlso see the \"Get Slack\" section on http://slackware.com for\nadditional mirror sites near you. \n\nUpdated packages for Slackware 14.0:\nftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/openssl-1.0.1t-i486-1_slack14.0.txz\nftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/openssl-solibs-1.0.1t-i486-1_slack14.0.txz\n\nUpdated packages for Slackware x86_64 14.0:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/openssl-1.0.1t-x86_64-1_slack14.0.txz\nftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/openssl-solibs-1.0.1t-x86_64-1_slack14.0.txz\n\nUpdated packages for Slackware 14.1:\nftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/openssl-1.0.1t-i486-1_slack14.1.txz\nftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/openssl-solibs-1.0.1t-i486-1_slack14.1.txz\n\nUpdated packages for Slackware x86_64 14.1:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/openssl-1.0.1t-x86_64-1_slack14.1.txz\nftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/openssl-solibs-1.0.1t-x86_64-1_slack14.1.txz\n\nUpdated packages for Slackware -current:\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/a/openssl-solibs-1.0.2h-i586-1.txz\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/openssl-1.0.2h-i586-1.txz\n\nUpdated packages for Slackware x86_64 -current:\nftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/a/openssl-solibs-1.0.2h-x86_64-1.txz\nftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/openssl-1.0.2h-x86_64-1.txz\n\n\nMD5 signatures:\n+-------------+\n\nSlackware 14.0 packages:\n033bd9509aeb07712e6bb3adf89c18e4 openssl-1.0.1t-i486-1_slack14.0.txz\n9e91d781e33f7af80cbad08b245e84ed openssl-solibs-1.0.1t-i486-1_slack14.0.txz\n\nSlackware x86_64 14.0 packages:\ne5c77ec16e3f2fcb2f1d53d84a6ba951 openssl-1.0.1t-x86_64-1_slack14.0.txz\n2de7b6196a905233036d7f38008984bd openssl-solibs-1.0.1t-x86_64-1_slack14.0.txz\n\nSlackware 14.1 packages:\n96dcae05ae2f585c30de852a55eb870f openssl-1.0.1t-i486-1_slack14.1.txz\n59618b061e62fd9d73ba17df7626b2e7 openssl-solibs-1.0.1t-i486-1_slack14.1.txz\n\nSlackware x86_64 14.1 packages:\n3d5ebfce099917703d537ab603e58a9b openssl-1.0.1t-x86_64-1_slack14.1.txz\nbf3a6bbdbe835dd2ce73333822cc9f06 openssl-solibs-1.0.1t-x86_64-1_slack14.1.txz\n\nSlackware -current packages:\n4889a10c5f3aa7104167c7d50eedf7ea a/openssl-solibs-1.0.2h-i586-1.txz\n8e3439f35c3cb4e11ca64eebb238a52f n/openssl-1.0.2h-i586-1.txz\n\nSlackware x86_64 -current packages:\nb4a852bb7e86389ec228288ccb7e79bb a/openssl-solibs-1.0.2h-x86_64-1.txz\nbcf9dc7bb04173f002644e3ce33ab4ab n/openssl-1.0.2h-x86_64-1.txz\n\n\nInstallation instructions:\n+------------------------+\n\nUpgrade the packages as root:\n# upgradepkg openssl-1.0.1t-i486-1_slack14.1.txz openssl-solibs-1.0.1t-i486-1_slack14.1.txz \n\nThen, reboot the machine or restart any network services that use OpenSSL. \n\n\n+-----+\n\nSlackware Linux Security Team\nhttp://slackware.com/gpg-key\nsecurity@slackware.com\n\n+------------------------------------------------------------------------+\n| To leave the slackware-security mailing list: |\n+------------------------------------------------------------------------+\n| Send an email to majordomo@slackware.com with this text in the body of |\n| the email message: |\n| |\n| unsubscribe slackware-security |\n| |\n| You will get a confirmation message back containing instructions to |\n| complete the process. Please do not reply to this email address. This could lead to a heap corruption. \n This could lead to a heap corruption. \n\nCVE-2016-2108\n\n David Benjamin from Google discovered that two separate bugs in the\n ASN.1 encoder, related to handling of negative zero integer values\n and large universal tags, could lead to an out-of-bounds write. \n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 1.0.2h-1. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA256\n\nNote: the current version of the following document is available here:\nhttps://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03765en_us\n\nSUPPORT COMMUNICATION - SECURITY BULLETIN\n\nDocument ID: hpesbhf03765en_us\nVersion: 1\n\nHPESBHF03765 rev.1 - HPE ConvergedSystem 700 Solution with Comware v7 Switches using OpenSSL, Remote Denial of Service (DoS) and Disclosure of Sensitive Information\n\nNOTICE: The information in this Security Bulletin should be acted upon as soon as possible. \n\nRelease Date: 2017-07-20\nLast Updated: 2017-07-20\n\nPotential Security Impact: Remote: Denial of Service (DoS), Disclosure of Sensitive Information\n\nSource: Hewlett Packard Enterprise, Product Security Response Team\n\nVULNERABILITY SUMMARY\nPotential security vulnerabilities in OpenSSL have been addressed in HPE Network Products including Comware v7 that is applicable for ConvergedSystem\n700 solutions. The vulnerabilities could be remotely exploited resulting in Denial of Service (DoS) or disclosure of sensitive information. \n\n - HP ConvergedSystem 700 for Virtualization 1.0\n - HP ConvergedSystem 700 for Virtualization 1.1 1.1\n - HP ConvergedSystem 700 Virtualization 2.0 Foundation Kit 2.0\n - HP ConvergedSystem 700 Virtualization 2.0 VMware Kit 2.0\n - HP ConvergedSystem 700x 1.0\n - HP ConvergedSystem 700x for Microsoft Solution Kit 1.0\n - HP ConvergedSystem 700x v1.1 Microsoft Kit 1.1\n - HP ConvergedSystem 700x v1.1 VMware Kit 1.1\n\nBACKGROUND\n\n CVSS Base Metrics\n =================\n Reference, CVSS V3 Score/Vector, CVSS V2 Score/Vector\n\n CVE-2016-2105\n 5.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L\n 5.0 (AV:N/AC:L/Au:N/C:N/I:N/A:P)\n\n CVE-2016-2106\n 5.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L\n 5.0 (AV:N/AC:L/Au:N/C:N/I:N/A:P)\n\n CVE-2016-2107\n 3.7 CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L\n 2.6 (AV:N/AC:H/Au:N/C:P/I:N/A:N)\n\n CVE-2016-2108\n 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\n 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)\n\n CVE-2016-2109\n 7.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\n 7.8 (AV:N/AC:L/Au:N/C:N/I:N/A:C)\n\n CVE-2016-2176\n 6.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L\n 6.4 (AV:N/AC:L/Au:N/C:P/I:N/A:P)\n\n Information on CVSS is documented in\n HPE Customer Notice HPSN-2008-002 here:\n\nhttps://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c01345499\n\nRESOLUTION\n\nHPE recommends upgrading your network switches to Comware v7 Version R2422P02 which is part of the HPE ConvergedSystem 700 Solution as listed below:\n\n* CS700/CS700x 1.0 and 1.1 solution:\n + HPN 5900 Switch (JG510A/JH038A) (JC772A/JG554A) (JG296A)\n\n* CS700 2.0 solution:\n + HPE FlexFabric 5930 Switch 4slot (JH179A/JH188A) 2slot+2QSFP+\n(JH178A/JH187A)\n\n* HPE has provided the following Customer Notice that includes links to documentation to assist you in maintaining your HPE ConvergedSystem 700\nsolution:\n\n +\n\u003chttp://h20565.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-a00006123en_\ns\u003e\n \n**Note:** Please contact HPE Technical Support if any assistance is needed acquiring the software updates. \n\nHISTORY\nVersion:1 (rev.1) - 21 July 2017 Initial release\n\nThird Party Security Patches: Third party security patches that are to be installed on systems running Hewlett Packard Enterprise (HPE) software products should be applied in accordance with the customer\u0027s patch management policy. \n\nSupport: For issues about implementing the recommendations of this Security Bulletin, contact normal HPE Services support channel. For other issues about the content of this Security Bulletin, send e-mail to security-alert@hpe.com. \n\nReport: To report a potential security vulnerability for any HPE supported\nproduct:\n Web form: https://www.hpe.com/info/report-security-vulnerability\n Email: security-alert@hpe.com\n\nSubscribe: To initiate a subscription to receive future HPE Security Bulletin alerts via Email: http://www.hpe.com/support/Subscriber_Choice\n\nSecurity Bulletin Archive: A list of recently released Security Bulletins is available here: http://www.hpe.com/support/Security_Bulletin_Archive\n\nSoftware Product Category: The Software Product Category is represented in the title by the two characters following HPSB. \n\n3C = 3COM\n3P = 3rd Party Software\nGN = HPE General Software\nHF = HPE Hardware and Firmware\nMU = Multi-Platform Software\nNS = NonStop Servers\nOV = OpenVMS\nPV = ProCurve\nST = Storage Software\nUX = HP-UX\n\nCopyright 2016 Hewlett Packard Enterprise\n\nHewlett Packard Enterprise shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided \"as is\" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett Packard Enterprise and the names of Hewlett Packard Enterprise products referenced herein are trademarks of Hewlett Packard Enterprise in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA512\n\nAPPLE-SA-2016-07-18-1 OS X El Capitan v10.11.6 and Security Update\n2016-004\n\nOS X El Capitan v10.11.6 and Security Update 2016-004 is now\navailable and addresses the following:\n\napache_mod_php\nAvailable for: \nOS X Yosemite v10.10.5 and OS X El Capitan v10.11 and later\nImpact: A remote attacker may be able to execute arbitrary code\nDescription: Multiple issues existed in PHP versions prior to\n5.5.36. These were addressed by updating PHP to version 5.5.36. \nCVE-2016-4650\n\nAudio\nAvailable for: OS X El Capitan v10.11 and later\nImpact: A local user may be able to execute arbitrary code with\nkernel privileges\nDescription: A memory corruption issue was addressed through\nimproved memory handling. \nCVE-2016-4647 : Juwei Lin (@fuzzerDOTcn) of Trend Micro\n\nAudio\nAvailable for: OS X El Capitan v10.11 and later\nImpact: A local user may be able to determine kernel memory layout\nDescription: An out-of-bounds read was addressed through improved\ninput validation. \nCVE-2016-4648 : Juwei Lin(@fuzzerDOTcn) of Trend Micro\n\nAudio\nAvailable for: OS X El Capitan v10.11 and later\nImpact: Parsing a maliciously crafted audio file may lead to the\ndisclosure of user information\nDescription: An out-of-bounds read was addressed through improved\nbounds checking. \nCVE-2016-4646 : Steven Seeley of Source Incite working with Trend\nMicro\u0027s Zero Day Initiative\n\nAudio\nAvailable for: OS X El Capitan v10.11 and later\nImpact: A local user may be able to cause a system denial of service\nDescription: A null pointer dereference was addressed through\nimproved input validation. \nCVE-2016-4649 : Juwei Lin(@fuzzerDOTcn) of Trend Micro\n\nbsdiff\nAvailable for: OS X El Capitan v10.11 and later\nImpact: A local attacker may be able to cause unexpected application\ntermination or arbitrary code execution\nDescription: An integer overflow existed in bspatch. This issue was\naddressed through improved bounds checking. \nCVE-2014-9862 : an anonymous researcher\n\nCFNetwork\nAvailable for: OS X El Capitan v10.11 and later\nImpact: A local user may be able to view sensitive user information\nDescription: A permissions issue existed in the handling of web\nbrowser cookies. This issue was addressed through improved\nrestrictions. \nCVE-2016-4645 : Abhinav Bansal of Zscaler Inc. \n\nCoreGraphics\nAvailable for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5,\nand OS X El Capitan v10.11 and later\nImpact: A remote attacker may be able to execute arbitrary code\nDescription: A memory corruption issue was addressed through\nimproved memory handling. \nCVE-2016-4637 : Tyler Bohan of Cisco Talos (talosintel.com\n/vulnerability-reports)\n\nCoreGraphics\nAvailable for: OS X El Capitan v10.11 and later\nImpact: A local user may be able to elevate privileges\nDescription: An out-of-bounds read issue existed that led to the\ndisclosure of kernel memory. This was addressed through improved\ninput validation. \nCVE-2016-4652 : Yubin Fu of Tencent KeenLab working with Trend\nMicro\u0027s Zero Day Initiative\n\nFaceTime\nAvailable for: OS X El Capitan v10.11 and later\nImpact: An attacker in a privileged network position may be able to\ncause a relayed call to continue transmitting audio while appearing\nas if the call terminated\nDescription: User interface inconsistencies existed in the handling\nof relayed calls. These issues were addressed through improved\nFaceTime display logic. \nCVE-2016-4635 : Martin Vigo\n\nGraphics Drivers\nAvailable for: OS X El Capitan v10.11 and later\nImpact: A local user may be able to execute arbitrary code with\nkernel privileges\nDescription: A memory corruption issue was addressed through\nimproved input validation. \nCVE-2016-4634 : Stefan Esser of SektionEins\n\nImageIO\nAvailable for: OS X El Capitan v10.11 and later\nImpact: A remote attacker may be able to cause a denial of service\nDescription: A memory consumption issue was addressed through\nimproved memory handling. \nCVE-2016-4632 : Evgeny Sidorov of Yandex\n\nImageIO\nAvailable for: OS X El Capitan v10.11 and later\nImpact: A remote attacker may be able to execute arbitrary code\nDescription: Multiple memory corruption issues were addressed\nthrough improved memory handling. \nCVE-2016-4631 : Tyler Bohan of Cisco Talos (talosintel.com\n/vulnerability-reports)\n\nImageIO\nAvailable for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5,\nand OS X El Capitan v10.11 and later\nImpact: A remote attacker may be able to execute arbitrary code\nDescription: Multiple memory corruption issues were addressed\nthrough improved memory handling. \nCVE-2016-4629 : Tyler Bohan of Cisco Talos (talosintel.com\n/vulnerability-reports)\nCVE-2016-4630 : Tyler Bohan of Cisco Talos (talosintel.com\n/vulnerability-reports)\n\nIntel Graphics Driver\nAvailable for: OS X El Capitan v10.11 and later\nImpact: A malicious application may be able to execute arbitrary\ncode with kernel privileges\nDescription: Multiple memory corruption issues were addressed\nthrough improved memory handling. \nCVE-2016-4633 : an anonymous researcher\n\nIOHIDFamily\nAvailable for: OS X El Capitan v10.11 and later\nImpact: A local user may be able to execute arbitrary code with\nkernel privileges\nDescription: A null pointer dereference was addressed through\nimproved input validation. \nCVE-2016-4626 : Stefan Esser of SektionEins\n\nIOSurface\nAvailable for: OS X El Capitan v10.11 and later\nImpact: A local user may be able to execute arbitrary code with\nkernel privileges\nDescription: A use-after-free was addressed through improved memory\nmanagement. \nCVE-2016-4625 : Ian Beer of Google Project Zero\n\nKernel\nAvailable for: OS X El Capitan v10.11 and later\nImpact: A local user may be able to execute arbitrary code with\nkernel privileges\nDescription: Multiple memory corruption issues were addressed\nthrough improved memory handling. \nCVE-2016-1863 : Ian Beer of Google Project Zero\nCVE-2016-1864 : Ju Zhu of Trend Micro\nCVE-2016-4582 : Shrek_wzw and Proteas of Qihoo 360 Nirvan Team\n\nKernel\nAvailable for: OS X El Capitan v10.11 and later\nImpact: A local user may be able to cause a system denial of service\nDescription: A null pointer dereference was addressed through\nimproved input validation. \nCVE-2016-1865 : CESG, Marco Grassi (@marcograss) of KeenLab\n(@keen_lab), Tencent\n\nlibc++abi\nAvailable for: OS X El Capitan v10.11 and later\nImpact: An application may be able to execute arbitrary code with\nroot privileges\nDescription: Multiple memory corruption issues were addressed\nthrough improved memory handling. \nCVE-2016-4621 : an anonymous researcher\n\nlibexpat\nAvailable for: OS X El Capitan v10.11 and later\nImpact: Processing maliciously crafted XML may lead to unexpected\napplication termination or arbitrary code execution\nDescription: Multiple memory corruption issues were addressed\nthrough improved memory handling. \nCVE-2016-0718 : Gustavo Grieco\n\nLibreSSL\nAvailable for: OS X El Capitan v10.11 and later\nImpact: A remote attacker may be able to execute arbitrary code\nDescription: Multiple issues existed in LibreSSL before 2.2.7. These\nwere addressed by updating LibreSSL to version 2.2.7. \nCVE-2016-2108 : Huzaifa Sidhpurwala (Red Hat), Hanno Boeck, David Benjamin (Google) Mark Brand,\nIan Beer of Google Project Zero\nCVE-2016-2109 : Brian Carpenter\n\nlibxml2\nAvailable for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5,\nand OS X El Capitan v10.11 and later\nImpact: Parsing a maliciously crafted XML document may lead to\ndisclosure of user information\nDescription: An access issue existed in the parsing of maliciously\ncrafted XML files. This issue was addressed through improved input\nvalidation. \nCVE-2016-4449 : Kostya Serebryany\n\nlibxml2\nAvailable for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5,\nand OS X El Capitan v10.11 and later\nImpact: Multiple vulnerabilities in libxml2\nDescription: Multiple memory corruption issues were addressed\nthrough improved memory handling. \nCVE-2016-1836 : Wei Lei and Liu Yang of Nanyang Technological\nUniversity\nCVE-2016-4447 : Wei Lei and Liu Yang of Nanyang Technological\nUniversity\nCVE-2016-4448 : Apple\nCVE-2016-4483 : Gustavo Grieco\nCVE-2016-4614 : Nick Wellnhofe\nCVE-2016-4615 : Nick Wellnhofer\nCVE-2016-4616 : Michael Paddon\nCVE-2016-4619 : Hanno Boeck\n\nlibxslt\nAvailable for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5,\nand OS X El Capitan v10.11 and later\nImpact: Multiple vulnerabilities in libxslt\nDescription: Multiple memory corruption issues were addressed\nthrough improved memory handling. \nCVE-2016-1684 : Nicolas GrA(c)goire\nCVE-2016-4607 : Nick Wellnhofer\nCVE-2016-4608 : Nicolas GrA(c)goire\nCVE-2016-4609 : Nick Wellnhofer\nCVE-2016-4610 : Nick Wellnhofer\nCVE-2016-4612 : Nicolas GrA(c)goire\n\nLogin Window\nAvailable for: OS X El Capitan v10.11 and later\nImpact: A malicious application may be able to execute arbitrary\ncode leading to compromise of user information\nDescription: A memory corruption issue was addressed through\nimproved input validation. \nCVE-2016-4640 : Yubin Fu of Tencent KeenLab working with Trend\nMicro\u0027s Zero Day Initiative\n\nLogin Window\nAvailable for: OS X El Capitan v10.11 and later\nImpact: A malicious application may be able to execute arbitrary\ncode leading to the compromise of user information\nDescription: A type confusion issue was addressed through improved\nmemory handling. \nCVE-2016-4641 : Yubin Fu of Tencent KeenLab working with Trend\nMicro\u0027s Zero Day Initiative\n\nLogin Window\nAvailable for: OS X El Capitan v10.11 and later\nImpact: A local user may be able to cause a denial of service\nDescription: A memory initialization issue was addressed through\nimproved memory handling. \nCVE-2016-4639 : Yubin Fu of Tencent KeenLab working with Trend\nMicro\u0027s Zero Day Initiative\n\nLogin Window\nAvailable for: OS X El Capitan v10.11 and later\nImpact: A malicious application may be able to gain root privileges\nDescription: A type confusion issue was addressed through improved\nmemory handling. \nCVE-2016-4638 : Yubin Fu of Tencent KeenLab working with Trend\nMicro\u0027s Zero Day Initiative\n\nOpenSSL\nAvailable for: OS X El Capitan v10.11 and later\nImpact: A remote attacker may be able to execute arbitrary code\nDescription: Multiple issues existed in OpenSSL. \nCVE-2016-2105 : Guido Vranken\nCVE-2016-2106 : Guido Vranken\nCVE-2016-2107 : Juraj Somorovsky\nCVE-2016-2108 : Huzaifa Sidhpurwala (Red Hat), Hanno Boeck, David Benjamin (Google), Mark Brand and Ian Beer of Google Project Zero\nCVE-2016-2109 : Brian Carpenter\nCVE-2016-2176 : Guido Vranken\n\nQuickTime\nAvailable for: OS X El Capitan v10.11 and later\nImpact: Processing a maliciously crafted FlashPix Bitmap Image may\nlead to unexpected application termination or arbitrary code\nexecution\nDescription: Multiple memory corruption issues were addressed\nthrough improved memory handling. \nCVE-2016-4596 : Ke Liu of Tencent\u0027s Xuanwu Lab\nCVE-2016-4597 : Ke Liu of Tencent\u0027s Xuanwu Lab\nCVE-2016-4600 : Ke Liu of Tencent\u0027s Xuanwu Lab\nCVE-2016-4602 : Ke Liu of Tencent\u0027s Xuanwu Lab\n\nQuickTime\nAvailable for: OS X El Capitan v10.11 and later\nImpact: Processing a maliciously crafted image may lead to arbitrary\ncode execution\nDescription: A memory corruption issue was addressed through\nimproved input validation. \nCVE-2016-4598 : Ke Liu of Tencent\u0027s Xuanwu Lab\n\nQuickTime\nAvailable for: OS X El Capitan v10.11 and later\nImpact: Processing a maliciously crafted SGI file may lead to\narbitrary code execution\nDescription: A memory corruption issue was addressed through\nimproved input validation. \nCVE-2016-4601 : Ke Liu of Tencent\u0027s Xuanwu Lab\n\nQuickTime\nAvailable for: OS X El Capitan v10.11 and later\nImpact: Processing a maliciously crafted Photoshop document may lead\nto unexpected application termination or arbitrary code execution\nDescription: A memory corruption issue was addressed through\nimproved input validation. \nCVE-2016-4599 : Ke Liu of Tencent\u0027s Xuanwu Lab\n\nSafari Login AutoFill\nAvailable for: OS X El Capitan v10.11 and later\nImpact: A user\u0027s password may be visible on screen\nDescription: An issue existed in Safari\u0027s password auto-fill. This\nissue was addressed through improved matching of form fields. \nCVE-2016-4595 : Jonathan Lewis from DeARX Services (PTY) LTD\n\nSandbox Profiles\nAvailable for: OS X El Capitan v10.11 and later\nImpact: A local application may be able to access the process list\nDescription: An access issue existed with privileged API calls. This\nissue was addressed through additional restrictions. \nCVE-2016-4594 : Stefan Esser of SektionEins\n\nNote: OS X El Capitan 10.11.6 includes the security content of Safari\n9.1.2. For further details see https://support.apple.com/kb/HT206900\n\n\nOS X El Capitan v10.11.6 and Security Update 2016-004 may be obtained\nfrom the Mac App Store or Apple\u0027s Software Downloads web site:\nhttp://www.apple.com/support/downloads/\n\nInformation will also be posted to the Apple Security Updates\nweb site: http://support.apple.com/kb/HT201222\n\nThis message is signed with Apple\u0027s Product Security PGP key,\nand details are available at:\nhttps://www.apple.com/support/security/pgp/\n-----BEGIN PGP SIGNATURE-----\nComment: GPGTools - https://gpgtools.org\n\niQIcBAEBCgAGBQJXjXAvAAoJEIOj74w0bLRG/5EP/2v9SJTrO+/4b3A1gqC1ch8y\n+cJ04tXRsO7rvjKT5nCylo30U0Sanz/bUbDx4559YS7/P/IyeyZVheaTJwK8wzEy\npSOPpy35hUuVIw0/p4YsuHDThSBPFMmDljTxH7elkfuBV1lPSrCkyDXc0re2HxWV\nxj68zAxtM0jkkhgcxb2ApZSZVXhrjUZtbY0xEVOoWKKFwbMvKfx+4xSqunwQeS1u\nwevs1EbxfvsZbc3pG+xYcOonbegBzOy9aCvNO1Yv1zG+AYXC5ERMq1vk3PsWOTQN\nZVY1I7mvCaEfvmjq2isRw8XYapAIKISDLwMKBSYrZDQFwPQLRi1VXxQZ67Kq1M3k\nah04/lr0RIcoosIcBqxD2+1UAFjUzEUNFkYivjhuaeegN2QdL7Ujegf1QjdAt8lk\nmmKduxYUDOaRX50Kw7n14ZveJqzE1D5I6QSItaZ9M1vR60a7u91DSj9D87vbt1YC\nJM/Rvf/4vonp1NjwA2JQwCiZfYliBDdn9iiCl8mzxdsSRD/wXcZCs05nnKmKsCfc\n55ET7IwdG3622lVheOJGQZuucwJiTn36zC11XVzZysQd/hLD5rUKUQNX1WOgZdzs\nxPsslXF5MWx9jcdyWVSWxDrN0sFk+GpQFQDuVozP60xuxqR3qQ0TXir2NP39uIF5\nYozOGPQFmX0OviWCQsX6\n=ng+m\n-----END PGP SIGNATURE-----\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2016-2176"
},
{
"db": "BID",
"id": "89746"
},
{
"db": "VULMON",
"id": "CVE-2016-2176"
},
{
"db": "PACKETSTORM",
"id": "169652"
},
{
"db": "PACKETSTORM",
"id": "136919"
},
{
"db": "PACKETSTORM",
"id": "140056"
},
{
"db": "PACKETSTORM",
"id": "136912"
},
{
"db": "PACKETSTORM",
"id": "136893"
},
{
"db": "PACKETSTORM",
"id": "143513"
},
{
"db": "PACKETSTORM",
"id": "137958"
}
],
"trust": 1.89
},
"external_ids": {
"_id": null,
"data": [
{
"db": "NVD",
"id": "CVE-2016-2176",
"trust": 2.7
},
{
"db": "BID",
"id": "89746",
"trust": 2.0
},
{
"db": "PACKETSTORM",
"id": "136912",
"trust": 1.8
},
{
"db": "PULSESECURE",
"id": "SA40202",
"trust": 1.7
},
{
"db": "TENABLE",
"id": "TNS-2016-18",
"trust": 1.7
},
{
"db": "SIEMENS",
"id": "SSA-412672",
"trust": 1.7
},
{
"db": "SECTRACK",
"id": "1035721",
"trust": 1.7
},
{
"db": "MCAFEE",
"id": "SB10160",
"trust": 1.7
},
{
"db": "BID",
"id": "91787",
"trust": 1.7
},
{
"db": "AUSCERT",
"id": "ESB-2022.0696",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201605-084",
"trust": 0.6
},
{
"db": "ICS CERT",
"id": "ICSA-22-349-21",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2016-2176",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "169652",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "136919",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "140056",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "136893",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "143513",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "137958",
"trust": 0.1
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2016-2176"
},
{
"db": "BID",
"id": "89746"
},
{
"db": "PACKETSTORM",
"id": "169652"
},
{
"db": "PACKETSTORM",
"id": "136919"
},
{
"db": "PACKETSTORM",
"id": "140056"
},
{
"db": "PACKETSTORM",
"id": "136912"
},
{
"db": "PACKETSTORM",
"id": "136893"
},
{
"db": "PACKETSTORM",
"id": "143513"
},
{
"db": "PACKETSTORM",
"id": "137958"
},
{
"db": "CNNVD",
"id": "CNNVD-201605-084"
},
{
"db": "NVD",
"id": "CVE-2016-2176"
}
]
},
"id": "VAR-201605-0037",
"iot": {
"_id": null,
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.4451234085714285
},
"last_update_date": "2026-04-10T22:45:45.588000Z",
"patch": {
"_id": null,
"data": [
{
"title": "OpenSSL Security vulnerabilities",
"trust": 0.6,
"url": "http://123.124.177.30/web/xxk/bdxqById.tag?id=61409"
},
{
"title": "The Register",
"trust": 0.2,
"url": "https://www.theregister.co.uk/2016/05/03/openssl_patches/"
},
{
"title": "Red Hat: CVE-2016-2176",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database\u0026qid=CVE-2016-2176"
},
{
"title": "Tenable Security Advisories: [R5] OpenSSL \u002720160503\u0027 Advisory Affects Tenable Products",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=tenable_security_advisories\u0026qid=TNS-2016-10"
},
{
"title": "Tenable Security Advisories: [R3] PVS 5.1.0 Fixes Multiple Third-party Library Vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=tenable_security_advisories\u0026qid=TNS-2016-13"
},
{
"title": "Symantec Security Advisories: SA123 : OpenSSL Vulnerabilities 3-May-2016",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=symantec_security_advisories\u0026qid=5d65f6765e60e5fe9e6998a5bde1aadc"
},
{
"title": "Forcepoint Security Advisories: CVE-2016-2105, 2106, 2107, 2108, 2109, 2176 -- Security Vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=forcepoint_security_advisories\u0026qid=01fd01e3d154696ffabfde89f4142310"
},
{
"title": "Oracle Solaris Third Party Bulletins: Oracle Solaris Third Party Bulletin - April 2016",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_solaris_third_party_bulletins\u0026qid=976a4da35d55283870dbb31b88a6c655"
},
{
"title": "Oracle: Oracle Critical Patch Update Advisory - July 2016",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=3a04485ebb79f7fbc2472bf9af5ce489"
},
{
"title": "Oracle: Oracle Critical Patch Update Advisory - October 2016",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=05aabe19d38058b7814ef5514aab4c0c"
},
{
"title": "Oracle: Oracle Critical Patch Update Advisory - April 2017",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=143b3fb255063c81571469eaa3cf0a87"
},
{
"title": "Tenable Security Advisories: [R7] LCE 4.8.1 Fixes Multiple Vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=tenable_security_advisories\u0026qid=TNS-2016-18"
},
{
"title": "Oracle: Oracle Critical Patch Update Advisory - July 2018",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=5f8c525f1408011628af1792207b2099"
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/Live-Hack-CVE/CVE-2016-2176 "
},
{
"title": "alpine-cvecheck",
"trust": 0.1,
"url": "https://github.com/tomwillfixit/alpine-cvecheck "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/imhunterand/hackerone-publicy-disclosed "
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2016-2176"
},
{
"db": "CNNVD",
"id": "CNNVD-201605-084"
}
]
},
"problemtype_data": {
"_id": null,
"data": [
{
"problemtype": "CWE-119",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2016-2176"
}
]
},
"references": {
"_id": null,
"data": [
{
"trust": 2.3,
"url": "https://www.openssl.org/news/secadv/20160503.txt"
},
{
"trust": 2.0,
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html"
},
{
"trust": 2.0,
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html"
},
{
"trust": 2.0,
"url": "http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20160504-openssl"
},
{
"trust": 1.8,
"url": "http://www.securityfocus.com/bid/89746"
},
{
"trust": 1.8,
"url": "https://security.gentoo.org/glsa/201612-16"
},
{
"trust": 1.7,
"url": "https://kb.pulsesecure.net/articles/pulse_security_advisories/sa40202"
},
{
"trust": 1.7,
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=sb10160"
},
{
"trust": 1.7,
"url": "http://lists.apple.com/archives/security-announce/2016/jul/msg00000.html"
},
{
"trust": 1.7,
"url": "https://support.apple.com/ht206903"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/91787"
},
{
"trust": 1.7,
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
},
{
"trust": 1.7,
"url": "http://www.slackware.com/security/viewer.php?l=slackware-security\u0026y=2016\u0026m=slackware-security.542103"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id/1035721"
},
{
"trust": 1.7,
"url": "https://bto.bluecoat.com/security-advisory/sa123"
},
{
"trust": 1.7,
"url": "http://packetstormsecurity.com/files/136912/slackware-security-advisory-openssl-updates.html"
},
{
"trust": 1.7,
"url": "https://www.tenable.com/security/tns-2016-18"
},
{
"trust": 1.7,
"url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?doclocale=en_us\u0026docid=emr_na-hpesbhf03756en_us"
},
{
"trust": 1.7,
"url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?doclocale=en_us\u0026docid=emr_na-hpesbhf03765en_us"
},
{
"trust": 1.7,
"url": "https://security.netapp.com/advisory/ntap-20160504-0001/"
},
{
"trust": 1.7,
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html"
},
{
"trust": 1.7,
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf"
},
{
"trust": 1.1,
"url": "https://git.openssl.org/?p=openssl.git%3ba=commit%3bh=2919516136a4227d9e6d8f2fe66ef976aaf8c561"
},
{
"trust": 0.7,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-2109"
},
{
"trust": 0.7,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-2106"
},
{
"trust": 0.7,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-2105"
},
{
"trust": 0.7,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-2107"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-2108"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-2176"
},
{
"trust": 0.6,
"url": "https://git.openssl.org/?p=openssl.git;a=commit;h=2919516136a4227d9e6d8f2fe66ef976aaf8c561"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2022.0696"
},
{
"trust": 0.3,
"url": "http://openssl.org/"
},
{
"trust": 0.3,
"url": "http://seclists.org/bugtraq/2016/may/25"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3t1023814"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3t1024078"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3t1024507"
},
{
"trust": 0.3,
"url": "https://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5099429"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg2c1000158"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=nas8n1021376"
},
{
"trust": 0.3,
"url": "https://www.openssl.org/news/vulnerabilities.html"
},
{
"trust": 0.3,
"url": "https://securityadvisories.paloaltonetworks.com/home/detail/56?aspxautodetectcookiesupport=1"
},
{
"trust": 0.3,
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html"
},
{
"trust": 0.3,
"url": "https://support.asperasoft.com/hc/en-us/articles/229505687-security-bulletin-multiple-openssl-vulnerabilities-affect-ibm-aspera-shares-1-9-2-or-earlier-%20-ibm-aspera-console-3-0-6-or-earlier"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3t1024066"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1s1009147"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21983158"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21984323"
},
{
"trust": 0.3,
"url": "https://www-01.ibm.com/support/docview.wss?uid=swg21984483"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21984794"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21984920"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21984977"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21986123"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21986313"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21986460"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21986506"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21986563"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21986564"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21986669"
},
{
"trust": 0.3,
"url": "https://www-01.ibm.com/support/docview.wss?uid=swg21987174"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21987175"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21987671"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21988055"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21988071"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21988081"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21988350"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21988383"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21988976"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21989958"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21992493"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21992894"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg2c1000192"
},
{
"trust": 0.3,
"url": "http://aix.software.ibm.com/aix/efixes/security/openssl_advisory20.asc"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/119.html"
},
{
"trust": 0.1,
"url": "https://github.com/live-hack-cve/cve-2016-2176"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://github.com/tomwillfixit/alpine-cvecheck"
},
{
"trust": 0.1,
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-349-21"
},
{
"trust": 0.1,
"url": "http://tools.cisco.com/security/center/viewalert.x?alertid=49332"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0169"
},
{
"trust": 0.1,
"url": "https://www.openssl.org/policies/secpolicy.html"
},
{
"trust": 0.1,
"url": "https://www.openssl.org/policies/releasestrat.html),"
},
{
"trust": 0.1,
"url": "https://www.freebsd.org/handbook/makeworld.html\u003e."
},
{
"trust": 0.1,
"url": "https://security.freebsd.org/patches/sa-16:17/openssl-9.patch.asc"
},
{
"trust": 0.1,
"url": "https://security.freebsd.org/\u003e."
},
{
"trust": 0.1,
"url": "https://security.freebsd.org/patches/sa-16:17/openssl-9.patc"
},
{
"trust": 0.1,
"url": "https://security.freebsd.org/patches/sa-16:17/openssl-10.patch"
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-2105\u003e"
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-2106\u003e"
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-2176\u003e"
},
{
"trust": 0.1,
"url": "https://www.openssl.org/news/secadv/20160503.txt\u003e"
},
{
"trust": 0.1,
"url": "https://svnweb.freebsd.org/base?view=revision\u0026revision=nnnnnn\u003e"
},
{
"trust": 0.1,
"url": "https://security.freebsd.org/advisories/freebsd-sa-16:17.openssl.asc\u003e"
},
{
"trust": 0.1,
"url": "https://security.freebsd.org/patches/sa-16:17/openssl-10.patch.asc"
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-2109\u003e"
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-2107\u003e"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-2180"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-2105"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-2178"
},
{
"trust": 0.1,
"url": "https://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-2183"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-2107"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-2178"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-2176"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-2177"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-7052"
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-6304"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-6305"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-2106"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-2108"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-7052"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-6306"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-2109"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-6304"
},
{
"trust": 0.1,
"url": "http://eprint.iacr.org/2016/594.pdf"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-6305"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-2180"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-2177"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-2183"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-6306"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-2109"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-2107"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-2176"
},
{
"trust": 0.1,
"url": "http://slackware.com"
},
{
"trust": 0.1,
"url": "http://osuosl.org)"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-2108"
},
{
"trust": 0.1,
"url": "http://slackware.com/gpg-key"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-2105"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-2106"
},
{
"trust": 0.1,
"url": "https://www.debian.org/security/faq"
},
{
"trust": 0.1,
"url": "https://www.debian.org/security/"
},
{
"trust": 0.1,
"url": "https://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-hpesbhf03765en_us"
},
{
"trust": 0.1,
"url": "http://www.hpe.com/support/security_bulletin_archive"
},
{
"trust": 0.1,
"url": "https://www.hpe.com/info/report-security-vulnerability"
},
{
"trust": 0.1,
"url": "http://www.hpe.com/support/subscriber_choice"
},
{
"trust": 0.1,
"url": "http://h20565.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-a00006123en_"
},
{
"trust": 0.1,
"url": "https://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c01345499"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0718"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-4599"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-4601"
},
{
"trust": 0.1,
"url": "https://gpgtools.org"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-4449"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-4483"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-1836"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-4600"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-1865"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-4597"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-4596"
},
{
"trust": 0.1,
"url": "http://www.apple.com/support/downloads/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-4447"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-1863"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-4582"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-4595"
},
{
"trust": 0.1,
"url": "https://www.apple.com/support/security/pgp/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-1864"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-9862"
},
{
"trust": 0.1,
"url": "http://support.apple.com/kb/ht201222"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-4607"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-4448"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-4598"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-1684"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-4602"
},
{
"trust": 0.1,
"url": "https://support.apple.com/kb/ht206900"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-4594"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2016-2176"
},
{
"db": "BID",
"id": "89746"
},
{
"db": "PACKETSTORM",
"id": "169652"
},
{
"db": "PACKETSTORM",
"id": "136919"
},
{
"db": "PACKETSTORM",
"id": "140056"
},
{
"db": "PACKETSTORM",
"id": "136912"
},
{
"db": "PACKETSTORM",
"id": "136893"
},
{
"db": "PACKETSTORM",
"id": "143513"
},
{
"db": "PACKETSTORM",
"id": "137958"
},
{
"db": "CNNVD",
"id": "CNNVD-201605-084"
},
{
"db": "NVD",
"id": "CVE-2016-2176"
}
]
},
"sources": {
"_id": null,
"data": [
{
"db": "VULMON",
"id": "CVE-2016-2176",
"ident": null
},
{
"db": "BID",
"id": "89746",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "169652",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "136919",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "140056",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "136912",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "136893",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "143513",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "137958",
"ident": null
},
{
"db": "CNNVD",
"id": "CNNVD-201605-084",
"ident": null
},
{
"db": "NVD",
"id": "CVE-2016-2176",
"ident": null
}
]
},
"sources_release_date": {
"_id": null,
"data": [
{
"date": "2016-05-05T00:00:00",
"db": "VULMON",
"id": "CVE-2016-2176",
"ident": null
},
{
"date": "2016-05-03T00:00:00",
"db": "BID",
"id": "89746",
"ident": null
},
{
"date": "2016-05-03T12:12:12",
"db": "PACKETSTORM",
"id": "169652",
"ident": null
},
{
"date": "2016-05-05T16:11:49",
"db": "PACKETSTORM",
"id": "136919",
"ident": null
},
{
"date": "2016-12-07T16:37:31",
"db": "PACKETSTORM",
"id": "140056",
"ident": null
},
{
"date": "2016-05-04T14:53:10",
"db": "PACKETSTORM",
"id": "136912",
"ident": null
},
{
"date": "2016-05-03T22:55:47",
"db": "PACKETSTORM",
"id": "136893",
"ident": null
},
{
"date": "2017-07-26T17:44:00",
"db": "PACKETSTORM",
"id": "143513",
"ident": null
},
{
"date": "2016-07-19T19:45:20",
"db": "PACKETSTORM",
"id": "137958",
"ident": null
},
{
"date": "2016-05-04T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201605-084",
"ident": null
},
{
"date": "2016-05-05T01:59:06.340000",
"db": "NVD",
"id": "CVE-2016-2176",
"ident": null
}
]
},
"sources_update_date": {
"_id": null,
"data": [
{
"date": "2023-11-07T00:00:00",
"db": "VULMON",
"id": "CVE-2016-2176",
"ident": null
},
{
"date": "2017-05-02T01:10:00",
"db": "BID",
"id": "89746",
"ident": null
},
{
"date": "2022-12-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201605-084",
"ident": null
},
{
"date": "2025-04-12T10:46:40.837000",
"db": "NVD",
"id": "CVE-2016-2176",
"ident": null
}
]
},
"threat_type": {
"_id": null,
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201605-084"
}
],
"trust": 0.6
},
"title": {
"_id": null,
"data": "OpenSSL Security hole",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201605-084"
}
],
"trust": 0.6
},
"type": {
"_id": null,
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201605-084"
}
],
"trust": 0.6
}
}
VAR-201006-0260
Vulnerability from variot - Updated: 2026-04-10 22:45Memory leak in pngrutil.c in libpng before 1.2.44, and 1.4.x before 1.4.3, allows remote attackers to cause a denial of service (memory consumption and application crash) via a PNG image containing malformed Physical Scale (aka sCAL) chunks. The 'libpng' library is prone to multiple vulnerabilities. Successful exploits may allow remote attackers to cause denial-of-service conditions or potentially execute arbitrary code on computers running the affected library. These issues affect versions prior to 'libpng' 1.4.3 and 1.2.44.
Background
libpng is a standard library used to process PNG (Portable Network Graphics) images. It is used by several programs, including web browsers and potentially server processes.
Affected packages
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 media-libs/libpng < 1.4.3 >= 1.4.3
Description
Multiple vulnerabilities were found in libpng:
-
The png_decompress_chunk() function in pngrutil.c does not properly handle certain type of compressed data (CVE-2010-0205)
-
A buffer overflow in pngread.c when using progressive applications (CVE-2010-1205)
-
A memory leak in pngrutil.c when dealing with a certain type of chunks (CVE-2010-2249)
Impact
An attacker could exploit these vulnerabilities to cause programs linked against the library to crash or execute arbitrary code with the permissions of the user running the vulnerable program, which could be the root user.
Workaround
There is no known workaround at this time.
Resolution
All libpng users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=media-libs/libpng-1.4.3"
References
[ 1 ] CVE-2010-0205 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0205 [ 2 ] CVE-2010-1205 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1205 [ 3 ] CVE-2010-2249 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2249
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201010-01.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2010 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
.
For the testing (squeeze) and unstable (sid) distribution, these problems have been fixed in version 1.2.44-1
We recommend that you upgrade your libpng package.
Upgrade instructions
wget url will fetch the file for you dpkg -i file.deb will install the referenced file.
If you are using the apt-get package manager, use the line for sources.list as given below:
apt-get update will update the internal database apt-get upgrade will install corrected packages
You may use an automated update by adding the resources from the footer to the proper configuration.
Debian GNU/Linux 5.0 alias lenny
Debian (stable)
Stable updates are available for alpha, amd64, arm, armel, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.
Source archives:
http://security.debian.org/pool/updates/main/libp/libpng/libpng_1.2.27-2+lenny4.dsc Size/MD5 checksum: 1201 518a1f5c30a115dcb732e7499a2cef96 http://security.debian.org/pool/updates/main/libp/libpng/libpng_1.2.27.orig.tar.gz Size/MD5 checksum: 783204 13a0de401db1972a8e68f47d5bdadd13 http://security.debian.org/pool/updates/main/libp/libpng/libpng_1.2.27-2+lenny4.diff.gz Size/MD5 checksum: 21437 43e68a174233314cf49bb204abdd29b6
Architecture independent packages:
http://security.debian.org/pool/updates/main/libp/libpng/libpng3_1.2.27-2+lenny4_all.deb Size/MD5 checksum: 886 94643952b104a6f231ed7d710e2ae95d
alpha architecture (DEC Alpha)
http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny4_alpha.deb Size/MD5 checksum: 182808 27b109278c41f9354d529ce0cfa2fe70 http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny4_alpha.deb Size/MD5 checksum: 287316 b05d9032dca244cfbb1773e17eb8fbf3 http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny4_alpha.udeb Size/MD5 checksum: 86558 2082c8b1458c53860b8243c184909d99
amd64 architecture (AMD x86_64 (AMD64))
http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny4_amd64.udeb Size/MD5 checksum: 71944 a3992e7b18a2897879863fbf70f3e44f http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny4_amd64.deb Size/MD5 checksum: 167620 b654901994d4666d2918869ef59aef38 http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny4_amd64.deb Size/MD5 checksum: 254780 dfb0d24bf329b004ccea98b3a94186be
arm architecture (ARM)
http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny4_arm.udeb Size/MD5 checksum: 64570 f8b22165ed7daf5c40ecff5e03b7c724 http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny4_arm.deb Size/MD5 checksum: 159684 b64a7d362ef23b72d4af94bd48c89e33 http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny4_arm.deb Size/MD5 checksum: 245526 a55f8943e244796a2dbf4b244673d9ab
armel architecture (ARM EABI)
http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny4_armel.udeb Size/MD5 checksum: 67034 4d6f0fbce281723de483067ae4226f18 http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny4_armel.deb Size/MD5 checksum: 162570 fb1927ecf7521ce2de4c3c2d3d9ba679 http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny4_armel.deb Size/MD5 checksum: 245964 38148590fd5c421c6e7649767ce23556
hppa architecture (HP PA RISC)
http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny4_hppa.deb Size/MD5 checksum: 170090 1a9ad8514fb3dd6111090f321553452b http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny4_hppa.deb Size/MD5 checksum: 260414 b1ada2a28da472703f953547dc2947e2 http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny4_hppa.udeb Size/MD5 checksum: 73894 eb6714f86f8085811a3dc1a1218a75a3
i386 architecture (Intel ia32)
http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny4_i386.deb Size/MD5 checksum: 245468 8b6e9b5424a8991c05734f90b00182a2 http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny4_i386.deb Size/MD5 checksum: 166290 70c41d2feb2aff02be6154cea7cec1f4 http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny4_i386.udeb Size/MD5 checksum: 70118 e7c845ff2e87dc1dc2849ecac4428aa4
ia64 architecture (Intel ia64)
http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny4_ia64.udeb Size/MD5 checksum: 111752 9b3c6f30c1d59df47d8f1736cffb5f74 http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny4_ia64.deb Size/MD5 checksum: 207554 ca076c99f9d64729eab9a58632ab2b9e http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny4_ia64.deb Size/MD5 checksum: 305536 0446686bb25783804121efced246e59d
mips architecture (MIPS (Big Endian))
http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny4_mips.deb Size/MD5 checksum: 164086 e615a6007aa89ccd38a1afc482c6c51e http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny4_mips.udeb Size/MD5 checksum: 68180 beec6961eba764cd9186f4ba1e116949 http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny4_mips.deb Size/MD5 checksum: 262216 937b2f2c26200b4a53f0bd8293b80af3
mipsel architecture (MIPS (Little Endian))
http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny4_mipsel.udeb Size/MD5 checksum: 68464 c0e4a6cf4cbb2d6cda04ae5c0c572dd5 http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny4_mipsel.deb Size/MD5 checksum: 164312 48ec081a3f25a7863fe689a212d37b07 http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny4_mipsel.deb Size/MD5 checksum: 262482 560287e9b0c79a7d51ff4fd37e0a8da4
powerpc architecture (PowerPC)
http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny4_powerpc.deb Size/MD5 checksum: 253154 caa93c1b0d9460d93d7b81241dcd25fb http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny4_powerpc.udeb Size/MD5 checksum: 70748 59534d8fcb740fdfd681a173a85d72fe http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny4_powerpc.deb Size/MD5 checksum: 166354 3d521ce5930a7707bb3afc61f7c48ccc
s390 architecture (IBM S/390)
http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny4_s390.udeb Size/MD5 checksum: 73500 bceb1dab986adc60adde49c6bb267e7d http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny4_s390.deb Size/MD5 checksum: 253036 85ebb3e8ac1749f20e0c45f489f348a6 http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny4_s390.deb Size/MD5 checksum: 169330 aa9808b63b2301f8be657a3c2d6797d2
sparc architecture (Sun SPARC/UltraSPARC)
http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny4_sparc.deb Size/MD5 checksum: 161688 5f12a2df5cea9e05bdad35a18e07f864 http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny4_sparc.udeb Size/MD5 checksum: 66084 bc6933daf2143bcc3f3b8c96e7bc29bb http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny4_sparc.deb Size/MD5 checksum: 247360 ad0ae85eb3806d0263b985139c3c54ed
These files will probably be moved into the stable distribution on its next update. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
VMware Security Advisory
Advisory ID: VMSA-2010-0014 Synopsis: VMware Workstation, Player, and ACE address several security issues. Issue date: 2010-09-23 Updated on: 2010-09-23 (initial release of advisory) CVE numbers: CVE-2010-3277 CVE-2010-1205 CVE-2010-0205 CVE-2010-2249 CVE-2010-0434 CVE-2010-0425
- Summary
VMware Workstation and Player address a potential installer security issue and security issues in libpng. VMware ACE Management Server (AMS) for Windows updates Apache httpd.
- Relevant releases
VMware Workstation 7.1.1 and earlier, VMware Player 3.1.1 and earlier, VMware ACE Management Server 2.7.1 and earlier,
Note: VMware Server was declared End Of Availability on January 2010, support will be limited to Technical Guidance for the duration of the support term.
- Problem Description
a. VMware Workstation and Player installer security issue
The Workstation 7.x and Player 3.x installers will load an index.htm
file located in the current working directory on which Workstation
7.x or Player 3.x is being installed. This may allow an attacker to
display a malicious file if they manage to get their file onto the
system prior to installation.
The issue can only be exploited at the time that Workstation 7.x or
Player 3.x is being installed. Installed versions of Workstation and
Player are not affected. The security issue is no longer present in
the installer of the new versions of Workstation 7.x and Player 3.x
(see table below for the version numbers).
The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the name CVE-2010-3277 to this issue.
VMware would like to thank Alexander Trofimov and Marc Esher for
independently reporting this issue to VMware.
The following table lists what action remediates the vulnerability
(column 4) if a solution is available.
VMware Product Running Replace with/
Product Version on Apply Patch
============= ======== ======= =================
VirtualCenter any Windows not affected
Workstation 7.x any 7.1.2 build 301548 or later *
Workstation 6.5.x any not affected
Player 3.x any 3.1.2 build 301548 or later *
Player 2.5.x any not affected
AMS any any not affected
Server any any not affected
Fusion any Mac OS/X not affected
ESXi any ESXi not affected
ESX any ESX not affected
- Note: This only affects the installer, if you have a version of Workstation or Player installed you are not vulnerable.
b. Third party libpng updated to version 1.2.44
A buffer overflow condition in libpng is addressed that could
potentially lead to code execution with the privileges of the
application using libpng. Two potential denial of service issues
are also addressed in the update.
The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the names CVE-2010-1205, CVE-2010-0205, CVE-2010-2249
to these issues.
The following table lists what action remediates the vulnerability
(column 4) if a solution is available.
VMware Product Running Replace with/
Product Version on Apply Patch
============= ======== ======= =================
VirtualCenter any Windows not affected
Workstation 7.1.x any 7.1.2 build 301548 or later
Workstation 6.5.x any affected, patch pending
Player 3.1.x any 3.1.2 build 301548 or later
Player 2.5.x any affected, patch pending
AMS any any not affected
Server any any affected, no patch planned
Fusion any Mac OS/X not affected
ESXi any ESXi not affected
ESX any ESX not affected
c. VMware ACE Management Server (AMS) for Windows updates Apache httpd version 2.2.15.
A function in Apache HTTP Server when multithreaded MPM is used
does not properly handle headers in subrequests in certain
circumstances which may allow remote attackers to obtain sensitive
information via a crafted request that triggers access to memory
locations associated with an earlier request.
The Apache mod_isapi module can be forced to unload a specific
library before the processing of a request is complete, resulting
in memory corruption.
The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the names CVE-2010-0434 and CVE-2010-0425 to the
issues addressed in this update.
Column 4 of the following table lists the action required to
remediate the vulnerability in each release, if a solution is
available.
VMware Product Running Replace with/
Product Version on Apply Patch
============= ======== ======= =================
VirtualCenter any Windows not affected
Workstation any any not affected
Player any any not affected
AMS any Windows 2.7.2 build 301548 or later
AMS any Linux affected, patch pending *
Server any any not affected
Fusion any Mac OS/X not affected
ESXi any ESXi not affected
ESX any ESX not affected
-
Note CVE-2010-0425 is not applicable to AMS running on Linux
-
Solution Please review the patch/release notes for your product and version and verify the md5sum and/or the sha1sum of your downloaded file.
VMware Workstation 7.1.2
http://www.vmware.com/download/ws/ Release notes: http://downloads.vmware.com/support/ws71/doc/releasenotes_ws712.html
Workstation for Windows 32-bit and 64-bit with VMware Tools
md5sum: 2e9715ec297dc3ca904ad2707d3e2614
sha1sum: 55b2b99f67c3dacd402fb9880999086efd264e7a
Workstation for Windows 32-bit and 64-bit without VMware Tools
md5sum: 066929f59aef46f11f4d9fd6c6b36e4d
sha1sum: def776a28ee1a21b1ad26e836ae868551fff6fc3
VMware Player 3.1.2
http://www.vmware.com/download/player/ Release notes:
http://downloads.vmware.com/support/player31/doc/releasenotes_player312.html
VMware Player for Windows 32-bit and 64-bit
md5sum: 3f289cb33af5e425c92d8512fb22a7ba
sha1sum: bf67240c1f410ebeb8dcb4f6d7371334bf9a6b70
VMware Player for Linux 32-bit
md5sum: 11e3e3e8753e1d9abbbb92c4e3c1dfe8
sha1sum: dd1dbcdb1f4654eefc11472b68934dcb69842749
VMware Player for Linux 64-bit
md5sum: 2ab08e0d4050719845a64d334ca15bb1
sha1sum: f024ad84ec831fce8667dfa9601851da5d9fa59c
VMware ACE Management Server 2.7.2
http://downloads.vmware.com/d/info/desktop_downloads/vmware_ace/2_7 Release notes: http://downloads.vmware.com/support/ace27/doc/releasenotes_ace272.html
ACE Management Server for Windows
md5sum: 02f0072b8e48a98ed914b633f070d550
sha1sum: 94a68eac4a328d21a741879b9d063227c0dc1ce4
- References
CVE numbers http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3277 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1205 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0205 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2249 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0434 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0425
- Change log
2010-09-23 VMSA-2010-0014 Initial security advisory after release of Workstation 7.1.2, Player 3.1.2 and ACE Management Server 2.7.2 on 2010-09-23
- Contact
E-mail list for product security notifications and announcements: http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce
This Security Advisory is posted to the following lists:
- security-announce at lists.vmware.com
- bugtraq at securityfocus.com
- full-disclosure at lists.grok.org.uk
E-mail: security at vmware.com PGP key at: http://kb.vmware.com/kb/1055
VMware Security Center http://www.vmware.com/security
VMware Security Advisories http://www.vmware.com/security/advisoiries
VMware security response policy http://www.vmware.com/support/policies/security_response.html
General support life cycle policy http://www.vmware.com/support/policies/eos.html
VMware Infrastructure support life cycle policy http://www.vmware.com/support/policies/eos_vi.html
Copyright 2010 VMware Inc. All rights reserved.
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (MingW32)
iEYEARECAAYFAkycSrQACgkQS2KysvBH1xmT9wCfbBUS4GYrJohz+QMLYcoiFmSh eTgAoIAmx+ilbe2myj02daLjFrVQfQII =5jlh -----END PGP SIGNATURE----- . =========================================================== Ubuntu Security Notice USN-960-1 July 08, 2010 libpng vulnerabilities CVE-2010-1205, CVE-2010-2249 ===========================================================
A security issue affects the following Ubuntu releases:
Ubuntu 6.06 LTS Ubuntu 8.04 LTS Ubuntu 9.04 Ubuntu 9.10 Ubuntu 10.04 LTS
This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu.
The problem can be corrected by upgrading your system to the following package versions:
Ubuntu 6.06 LTS: libpng12-0 1.2.8rel-5ubuntu0.6
Ubuntu 8.04 LTS: libpng12-0 1.2.15~beta5-3ubuntu0.3
Ubuntu 9.04: libpng12-0 1.2.27-2ubuntu2.2
Ubuntu 9.10: libpng12-0 1.2.37-1ubuntu0.2
Ubuntu 10.04 LTS: libpng12-0 1.2.42-1ubuntu2.1
After a standard system update you need to reboot your computer to make all the necessary changes.
Details follow:
It was discovered that libpng did not properly handle certain malformed PNG images. If a user or automated system were tricked into opening a crafted PNG file, an attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. (CVE-2010-1205)
It was discovered that libpng did not properly handle certain malformed PNG images. If a user or automated system were tricked into processing a crafted PNG image, an attacker could possibly use this flaw to consume all available resources, resulting in a denial of service. (CVE-2010-2249)
Updated packages for Ubuntu 6.06 LTS:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.8rel-5ubuntu0.6.diff.gz
Size/MD5: 24044 8979ca6b113137fe5ee051c1c70571eb
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.8rel-5ubuntu0.6.dsc
Size/MD5: 661 92722fa973e92a99f982fe05b5826adf
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.8rel.orig.tar.gz
Size/MD5: 510681 cac1512878fb98f2456df6dc50bc9bc7
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng3_1.2.8rel-5ubuntu0.6_all.deb
Size/MD5: 842 dcbc7d24c8426e3b3024859ec157f57e
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.8rel-5ubuntu0.6_amd64.deb
Size/MD5: 114528 aea355e99e67b76c9464f8cc49b3560d
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.8rel-5ubuntu0.6_amd64.deb
Size/MD5: 247576 f0e52e10a663f9b1b04d9371d4a2cf14
http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng12-0-udeb_1.2.8rel-5ubuntu0.6_amd64.udeb
Size/MD5: 69504 6536e83152b2cf00d0d961b9b095c2d5
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.8rel-5ubuntu0.6_i386.deb
Size/MD5: 112048 b8f85cc6154602422a8841a5cad1a4a1
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.8rel-5ubuntu0.6_i386.deb
Size/MD5: 239628 fb6f6e62a9fa6114c50946c74cb2ed5d
http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng12-0-udeb_1.2.8rel-5ubuntu0.6_i386.udeb
Size/MD5: 66946 501acb21d567d62608904e4272ff842d
powerpc architecture (Apple Macintosh G3/G4/G5):
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.8rel-5ubuntu0.6_powerpc.deb
Size/MD5: 111648 19cccb12fb968f40f04068b9da24f589
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.8rel-5ubuntu0.6_powerpc.deb
Size/MD5: 245230 ebdbfc860056170b7a165479d7905bb3
http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng12-0-udeb_1.2.8rel-5ubuntu0.6_powerpc.udeb
Size/MD5: 66458 24e918a95770150b4df72530bd6de095
sparc architecture (Sun SPARC/UltraSPARC):
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.8rel-5ubuntu0.6_sparc.deb
Size/MD5: 109156 510d17affd2c0cf3f5dce5379df57d49
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.8rel-5ubuntu0.6_sparc.deb
Size/MD5: 240072 1ff11e0649a58bc7b809c86941aaafd7
http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng12-0-udeb_1.2.8rel-5ubuntu0.6_sparc.udeb
Size/MD5: 63882 d7df02c540e66a536cbffca5d02645d5
Updated packages for Ubuntu 8.04 LTS:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.15~beta5-3ubuntu0.3.diff.gz
Size/MD5: 22755 f5c0ba19b04eba8264ebb6b30c5617d6
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.15~beta5-3ubuntu0.3.dsc
Size/MD5: 832 d08a82b28411baa0184d3b8231fd8b61
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.15~beta5.orig.tar.gz
Size/MD5: 829038 77ca14fcee1f1f4daaaa28123bd0b22d
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng3_1.2.15~beta5-3ubuntu0.3_all.deb
Size/MD5: 940 7344fa4e61880636b014525f6e6482a1
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.15~beta5-3ubuntu0.3_amd64.deb
Size/MD5: 190186 01f82b2b967c5212e834dd57c12c1a7c
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.15~beta5-3ubuntu0.3_amd64.deb
Size/MD5: 179752 c26e243dd21f5dd10b478c0415215c1c
http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng12-0-udeb_1.2.15~beta5-3ubuntu0.3_amd64.udeb
Size/MD5: 70534 5f7628d9b644ae953c515d18f7de9980
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.15~beta5-3ubuntu0.3_i386.deb
Size/MD5: 188782 51354007cca0796218e3aaeba6142c41
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.15~beta5-3ubuntu0.3_i386.deb
Size/MD5: 171216 b7a092ef2f5955b380adc015bfae6c81
http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng12-0-udeb_1.2.15~beta5-3ubuntu0.3_i386.udeb
Size/MD5: 69082 7612cd438ddfaab236de5f342f709b66
lpia architecture (Low Power Intel Architecture):
http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.15~beta5-3ubuntu0.3_lpia.deb
Size/MD5: 189664 4825baf36c5d14b5066d548aaf050866
http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.15~beta5-3ubuntu0.3_lpia.deb
Size/MD5: 172962 b16b496d6553fbf28523147617011b95
http://ports.ubuntu.com/pool/universe/libp/libpng/libpng12-0-udeb_1.2.15~beta5-3ubuntu0.3_lpia.udeb
Size/MD5: 70020 61f5d75c4435333ef586677a07d49915
powerpc architecture (Apple Macintosh G3/G4/G5):
http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.15~beta5-3ubuntu0.3_powerpc.deb
Size/MD5: 190300 8ac6e4c1efb73de848d5bc5457093e7a
http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.15~beta5-3ubuntu0.3_powerpc.deb
Size/MD5: 179166 d92637edf805d7d673a4440b2605dc57
http://ports.ubuntu.com/pool/universe/libp/libpng/libpng12-0-udeb_1.2.15~beta5-3ubuntu0.3_powerpc.udeb
Size/MD5: 70604 adf25dd26d85725ab3c74c4a80a7a541
sparc architecture (Sun SPARC/UltraSPARC):
http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.15~beta5-3ubuntu0.3_sparc.deb
Size/MD5: 185622 ef3cf5486afe387d09bf05106893b371
http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.15~beta5-3ubuntu0.3_sparc.deb
Size/MD5: 173422 4b2f3476b423a3c5c31ee0738bfb4458
http://ports.ubuntu.com/pool/universe/libp/libpng/libpng12-0-udeb_1.2.15~beta5-3ubuntu0.3_sparc.udeb
Size/MD5: 65928 ab5ac0b24d618dc432d1763a0e50ebda
Updated packages for Ubuntu 9.04:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.27-2ubuntu2.2.diff.gz
Size/MD5: 176459 b2f27af9534f3c5b9a120680cd41ce7c
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.27-2ubuntu2.2.dsc
Size/MD5: 1296 b66efe2157ab6f3dad6e57b4fe9dbf13
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.27.orig.tar.gz
Size/MD5: 783204 13a0de401db1972a8e68f47d5bdadd13
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng3_1.2.27-2ubuntu2.2_all.deb
Size/MD5: 932 1c66e49e2b875fa40c5556c19d076508
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0-udeb_1.2.27-2ubuntu2.2_amd64.udeb
Size/MD5: 72852 a1bbcffd25c3ec87cbdf86be154962fc
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.27-2ubuntu2.2_amd64.deb
Size/MD5: 168576 9f40f2846c21aa5835f53ab6895ec5cf
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.27-2ubuntu2.2_amd64.deb
Size/MD5: 255784 d9060ad287e40ded1848b79284abbcc0
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0-udeb_1.2.27-2ubuntu2.2_i386.udeb
Size/MD5: 71102 c18134055d747d066b60218b69e99d45
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.27-2ubuntu2.2_i386.deb
Size/MD5: 166904 e8151a3f79f0fff6d98bbb0675621594
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.27-2ubuntu2.2_i386.deb
Size/MD5: 247922 ae8412d1c420f1dd63cb436382cad51f
lpia architecture (Low Power Intel Architecture):
http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0-udeb_1.2.27-2ubuntu2.2_lpia.udeb
Size/MD5: 71488 5179307ffe74c10515e61503e647606f
http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.27-2ubuntu2.2_lpia.deb
Size/MD5: 167370 dd07d7a09484eb7711da5cd874099abe
http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.27-2ubuntu2.2_lpia.deb
Size/MD5: 248872 a34333b123f4d12e7872868111942cbd
powerpc architecture (Apple Macintosh G3/G4/G5):
http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0-udeb_1.2.27-2ubuntu2.2_powerpc.udeb
Size/MD5: 71674 f742f2771d94ca29746906c1177d657d
http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.27-2ubuntu2.2_powerpc.deb
Size/MD5: 167514 478378fde5c7fd14fbffa1be072aa21c
http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.27-2ubuntu2.2_powerpc.deb
Size/MD5: 254642 ba3f255f4346a4483c5410d55acaac65
sparc architecture (Sun SPARC/UltraSPARC):
http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0-udeb_1.2.27-2ubuntu2.2_sparc.udeb
Size/MD5: 66670 ee067298bc51471f06bcf1a74b557310
http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.27-2ubuntu2.2_sparc.deb
Size/MD5: 162336 ab167dcdbbd930a3d976af0ad57cbac2
http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.27-2ubuntu2.2_sparc.deb
Size/MD5: 248428 8b96f4ff4f0ad8e366ed4475d3890948
Updated packages for Ubuntu 9.10:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.37-1ubuntu0.2.diff.gz
Size/MD5: 20129 f230ec37944a0150ffc83cfdddc7c906
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.37-1ubuntu0.2.dsc
Size/MD5: 1293 fce0b2fd543aeff27d47fb91f12af053
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.37.orig.tar.gz
Size/MD5: 805380 7480dbbf9f6c3297faf6fe52ec9b91ab
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng3_1.2.37-1ubuntu0.2_all.deb
Size/MD5: 932 cee669d58ac9660e1fe71cf9e2eeda9d
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0-udeb_1.2.37-1ubuntu0.2_amd64.udeb
Size/MD5: 73938 15bb328beed6ab3287967c54e4177018
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.37-1ubuntu0.2_amd64.deb
Size/MD5: 175088 f003cc7565826cfcc337ab409ffc6e8f
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.37-1ubuntu0.2_amd64.deb
Size/MD5: 265400 2d26dc0e9ddb6c2010776fbbcb82d791
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0-udeb_1.2.37-1ubuntu0.2_i386.udeb
Size/MD5: 70444 a80af68dda6ff1aa3168040d33600e64
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.37-1ubuntu0.2_i386.deb
Size/MD5: 171594 3fca9df961cc3616b75f6518ab870a68
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.37-1ubuntu0.2_i386.deb
Size/MD5: 255474 1ab05dffaa25e1d9190d0ea872b0fbd8
lpia architecture (Low Power Intel Architecture):
http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0-udeb_1.2.37-1ubuntu0.2_lpia.udeb
Size/MD5: 71066 0495b247d489438259937bee1f17761f
http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.37-1ubuntu0.2_lpia.deb
Size/MD5: 172296 730fd7a16f9496e37ffee99ea68d15a6
http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.37-1ubuntu0.2_lpia.deb
Size/MD5: 257350 fff93fe6a558aef20e20b8b8f15227e7
powerpc architecture (Apple Macintosh G3/G4/G5):
http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0-udeb_1.2.37-1ubuntu0.2_powerpc.udeb
Size/MD5: 72524 8e92aaedc8e6fabafed81cca60a833e9
http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.37-1ubuntu0.2_powerpc.deb
Size/MD5: 173720 055336debc8a5b9ff92e6cae9998ac94
http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.37-1ubuntu0.2_powerpc.deb
Size/MD5: 264674 dbd6ca8bcdcf241c0629b7b27e0e1e5d
sparc architecture (Sun SPARC/UltraSPARC):
http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0-udeb_1.2.37-1ubuntu0.2_sparc.udeb
Size/MD5: 67348 44b9c2989661e116d78b809a8657a5c8
http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.37-1ubuntu0.2_sparc.deb
Size/MD5: 168516 b98b4872db6f90caf0f43da67197dec0
http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.37-1ubuntu0.2_sparc.deb
Size/MD5: 257634 eb673ad114284bbd9be37e1c322e1bfb
Updated packages for Ubuntu 10.04:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.42-1ubuntu2.1.debian.tar.bz2
Size/MD5: 19511 ac49d7354c1ab87a91dbad607733629f
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.42-1ubuntu2.1.dsc
Size/MD5: 1299 dae31f78418d5db8c3476d7562859658
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.42.orig.tar.bz2
Size/MD5: 670811 9a5cbe9798927fdf528f3186a8840ebe
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng3_1.2.42-1ubuntu2.1_all.deb
Size/MD5: 926 602d7036448637b45c1eacbc31e05640
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0-udeb_1.2.42-1ubuntu2.1_amd64.udeb
Size/MD5: 74124 82cc493f2b3d80b10ccf3f9fa2ec4ff6
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.42-1ubuntu2.1_amd64.deb
Size/MD5: 180006 3b5339fe77bcdae97bb2a318496a192e
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.42-1ubuntu2.1_amd64.deb
Size/MD5: 271858 ae0c6a1e973dad2b0a0685fd863c096d
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0-udeb_1.2.42-1ubuntu2.1_i386.udeb
Size/MD5: 70692 b264bdd0086f3451e42df7f840ab894a
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.42-1ubuntu2.1_i386.deb
Size/MD5: 176510 03c3d70135e907f21b2342972d8a9b40
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.42-1ubuntu2.1_i386.deb
Size/MD5: 261728 955b40272944dd988ee39b62d8c6606c
powerpc architecture (Apple Macintosh G3/G4/G5):
http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0-udeb_1.2.42-1ubuntu2.1_powerpc.udeb
Size/MD5: 73380 ad2cda1c89c55c473121da33a40294f6
http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.42-1ubuntu2.1_powerpc.deb
Size/MD5: 179272 b6623c3dcdc841a762308f889c8b478e
http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.42-1ubuntu2.1_powerpc.deb
Size/MD5: 271898 fcccfdb0eb4bc3a3470a83888f8bae28
sparc architecture (Sun SPARC/UltraSPARC):
http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0-udeb_1.2.42-1ubuntu2.1_sparc.udeb
Size/MD5: 69258 ec2047ed5079933d6dbeb841a0207c59
http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.42-1ubuntu2.1_sparc.deb
Size/MD5: 175214 142020dfd126d2335bc93bad6a714799
http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.42-1ubuntu2.1_sparc.deb
Size/MD5: 265174 06843a4a028c5533e89d5562cbeb2047
. Latest xulrunner and mozilla-thunderbird has been patched as a precaution for 2008.0 wheres on 2009.0 and up the the system libpng library is used instead of the bundled copy. htmldoc, xulrunner and mozilla-thunderbird packages is therefore also being provided with this advisory.
Packages for 2008.0 and 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more: http://store.mandriva.com/product_info.php?cPath=149&products_id=490
The updated packages have been patched to correct these issues.
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-6218 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1205 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2249
Updated Packages:
Mandriva Linux 2008.0: 4e91a2a256c61f52dffd4fb625e20cf8 2008.0/i586/htmldoc-1.8.27-1.2mdv2008.0.i586.rpm 71553205b1e31d2891667d2eab7aca14 2008.0/i586/htmldoc-nogui-1.8.27-1.2mdv2008.0.i586.rpm 75b6d3f905d7e94154902f81e4728963 2008.0/i586/libpng3-1.2.22-0.5mdv2008.0.i586.rpm fa0c81f2b544f65455a0e0420d9a0e56 2008.0/i586/libpng-devel-1.2.22-0.5mdv2008.0.i586.rpm d4d06a12fd8ee88295877e127757c64b 2008.0/i586/libpng-source-1.2.22-0.5mdv2008.0.i586.rpm 6687d56f95702f0e5786c885ab79c6a9 2008.0/i586/libpng-static-devel-1.2.22-0.5mdv2008.0.i586.rpm 546c18ed8ccf044a45dff3a8cd5ac5b7 2008.0/i586/libxulrunner1.9.2.6-1.9.2.6-0.2mdv2008.0.i586.rpm b428e1202d95d588fb3248c2b2fe8b2f 2008.0/i586/libxulrunner-devel-1.9.2.6-0.2mdv2008.0.i586.rpm b9541da4417ea1150c493aea591509bb 2008.0/i586/mozilla-thunderbird-3.0.5-0.2mdv2008.0.i586.rpm 3389caeeda8b8f272d0e5ed070f075b8 2008.0/i586/mozilla-thunderbird-enigmail-3.0.5-0.2mdv2008.0.i586.rpm 901abb46652fbc19c8e655895181a949 2008.0/i586/nsinstall-3.0.5-0.2mdv2008.0.i586.rpm ad221cd523bff8f4a59037aa05e1442b 2008.0/i586/xulrunner-1.9.2.6-0.2mdv2008.0.i586.rpm d3dbbb58c9832db4edbc45a4023b4477 2008.0/SRPMS/htmldoc-1.8.27-1.2mdv2008.0.src.rpm 885dba7fe0581b37de05d20b838f279a 2008.0/SRPMS/libpng-1.2.22-0.5mdv2008.0.src.rpm 358c49e17d4db735f6862fdbee95a1c9 2008.0/SRPMS/mozilla-thunderbird-3.0.5-0.2mdv2008.0.src.rpm 748ab46a19f1c32808bf3e79429f2211 2008.0/SRPMS/xulrunner-1.9.2.6-0.2mdv2008.0.src.rpm
Mandriva Linux 2008.0/X86_64: 8b2eff5dd89f4ed7e3f120bbc31afa34 2008.0/x86_64/htmldoc-1.8.27-1.2mdv2008.0.x86_64.rpm 15460a7bce68e95d03a87eb14066728b 2008.0/x86_64/htmldoc-nogui-1.8.27-1.2mdv2008.0.x86_64.rpm c7577072f7ab2786a97d7df732b4299a 2008.0/x86_64/lib64png3-1.2.22-0.5mdv2008.0.x86_64.rpm fae36a86aa019cf0fcbcf0d15c508208 2008.0/x86_64/lib64png-devel-1.2.22-0.5mdv2008.0.x86_64.rpm 141ec56a2395ed150acc997eac851429 2008.0/x86_64/lib64png-static-devel-1.2.22-0.5mdv2008.0.x86_64.rpm a29c11e39685931084a085f5716afd5c 2008.0/x86_64/lib64xulrunner1.9.2.6-1.9.2.6-0.2mdv2008.0.x86_64.rpm 3a846b86c758be68420ef05e44cfe717 2008.0/x86_64/lib64xulrunner-devel-1.9.2.6-0.2mdv2008.0.x86_64.rpm 084f3b3d7c68806c7acfc7f3be701f0b 2008.0/x86_64/libpng-source-1.2.22-0.5mdv2008.0.x86_64.rpm c45f7479d93714c46d14f4ae2a5b76bd 2008.0/x86_64/mozilla-thunderbird-3.0.5-0.2mdv2008.0.x86_64.rpm 996e7a6a98997883236b08f6ec5816fa 2008.0/x86_64/mozilla-thunderbird-enigmail-3.0.5-0.2mdv2008.0.x86_64.rpm ecfdba6225b837a7a03c2ddf0d77d07f 2008.0/x86_64/nsinstall-3.0.5-0.2mdv2008.0.x86_64.rpm 394d8e8458e503ed10db7c7b7f742c2b 2008.0/x86_64/xulrunner-1.9.2.6-0.2mdv2008.0.x86_64.rpm d3dbbb58c9832db4edbc45a4023b4477 2008.0/SRPMS/htmldoc-1.8.27-1.2mdv2008.0.src.rpm 885dba7fe0581b37de05d20b838f279a 2008.0/SRPMS/libpng-1.2.22-0.5mdv2008.0.src.rpm 358c49e17d4db735f6862fdbee95a1c9 2008.0/SRPMS/mozilla-thunderbird-3.0.5-0.2mdv2008.0.src.rpm 748ab46a19f1c32808bf3e79429f2211 2008.0/SRPMS/xulrunner-1.9.2.6-0.2mdv2008.0.src.rpm
Mandriva Linux 2009.0: 28b355727c0ef89be1955a18a8c4a1cf 2009.0/i586/libpng3-1.2.31-2.3mdv2009.0.i586.rpm bf33a24dc5144d0c2362e5c7432f9434 2009.0/i586/libpng-devel-1.2.31-2.3mdv2009.0.i586.rpm e331263b8ac75ddad94f6d9d06d9c802 2009.0/i586/libpng-source-1.2.31-2.3mdv2009.0.i586.rpm 921c4ed0268fcb932f52d299ea74a28c 2009.0/i586/libpng-static-devel-1.2.31-2.3mdv2009.0.i586.rpm c43df36b143f834aa7351eb6a9952897 2009.0/SRPMS/libpng-1.2.31-2.3mdv2009.0.src.rpm
Mandriva Linux 2009.0/X86_64: a20b2965684ddb18b2818d618927bb9a 2009.0/x86_64/lib64png3-1.2.31-2.3mdv2009.0.x86_64.rpm df3bbf6f7e959aea3f6065c83ece5321 2009.0/x86_64/lib64png-devel-1.2.31-2.3mdv2009.0.x86_64.rpm 3c8e3469239f93a70ccbcf56ba55cfb6 2009.0/x86_64/lib64png-static-devel-1.2.31-2.3mdv2009.0.x86_64.rpm 740cd4b4cf0d39dd03a26f0b821cfee4 2009.0/x86_64/libpng-source-1.2.31-2.3mdv2009.0.x86_64.rpm c43df36b143f834aa7351eb6a9952897 2009.0/SRPMS/libpng-1.2.31-2.3mdv2009.0.src.rpm
Mandriva Linux 2009.1: 127a1c180703d9c89f5f968d7262c469 2009.1/i586/libpng3-1.2.35-1.2mdv2009.1.i586.rpm 3bbf13f800dcbb5f4ab45ffe898f96ce 2009.1/i586/libpng-devel-1.2.35-1.2mdv2009.1.i586.rpm 2e369ee2602705f601d23a977c82ae8a 2009.1/i586/libpng-source-1.2.35-1.2mdv2009.1.i586.rpm 5784917823e881a4aa997276528bfabe 2009.1/i586/libpng-static-devel-1.2.35-1.2mdv2009.1.i586.rpm 6267ae8a72870fdd2a44962d987a6216 2009.1/SRPMS/libpng-1.2.35-1.2mdv2009.1.src.rpm
Mandriva Linux 2009.1/X86_64: d6032db330f8b8b40af48b29fc6d3730 2009.1/x86_64/lib64png3-1.2.35-1.2mdv2009.1.x86_64.rpm 4aac775bc389d382f184d912ef50b0be 2009.1/x86_64/lib64png-devel-1.2.35-1.2mdv2009.1.x86_64.rpm fb792b3d38cf769590a2dde6ee74c755 2009.1/x86_64/lib64png-static-devel-1.2.35-1.2mdv2009.1.x86_64.rpm 0dfcb358ed06fe83e9621e06189aa8f9 2009.1/x86_64/libpng-source-1.2.35-1.2mdv2009.1.x86_64.rpm 6267ae8a72870fdd2a44962d987a6216 2009.1/SRPMS/libpng-1.2.35-1.2mdv2009.1.src.rpm
Mandriva Linux 2010.0: 76ba7b51c3eda624850a8288bd182afa 2010.0/i586/libpng3-1.2.40-1.2mdv2010.0.i586.rpm 7a936f6a94f33f0e7ffc991ff7b4ed7f 2010.0/i586/libpng-devel-1.2.40-1.2mdv2010.0.i586.rpm abd9ee162933e3208918d3190c76c0af 2010.0/i586/libpng-source-1.2.40-1.2mdv2010.0.i586.rpm bae7010f8e07568c1a9b42e20e7ddebf 2010.0/i586/libpng-static-devel-1.2.40-1.2mdv2010.0.i586.rpm cc04ec15436b892a4e75f1ad18675fb6 2010.0/SRPMS/libpng-1.2.40-1.2mdv2010.0.src.rpm
Mandriva Linux 2010.0/X86_64: 499b5e2707d19becfdab415a8008b122 2010.0/x86_64/lib64png3-1.2.40-1.2mdv2010.0.x86_64.rpm 166ca4d21e39bbb3f250806626c59154 2010.0/x86_64/lib64png-devel-1.2.40-1.2mdv2010.0.x86_64.rpm 1c4b4f2e79cf01a4388a2e395dd64cfa 2010.0/x86_64/lib64png-static-devel-1.2.40-1.2mdv2010.0.x86_64.rpm 88b678c1352aa3ed0fffb04241254128 2010.0/x86_64/libpng-source-1.2.40-1.2mdv2010.0.x86_64.rpm cc04ec15436b892a4e75f1ad18675fb6 2010.0/SRPMS/libpng-1.2.40-1.2mdv2010.0.src.rpm
Mandriva Linux 2010.1: 349ec004acb579d4466b530bfd5fbf3d 2010.1/i586/libpng3-1.2.43-1.1mdv2010.1.i586.rpm d9e323791b16319728fe1486f819e59b 2010.1/i586/libpng-devel-1.2.43-1.1mdv2010.1.i586.rpm 3101d70a79c416392fe228d34b9ba6ff 2010.1/i586/libpng-source-1.2.43-1.1mdv2010.1.i586.rpm 2ff75d1339d52d859939d81994eae477 2010.1/i586/libpng-static-devel-1.2.43-1.1mdv2010.1.i586.rpm 0638fc23b9c5f1f7b3bcd0fdaf71bea8 2010.1/SRPMS/libpng-1.2.43-1.1mdv2010.1.src.rpm
Mandriva Linux 2010.1/X86_64: 80e4392bbe0bd06b392216a6737cd37a 2010.1/x86_64/lib64png3-1.2.43-1.1mdv2010.1.x86_64.rpm 2d7d50b539c63cd1874ed8150d7fb84a 2010.1/x86_64/lib64png-devel-1.2.43-1.1mdv2010.1.x86_64.rpm 5c3793d0bc69db028ec214a6c9f67c1e 2010.1/x86_64/lib64png-static-devel-1.2.43-1.1mdv2010.1.x86_64.rpm 06b83b6f5050410eff5fe8a590972c18 2010.1/x86_64/libpng-source-1.2.43-1.1mdv2010.1.x86_64.rpm 0638fc23b9c5f1f7b3bcd0fdaf71bea8 2010.1/SRPMS/libpng-1.2.43-1.1mdv2010.1.src.rpm
Corporate 4.0: be322ac5f446c26c2d0983a2d37e0c6c corporate/4.0/i586/htmldoc-1.8.23-8.2.20060mlcs4.i586.rpm 71329303eddfd4af0994a708bbe4a119 corporate/4.0/i586/htmldoc-nogui-1.8.23-8.2.20060mlcs4.i586.rpm 1c1036be9452042cd356349d6251b697 corporate/4.0/i586/libpng3-1.2.8-1.8.20060mlcs4.i586.rpm e9ba6c0c604a08f555d99503ba7adb68 corporate/4.0/i586/libpng3-devel-1.2.8-1.8.20060mlcs4.i586.rpm 288d9ca48ea58918bdff316891f3c474 corporate/4.0/i586/libpng3-static-devel-1.2.8-1.8.20060mlcs4.i586.rpm 3aa4084dfc51cf4e8ba252f89d53b220 corporate/4.0/SRPMS/htmldoc-1.8.23-8.2.20060mlcs4.src.rpm b2449f493949c397ac345027783c1216 corporate/4.0/SRPMS/libpng-1.2.8-1.8.20060mlcs4.src.rpm
Corporate 4.0/X86_64: f761706265fcbebd220b16542a742cc9 corporate/4.0/x86_64/htmldoc-1.8.23-8.2.20060mlcs4.x86_64.rpm 79b3189809ad9176401620a41aaa1fcd corporate/4.0/x86_64/htmldoc-nogui-1.8.23-8.2.20060mlcs4.x86_64.rpm e4f9ac99ff42fbc27aae3d8942903043 corporate/4.0/x86_64/lib64png3-1.2.8-1.8.20060mlcs4.x86_64.rpm e26042ead39ce63ed5f4700d2e61e260 corporate/4.0/x86_64/lib64png3-devel-1.2.8-1.8.20060mlcs4.x86_64.rpm 609d6dc1b8a2b5afb029505469844c4f corporate/4.0/x86_64/lib64png3-static-devel-1.2.8-1.8.20060mlcs4.x86_64.rpm 3aa4084dfc51cf4e8ba252f89d53b220 corporate/4.0/SRPMS/htmldoc-1.8.23-8.2.20060mlcs4.src.rpm b2449f493949c397ac345027783c1216 corporate/4.0/SRPMS/libpng-1.2.8-1.8.20060mlcs4.src.rpm
Mandriva Enterprise Server 5: 282337fa9e11a04ef82464c7574591f4 mes5/i586/libpng3-1.2.31-2.3mdvmes5.1.i586.rpm 92c6ec861cf7da08a498576ba412e633 mes5/i586/libpng-devel-1.2.31-2.3mdvmes5.1.i586.rpm c9efa6abde763edff47bf0c1071c9f1a mes5/i586/libpng-source-1.2.31-2.3mdvmes5.1.i586.rpm 2f5340946610590a6baec42354868888 mes5/i586/libpng-static-devel-1.2.31-2.3mdvmes5.1.i586.rpm 488ece2aa6a2c4dc62d4c274d64c2926 mes5/SRPMS/libpng-1.2.31-2.3mdvmes5.1.src.rpm
Mandriva Enterprise Server 5/X86_64: e5f88951d2135de8587d4be94b405ce9 mes5/x86_64/lib64png3-1.2.31-2.3mdvmes5.1.x86_64.rpm 6b89da9eea105e65d7ae3c875c148473 mes5/x86_64/lib64png-devel-1.2.31-2.3mdvmes5.1.x86_64.rpm c1e6715410bbf2081187aef6749b0e3d mes5/x86_64/lib64png-static-devel-1.2.31-2.3mdvmes5.1.x86_64.rpm cb7ef533d9966c8b531cde8a661fc0af mes5/x86_64/libpng-source-1.2.31-2.3mdvmes5.1.x86_64.rpm 488ece2aa6a2c4dc62d4c274d64c2926 mes5/SRPMS/libpng-1.2.31-2.3mdvmes5.1.src.rpm
To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandriva Linux at:
http://www.mandriva.com/security/advisories
If you want to report vulnerabilities, please contact
security_(at)_mandriva.com
Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux)
iD8DBQFMP2A1mqjQ0CJFipgRAjw5AKDRGlB7JGhhCobOgDXKWuKOu8Q43gCeOclX KlOM1C8b0XVNVFF83vXPz9A= =E10C -----END PGP SIGNATURE-----
Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Show details on source website{
"affected_products": {
"_id": null,
"data": [
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 1.3,
"vendor": "debian",
"version": "5.0"
},
{
"_id": null,
"model": "linux enterprise server",
"scope": "eq",
"trust": 1.3,
"vendor": "suse",
"version": "9"
},
{
"_id": null,
"model": "linux enterprise server",
"scope": "eq",
"trust": 1.3,
"vendor": "suse",
"version": "11"
},
{
"_id": null,
"model": "itunes",
"scope": "eq",
"trust": 1.1,
"vendor": "apple",
"version": "10"
},
{
"_id": null,
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "9.04"
},
{
"_id": null,
"model": "itunes",
"scope": "lt",
"trust": 1.0,
"vendor": "apple",
"version": "10.2"
},
{
"_id": null,
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "10.04"
},
{
"_id": null,
"model": "fedora",
"scope": "eq",
"trust": 1.0,
"vendor": "fedoraproject",
"version": "12"
},
{
"_id": null,
"model": "player",
"scope": "lt",
"trust": 1.0,
"vendor": "vmware",
"version": "3.1.2"
},
{
"_id": null,
"model": "workstation",
"scope": "lt",
"trust": 1.0,
"vendor": "vmware",
"version": "7.1.2"
},
{
"_id": null,
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "6.06"
},
{
"_id": null,
"model": "iphone os",
"scope": "lte",
"trust": 1.0,
"vendor": "apple",
"version": "4.1"
},
{
"_id": null,
"model": "tvos",
"scope": "lt",
"trust": 1.0,
"vendor": "apple",
"version": "4.1.0"
},
{
"_id": null,
"model": "player",
"scope": "gte",
"trust": 1.0,
"vendor": "vmware",
"version": "2.5"
},
{
"_id": null,
"model": "safari",
"scope": "lt",
"trust": 1.0,
"vendor": "apple",
"version": "5.0.4"
},
{
"_id": null,
"model": "workstation",
"scope": "gte",
"trust": 1.0,
"vendor": "vmware",
"version": "6.5.0"
},
{
"_id": null,
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "9.10"
},
{
"_id": null,
"model": "opensuse",
"scope": "eq",
"trust": 1.0,
"vendor": "opensuse",
"version": "11.2"
},
{
"_id": null,
"model": "player",
"scope": "lt",
"trust": 1.0,
"vendor": "vmware",
"version": "2.5.5"
},
{
"_id": null,
"model": "libpng",
"scope": "lt",
"trust": 1.0,
"vendor": "libpng",
"version": "1.2.44"
},
{
"_id": null,
"model": "libpng",
"scope": "lt",
"trust": 1.0,
"vendor": "libpng",
"version": "1.4.3"
},
{
"_id": null,
"model": "workstation",
"scope": "lt",
"trust": 1.0,
"vendor": "vmware",
"version": "6.5.5"
},
{
"_id": null,
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "8.04"
},
{
"_id": null,
"model": "iphone os",
"scope": "gte",
"trust": 1.0,
"vendor": "apple",
"version": "2.0"
},
{
"_id": null,
"model": "fedora",
"scope": "eq",
"trust": 1.0,
"vendor": "fedoraproject",
"version": "13"
},
{
"_id": null,
"model": "workstation",
"scope": "gte",
"trust": 1.0,
"vendor": "vmware",
"version": "7.1"
},
{
"_id": null,
"model": "libpng",
"scope": "gte",
"trust": 1.0,
"vendor": "libpng",
"version": "1.4.0"
},
{
"_id": null,
"model": "linux enterprise server",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "10"
},
{
"_id": null,
"model": "player",
"scope": "gte",
"trust": 1.0,
"vendor": "vmware",
"version": "3.1"
},
{
"_id": null,
"model": "opensuse",
"scope": "eq",
"trust": 1.0,
"vendor": "opensuse",
"version": "11.1"
},
{
"_id": null,
"model": "libpng",
"scope": "eq",
"trust": 0.9,
"vendor": "libpng",
"version": "1.0.42"
},
{
"_id": null,
"model": "libpng",
"scope": "eq",
"trust": 0.9,
"vendor": "libpng",
"version": "1.0.33"
},
{
"_id": null,
"model": "libpng",
"scope": "eq",
"trust": 0.9,
"vendor": "libpng",
"version": "1.0.32"
},
{
"_id": null,
"model": "libpng",
"scope": "lt",
"trust": 0.8,
"vendor": "png group",
"version": "1.2.44"
},
{
"_id": null,
"model": "libpng",
"scope": "lt",
"trust": 0.8,
"vendor": "png group",
"version": "1.4.3"
},
{
"_id": null,
"model": "player",
"scope": "eq",
"trust": 0.8,
"vendor": "vmware",
"version": "2.5.x"
},
{
"_id": null,
"model": "player",
"scope": "eq",
"trust": 0.8,
"vendor": "vmware",
"version": "3.1.x"
},
{
"_id": null,
"model": "server",
"scope": null,
"trust": 0.8,
"vendor": "vmware",
"version": null
},
{
"_id": null,
"model": "workstation",
"scope": "eq",
"trust": 0.8,
"vendor": "vmware",
"version": "6.5.x"
},
{
"_id": null,
"model": "workstation",
"scope": "eq",
"trust": 0.8,
"vendor": "vmware",
"version": "7.1.x"
},
{
"_id": null,
"model": "mac os x",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "v10.5.8"
},
{
"_id": null,
"model": "mac os x",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "v10.6 to v10.6.4"
},
{
"_id": null,
"model": "mac os x server",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "v10.5.8"
},
{
"_id": null,
"model": "mac os x server",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "v10.6 to v10.6.4"
},
{
"_id": null,
"model": "tv",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "(2nd generation) 4.0 software"
},
{
"_id": null,
"model": "ios",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "2.0 to 4.1 (iphone 3g after )"
},
{
"_id": null,
"model": "ios",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "2.1 to 4.1 (ipod touch (2nd generation) after )"
},
{
"_id": null,
"model": "ios",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "3.2 to 3.2.2 (ipad for )"
},
{
"_id": null,
"model": "ipad",
"scope": null,
"trust": 0.8,
"vendor": "apple",
"version": null
},
{
"_id": null,
"model": "iphone",
"scope": null,
"trust": 0.8,
"vendor": "apple",
"version": null
},
{
"_id": null,
"model": "ipod touch",
"scope": null,
"trust": 0.8,
"vendor": "apple",
"version": null
},
{
"_id": null,
"model": "safari",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "5"
},
{
"_id": null,
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "oracle",
"version": "10"
},
{
"_id": null,
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "oracle",
"version": "11 express"
},
{
"_id": null,
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "oracle",
"version": "8"
},
{
"_id": null,
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "oracle",
"version": "9"
},
{
"_id": null,
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "3 (x86)"
},
{
"_id": null,
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "3 (x86-64)"
},
{
"_id": null,
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "3.0"
},
{
"_id": null,
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "3.0 (x86-64)"
},
{
"_id": null,
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "4.0"
},
{
"_id": null,
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "4.0 (x86-64)"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3 (as)"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3 (es)"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3 (ws)"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 (as)"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 (es)"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 (ws)"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4.8 (as)"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4.8 (es)"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5 (server)"
},
{
"_id": null,
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3.0"
},
{
"_id": null,
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4.0"
},
{
"_id": null,
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5.0 (client)"
},
{
"_id": null,
"model": "rhel desktop workstation",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5 (client)"
},
{
"_id": null,
"model": "tv",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "2.1"
},
{
"_id": null,
"model": "libpng",
"scope": "eq",
"trust": 0.6,
"vendor": "libpng",
"version": "1.0.40"
},
{
"_id": null,
"model": "libpng",
"scope": "eq",
"trust": 0.6,
"vendor": "libpng",
"version": "1.0.41"
},
{
"_id": null,
"model": "libpng",
"scope": "eq",
"trust": 0.6,
"vendor": "libpng",
"version": "1.0.29"
},
{
"_id": null,
"model": "libpng",
"scope": "eq",
"trust": 0.6,
"vendor": "libpng",
"version": "1.0.30"
},
{
"_id": null,
"model": "libpng",
"scope": "eq",
"trust": 0.6,
"vendor": "libpng",
"version": "1.0.3"
},
{
"_id": null,
"model": "in motion blackberry enterprise server for exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "research",
"version": "5.0.1"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.6"
},
{
"_id": null,
"model": "linux hppa",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"_id": null,
"model": "linux enterprise sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"_id": null,
"model": "libpng",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.0.25"
},
{
"_id": null,
"model": "libpng",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.2.42"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.6"
},
{
"_id": null,
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.0.1"
},
{
"_id": null,
"model": "linux enterprise sdk sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"_id": null,
"model": "tv",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "2.2"
},
{
"_id": null,
"model": "intuity audix",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"_id": null,
"model": "in motion blackberry enterprise server for domino",
"scope": "eq",
"trust": 0.3,
"vendor": "research",
"version": "5.0.1"
},
{
"_id": null,
"model": "proactive contact",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.1.1"
},
{
"_id": null,
"model": "itunes",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "9.0.1"
},
{
"_id": null,
"model": "libpng",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.0"
},
{
"_id": null,
"model": "iphone",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "2.2.1"
},
{
"_id": null,
"model": "libpng",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.2.16"
},
{
"_id": null,
"model": "libpng",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.0.18"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.7"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.4"
},
{
"_id": null,
"model": "voice portal sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.1"
},
{
"_id": null,
"model": "messaging storage server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.5.7"
},
{
"_id": null,
"model": "iphone",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.0"
},
{
"_id": null,
"model": "beta01",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.2.27"
},
{
"_id": null,
"model": "messaging storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.0"
},
{
"_id": null,
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.0.1"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.6.2"
},
{
"_id": null,
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.2"
},
{
"_id": null,
"model": "iphone",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.2"
},
{
"_id": null,
"model": "voice portal sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.1"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.5.4"
},
{
"_id": null,
"model": "ipod touch",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.0"
},
{
"_id": null,
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"_id": null,
"model": "workstation build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.5118166"
},
{
"_id": null,
"model": "safari for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.0.2"
},
{
"_id": null,
"model": "cms server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "15.0"
},
{
"_id": null,
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.1"
},
{
"_id": null,
"model": "ipod touch",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.1.1"
},
{
"_id": null,
"model": "player build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5118166"
},
{
"_id": null,
"model": "messaging storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"_id": null,
"model": "seamonkey",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.0.5"
},
{
"_id": null,
"model": "libpng",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.2.21"
},
{
"_id": null,
"model": "ipad",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.2.1"
},
{
"_id": null,
"model": "solaris express",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "11"
},
{
"_id": null,
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"_id": null,
"model": "linux lts amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"_id": null,
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.5"
},
{
"_id": null,
"model": "tv",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "2.0"
},
{
"_id": null,
"model": "ipod touch",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.1.3"
},
{
"_id": null,
"model": "itunes",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "10.2"
},
{
"_id": null,
"model": "libpng",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.2.36"
},
{
"_id": null,
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.9"
},
{
"_id": null,
"model": "libpng",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.4.1"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.2"
},
{
"_id": null,
"model": "libpng",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.0.6"
},
{
"_id": null,
"model": "safari for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.0.2"
},
{
"_id": null,
"model": "in motion blackberry enterprise server express for exchange mr1",
"scope": "eq",
"trust": 0.3,
"vendor": "research",
"version": "5.0.2"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.5.2"
},
{
"_id": null,
"model": "iphone",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.1"
},
{
"_id": null,
"model": "aura session manager sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"_id": null,
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2009.1"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "9.1"
},
{
"_id": null,
"model": "linux enterprise desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"_id": null,
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.6"
},
{
"_id": null,
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2010.1"
},
{
"_id": null,
"model": "player build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "3.1.2301548"
},
{
"_id": null,
"model": "iphone",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.0"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.5.3"
},
{
"_id": null,
"model": "message networking",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"_id": null,
"model": "voice portal",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.0"
},
{
"_id": null,
"model": "iphone",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.1"
},
{
"_id": null,
"model": "server build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.9156507"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.4"
},
{
"_id": null,
"model": "itunes",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "9.2.1"
},
{
"_id": null,
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "9.10"
},
{
"_id": null,
"model": "libpng",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.2.18"
},
{
"_id": null,
"model": "in motion blackberry enterprise server for novell groupwise",
"scope": "eq",
"trust": 0.3,
"vendor": "research",
"version": "5.0.1"
},
{
"_id": null,
"model": "iphone",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.1.3"
},
{
"_id": null,
"model": "ir",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.0"
},
{
"_id": null,
"model": "message networking mn",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"_id": null,
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.1.3"
},
{
"_id": null,
"model": "tv",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "4.1"
},
{
"_id": null,
"model": "linux enterprise sdk sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"_id": null,
"model": "libpng",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.0.5"
},
{
"_id": null,
"model": "coat systems proxyav",
"scope": "ne",
"trust": 0.3,
"vendor": "blue",
"version": "3.4.1.1"
},
{
"_id": null,
"model": "linux lpia",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "9.04"
},
{
"_id": null,
"model": "beta01",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.4"
},
{
"_id": null,
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"_id": null,
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "beta19",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.4"
},
{
"_id": null,
"model": "workstation build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.5.2156735"
},
{
"_id": null,
"model": "messaging storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"_id": null,
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.0"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.5.1"
},
{
"_id": null,
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.0.1"
},
{
"_id": null,
"model": "libpng",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.0.15"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.5"
},
{
"_id": null,
"model": "aura system platform sp1.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"_id": null,
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2010.0"
},
{
"_id": null,
"model": "messaging storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.0"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.2"
},
{
"_id": null,
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2009.0"
},
{
"_id": null,
"model": "firefox",
"scope": "ne",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.6.7"
},
{
"_id": null,
"model": "hat enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "3"
},
{
"_id": null,
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.2"
},
{
"_id": null,
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.0.2"
},
{
"_id": null,
"model": "firefox",
"scope": "ne",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.5.11"
},
{
"_id": null,
"model": "linux armel",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"_id": null,
"model": "safari for windows",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "5.0.4"
},
{
"_id": null,
"model": "player build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.4246459"
},
{
"_id": null,
"model": "safari for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.0.1"
},
{
"_id": null,
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.5.1"
},
{
"_id": null,
"model": "ir",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.0"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.3"
},
{
"_id": null,
"model": "voice portal sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.0"
},
{
"_id": null,
"model": "ipod touch",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "2.2.1"
},
{
"_id": null,
"model": "voice portal",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.1"
},
{
"_id": null,
"model": "ipad",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.2.2"
},
{
"_id": null,
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.7"
},
{
"_id": null,
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.0.2"
},
{
"_id": null,
"model": "corporate server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "4.0"
},
{
"_id": null,
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.1"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "12.2"
},
{
"_id": null,
"model": "iphone",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.2.1"
},
{
"_id": null,
"model": "voice portal sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.0"
},
{
"_id": null,
"model": "linux enterprise sdk",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"_id": null,
"model": "libpng",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.2.8"
},
{
"_id": null,
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.5.2"
},
{
"_id": null,
"model": "intuity audix lx sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"_id": null,
"model": "ipod touch",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "2.1"
},
{
"_id": null,
"model": "libpng",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.0.13"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.5.10"
},
{
"_id": null,
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.1"
},
{
"_id": null,
"model": "safari for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.1.2"
},
{
"_id": null,
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"_id": null,
"model": "ipod touch",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.1.2"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6"
},
{
"_id": null,
"model": "linux lts i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"_id": null,
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"_id": null,
"model": "messaging storage server",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"_id": null,
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2008.0"
},
{
"_id": null,
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.1"
},
{
"_id": null,
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"_id": null,
"model": "safari for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.0"
},
{
"_id": null,
"model": "proactive contact",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "0"
},
{
"_id": null,
"model": "linux lts sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "8.04"
},
{
"_id": null,
"model": "cms server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "16.0"
},
{
"_id": null,
"model": "linux lts i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "8.04"
},
{
"_id": null,
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11.4"
},
{
"_id": null,
"model": "libpng",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.2.20"
},
{
"_id": null,
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0"
},
{
"_id": null,
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.0.5"
},
{
"_id": null,
"model": "libpng",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.0.14"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "8.1"
},
{
"_id": null,
"model": "server build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.10203137"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "12.1"
},
{
"_id": null,
"model": "libpng",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.0.12"
},
{
"_id": null,
"model": "intuity lx",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"_id": null,
"model": "libpng",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.0.8"
},
{
"_id": null,
"model": "libpng",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.2.27"
},
{
"_id": null,
"model": "seamonkey",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.0"
},
{
"_id": null,
"model": "iphone",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "2.1"
},
{
"_id": null,
"model": "corporate server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "4.0"
},
{
"_id": null,
"model": "linux enterprise sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"_id": null,
"model": "itunes",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "9.0.2"
},
{
"_id": null,
"model": "seamonkey",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.0.2"
},
{
"_id": null,
"model": "in motion blackberry enterprise server for exchange mr2",
"scope": "eq",
"trust": 0.3,
"vendor": "research",
"version": "5.0.3"
},
{
"_id": null,
"model": "enterprise linux desktop version",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.3"
},
{
"_id": null,
"model": "iphone",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "2.0.2"
},
{
"_id": null,
"model": "solaris 10 sparc",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "itunes",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "9.1"
},
{
"_id": null,
"model": "safari for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.0.4"
},
{
"_id": null,
"model": "iphone",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.1.2"
},
{
"_id": null,
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "9.10"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.6.4"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5"
},
{
"_id": null,
"model": "player build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.3185404"
},
{
"_id": null,
"model": "workstation build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "7.1.2301548"
},
{
"_id": null,
"model": "linux alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"_id": null,
"model": "linux enterprise server sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"_id": null,
"model": "seamonkey",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.0.4"
},
{
"_id": null,
"model": "messaging storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.0"
},
{
"_id": null,
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.10"
},
{
"_id": null,
"model": "in motion blackberry enterprise server for novell groupwise",
"scope": "eq",
"trust": 0.3,
"vendor": "research",
"version": "4.1.7"
},
{
"_id": null,
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.2"
},
{
"_id": null,
"model": "in motion blackberry enterprise server for domino mr3",
"scope": "eq",
"trust": 0.3,
"vendor": "research",
"version": "5.0.3"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6"
},
{
"_id": null,
"model": "safari for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.0.5"
},
{
"_id": null,
"model": "proactive contact",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.0.3"
},
{
"_id": null,
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.0.3"
},
{
"_id": null,
"model": "seamonkey",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.0.3"
},
{
"_id": null,
"model": "in motion blackberry enterprise server express for domino",
"scope": "eq",
"trust": 0.3,
"vendor": "research",
"version": "5.0.3"
},
{
"_id": null,
"model": "libpng",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "0.90"
},
{
"_id": null,
"model": "proactive contact",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.0"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "pardus",
"version": "20090"
},
{
"_id": null,
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "11.2"
},
{
"_id": null,
"model": "safari for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.0.3"
},
{
"_id": null,
"model": "linux ia-32",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"_id": null,
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.2.1"
},
{
"_id": null,
"model": "enterprise server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "5"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.6.3"
},
{
"_id": null,
"model": "itunes",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "9.0"
},
{
"_id": null,
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2009.1"
},
{
"_id": null,
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4"
},
{
"_id": null,
"model": "aura session manager sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"_id": null,
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "9.04"
},
{
"_id": null,
"model": "message networking",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"_id": null,
"model": "libpng",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.2.26"
},
{
"_id": null,
"model": "linux x86 64 -current",
"scope": null,
"trust": 0.3,
"vendor": "slackware",
"version": null
},
{
"_id": null,
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2010.1"
},
{
"_id": null,
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.0.2"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.3"
},
{
"_id": null,
"model": "linux ia-64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"_id": null,
"model": "server build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.8126538"
},
{
"_id": null,
"model": "libpng",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.0.24"
},
{
"_id": null,
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"_id": null,
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4"
},
{
"_id": null,
"model": "thunderbird",
"scope": "ne",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.0.6"
},
{
"_id": null,
"model": "itunes",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "9.0.1.8"
},
{
"_id": null,
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.0"
},
{
"_id": null,
"model": "libpng",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.0.43"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "9.0"
},
{
"_id": null,
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.0"
},
{
"_id": null,
"model": "enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "5"
},
{
"_id": null,
"model": "proactive contact",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.0.2"
},
{
"_id": null,
"model": "proactive contact",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.1"
},
{
"_id": null,
"model": "messaging storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"_id": null,
"model": "ipod touch",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "2.2"
},
{
"_id": null,
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "11.1"
},
{
"_id": null,
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.3"
},
{
"_id": null,
"model": "proactive contact",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.0"
},
{
"_id": null,
"model": "in motion blackberry enterprise server express for exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "research",
"version": "5.0.3"
},
{
"_id": null,
"model": "hat enterprise linux desktop client",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5"
},
{
"_id": null,
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.0.4"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.5.6"
},
{
"_id": null,
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2010.0"
},
{
"_id": null,
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.6"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.5.9"
},
{
"_id": null,
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.2"
},
{
"_id": null,
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2009.0"
},
{
"_id": null,
"model": "libpng",
"scope": "ne",
"trust": 0.3,
"vendor": "libpng",
"version": "1.2.44"
},
{
"_id": null,
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.0.2"
},
{
"_id": null,
"model": "in motion blackberry enterprise server express for domino",
"scope": "eq",
"trust": 0.3,
"vendor": "research",
"version": "5.0.2"
},
{
"_id": null,
"model": "linux enterprise server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"_id": null,
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.0.5"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.3"
},
{
"_id": null,
"model": "iphone",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "2.2"
},
{
"_id": null,
"model": "linux lts sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"_id": null,
"model": "libpng",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.0.9"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "10.1"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "10.2"
},
{
"_id": null,
"model": "cms server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "16.1"
},
{
"_id": null,
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "9.10"
},
{
"_id": null,
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.1"
},
{
"_id": null,
"model": "safari beta",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4"
},
{
"_id": null,
"model": "server build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.7108231"
},
{
"_id": null,
"model": "linux lts lpia",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "8.04"
},
{
"_id": null,
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.5"
},
{
"_id": null,
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "9.10"
},
{
"_id": null,
"model": "seamonkey",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.0.1"
},
{
"_id": null,
"model": "libpng",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.2.34"
},
{
"_id": null,
"model": "iphone",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "2.0.1"
},
{
"_id": null,
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "9.04"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.4"
},
{
"_id": null,
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "7.1"
},
{
"_id": null,
"model": "safari for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.1.3"
},
{
"_id": null,
"model": "linux enterprise desktop sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"_id": null,
"model": "aura system manager sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "libpng",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.4.2"
},
{
"_id": null,
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.4"
},
{
"_id": null,
"model": "iphone",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "2.0"
},
{
"_id": null,
"model": "libpng",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.2.17"
},
{
"_id": null,
"model": "in motion blackberry enterprise server for exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "research",
"version": "5.0.3"
},
{
"_id": null,
"model": "safari beta",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.0"
},
{
"_id": null,
"model": "ipad",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "0"
},
{
"_id": null,
"model": "intuity audix r5",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "0"
},
{
"_id": null,
"model": "in motion blackberry enterprise server for domino mr1",
"scope": "eq",
"trust": 0.3,
"vendor": "research",
"version": "5.0.2"
},
{
"_id": null,
"model": "in motion blackberry enterprise server express for exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "research",
"version": "5.0.2"
},
{
"_id": null,
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.5.3"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.8"
},
{
"_id": null,
"model": "libpng",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.2.37"
},
{
"_id": null,
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "9.04"
},
{
"_id": null,
"model": "solaris 9 sparc",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "itunes",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "9.2"
},
{
"_id": null,
"model": "in motion blackberry enterprise server for domino",
"scope": "eq",
"trust": 0.3,
"vendor": "research",
"version": "5.0.3"
},
{
"_id": null,
"model": "linux mipsel",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"_id": null,
"model": "thunderbird",
"scope": "ne",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.1.1"
},
{
"_id": null,
"model": "player build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.2156735"
},
{
"_id": null,
"model": "hat enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "4"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.5.5"
},
{
"_id": null,
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11.3"
},
{
"_id": null,
"model": "linux x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "13.1"
},
{
"_id": null,
"model": "enterprise linux optional productivity application server",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"_id": null,
"model": "proactive contact",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.1.2"
},
{
"_id": null,
"model": "safari",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "5.0.4"
},
{
"_id": null,
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.0.1"
},
{
"_id": null,
"model": "linux x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "13.0"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "12.0"
},
{
"_id": null,
"model": "libpng",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.0.17"
},
{
"_id": null,
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.1.1"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "10.0"
},
{
"_id": null,
"model": "coat systems proxyav",
"scope": "eq",
"trust": 0.3,
"vendor": "blue",
"version": "3.4.1.0"
},
{
"_id": null,
"model": "intuity audix lx r1.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"_id": null,
"model": "linux lts powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"_id": null,
"model": "libpng",
"scope": "ne",
"trust": 0.3,
"vendor": "libpng",
"version": "1.4.3"
},
{
"_id": null,
"model": "ios",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "4.2"
},
{
"_id": null,
"model": "server build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.580187"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.2"
},
{
"_id": null,
"model": "server build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.2203138"
},
{
"_id": null,
"model": "linux lts amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "8.04"
},
{
"_id": null,
"model": "libpng",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.0.7"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.1"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.4"
},
{
"_id": null,
"model": "in motion blackberry enterprise server for exchange mr1",
"scope": "eq",
"trust": 0.3,
"vendor": "research",
"version": "5.0.2"
},
{
"_id": null,
"model": "intuity audix lx",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.0"
},
{
"_id": null,
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.1"
},
{
"_id": null,
"model": "linux lts powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "8.04"
},
{
"_id": null,
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.1.2"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "11.0"
},
{
"_id": null,
"model": "workstation build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.5.4246459"
},
{
"_id": null,
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "3.1"
},
{
"_id": null,
"model": "intuity audix lx sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"_id": null,
"model": "messaging storage server mm3.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"_id": null,
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"_id": null,
"model": "libpng",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.0.52"
},
{
"_id": null,
"model": "libpng",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.2.43"
},
{
"_id": null,
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.0"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.1"
},
{
"_id": null,
"model": "iphone",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.0.1"
},
{
"_id": null,
"model": "linux enterprise desktop sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"_id": null,
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"_id": null,
"model": "libpng",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.4"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.8"
},
{
"_id": null,
"model": "ipad",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.2"
},
{
"_id": null,
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.8"
},
{
"_id": null,
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.3"
},
{
"_id": null,
"model": "messaging storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.1"
},
{
"_id": null,
"model": "in motion blackberry enterprise server for exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "research",
"version": "5.0.2"
},
{
"_id": null,
"model": "voice portal",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.0"
},
{
"_id": null,
"model": "linux -current",
"scope": null,
"trust": 0.3,
"vendor": "slackware",
"version": null
},
{
"_id": null,
"model": "iphone",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.0.1"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "13.1"
},
{
"_id": null,
"model": "intuity lx",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"_id": null,
"model": "server build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.691891"
},
{
"_id": null,
"model": "hat enterprise linux server",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5"
},
{
"_id": null,
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.4"
},
{
"_id": null,
"model": "linux lpia",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "9.10"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.5.8"
},
{
"_id": null,
"model": "in motion blackberry enterprise server express for exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "research",
"version": "5.0.1"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "13.0"
},
{
"_id": null,
"model": "message networking",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"_id": null,
"model": "in motion blackberry enterprise server for domino",
"scope": "eq",
"trust": 0.3,
"vendor": "research",
"version": "5.0.2"
},
{
"_id": null,
"model": "linux enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"_id": null,
"model": "mac os server",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.5"
},
{
"_id": null,
"model": "libpng",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.0.11"
},
{
"_id": null,
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"_id": null,
"model": "desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3.0"
},
{
"_id": null,
"model": "rc1",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.2.22"
},
{
"_id": null,
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"_id": null,
"model": "itunes",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.1"
},
{
"_id": null,
"model": "enterprise linux desktop workstation client",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"_id": null,
"model": "ios beta",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.2"
},
{
"_id": null,
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.2"
},
{
"_id": null,
"model": "cms server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "16.2"
},
{
"_id": null,
"model": "workstation build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.5.3185404"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.1"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.7"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.5"
},
{
"_id": null,
"model": "server build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.1156745"
},
{
"_id": null,
"model": "voice portal",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.1"
},
{
"_id": null,
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.0"
},
{
"_id": null,
"model": "linux s/390",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"_id": null,
"model": "in motion blackberry enterprise server express for domino mr1",
"scope": "eq",
"trust": 0.3,
"vendor": "research",
"version": "5.0.2"
},
{
"_id": null,
"model": "libpng",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.0.16"
},
{
"_id": null,
"model": "libpng",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.0.53"
},
{
"_id": null,
"model": "libpng",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.2.13"
},
{
"_id": null,
"model": "iq",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5"
},
{
"_id": null,
"model": "voice portal",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.0"
},
{
"_id": null,
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.1"
},
{
"_id": null,
"model": "solaris 10 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "libpng",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.0.10"
},
{
"_id": null,
"model": "in motion blackberry enterprise server for novell groupwise mr3",
"scope": "eq",
"trust": 0.3,
"vendor": "research",
"version": "5.0.1"
},
{
"_id": null,
"model": "safari for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.0.3"
},
{
"_id": null,
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.0.3"
},
{
"_id": null,
"model": "iq",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.1"
},
{
"_id": null,
"model": "aura conferencing standard",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "9.04"
},
{
"_id": null,
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2008.0"
},
{
"_id": null,
"model": "libpng",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.2.35"
},
{
"_id": null,
"model": "solaris 9 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "intuity audix lx",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"_id": null,
"model": "tv",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.0"
},
{
"_id": null,
"model": "seamonkey",
"scope": "ne",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.0.6"
},
{
"_id": null,
"model": "linux mips",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"_id": null,
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.0.4"
},
{
"_id": null,
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.2.2"
},
{
"_id": null,
"model": "safari for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4"
},
{
"_id": null,
"model": "linux m68k",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"_id": null,
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"_id": null,
"model": "libpng",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.2.19"
}
],
"sources": [
{
"db": "BID",
"id": "41174"
},
{
"db": "CNNVD",
"id": "CNNVD-201006-491"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001805"
},
{
"db": "NVD",
"id": "CVE-2010-2249"
}
]
},
"configurations": {
"_id": null,
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:libpng:libpng",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:vmware:player",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:vmware:server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:vmware:workstation",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:apple:mac_os_x",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:apple:mac_os_x_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:apple:apple_tv",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:apple:iphone_os",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:apple:ipad",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:apple:iphone",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:apple:ipod_touch",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:apple:itunes",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:apple:safari",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:oracle:solaris",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:misc:miraclelinux_asianux_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:redhat:enterprise_linux",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:redhat:enterprise_linux_desktop",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:redhat:rhel_desktop_workstation",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2010-001805"
}
]
},
"credits": {
"_id": null,
"data": "Greg Roelofs",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201006-491"
}
],
"trust": 0.6
},
"cve": "CVE-2010-2249",
"cvss": {
"_id": null,
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "CVE-2010-2249",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.1,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 5.0,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2010-2249",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "VHN-44854",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"exploitabilityScore": 2.8,
"id": "CVE-2010-2249",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2010-2249",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2010-2249",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-201006-491",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-44854",
"trust": 0.1,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2010-2249",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-44854"
},
{
"db": "VULMON",
"id": "CVE-2010-2249"
},
{
"db": "CNNVD",
"id": "CNNVD-201006-491"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001805"
},
{
"db": "NVD",
"id": "CVE-2010-2249"
}
]
},
"description": {
"_id": null,
"data": "Memory leak in pngrutil.c in libpng before 1.2.44, and 1.4.x before 1.4.3, allows remote attackers to cause a denial of service (memory consumption and application crash) via a PNG image containing malformed Physical Scale (aka sCAL) chunks. The \u0027libpng\u0027 library is prone to multiple vulnerabilities. \nSuccessful exploits may allow remote attackers to cause denial-of-service conditions or potentially execute arbitrary code on computers running the affected library. \nThese issues affect versions prior to \u0027libpng\u0027 1.4.3 and 1.2.44. \n\nBackground\n==========\n\nlibpng is a standard library used to process PNG (Portable Network\nGraphics) images. It is used by several programs, including web\nbrowsers and potentially server processes. \n\nAffected packages\n=================\n\n -------------------------------------------------------------------\n Package / Vulnerable / Unaffected\n -------------------------------------------------------------------\n 1 media-libs/libpng \u003c 1.4.3 \u003e= 1.4.3\n\nDescription\n===========\n\nMultiple vulnerabilities were found in libpng:\n\n* The png_decompress_chunk() function in pngrutil.c does not properly\n handle certain type of compressed data (CVE-2010-0205)\n\n* A buffer overflow in pngread.c when using progressive applications\n (CVE-2010-1205)\n\n* A memory leak in pngrutil.c when dealing with a certain type of\n chunks (CVE-2010-2249)\n\nImpact\n======\n\nAn attacker could exploit these vulnerabilities to cause programs\nlinked against the library to crash or execute arbitrary code with the\npermissions of the user running the vulnerable program, which could be\nthe root user. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll libpng users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=media-libs/libpng-1.4.3\"\n\nReferences\n==========\n\n [ 1 ] CVE-2010-0205\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0205\n [ 2 ] CVE-2010-1205\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1205\n [ 3 ] CVE-2010-2249\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2249\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-201010-01.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2010 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n\n\n\n. \n\nFor the testing (squeeze) and unstable (sid) distribution, these\nproblems have been fixed in version 1.2.44-1\n\nWe recommend that you upgrade your libpng package. \n\nUpgrade instructions\n- --------------------\n\nwget url\n will fetch the file for you\ndpkg -i file.deb\n will install the referenced file. \n\nIf you are using the apt-get package manager, use the line for\nsources.list as given below:\n\napt-get update\n will update the internal database\napt-get upgrade\n will install corrected packages\n\nYou may use an automated update by adding the resources from the\nfooter to the proper configuration. \n\n\nDebian GNU/Linux 5.0 alias lenny\n- --------------------------------\n\nDebian (stable)\n- ---------------\n\nStable updates are available for alpha, amd64, arm, armel, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc. \n\nSource archives:\n\n http://security.debian.org/pool/updates/main/libp/libpng/libpng_1.2.27-2+lenny4.dsc\n Size/MD5 checksum: 1201 518a1f5c30a115dcb732e7499a2cef96\n http://security.debian.org/pool/updates/main/libp/libpng/libpng_1.2.27.orig.tar.gz\n Size/MD5 checksum: 783204 13a0de401db1972a8e68f47d5bdadd13\n http://security.debian.org/pool/updates/main/libp/libpng/libpng_1.2.27-2+lenny4.diff.gz\n Size/MD5 checksum: 21437 43e68a174233314cf49bb204abdd29b6\n\nArchitecture independent packages:\n\n http://security.debian.org/pool/updates/main/libp/libpng/libpng3_1.2.27-2+lenny4_all.deb\n Size/MD5 checksum: 886 94643952b104a6f231ed7d710e2ae95d\n\nalpha architecture (DEC Alpha)\n\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny4_alpha.deb\n Size/MD5 checksum: 182808 27b109278c41f9354d529ce0cfa2fe70\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny4_alpha.deb\n Size/MD5 checksum: 287316 b05d9032dca244cfbb1773e17eb8fbf3\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny4_alpha.udeb\n Size/MD5 checksum: 86558 2082c8b1458c53860b8243c184909d99\n\namd64 architecture (AMD x86_64 (AMD64))\n\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny4_amd64.udeb\n Size/MD5 checksum: 71944 a3992e7b18a2897879863fbf70f3e44f\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny4_amd64.deb\n Size/MD5 checksum: 167620 b654901994d4666d2918869ef59aef38\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny4_amd64.deb\n Size/MD5 checksum: 254780 dfb0d24bf329b004ccea98b3a94186be\n\narm architecture (ARM)\n\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny4_arm.udeb\n Size/MD5 checksum: 64570 f8b22165ed7daf5c40ecff5e03b7c724\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny4_arm.deb\n Size/MD5 checksum: 159684 b64a7d362ef23b72d4af94bd48c89e33\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny4_arm.deb\n Size/MD5 checksum: 245526 a55f8943e244796a2dbf4b244673d9ab\n\narmel architecture (ARM EABI)\n\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny4_armel.udeb\n Size/MD5 checksum: 67034 4d6f0fbce281723de483067ae4226f18\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny4_armel.deb\n Size/MD5 checksum: 162570 fb1927ecf7521ce2de4c3c2d3d9ba679\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny4_armel.deb\n Size/MD5 checksum: 245964 38148590fd5c421c6e7649767ce23556\n\nhppa architecture (HP PA RISC)\n\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny4_hppa.deb\n Size/MD5 checksum: 170090 1a9ad8514fb3dd6111090f321553452b\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny4_hppa.deb\n Size/MD5 checksum: 260414 b1ada2a28da472703f953547dc2947e2\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny4_hppa.udeb\n Size/MD5 checksum: 73894 eb6714f86f8085811a3dc1a1218a75a3\n\ni386 architecture (Intel ia32)\n\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny4_i386.deb\n Size/MD5 checksum: 245468 8b6e9b5424a8991c05734f90b00182a2\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny4_i386.deb\n Size/MD5 checksum: 166290 70c41d2feb2aff02be6154cea7cec1f4\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny4_i386.udeb\n Size/MD5 checksum: 70118 e7c845ff2e87dc1dc2849ecac4428aa4\n\nia64 architecture (Intel ia64)\n\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny4_ia64.udeb\n Size/MD5 checksum: 111752 9b3c6f30c1d59df47d8f1736cffb5f74\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny4_ia64.deb\n Size/MD5 checksum: 207554 ca076c99f9d64729eab9a58632ab2b9e\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny4_ia64.deb\n Size/MD5 checksum: 305536 0446686bb25783804121efced246e59d\n\nmips architecture (MIPS (Big Endian))\n\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny4_mips.deb\n Size/MD5 checksum: 164086 e615a6007aa89ccd38a1afc482c6c51e\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny4_mips.udeb\n Size/MD5 checksum: 68180 beec6961eba764cd9186f4ba1e116949\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny4_mips.deb\n Size/MD5 checksum: 262216 937b2f2c26200b4a53f0bd8293b80af3\n\nmipsel architecture (MIPS (Little Endian))\n\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny4_mipsel.udeb\n Size/MD5 checksum: 68464 c0e4a6cf4cbb2d6cda04ae5c0c572dd5\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny4_mipsel.deb\n Size/MD5 checksum: 164312 48ec081a3f25a7863fe689a212d37b07\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny4_mipsel.deb\n Size/MD5 checksum: 262482 560287e9b0c79a7d51ff4fd37e0a8da4\n\npowerpc architecture (PowerPC)\n\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny4_powerpc.deb\n Size/MD5 checksum: 253154 caa93c1b0d9460d93d7b81241dcd25fb\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny4_powerpc.udeb\n Size/MD5 checksum: 70748 59534d8fcb740fdfd681a173a85d72fe\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny4_powerpc.deb\n Size/MD5 checksum: 166354 3d521ce5930a7707bb3afc61f7c48ccc\n\ns390 architecture (IBM S/390)\n\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny4_s390.udeb\n Size/MD5 checksum: 73500 bceb1dab986adc60adde49c6bb267e7d\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny4_s390.deb\n Size/MD5 checksum: 253036 85ebb3e8ac1749f20e0c45f489f348a6\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny4_s390.deb\n Size/MD5 checksum: 169330 aa9808b63b2301f8be657a3c2d6797d2\n\nsparc architecture (Sun SPARC/UltraSPARC)\n\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny4_sparc.deb\n Size/MD5 checksum: 161688 5f12a2df5cea9e05bdad35a18e07f864\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny4_sparc.udeb\n Size/MD5 checksum: 66084 bc6933daf2143bcc3f3b8c96e7bc29bb\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny4_sparc.deb\n Size/MD5 checksum: 247360 ad0ae85eb3806d0263b985139c3c54ed\n\n\n These files will probably be moved into the stable distribution on\n its next update. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n- ------------------------------------------------------------------------\n VMware Security Advisory\n\nAdvisory ID: VMSA-2010-0014\nSynopsis: VMware Workstation, Player, and ACE address several\n security issues. \nIssue date: 2010-09-23\nUpdated on: 2010-09-23 (initial release of advisory)\nCVE numbers: CVE-2010-3277 CVE-2010-1205 CVE-2010-0205\n CVE-2010-2249 CVE-2010-0434 CVE-2010-0425\n- ------------------------------------------------------------------------\n\n1. Summary\n\n VMware Workstation and Player address a potential installer security\n issue and security issues in libpng. VMware ACE Management Server\n (AMS) for Windows updates Apache httpd. \n\n2. Relevant releases\n\n VMware Workstation 7.1.1 and earlier,\n VMware Player 3.1.1 and earlier,\n VMware ACE Management Server 2.7.1 and earlier,\n\n Note: VMware Server was declared End Of Availability on January 2010,\n support will be limited to Technical Guidance for the duration\n of the support term. \n\n3. Problem Description\n\n a. VMware Workstation and Player installer security issue\n\n The Workstation 7.x and Player 3.x installers will load an index.htm\n file located in the current working directory on which Workstation\n 7.x or Player 3.x is being installed. This may allow an attacker to\n display a malicious file if they manage to get their file onto the\n system prior to installation. \n\n The issue can only be exploited at the time that Workstation 7.x or\n Player 3.x is being installed. Installed versions of Workstation and\n Player are not affected. The security issue is no longer present in\n the installer of the new versions of Workstation 7.x and Player 3.x\n (see table below for the version numbers). \n\n The Common Vulnerabilities and Exposures project (cve.mitre.org)\n has assigned the name CVE-2010-3277 to this issue. \n\n VMware would like to thank Alexander Trofimov and Marc Esher for\n independently reporting this issue to VMware. \n\n The following table lists what action remediates the vulnerability\n (column 4) if a solution is available. \n\n VMware Product Running Replace with/\n Product Version on Apply Patch\n ============= ======== ======= =================\n VirtualCenter any Windows not affected\n\n Workstation 7.x any 7.1.2 build 301548 or later *\n Workstation 6.5.x any not affected\n\n Player 3.x any 3.1.2 build 301548 or later *\n Player 2.5.x any not affected\n\n AMS any any not affected\n\n Server any any not affected\n\n Fusion any Mac OS/X not affected\n\n ESXi any ESXi not affected\n\n ESX any ESX not affected\n\n * Note: This only affects the installer, if you have a version of\n Workstation or Player installed you are not vulnerable. \n\n\n b. Third party libpng updated to version 1.2.44\n\n A buffer overflow condition in libpng is addressed that could\n potentially lead to code execution with the privileges of the\n application using libpng. Two potential denial of service issues\n are also addressed in the update. \n\n The Common Vulnerabilities and Exposures project (cve.mitre.org)\n has assigned the names CVE-2010-1205, CVE-2010-0205, CVE-2010-2249\n to these issues. \n\n The following table lists what action remediates the vulnerability\n (column 4) if a solution is available. \n\n\n VMware Product Running Replace with/\n Product Version on Apply Patch\n ============= ======== ======= =================\n VirtualCenter any Windows not affected\n\n Workstation 7.1.x any 7.1.2 build 301548 or later\n Workstation 6.5.x any affected, patch pending\n\n Player 3.1.x any 3.1.2 build 301548 or later\n Player 2.5.x any affected, patch pending\n\n AMS any any not affected\n\n Server any any affected, no patch planned\n\n Fusion any Mac OS/X not affected\n\n ESXi any ESXi not affected\n\n ESX any ESX not affected\n\n\n c. VMware ACE Management Server (AMS) for Windows updates Apache httpd\n version 2.2.15. \n\n A function in Apache HTTP Server when multithreaded MPM is used\n does not properly handle headers in subrequests in certain\n circumstances which may allow remote attackers to obtain sensitive\n information via a crafted request that triggers access to memory\n locations associated with an earlier request. \n\n The Apache mod_isapi module can be forced to unload a specific\n library before the processing of a request is complete, resulting\n in memory corruption. \n\n The Common Vulnerabilities and Exposures project (cve.mitre.org)\n has assigned the names CVE-2010-0434 and CVE-2010-0425 to the\n issues addressed in this update. \n\n Column 4 of the following table lists the action required to\n remediate the vulnerability in each release, if a solution is\n available. \n\n VMware Product Running Replace with/\n Product Version on Apply Patch\n ============= ======== ======= =================\n VirtualCenter any Windows not affected\n\n Workstation any any not affected\n\n Player any any not affected\n\n AMS any Windows 2.7.2 build 301548 or later\n AMS any Linux affected, patch pending *\n\n Server any any not affected\n\n Fusion any Mac OS/X not affected\n\n ESXi any ESXi not affected\n\n ESX any ESX not affected\n\n * Note CVE-2010-0425 is not applicable to AMS running on Linux\n\n4. Solution\n Please review the patch/release notes for your product and version\n and verify the md5sum and/or the sha1sum of your downloaded file. \n\n VMware Workstation 7.1.2\n ------------------------\n http://www.vmware.com/download/ws/\n Release notes:\n http://downloads.vmware.com/support/ws71/doc/releasenotes_ws712.html\n\n Workstation for Windows 32-bit and 64-bit with VMware Tools\t\n md5sum: 2e9715ec297dc3ca904ad2707d3e2614\n sha1sum: 55b2b99f67c3dacd402fb9880999086efd264e7a\n\n Workstation for Windows 32-bit and 64-bit without VMware Tools\t\n md5sum: 066929f59aef46f11f4d9fd6c6b36e4d\n sha1sum: def776a28ee1a21b1ad26e836ae868551fff6fc3\n\n VMware Player 3.1.2\n -------------------\n http://www.vmware.com/download/player/\n Release notes:\n\nhttp://downloads.vmware.com/support/player31/doc/releasenotes_player312.html\n\n VMware Player for Windows 32-bit and 64-bit\t\n md5sum: 3f289cb33af5e425c92d8512fb22a7ba\n sha1sum: bf67240c1f410ebeb8dcb4f6d7371334bf9a6b70\n\n VMware Player for Linux 32-bit\t\n md5sum: 11e3e3e8753e1d9abbbb92c4e3c1dfe8\n sha1sum: dd1dbcdb1f4654eefc11472b68934dcb69842749\n\n VMware Player for Linux 64-bit\t\n md5sum: 2ab08e0d4050719845a64d334ca15bb1\n sha1sum: f024ad84ec831fce8667dfa9601851da5d9fa59c\n\n VMware ACE Management Server 2.7.2\n ----------------------------------\n http://downloads.vmware.com/d/info/desktop_downloads/vmware_ace/2_7\n Release notes:\n http://downloads.vmware.com/support/ace27/doc/releasenotes_ace272.html\n\n ACE Management Server for Windows\t\n md5sum: 02f0072b8e48a98ed914b633f070d550\n sha1sum: 94a68eac4a328d21a741879b9d063227c0dc1ce4\n\n5. References\n\n CVE numbers\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3277\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1205\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0205\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2249\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0434\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0425\n\n- ------------------------------------------------------------------------\n\n6. Change log\n\n2010-09-23 VMSA-2010-0014\nInitial security advisory after release of Workstation 7.1.2,\nPlayer 3.1.2 and ACE Management Server 2.7.2 on 2010-09-23\n\n- -----------------------------------------------------------------------\n7. Contact\n\nE-mail list for product security notifications and announcements:\nhttp://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce\n\nThis Security Advisory is posted to the following lists:\n\n * security-announce at lists.vmware.com\n * bugtraq at securityfocus.com\n * full-disclosure at lists.grok.org.uk\n\nE-mail: security at vmware.com\nPGP key at: http://kb.vmware.com/kb/1055\n\nVMware Security Center\nhttp://www.vmware.com/security\n\nVMware Security Advisories\nhttp://www.vmware.com/security/advisoiries\n\nVMware security response policy\nhttp://www.vmware.com/support/policies/security_response.html\n\nGeneral support life cycle policy\nhttp://www.vmware.com/support/policies/eos.html\n\nVMware Infrastructure support life cycle policy\nhttp://www.vmware.com/support/policies/eos_vi.html\n\nCopyright 2010 VMware Inc. All rights reserved. \n\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.10 (MingW32)\n\niEYEARECAAYFAkycSrQACgkQS2KysvBH1xmT9wCfbBUS4GYrJohz+QMLYcoiFmSh\neTgAoIAmx+ilbe2myj02daLjFrVQfQII\n=5jlh\n-----END PGP SIGNATURE-----\n. ===========================================================\nUbuntu Security Notice USN-960-1 July 08, 2010\nlibpng vulnerabilities\nCVE-2010-1205, CVE-2010-2249\n===========================================================\n\nA security issue affects the following Ubuntu releases:\n\nUbuntu 6.06 LTS\nUbuntu 8.04 LTS\nUbuntu 9.04\nUbuntu 9.10\nUbuntu 10.04 LTS\n\nThis advisory also applies to the corresponding versions of\nKubuntu, Edubuntu, and Xubuntu. \n\nThe problem can be corrected by upgrading your system to the\nfollowing package versions:\n\nUbuntu 6.06 LTS:\n libpng12-0 1.2.8rel-5ubuntu0.6\n\nUbuntu 8.04 LTS:\n libpng12-0 1.2.15~beta5-3ubuntu0.3\n\nUbuntu 9.04:\n libpng12-0 1.2.27-2ubuntu2.2\n\nUbuntu 9.10:\n libpng12-0 1.2.37-1ubuntu0.2\n\nUbuntu 10.04 LTS:\n libpng12-0 1.2.42-1ubuntu2.1\n\nAfter a standard system update you need to reboot your computer to make\nall the necessary changes. \n\nDetails follow:\n\nIt was discovered that libpng did not properly handle certain malformed PNG\nimages. If a user or automated system were tricked into opening a crafted\nPNG file, an attacker could cause a denial of service or possibly execute\narbitrary code with the privileges of the user invoking the program. \n(CVE-2010-1205)\n\nIt was discovered that libpng did not properly handle certain malformed PNG\nimages. If a user or automated system were tricked into processing a\ncrafted PNG image, an attacker could possibly use this flaw to consume all\navailable resources, resulting in a denial of service. (CVE-2010-2249)\n\n\nUpdated packages for Ubuntu 6.06 LTS:\n\n Source archives:\n\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.8rel-5ubuntu0.6.diff.gz\n Size/MD5: 24044 8979ca6b113137fe5ee051c1c70571eb\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.8rel-5ubuntu0.6.dsc\n Size/MD5: 661 92722fa973e92a99f982fe05b5826adf\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.8rel.orig.tar.gz\n Size/MD5: 510681 cac1512878fb98f2456df6dc50bc9bc7\n\n Architecture independent packages:\n\n http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng3_1.2.8rel-5ubuntu0.6_all.deb\n Size/MD5: 842 dcbc7d24c8426e3b3024859ec157f57e\n\n amd64 architecture (Athlon64, Opteron, EM64T Xeon):\n\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.8rel-5ubuntu0.6_amd64.deb\n Size/MD5: 114528 aea355e99e67b76c9464f8cc49b3560d\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.8rel-5ubuntu0.6_amd64.deb\n Size/MD5: 247576 f0e52e10a663f9b1b04d9371d4a2cf14\n http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng12-0-udeb_1.2.8rel-5ubuntu0.6_amd64.udeb\n Size/MD5: 69504 6536e83152b2cf00d0d961b9b095c2d5\n\n i386 architecture (x86 compatible Intel/AMD):\n\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.8rel-5ubuntu0.6_i386.deb\n Size/MD5: 112048 b8f85cc6154602422a8841a5cad1a4a1\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.8rel-5ubuntu0.6_i386.deb\n Size/MD5: 239628 fb6f6e62a9fa6114c50946c74cb2ed5d\n http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng12-0-udeb_1.2.8rel-5ubuntu0.6_i386.udeb\n Size/MD5: 66946 501acb21d567d62608904e4272ff842d\n\n powerpc architecture (Apple Macintosh G3/G4/G5):\n\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.8rel-5ubuntu0.6_powerpc.deb\n Size/MD5: 111648 19cccb12fb968f40f04068b9da24f589\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.8rel-5ubuntu0.6_powerpc.deb\n Size/MD5: 245230 ebdbfc860056170b7a165479d7905bb3\n http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng12-0-udeb_1.2.8rel-5ubuntu0.6_powerpc.udeb\n Size/MD5: 66458 24e918a95770150b4df72530bd6de095\n\n sparc architecture (Sun SPARC/UltraSPARC):\n\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.8rel-5ubuntu0.6_sparc.deb\n Size/MD5: 109156 510d17affd2c0cf3f5dce5379df57d49\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.8rel-5ubuntu0.6_sparc.deb\n Size/MD5: 240072 1ff11e0649a58bc7b809c86941aaafd7\n http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng12-0-udeb_1.2.8rel-5ubuntu0.6_sparc.udeb\n Size/MD5: 63882 d7df02c540e66a536cbffca5d02645d5\n\nUpdated packages for Ubuntu 8.04 LTS:\n\n Source archives:\n\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.15~beta5-3ubuntu0.3.diff.gz\n Size/MD5: 22755 f5c0ba19b04eba8264ebb6b30c5617d6\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.15~beta5-3ubuntu0.3.dsc\n Size/MD5: 832 d08a82b28411baa0184d3b8231fd8b61\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.15~beta5.orig.tar.gz\n Size/MD5: 829038 77ca14fcee1f1f4daaaa28123bd0b22d\n\n Architecture independent packages:\n\n http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng3_1.2.15~beta5-3ubuntu0.3_all.deb\n Size/MD5: 940 7344fa4e61880636b014525f6e6482a1\n\n amd64 architecture (Athlon64, Opteron, EM64T Xeon):\n\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.15~beta5-3ubuntu0.3_amd64.deb\n Size/MD5: 190186 01f82b2b967c5212e834dd57c12c1a7c\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.15~beta5-3ubuntu0.3_amd64.deb\n Size/MD5: 179752 c26e243dd21f5dd10b478c0415215c1c\n http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng12-0-udeb_1.2.15~beta5-3ubuntu0.3_amd64.udeb\n Size/MD5: 70534 5f7628d9b644ae953c515d18f7de9980\n\n i386 architecture (x86 compatible Intel/AMD):\n\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.15~beta5-3ubuntu0.3_i386.deb\n Size/MD5: 188782 51354007cca0796218e3aaeba6142c41\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.15~beta5-3ubuntu0.3_i386.deb\n Size/MD5: 171216 b7a092ef2f5955b380adc015bfae6c81\n http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng12-0-udeb_1.2.15~beta5-3ubuntu0.3_i386.udeb\n Size/MD5: 69082 7612cd438ddfaab236de5f342f709b66\n\n lpia architecture (Low Power Intel Architecture):\n\n http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.15~beta5-3ubuntu0.3_lpia.deb\n Size/MD5: 189664 4825baf36c5d14b5066d548aaf050866\n http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.15~beta5-3ubuntu0.3_lpia.deb\n Size/MD5: 172962 b16b496d6553fbf28523147617011b95\n http://ports.ubuntu.com/pool/universe/libp/libpng/libpng12-0-udeb_1.2.15~beta5-3ubuntu0.3_lpia.udeb\n Size/MD5: 70020 61f5d75c4435333ef586677a07d49915\n\n powerpc architecture (Apple Macintosh G3/G4/G5):\n\n http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.15~beta5-3ubuntu0.3_powerpc.deb\n Size/MD5: 190300 8ac6e4c1efb73de848d5bc5457093e7a\n http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.15~beta5-3ubuntu0.3_powerpc.deb\n Size/MD5: 179166 d92637edf805d7d673a4440b2605dc57\n http://ports.ubuntu.com/pool/universe/libp/libpng/libpng12-0-udeb_1.2.15~beta5-3ubuntu0.3_powerpc.udeb\n Size/MD5: 70604 adf25dd26d85725ab3c74c4a80a7a541\n\n sparc architecture (Sun SPARC/UltraSPARC):\n\n http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.15~beta5-3ubuntu0.3_sparc.deb\n Size/MD5: 185622 ef3cf5486afe387d09bf05106893b371\n http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.15~beta5-3ubuntu0.3_sparc.deb\n Size/MD5: 173422 4b2f3476b423a3c5c31ee0738bfb4458\n http://ports.ubuntu.com/pool/universe/libp/libpng/libpng12-0-udeb_1.2.15~beta5-3ubuntu0.3_sparc.udeb\n Size/MD5: 65928 ab5ac0b24d618dc432d1763a0e50ebda\n\nUpdated packages for Ubuntu 9.04:\n\n Source archives:\n\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.27-2ubuntu2.2.diff.gz\n Size/MD5: 176459 b2f27af9534f3c5b9a120680cd41ce7c\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.27-2ubuntu2.2.dsc\n Size/MD5: 1296 b66efe2157ab6f3dad6e57b4fe9dbf13\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.27.orig.tar.gz\n Size/MD5: 783204 13a0de401db1972a8e68f47d5bdadd13\n\n Architecture independent packages:\n\n http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng3_1.2.27-2ubuntu2.2_all.deb\n Size/MD5: 932 1c66e49e2b875fa40c5556c19d076508\n\n amd64 architecture (Athlon64, Opteron, EM64T Xeon):\n\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0-udeb_1.2.27-2ubuntu2.2_amd64.udeb\n Size/MD5: 72852 a1bbcffd25c3ec87cbdf86be154962fc\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.27-2ubuntu2.2_amd64.deb\n Size/MD5: 168576 9f40f2846c21aa5835f53ab6895ec5cf\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.27-2ubuntu2.2_amd64.deb\n Size/MD5: 255784 d9060ad287e40ded1848b79284abbcc0\n\n i386 architecture (x86 compatible Intel/AMD):\n\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0-udeb_1.2.27-2ubuntu2.2_i386.udeb\n Size/MD5: 71102 c18134055d747d066b60218b69e99d45\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.27-2ubuntu2.2_i386.deb\n Size/MD5: 166904 e8151a3f79f0fff6d98bbb0675621594\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.27-2ubuntu2.2_i386.deb\n Size/MD5: 247922 ae8412d1c420f1dd63cb436382cad51f\n\n lpia architecture (Low Power Intel Architecture):\n\n http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0-udeb_1.2.27-2ubuntu2.2_lpia.udeb\n Size/MD5: 71488 5179307ffe74c10515e61503e647606f\n http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.27-2ubuntu2.2_lpia.deb\n Size/MD5: 167370 dd07d7a09484eb7711da5cd874099abe\n http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.27-2ubuntu2.2_lpia.deb\n Size/MD5: 248872 a34333b123f4d12e7872868111942cbd\n\n powerpc architecture (Apple Macintosh G3/G4/G5):\n\n http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0-udeb_1.2.27-2ubuntu2.2_powerpc.udeb\n Size/MD5: 71674 f742f2771d94ca29746906c1177d657d\n http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.27-2ubuntu2.2_powerpc.deb\n Size/MD5: 167514 478378fde5c7fd14fbffa1be072aa21c\n http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.27-2ubuntu2.2_powerpc.deb\n Size/MD5: 254642 ba3f255f4346a4483c5410d55acaac65\n\n sparc architecture (Sun SPARC/UltraSPARC):\n\n http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0-udeb_1.2.27-2ubuntu2.2_sparc.udeb\n Size/MD5: 66670 ee067298bc51471f06bcf1a74b557310\n http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.27-2ubuntu2.2_sparc.deb\n Size/MD5: 162336 ab167dcdbbd930a3d976af0ad57cbac2\n http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.27-2ubuntu2.2_sparc.deb\n Size/MD5: 248428 8b96f4ff4f0ad8e366ed4475d3890948\n\nUpdated packages for Ubuntu 9.10:\n\n Source archives:\n\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.37-1ubuntu0.2.diff.gz\n Size/MD5: 20129 f230ec37944a0150ffc83cfdddc7c906\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.37-1ubuntu0.2.dsc\n Size/MD5: 1293 fce0b2fd543aeff27d47fb91f12af053\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.37.orig.tar.gz\n Size/MD5: 805380 7480dbbf9f6c3297faf6fe52ec9b91ab\n\n Architecture independent packages:\n\n http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng3_1.2.37-1ubuntu0.2_all.deb\n Size/MD5: 932 cee669d58ac9660e1fe71cf9e2eeda9d\n\n amd64 architecture (Athlon64, Opteron, EM64T Xeon):\n\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0-udeb_1.2.37-1ubuntu0.2_amd64.udeb\n Size/MD5: 73938 15bb328beed6ab3287967c54e4177018\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.37-1ubuntu0.2_amd64.deb\n Size/MD5: 175088 f003cc7565826cfcc337ab409ffc6e8f\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.37-1ubuntu0.2_amd64.deb\n Size/MD5: 265400 2d26dc0e9ddb6c2010776fbbcb82d791\n\n i386 architecture (x86 compatible Intel/AMD):\n\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0-udeb_1.2.37-1ubuntu0.2_i386.udeb\n Size/MD5: 70444 a80af68dda6ff1aa3168040d33600e64\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.37-1ubuntu0.2_i386.deb\n Size/MD5: 171594 3fca9df961cc3616b75f6518ab870a68\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.37-1ubuntu0.2_i386.deb\n Size/MD5: 255474 1ab05dffaa25e1d9190d0ea872b0fbd8\n\n lpia architecture (Low Power Intel Architecture):\n\n http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0-udeb_1.2.37-1ubuntu0.2_lpia.udeb\n Size/MD5: 71066 0495b247d489438259937bee1f17761f\n http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.37-1ubuntu0.2_lpia.deb\n Size/MD5: 172296 730fd7a16f9496e37ffee99ea68d15a6\n http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.37-1ubuntu0.2_lpia.deb\n Size/MD5: 257350 fff93fe6a558aef20e20b8b8f15227e7\n\n powerpc architecture (Apple Macintosh G3/G4/G5):\n\n http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0-udeb_1.2.37-1ubuntu0.2_powerpc.udeb\n Size/MD5: 72524 8e92aaedc8e6fabafed81cca60a833e9\n http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.37-1ubuntu0.2_powerpc.deb\n Size/MD5: 173720 055336debc8a5b9ff92e6cae9998ac94\n http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.37-1ubuntu0.2_powerpc.deb\n Size/MD5: 264674 dbd6ca8bcdcf241c0629b7b27e0e1e5d\n\n sparc architecture (Sun SPARC/UltraSPARC):\n\n http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0-udeb_1.2.37-1ubuntu0.2_sparc.udeb\n Size/MD5: 67348 44b9c2989661e116d78b809a8657a5c8\n http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.37-1ubuntu0.2_sparc.deb\n Size/MD5: 168516 b98b4872db6f90caf0f43da67197dec0\n http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.37-1ubuntu0.2_sparc.deb\n Size/MD5: 257634 eb673ad114284bbd9be37e1c322e1bfb\n\nUpdated packages for Ubuntu 10.04:\n\n Source archives:\n\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.42-1ubuntu2.1.debian.tar.bz2\n Size/MD5: 19511 ac49d7354c1ab87a91dbad607733629f\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.42-1ubuntu2.1.dsc\n Size/MD5: 1299 dae31f78418d5db8c3476d7562859658\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.42.orig.tar.bz2\n Size/MD5: 670811 9a5cbe9798927fdf528f3186a8840ebe\n\n Architecture independent packages:\n\n http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng3_1.2.42-1ubuntu2.1_all.deb\n Size/MD5: 926 602d7036448637b45c1eacbc31e05640\n\n amd64 architecture (Athlon64, Opteron, EM64T Xeon):\n\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0-udeb_1.2.42-1ubuntu2.1_amd64.udeb\n Size/MD5: 74124 82cc493f2b3d80b10ccf3f9fa2ec4ff6\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.42-1ubuntu2.1_amd64.deb\n Size/MD5: 180006 3b5339fe77bcdae97bb2a318496a192e\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.42-1ubuntu2.1_amd64.deb\n Size/MD5: 271858 ae0c6a1e973dad2b0a0685fd863c096d\n\n i386 architecture (x86 compatible Intel/AMD):\n\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0-udeb_1.2.42-1ubuntu2.1_i386.udeb\n Size/MD5: 70692 b264bdd0086f3451e42df7f840ab894a\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.42-1ubuntu2.1_i386.deb\n Size/MD5: 176510 03c3d70135e907f21b2342972d8a9b40\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.42-1ubuntu2.1_i386.deb\n Size/MD5: 261728 955b40272944dd988ee39b62d8c6606c\n\n powerpc architecture (Apple Macintosh G3/G4/G5):\n\n http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0-udeb_1.2.42-1ubuntu2.1_powerpc.udeb\n Size/MD5: 73380 ad2cda1c89c55c473121da33a40294f6\n http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.42-1ubuntu2.1_powerpc.deb\n Size/MD5: 179272 b6623c3dcdc841a762308f889c8b478e\n http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.42-1ubuntu2.1_powerpc.deb\n Size/MD5: 271898 fcccfdb0eb4bc3a3470a83888f8bae28\n\n sparc architecture (Sun SPARC/UltraSPARC):\n\n http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0-udeb_1.2.42-1ubuntu2.1_sparc.udeb\n Size/MD5: 69258 ec2047ed5079933d6dbeb841a0207c59\n http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.42-1ubuntu2.1_sparc.deb\n Size/MD5: 175214 142020dfd126d2335bc93bad6a714799\n http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.42-1ubuntu2.1_sparc.deb\n Size/MD5: 265174 06843a4a028c5533e89d5562cbeb2047\n\n\n\n. Latest xulrunner and\n mozilla-thunderbird has been patched as a precaution for 2008.0 wheres\n on 2009.0 and up the the system libpng library is used instead of the\n bundled copy. htmldoc, xulrunner and mozilla-thunderbird packages is\n therefore also being provided with this advisory. \n \n Packages for 2008.0 and 2009.0 are provided as of the Extended\n Maintenance Program. Please visit this link to learn more:\n http://store.mandriva.com/product_info.php?cPath=149\u0026products_id=490\n \n The updated packages have been patched to correct these issues. \n _______________________________________________________________________\n\n References:\n\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-6218\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1205\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2249\n _______________________________________________________________________\n\n Updated Packages:\n\n Mandriva Linux 2008.0:\n 4e91a2a256c61f52dffd4fb625e20cf8 2008.0/i586/htmldoc-1.8.27-1.2mdv2008.0.i586.rpm\n 71553205b1e31d2891667d2eab7aca14 2008.0/i586/htmldoc-nogui-1.8.27-1.2mdv2008.0.i586.rpm\n 75b6d3f905d7e94154902f81e4728963 2008.0/i586/libpng3-1.2.22-0.5mdv2008.0.i586.rpm\n fa0c81f2b544f65455a0e0420d9a0e56 2008.0/i586/libpng-devel-1.2.22-0.5mdv2008.0.i586.rpm\n d4d06a12fd8ee88295877e127757c64b 2008.0/i586/libpng-source-1.2.22-0.5mdv2008.0.i586.rpm\n 6687d56f95702f0e5786c885ab79c6a9 2008.0/i586/libpng-static-devel-1.2.22-0.5mdv2008.0.i586.rpm\n 546c18ed8ccf044a45dff3a8cd5ac5b7 2008.0/i586/libxulrunner1.9.2.6-1.9.2.6-0.2mdv2008.0.i586.rpm\n b428e1202d95d588fb3248c2b2fe8b2f 2008.0/i586/libxulrunner-devel-1.9.2.6-0.2mdv2008.0.i586.rpm\n b9541da4417ea1150c493aea591509bb 2008.0/i586/mozilla-thunderbird-3.0.5-0.2mdv2008.0.i586.rpm\n 3389caeeda8b8f272d0e5ed070f075b8 2008.0/i586/mozilla-thunderbird-enigmail-3.0.5-0.2mdv2008.0.i586.rpm\n 901abb46652fbc19c8e655895181a949 2008.0/i586/nsinstall-3.0.5-0.2mdv2008.0.i586.rpm\n ad221cd523bff8f4a59037aa05e1442b 2008.0/i586/xulrunner-1.9.2.6-0.2mdv2008.0.i586.rpm \n d3dbbb58c9832db4edbc45a4023b4477 2008.0/SRPMS/htmldoc-1.8.27-1.2mdv2008.0.src.rpm\n 885dba7fe0581b37de05d20b838f279a 2008.0/SRPMS/libpng-1.2.22-0.5mdv2008.0.src.rpm\n 358c49e17d4db735f6862fdbee95a1c9 2008.0/SRPMS/mozilla-thunderbird-3.0.5-0.2mdv2008.0.src.rpm\n 748ab46a19f1c32808bf3e79429f2211 2008.0/SRPMS/xulrunner-1.9.2.6-0.2mdv2008.0.src.rpm\n\n Mandriva Linux 2008.0/X86_64:\n 8b2eff5dd89f4ed7e3f120bbc31afa34 2008.0/x86_64/htmldoc-1.8.27-1.2mdv2008.0.x86_64.rpm\n 15460a7bce68e95d03a87eb14066728b 2008.0/x86_64/htmldoc-nogui-1.8.27-1.2mdv2008.0.x86_64.rpm\n c7577072f7ab2786a97d7df732b4299a 2008.0/x86_64/lib64png3-1.2.22-0.5mdv2008.0.x86_64.rpm\n fae36a86aa019cf0fcbcf0d15c508208 2008.0/x86_64/lib64png-devel-1.2.22-0.5mdv2008.0.x86_64.rpm\n 141ec56a2395ed150acc997eac851429 2008.0/x86_64/lib64png-static-devel-1.2.22-0.5mdv2008.0.x86_64.rpm\n a29c11e39685931084a085f5716afd5c 2008.0/x86_64/lib64xulrunner1.9.2.6-1.9.2.6-0.2mdv2008.0.x86_64.rpm\n 3a846b86c758be68420ef05e44cfe717 2008.0/x86_64/lib64xulrunner-devel-1.9.2.6-0.2mdv2008.0.x86_64.rpm\n 084f3b3d7c68806c7acfc7f3be701f0b 2008.0/x86_64/libpng-source-1.2.22-0.5mdv2008.0.x86_64.rpm\n c45f7479d93714c46d14f4ae2a5b76bd 2008.0/x86_64/mozilla-thunderbird-3.0.5-0.2mdv2008.0.x86_64.rpm\n 996e7a6a98997883236b08f6ec5816fa 2008.0/x86_64/mozilla-thunderbird-enigmail-3.0.5-0.2mdv2008.0.x86_64.rpm\n ecfdba6225b837a7a03c2ddf0d77d07f 2008.0/x86_64/nsinstall-3.0.5-0.2mdv2008.0.x86_64.rpm\n 394d8e8458e503ed10db7c7b7f742c2b 2008.0/x86_64/xulrunner-1.9.2.6-0.2mdv2008.0.x86_64.rpm \n d3dbbb58c9832db4edbc45a4023b4477 2008.0/SRPMS/htmldoc-1.8.27-1.2mdv2008.0.src.rpm\n 885dba7fe0581b37de05d20b838f279a 2008.0/SRPMS/libpng-1.2.22-0.5mdv2008.0.src.rpm\n 358c49e17d4db735f6862fdbee95a1c9 2008.0/SRPMS/mozilla-thunderbird-3.0.5-0.2mdv2008.0.src.rpm\n 748ab46a19f1c32808bf3e79429f2211 2008.0/SRPMS/xulrunner-1.9.2.6-0.2mdv2008.0.src.rpm\n\n Mandriva Linux 2009.0:\n 28b355727c0ef89be1955a18a8c4a1cf 2009.0/i586/libpng3-1.2.31-2.3mdv2009.0.i586.rpm\n bf33a24dc5144d0c2362e5c7432f9434 2009.0/i586/libpng-devel-1.2.31-2.3mdv2009.0.i586.rpm\n e331263b8ac75ddad94f6d9d06d9c802 2009.0/i586/libpng-source-1.2.31-2.3mdv2009.0.i586.rpm\n 921c4ed0268fcb932f52d299ea74a28c 2009.0/i586/libpng-static-devel-1.2.31-2.3mdv2009.0.i586.rpm \n c43df36b143f834aa7351eb6a9952897 2009.0/SRPMS/libpng-1.2.31-2.3mdv2009.0.src.rpm\n\n Mandriva Linux 2009.0/X86_64:\n a20b2965684ddb18b2818d618927bb9a 2009.0/x86_64/lib64png3-1.2.31-2.3mdv2009.0.x86_64.rpm\n df3bbf6f7e959aea3f6065c83ece5321 2009.0/x86_64/lib64png-devel-1.2.31-2.3mdv2009.0.x86_64.rpm\n 3c8e3469239f93a70ccbcf56ba55cfb6 2009.0/x86_64/lib64png-static-devel-1.2.31-2.3mdv2009.0.x86_64.rpm\n 740cd4b4cf0d39dd03a26f0b821cfee4 2009.0/x86_64/libpng-source-1.2.31-2.3mdv2009.0.x86_64.rpm \n c43df36b143f834aa7351eb6a9952897 2009.0/SRPMS/libpng-1.2.31-2.3mdv2009.0.src.rpm\n\n Mandriva Linux 2009.1:\n 127a1c180703d9c89f5f968d7262c469 2009.1/i586/libpng3-1.2.35-1.2mdv2009.1.i586.rpm\n 3bbf13f800dcbb5f4ab45ffe898f96ce 2009.1/i586/libpng-devel-1.2.35-1.2mdv2009.1.i586.rpm\n 2e369ee2602705f601d23a977c82ae8a 2009.1/i586/libpng-source-1.2.35-1.2mdv2009.1.i586.rpm\n 5784917823e881a4aa997276528bfabe 2009.1/i586/libpng-static-devel-1.2.35-1.2mdv2009.1.i586.rpm \n 6267ae8a72870fdd2a44962d987a6216 2009.1/SRPMS/libpng-1.2.35-1.2mdv2009.1.src.rpm\n\n Mandriva Linux 2009.1/X86_64:\n d6032db330f8b8b40af48b29fc6d3730 2009.1/x86_64/lib64png3-1.2.35-1.2mdv2009.1.x86_64.rpm\n 4aac775bc389d382f184d912ef50b0be 2009.1/x86_64/lib64png-devel-1.2.35-1.2mdv2009.1.x86_64.rpm\n fb792b3d38cf769590a2dde6ee74c755 2009.1/x86_64/lib64png-static-devel-1.2.35-1.2mdv2009.1.x86_64.rpm\n 0dfcb358ed06fe83e9621e06189aa8f9 2009.1/x86_64/libpng-source-1.2.35-1.2mdv2009.1.x86_64.rpm \n 6267ae8a72870fdd2a44962d987a6216 2009.1/SRPMS/libpng-1.2.35-1.2mdv2009.1.src.rpm\n\n Mandriva Linux 2010.0:\n 76ba7b51c3eda624850a8288bd182afa 2010.0/i586/libpng3-1.2.40-1.2mdv2010.0.i586.rpm\n 7a936f6a94f33f0e7ffc991ff7b4ed7f 2010.0/i586/libpng-devel-1.2.40-1.2mdv2010.0.i586.rpm\n abd9ee162933e3208918d3190c76c0af 2010.0/i586/libpng-source-1.2.40-1.2mdv2010.0.i586.rpm\n bae7010f8e07568c1a9b42e20e7ddebf 2010.0/i586/libpng-static-devel-1.2.40-1.2mdv2010.0.i586.rpm \n cc04ec15436b892a4e75f1ad18675fb6 2010.0/SRPMS/libpng-1.2.40-1.2mdv2010.0.src.rpm\n\n Mandriva Linux 2010.0/X86_64:\n 499b5e2707d19becfdab415a8008b122 2010.0/x86_64/lib64png3-1.2.40-1.2mdv2010.0.x86_64.rpm\n 166ca4d21e39bbb3f250806626c59154 2010.0/x86_64/lib64png-devel-1.2.40-1.2mdv2010.0.x86_64.rpm\n 1c4b4f2e79cf01a4388a2e395dd64cfa 2010.0/x86_64/lib64png-static-devel-1.2.40-1.2mdv2010.0.x86_64.rpm\n 88b678c1352aa3ed0fffb04241254128 2010.0/x86_64/libpng-source-1.2.40-1.2mdv2010.0.x86_64.rpm \n cc04ec15436b892a4e75f1ad18675fb6 2010.0/SRPMS/libpng-1.2.40-1.2mdv2010.0.src.rpm\n\n Mandriva Linux 2010.1:\n 349ec004acb579d4466b530bfd5fbf3d 2010.1/i586/libpng3-1.2.43-1.1mdv2010.1.i586.rpm\n d9e323791b16319728fe1486f819e59b 2010.1/i586/libpng-devel-1.2.43-1.1mdv2010.1.i586.rpm\n 3101d70a79c416392fe228d34b9ba6ff 2010.1/i586/libpng-source-1.2.43-1.1mdv2010.1.i586.rpm\n 2ff75d1339d52d859939d81994eae477 2010.1/i586/libpng-static-devel-1.2.43-1.1mdv2010.1.i586.rpm \n 0638fc23b9c5f1f7b3bcd0fdaf71bea8 2010.1/SRPMS/libpng-1.2.43-1.1mdv2010.1.src.rpm\n\n Mandriva Linux 2010.1/X86_64:\n 80e4392bbe0bd06b392216a6737cd37a 2010.1/x86_64/lib64png3-1.2.43-1.1mdv2010.1.x86_64.rpm\n 2d7d50b539c63cd1874ed8150d7fb84a 2010.1/x86_64/lib64png-devel-1.2.43-1.1mdv2010.1.x86_64.rpm\n 5c3793d0bc69db028ec214a6c9f67c1e 2010.1/x86_64/lib64png-static-devel-1.2.43-1.1mdv2010.1.x86_64.rpm\n 06b83b6f5050410eff5fe8a590972c18 2010.1/x86_64/libpng-source-1.2.43-1.1mdv2010.1.x86_64.rpm \n 0638fc23b9c5f1f7b3bcd0fdaf71bea8 2010.1/SRPMS/libpng-1.2.43-1.1mdv2010.1.src.rpm\n\n Corporate 4.0:\n be322ac5f446c26c2d0983a2d37e0c6c corporate/4.0/i586/htmldoc-1.8.23-8.2.20060mlcs4.i586.rpm\n 71329303eddfd4af0994a708bbe4a119 corporate/4.0/i586/htmldoc-nogui-1.8.23-8.2.20060mlcs4.i586.rpm\n 1c1036be9452042cd356349d6251b697 corporate/4.0/i586/libpng3-1.2.8-1.8.20060mlcs4.i586.rpm\n e9ba6c0c604a08f555d99503ba7adb68 corporate/4.0/i586/libpng3-devel-1.2.8-1.8.20060mlcs4.i586.rpm\n 288d9ca48ea58918bdff316891f3c474 corporate/4.0/i586/libpng3-static-devel-1.2.8-1.8.20060mlcs4.i586.rpm \n 3aa4084dfc51cf4e8ba252f89d53b220 corporate/4.0/SRPMS/htmldoc-1.8.23-8.2.20060mlcs4.src.rpm\n b2449f493949c397ac345027783c1216 corporate/4.0/SRPMS/libpng-1.2.8-1.8.20060mlcs4.src.rpm\n\n Corporate 4.0/X86_64:\n f761706265fcbebd220b16542a742cc9 corporate/4.0/x86_64/htmldoc-1.8.23-8.2.20060mlcs4.x86_64.rpm\n 79b3189809ad9176401620a41aaa1fcd corporate/4.0/x86_64/htmldoc-nogui-1.8.23-8.2.20060mlcs4.x86_64.rpm\n e4f9ac99ff42fbc27aae3d8942903043 corporate/4.0/x86_64/lib64png3-1.2.8-1.8.20060mlcs4.x86_64.rpm\n e26042ead39ce63ed5f4700d2e61e260 corporate/4.0/x86_64/lib64png3-devel-1.2.8-1.8.20060mlcs4.x86_64.rpm\n 609d6dc1b8a2b5afb029505469844c4f corporate/4.0/x86_64/lib64png3-static-devel-1.2.8-1.8.20060mlcs4.x86_64.rpm \n 3aa4084dfc51cf4e8ba252f89d53b220 corporate/4.0/SRPMS/htmldoc-1.8.23-8.2.20060mlcs4.src.rpm\n b2449f493949c397ac345027783c1216 corporate/4.0/SRPMS/libpng-1.2.8-1.8.20060mlcs4.src.rpm\n\n Mandriva Enterprise Server 5:\n 282337fa9e11a04ef82464c7574591f4 mes5/i586/libpng3-1.2.31-2.3mdvmes5.1.i586.rpm\n 92c6ec861cf7da08a498576ba412e633 mes5/i586/libpng-devel-1.2.31-2.3mdvmes5.1.i586.rpm\n c9efa6abde763edff47bf0c1071c9f1a mes5/i586/libpng-source-1.2.31-2.3mdvmes5.1.i586.rpm\n 2f5340946610590a6baec42354868888 mes5/i586/libpng-static-devel-1.2.31-2.3mdvmes5.1.i586.rpm \n 488ece2aa6a2c4dc62d4c274d64c2926 mes5/SRPMS/libpng-1.2.31-2.3mdvmes5.1.src.rpm\n\n Mandriva Enterprise Server 5/X86_64:\n e5f88951d2135de8587d4be94b405ce9 mes5/x86_64/lib64png3-1.2.31-2.3mdvmes5.1.x86_64.rpm\n 6b89da9eea105e65d7ae3c875c148473 mes5/x86_64/lib64png-devel-1.2.31-2.3mdvmes5.1.x86_64.rpm\n c1e6715410bbf2081187aef6749b0e3d mes5/x86_64/lib64png-static-devel-1.2.31-2.3mdvmes5.1.x86_64.rpm\n cb7ef533d9966c8b531cde8a661fc0af mes5/x86_64/libpng-source-1.2.31-2.3mdvmes5.1.x86_64.rpm \n 488ece2aa6a2c4dc62d4c274d64c2926 mes5/SRPMS/libpng-1.2.31-2.3mdvmes5.1.src.rpm\n _______________________________________________________________________\n\n To upgrade automatically use MandrivaUpdate or urpmi. The verification\n of md5 checksums and GPG signatures is performed automatically for you. \n\n All packages are signed by Mandriva for security. You can obtain the\n GPG public key of the Mandriva Security Team by executing:\n\n gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98\n\n You can view other update advisories for Mandriva Linux at:\n\n http://www.mandriva.com/security/advisories\n\n If you want to report vulnerabilities, please contact\n\n security_(at)_mandriva.com\n _______________________________________________________________________\n\n Type Bits/KeyID Date User ID\n pub 1024D/22458A98 2000-07-10 Mandriva Security Team\n \u003csecurity*mandriva.com\u003e\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.9 (GNU/Linux)\n\niD8DBQFMP2A1mqjQ0CJFipgRAjw5AKDRGlB7JGhhCobOgDXKWuKOu8Q43gCeOclX\nKlOM1C8b0XVNVFF83vXPz9A=\n=E10C\n-----END PGP SIGNATURE-----\n\n_______________________________________________\nFull-Disclosure - We believe in it. \nCharter: http://lists.grok.org.uk/full-disclosure-charter.html\nHosted and sponsored by Secunia - http://secunia.com/\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2010-2249"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001805"
},
{
"db": "BID",
"id": "41174"
},
{
"db": "VULHUB",
"id": "VHN-44854"
},
{
"db": "VULMON",
"id": "CVE-2010-2249"
},
{
"db": "PACKETSTORM",
"id": "94522"
},
{
"db": "PACKETSTORM",
"id": "91973"
},
{
"db": "PACKETSTORM",
"id": "94244"
},
{
"db": "PACKETSTORM",
"id": "91619"
},
{
"db": "PACKETSTORM",
"id": "91878"
}
],
"trust": 2.52
},
"external_ids": {
"_id": null,
"data": [
{
"db": "NVD",
"id": "CVE-2010-2249",
"trust": 3.4
},
{
"db": "BID",
"id": "41174",
"trust": 2.9
},
{
"db": "SECUNIA",
"id": "40302",
"trust": 2.6
},
{
"db": "VUPEN",
"id": "ADV-2010-1612",
"trust": 2.5
},
{
"db": "SECUNIA",
"id": "40472",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "41574",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "42317",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "40547",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "42314",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "40336",
"trust": 1.8
},
{
"db": "VUPEN",
"id": "ADV-2010-2491",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2010-1837",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2010-1755",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2010-3046",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2010-1877",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2010-1637",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2010-3045",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2010-1846",
"trust": 1.7
},
{
"db": "SECTRACK",
"id": "1024723",
"trust": 1.7
},
{
"db": "XF",
"id": "59816",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001805",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201006-491",
"trust": 0.7
},
{
"db": "VULHUB",
"id": "VHN-44854",
"trust": 0.1
},
{
"db": "VUPEN",
"id": "2010/1837",
"trust": 0.1
},
{
"db": "VUPEN",
"id": "2010/3046",
"trust": 0.1
},
{
"db": "VUPEN",
"id": "2010/3045",
"trust": 0.1
},
{
"db": "VUPEN",
"id": "2010/1612",
"trust": 0.1
},
{
"db": "VUPEN",
"id": "2010/2491",
"trust": 0.1
},
{
"db": "VUPEN",
"id": "2010/1637",
"trust": 0.1
},
{
"db": "VUPEN",
"id": "2010/1846",
"trust": 0.1
},
{
"db": "VUPEN",
"id": "2010/1877",
"trust": 0.1
},
{
"db": "VUPEN",
"id": "2010/1755",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2010-2249",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "94522",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "91973",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "94244",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "91619",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "91878",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-44854"
},
{
"db": "VULMON",
"id": "CVE-2010-2249"
},
{
"db": "BID",
"id": "41174"
},
{
"db": "PACKETSTORM",
"id": "94522"
},
{
"db": "PACKETSTORM",
"id": "91973"
},
{
"db": "PACKETSTORM",
"id": "94244"
},
{
"db": "PACKETSTORM",
"id": "91619"
},
{
"db": "PACKETSTORM",
"id": "91878"
},
{
"db": "CNNVD",
"id": "CNNVD-201006-491"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001805"
},
{
"db": "NVD",
"id": "CVE-2010-2249"
}
]
},
"id": "VAR-201006-0260",
"iot": {
"_id": null,
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-44854"
}
],
"trust": 0.01
},
"last_update_date": "2026-04-10T22:45:33.190000Z",
"patch": {
"_id": null,
"data": [
{
"title": "HT4456",
"trust": 0.8,
"url": "http://support.apple.com/kb/HT4456"
},
{
"title": "HT4457",
"trust": 0.8,
"url": "http://support.apple.com/kb/HT4457"
},
{
"title": "HT4554",
"trust": 0.8,
"url": "http://support.apple.com/kb/HT4554"
},
{
"title": "HT4566",
"trust": 0.8,
"url": "http://support.apple.com/kb/HT4566"
},
{
"title": "HT4435",
"trust": 0.8,
"url": "http://support.apple.com/kb/HT4435"
},
{
"title": "HT4456",
"trust": 0.8,
"url": "http://support.apple.com/kb/HT4456?viewlocale=ja_JP"
},
{
"title": "HT4457",
"trust": 0.8,
"url": "http://support.apple.com/kb/HT4457?viewlocale=ja_JP"
},
{
"title": "HT4554",
"trust": 0.8,
"url": "http://support.apple.com/kb/HT4554?viewlocale=ja_JP"
},
{
"title": "HT4566",
"trust": 0.8,
"url": "http://support.apple.com/kb/HT4566?viewlocale=ja_JP"
},
{
"title": "HT4435",
"trust": 0.8,
"url": "http://support.apple.com/kb/HT4435?viewlocale=ja_JP"
},
{
"title": "libpng-1.2.10-7.1.3.0.1.AXS3",
"trust": 0.8,
"url": "https://tsn.miraclelinux.com/tsn_local/index.php?m=errata\u0026a=detail\u0026eid=1210"
},
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.libpng.org/pub/png/libpng.html"
},
{
"title": "libpng-1.2.44-README",
"trust": 0.8,
"url": "http://www.libpng.org/pub/png/src/libpng-1.2.44-README.txt"
},
{
"title": "2078",
"trust": 0.8,
"url": "http://www.miraclelinux.com/support/index.php?q=node/99\u0026errata_id=2078"
},
{
"title": "2079",
"trust": 0.8,
"url": "http://www.miraclelinux.com/support/index.php?q=node/99\u0026errata_id=2079"
},
{
"title": "RHSA-2010:0534",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/RHSA-2010-0534.html"
},
{
"title": "multiple_vulnerabilities_in_libpng",
"trust": 0.8,
"url": "http://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_libpng"
},
{
"title": "VMSA-2010-0014",
"trust": 0.8,
"url": "http://www.vmware.com/security/advisories/VMSA-2010-0014.html"
},
{
"title": "libpng-1.4.1.tar.xz",
"trust": 0.6,
"url": "http://123.124.177.30/web/xxk/bdxqById.tag?id=216"
},
{
"title": "libpng-1.4.1.tar.gz",
"trust": 0.6,
"url": "http://123.124.177.30/web/xxk/bdxqById.tag?id=215"
},
{
"title": "linpng_txt.zip",
"trust": 0.6,
"url": "http://123.124.177.30/web/xxk/bdxqById.tag?id=219"
},
{
"title": "libpng-1.4.1.tar.bz2",
"trust": 0.6,
"url": "http://123.124.177.30/web/xxk/bdxqById.tag?id=214"
},
{
"title": "lpng141.zip",
"trust": 0.6,
"url": "http://123.124.177.30/web/xxk/bdxqById.tag?id=218"
},
{
"title": "lpng141.7z",
"trust": 0.6,
"url": "http://123.124.177.30/web/xxk/bdxqById.tag?id=217"
},
{
"title": "Debian CVElist Bug Report Logs: libpng: CVE-2010-1205 and CVE-2010-2249",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs\u0026qid=184c5adf52ad398a58919ac7993ba9b9"
},
{
"title": "Ubuntu Security Notice: libpng vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-960-1"
},
{
"title": "Debian Security Advisories: DSA-2072-1 libpng -- several vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=3e96a347c5dea429ac96a3e5e90fb285"
},
{
"title": "VMware Security Advisories: VMware Workstation, Player, and ACE address several security issues.",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=vmware_security_advisories\u0026qid=b3571bd7da36d47dd9d3066ad9612f4c"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2010-2249"
},
{
"db": "CNNVD",
"id": "CNNVD-201006-491"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001805"
}
]
},
"problemtype_data": {
"_id": null,
"data": [
{
"problemtype": "CWE-401",
"trust": 1.1
},
{
"problemtype": "CWE-399",
"trust": 0.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-44854"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001805"
},
{
"db": "NVD",
"id": "CVE-2010-2249"
}
]
},
"references": {
"_id": null,
"data": [
{
"trust": 2.7,
"url": "http://www.securityfocus.com/bid/41174"
},
{
"trust": 2.6,
"url": "http://secunia.com/advisories/40302"
},
{
"trust": 2.6,
"url": "http://www.vupen.com/english/advisories/2010/1612"
},
{
"trust": 2.1,
"url": "http://www.libpng.org/pub/png/libpng.html"
},
{
"trust": 1.8,
"url": "http://www.securitytracker.com/id?1024723"
},
{
"trust": 1.8,
"url": "http://secunia.com/advisories/40336"
},
{
"trust": 1.8,
"url": "http://secunia.com/advisories/40472"
},
{
"trust": 1.8,
"url": "http://secunia.com/advisories/40547"
},
{
"trust": 1.8,
"url": "http://secunia.com/advisories/41574"
},
{
"trust": 1.8,
"url": "http://secunia.com/advisories/42314"
},
{
"trust": 1.8,
"url": "http://secunia.com/advisories/42317"
},
{
"trust": 1.8,
"url": "http://www.vupen.com/english/advisories/2010/1637"
},
{
"trust": 1.8,
"url": "http://www.vupen.com/english/advisories/2010/1755"
},
{
"trust": 1.8,
"url": "http://www.vupen.com/english/advisories/2010/1837"
},
{
"trust": 1.8,
"url": "http://www.vupen.com/english/advisories/2010/1846"
},
{
"trust": 1.8,
"url": "http://www.vupen.com/english/advisories/2010/1877"
},
{
"trust": 1.8,
"url": "http://www.vupen.com/english/advisories/2010/2491"
},
{
"trust": 1.8,
"url": "http://www.vupen.com/english/advisories/2010/3045"
},
{
"trust": 1.8,
"url": "http://www.vupen.com/english/advisories/2010/3046"
},
{
"trust": 1.8,
"url": "http://lists.apple.com/archives/security-announce/2010//nov/msg00000.html"
},
{
"trust": 1.8,
"url": "http://lists.apple.com/archives/security-announce/2010//nov/msg00003.html"
},
{
"trust": 1.8,
"url": "http://lists.apple.com/archives/security-announce/2011/mar/msg00000.html"
},
{
"trust": 1.8,
"url": "http://lists.apple.com/archives/security-announce/2011//mar/msg00004.html"
},
{
"trust": 1.8,
"url": "http://www.debian.org/security/2010/dsa-2072"
},
{
"trust": 1.8,
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-july/044283.html"
},
{
"trust": 1.8,
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-july/044397.html"
},
{
"trust": 1.8,
"url": "http://www.mandriva.com/security/advisories?name=mdvsa-2010:133"
},
{
"trust": 1.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00006.html"
},
{
"trust": 1.8,
"url": "http://www.ubuntu.com/usn/usn-960-1"
},
{
"trust": 1.8,
"url": "http://lists.vmware.com/pipermail/security-announce/2010/000105.html"
},
{
"trust": 1.8,
"url": "http://support.apple.com/kb/ht4435"
},
{
"trust": 1.8,
"url": "http://support.apple.com/kb/ht4456"
},
{
"trust": 1.8,
"url": "http://support.apple.com/kb/ht4457"
},
{
"trust": 1.8,
"url": "http://support.apple.com/kb/ht4554"
},
{
"trust": 1.8,
"url": "http://support.apple.com/kb/ht4566"
},
{
"trust": 1.8,
"url": "http://www.vmware.com/security/advisories/vmsa-2010-0014.html"
},
{
"trust": 1.8,
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=608644"
},
{
"trust": 1.8,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/59816"
},
{
"trust": 1.7,
"url": "http://libpng.git.sourceforge.net/git/gitweb.cgi?p=libpng/libpng%3ba=commitdiff%3bh=90cfcecc09febb8d6c8c1d37ea7bb7cf0f4b00f3#patch20"
},
{
"trust": 1.7,
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2010\u0026m=slackware-security.613061"
},
{
"trust": 1.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2249"
},
{
"trust": 0.8,
"url": "http://xforce.iss.net/xforce/xfdb/59816"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnvu331391"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnvu935740"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2010-2249"
},
{
"trust": 0.7,
"url": "http://libpng.git.sourceforge.net/git/gitweb.cgi?p=libpng/libpng;a=commitdiff;h=90cfcecc09febb8d6c8c1d37ea7bb7cf0f4b00f3#patch20"
},
{
"trust": 0.6,
"url": "https://access.redhat.com/security/cve/cve-2010-2249"
},
{
"trust": 0.6,
"url": "https://access.redhat.com/errata/rhsa-2010:0534"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-1205"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-2249"
},
{
"trust": 0.3,
"url": "http://blogs.sun.com/security/entry/multiple_vulnerabilities_in_libpng"
},
{
"trust": 0.3,
"url": "https://kb.bluecoat.com/index?page=content\u0026id=sa65"
},
{
"trust": 0.3,
"url": "http://support.avaya.com/css/p8/documents/100092842"
},
{
"trust": 0.3,
"url": "http://support.avaya.com/css/p8/documents/100093925"
},
{
"trust": 0.3,
"url": "http://support.avaya.com/css/p8/documents/100108439"
},
{
"trust": 0.3,
"url": "http://support.avaya.com/css/p8/documents/100148396"
},
{
"trust": 0.3,
"url": "http://www.mozilla.org/security/announce/2010/mfsa2010-41.html"
},
{
"trust": 0.3,
"url": "http://btsc.webapps.blackberry.com/btsc/search.do?cmd=displaykc\u0026doctype=kc\u0026externalid=kb27244"
},
{
"trust": 0.3,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1205"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0205"
},
{
"trust": 0.2,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0205"
},
{
"trust": 0.1,
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026amp;y=2010\u0026amp;m=slackware-security.613061"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/401.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=587670"
},
{
"trust": 0.1,
"url": "https://usn.ubuntu.com/960-1/"
},
{
"trust": 0.1,
"url": "http://tools.cisco.com/security/center/viewalert.x?alertid=22585"
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/glsa/glsa-201010-01.xml"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng_1.2.27-2+lenny4.diff.gz"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny4_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng_1.2.27-2+lenny4.dsc"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny4_i386.deb"
},
{
"trust": 0.1,
"url": "http://www.debian.org/security/faq"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny4_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny4_armel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny4_hppa.udeb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny4_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny4_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny4_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny4_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny4_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny4_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny4_arm.udeb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny4_sparc.udeb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny4_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny4_mipsel.udeb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny4_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny4_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny4_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng_1.2.27.orig.tar.gz"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng3_1.2.27-2+lenny4_all.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny4_s390.udeb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny4_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny4_mips.udeb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny4_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny4_ia64.udeb"
},
{
"trust": 0.1,
"url": "http://packages.debian.org/\u003cpkg\u003e"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny4_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny4_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny4_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny4_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny4_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny4_alpha.udeb"
},
{
"trust": 0.1,
"url": "http://www.debian.org/security/"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny4_armel.udeb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny4_powerpc.udeb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny4_amd64.udeb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny4_i386.udeb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny4_armel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny4_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny4_sparc.deb"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/security/advisoiries"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0434"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0425"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3277"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/download/player/"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/security"
},
{
"trust": 0.1,
"url": "http://downloads.vmware.com/d/info/desktop_downloads/vmware_ace/2_7"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3277"
},
{
"trust": 0.1,
"url": "http://kb.vmware.com/kb/1055"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0434"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/download/ws/"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0425"
},
{
"trust": 0.1,
"url": "http://downloads.vmware.com/support/ws71/doc/releasenotes_ws712.html"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/policies/security_response.html"
},
{
"trust": 0.1,
"url": "http://downloads.vmware.com/support/player31/doc/releasenotes_player312.html"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/policies/eos.html"
},
{
"trust": 0.1,
"url": "http://downloads.vmware.com/support/ace27/doc/releasenotes_ace272.html"
},
{
"trust": 0.1,
"url": "http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/policies/eos_vi.html"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.15~beta5-3ubuntu0.3_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0-udeb_1.2.27-2ubuntu2.2_i386.udeb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.42-1ubuntu2.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.27-2ubuntu2.2_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.27-2ubuntu2.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.37-1ubuntu0.2_lpia.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.37-1ubuntu0.2_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.42.orig.tar.bz2"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.27-2ubuntu2.2_lpia.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0-udeb_1.2.42-1ubuntu2.1_sparc.udeb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0-udeb_1.2.27-2ubuntu2.2_lpia.udeb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.42-1ubuntu2.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.37-1ubuntu0.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.27.orig.tar.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.37-1ubuntu0.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng12-0-udeb_1.2.15~beta5-3ubuntu0.3_amd64.udeb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.15~beta5-3ubuntu0.3_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.27-2ubuntu2.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.27-2ubuntu2.2.dsc"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.8rel-5ubuntu0.6_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.15~beta5-3ubuntu0.3_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.8rel-5ubuntu0.6_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.15~beta5-3ubuntu0.3_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.8rel-5ubuntu0.6_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.37.orig.tar.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.8rel-5ubuntu0.6_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng3_1.2.27-2ubuntu2.2_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.27-2ubuntu2.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.42-1ubuntu2.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0-udeb_1.2.37-1ubuntu0.2_powerpc.udeb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.37-1ubuntu0.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.15~beta5-3ubuntu0.3_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng3_1.2.15~beta5-3ubuntu0.3_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.15~beta5-3ubuntu0.3_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0-udeb_1.2.37-1ubuntu0.2_amd64.udeb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.15~beta5-3ubuntu0.3_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.42-1ubuntu2.1.debian.tar.bz2"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.42-1ubuntu2.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.37-1ubuntu0.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.8rel-5ubuntu0.6_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.42-1ubuntu2.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/universe/libp/libpng/libpng12-0-udeb_1.2.15~beta5-3ubuntu0.3_sparc.udeb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.42-1ubuntu2.1.dsc"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.8rel-5ubuntu0.6.diff.gz"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0-udeb_1.2.37-1ubuntu0.2_sparc.udeb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.15~beta5.orig.tar.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng12-0-udeb_1.2.8rel-5ubuntu0.6_i386.udeb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.27-2ubuntu2.2.diff.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0-udeb_1.2.37-1ubuntu0.2_i386.udeb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.8rel-5ubuntu0.6_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/universe/libp/libpng/libpng12-0-udeb_1.2.15~beta5-3ubuntu0.3_powerpc.udeb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.27-2ubuntu2.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.15~beta5-3ubuntu0.3_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng12-0-udeb_1.2.8rel-5ubuntu0.6_sparc.udeb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.27-2ubuntu2.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng12-0-udeb_1.2.8rel-5ubuntu0.6_amd64.udeb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng3_1.2.42-1ubuntu2.1_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.27-2ubuntu2.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.37-1ubuntu0.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng12-0-udeb_1.2.15~beta5-3ubuntu0.3_i386.udeb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0-udeb_1.2.27-2ubuntu2.2_sparc.udeb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0-udeb_1.2.27-2ubuntu2.2_amd64.udeb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.27-2ubuntu2.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.37-1ubuntu0.2.dsc"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.37-1ubuntu0.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0-udeb_1.2.27-2ubuntu2.2_powerpc.udeb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.15~beta5-3ubuntu0.3.dsc"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.42-1ubuntu2.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.15~beta5-3ubuntu0.3_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.37-1ubuntu0.2.diff.gz"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0-udeb_1.2.42-1ubuntu2.1_powerpc.udeb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.8rel.orig.tar.gz"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.42-1ubuntu2.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.27-2ubuntu2.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.37-1ubuntu0.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.8rel-5ubuntu0.6_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.37-1ubuntu0.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.42-1ubuntu2.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.15~beta5-3ubuntu0.3.diff.gz"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.15~beta5-3ubuntu0.3_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/universe/libp/libpng/libpng12-0-udeb_1.2.15~beta5-3ubuntu0.3_lpia.udeb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng12-0-udeb_1.2.8rel-5ubuntu0.6_powerpc.udeb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng3_1.2.37-1ubuntu0.2_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0-udeb_1.2.42-1ubuntu2.1_i386.udeb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.8rel-5ubuntu0.6_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0-udeb_1.2.42-1ubuntu2.1_amd64.udeb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng3_1.2.8rel-5ubuntu0.6_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.8rel-5ubuntu0.6.dsc"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0-udeb_1.2.37-1ubuntu0.2_lpia.udeb"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-6218"
},
{
"trust": 0.1,
"url": "http://www.mandriva.com/security/"
},
{
"trust": 0.1,
"url": "http://store.mandriva.com/product_info.php?cpath=149\u0026products_id=490"
},
{
"trust": 0.1,
"url": "http://secunia.com/"
},
{
"trust": 0.1,
"url": "http://lists.grok.org.uk/full-disclosure-charter.html"
},
{
"trust": 0.1,
"url": "http://www.mandriva.com/security/advisories"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-6218"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-44854"
},
{
"db": "VULMON",
"id": "CVE-2010-2249"
},
{
"db": "BID",
"id": "41174"
},
{
"db": "PACKETSTORM",
"id": "94522"
},
{
"db": "PACKETSTORM",
"id": "91973"
},
{
"db": "PACKETSTORM",
"id": "94244"
},
{
"db": "PACKETSTORM",
"id": "91619"
},
{
"db": "PACKETSTORM",
"id": "91878"
},
{
"db": "CNNVD",
"id": "CNNVD-201006-491"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001805"
},
{
"db": "NVD",
"id": "CVE-2010-2249"
}
]
},
"sources": {
"_id": null,
"data": [
{
"db": "VULHUB",
"id": "VHN-44854",
"ident": null
},
{
"db": "VULMON",
"id": "CVE-2010-2249",
"ident": null
},
{
"db": "BID",
"id": "41174",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "94522",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "91973",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "94244",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "91619",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "91878",
"ident": null
},
{
"db": "CNNVD",
"id": "CNNVD-201006-491",
"ident": null
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001805",
"ident": null
},
{
"db": "NVD",
"id": "CVE-2010-2249",
"ident": null
}
]
},
"sources_release_date": {
"_id": null,
"data": [
{
"date": "2010-06-30T00:00:00",
"db": "VULHUB",
"id": "VHN-44854",
"ident": null
},
{
"date": "2010-06-30T00:00:00",
"db": "VULMON",
"id": "CVE-2010-2249",
"ident": null
},
{
"date": "2010-06-25T00:00:00",
"db": "BID",
"id": "41174",
"ident": null
},
{
"date": "2010-10-05T22:16:57",
"db": "PACKETSTORM",
"id": "94522",
"ident": null
},
{
"date": "2010-07-20T00:53:34",
"db": "PACKETSTORM",
"id": "91973",
"ident": null
},
{
"date": "2010-09-25T18:50:30",
"db": "PACKETSTORM",
"id": "94244",
"ident": null
},
{
"date": "2010-07-08T21:03:46",
"db": "PACKETSTORM",
"id": "91619",
"ident": null
},
{
"date": "2010-07-16T04:34:46",
"db": "PACKETSTORM",
"id": "91878",
"ident": null
},
{
"date": "2010-06-25T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201006-491",
"ident": null
},
{
"date": "2010-08-10T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2010-001805",
"ident": null
},
{
"date": "2010-06-30T18:30:01.847000",
"db": "NVD",
"id": "CVE-2010-2249",
"ident": null
}
]
},
"sources_update_date": {
"_id": null,
"data": [
{
"date": "2023-02-13T00:00:00",
"db": "VULHUB",
"id": "VHN-44854",
"ident": null
},
{
"date": "2020-08-14T00:00:00",
"db": "VULMON",
"id": "CVE-2010-2249",
"ident": null
},
{
"date": "2015-04-13T21:46:00",
"db": "BID",
"id": "41174",
"ident": null
},
{
"date": "2023-04-26T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201006-491",
"ident": null
},
{
"date": "2012-03-27T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2010-001805",
"ident": null
},
{
"date": "2025-04-11T00:51:21.963000",
"db": "NVD",
"id": "CVE-2010-2249",
"ident": null
}
]
},
"threat_type": {
"_id": null,
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "91878"
},
{
"db": "CNNVD",
"id": "CNNVD-201006-491"
}
],
"trust": 0.7
},
"title": {
"_id": null,
"data": "libpng include pngrutil.c Memory leak vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2010-001805"
}
],
"trust": 0.8
},
"type": {
"_id": null,
"data": "resource management error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201006-491"
}
],
"trust": 0.6
}
}
VAR-200609-1586
Vulnerability from variot - Updated: 2026-04-10 22:44OpenSSL 0.9.7 before 0.9.7l, 0.9.8 before 0.9.8d, and earlier versions allows attackers to cause a denial of service (CPU consumption) via parasitic public keys with large (1) "public exponent" or (2) "public modulus" values in X.509 certificates that require extra time to process when using RSA signature verification. Some applications that perform X.509 certificate verification may be vulnerable to signature processing problems that lead to resource exhaustion. This vulnerability may cause a denial of service. The Oracle SYS.DBMS_AQ package is vulnerable to PL/SQL injection. This vulnerability may allow a remote, authenticated attacker to execute arbitrary PL/SQL commands on a vulnerable Oracle installation. Multiple RSA implementations fail to properly handle RSA signatures. This vulnerability may allow an attacker to forge RSA signatures. OpenSSL is prone to a denial-of-service vulnerability because it fails to validate the lengths of public keys being used. Oracle has released a Critical Patch Update advisory for January 2007 to address these vulnerabilities for supported releases. Earlier unsupported releases are likely to be affected by these issues as well. The issues identified by the vendor affect all security properties of the Oracle products and present local and remote threats. Various levels of authorization are needed to leverage some of the issues, but other issues do not require any authorization. The most severe of the vulnerabilities could possibly expose affected computers to complete compromise. Henson recently developed an ASN.1 test suite for NISCC (www.niscc.gov.uk). During the parsing of certain invalid ASN.1 structures an error condition is mishandled. Certain types of public key can take disproportionate amounts of time to process.
Any code which uses OpenSSL to parse ASN.1 data from untrusted sources is affected. This includes SSL servers which enable client authentication and S/MIME applications.
Acknowledgements
The OpenSSL team thank Dr S. Henson of Open Network Security and NISCC for funding the ASN.1 test suite project. An attacker could send a list of ciphers to an application that uses this function and overrun a buffer (CVE-2006-3738).
SSLv2 Client Crash (CVE-2006-4343)
Vulnerability
A flaw in the SSLv2 client code was discovered.
Recommendations
These vulnerabilities are resolved in the following versions of OpenSSL:
- in the 0.9.7 branch, version 0.9.7l (or later);
- in the 0.9.8 branch, version 0.9.8d (or later).
OpenSSL 0.9.8d and OpenSSL 0.9.7l are available for download via HTTP and FTP from the following master locations (you can find the various FTP mirrors under https://www.openssl.org/source/mirror.html):
o https://www.openssl.org/source/
o ftp://ftp.openssl.org/source/
The distribution file names are:
o openssl-0.9.8d.tar.gz
MD5 checksum: 8ed1853538e1d05a1f5ada61ebf8bffa
SHA1 checksum: 4136fba00303a3d319d2052bfa8e1f09a2e12fc2
o openssl-0.9.7l.tar.gz
MD5 checksum: b21d6e10817ddeccf5fbe1379987333e
SHA1 checksum: f0e4136639b10cbd1227c4f7350ff7ad406e575d
The checksums were calculated using the following commands:
openssl md5 openssl-0.9*.tar.gz
openssl sha1 openssl-0.9*.tar.gz
After upgrading make sure to recompile any applications statically linked to OpenSSL libraries and restart all applications that use OpenSSL. Incorrect permissions on SSL key files generated by vmware-config (CVE-2006-3589):
ESX 3.0.1: does not have this problem
ESX 3.0.0: does not have this problem
ESX 2.5.4: corrected by ESX 2.5.4 Upgrade Patch 3 (Build# 36502)
ESX 2.5.3: corrected by ESX 2.5.3 Upgrade Patch 6 (Build# 35703)
ESX 2.1.3: corrected by ESX 2.1.3 Upgrade Patch 4 (Build# 35803)
ESX 2.0.2: corrected by ESX 2.0.2 Upgrade Patch 4 (Build# 35801)
A possible security issue with the configuration program
vmware-config which could set incorrect permissions on SSL key
files. Local users may be able to obtain access to the SSL key
files. OpenSSL library vulnerabilities:
ESX 3.0.1: corrected by ESX 3.0.1 Patch ESX-9986131
ESX 3.0.0: corrected by ESX 3.0.0 Patch ESX-3069097
ESX 2.5.4: corrected by ESX 2.5.4 Upgrade Patch 3 (Build# 36502)
ESX 2.5.3: corrected by ESX 2.5.3 Upgrade Patch 6 (Build# 35703)
ESX 2.1.3: corrected by ESX 2.1.3 Upgrade Patch 4 (Build# 35803)
ESX 2.0.2: corrected by ESX 2.0.2 Upgrade Patch 4 (Build# 35801)
(CVE-2006-2937) OpenSSL 0.9.7 before 0.9.7l and 0.9.8 before 0.9.8d
allows remote attackers to cause a denial of service (infinite
loop and memory consumption) via malformed ASN.1 structures that
trigger an improperly handled error condition.
(CVE-2006-4339) OpenSSL before 0.9.7, 0.9.7 before 0.9.7k, and 0.9.8
before 0.9.8c, when using an RSA key with exponent 3, removes PKCS-1
padding before generating a hash, which allows remote attackers to
forge a PKCS #1 v1.5 signature that is signed by that RSA key and
prevents OpenSSL from correctly verifying X.509 and other
certificates that use PKCS #1.
(CVE-2006-4343) The get_server_hello function in the SSLv2 client
code in OpenSSL 0.9.7 before 0.9.7l, 0.9.8 before 0.9.8d, and
earlier versions allows remote servers to cause a denial of service
(client crash) via unknown vectors that trigger a null pointer
dereference. Updated OpenSSH package addresses the following possible security issues:
ESX 3.0.1: corrected by Patch ESX-9986131
ESX 3.0.0: corrected by Patch ESX-3069097
ESX 2.5.4: does not have these problems
ESX 2.5.3: does not have these problems
ESX 2.1.3: does not have these problems
ESX 2.0.2: does not have these problems
(CVE-2004-2069) sshd.c in OpenSSH 3.6.1p2 and 3.7.1p2 and possibly
other versions, when using privilege separation, does not properly
signal the non-privileged process when a session has been terminated
after exceeding the LoginGraceTime setting, which leaves the
connection open and allows remote attackers to cause a denial of
service (connection consumption).
(CVE-2006-0225) scp in OpenSSH 4.2p1 allows attackers to execute
arbitrary commands via filenames that contain shell metacharacters
or spaces, which are expanded twice.
(CVE-2003-0386) OpenSSH 3.6.1 and earlier, when restricting host
access by numeric IP addresses and with VerifyReverseMapping
disabled, allows remote attackers to bypass "from=" and "user@host"
address restrictions by connecting to a host from a system whose
reverse DNS hostname contains the numeric IP address.
(CVE-2006-4924) sshd in OpenSSH before 4.4, when using the version 1
SSH protocol, allows remote attackers to cause a denial of service
(CPU consumption) via an SSH packet that contains duplicate blocks,
which is not properly handled by the CRC compensation attack
detector.
NOTE: ESX by default disables version 1 SSH protocol.
(CVE-2006-5051) Signal handler race condition in OpenSSH before 4.4
allows remote attackers to cause a denial of service (crash), and
possibly execute arbitrary code if GSSAPI authentication is enabled,
via unspecified vectors that lead to a double-free.
NOTE: ESX doesn't use GSSAPI by default.
(CVE-2006-5794) Unspecified vulnerability in the sshd Privilege
Separation Monitor in OpenSSH before 4.5 causes weaker verification
that authentication has been successful, which might allow attackers
to bypass authentication.
NOTE: as of 20061108, it is believed that this issue is only
exploitable by leveraging vulnerabilities in the unprivileged
process, which are not known to exist. Object reuse problems with newly created virtual disk (.vmdk or .dsk)
files:
ESX 3.0.1: does not have this problem
ESX 3.0.0: does not have this problem
ESX 2.5.4: corrected by ESX 2.5.4 Upgrade Patch 3 (Build# 36502)
ESX 2.5.3: corrected by ESX 2.5.3 Upgrade Patch 6 (Build# 35703)
ESX 2.1.3: corrected by ESX 2.1.3 Upgrade Patch 4 (Build# 35803)
ESX 2.0.2: corrected by ESX 2.0.2 Upgrade Patch 4 (Build# 35801)
A possible security issue with virtual disk (.vmdk or .dsk) files
that are newly created, but contain blocks from recently deleted
virtual disk files. Information belonging to the previously
deleted virtual disk files could be revealed in newly created
virtual disk files.
VMware recommends the following workaround: When creating new
virtual machines on an ESX Server that may contain sensitive
data, use vmkfstools with the -W option. This initializes the
virtual disk with zeros. NOTE: ESX 3.x defines this option as -w. Buffer overflow in Python function repr():
ESX 3.0.1: corrected by Patch ESX-9986131
ESX 3.0.0: corrected by ESX-3069097
ESX 2.5.4: does not have this problem
ESX 2.5.3: does not have this problem
ESX 2.1.3: does not have this problem
ESX 2.0.2: does not have this problem
A possible security issue with how the Python function repr()
function handles UTF-32/UCS-4 strings.
ESX 3.0.1 http://www.vmware.com/support/vi3/doc/esx-9986131-patch.html md5usm: 239375e107fd4c7af57663f023863fcb
ESX 3.0.0 http://www.vmware.com/support/vi3/doc/esx-3069097-patch.html md5sum: ca9947239fffda708f2c94f519df33dc
ESX 2.5.4 http://www.vmware.com/support/esx25/doc/esx-254-200612-patch.html md5sum: 239375e107fd4c7af57663f023863fcb
ESX 2.5.3 http://www.vmware.com/support/esx25/doc/esx-253-200612-patch.html md5sum: f90fcab28362edbf2311f3ca90cc7739
ESX 2.1.3 http://www.vmware.com/support/esx21/doc/esx-213-200612-patch.html md5sum: 7d7d0e40f4dccd5ca64b9c13a856da8f
ESX 2.0.2 http://www.vmware.com/support/esx2/doc/esx-202-200612-patch.html md5sum: 925e70f28d17714c53fdbd24de64329f
- References:
ESX 3.0.0 Patch URL: http://www.vmware.com/support/vi3/doc/esx-3069097-patch.html Knowledge base URL: http://kb.vmware.com/kb/3069097
ESX 3.0.1 Patch URL: http://www.vmware.com/support/vi3/doc/esx-9986131-patch.html Knowledge base URL: http://kb.vmware.com/kb/9986131
ESX 2.5.4 Patch URL: http://www.vmware.com/support/esx25/doc/esx-254-200612-patch.html
ESX 2.5.3 Patch URL: http://www.vmware.com/support/esx25/doc/esx-253-200612-patch.html
ESX 2.1.3 Patch URL: http://www.vmware.com/support/esx21/doc/esx-213-200612-patch.html
ESX 2.0.2 Patch URL: http://www.vmware.com/support/esx2/doc/esx-202-200612-patch.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3589 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4339 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4980
- Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
~ VMware Security Advisory
Advisory ID: VMSA-2008-0005 Synopsis: Updated VMware Workstation, VMware Player, VMware ~ Server, VMware ACE, and VMware Fusion resolve ~ critical security issues Issue date: 2008-03-17 Updated on: 2008-03-17 (initial release of advisory) CVE numbers: CVE-2008-0923 CVE-2008-0923 CVE-2008-1361 ~ CVE-2008-1362 CVE-2007-5269 CVE-2006-2940 ~ CVE-2006-2937 CVE-2006-4343 CVE-2006-4339 ~ CVE-2007-5618 CVE-2008-1364 CVE-2008-1363 ~ CVE-2008-1340
-
Relevant releases:
~ VMware Workstation 6.0.2 and earlier ~ VMware Workstation 5.5.4 and earlier ~ VMware Player 2.0.2 and earlier ~ VMware Player 1.0.4 and earlier ~ VMware ACE 2.0.2 and earlier ~ VMware ACE 1.0.2 and earlier ~ VMware Server 1.0.4 and earlier ~ VMware Fusion 1.1 and earlier
- Problem description:
~ a. Host to guest shared folder (HGFS) traversal vulnerability
~ On Windows hosts, if you have configured a VMware host to guest ~ shared folder (HGFS), it is possible for a program running in the ~ guest to gain access to the host's file system and create or modify ~ executable files in sensitive locations.
NOTE: VMware Server is not affected because it doesn't use host to ~ guest shared folders. No versions of ESX Server, including ~ ESX Server 3i, are affected by this vulnerability. Because ~ ESX Server is based on a bare-metal hypervisor architecture ~ and not a hosted architecture, and it doesn't include any ~ shared folder abilities. Fusion and Linux based hosted ~ products are unaffected.
~ VMware would like to thank CORE Security Technologies for ~ working with us on this issue. This addresses advisory ~ CORE-2007-0930.
~ The Common Vulnerabilities and Exposures project (cve.mitre.org) ~ has assigned the name CVE-2008-0923 to this issue.
~ Hosted products ~ --------------- ~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004) ~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404) ~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004) ~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404) ~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004) ~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)
~ b. Insecure named pipes
~ An internal security audit determined that a malicious Windows ~ user could attain and exploit LocalSystem privileges by causing ~ the authd process to connect to a named pipe that is opened and ~ controlled by the malicious user.
~ The same internal security audit determined that a malicious ~ Windows user could exploit an insecurely created named pipe ~ object to escalate privileges or create a denial of service ~ attack. In this situation, the malicious user could ~ successfully impersonate authd and attain privileges under ~ which Authd is executing.
~ The Common Vulnerabilities and Exposures project (cve.mitre.org) ~ has assigned the names CVE-2008-1361, CVE-2008-1362 to these ~ issues.
~ Windows Hosted products ~ --------------- ~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004) ~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404) ~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004) ~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404) ~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187) ~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004) ~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)
~ c. Updated libpng library to version 1.2.22 to address various ~ security vulnerabilities
~ Several flaws were discovered in the way libpng handled various PNG ~ image chunks. An attacker could create a carefully crafted PNG ~ image file in such a way that it could cause an application linked ~ with libpng to crash when the file was manipulated.
~ The Common Vulnerabilities and Exposures project (cve.mitre.org) ~ has assigned the name CVE-2007-5269 to this issue.
~ Hosted products ~ --------------- ~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004) ~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404) ~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004) ~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404) ~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187) ~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004) ~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)
~ NOTE: Fusion is not affected by this issue.
~ d. Updated OpenSSL library to address various security vulnerabilities
~ Updated OpenSSL fixes several security flaws were discovered ~ in previous versions of OpenSSL.
~ The Common Vulnerabilities and Exposures project (cve.mitre.org) ~ assigned the following names to these issues: CVE-2006-2940, ~ CVE-2006-2937, CVE-2006-4343, CVE-2006-4339.
~ Hosted products ~ --------------- ~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004) ~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404) ~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004) ~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404) ~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187) ~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004) ~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)
~ NOTE: Fusion is not affected by this issue.
~ e. VIX API default setting changed to a more secure default value
~ Workstation 6.0.2 allowed anonymous console access to the guest by ~ means of the VIX API. This release, Workstation 6.0.3, disables ~ this feature. This means that the Eclipse Integrated Virtual ~ Debugger and the Visual Studio Integrated Virtual Debugger will now ~ prompt for user account credentials to access a guest.
~ Hosted products ~ --------------- ~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004) ~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004) ~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)
~ f. Windows 2000 based hosted products privilege escalation ~ vulnerability
~ This release addresses a potential privilege escalation on ~ Windows 2000 hosted products. Certain services may be improperly ~ registered and present a security vulnerability to Windows 2000 ~ machines.
~ VMware would like to thank Ray Hicken for reporting this issue and ~ David Maciejak for originally pointing out these types of ~ vulnerabilities.
~ The Common Vulnerabilities and Exposures project (cve.mitre.org) ~ assigned the name CVE-2007-5618 to this issue.
~ Windows versions of Hosted products ~ --------------- ~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004) ~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404) ~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004) ~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404) ~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187) ~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004) ~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)
~ NOTE: Fusion and Linux based products are not affected by this ~ issue.
~ g.
~ VMware would like to thank Martin O'Neal for reporting this issue.
~ The Common Vulnerabilities and Exposures project (cve.mitre.org) ~ assigned the name CVE-2008-1364 to this issue.
~ Hosted products ~ --------------- ~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404) ~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404) ~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187) ~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846) ~ VMware Fusion 1.1 upgrade to version 1.1.1 (Build# 72241)
~ NOTE: This issue doesn't affect the latest versions of VMware ~ Workstation 6, VMware Player 2, and ACE 2 products.
~ h. Local Privilege Escalation on Windows based platforms by ~ Hijacking VMware VMX configuration file
~ VMware uses a configuration file named "config.ini" which ~ is located in the application data directory of all users. ~ By manipulating this file, a user could gain elevated ~ privileges by hijacking the VMware VMX process.
~ VMware would like to thank Sun Bing for reporting the issue.
~ The Common Vulnerabilities and Exposures project (cve.mitre.org) ~ assigned the name CVE-2008-1363 to this issue.
~ Windows based Hosted products ~ --------------- ~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004) ~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404) ~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004) ~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404) ~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187) ~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004) ~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)
~ i. Virtual Machine Communication Interface (VMCI) memory corruption ~ resulting in denial of service
~ VMCI was introduced in VMware Workstation 6.0, VMware Player 2.0, ~ and VMware ACE 2.0. It is an experimental, optional feature and ~ it may be possible to crash the host system by making specially ~ crafted calls to the VMCI interface.
~ VMware would like to thank Andrew Honig of the Department of ~ Defense for reporting this issue.
~ The Common Vulnerabilities and Exposures project (cve.mitre.org) ~ assigned the name CVE-2008-1340 to this issue.
~ Hosted products ~ --------------- ~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004) ~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004) ~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)
- Solution:
Please review the Patch notes for your product and version and verify the md5sum of your downloaded file.
~ VMware Workstation 6.0.3 ~ ------------------------ ~ http://www.vmware.com/download/ws/ ~ Release notes: ~ http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html ~ Windows binary ~ md5sum: 323f054957066fae07735160b73b91e5 ~ RPM Installation file for 32-bit Linux ~ md5sum: c44183ad11082f05593359efd220944e ~ tar Installation file for 32-bit Linux ~ md5sum: 57601f238106cb12c1dea303ad1b4820 ~ RPM Installation file for 64-bit Linux ~ md5sum: e9ba644be4e39556724fa2901c5e94e9 ~ tar Installation file for 64-bit Linux ~ md5sum: d8d423a76f99a94f598077d41685e9a9
~ VMware Workstation 5.5.5 ~ ------------------------ ~ http://www.vmware.com/download/ws/ws5.html ~ Release notes: ~ http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html ~ Windows binary ~ md5sum: 9c2dd94db5eed93d7f64e8d6ba8d8bd3 ~ Compressed Tar archive for 32-bit Linux ~ md5sum: 77401c0842a151f0b2db0b4fcb0d16eb ~ Linux RPM version for 32-bit Linux ~ md5sum: c222b6db934deb9c1bb79b16b25a3202
~ VMware Server 1.0.5 ~ ------------------- ~ http://www.vmware.com/download/server/ ~ Release notes: ~ http://www.vmware.com/support/server/doc/releasenotes_server.html ~ VMware Server for Windows 32-bit and 64-bit ~ md5sum: 3c4a57310c55e17bf8e4a1059d5b36cc ~ VMware Server Windows client package ~ md5sum: cb3dd2439203dc510f4d95f06ba59d21 ~ VMware Server for Linux ~ md5sum: 161dcbe5af9bbd9834a86bf7c599903e ~ VMware Server for Linux rpm ~ md5sum: fc3b81ed18b53eda943a992971e9f84a ~ Management Interface ~ md5sum: dd10d25895d9994bd27ca896152f48ef ~ VMware Server Linux client package ~ md5sum: aae18f1f7b8811b5499e3a358754d4f8
~ VMware ACE 2.0.3 and 1.0.5 ~ -------------------------- ~ http://www.vmware.com/download/ace/ ~ Windows Release notes: ~ http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html
~ VMware Fusion 1.1.1 ~ ------------------- ~ http://www.vmware.com/download/fusion/ ~ Release notes: ~ http://www.vmware.com/support/fusion/doc/releasenotes_fusion.html ~ md5sum: 38e116ec26b30e7a6ac47c249ef650d0
~ VMware Player 2.0.3 and 1.0.6 ~ ---------------------- ~ http://www.vmware.com/download/player/ ~ Release notes Player 1.x: ~ http://www.vmware.com/support/player/doc/releasenotes_player.html ~ Release notes Player 2.0 ~ http://www.vmware.com/support/player2/doc/releasenotes_player2.html ~ 2.0.3 Windows binary ~ md5sum: 0c5009d3b569687ae139e13d24c868d3 ~ VMware Player 2.0.3 for Linux (.rpm) ~ md5sum: 53502b2112a863356dcd13dd0d8dd8f2 ~ VMware Player 2.0.3 for Linux (.tar) ~ md5sum: 2305fcff49bef6e4ad83742412eac978 ~ VMware Player 2.0.3 - 64-bit (.rpm) ~ md5sum: cf945b571c4d96146ede010286fdfca5 ~ VMware Player 2.0.3 - 64-bit (.tar) ~ md5sum: f99c5b293eb87c5f918ad24111565b9f ~ 1.0.6 Windows binary ~ md5sum: 895081406c4de5361a1700ec0473e49c ~ Player 1.0.6 for Linux (.rpm) ~ md5sum: 8adb23799dd2014be0b6d77243c76942 ~ Player 1.0.6 for Linux (.tar) ~ md5sum: c358f8e1387fb60863077d6f8a9f7b3f
- References:
~ CVE numbers ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0923 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1361 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1362 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5269 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4339 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5618 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1364 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1363 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1340
- Contact:
E-mail list for product security notifications and announcements: http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce
This Security Advisory is posted to the following lists:
~ * security-announce@lists.vmware.com ~ * bugtraq@securityfocus.com ~ * full-disclosure@lists.grok.org.uk
E-mail: security@vmware.com
Security web site http://www.vmware.com/security
VMware security response policy http://www.vmware.com/support/policies/security_response.html
General support life cycle policy http://www.vmware.com/support/policies/eos.html
VMware Infrastructure support life cycle policy http://www.vmware.com/support/policies/eos_vi.html
Copyright 2008 VMware Inc. All rights reserved.
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (GNU/Linux)
iD8DBQFH3yTxS2KysvBH1xkRCHq8AJ0QOMocv/gSz/hgdojA39PGVO6pUACePCRv Cv8MnL2bYPyDfYQ3f4IUL+w= =tFXS -----END PGP SIGNATURE----- . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c00967144 Version: 1
HPSBTU02207 SSRT061213, SSRT061239, SSRT071304 rev.1 - HP Tru64 UNIX SSL and BIND Remote Arbitrary Code Execution or Denial of Service (DoS)
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
References: VU#547300, VU#386964, CAN-2006-4339, CVE-2006-2937, CVE-2006-2940, CVE-2006-3738 (SSL) VU#697164, VU#915404, CVE-2007-0493, CVE-2007-0494 (BIND)
SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. The following supported software versions are affected: HP Tru64 UNIX v 5.1B-4 (SSL and BIND) HP Tru64 UNIX v 5.1B-3 (SSL and BIND) HP Tru64 UNIX v 5.1A PK6 (BIND) HP Tru64 UNIX v 4.0G PK4 (BIND) HP Tru64 UNIX v 4.0F PK8 (BIND) Internet Express (IX) v 6.6 BIND (BIND) HP Insight Management Agents for Tru64 UNIX patch v 3.5.2 and earlier (SSL)
BACKGROUND
RESOLUTION
HP has released the following Early Release Patch kits (ERPs) publicly for use by any customer. The ERP kits use dupatch to install and will not install over any Customer Specific Patches (CSPs) that have file intersections with the ERP. A new patch version for HP Insight Management Agents for Tru64 UNIX is also available that addresses the potential vulnerabilities.
The fixes contained in the ERP kits will be available in the following mainstream releases: -Targeted for availability in HP Tru64 UNIX v 5.1B-5 -Internet Express (IX) v 6.7 -HP Insight Management Agents for Tru64 UNIX patch v 3.6.1 (already available)
HP Tru64 UNIX Version 5.1B-4 ERP Kit Location: http://www.itrc.hp.com/service/patch/patchDetail.do?patchid=T64KIT1001167-V51BB27-ES-20070321 Name: T64KIT1001167-V51BB27-ES-20070321 MD5 Checksum: a697a90bd0b1116b6f27d1100bbf81fd
HP Tru64 UNIX Version 5.1B-3 ERP Kit Location: http://www.itrc.hp.com/service/patch/patchDetail.do?patchid=T64KIT1001163-V51BB26-ES-20070315 Name: T64KIT1001163-V51BB26-ES-20070315 MD5 Checksum: d376d403176f0dbe7badd4df4e91c126
HP Tru64 UNIX Version 5.1A PK6 ERP Kit Location: http://www.itrc.hp.com/service/patch/patchDetail.do?patchid=T64KIT1001160-V51AB24-ES-20070314 Name: T64KIT1001160-V51AB24-ES-20070314 MD5 Checksum: 7bb43ef667993f7c4711b6cf978e0aa7
HP Tru64 UNIX Version 4.0G PK4 ERP Kit Location: http://www.itrc.hp.com/service/patch/patchDetail.do?patchid=T64KIT1001166-V40GB22-ES-20070316 Name: T64KIT1001166-V40GB22-ES-20070316 MD5 Checksum: a446c39169b769c4a03c654844d5ac45
HP Tru64 UNIX Version 4.0F PK8 ERP Kit Location: http://www.itrc.hp.com/service/patch/patchDetail.do?patchid=DUXKIT1001165-V40FB22-ES-20070316 Name: DUXKIT1001165-V40FB22-ES-20070316 MD5 Checksum: 718148c87a913536b32a47af4c36b04e
HP Insight Management Agents for Tru64 UNIX patch version 3.6.1 (for kit CPQIIM360) Location: http://h30097.www3.hp.com/cma/patches.html Name: CPQIM360.SSL.01.tar.gz MD5 Checksum: 1001a10ab642461c87540826dfe28652
Internet Express (IX) v 6.6 BIND Note: Customers who use Internet Express (IX) v 6.6 BIND should install the BIND 9.2.8 patch from the ERP kit appropriate for their base operating system version.
PRODUCT SPECIFIC INFORMATION
The HP Tru64 UNIX v 5.1B-3 and v 5.1B-4 ERP kits distribute two patches: -OpenSSL 0.9.8d -BIND 9.2.8 built with OpenSSL 0.9.8d
Note: HP Tru64 UNIX v 5.1A, v 4.0G, and v 4.0F releases did not distribute OpenSSL and so their ERP kits provide only the BIND 9.2.8 patch that has been built with OpenSSL 0.9.8d
Customers who have been using OpenSSL on HP Tru64 UNIX v 5.1B-3 and v 5.1B-4 should install the OpenSSL patch from the ERP kit appropriate for their base operating system version.
The HP Insight Management Agents for Tru64 UNIX patch contains OpenSSL 0.9.8d and is applicable for HP Tru64 UNIX v 5.1A, v 5.1B-3, and v 5.1B-4.
HISTORY Version:1 (rev.1) - 12 April 2007 Initial release
Third Party Security Patches: Third party security patches which are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy.
Support: For further information, contact normal HP Services support channel.
Report: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com It is strongly recommended that security related information being communicated to HP be encrypted using PGP, especially exploit information. To get the security-alert PGP key, please send an e-mail message as follows: To: security-alert@hp.com Subject: get key
Subscribe: To initiate a subscription to receive future HP Security Bulletins via Email: http://h30046.www3.hp.com/driverAlertProfile.php?regioncode=NA&langcode=USENG&jumpid=in_SC-GEN__driverITRC&topiccode=ITRC On the web page: ITRC security bulletins and patch sign-up Under Step1: your ITRC security bulletins and patches - check ALL categories for which alerts are required and continue. Under Step2: your ITRC operating systems - verify your operating system selections are checked and save.
To update an existing subscription: http://h30046.www3.hp.com/subSignIn.php Log in on the web page: Subscriber's choice for Business: sign-in. On the web page: Subscriber's Choice: your profile summary - use Edit Profile to update appropriate sections.
To review previously published Security Bulletins visit: http://www.itrc.hp.com/service/cki/secBullArchive.do
- The Software Product Category that this Security Bulletin relates to is represented by the 5th and 6th characters of the Bulletin number in the title:
GN = HP General SW MA = HP Management Agents MI = Misc. 3rd Party SW MP = HP MPE/iX NS = HP NonStop Servers OV = HP OpenVMS PI = HP Printing & Imaging ST = HP Storage SW TL = HP Trusted Linux TU = HP Tru64 UNIX UX = HP-UX VV = HP VirtualVault
System management and security procedures must be reviewed frequently to maintain system integrity. HP is continually reviewing and enhancing the security features of software products to provide customers with current secure solutions.
"HP is broadly distributing this Security Bulletin in order to bring to the attention of users of the affected HP products the important security information contained in this Bulletin. HP recommends that all users determine the applicability of this information to their individual situations and take appropriate action. HP does not warrant that this information is necessarily accurate or complete for all user situations and, consequently, HP will not be responsible for any damages resulting from user's use or disregard of the information provided in this Bulletin. To the extent permitted by law, HP disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose, title and non-infringement."
\xa9Copyright 2007 Hewlett-Packard Development Company, L.P.
Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental, special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. rPath Security Advisory: 2006-0175-1 Published: 2006-09-28 Products: rPath Linux 1 Rating: Major Exposure Level Classification: Remote Deterministic Unauthorized Access Updated Versions: openssl=/conary.rpath.com@rpl:devel//1/0.9.7f-10.4-1 openssl-scripts=/conary.rpath.com@rpl:devel//1/0.9.7f-10.4-1
References: http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343 http://issues.rpath.com/browse/RPL-613
Description: Previous versions of the openssl package are vulnerable to multiple attacks. In particular, any connection that the mysql daemon will accept may be vulnerable. In the default configuration of mysql, that would be a local unauthorized access vulnerability, but mysql can be configured to listen for network connections from remote hosts, which would then enable remote unauthorized access. Any program that calls the SSL_get_shared_ciphers() function may be vulnerable.
Full-Disclosure - We believe in it.
References: [0] http://www.openssl.org/news/secadv_20060928.txt [1] http://www.openssl.org/ [2] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937 [3] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940 [4] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738 [5] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343
For security reasons, this advisory was digitally signed with the OpenPGP public key "OpenPKG openpkg@openpkg.org" (ID 63C4CB9F) of the OpenPKG project which you can retrieve from http://pgp.openpkg.org and hkp://pgp.openpkg.org. Follow the instructions on http://pgp.openpkg.org for details on how to verify the integrity of this advisory. --WfZ7S8PLGjBY9Voh Content-Type: text/plain; charset=us-ascii Content-Disposition: inline
Gentoo Linux Security Advisory GLSA 200610-11
http://security.gentoo.org/
Severity: High Title: OpenSSL: Multiple vulnerabilities Date: October 24, 2006 Bugs: #145510 ID: 200610-11
Synopsis
OpenSSL contains multiple vulnerabilities including the possible remote execution of arbitrary code.
Background
OpenSSL is a toolkit implementing the Secure Sockets Layer, Transport Layer Security protocols and a general-purpose cryptography library. Additionally Dr.
Workaround
There is no known workaround at this time.
Resolution
All OpenSSL 0.9.8 users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=dev-libs/openssl-0.9.8d"
All OpenSSL 0.9.7 users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=dev-libs/openssl-0.9.7l"
References
[ 1 ] CVE-2006-2937 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937 [ 2 ] CVE-2006-2940 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940 [ 3 ] CVE-2006-3738 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738 [ 4 ] CVE-2006-4343 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-200610-11.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at http://bugs.gentoo.org.
License
Copyright 2006 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343
Updated Packages:
Mandriva Linux 2006.0: 17e2d82c3f6c0afbf48eccbfbcc17b55 2006.0/i586/libopenssl0.9.7-0.9.7g-2.4.20060mdk.i586.rpm 8c3f89e1900f069d4a4ad3162a9f7d78 2006.0/i586/libopenssl0.9.7-devel-0.9.7g-2.4.20060mdk.i586.rpm 3a68c653ba0339ba99162459385c72e2 2006.0/i586/libopenssl0.9.7-static-devel-0.9.7g-2.4.20060mdk.i586.rpm 8291bde3bd9aa95533aabc07280203b8 2006.0/i586/openssl-0.9.7g-2.4.20060mdk.i586.rpm 52b3fbfc1389bcd73e406d6ff741e9dc 2006.0/SRPMS/openssl-0.9.7g-2.4.20060mdk.src.rpm
Mandriva Linux 2006.0/X86_64: b2ce6e6bb7e3114663d3a074d0cc7da5 2006.0/x86_64/lib64openssl0.9.7-0.9.7g-2.4.20060mdk.x86_64.rpm f7c8dbc2eda0c90547d43661454d1068 2006.0/x86_64/lib64openssl0.9.7-devel-0.9.7g-2.4.20060mdk.x86_64.rpm 7c9ebd9f9179f4e93627dcf0f3442335 2006.0/x86_64/lib64openssl0.9.7-static-devel-0.9.7g-2.4.20060mdk.x86_64.rpm 17e2d82c3f6c0afbf48eccbfbcc17b55 2006.0/x86_64/libopenssl0.9.7-0.9.7g-2.4.20060mdk.i586.rpm 8c3f89e1900f069d4a4ad3162a9f7d78 2006.0/x86_64/libopenssl0.9.7-devel-0.9.7g-2.4.20060mdk.i586.rpm 3a68c653ba0339ba99162459385c72e2 2006.0/x86_64/libopenssl0.9.7-static-devel-0.9.7g-2.4.20060mdk.i586.rpm 6ce5832a59b8b67425cb7026ea9dc876 2006.0/x86_64/openssl-0.9.7g-2.4.20060mdk.x86_64.rpm 52b3fbfc1389bcd73e406d6ff741e9dc 2006.0/SRPMS/openssl-0.9.7g-2.4.20060mdk.src.rpm
Mandriva Linux 2007.0: 1bfeff47c8d2f6c020c459881be68207 2007.0/i586/libopenssl0.9.8-0.9.8b-2.1mdv2007.0.i586.rpm 1e1a4db54ddfaedb08a6d847422099ff 2007.0/i586/libopenssl0.9.8-devel-0.9.8b-2.1mdv2007.0.i586.rpm 59c80405f33b2e61ffd3cef025635e21 2007.0/i586/libopenssl0.9.8-static-devel-0.9.8b-2.1mdv2007.0.i586.rpm 3a6657970a2e7661bd869d221a69c8da 2007.0/i586/openssl-0.9.8b-2.1mdv2007.0.i586.rpm aad29e57ddceb66105af5d6434de9a62 2007.0/SRPMS/openssl-0.9.8b-2.1mdv2007.0.src.rpm
Mandriva Linux 2007.0/X86_64: af679c647d97214244a8423dc1a766b7 2007.0/x86_64/lib64openssl0.9.8-0.9.8b-2.1mdv2007.0.x86_64.rpm d7b1ed07df4115b3bcc3907e00d25a89 2007.0/x86_64/lib64openssl0.9.8-devel-0.9.8b-2.1mdv2007.0.x86_64.rpm 5bd3ece2c0ec7a3201c29fa84e25a75a 2007.0/x86_64/lib64openssl0.9.8-static-devel-0.9.8b-2.1mdv2007.0.x86_64.rpm 9b028020dba009eddbf06eeb8607b87f 2007.0/x86_64/openssl-0.9.8b-2.1mdv2007.0.x86_64.rpm aad29e57ddceb66105af5d6434de9a62 2007.0/SRPMS/openssl-0.9.8b-2.1mdv2007.0.src.rpm
Corporate 3.0: c99ea58f6f4959a4c36398cc6b2b4ee2 corporate/3.0/i586/libopenssl0.9.7-0.9.7c-3.6.C30mdk.i586.rpm 98a925c5ba2ecc9d704b1e730035755e corporate/3.0/i586/libopenssl0.9.7-devel-0.9.7c-3.6.C30mdk.i586.rpm 151493a50693e3b9cc67bfafadb9ce42 corporate/3.0/i586/libopenssl0.9.7-static-devel-0.9.7c-3.6.C30mdk.i586.rpm 82b4709bdbb9128746887013a724356a corporate/3.0/i586/openssl-0.9.7c-3.6.C30mdk.i586.rpm a5bdbe6afa52005a734dc18aa951677d corporate/3.0/SRPMS/openssl-0.9.7c-3.6.C30mdk.src.rpm
Corporate 3.0/X86_64: 01a922d80d6fc9d1b36dde15ee27747e corporate/3.0/x86_64/lib64openssl0.9.7-0.9.7c-3.6.C30mdk.x86_64.rpm 30268f0b70862d1f5998694ac8b4addc corporate/3.0/x86_64/lib64openssl0.9.7-devel-0.9.7c-3.6.C30mdk.x86_64.rpm e0388ff1efa34ea55d033e95b4e9bb63 corporate/3.0/x86_64/lib64openssl0.9.7-static-devel-0.9.7c-3.6.C30mdk.x86_64.rpm c99ea58f6f4959a4c36398cc6b2b4ee2 corporate/3.0/x86_64/libopenssl0.9.7-0.9.7c-3.6.C30mdk.i586.rpm 83759622f0cc8ea9c0f6d32671283354 corporate/3.0/x86_64/openssl-0.9.7c-3.6.C30mdk.x86_64.rpm a5bdbe6afa52005a734dc18aa951677d corporate/3.0/SRPMS/openssl-0.9.7c-3.6.C30mdk.src.rpm
Corporate 4.0: 6d71d2358738be9967b2dfe19d3642f1 corporate/4.0/i586/libopenssl0.9.7-0.9.7g-2.4.20060mlcs4.i586.rpm 22890554d3096ce596eeec7393ee3fcf corporate/4.0/i586/libopenssl0.9.7-devel-0.9.7g-2.4.20060mlcs4.i586.rpm 679fe740859fa35b2bb77b19c4a0e787 corporate/4.0/i586/libopenssl0.9.7-static-devel-0.9.7g-2.4.20060mlcs4.i586.rpm d8477333b67ec3a36ba46c50e6183993 corporate/4.0/i586/openssl-0.9.7g-2.4.20060mlcs4.i586.rpm b65dbbd9fb3d74d302478640476a2cd2 corporate/4.0/SRPMS/openssl-0.9.7g-2.4.20060mlcs4.src.rpm
Corporate 4.0/X86_64: 746e5e916d1e05379373138a5db20923 corporate/4.0/x86_64/lib64openssl0.9.7-0.9.7g-2.4.20060mlcs4.x86_64.rpm a2b1d750075a32fe8badbdf1f7febafe corporate/4.0/x86_64/lib64openssl0.9.7-devel-0.9.7g-2.4.20060mlcs4.x86_64.rpm 47c464cf890a004f772c1db3e839fa12 corporate/4.0/x86_64/lib64openssl0.9.7-static-devel-0.9.7g-2.4.20060mlcs4.x86_64.rpm 6d71d2358738be9967b2dfe19d3642f1 corporate/4.0/x86_64/libopenssl0.9.7-0.9.7g-2.4.20060mlcs4.i586.rpm 22890554d3096ce596eeec7393ee3fcf corporate/4.0/x86_64/libopenssl0.9.7-devel-0.9.7g-2.4.20060mlcs4.i586.rpm 679fe740859fa35b2bb77b19c4a0e787 corporate/4.0/x86_64/libopenssl0.9.7-static-devel-0.9.7g-2.4.20060mlcs4.i586.rpm 1030a6124a9fa4fd5a41bdff077301bf corporate/4.0/x86_64/openssl-0.9.7g-2.4.20060mlcs4.x86_64.rpm b65dbbd9fb3d74d302478640476a2cd2 corporate/4.0/SRPMS/openssl-0.9.7g-2.4.20060mlcs4.src.rpm
Multi Network Firewall 2.0: 19055eda58e1f75814e594ce7709a710 mnf/2.0/i586/libopenssl0.9.7-0.9.7c-3.6.M20mdk.i586.rpm abfe548617969f619aec5b0e807f1f67 mnf/2.0/i586/libopenssl0.9.7-devel-0.9.7c-3.6.M20mdk.i586.rpm 92e7515c9125367a79fdb490f5b39cd4 mnf/2.0/i586/libopenssl0.9.7-static-devel-0.9.7c-3.6.M20mdk.i586.rpm 847eecb1d07e4cab3d1de1452103c3a0 mnf/2.0/i586/openssl-0.9.7c-3.6.M20mdk.i586.rpm b6b67fa82d7119cde7ab7816aed17059 mnf/2.0/SRPMS/openssl-0.9.7c-3.6.M20mdk.src.rpm
To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandriva Linux at:
http://www.mandriva.com/security/advisories
If you want to report vulnerabilities, please contact
security_(at)_mandriva.com
Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2.2 (GNU/Linux)
iD8DBQFFHA4hmqjQ0CJFipgRApknAJ9Ybd8xjfkR+RL1fWEI2Fgn/KIuqACeOH/0 wB09L3fylyiHgrXvSV6VL7A= =/+dm -----END PGP SIGNATURE-----
Show details on source website{
"affected_products": {
"_id": null,
"data": [
{
"_id": null,
"model": null,
"scope": null,
"trust": 4.0,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 3.2,
"vendor": "debian gnu linux",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 3.2,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 3.2,
"vendor": "openpkg",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 3.2,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 3.2,
"vendor": "red hat",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 3.2,
"vendor": "suse linux",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 3.2,
"vendor": "slackware linux",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 3.2,
"vendor": "ubuntu",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 3.2,
"vendor": "rpath",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "trustix secure linux",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "f5",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "apple computer",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "avaya",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "gentoo linux",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "gnutls",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "hewlett packard",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "mandriva",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "sun microsystems",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "vmware",
"version": null
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.3"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.1c"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.6"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.5"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.3a"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.5a"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.2b"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.4"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7b"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6l"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6k"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7f"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7g"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6i"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6a"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6b"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6m"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8b"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7a"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6g"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6e"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6f"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7h"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7k"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6d"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6h"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6c"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7e"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7c"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7i"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8c"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8a"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7j"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6j"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7d"
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "openbsd",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "appgate network security",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "attachmatewrq",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "blue coat",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "iaik java group",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "internet consortium",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "intoto",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "mozilla",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "openwall gnu linux",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "opera",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "rsa security",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ssh security corp",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sybase",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "vandyke",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "stonesoft",
"version": null
},
{
"_id": null,
"model": "hat red hat network satellite server",
"scope": "eq",
"trust": 0.6,
"vendor": "red",
"version": "5.0"
},
{
"_id": null,
"model": "application \u0026 content networking software",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "css11500 content services switch s",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "7.30"
},
{
"_id": null,
"model": "css11500 content services switch s",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "7.20"
},
{
"_id": null,
"model": "wide area file services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "1.0"
},
{
"_id": null,
"model": "fast360",
"scope": "ne",
"trust": 0.3,
"vendor": "arkoon",
"version": "3.0/32"
},
{
"_id": null,
"model": "hardware management console for pseries",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.3.7"
},
{
"_id": null,
"model": "wireless control system software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"_id": null,
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3"
},
{
"_id": null,
"model": "call manager sr2c",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"_id": null,
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.4"
},
{
"_id": null,
"model": "siparator",
"scope": "ne",
"trust": 0.3,
"vendor": "ingate",
"version": "4.5.2"
},
{
"_id": null,
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"_id": null,
"model": "fast360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "4.0"
},
{
"_id": null,
"model": "enterprise linux es ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"_id": null,
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.5"
},
{
"_id": null,
"model": "server b",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.16"
},
{
"_id": null,
"model": "project openssl g",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"_id": null,
"model": "computing snapgear sg565",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "0"
},
{
"_id": null,
"model": "openbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "openbsd",
"version": "3.9"
},
{
"_id": null,
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.2"
},
{
"_id": null,
"model": "ciscoworks common services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2"
},
{
"_id": null,
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.6(0)"
},
{
"_id": null,
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"_id": null,
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.3"
},
{
"_id": null,
"model": "appliance server hosting edition",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "1.0"
},
{
"_id": null,
"model": "secure access control server",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.2"
},
{
"_id": null,
"model": "s8500 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"_id": null,
"model": "hardware management console for pseries",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.3.2"
},
{
"_id": null,
"model": "fuji",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"_id": null,
"model": "hardware management console for pseries r1.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0"
},
{
"_id": null,
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"_id": null,
"model": "bind a5",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"_id": null,
"model": "hardware management console for iseries r4.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"_id": null,
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1"
},
{
"_id": null,
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.1.0"
},
{
"_id": null,
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "76650"
},
{
"_id": null,
"model": "fast360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "4.0/3"
},
{
"_id": null,
"model": "css11500 content services switch",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.4"
},
{
"_id": null,
"model": "fast360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "4.0/2"
},
{
"_id": null,
"model": "messaging storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"_id": null,
"model": "project openssl b-36.8",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2.0"
},
{
"_id": null,
"model": "linux lts amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"_id": null,
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.8"
},
{
"_id": null,
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1(1)"
},
{
"_id": null,
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.00"
},
{
"_id": null,
"model": "works common services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0"
},
{
"_id": null,
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.6(1)"
},
{
"_id": null,
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "232"
},
{
"_id": null,
"model": "s8700 cm",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"_id": null,
"model": "s8300 cm",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"_id": null,
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.2"
},
{
"_id": null,
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.4"
},
{
"_id": null,
"model": "linux professional oss",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.0"
},
{
"_id": null,
"model": "bind -p1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.6"
},
{
"_id": null,
"model": "linux enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "8"
},
{
"_id": null,
"model": "system management homepage",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.9"
},
{
"_id": null,
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.3"
},
{
"_id": null,
"model": "linux professional x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"_id": null,
"model": "secure linux",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "3.0"
},
{
"_id": null,
"model": "suse linux retail solution",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "8.0"
},
{
"_id": null,
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.1"
},
{
"_id": null,
"model": "linux enterprise desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "9.1"
},
{
"_id": null,
"model": "enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"_id": null,
"model": "appliance server workgroup edition",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "1.0"
},
{
"_id": null,
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.1"
},
{
"_id": null,
"model": "ipcop",
"scope": "eq",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.11"
},
{
"_id": null,
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "1.4.2"
},
{
"_id": null,
"model": "hardware management console for iseries r5.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"_id": null,
"model": "player build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.680404"
},
{
"_id": null,
"model": "wide area application services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "s8710 cm",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"_id": null,
"model": "server c",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.8"
},
{
"_id": null,
"model": "hardware management console",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.3.7"
},
{
"_id": null,
"model": "karagulle cwrsync",
"scope": "eq",
"trust": 0.3,
"vendor": "tevfik",
"version": "2.0.9"
},
{
"_id": null,
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "2007.0"
},
{
"_id": null,
"model": "grid engine update5",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"_id": null,
"model": "suse linux standard server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "8.0"
},
{
"_id": null,
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"_id": null,
"model": "hardware management console for pseries r5.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"_id": null,
"model": "workstation build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0.380004"
},
{
"_id": null,
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.1"
},
{
"_id": null,
"model": "hardware management console for iseries",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.3.7"
},
{
"_id": null,
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "2006.0"
},
{
"_id": null,
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.5.1"
},
{
"_id": null,
"model": "workstation build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.334685"
},
{
"_id": null,
"model": "grid engine update7",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"_id": null,
"model": "hardware management console",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.1"
},
{
"_id": null,
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"_id": null,
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.2.0"
},
{
"_id": null,
"model": "bind rc3",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.7"
},
{
"_id": null,
"model": "bind b1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.7"
},
{
"_id": null,
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.1"
},
{
"_id": null,
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.5"
},
{
"_id": null,
"model": "server 0.9.1b",
"scope": null,
"trust": 0.3,
"vendor": "filezilla",
"version": null
},
{
"_id": null,
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.4"
},
{
"_id": null,
"model": "download accelarator",
"scope": "eq",
"trust": 0.3,
"vendor": "prozilla",
"version": "1.4.0"
},
{
"_id": null,
"model": "ciscoworks common management foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.0"
},
{
"_id": null,
"model": "call manager es32",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"_id": null,
"model": "call manager 4.1 sr4",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "karagulle cwrsync",
"scope": "ne",
"trust": 0.3,
"vendor": "tevfik",
"version": "2.0.10"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.6"
},
{
"_id": null,
"model": "openvms secure web server",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1-1"
},
{
"_id": null,
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.14"
},
{
"_id": null,
"model": "project openssl g",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"_id": null,
"model": "open-enterprise-server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "0"
},
{
"_id": null,
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.2"
},
{
"_id": null,
"model": "project openssl h",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"_id": null,
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.8"
},
{
"_id": null,
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2.1"
},
{
"_id": null,
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.9"
},
{
"_id": null,
"model": "server a",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.8"
},
{
"_id": null,
"model": "openvms secure web server",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1.2"
},
{
"_id": null,
"model": "propack sp6",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "3.0"
},
{
"_id": null,
"model": "bind a4",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"_id": null,
"model": "computing snapgear sg560",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "0"
},
{
"_id": null,
"model": "suse linux school server for i386",
"scope": null,
"trust": 0.3,
"vendor": "s u s e",
"version": null
},
{
"_id": null,
"model": "project openssl i",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"_id": null,
"model": "grid engine sun linux",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5.3"
},
{
"_id": null,
"model": "hardware management console for pseries r2.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"_id": null,
"model": "hardware management console for iseries",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.3.2"
},
{
"_id": null,
"model": "current",
"scope": null,
"trust": 0.3,
"vendor": "openpkg",
"version": null
},
{
"_id": null,
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"_id": null,
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"_id": null,
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.7"
},
{
"_id": null,
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.4"
},
{
"_id": null,
"model": "linux mipsel",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"_id": null,
"model": "grid engine",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5.3x86"
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.0.2.0"
},
{
"_id": null,
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "1.6.0"
},
{
"_id": null,
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3"
},
{
"_id": null,
"model": "server 0.8.6a",
"scope": null,
"trust": 0.3,
"vendor": "filezilla",
"version": null
},
{
"_id": null,
"model": "-release-p3",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.0.1"
},
{
"_id": null,
"model": "messaging storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.0"
},
{
"_id": null,
"model": "hardware management console for pseries r3.2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"_id": null,
"model": "ipcop",
"scope": "eq",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.10"
},
{
"_id": null,
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "3.0.1"
},
{
"_id": null,
"model": "linux professional x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"_id": null,
"model": "bind rc2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.7"
},
{
"_id": null,
"model": "linux ppc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"_id": null,
"model": "fast360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "3.0/31"
},
{
"_id": null,
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"_id": null,
"model": "firewalll",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.4"
},
{
"_id": null,
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1(3)"
},
{
"_id": null,
"model": "hardware management console for iseries r3.1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.0"
},
{
"_id": null,
"model": "multi network firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "2.0"
},
{
"_id": null,
"model": "workstation build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.680404"
},
{
"_id": null,
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"_id": null,
"model": "bind a1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"_id": null,
"model": "system management homepage",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.7"
},
{
"_id": null,
"model": "bind rc1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.7"
},
{
"_id": null,
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.04"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "rpath",
"version": "1"
},
{
"_id": null,
"model": "corporate server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "4.0"
},
{
"_id": null,
"model": "bind rc3",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"_id": null,
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.10"
},
{
"_id": null,
"model": "call manager sr2",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"_id": null,
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.5"
},
{
"_id": null,
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"_id": null,
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.2.0.1"
},
{
"_id": null,
"model": "call manager sr2b",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"_id": null,
"model": "security agent",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0.0.201"
},
{
"_id": null,
"model": "hardware management console for iseries r3.6",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0"
},
{
"_id": null,
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"_id": null,
"model": "call manager es07",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"_id": null,
"model": "mds",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "95000"
},
{
"_id": null,
"model": "hardware management console for pseries r2.1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"_id": null,
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.4"
},
{
"_id": null,
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "275"
},
{
"_id": null,
"model": "ace",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.5"
},
{
"_id": null,
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "7.0"
},
{
"_id": null,
"model": "linux ia-64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"_id": null,
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "2006.0"
},
{
"_id": null,
"model": "workstation",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0.3"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.8"
},
{
"_id": null,
"model": "openbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "openbsd",
"version": "3.8"
},
{
"_id": null,
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1(0)"
},
{
"_id": null,
"model": "ons ios-based blades",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "15454"
},
{
"_id": null,
"model": "operating system enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "2.0"
},
{
"_id": null,
"model": "linux lts i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"_id": null,
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"_id": null,
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.7"
},
{
"_id": null,
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "232"
},
{
"_id": null,
"model": "messaging storage server",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"_id": null,
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "76550"
},
{
"_id": null,
"model": "wireless control system software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.2"
},
{
"_id": null,
"model": "hardware management console for iseries r2.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"_id": null,
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.1"
},
{
"_id": null,
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.3"
},
{
"_id": null,
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"_id": null,
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.2"
},
{
"_id": null,
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.2"
},
{
"_id": null,
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.3"
},
{
"_id": null,
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "1.5.0"
},
{
"_id": null,
"model": "project openssl h",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"_id": null,
"model": "igateway vpn/ssl-vpn",
"scope": "eq",
"trust": 0.3,
"vendor": "intoto",
"version": "0"
},
{
"_id": null,
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "245"
},
{
"_id": null,
"model": "grid engine",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"_id": null,
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.5"
},
{
"_id": null,
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.5"
},
{
"_id": null,
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"_id": null,
"model": "project openssl i",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"_id": null,
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.17"
},
{
"_id": null,
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "1.4.3"
},
{
"_id": null,
"model": "project openssl d",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"_id": null,
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5.1"
},
{
"_id": null,
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0"
},
{
"_id": null,
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.1.0.5"
},
{
"_id": null,
"model": "financials server",
"scope": "eq",
"trust": 0.3,
"vendor": "navision",
"version": "3.0"
},
{
"_id": null,
"model": "bind rc2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"_id": null,
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.2"
},
{
"_id": null,
"model": "hardware management console for pseries r3.3",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"_id": null,
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.4"
},
{
"_id": null,
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "265"
},
{
"_id": null,
"model": "intuity lx",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"_id": null,
"model": "linux personal oss",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.0"
},
{
"_id": null,
"model": "corporate server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "3.0"
},
{
"_id": null,
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.1.2"
},
{
"_id": null,
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.0(1)"
},
{
"_id": null,
"model": "amc",
"scope": "ne",
"trust": 0.3,
"vendor": "arkoon",
"version": "1.0/6"
},
{
"_id": null,
"model": "unified presence server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.0(2)"
},
{
"_id": null,
"model": "corporate server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "4.0"
},
{
"_id": null,
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.0.1"
},
{
"_id": null,
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"_id": null,
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.1.3"
},
{
"_id": null,
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.1.0.1"
},
{
"_id": null,
"model": "access registrar",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.1"
},
{
"_id": null,
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.7.1"
},
{
"_id": null,
"model": "hardware management console for iseries r3.2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"_id": null,
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"_id": null,
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2(3)"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.9"
},
{
"_id": null,
"model": "server 0.9.4d",
"scope": null,
"trust": 0.3,
"vendor": "filezilla",
"version": null
},
{
"_id": null,
"model": "hardware management console for pseries",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4"
},
{
"_id": null,
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.1.1"
},
{
"_id": null,
"model": "project openssl c",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"_id": null,
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"_id": null,
"model": "project openssl f",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"_id": null,
"model": "ciscoworks common management foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2"
},
{
"_id": null,
"model": "grid engine update7 1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"_id": null,
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.1"
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.2"
},
{
"_id": null,
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.2"
},
{
"_id": null,
"model": "hp-ux b.11.11",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.8"
},
{
"_id": null,
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.4"
},
{
"_id": null,
"model": "bind -p2",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.6"
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.1"
},
{
"_id": null,
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.4"
},
{
"_id": null,
"model": "bind a2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"_id": null,
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"_id": null,
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.04"
},
{
"_id": null,
"model": "call manager es40",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"_id": null,
"model": "server",
"scope": "ne",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.19"
},
{
"_id": null,
"model": "call manager es50",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"_id": null,
"model": "novell linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.0"
},
{
"_id": null,
"model": "amc",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "1.0/5"
},
{
"_id": null,
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.3"
},
{
"_id": null,
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.4"
},
{
"_id": null,
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.1"
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "8.1.7"
},
{
"_id": null,
"model": "groupware server",
"scope": "eq",
"trust": 0.3,
"vendor": "kolab",
"version": "2.0.2"
},
{
"_id": null,
"model": "project openssl c",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.1"
},
{
"_id": null,
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.04"
},
{
"_id": null,
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.6"
},
{
"_id": null,
"model": "linux mips",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"_id": null,
"model": "security agent",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5.1.659"
},
{
"_id": null,
"model": "corporate server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "3.0"
},
{
"_id": null,
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.4"
},
{
"_id": null,
"model": "converged communications server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"_id": null,
"model": "reflection for secure it sp1",
"scope": "ne",
"trust": 0.3,
"vendor": "attachmate",
"version": "7.0"
},
{
"_id": null,
"model": "filezilla",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "2.2.22"
},
{
"_id": null,
"model": "bind a3",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"_id": null,
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"_id": null,
"model": "ace",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0"
},
{
"_id": null,
"model": "hardware management console for iseries r3.3",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"_id": null,
"model": "reflection for secure it",
"scope": "eq",
"trust": 0.3,
"vendor": "attachmate",
"version": "7.0"
},
{
"_id": null,
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0.2"
},
{
"_id": null,
"model": "grid engine update1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"_id": null,
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5"
},
{
"_id": null,
"model": "css11500 content services switch",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.5"
},
{
"_id": null,
"model": "s8500 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"_id": null,
"model": "project openssl d",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"_id": null,
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.4"
},
{
"_id": null,
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.2"
},
{
"_id": null,
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "44900"
},
{
"_id": null,
"model": "s8700 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"_id": null,
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.1"
},
{
"_id": null,
"model": "hp-ux b.11.23",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "project openssl beta2",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"_id": null,
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.0"
},
{
"_id": null,
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "255"
},
{
"_id": null,
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.2"
},
{
"_id": null,
"model": "call manager es56",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"_id": null,
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.0"
},
{
"_id": null,
"model": "groupware server",
"scope": "eq",
"trust": 0.3,
"vendor": "kolab",
"version": "2.0.3"
},
{
"_id": null,
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.10"
},
{
"_id": null,
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10.0x86"
},
{
"_id": null,
"model": "predictive dialing system",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "11.11"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.9"
},
{
"_id": null,
"model": "bind -p1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.2"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "9.0"
},
{
"_id": null,
"model": "ipcop",
"scope": "eq",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.12"
},
{
"_id": null,
"model": "hardware management console for iseries r1.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0"
},
{
"_id": null,
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.5"
},
{
"_id": null,
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "3.0"
},
{
"_id": null,
"model": "personal",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"_id": null,
"model": "unitedlinux",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "1.0"
},
{
"_id": null,
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.3"
},
{
"_id": null,
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"_id": null,
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"_id": null,
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "1.4.1"
},
{
"_id": null,
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.3"
},
{
"_id": null,
"model": "project openssl e",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"_id": null,
"model": "predictive dialer",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "0"
},
{
"_id": null,
"model": "project openssl c",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"_id": null,
"model": "ftp server",
"scope": "ne",
"trust": 0.3,
"vendor": "serv u",
"version": "6.3.3.1"
},
{
"_id": null,
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1(2)"
},
{
"_id": null,
"model": "project openssl f",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"_id": null,
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0"
},
{
"_id": null,
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"_id": null,
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.2"
},
{
"_id": null,
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.1.0.0"
},
{
"_id": null,
"model": "project openssl c",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"_id": null,
"model": "works common services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2"
},
{
"_id": null,
"model": "-release-p20",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"_id": null,
"model": "bind b3",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"_id": null,
"model": "linux personal x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"_id": null,
"model": "grid engine update2",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"_id": null,
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.3"
},
{
"_id": null,
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.1"
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2.8"
},
{
"_id": null,
"model": "appliance server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "2.0"
},
{
"_id": null,
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.3"
},
{
"_id": null,
"model": "bind b1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"_id": null,
"model": "red hat network satellite (for rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4)5.1"
},
{
"_id": null,
"model": "filezilla",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "2.2.15"
},
{
"_id": null,
"model": "hardware management console for iseries",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"_id": null,
"model": "secure linux",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "2.2"
},
{
"_id": null,
"model": "security mars",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2.2"
},
{
"_id": null,
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4480"
},
{
"_id": null,
"model": "call manager sr1",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"_id": null,
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.0"
},
{
"_id": null,
"model": "unified presence server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.0"
},
{
"_id": null,
"model": "predictive dialing system",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "11.0"
},
{
"_id": null,
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.4"
},
{
"_id": null,
"model": "project openssl l",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"_id": null,
"model": "ons",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154548.0"
},
{
"_id": null,
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.1"
},
{
"_id": null,
"model": "hardware management console for pseries r4.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"_id": null,
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.5"
},
{
"_id": null,
"model": "enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.0.2.2"
},
{
"_id": null,
"model": "linux lts sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"_id": null,
"model": "ipcop",
"scope": "ne",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.13"
},
{
"_id": null,
"model": "insight management agents for tru64 unix",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "3.5.2"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "10.1"
},
{
"_id": null,
"model": "call manager es33",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"_id": null,
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.1"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "10.2"
},
{
"_id": null,
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.5"
},
{
"_id": null,
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.1"
},
{
"_id": null,
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0"
},
{
"_id": null,
"model": "ace",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0"
},
{
"_id": null,
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.1"
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.2.3"
},
{
"_id": null,
"model": "s8300 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"_id": null,
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.0"
},
{
"_id": null,
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.3.1"
},
{
"_id": null,
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.4.1"
},
{
"_id": null,
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.5"
},
{
"_id": null,
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.8"
},
{
"_id": null,
"model": "f...",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10"
},
{
"_id": null,
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.3"
},
{
"_id": null,
"model": "-prerelease",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.4"
},
{
"_id": null,
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"_id": null,
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.0"
},
{
"_id": null,
"model": "beta11",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0"
},
{
"_id": null,
"model": "ssl360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "2.0/2"
},
{
"_id": null,
"model": "grid engine 32-bit sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5.3"
},
{
"_id": null,
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.6"
},
{
"_id": null,
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.3.1"
},
{
"_id": null,
"model": "enterprise linux ws ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"_id": null,
"model": "enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.0.2.1"
},
{
"_id": null,
"model": "hardware management console for pseries r3.6",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0"
},
{
"_id": null,
"model": "s8710 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"_id": null,
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.2"
},
{
"_id": null,
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.3"
},
{
"_id": null,
"model": "hp-ux b.11.00",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "filezilla",
"scope": "ne",
"trust": 0.3,
"vendor": "filezilla",
"version": "2.2.28"
},
{
"_id": null,
"model": "fast360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "4.0/4"
},
{
"_id": null,
"model": "bind rc1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"_id": null,
"model": "bind b",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"_id": null,
"model": "hp-ux b.11.31",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "novell linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "1.0"
},
{
"_id": null,
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0.1"
},
{
"_id": null,
"model": "linux personal x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"_id": null,
"model": "project openssl e",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"_id": null,
"model": "ciscoworks common management foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.9"
},
{
"_id": null,
"model": "hardware management console for pseries r3.1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"_id": null,
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.4"
},
{
"_id": null,
"model": "computing snapgear sg710",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "0"
},
{
"_id": null,
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.3"
},
{
"_id": null,
"model": "call manager es62",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"_id": null,
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"_id": null,
"model": "solaris 9 sparc",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "workstation build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.444386"
},
{
"_id": null,
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.1"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.3.132"
},
{
"_id": null,
"model": "fast360",
"scope": "ne",
"trust": 0.3,
"vendor": "arkoon",
"version": "4.0/5"
},
{
"_id": null,
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.2"
},
{
"_id": null,
"model": "css11500 content services switch s",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.10"
},
{
"_id": null,
"model": "download accelarator",
"scope": "eq",
"trust": 0.3,
"vendor": "prozilla",
"version": "1.2.1"
},
{
"_id": null,
"model": "groupware server",
"scope": "eq",
"trust": 0.3,
"vendor": "kolab",
"version": "2.0.1"
},
{
"_id": null,
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.1"
},
{
"_id": null,
"model": "bind b1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"_id": null,
"model": "fast360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "4.0/1"
},
{
"_id": null,
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2"
},
{
"_id": null,
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "255"
},
{
"_id": null,
"model": "linux s/390",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"_id": null,
"model": "secure acs build",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(1)23"
},
{
"_id": null,
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.2"
},
{
"_id": null,
"model": "sip proxy server",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "238"
},
{
"_id": null,
"model": "openvms secure web server",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.2"
},
{
"_id": null,
"model": "project openssl k",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"_id": null,
"model": "enterprise linux as ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"_id": null,
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2"
},
{
"_id": null,
"model": "server b",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.8"
},
{
"_id": null,
"model": "linux enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"_id": null,
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.1.3"
},
{
"_id": null,
"model": "ace",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.3"
},
{
"_id": null,
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "275"
},
{
"_id": null,
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.10"
},
{
"_id": null,
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.3"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "10.0"
},
{
"_id": null,
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.0"
},
{
"_id": null,
"model": "bind b2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"_id": null,
"model": "linux lts powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"_id": null,
"model": "grid engine update3",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"_id": null,
"model": "s8500",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "0"
},
{
"_id": null,
"model": "project openssl beta3",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"_id": null,
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.10"
},
{
"_id": null,
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "3.0.2"
},
{
"_id": null,
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.2"
},
{
"_id": null,
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5.1.639"
},
{
"_id": null,
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "245"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.5"
},
{
"_id": null,
"model": "openvpn",
"scope": "ne",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.9"
},
{
"_id": null,
"model": "firewall",
"scope": "ne",
"trust": 0.3,
"vendor": "ingate",
"version": "4.5.2"
},
{
"_id": null,
"model": "linux m68k",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"_id": null,
"model": "desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4.0"
},
{
"_id": null,
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"_id": null,
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.1.0.4"
},
{
"_id": null,
"model": "linux hppa",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"_id": null,
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "3.0.1"
},
{
"_id": null,
"model": "workstation build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.342958"
},
{
"_id": null,
"model": "messaging storage server mm3.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"_id": null,
"model": "grid engine 64-bit sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5.3"
},
{
"_id": null,
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"_id": null,
"model": "s8500 cm",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"_id": null,
"model": "s8710 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"_id": null,
"model": "advanced workstation for the itanium processor ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"_id": null,
"model": "hat red hat network satellite server",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "4.2"
},
{
"_id": null,
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1.79"
},
{
"_id": null,
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.0"
},
{
"_id": null,
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "3.1"
},
{
"_id": null,
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"_id": null,
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.7"
},
{
"_id": null,
"model": "grid engine update4",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"_id": null,
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.4"
},
{
"_id": null,
"model": "ons mspp",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154540"
},
{
"_id": null,
"model": "5.4-stable",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.3.30"
},
{
"_id": null,
"model": "project openssl j",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"_id": null,
"model": "project openssl d",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"_id": null,
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.3.728"
},
{
"_id": null,
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.3(1)"
},
{
"_id": null,
"model": "linux -current",
"scope": null,
"trust": 0.3,
"vendor": "slackware",
"version": null
},
{
"_id": null,
"model": "bind -p2",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.2"
},
{
"_id": null,
"model": "grid engine update6",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"_id": null,
"model": "ciscoworks common management foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.1"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"_id": null,
"model": "home",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"_id": null,
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.4"
},
{
"_id": null,
"model": "bind a6",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"_id": null,
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.3"
},
{
"_id": null,
"model": "hardware management console for iseries r2.1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"_id": null,
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.3"
},
{
"_id": null,
"model": "tru64 b-4",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.1"
},
{
"_id": null,
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.4.1"
},
{
"_id": null,
"model": "message networking",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"_id": null,
"model": "call manager es55",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"_id": null,
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.0"
},
{
"_id": null,
"model": "css11500 content services switch",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1"
},
{
"_id": null,
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.5"
},
{
"_id": null,
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "8.0"
},
{
"_id": null,
"model": "server 0.9.4e",
"scope": null,
"trust": 0.3,
"vendor": "filezilla",
"version": null
},
{
"_id": null,
"model": "player build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.380004"
},
{
"_id": null,
"model": "tru64 b-3",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.1"
},
{
"_id": null,
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"_id": null,
"model": "desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3.0"
},
{
"_id": null,
"model": "linux alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"_id": null,
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5.1.657"
},
{
"_id": null,
"model": "secure enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "2.0"
},
{
"_id": null,
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.3.1"
},
{
"_id": null,
"model": "desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10.0"
},
{
"_id": null,
"model": "project openssl k",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"_id": null,
"model": "advanced workstation for the itanium processor",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"_id": null,
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "265"
},
{
"_id": null,
"model": "call manager es24",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"_id": null,
"model": "hardware management console for pseries",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3"
},
{
"_id": null,
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.1"
},
{
"_id": null,
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.2"
},
{
"_id": null,
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10.0"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.3"
},
{
"_id": null,
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "44910"
},
{
"_id": null,
"model": "s8300 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"_id": null,
"model": "computing snapgear u2",
"scope": "ne",
"trust": 0.3,
"vendor": "secure",
"version": "3.1.4"
},
{
"_id": null,
"model": "novell linux pos",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9"
},
{
"_id": null,
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154542.3(5)"
},
{
"_id": null,
"model": "ssl360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "1.0"
},
{
"_id": null,
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.01"
},
{
"_id": null,
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.5.1"
},
{
"_id": null,
"model": "intrusion detection system 4.1",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "project openssl beta1",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"_id": null,
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1"
},
{
"_id": null,
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.6"
},
{
"_id": null,
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.5"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.0.2"
},
{
"_id": null,
"model": "download accelarator",
"scope": "eq",
"trust": 0.3,
"vendor": "prozilla",
"version": "1.3.2"
},
{
"_id": null,
"model": "solaris 10 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3"
},
{
"_id": null,
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2"
},
{
"_id": null,
"model": "s8700 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"_id": null,
"model": "computing snapgear sg580",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "0"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.4"
},
{
"_id": null,
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.1.3"
},
{
"_id": null,
"model": "system management homepage",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.8"
},
{
"_id": null,
"model": "ons 15454e optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "openvms secure web server",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1.1-1"
},
{
"_id": null,
"model": "application control engine module",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.1"
},
{
"_id": null,
"model": "linux ia-32",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"_id": null,
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2.1"
},
{
"_id": null,
"model": "solaris 9 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "project openssl m",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"_id": null,
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "44920"
},
{
"_id": null,
"model": "project openssl l",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"_id": null,
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"_id": null,
"model": "suse linux openexchange server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "4.0"
},
{
"_id": null,
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "238"
},
{
"_id": null,
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.5"
},
{
"_id": null,
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.2"
},
{
"_id": null,
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "2007.0"
},
{
"_id": null,
"model": "server build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.580187"
},
{
"_id": null,
"model": "ons mstp",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154540"
},
{
"_id": null,
"model": "project openssl j",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"_id": null,
"model": "ssl360",
"scope": "ne",
"trust": 0.3,
"vendor": "arkoon",
"version": "2.0/3"
},
{
"_id": null,
"model": "multimedia",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"_id": null,
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.0(2)"
},
{
"_id": null,
"model": "peoplesoft enterprise peopletools",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "8.48"
},
{
"_id": null,
"model": "peoplesoft enterprise peopletools",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "8.47"
},
{
"_id": null,
"model": "peoplesoft enterprise peopletools",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "8.22"
},
{
"_id": null,
"model": "oracle9i standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2.8"
},
{
"_id": null,
"model": "oracle9i standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2.7"
},
{
"_id": null,
"model": "oracle9i standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2.6"
},
{
"_id": null,
"model": "oracle9i standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2.0.5"
},
{
"_id": null,
"model": "oracle9i standard edition fips",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.1.5"
},
{
"_id": null,
"model": "oracle9i standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.1.5"
},
{
"_id": null,
"model": "oracle9i standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.1.4"
},
{
"_id": null,
"model": "oracle9i personal edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2.8"
},
{
"_id": null,
"model": "oracle9i personal edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2.7"
},
{
"_id": null,
"model": "oracle9i personal edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2.6"
},
{
"_id": null,
"model": "oracle9i personal edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2.0.5"
},
{
"_id": null,
"model": "oracle9i personal edition fips",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.1.5"
},
{
"_id": null,
"model": "oracle9i personal edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.1.5"
},
{
"_id": null,
"model": "oracle9i personal edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.1.4"
},
{
"_id": null,
"model": "oracle9i enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2.8.0"
},
{
"_id": null,
"model": "oracle9i enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2.7.0"
},
{
"_id": null,
"model": "oracle9i enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2.6.0"
},
{
"_id": null,
"model": "oracle9i enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2.0.5"
},
{
"_id": null,
"model": "oracle9i enterprise edition fips",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.1.5"
},
{
"_id": null,
"model": "oracle9i enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.1.5"
},
{
"_id": null,
"model": "oracle9i enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.1.4"
},
{
"_id": null,
"model": "oracle8i standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "8.1.7.4"
},
{
"_id": null,
"model": "oracle8i enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "8.1.7.4.0"
},
{
"_id": null,
"model": "oracle10g standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.2.3"
},
{
"_id": null,
"model": "oracle10g standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.2.2"
},
{
"_id": null,
"model": "oracle10g standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.2.1"
},
{
"_id": null,
"model": "oracle10g standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.4.2"
},
{
"_id": null,
"model": "oracle10g standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.0.5"
},
{
"_id": null,
"model": "oracle10g standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.0.4"
},
{
"_id": null,
"model": "oracle10g standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.0.3.1"
},
{
"_id": null,
"model": "oracle10g standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.0.3"
},
{
"_id": null,
"model": "oracle10g standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.0.2"
},
{
"_id": null,
"model": "oracle10g personal edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.2.3"
},
{
"_id": null,
"model": "oracle10g personal edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.2.2"
},
{
"_id": null,
"model": "oracle10g personal edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.2.1"
},
{
"_id": null,
"model": "oracle10g personal edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.0.4"
},
{
"_id": null,
"model": "oracle10g personal edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.0.3.1"
},
{
"_id": null,
"model": "oracle10g personal edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.0.3"
},
{
"_id": null,
"model": "oracle10g personal edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.0.2"
},
{
"_id": null,
"model": "oracle10g enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.2.3"
},
{
"_id": null,
"model": "oracle10g enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.2.2"
},
{
"_id": null,
"model": "oracle10g enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.2.1"
},
{
"_id": null,
"model": "oracle10g enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.0.4"
},
{
"_id": null,
"model": "oracle10g enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.0.3.1"
},
{
"_id": null,
"model": "oracle10g enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.0.3"
},
{
"_id": null,
"model": "oracle10g enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.0.2"
},
{
"_id": null,
"model": "oracle10g application server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.3.4.0"
},
{
"_id": null,
"model": "oracle10g application server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.3.0.0"
},
{
"_id": null,
"model": "oracle10g application server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.2.2.0"
},
{
"_id": null,
"model": "oracle10g application server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.2.1.0"
},
{
"_id": null,
"model": "oracle10g application server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.2.0.2"
},
{
"_id": null,
"model": "oracle10g application server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.2.0.1"
},
{
"_id": null,
"model": "oracle10g application server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.2"
},
{
"_id": null,
"model": "oracle10g application server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.4.2"
},
{
"_id": null,
"model": "oracle10g application server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.4.1"
},
{
"_id": null,
"model": "identity management 10g",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.4.0.1"
},
{
"_id": null,
"model": "9i application server release",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "11.0.2.2"
},
{
"_id": null,
"model": "enterprise manager grid control 10g",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.2.1"
},
{
"_id": null,
"model": "enterprise manager grid control 10g",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.5"
},
{
"_id": null,
"model": "enterprise manager grid control 10g",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.4"
},
{
"_id": null,
"model": "enterprise manager grid control 10g",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.3"
},
{
"_id": null,
"model": "e-business suite 11i cu2",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "11.5.10"
},
{
"_id": null,
"model": "e-business suite 11i",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "11.5.10"
},
{
"_id": null,
"model": "e-business suite 11i",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "11.5.9"
},
{
"_id": null,
"model": "e-business suite 11i",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "11.5.8"
},
{
"_id": null,
"model": "e-business suite 11i",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "11.5.7"
},
{
"_id": null,
"model": "e-business suite",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "11.0"
},
{
"_id": null,
"model": "developer suite",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.2.0.2"
},
{
"_id": null,
"model": "developer suite",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.4.3"
},
{
"_id": null,
"model": "developer suite 6i",
"scope": null,
"trust": 0.3,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "application server release",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "210.1.2.0.2"
},
{
"_id": null,
"model": "application server release",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "210.1.2.0.1"
},
{
"_id": null,
"model": "application server release",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "210.1.2.0.0"
},
{
"_id": null,
"model": "application server release",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "29.0.2.3"
},
{
"_id": null,
"model": "application server 10g",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.4.3"
},
{
"_id": null,
"model": "application server 10g",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.4.2"
},
{
"_id": null,
"model": "application server 10g",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.4.1"
},
{
"_id": null,
"model": "application server 10g",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.4"
},
{
"_id": null,
"model": "oracle for openview for linux ltu",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"_id": null,
"model": "oracle for openview",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "9.1.1"
},
{
"_id": null,
"model": "oracle for openview",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "8.1.7"
},
{
"_id": null,
"model": "oracle for openview",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "9.2"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.11"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.10"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.11"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.10"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#423396"
},
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#221788"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "BID",
"id": "20247"
},
{
"db": "BID",
"id": "22083"
},
{
"db": "CNNVD",
"id": "CNNVD-200609-533"
},
{
"db": "NVD",
"id": "CVE-2006-2940"
}
]
},
"credits": {
"_id": null,
"data": "Andy Davis advisories@irmplc.com Vicente Aguilera Diaz vaguilera@isecauditors.com Esteban Martinez FayoTony FogartyOliver Karow Oliver.karow@gmx.de Joxean Koret joxeankoret@yahoo.es Alexander Kornbrust ak@red-database-security.com David Litchfield",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200609-533"
}
],
"trust": 0.6
},
"cve": "CVE-2006-2940",
"cvss": {
"_id": null,
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CVE-2006-2940",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 1.0,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2006-2940",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#423396",
"trust": 0.8,
"value": "7.92"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#386964",
"trust": 0.8,
"value": "0.32"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#221788",
"trust": 0.8,
"value": "4.20"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#845620",
"trust": 0.8,
"value": "7.56"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#547300",
"trust": 0.8,
"value": "2.53"
},
{
"author": "CNNVD",
"id": "CNNVD-200609-533",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#423396"
},
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#221788"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "CNNVD",
"id": "CNNVD-200609-533"
},
{
"db": "NVD",
"id": "CVE-2006-2940"
}
]
},
"description": {
"_id": null,
"data": "OpenSSL 0.9.7 before 0.9.7l, 0.9.8 before 0.9.8d, and earlier versions allows attackers to cause a denial of service (CPU consumption) via parasitic public keys with large (1) \"public exponent\" or (2) \"public modulus\" values in X.509 certificates that require extra time to process when using RSA signature verification. Some applications that perform X.509 certificate verification may be vulnerable to signature processing problems that lead to resource exhaustion. This vulnerability may cause a denial of service. The Oracle SYS.DBMS_AQ package is vulnerable to PL/SQL injection. This vulnerability may allow a remote, authenticated attacker to execute arbitrary PL/SQL commands on a vulnerable Oracle installation. Multiple RSA implementations fail to properly handle RSA signatures. This vulnerability may allow an attacker to forge RSA signatures. OpenSSL is prone to a denial-of-service vulnerability because it fails to validate the lengths of public keys being used. Oracle has released a Critical Patch Update advisory for January 2007 to address these vulnerabilities for supported releases. Earlier unsupported releases are likely to be affected by these issues as well. \nThe issues identified by the vendor affect all security properties of the Oracle products and present local and remote threats. Various levels of authorization are needed to leverage some of the issues, but other issues do not require any authorization. The most severe of the vulnerabilities could possibly expose affected computers to complete compromise. Henson recently developed an ASN.1 test suite for NISCC\n(www.niscc.gov.uk). During the parsing of certain invalid ASN.1 structures an error\ncondition is mishandled. Certain types of public key can take disproportionate amounts of\ntime to process. \n\nAny code which uses OpenSSL to parse ASN.1 data from untrusted sources\nis affected. This includes SSL servers which enable client\nauthentication and S/MIME applications. \n\nAcknowledgements\n----------------\n\nThe OpenSSL team thank Dr S. Henson of Open Network Security and NISCC\nfor funding the ASN.1 test suite project. An attacker could send a list of ciphers to an\napplication that uses this function and overrun a buffer\n(CVE-2006-3738). \n\n\nSSLv2 Client Crash (CVE-2006-4343)\n==================================\n\nVulnerability\n-------------\n\nA flaw in the SSLv2 client code was discovered. \n\n\nRecommendations\n===============\n\nThese vulnerabilities are resolved in the following versions of OpenSSL:\n\n - in the 0.9.7 branch, version 0.9.7l (or later);\n - in the 0.9.8 branch, version 0.9.8d (or later). \n\nOpenSSL 0.9.8d and OpenSSL 0.9.7l are available for download via\nHTTP and FTP from the following master locations (you can find the\nvarious FTP mirrors under https://www.openssl.org/source/mirror.html):\n\n o https://www.openssl.org/source/\n o ftp://ftp.openssl.org/source/\n\nThe distribution file names are:\n\n o openssl-0.9.8d.tar.gz\n MD5 checksum: 8ed1853538e1d05a1f5ada61ebf8bffa\n SHA1 checksum: 4136fba00303a3d319d2052bfa8e1f09a2e12fc2\n\n o openssl-0.9.7l.tar.gz\n MD5 checksum: b21d6e10817ddeccf5fbe1379987333e\n SHA1 checksum: f0e4136639b10cbd1227c4f7350ff7ad406e575d\n \nThe checksums were calculated using the following commands:\n\n openssl md5 openssl-0.9*.tar.gz\n openssl sha1 openssl-0.9*.tar.gz\n\nAfter upgrading make sure to recompile any applications statically\nlinked to OpenSSL libraries and restart all applications that use\nOpenSSL. Incorrect permissions on SSL key files generated by vmware-config\n(CVE-2006-3589):\n\n ESX 3.0.1: does not have this problem\n ESX 3.0.0: does not have this problem\n ESX 2.5.4: corrected by ESX 2.5.4 Upgrade Patch 3 (Build# 36502)\n ESX 2.5.3: corrected by ESX 2.5.3 Upgrade Patch 6 (Build# 35703)\n ESX 2.1.3: corrected by ESX 2.1.3 Upgrade Patch 4 (Build# 35803)\n ESX 2.0.2: corrected by ESX 2.0.2 Upgrade Patch 4 (Build# 35801)\n\n A possible security issue with the configuration program\n vmware-config which could set incorrect permissions on SSL key\n files. Local users may be able to obtain access to the SSL key\n files. OpenSSL library vulnerabilities:\n\n ESX 3.0.1: corrected by ESX 3.0.1 Patch ESX-9986131\n ESX 3.0.0: corrected by ESX 3.0.0 Patch ESX-3069097\n ESX 2.5.4: corrected by ESX 2.5.4 Upgrade Patch 3 (Build# 36502)\n ESX 2.5.3: corrected by ESX 2.5.3 Upgrade Patch 6 (Build# 35703)\n ESX 2.1.3: corrected by ESX 2.1.3 Upgrade Patch 4 (Build# 35803)\n ESX 2.0.2: corrected by ESX 2.0.2 Upgrade Patch 4 (Build# 35801)\n\n (CVE-2006-2937) OpenSSL 0.9.7 before 0.9.7l and 0.9.8 before 0.9.8d\n allows remote attackers to cause a denial of service (infinite\n loop and memory consumption) via malformed ASN.1 structures that\n trigger an improperly handled error condition. \n\n (CVE-2006-4339) OpenSSL before 0.9.7, 0.9.7 before 0.9.7k, and 0.9.8\n before 0.9.8c, when using an RSA key with exponent 3, removes PKCS-1\n padding before generating a hash, which allows remote attackers to\n forge a PKCS #1 v1.5 signature that is signed by that RSA key and\n prevents OpenSSL from correctly verifying X.509 and other\n certificates that use PKCS #1. \n\n (CVE-2006-4343) The get_server_hello function in the SSLv2 client\n code in OpenSSL 0.9.7 before 0.9.7l, 0.9.8 before 0.9.8d, and\n earlier versions allows remote servers to cause a denial of service\n (client crash) via unknown vectors that trigger a null pointer\n dereference. Updated OpenSSH package addresses the following possible security issues:\n\n ESX 3.0.1: corrected by Patch ESX-9986131\n ESX 3.0.0: corrected by Patch ESX-3069097\n ESX 2.5.4: does not have these problems\n ESX 2.5.3: does not have these problems\n ESX 2.1.3: does not have these problems\n ESX 2.0.2: does not have these problems\n\n (CVE-2004-2069) sshd.c in OpenSSH 3.6.1p2 and 3.7.1p2 and possibly\n other versions, when using privilege separation, does not properly\n signal the non-privileged process when a session has been terminated\n after exceeding the LoginGraceTime setting, which leaves the\n connection open and allows remote attackers to cause a denial of\n service (connection consumption). \n\n (CVE-2006-0225) scp in OpenSSH 4.2p1 allows attackers to execute\n arbitrary commands via filenames that contain shell metacharacters\n or spaces, which are expanded twice. \n\n (CVE-2003-0386) OpenSSH 3.6.1 and earlier, when restricting host\n access by numeric IP addresses and with VerifyReverseMapping\n disabled, allows remote attackers to bypass \"from=\" and \"user@host\"\n address restrictions by connecting to a host from a system whose\n reverse DNS hostname contains the numeric IP address. \n\n (CVE-2006-4924) sshd in OpenSSH before 4.4, when using the version 1\n SSH protocol, allows remote attackers to cause a denial of service\n (CPU consumption) via an SSH packet that contains duplicate blocks,\n which is not properly handled by the CRC compensation attack\n detector. \n\n NOTE: ESX by default disables version 1 SSH protocol. \n\n (CVE-2006-5051) Signal handler race condition in OpenSSH before 4.4\n allows remote attackers to cause a denial of service (crash), and\n possibly execute arbitrary code if GSSAPI authentication is enabled,\n via unspecified vectors that lead to a double-free. \n\n NOTE: ESX doesn\u0027t use GSSAPI by default. \n\n (CVE-2006-5794) Unspecified vulnerability in the sshd Privilege\n Separation Monitor in OpenSSH before 4.5 causes weaker verification\n that authentication has been successful, which might allow attackers\n to bypass authentication. \n\n NOTE: as of 20061108, it is believed that this issue is only\n exploitable by leveraging vulnerabilities in the unprivileged\n process, which are not known to exist. Object reuse problems with newly created virtual disk (.vmdk or .dsk)\nfiles:\n\n ESX 3.0.1: does not have this problem\n ESX 3.0.0: does not have this problem\n ESX 2.5.4: corrected by ESX 2.5.4 Upgrade Patch 3 (Build# 36502)\n ESX 2.5.3: corrected by ESX 2.5.3 Upgrade Patch 6 (Build# 35703)\n ESX 2.1.3: corrected by ESX 2.1.3 Upgrade Patch 4 (Build# 35803)\n ESX 2.0.2: corrected by ESX 2.0.2 Upgrade Patch 4 (Build# 35801)\n\n A possible security issue with virtual disk (.vmdk or .dsk) files\n that are newly created, but contain blocks from recently deleted\n virtual disk files. Information belonging to the previously\n deleted virtual disk files could be revealed in newly created\n virtual disk files. \n\n VMware recommends the following workaround: When creating new\n virtual machines on an ESX Server that may contain sensitive\n data, use vmkfstools with the -W option. This initializes the\n virtual disk with zeros. NOTE: ESX 3.x defines this option as -w. Buffer overflow in Python function repr():\n\n ESX 3.0.1: corrected by Patch ESX-9986131\n ESX 3.0.0: corrected by ESX-3069097\n ESX 2.5.4: does not have this problem\n ESX 2.5.3: does not have this problem\n ESX 2.1.3: does not have this problem\n ESX 2.0.2: does not have this problem\n\n A possible security issue with how the Python function repr()\n function handles UTF-32/UCS-4 strings. \n\n ESX 3.0.1\n http://www.vmware.com/support/vi3/doc/esx-9986131-patch.html\n md5usm: 239375e107fd4c7af57663f023863fcb\n\n ESX 3.0.0\n http://www.vmware.com/support/vi3/doc/esx-3069097-patch.html\n md5sum: ca9947239fffda708f2c94f519df33dc\n\n ESX 2.5.4\n http://www.vmware.com/support/esx25/doc/esx-254-200612-patch.html\n md5sum: 239375e107fd4c7af57663f023863fcb\n\n ESX 2.5.3\n http://www.vmware.com/support/esx25/doc/esx-253-200612-patch.html\n md5sum: f90fcab28362edbf2311f3ca90cc7739\n\n ESX 2.1.3\n http://www.vmware.com/support/esx21/doc/esx-213-200612-patch.html\n md5sum: 7d7d0e40f4dccd5ca64b9c13a856da8f\n\n ESX 2.0.2\n http://www.vmware.com/support/esx2/doc/esx-202-200612-patch.html\n md5sum: 925e70f28d17714c53fdbd24de64329f\n\n\n5. References:\n\nESX 3.0.0 Patch URL:\nhttp://www.vmware.com/support/vi3/doc/esx-3069097-patch.html\nKnowledge base URL: http://kb.vmware.com/kb/3069097\n\nESX 3.0.1 Patch URL:\nhttp://www.vmware.com/support/vi3/doc/esx-9986131-patch.html\nKnowledge base URL: http://kb.vmware.com/kb/9986131\n\nESX 2.5.4 Patch URL:\nhttp://www.vmware.com/support/esx25/doc/esx-254-200612-patch.html\n\nESX 2.5.3 Patch URL:\nhttp://www.vmware.com/support/esx25/doc/esx-253-200612-patch.html\n\nESX 2.1.3 Patch URL:\nhttp://www.vmware.com/support/esx21/doc/esx-213-200612-patch.html\n\nESX 2.0.2 Patch URL:\nhttp://www.vmware.com/support/esx2/doc/esx-202-200612-patch.html\n\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3589\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4339\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4980\n\n6. \nCharter: http://lists.grok.org.uk/full-disclosure-charter.html\nHosted and sponsored by Secunia - http://secunia.com/\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA256\n\n- -------------------------------------------------------------------\n~ VMware Security Advisory\n\nAdvisory ID: VMSA-2008-0005\nSynopsis: Updated VMware Workstation, VMware Player, VMware\n~ Server, VMware ACE, and VMware Fusion resolve\n~ critical security issues\nIssue date: 2008-03-17\nUpdated on: 2008-03-17 (initial release of advisory)\nCVE numbers: CVE-2008-0923 CVE-2008-0923 CVE-2008-1361\n~ CVE-2008-1362 CVE-2007-5269 CVE-2006-2940\n~ CVE-2006-2937 CVE-2006-4343 CVE-2006-4339\n~ CVE-2007-5618 CVE-2008-1364 CVE-2008-1363\n~ CVE-2008-1340\n- -------------------------------------------------------------------\n\n1. \n\n2. Relevant releases:\n\n~ VMware Workstation 6.0.2 and earlier\n~ VMware Workstation 5.5.4 and earlier\n~ VMware Player 2.0.2 and earlier\n~ VMware Player 1.0.4 and earlier\n~ VMware ACE 2.0.2 and earlier\n~ VMware ACE 1.0.2 and earlier\n~ VMware Server 1.0.4 and earlier\n~ VMware Fusion 1.1 and earlier\n\n3. Problem description:\n\n~ a. Host to guest shared folder (HGFS) traversal vulnerability\n\n~ On Windows hosts, if you have configured a VMware host to guest\n~ shared folder (HGFS), it is possible for a program running in the\n~ guest to gain access to the host\u0027s file system and create or modify\n~ executable files in sensitive locations. \n\nNOTE: VMware Server is not affected because it doesn\u0027t use host to\n~ guest shared folders. No versions of ESX Server, including\n~ ESX Server 3i, are affected by this vulnerability. Because\n~ ESX Server is based on a bare-metal hypervisor architecture\n~ and not a hosted architecture, and it doesn\u0027t include any\n~ shared folder abilities. Fusion and Linux based hosted\n~ products are unaffected. \n\n~ VMware would like to thank CORE Security Technologies for\n~ working with us on this issue. This addresses advisory\n~ CORE-2007-0930. \n\n~ The Common Vulnerabilities and Exposures project (cve.mitre.org)\n~ has assigned the name CVE-2008-0923 to this issue. \n\n~ Hosted products\n~ ---------------\n~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004)\n~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404)\n~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004)\n~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404)\n~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)\n~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)\n\n~ b. Insecure named pipes\n\n~ An internal security audit determined that a malicious Windows\n~ user could attain and exploit LocalSystem privileges by causing\n~ the authd process to connect to a named pipe that is opened and\n~ controlled by the malicious user. \n\n~ The same internal security audit determined that a malicious\n~ Windows user could exploit an insecurely created named pipe\n~ object to escalate privileges or create a denial of service\n~ attack. In this situation, the malicious user could\n~ successfully impersonate authd and attain privileges under\n~ which Authd is executing. \n\n~ The Common Vulnerabilities and Exposures project (cve.mitre.org)\n~ has assigned the names CVE-2008-1361, CVE-2008-1362 to these\n~ issues. \n\n~ Windows Hosted products\n~ ---------------\n~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004)\n~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404)\n~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004)\n~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404)\n~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187)\n~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)\n~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)\n\n~ c. Updated libpng library to version 1.2.22 to address various\n~ security vulnerabilities\n\n~ Several flaws were discovered in the way libpng handled various PNG\n~ image chunks. An attacker could create a carefully crafted PNG\n~ image file in such a way that it could cause an application linked\n~ with libpng to crash when the file was manipulated. \n\n~ The Common Vulnerabilities and Exposures project (cve.mitre.org)\n~ has assigned the name CVE-2007-5269 to this issue. \n\n~ Hosted products\n~ ---------------\n~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004)\n~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404)\n~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004)\n~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404)\n~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187)\n~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)\n~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)\n\n~ NOTE: Fusion is not affected by this issue. \n\n~ d. Updated OpenSSL library to address various security vulnerabilities\n\n~ Updated OpenSSL fixes several security flaws were discovered\n~ in previous versions of OpenSSL. \n\n~ The Common Vulnerabilities and Exposures project (cve.mitre.org)\n~ assigned the following names to these issues: CVE-2006-2940,\n~ CVE-2006-2937, CVE-2006-4343, CVE-2006-4339. \n\n~ Hosted products\n~ ---------------\n~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004)\n~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404)\n~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004)\n~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404)\n~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187)\n~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)\n~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)\n\n~ NOTE: Fusion is not affected by this issue. \n\n~ e. VIX API default setting changed to a more secure default value\n\n~ Workstation 6.0.2 allowed anonymous console access to the guest by\n~ means of the VIX API. This release, Workstation 6.0.3, disables\n~ this feature. This means that the Eclipse Integrated Virtual\n~ Debugger and the Visual Studio Integrated Virtual Debugger will now\n~ prompt for user account credentials to access a guest. \n\n~ Hosted products\n~ ---------------\n~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004)\n~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004)\n~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)\n\n~ f. Windows 2000 based hosted products privilege escalation\n~ vulnerability\n\n~ This release addresses a potential privilege escalation on\n~ Windows 2000 hosted products. Certain services may be improperly\n~ registered and present a security vulnerability to Windows 2000\n~ machines. \n\n~ VMware would like to thank Ray Hicken for reporting this issue and\n~ David Maciejak for originally pointing out these types of\n~ vulnerabilities. \n\n~ The Common Vulnerabilities and Exposures project (cve.mitre.org)\n~ assigned the name CVE-2007-5618 to this issue. \n\n~ Windows versions of Hosted products\n~ ---------------\n~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004)\n~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404)\n~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004)\n~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404)\n~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187)\n~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)\n~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)\n\n~ NOTE: Fusion and Linux based products are not affected by this\n~ issue. \n\n~ g. \n\n~ VMware would like to thank Martin O\u0027Neal for reporting this issue. \n\n~ The Common Vulnerabilities and Exposures project (cve.mitre.org)\n~ assigned the name CVE-2008-1364 to this issue. \n\n~ Hosted products\n~ ---------------\n~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404)\n~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404)\n~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187)\n~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)\n~ VMware Fusion 1.1 upgrade to version 1.1.1 (Build# 72241)\n\n~ NOTE: This issue doesn\u0027t affect the latest versions of VMware\n~ Workstation 6, VMware Player 2, and ACE 2 products. \n\n~ h. Local Privilege Escalation on Windows based platforms by\n~ Hijacking VMware VMX configuration file\n\n~ VMware uses a configuration file named \"config.ini\" which\n~ is located in the application data directory of all users. \n~ By manipulating this file, a user could gain elevated\n~ privileges by hijacking the VMware VMX process. \n\n~ VMware would like to thank Sun Bing for reporting the issue. \n\n~ The Common Vulnerabilities and Exposures project (cve.mitre.org)\n~ assigned the name CVE-2008-1363 to this issue. \n\n~ Windows based Hosted products\n~ ---------------\n~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004)\n~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404)\n~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004)\n~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404)\n~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187)\n~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)\n~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)\n\n~ i. Virtual Machine Communication Interface (VMCI) memory corruption\n~ resulting in denial of service\n\n~ VMCI was introduced in VMware Workstation 6.0, VMware Player 2.0,\n~ and VMware ACE 2.0. It is an experimental, optional feature and\n~ it may be possible to crash the host system by making specially\n~ crafted calls to the VMCI interface. \n\n~ VMware would like to thank Andrew Honig of the Department of\n~ Defense for reporting this issue. \n\n~ The Common Vulnerabilities and Exposures project (cve.mitre.org)\n~ assigned the name CVE-2008-1340 to this issue. \n\n~ Hosted products\n~ ---------------\n~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004)\n~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004)\n~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)\n\n4. Solution:\n\nPlease review the Patch notes for your product and version and verify\nthe md5sum of your downloaded file. \n\n~ VMware Workstation 6.0.3\n~ ------------------------\n~ http://www.vmware.com/download/ws/\n~ Release notes:\n~ http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html\n~ Windows binary\n~ md5sum: 323f054957066fae07735160b73b91e5\n~ RPM Installation file for 32-bit Linux\n~ md5sum: c44183ad11082f05593359efd220944e\n~ tar Installation file for 32-bit Linux\n~ md5sum: 57601f238106cb12c1dea303ad1b4820\n~ RPM Installation file for 64-bit Linux\n~ md5sum: e9ba644be4e39556724fa2901c5e94e9\n~ tar Installation file for 64-bit Linux\n~ md5sum: d8d423a76f99a94f598077d41685e9a9\n\n~ VMware Workstation 5.5.5\n~ ------------------------\n~ http://www.vmware.com/download/ws/ws5.html\n~ Release notes:\n~ http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html\n~ Windows binary\n~ md5sum: 9c2dd94db5eed93d7f64e8d6ba8d8bd3\n~ Compressed Tar archive for 32-bit Linux\n~ md5sum: 77401c0842a151f0b2db0b4fcb0d16eb\n~ Linux RPM version for 32-bit Linux\n~ md5sum: c222b6db934deb9c1bb79b16b25a3202\n\n~ VMware Server 1.0.5\n~ -------------------\n~ http://www.vmware.com/download/server/\n~ Release notes:\n~ http://www.vmware.com/support/server/doc/releasenotes_server.html\n~ VMware Server for Windows 32-bit and 64-bit\n~ md5sum: 3c4a57310c55e17bf8e4a1059d5b36cc\n~ VMware Server Windows client package\n~ md5sum: cb3dd2439203dc510f4d95f06ba59d21\n~ VMware Server for Linux\n~ md5sum: 161dcbe5af9bbd9834a86bf7c599903e\n~ VMware Server for Linux rpm\n~ md5sum: fc3b81ed18b53eda943a992971e9f84a\n~ Management Interface\n~ md5sum: dd10d25895d9994bd27ca896152f48ef\n~ VMware Server Linux client package\n~ md5sum: aae18f1f7b8811b5499e3a358754d4f8\n\n~ VMware ACE 2.0.3 and 1.0.5\n~ --------------------------\n~ http://www.vmware.com/download/ace/\n~ Windows Release notes:\n~ http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html\n\n~ VMware Fusion 1.1.1\n~ -------------------\n~ http://www.vmware.com/download/fusion/\n~ Release notes:\n~ http://www.vmware.com/support/fusion/doc/releasenotes_fusion.html\n~ md5sum: 38e116ec26b30e7a6ac47c249ef650d0\n\n~ VMware Player 2.0.3 and 1.0.6\n~ ----------------------\n~ http://www.vmware.com/download/player/\n~ Release notes Player 1.x:\n~ http://www.vmware.com/support/player/doc/releasenotes_player.html\n~ Release notes Player 2.0\n~ http://www.vmware.com/support/player2/doc/releasenotes_player2.html\n~ 2.0.3 Windows binary\n~ md5sum: 0c5009d3b569687ae139e13d24c868d3\n~ VMware Player 2.0.3 for Linux (.rpm)\n~ md5sum: 53502b2112a863356dcd13dd0d8dd8f2\n~ VMware Player 2.0.3 for Linux (.tar)\n~ md5sum: 2305fcff49bef6e4ad83742412eac978\n~ VMware Player 2.0.3 - 64-bit (.rpm)\n~ md5sum: cf945b571c4d96146ede010286fdfca5\n~ VMware Player 2.0.3 - 64-bit (.tar)\n~ md5sum: f99c5b293eb87c5f918ad24111565b9f\n~ 1.0.6 Windows binary\n~ md5sum: 895081406c4de5361a1700ec0473e49c\n~ Player 1.0.6 for Linux (.rpm)\n~ md5sum: 8adb23799dd2014be0b6d77243c76942\n~ Player 1.0.6 for Linux (.tar)\n~ md5sum: c358f8e1387fb60863077d6f8a9f7b3f\n\n5. References:\n\n~ CVE numbers\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0923\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1361\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1362\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5269\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4339\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5618\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1364\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1363\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1340\n\n- -------------------------------------------------------------------\n6. Contact:\n\nE-mail list for product security notifications and announcements:\nhttp://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce\n\nThis Security Advisory is posted to the following lists:\n\n~ * security-announce@lists.vmware.com\n~ * bugtraq@securityfocus.com\n~ * full-disclosure@lists.grok.org.uk\n\nE-mail: security@vmware.com\n\nSecurity web site\nhttp://www.vmware.com/security\n\nVMware security response policy\nhttp://www.vmware.com/support/policies/security_response.html\n\nGeneral support life cycle policy\nhttp://www.vmware.com/support/policies/eos.html\n\nVMware Infrastructure support life cycle policy\nhttp://www.vmware.com/support/policies/eos_vi.html\n\nCopyright 2008 VMware Inc. All rights reserved. \n\n\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.7 (GNU/Linux)\n\niD8DBQFH3yTxS2KysvBH1xkRCHq8AJ0QOMocv/gSz/hgdojA39PGVO6pUACePCRv\nCv8MnL2bYPyDfYQ3f4IUL+w=\n=tFXS\n-----END PGP SIGNATURE-----\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\nSUPPORT COMMUNICATION - SECURITY BULLETIN\n\nDocument ID: c00967144\nVersion: 1\n\nHPSBTU02207 SSRT061213, SSRT061239, SSRT071304 rev.1 - HP Tru64 UNIX SSL and BIND Remote Arbitrary Code Execution or Denial of Service (DoS)\n\nNOTICE: The information in this Security Bulletin should be acted upon as soon as possible. \n\nReferences: VU#547300, VU#386964, CAN-2006-4339, CVE-2006-2937, CVE-2006-2940, CVE-2006-3738 (SSL) \nVU#697164, VU#915404, CVE-2007-0493, CVE-2007-0494 (BIND) \n\nSUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. \nThe following supported software versions are affected: \nHP Tru64 UNIX v 5.1B-4 (SSL and BIND) \nHP Tru64 UNIX v 5.1B-3 (SSL and BIND) \nHP Tru64 UNIX v 5.1A PK6 (BIND) \nHP Tru64 UNIX v 4.0G PK4 (BIND) \nHP Tru64 UNIX v 4.0F PK8 (BIND) \nInternet Express (IX) v 6.6 BIND (BIND) \nHP Insight Management Agents for Tru64 UNIX patch v 3.5.2 and earlier (SSL) \n\nBACKGROUND\n\nRESOLUTION\n\nHP has released the following Early Release Patch kits (ERPs) publicly for use by any customer. The ERP kits use dupatch to install and will not install over any Customer Specific Patches (CSPs) that have file intersections with the ERP. A new patch version for HP Insight Management Agents for Tru64 UNIX is also available that addresses the potential vulnerabilities. \n\nThe fixes contained in the ERP kits will be available in the following mainstream releases:\n -Targeted for availability in HP Tru64 UNIX v 5.1B-5 \n -Internet Express (IX) v 6.7 \n -HP Insight Management Agents for Tru64 UNIX patch v 3.6.1 (already available) \n\nHP Tru64 UNIX Version 5.1B-4 ERP Kit \nLocation: http://www.itrc.hp.com/service/patch/patchDetail.do?patchid=T64KIT1001167-V51BB27-ES-20070321 \nName: T64KIT1001167-V51BB27-ES-20070321\nMD5 Checksum: a697a90bd0b1116b6f27d1100bbf81fd\n \nHP Tru64 UNIX Version 5.1B-3 ERP Kit \nLocation: http://www.itrc.hp.com/service/patch/patchDetail.do?patchid=T64KIT1001163-V51BB26-ES-20070315 \nName: T64KIT1001163-V51BB26-ES-20070315\nMD5 Checksum: d376d403176f0dbe7badd4df4e91c126\n \nHP Tru64 UNIX Version 5.1A PK6 ERP Kit \nLocation: http://www.itrc.hp.com/service/patch/patchDetail.do?patchid=T64KIT1001160-V51AB24-ES-20070314 \nName: T64KIT1001160-V51AB24-ES-20070314\nMD5 Checksum: 7bb43ef667993f7c4711b6cf978e0aa7\n \nHP Tru64 UNIX Version 4.0G PK4 ERP Kit \nLocation: http://www.itrc.hp.com/service/patch/patchDetail.do?patchid=T64KIT1001166-V40GB22-ES-20070316 \nName: T64KIT1001166-V40GB22-ES-20070316\nMD5 Checksum: a446c39169b769c4a03c654844d5ac45\n \nHP Tru64 UNIX Version 4.0F PK8 ERP Kit \nLocation: http://www.itrc.hp.com/service/patch/patchDetail.do?patchid=DUXKIT1001165-V40FB22-ES-20070316 \nName: DUXKIT1001165-V40FB22-ES-20070316\nMD5 Checksum: 718148c87a913536b32a47af4c36b04e\n \nHP Insight Management Agents for Tru64 UNIX patch version 3.6.1 (for kit CPQIIM360) \nLocation: http://h30097.www3.hp.com/cma/patches.html \nName: CPQIM360.SSL.01.tar.gz\nMD5 Checksum: 1001a10ab642461c87540826dfe28652\n \nInternet Express (IX) v 6.6 BIND \nNote: Customers who use Internet Express (IX) v 6.6 BIND should install the BIND 9.2.8 patch from the ERP kit appropriate for their base operating system version. \n \n\n\nPRODUCT SPECIFIC INFORMATION \n\nThe HP Tru64 UNIX v 5.1B-3 and v 5.1B-4 ERP kits distribute two patches:\n -OpenSSL 0.9.8d \n -BIND 9.2.8 built with OpenSSL 0.9.8d \n\nNote: HP Tru64 UNIX v 5.1A, v 4.0G, and v 4.0F releases did not distribute OpenSSL and so their ERP kits provide only the BIND 9.2.8 patch that has been built with OpenSSL 0.9.8d\n\nCustomers who have been using OpenSSL on HP Tru64 UNIX v 5.1B-3 and v 5.1B-4 should install the OpenSSL patch from the ERP kit appropriate for their base operating system version. \n\nThe HP Insight Management Agents for Tru64 UNIX patch contains OpenSSL 0.9.8d and is applicable for HP Tru64 UNIX v 5.1A, v 5.1B-3, and v 5.1B-4. \n\nHISTORY \nVersion:1 (rev.1) - 12 April 2007 Initial release \n\nThird Party Security Patches: Third party security patches which are to be installed on systems running HP software products should be applied in accordance with the customer\u0027s patch management policy. \n\nSupport: For further information, contact normal HP Services support channel. \n\nReport: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com \nIt is strongly recommended that security related information being communicated to HP be encrypted using PGP, especially exploit information. \nTo get the security-alert PGP key, please send an e-mail message as follows:\n To: security-alert@hp.com \n Subject: get key\n\nSubscribe: To initiate a subscription to receive future HP Security Bulletins via Email: \nhttp://h30046.www3.hp.com/driverAlertProfile.php?regioncode=NA\u0026langcode=USENG\u0026jumpid=in_SC-GEN__driverITRC\u0026topiccode=ITRC \nOn the web page: ITRC security bulletins and patch sign-up \nUnder Step1: your ITRC security bulletins and patches \n - check ALL categories for which alerts are required and continue. \nUnder Step2: your ITRC operating systems \n - verify your operating system selections are checked and save. \n\n\nTo update an existing subscription: http://h30046.www3.hp.com/subSignIn.php \nLog in on the web page: Subscriber\u0027s choice for Business: sign-in. \nOn the web page: Subscriber\u0027s Choice: your profile summary - use Edit Profile to update appropriate sections. \n\n\nTo review previously published Security Bulletins visit: http://www.itrc.hp.com/service/cki/secBullArchive.do \n\n\n* The Software Product Category that this Security Bulletin relates to is represented by the 5th and 6th characters of the Bulletin number in the title: \n\nGN = HP General SW\nMA = HP Management Agents\nMI = Misc. 3rd Party SW\nMP = HP MPE/iX\nNS = HP NonStop Servers\nOV = HP OpenVMS\nPI = HP Printing \u0026 Imaging\nST = HP Storage SW\nTL = HP Trusted Linux\nTU = HP Tru64 UNIX\nUX = HP-UX\nVV = HP VirtualVault\n \nSystem management and security procedures must be reviewed frequently to maintain system integrity. HP is continually reviewing and enhancing the security features of software products to provide customers with current secure solutions. \n\n\n\"HP is broadly distributing this Security Bulletin in order to bring to the attention of users of the affected HP products the important security information contained in this Bulletin. HP recommends that all users determine the applicability of this information to their individual situations and take appropriate action. HP does not warrant that this information is necessarily accurate or complete for all user situations and, consequently, HP will not be responsible for any damages resulting from user\u0027s use or disregard of the information provided in this Bulletin. To the extent permitted by law, HP disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose, title and non-infringement.\"\n\n\\xa9Copyright 2007 Hewlett-Packard Development Company, L.P. \n\nHewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided \"as is\" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental, special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. rPath Security Advisory: 2006-0175-1\nPublished: 2006-09-28\nProducts: rPath Linux 1\nRating: Major\nExposure Level Classification:\n Remote Deterministic Unauthorized Access\nUpdated Versions:\n openssl=/conary.rpath.com@rpl:devel//1/0.9.7f-10.4-1\n openssl-scripts=/conary.rpath.com@rpl:devel//1/0.9.7f-10.4-1\n\nReferences:\n http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937\n http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940\n http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738\n http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343\n http://issues.rpath.com/browse/RPL-613\n\nDescription:\n Previous versions of the openssl package are vulnerable to multiple\n attacks. \n In particular, any connection that the mysql daemon will accept\n may be vulnerable. In the default configuration of mysql, that\n would be a local unauthorized access vulnerability, but mysql can\n be configured to listen for network connections from remote hosts,\n which would then enable remote unauthorized access. Any program\n that calls the SSL_get_shared_ciphers() function may be vulnerable. \n\n_______________________________________________\nFull-Disclosure - We believe in it. \n________________________________________________________________________\n\nReferences:\n [0] http://www.openssl.org/news/secadv_20060928.txt \n [1] http://www.openssl.org/\n [2] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937\n [3] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940\n [4] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738\n [5] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343\n________________________________________________________________________\n\nFor security reasons, this advisory was digitally signed with the\nOpenPGP public key \"OpenPKG \u003copenpkg@openpkg.org\u003e\" (ID 63C4CB9F) of the\nOpenPKG project which you can retrieve from http://pgp.openpkg.org and\nhkp://pgp.openpkg.org. Follow the instructions on http://pgp.openpkg.org\nfor details on how to verify the integrity of this advisory. \n--WfZ7S8PLGjBY9Voh\nContent-Type: text/plain; charset=us-ascii\nContent-Disposition: inline\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 200610-11\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n http://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: High\n Title: OpenSSL: Multiple vulnerabilities\n Date: October 24, 2006\n Bugs: #145510\n ID: 200610-11\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nOpenSSL contains multiple vulnerabilities including the possible remote\nexecution of arbitrary code. \n\nBackground\n==========\n\nOpenSSL is a toolkit implementing the Secure Sockets Layer, Transport\nLayer Security protocols and a general-purpose cryptography library. Additionally Dr. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll OpenSSL 0.9.8 users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=dev-libs/openssl-0.9.8d\"\n\nAll OpenSSL 0.9.7 users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=dev-libs/openssl-0.9.7l\"\n\nReferences\n==========\n\n [ 1 ] CVE-2006-2937\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937\n [ 2 ] CVE-2006-2940\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940\n [ 3 ] CVE-2006-3738\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738\n [ 4 ] CVE-2006-4343\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-200610-11.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttp://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2006 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n _______________________________________________________________________\n\n References:\n \n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343\n _______________________________________________________________________\n \n Updated Packages:\n \n Mandriva Linux 2006.0:\n 17e2d82c3f6c0afbf48eccbfbcc17b55 2006.0/i586/libopenssl0.9.7-0.9.7g-2.4.20060mdk.i586.rpm\n 8c3f89e1900f069d4a4ad3162a9f7d78 2006.0/i586/libopenssl0.9.7-devel-0.9.7g-2.4.20060mdk.i586.rpm\n 3a68c653ba0339ba99162459385c72e2 2006.0/i586/libopenssl0.9.7-static-devel-0.9.7g-2.4.20060mdk.i586.rpm\n 8291bde3bd9aa95533aabc07280203b8 2006.0/i586/openssl-0.9.7g-2.4.20060mdk.i586.rpm \n 52b3fbfc1389bcd73e406d6ff741e9dc 2006.0/SRPMS/openssl-0.9.7g-2.4.20060mdk.src.rpm\n\n Mandriva Linux 2006.0/X86_64:\n b2ce6e6bb7e3114663d3a074d0cc7da5 2006.0/x86_64/lib64openssl0.9.7-0.9.7g-2.4.20060mdk.x86_64.rpm\n f7c8dbc2eda0c90547d43661454d1068 2006.0/x86_64/lib64openssl0.9.7-devel-0.9.7g-2.4.20060mdk.x86_64.rpm\n 7c9ebd9f9179f4e93627dcf0f3442335 2006.0/x86_64/lib64openssl0.9.7-static-devel-0.9.7g-2.4.20060mdk.x86_64.rpm\n 17e2d82c3f6c0afbf48eccbfbcc17b55 2006.0/x86_64/libopenssl0.9.7-0.9.7g-2.4.20060mdk.i586.rpm\n 8c3f89e1900f069d4a4ad3162a9f7d78 2006.0/x86_64/libopenssl0.9.7-devel-0.9.7g-2.4.20060mdk.i586.rpm\n 3a68c653ba0339ba99162459385c72e2 2006.0/x86_64/libopenssl0.9.7-static-devel-0.9.7g-2.4.20060mdk.i586.rpm\n 6ce5832a59b8b67425cb7026ea9dc876 2006.0/x86_64/openssl-0.9.7g-2.4.20060mdk.x86_64.rpm \n 52b3fbfc1389bcd73e406d6ff741e9dc 2006.0/SRPMS/openssl-0.9.7g-2.4.20060mdk.src.rpm\n\n Mandriva Linux 2007.0:\n 1bfeff47c8d2f6c020c459881be68207 2007.0/i586/libopenssl0.9.8-0.9.8b-2.1mdv2007.0.i586.rpm\n 1e1a4db54ddfaedb08a6d847422099ff 2007.0/i586/libopenssl0.9.8-devel-0.9.8b-2.1mdv2007.0.i586.rpm\n 59c80405f33b2e61ffd3cef025635e21 2007.0/i586/libopenssl0.9.8-static-devel-0.9.8b-2.1mdv2007.0.i586.rpm\n 3a6657970a2e7661bd869d221a69c8da 2007.0/i586/openssl-0.9.8b-2.1mdv2007.0.i586.rpm \n aad29e57ddceb66105af5d6434de9a62 2007.0/SRPMS/openssl-0.9.8b-2.1mdv2007.0.src.rpm\n\n Mandriva Linux 2007.0/X86_64:\n af679c647d97214244a8423dc1a766b7 2007.0/x86_64/lib64openssl0.9.8-0.9.8b-2.1mdv2007.0.x86_64.rpm\n d7b1ed07df4115b3bcc3907e00d25a89 2007.0/x86_64/lib64openssl0.9.8-devel-0.9.8b-2.1mdv2007.0.x86_64.rpm\n 5bd3ece2c0ec7a3201c29fa84e25a75a 2007.0/x86_64/lib64openssl0.9.8-static-devel-0.9.8b-2.1mdv2007.0.x86_64.rpm\n 9b028020dba009eddbf06eeb8607b87f 2007.0/x86_64/openssl-0.9.8b-2.1mdv2007.0.x86_64.rpm \n aad29e57ddceb66105af5d6434de9a62 2007.0/SRPMS/openssl-0.9.8b-2.1mdv2007.0.src.rpm\n\n Corporate 3.0:\n c99ea58f6f4959a4c36398cc6b2b4ee2 corporate/3.0/i586/libopenssl0.9.7-0.9.7c-3.6.C30mdk.i586.rpm\n 98a925c5ba2ecc9d704b1e730035755e corporate/3.0/i586/libopenssl0.9.7-devel-0.9.7c-3.6.C30mdk.i586.rpm\n 151493a50693e3b9cc67bfafadb9ce42 corporate/3.0/i586/libopenssl0.9.7-static-devel-0.9.7c-3.6.C30mdk.i586.rpm\n 82b4709bdbb9128746887013a724356a corporate/3.0/i586/openssl-0.9.7c-3.6.C30mdk.i586.rpm \n a5bdbe6afa52005a734dc18aa951677d corporate/3.0/SRPMS/openssl-0.9.7c-3.6.C30mdk.src.rpm\n\n Corporate 3.0/X86_64:\n 01a922d80d6fc9d1b36dde15ee27747e corporate/3.0/x86_64/lib64openssl0.9.7-0.9.7c-3.6.C30mdk.x86_64.rpm\n 30268f0b70862d1f5998694ac8b4addc corporate/3.0/x86_64/lib64openssl0.9.7-devel-0.9.7c-3.6.C30mdk.x86_64.rpm\n e0388ff1efa34ea55d033e95b4e9bb63 corporate/3.0/x86_64/lib64openssl0.9.7-static-devel-0.9.7c-3.6.C30mdk.x86_64.rpm\n c99ea58f6f4959a4c36398cc6b2b4ee2 corporate/3.0/x86_64/libopenssl0.9.7-0.9.7c-3.6.C30mdk.i586.rpm\n 83759622f0cc8ea9c0f6d32671283354 corporate/3.0/x86_64/openssl-0.9.7c-3.6.C30mdk.x86_64.rpm \n a5bdbe6afa52005a734dc18aa951677d corporate/3.0/SRPMS/openssl-0.9.7c-3.6.C30mdk.src.rpm\n\n Corporate 4.0:\n 6d71d2358738be9967b2dfe19d3642f1 corporate/4.0/i586/libopenssl0.9.7-0.9.7g-2.4.20060mlcs4.i586.rpm\n 22890554d3096ce596eeec7393ee3fcf corporate/4.0/i586/libopenssl0.9.7-devel-0.9.7g-2.4.20060mlcs4.i586.rpm\n 679fe740859fa35b2bb77b19c4a0e787 corporate/4.0/i586/libopenssl0.9.7-static-devel-0.9.7g-2.4.20060mlcs4.i586.rpm\n d8477333b67ec3a36ba46c50e6183993 corporate/4.0/i586/openssl-0.9.7g-2.4.20060mlcs4.i586.rpm \n b65dbbd9fb3d74d302478640476a2cd2 corporate/4.0/SRPMS/openssl-0.9.7g-2.4.20060mlcs4.src.rpm\n\n Corporate 4.0/X86_64:\n 746e5e916d1e05379373138a5db20923 corporate/4.0/x86_64/lib64openssl0.9.7-0.9.7g-2.4.20060mlcs4.x86_64.rpm\n a2b1d750075a32fe8badbdf1f7febafe corporate/4.0/x86_64/lib64openssl0.9.7-devel-0.9.7g-2.4.20060mlcs4.x86_64.rpm\n 47c464cf890a004f772c1db3e839fa12 corporate/4.0/x86_64/lib64openssl0.9.7-static-devel-0.9.7g-2.4.20060mlcs4.x86_64.rpm\n 6d71d2358738be9967b2dfe19d3642f1 corporate/4.0/x86_64/libopenssl0.9.7-0.9.7g-2.4.20060mlcs4.i586.rpm\n 22890554d3096ce596eeec7393ee3fcf corporate/4.0/x86_64/libopenssl0.9.7-devel-0.9.7g-2.4.20060mlcs4.i586.rpm\n 679fe740859fa35b2bb77b19c4a0e787 corporate/4.0/x86_64/libopenssl0.9.7-static-devel-0.9.7g-2.4.20060mlcs4.i586.rpm\n 1030a6124a9fa4fd5a41bdff077301bf corporate/4.0/x86_64/openssl-0.9.7g-2.4.20060mlcs4.x86_64.rpm \n b65dbbd9fb3d74d302478640476a2cd2 corporate/4.0/SRPMS/openssl-0.9.7g-2.4.20060mlcs4.src.rpm\n\n Multi Network Firewall 2.0:\n 19055eda58e1f75814e594ce7709a710 mnf/2.0/i586/libopenssl0.9.7-0.9.7c-3.6.M20mdk.i586.rpm\n abfe548617969f619aec5b0e807f1f67 mnf/2.0/i586/libopenssl0.9.7-devel-0.9.7c-3.6.M20mdk.i586.rpm\n 92e7515c9125367a79fdb490f5b39cd4 mnf/2.0/i586/libopenssl0.9.7-static-devel-0.9.7c-3.6.M20mdk.i586.rpm\n 847eecb1d07e4cab3d1de1452103c3a0 mnf/2.0/i586/openssl-0.9.7c-3.6.M20mdk.i586.rpm \n b6b67fa82d7119cde7ab7816aed17059 mnf/2.0/SRPMS/openssl-0.9.7c-3.6.M20mdk.src.rpm\n _______________________________________________________________________\n\n To upgrade automatically use MandrivaUpdate or urpmi. The verification\n of md5 checksums and GPG signatures is performed automatically for you. \n\n All packages are signed by Mandriva for security. You can obtain the\n GPG public key of the Mandriva Security Team by executing:\n\n gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98\n\n You can view other update advisories for Mandriva Linux at:\n\n http://www.mandriva.com/security/advisories\n\n If you want to report vulnerabilities, please contact\n\n security_(at)_mandriva.com\n _______________________________________________________________________\n\n Type Bits/KeyID Date User ID\n pub 1024D/22458A98 2000-07-10 Mandriva Security Team\n \u003csecurity*mandriva.com\u003e\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.2.2 (GNU/Linux)\n\niD8DBQFFHA4hmqjQ0CJFipgRApknAJ9Ybd8xjfkR+RL1fWEI2Fgn/KIuqACeOH/0\nwB09L3fylyiHgrXvSV6VL7A=\n=/+dm\n-----END PGP SIGNATURE-----\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2006-2940"
},
{
"db": "CERT/CC",
"id": "VU#423396"
},
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#221788"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "BID",
"id": "20247"
},
{
"db": "BID",
"id": "22083"
},
{
"db": "PACKETSTORM",
"id": "169663"
},
{
"db": "PACKETSTORM",
"id": "53566"
},
{
"db": "PACKETSTORM",
"id": "64684"
},
{
"db": "PACKETSTORM",
"id": "56053"
},
{
"db": "PACKETSTORM",
"id": "50535"
},
{
"db": "PACKETSTORM",
"id": "50560"
},
{
"db": "PACKETSTORM",
"id": "51324"
},
{
"db": "PACKETSTORM",
"id": "50548"
}
],
"trust": 5.76
},
"external_ids": {
"_id": null,
"data": [
{
"db": "BID",
"id": "22083",
"trust": 4.5
},
{
"db": "NVD",
"id": "CVE-2006-2940",
"trust": 3.8
},
{
"db": "SECUNIA",
"id": "23280",
"trust": 3.4
},
{
"db": "SECUNIA",
"id": "23309",
"trust": 3.4
},
{
"db": "SECUNIA",
"id": "23351",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22207",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22212",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22116",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22216",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22220",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22330",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22130",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22240",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22259",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22260",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22165",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22166",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22172",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22284",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22186",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22193",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22094",
"trust": 1.8
},
{
"db": "SECTRACK",
"id": "1016943",
"trust": 1.8
},
{
"db": "BID",
"id": "20247",
"trust": 1.3
},
{
"db": "CERT/CC",
"id": "VU#221788",
"trust": 1.1
},
{
"db": "VUPEN",
"id": "ADV-2007-1401",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-0343",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3902",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3869",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3860",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4401",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-2315",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4019",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4264",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4036",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4327",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4417",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2008-2396",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4329",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4750",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3820",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4980",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-2783",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3936",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2008-0905",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "26329",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "24930",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "30124",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22799",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22298",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "31492",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "31531",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22500",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23038",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22460",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23915",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22385",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22671",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23155",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22487",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23680",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22626",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23794",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "26893",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22772",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "24950",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "25889",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22544",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23340",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22758",
"trust": 1.0
},
{
"db": "BID",
"id": "28276",
"trust": 1.0
},
{
"db": "SECTRACK",
"id": "1017522",
"trust": 1.0
},
{
"db": "OSVDB",
"id": "29261",
"trust": 1.0
},
{
"db": "USCERT",
"id": "TA06-333A",
"trust": 1.0
},
{
"db": "CERT/CC",
"id": "VU#423396",
"trust": 0.8
},
{
"db": "BID",
"id": "20246",
"trust": 0.8
},
{
"db": "CERT/CC",
"id": "VU#386964",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "21709",
"trust": 0.8
},
{
"db": "CERT/CC",
"id": "VU#845620",
"trust": 0.8
},
{
"db": "BID",
"id": "20249",
"trust": 0.8
},
{
"db": "XF",
"id": "29237",
"trust": 0.8
},
{
"db": "CERT/CC",
"id": "VU#547300",
"trust": 0.8
},
{
"db": "AUSCERT",
"id": "ESB-2022.0696",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-200609-533",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "169663",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "53566",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "64684",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "56053",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "50535",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "50560",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "51324",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "50548",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#423396"
},
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#221788"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "BID",
"id": "20247"
},
{
"db": "BID",
"id": "22083"
},
{
"db": "PACKETSTORM",
"id": "169663"
},
{
"db": "PACKETSTORM",
"id": "53566"
},
{
"db": "PACKETSTORM",
"id": "64684"
},
{
"db": "PACKETSTORM",
"id": "56053"
},
{
"db": "PACKETSTORM",
"id": "50535"
},
{
"db": "PACKETSTORM",
"id": "50560"
},
{
"db": "PACKETSTORM",
"id": "51324"
},
{
"db": "PACKETSTORM",
"id": "50548"
},
{
"db": "CNNVD",
"id": "CNNVD-200609-533"
},
{
"db": "NVD",
"id": "CVE-2006-2940"
}
]
},
"id": "VAR-200609-1586",
"iot": {
"_id": null,
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.251886895
},
"last_update_date": "2026-04-10T22:44:19.599000Z",
"problemtype_data": {
"_id": null,
"data": [
{
"problemtype": "CWE-399",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2006-2940"
}
]
},
"references": {
"_id": null,
"data": [
{
"trust": 4.2,
"url": "http://www.securityfocus.com/bid/22083"
},
{
"trust": 3.6,
"url": "http://www.openssl.org/news/secadv_20060928.txt"
},
{
"trust": 2.6,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102668-1"
},
{
"trust": 2.4,
"url": "http://secunia.com/advisories/23280/"
},
{
"trust": 2.4,
"url": "http://secunia.com/advisories/23309/"
},
{
"trust": 1.4,
"url": "http://www.oracle.com/technology/deploy/security/critical-patch-updates/cpujan2007.html"
},
{
"trust": 1.3,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-2940"
},
{
"trust": 1.3,
"url": "http://support.avaya.com/elmodocs2/security/asa-2006-260.htm"
},
{
"trust": 1.3,
"url": "http://www.cisco.com/warp/public/707/cisco-sr-20061108-openssl.shtml"
},
{
"trust": 1.1,
"url": "http://www.red-database-security.com/advisory/oracle_sql_injection_dbms_aq_inv.html"
},
{
"trust": 1.1,
"url": "http://www.red-database-security.com/advisory/oracle_cpu_jan_2007.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/esx2/doc/esx-202-200612-patch.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/vi3/doc/esx-3069097-patch.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/esx25/doc/esx-254-200612-patch.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/esx21/doc/esx-213-200612-patch.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/esx25/doc/esx-253-200612-patch.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/vi3/doc/esx-9986131-patch.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/player/doc/releasenotes_player.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/server/doc/releasenotes_server.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html"
},
{
"trust": 1.1,
"url": "http://issues.rpath.com/browse/rpl-613"
},
{
"trust": 1.1,
"url": "http://security.gentoo.org/glsa/glsa-200610-11.xml"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22385"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22172"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/26329"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22330"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22220"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=130497311408250\u0026w=2"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22116"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22799"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22094"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3860"
},
{
"trust": 1.0,
"url": "https://issues.rpath.com/browse/rpl-1633"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2008/0905/references"
},
{
"trust": 1.0,
"url": "http://www.debian.org/security/2006/dsa-1185"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22193"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/bid/20247"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22216"
},
{
"trust": 1.0,
"url": "http://www.uniras.gov.uk/niscc/docs/re-20060928-00661.pdf?lang=en"
},
{
"trust": 1.0,
"url": "http://kolab.org/security/kolab-vendor-notice-11.txt"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/31531"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4401"
},
{
"trust": 1.0,
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2007-101493.html"
},
{
"trust": 1.0,
"url": "http://www.arkoon.fr/upload/alertes/37ak-2006-06-fr-1.1_fast360_openssl_asn1.pdf"
},
{
"trust": 1.0,
"url": "http://www.mandriva.com/security/advisories?name=mdksa-2006:172"
},
{
"trust": 1.0,
"url": "http://securitytracker.com/id?1017522"
},
{
"trust": 1.0,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a10311"
},
{
"trust": 1.0,
"url": "http://www.redhat.com/support/errata/rhsa-2008-0629.html"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/447318/100/0/threaded"
},
{
"trust": 1.0,
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.676946"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4329"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22626"
},
{
"trust": 1.0,
"url": "http://lists.vmware.com/pipermail/security-announce/2008/000008.html"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22212"
},
{
"trust": 1.0,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102747-1"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23309"
},
{
"trust": 1.0,
"url": "http://lists.apple.com/archives/security-announce/2006/nov/msg00001.html"
},
{
"trust": 1.0,
"url": "http://openvpn.net/changelog.html"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/2783"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22460"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/security/advisories/vmsa-2008-0005.html"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bind-announce\u0026m=116253119512445\u0026w=2"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22487"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/bid/28276"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22240"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22772"
},
{
"trust": 1.0,
"url": "http://itrc.hp.com/service/cki/docdisplay.do?docid=c00805100"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22671"
},
{
"trust": 1.0,
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-september/049715.html"
},
{
"trust": 1.0,
"url": "http://www.mandriva.com/security/advisories?name=mdksa-2006:178"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/24950"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4019"
},
{
"trust": 1.0,
"url": "http://www.debian.org/security/2006/dsa-1195"
},
{
"trust": 1.0,
"url": "http://www.arkoon.fr/upload/alertes/41ak-2006-08-fr-1.1_ssl360_openssl_asn1.pdf"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/447393/100/0/threaded"
},
{
"trust": 1.0,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-200585-1"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23915"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/25889"
},
{
"trust": 1.0,
"url": "ftp://patches.sgi.com/support/free/security/advisories/20061001-01-p.asc"
},
{
"trust": 1.0,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29230"
},
{
"trust": 1.0,
"url": "http://www.xerox.com/downloads/usa/en/c/cert_essnetwork_xrx07001_v1.pdf"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22298"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23155"
},
{
"trust": 1.0,
"url": "http://www.redhat.com/support/errata/rhsa-2006-0695.html"
},
{
"trust": 1.0,
"url": "http://support.avaya.com/elmodocs2/security/asa-2006-220.htm"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4036"
},
{
"trust": 1.0,
"url": "http://www.serv-u.com/releasenotes/"
},
{
"trust": 1.0,
"url": "ftp://ftp.netbsd.org/pub/netbsd/security/advisories/netbsd-sa2008-007.txt.asc"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22165"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23351"
},
{
"trust": 1.0,
"url": "http://securitytracker.com/id?1016943"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/456546/100/200/threaded"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22259"
},
{
"trust": 1.0,
"url": "http://www.ubuntu.com/usn/usn-353-2"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23038"
},
{
"trust": 1.0,
"url": "http://www.novell.com/linux/security/advisories/2006_24_sr.html"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/2315"
},
{
"trust": 1.0,
"url": "http://support.attachmate.com/techdocs/2374.html"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3820"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4980"
},
{
"trust": 1.0,
"url": "http://sourceforge.net/project/shownotes.php?release_id=461863\u0026group_id=69227"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/1401"
},
{
"trust": 1.0,
"url": "http://docs.info.apple.com/article.html?artnum=304829"
},
{
"trust": 1.0,
"url": "http://www.trustix.org/errata/2006/0054"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23280"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22130"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22166"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/0343"
},
{
"trust": 1.0,
"url": "http://www.ubuntu.com/usn/usn-353-1"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23794"
},
{
"trust": 1.0,
"url": "http://h20000.www2.hp.com/bizsupport/techsupport/document.jsp?objectid=c01118771"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2008/2396"
},
{
"trust": 1.0,
"url": "http://security.freebsd.org/advisories/freebsd-sa-06:23.openssl.asc"
},
{
"trust": 1.0,
"url": "http://www.openpkg.org/security/advisories/openpkg-sa-2006.021-openssl.html"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/31492"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3902"
},
{
"trust": 1.0,
"url": "http://www.cisco.com/en/us/products/hw/contnetw/ps4162/tsd_products_security_response09186a008077af1b.html"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22260"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22284"
},
{
"trust": 1.0,
"url": "http://www.novell.com/linux/security/advisories/2006_58_openssl.html"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22500"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3869"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22186"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/30124"
},
{
"trust": 1.0,
"url": "http://www.gentoo.org/security/en/glsa/glsa-200612-11.xml"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22544"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23680"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4327"
},
{
"trust": 1.0,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201534-1"
},
{
"trust": 1.0,
"url": "http://itrc.hp.com/service/cki/docdisplay.do?docid=c00849540"
},
{
"trust": 1.0,
"url": "https://www2.itrc.hp.com/service/cki/docdisplay.do?docid=c00967144"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3936"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4750"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22758"
},
{
"trust": 1.0,
"url": "http://openbsd.org/errata.html#openssl2"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4264"
},
{
"trust": 1.0,
"url": "http://www.us-cert.gov/cas/techalerts/ta06-333a.html"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/24930"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/26893"
},
{
"trust": 1.0,
"url": "http://www.osvdb.org/29261"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23340"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/489739/100/0/threaded"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22207"
},
{
"trust": 1.0,
"url": "http://www.mandriva.com/security/advisories?name=mdksa-2006:177"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4417"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2004-2531"
},
{
"trust": 0.8,
"url": "http://www.hornik.sk/sa/sa-20040802.txt"
},
{
"trust": 0.8,
"url": "http://www.gnu.org/software/gnutls/"
},
{
"trust": 0.8,
"url": "http://www.securitytracker.com/alerts/2004/aug/1010838.html"
},
{
"trust": 0.8,
"url": "http://www.niscc.gov.uk/niscc/docs/re-20060928-00661.pdf?lang=en"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/23351/"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnvu%23386964/index.html"
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/20246"
},
{
"trust": 0.8,
"url": "http://www.imc.org/ietf-openpgp/mail-archive/msg14307.html"
},
{
"trust": 0.8,
"url": "http://www.matasano.com/log/469/many-rsa-signatures-may-be-forgeable-in-openssl-and-elsewhere/"
},
{
"trust": 0.8,
"url": "http://www.openssl.org/news/secadv_20060905.txt "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/21709/"
},
{
"trust": 0.8,
"url": "http://www.rsasecurity.com/rsalabs/node.asp?id=2125"
},
{
"trust": 0.8,
"url": "http://www.ietf.org/rfc/rfc3447.txt"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnvu%23547300/index.html"
},
{
"trust": 0.8,
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-september/049715.html "
},
{
"trust": 0.8,
"url": "https://issues.rpath.com/browse/rpl-613 "
},
{
"trust": 0.8,
"url": "http://www.openssl.org/news/secadv_20060928.txt "
},
{
"trust": 0.8,
"url": "http://kolab.org/security/kolab-vendor-notice-11.txt "
},
{
"trust": 0.8,
"url": "http://openvpn.net/changelog.html "
},
{
"trust": 0.8,
"url": "http://www.serv-u.com/releasenotes/ "
},
{
"trust": 0.8,
"url": "http://openbsd.org/errata.html#openssl2 "
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/20249 "
},
{
"trust": 0.8,
"url": "http://securitytracker.com/id?1016943 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22130 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22094 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22165 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22186 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22193 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22207 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22259 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22260 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22166 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22172 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22212 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22240 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22216 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22116 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22220 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22284 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22330 "
},
{
"trust": 0.8,
"url": "http://xforce.iss.net/xforce/xfdb/29237 "
},
{
"trust": 0.6,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0264.html"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2022.0696"
},
{
"trust": 0.5,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-4343"
},
{
"trust": 0.5,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-2937"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-2940"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-2937"
},
{
"trust": 0.4,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-3738"
},
{
"trust": 0.3,
"url": "http://www.isc.org/index.pl?/sw/bind/bind9.4-beta.php"
},
{
"trust": 0.3,
"url": "http://marc.theaimsgroup.com/?l=bind-announce\u0026m=116253119512445\u0026w=2"
},
{
"trust": 0.3,
"url": "http://www.cisco.com/warp/public/707/cisco-air-20061108-openssl.shtml"
},
{
"trust": 0.3,
"url": "http://h20000.www2.hp.com/bizsupport/techsupport/document.jsp?lang=en\u0026cc=us\u0026objectid=c00967144"
},
{
"trust": 0.3,
"url": "http://www1.itrc.hp.com/service/cki/docdisplay.do?admit=-682735245+1165342903618+28353475\u0026docid=c00805100"
},
{
"trust": 0.3,
"url": "http://www14.software.ibm.com/webapp/set2/sas/f/hmc/home.html"
},
{
"trust": 0.3,
"url": "http://www.ipcop.org/modules.php?op=modload\u0026name=news\u0026file=article\u0026sid=31\u0026mode=thread\u0026order=0\u0026thold=0"
},
{
"trust": 0.3,
"url": "http://www.ingate.com/relnote-452.php"
},
{
"trust": 0.3,
"url": "http://www.cyberguard.info/snapgear/releases.html"
},
{
"trust": 0.3,
"url": "http://www.arkoon.fr/upload/alertes/45ak-2006-08-en-1.1_ssl360_openssl_asn1.pdf"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102747-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html#603"
},
{
"trust": 0.3,
"url": "https://www.itrc.hp.com/service/cki/docdisplay.do?docid=emr_na-c02475053"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0525.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0629.html"
},
{
"trust": 0.3,
"url": "http://support.attachmate.com/techdocs/2374.html#security_updates_in_7.0_sp1"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102668-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102759-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "http://a1851.g.akamaitech.net/f/1851/2996/24h/cacheb.xerox.com/downloads/usa/en/c/cert_essnetwork_xrx07001_v1.pdf"
},
{
"trust": 0.3,
"url": "http://www.red-database-security.com/advisory/oracle_buffer_overflow_ons.html"
},
{
"trust": 0.3,
"url": "http://www.red-database-security.com/advisory/oracle_xmldb_css2.html"
},
{
"trust": 0.3,
"url": "http://www.integrigy.com/security-resources/analysis/oracle-cpu-january-2007/view"
},
{
"trust": 0.3,
"url": "http://www.integrigy.com/security-resources/analysis/cpu-january-2007-tech-matrix/view"
},
{
"trust": 0.3,
"url": "http://www.appsecinc.com/resources/alerts/oracle/2007-01.shtml"
},
{
"trust": 0.3,
"url": "http://www.appsecinc.com/resources/alerts/oracle/2007-03.shtml"
},
{
"trust": 0.3,
"url": "http://www.appsecinc.com/resources/alerts/oracle/2007-06.shtml"
},
{
"trust": 0.3,
"url": "http://www.appsecinc.com/resources/alerts/oracle/2007-02.shtml"
},
{
"trust": 0.3,
"url": "http://www.oracle.com/index.html"
},
{
"trust": 0.3,
"url": "https://www.it-isac.org/postings/cyber/alertdetail.php?id=4092"
},
{
"trust": 0.3,
"url": "http://www.kb.cert.org/vuls/id/221788"
},
{
"trust": 0.3,
"url": "/archive/1/457193"
},
{
"trust": 0.3,
"url": "/archive/1/464470"
},
{
"trust": 0.3,
"url": "/archive/1/458657"
},
{
"trust": 0.3,
"url": "/archive/1/458036"
},
{
"trust": 0.3,
"url": "/archive/1/458006"
},
{
"trust": 0.3,
"url": "/archive/1/458037"
},
{
"trust": 0.3,
"url": "/archive/1/458005"
},
{
"trust": 0.3,
"url": "/archive/1/458041"
},
{
"trust": 0.3,
"url": "/archive/1/458038"
},
{
"trust": 0.3,
"url": "/archive/1/458475"
},
{
"trust": 0.3,
"url": "http://docs.info.apple.com/article.html?artnum=307177"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-4343"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-3738"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-4339"
},
{
"trust": 0.2,
"url": "https://www.niscc.gov.uk)."
},
{
"trust": 0.2,
"url": "http://secunia.com/"
},
{
"trust": 0.2,
"url": "http://www.vmware.com/security"
},
{
"trust": 0.2,
"url": "http://lists.grok.org.uk/full-disclosure-charter.html"
},
{
"trust": 0.2,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-4339"
},
{
"trust": 0.1,
"url": "https://www.openssl.org/source/"
},
{
"trust": 0.1,
"url": "https://www.openssl.org/source/mirror.html):"
},
{
"trust": 0.1,
"url": "http://kb.vmware.com/kb/9986131"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/vmtn/technology/security/security_response.html"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-3589"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-3589"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-4980"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-4980"
},
{
"trust": 0.1,
"url": "http://kb.vmware.com/kb/3069097"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-5618"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-1361"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-1340"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-1361"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-5269"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/download/ace/"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/download/player/"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-1362"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/download/ws/ws5.html"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-5269"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-1363"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/download/fusion/"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-5618"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-0923"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/download/ws/"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/policies/security_response.html"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-1364"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/policies/eos.html"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/download/server/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-1340"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-1364"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/fusion/doc/releasenotes_fusion.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-1363"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-0923"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-1362"
},
{
"trust": 0.1,
"url": "http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/policies/eos_vi.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-0494"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-0493"
},
{
"trust": 0.1,
"url": "http://www.itrc.hp.com/service/patch/patchdetail.do?patchid=t64kit1001167-v51bb27-es-20070321"
},
{
"trust": 0.1,
"url": "http://www.itrc.hp.com/service/cki/secbullarchive.do"
},
{
"trust": 0.1,
"url": "http://www.itrc.hp.com/service/patch/patchdetail.do?patchid=t64kit1001163-v51bb26-es-20070315"
},
{
"trust": 0.1,
"url": "http://h30046.www3.hp.com/driveralertprofile.php?regioncode=na\u0026langcode=useng\u0026jumpid=in_sc-gen__driveritrc\u0026topiccode=itrc"
},
{
"trust": 0.1,
"url": "http://h30097.www3.hp.com/cma/patches.html"
},
{
"trust": 0.1,
"url": "http://h30046.www3.hp.com/subsignin.php"
},
{
"trust": 0.1,
"url": "http://www.itrc.hp.com/service/patch/patchdetail.do?patchid=duxkit1001165-v40fb22-es-20070316"
},
{
"trust": 0.1,
"url": "http://www.itrc.hp.com/service/patch/patchdetail.do?patchid=t64kit1001166-v40gb22-es-20070316"
},
{
"trust": 0.1,
"url": "http://www.itrc.hp.com/service/patch/patchdetail.do?patchid=t64kit1001160-v51ab24-es-20070314"
},
{
"trust": 0.1,
"url": "http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-2940"
},
{
"trust": 0.1,
"url": "http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-3738"
},
{
"trust": 0.1,
"url": "http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-2937"
},
{
"trust": 0.1,
"url": "http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-4343"
},
{
"trust": 0.1,
"url": "http://pgp.openpkg.org"
},
{
"trust": 0.1,
"url": "http://www.openssl.org/"
},
{
"trust": 0.1,
"url": "http://www.openpkg.org"
},
{
"trust": 0.1,
"url": "http://www.openpkg.org/security/"
},
{
"trust": 0.1,
"url": "http://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "http://www.mandriva.com/security/"
},
{
"trust": 0.1,
"url": "http://www.mandriva.com/security/advisories"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#423396"
},
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#221788"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "BID",
"id": "20247"
},
{
"db": "BID",
"id": "22083"
},
{
"db": "PACKETSTORM",
"id": "169663"
},
{
"db": "PACKETSTORM",
"id": "53566"
},
{
"db": "PACKETSTORM",
"id": "64684"
},
{
"db": "PACKETSTORM",
"id": "56053"
},
{
"db": "PACKETSTORM",
"id": "50535"
},
{
"db": "PACKETSTORM",
"id": "50560"
},
{
"db": "PACKETSTORM",
"id": "51324"
},
{
"db": "PACKETSTORM",
"id": "50548"
},
{
"db": "CNNVD",
"id": "CNNVD-200609-533"
},
{
"db": "NVD",
"id": "CVE-2006-2940"
}
]
},
"sources": {
"_id": null,
"data": [
{
"db": "CERT/CC",
"id": "VU#423396",
"ident": null
},
{
"db": "CERT/CC",
"id": "VU#386964",
"ident": null
},
{
"db": "CERT/CC",
"id": "VU#221788",
"ident": null
},
{
"db": "CERT/CC",
"id": "VU#845620",
"ident": null
},
{
"db": "CERT/CC",
"id": "VU#547300",
"ident": null
},
{
"db": "BID",
"id": "20247",
"ident": null
},
{
"db": "BID",
"id": "22083",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "169663",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "53566",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "64684",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "56053",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "50535",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "50560",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "51324",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "50548",
"ident": null
},
{
"db": "CNNVD",
"id": "CNNVD-200609-533",
"ident": null
},
{
"db": "NVD",
"id": "CVE-2006-2940",
"ident": null
}
]
},
"sources_release_date": {
"_id": null,
"data": [
{
"date": "2006-09-28T00:00:00",
"db": "CERT/CC",
"id": "VU#423396",
"ident": null
},
{
"date": "2006-09-28T00:00:00",
"db": "CERT/CC",
"id": "VU#386964",
"ident": null
},
{
"date": "2007-01-17T00:00:00",
"db": "CERT/CC",
"id": "VU#221788",
"ident": null
},
{
"date": "2006-09-11T00:00:00",
"db": "CERT/CC",
"id": "VU#845620",
"ident": null
},
{
"date": "2006-09-28T00:00:00",
"db": "CERT/CC",
"id": "VU#547300",
"ident": null
},
{
"date": "2006-09-28T00:00:00",
"db": "BID",
"id": "20247",
"ident": null
},
{
"date": "2007-01-16T00:00:00",
"db": "BID",
"id": "22083",
"ident": null
},
{
"date": "2006-09-28T12:12:12",
"db": "PACKETSTORM",
"id": "169663",
"ident": null
},
{
"date": "2007-01-13T22:56:30",
"db": "PACKETSTORM",
"id": "53566",
"ident": null
},
{
"date": "2008-03-19T02:18:56",
"db": "PACKETSTORM",
"id": "64684",
"ident": null
},
{
"date": "2007-04-19T00:58:08",
"db": "PACKETSTORM",
"id": "56053",
"ident": null
},
{
"date": "2006-10-04T00:44:50",
"db": "PACKETSTORM",
"id": "50535",
"ident": null
},
{
"date": "2006-10-04T01:20:54",
"db": "PACKETSTORM",
"id": "50560",
"ident": null
},
{
"date": "2006-10-25T21:37:36",
"db": "PACKETSTORM",
"id": "51324",
"ident": null
},
{
"date": "2006-10-04T00:46:38",
"db": "PACKETSTORM",
"id": "50548",
"ident": null
},
{
"date": "2001-10-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200609-533",
"ident": null
},
{
"date": "2006-09-28T18:07:00",
"db": "NVD",
"id": "CVE-2006-2940",
"ident": null
}
]
},
"sources_update_date": {
"_id": null,
"data": [
{
"date": "2007-02-09T00:00:00",
"db": "CERT/CC",
"id": "VU#423396",
"ident": null
},
{
"date": "2011-07-22T00:00:00",
"db": "CERT/CC",
"id": "VU#386964",
"ident": null
},
{
"date": "2007-01-17T00:00:00",
"db": "CERT/CC",
"id": "VU#221788",
"ident": null
},
{
"date": "2007-02-08T00:00:00",
"db": "CERT/CC",
"id": "VU#845620",
"ident": null
},
{
"date": "2011-07-22T00:00:00",
"db": "CERT/CC",
"id": "VU#547300",
"ident": null
},
{
"date": "2011-05-09T19:53:00",
"db": "BID",
"id": "20247",
"ident": null
},
{
"date": "2008-05-20T23:05:00",
"db": "BID",
"id": "22083",
"ident": null
},
{
"date": "2022-02-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200609-533",
"ident": null
},
{
"date": "2025-04-09T00:30:58.490000",
"db": "NVD",
"id": "CVE-2006-2940",
"ident": null
}
]
},
"threat_type": {
"_id": null,
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "56053"
},
{
"db": "PACKETSTORM",
"id": "50535"
},
{
"db": "CNNVD",
"id": "CNNVD-200609-533"
}
],
"trust": 0.8
},
"title": {
"_id": null,
"data": "X.509 certificate verification may be vulnerable to resource exhaustion",
"sources": [
{
"db": "CERT/CC",
"id": "VU#423396"
}
],
"trust": 0.8
},
"type": {
"_id": null,
"data": "resource management error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200609-533"
}
],
"trust": 0.6
}
}
VAR-200110-0170
Vulnerability from variot - Updated: 2026-04-10 22:39The Legion of the Bouncy Castle Java Cryptography API before release 1.38, as used in Crypto Provider Package before 1.36, has unknown impact and remote attack vectors related to "a Bleichenbacher vulnerability in simple RSA CMS signatures without signed attributes.". Wireshark contains a vulnerability in the XOT dissector that may cause the application to crash. A flaw in the OpenSSL library could allow a remote attacker to cause a denial of service on an affected application. A buffer overflow in certain Apple AirPort drivers may allow an attacker to execute arbitrary code with system privileges, or create a denial-of-service condition. Multiple RSA implementations fail to properly handle RSA signatures. This vulnerability may allow an attacker to forge RSA signatures. An attacker may exploit this issue to sign digital certificates or RSA keys and take advantage of trust relationships that depend on these credentials, possibly posing as a trusted party and signing a certificate or key. All versions prior to and including OpenSSL 0.9.7j and 0.9.8b are affected by this vulnerability. Updates are available.
To improve our services to our customers, we have made a number of additions to the Secunia Advisories and have started translating the advisories to German.
The improvements will help our customers to get a better understanding of how we reached our conclusions, how it was rated, our thoughts on exploitation, attack vectors, and scenarios.
This includes: * Reason for rating * Extended description * Extended solution * Exploit code or links to exploit code * Deep links
Read the full description: http://corporate.secunia.com/products/48/?r=l
Contact Secunia Sales for more information: http://corporate.secunia.com/how_to_buy/15/?r=l
TITLE: Apple Airport Probe Response Kernel Memory Corruption Vulnerability
SECUNIA ADVISORY ID: SA22679
VERIFY ADVISORY: http://secunia.com/advisories/22679/
CRITICAL: Moderately critical
IMPACT: DoS, System access
WHERE:
From remote
OPERATING SYSTEM: Apple Macintosh OS X http://secunia.com/product/96/
DESCRIPTION: H.D. Moore has reported a vulnerability in the Apple Airport driver, which potentially can be exploited by malicious people to compromise a vulnerable system.
The vulnerability is caused due to an error in the Airport driver provided with Orinoco-based Airport cards when handling probe response frames. This can be exploited to overwrite kernel memory and potentially execute arbitrary code when the driver is running in active scanning mode.
The vulnerability is reported in the driver on a PowerBook running version 10.4.8.
SOLUTION: Do not place the card into active scanning mode.
PROVIDED AND/OR DISCOVERED BY: H D Moore
ORIGINAL ADVISORY: http://projects.info-pull.com/mokb/MOKB-01-11-2006.html
About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{
"affected_products": {
"_id": null,
"data": [
{
"_id": null,
"model": null,
"scope": null,
"trust": 3.2,
"vendor": "debian gnu linux",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 3.2,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 3.2,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 3.2,
"vendor": "red hat",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 3.2,
"vendor": "ubuntu",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "f5",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "openpkg",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "suse linux",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "slackware linux",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "rpath",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "trustix secure linux",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "apple computer",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "sun microsystems",
"version": null
},
{
"_id": null,
"model": "jre 011",
"scope": "eq",
"trust": 1.5,
"vendor": "sun",
"version": "1.2.2"
},
{
"_id": null,
"model": "sdk 011",
"scope": "eq",
"trust": 1.5,
"vendor": "sun",
"version": "1.2.2"
},
{
"_id": null,
"model": "jre 010",
"scope": "eq",
"trust": 1.5,
"vendor": "sun",
"version": "1.2.2"
},
{
"_id": null,
"model": "sdk 010",
"scope": "eq",
"trust": 1.2,
"vendor": "sun",
"version": "1.2.2"
},
{
"_id": null,
"model": "jre 013",
"scope": "eq",
"trust": 1.2,
"vendor": "sun",
"version": "1.2.2"
},
{
"_id": null,
"model": "jre 014",
"scope": "eq",
"trust": 1.2,
"vendor": "sun",
"version": "1.2.2"
},
{
"_id": null,
"model": "jre",
"scope": "eq",
"trust": 1.2,
"vendor": "sun",
"version": "1.2.2"
},
{
"_id": null,
"model": "bc-java",
"scope": "lte",
"trust": 1.0,
"vendor": "bouncycastle",
"version": "1.37"
},
{
"_id": null,
"model": "bouncy-castle-crypto-package",
"scope": "eq",
"trust": 1.0,
"vendor": "bouncycastle",
"version": "1.18"
},
{
"_id": null,
"model": "bc-java",
"scope": "eq",
"trust": 1.0,
"vendor": "bouncycastle",
"version": "1.22"
},
{
"_id": null,
"model": "bc-java",
"scope": "eq",
"trust": 1.0,
"vendor": "bouncycastle",
"version": "1.24"
},
{
"_id": null,
"model": "bc-java",
"scope": "eq",
"trust": 1.0,
"vendor": "bouncycastle",
"version": "1.13"
},
{
"_id": null,
"model": "bc-java",
"scope": "eq",
"trust": 1.0,
"vendor": "bouncycastle",
"version": "1.27"
},
{
"_id": null,
"model": "bouncy-castle-crypto-package",
"scope": "eq",
"trust": 1.0,
"vendor": "bouncycastle",
"version": "1.28"
},
{
"_id": null,
"model": "bc-java",
"scope": "eq",
"trust": 1.0,
"vendor": "bouncycastle",
"version": "1.09"
},
{
"_id": null,
"model": "bouncy-castle-crypto-package",
"scope": "eq",
"trust": 1.0,
"vendor": "bouncycastle",
"version": "1.15"
},
{
"_id": null,
"model": "bouncy-castle-crypto-package",
"scope": "eq",
"trust": 1.0,
"vendor": "bouncycastle",
"version": "1.16"
},
{
"_id": null,
"model": "bc-java",
"scope": "eq",
"trust": 1.0,
"vendor": "bouncycastle",
"version": "1.12"
},
{
"_id": null,
"model": "bc-java",
"scope": "eq",
"trust": 1.0,
"vendor": "bouncycastle",
"version": "1.32"
},
{
"_id": null,
"model": "bc-java",
"scope": "eq",
"trust": 1.0,
"vendor": "bouncycastle",
"version": "1.01"
},
{
"_id": null,
"model": "bc-java",
"scope": "eq",
"trust": 1.0,
"vendor": "bouncycastle",
"version": "1.19"
},
{
"_id": null,
"model": "bouncy-castle-crypto-package",
"scope": "eq",
"trust": 1.0,
"vendor": "bouncycastle",
"version": "1.23"
},
{
"_id": null,
"model": "bouncy-castle-crypto-package",
"scope": "eq",
"trust": 1.0,
"vendor": "bouncycastle",
"version": "1.29"
},
{
"_id": null,
"model": "bc-java",
"scope": "eq",
"trust": 1.0,
"vendor": "bouncycastle",
"version": "1.26"
},
{
"_id": null,
"model": "bc-java",
"scope": "eq",
"trust": 1.0,
"vendor": "bouncycastle",
"version": "1.34"
},
{
"_id": null,
"model": "bouncy-castle-crypto-package",
"scope": "eq",
"trust": 1.0,
"vendor": "bouncycastle",
"version": "1.20"
},
{
"_id": null,
"model": "bouncy-castle-crypto-package",
"scope": "eq",
"trust": 1.0,
"vendor": "bouncycastle",
"version": "1.21"
},
{
"_id": null,
"model": "bouncy-castle-crypto-package",
"scope": "eq",
"trust": 1.0,
"vendor": "bouncycastle",
"version": "1.30"
},
{
"_id": null,
"model": "bouncy-castle-crypto-package",
"scope": "eq",
"trust": 1.0,
"vendor": "bouncycastle",
"version": "1.33"
},
{
"_id": null,
"model": "bouncy-castle-crypto-package",
"scope": "eq",
"trust": 1.0,
"vendor": "bouncycastle",
"version": "1.25"
},
{
"_id": null,
"model": "bouncy-castle-crypto-package",
"scope": "eq",
"trust": 1.0,
"vendor": "bouncycastle",
"version": "1.04"
},
{
"_id": null,
"model": "bc-java",
"scope": "eq",
"trust": 1.0,
"vendor": "bouncycastle",
"version": "1.06"
},
{
"_id": null,
"model": "bc-java",
"scope": "eq",
"trust": 1.0,
"vendor": "bouncycastle",
"version": "1.03"
},
{
"_id": null,
"model": "bouncy-castle-crypto-package",
"scope": "eq",
"trust": 1.0,
"vendor": "bouncycastle",
"version": "1.02"
},
{
"_id": null,
"model": "bouncy-castle-crypto-package",
"scope": "eq",
"trust": 1.0,
"vendor": "bouncycastle",
"version": "1.17"
},
{
"_id": null,
"model": "bc-java",
"scope": "eq",
"trust": 1.0,
"vendor": "bouncycastle",
"version": "1.07"
},
{
"_id": null,
"model": "bc-java",
"scope": "eq",
"trust": 1.0,
"vendor": "bouncycastle",
"version": "1.05"
},
{
"_id": null,
"model": "bouncy-castle-crypto-package",
"scope": "eq",
"trust": 1.0,
"vendor": "bouncycastle",
"version": "1.14"
},
{
"_id": null,
"model": "bc-java",
"scope": "eq",
"trust": 1.0,
"vendor": "bouncycastle",
"version": "1.18"
},
{
"_id": null,
"model": "bouncy-castle-crypto-package",
"scope": "eq",
"trust": 1.0,
"vendor": "bouncycastle",
"version": "1.11"
},
{
"_id": null,
"model": "bouncy-castle-crypto-package",
"scope": "eq",
"trust": 1.0,
"vendor": "bouncycastle",
"version": "1.08"
},
{
"_id": null,
"model": "bouncy-castle-crypto-package",
"scope": "eq",
"trust": 1.0,
"vendor": "bouncycastle",
"version": "1.07"
},
{
"_id": null,
"model": "bouncy-castle-crypto-package",
"scope": "eq",
"trust": 1.0,
"vendor": "bouncycastle",
"version": "1.22"
},
{
"_id": null,
"model": "bouncy-castle-crypto-package",
"scope": "eq",
"trust": 1.0,
"vendor": "bouncycastle",
"version": "1.3.1"
},
{
"_id": null,
"model": "bouncy-castle-crypto-package",
"scope": "eq",
"trust": 1.0,
"vendor": "bouncycastle",
"version": "1.24"
},
{
"_id": null,
"model": "bc-java",
"scope": "eq",
"trust": 1.0,
"vendor": "bouncycastle",
"version": "1.28"
},
{
"_id": null,
"model": "bouncy-castle-crypto-package",
"scope": "eq",
"trust": 1.0,
"vendor": "bouncycastle",
"version": "1.13"
},
{
"_id": null,
"model": "bc-java",
"scope": "eq",
"trust": 1.0,
"vendor": "bouncycastle",
"version": "1.15"
},
{
"_id": null,
"model": "bc-java",
"scope": "eq",
"trust": 1.0,
"vendor": "bouncycastle",
"version": "1.16"
},
{
"_id": null,
"model": "bouncy-castle-crypto-package",
"scope": "eq",
"trust": 1.0,
"vendor": "bouncycastle",
"version": "1.27"
},
{
"_id": null,
"model": "bouncy-castle-crypto-package",
"scope": "eq",
"trust": 1.0,
"vendor": "bouncycastle",
"version": "1.05"
},
{
"_id": null,
"model": "bc-java",
"scope": "eq",
"trust": 1.0,
"vendor": "bouncycastle",
"version": "1.35"
},
{
"_id": null,
"model": "bouncy-castle-crypto-package",
"scope": "eq",
"trust": 1.0,
"vendor": "bouncycastle",
"version": "1.0"
},
{
"_id": null,
"model": "bouncy-castle-crypto-package",
"scope": "eq",
"trust": 1.0,
"vendor": "bouncycastle",
"version": "1.01"
},
{
"_id": null,
"model": "bouncy-castle-crypto-package",
"scope": "eq",
"trust": 1.0,
"vendor": "bouncycastle",
"version": "1.09"
},
{
"_id": null,
"model": "bc-java",
"scope": "eq",
"trust": 1.0,
"vendor": "bouncycastle",
"version": "1.31"
},
{
"_id": null,
"model": "bc-java",
"scope": "eq",
"trust": 1.0,
"vendor": "bouncycastle",
"version": "1.23"
},
{
"_id": null,
"model": "bc-java",
"scope": "eq",
"trust": 1.0,
"vendor": "bouncycastle",
"version": "1.29"
},
{
"_id": null,
"model": "bouncy-castle-crypto-package",
"scope": "eq",
"trust": 1.0,
"vendor": "bouncycastle",
"version": "1.12"
},
{
"_id": null,
"model": "bouncy-castle-crypto-package",
"scope": "eq",
"trust": 1.0,
"vendor": "bouncycastle",
"version": "1.32"
},
{
"_id": null,
"model": "bc-java",
"scope": "eq",
"trust": 1.0,
"vendor": "bouncycastle",
"version": "1.20"
},
{
"_id": null,
"model": "bc-java",
"scope": "eq",
"trust": 1.0,
"vendor": "bouncycastle",
"version": "1.30"
},
{
"_id": null,
"model": "bouncy-castle-crypto-package",
"scope": "eq",
"trust": 1.0,
"vendor": "bouncycastle",
"version": "1.19"
},
{
"_id": null,
"model": "bc-java",
"scope": "eq",
"trust": 1.0,
"vendor": "bouncycastle",
"version": "1.25"
},
{
"_id": null,
"model": "bouncy-castle-crypto-package",
"scope": "eq",
"trust": 1.0,
"vendor": "bouncycastle",
"version": "1.26"
},
{
"_id": null,
"model": "bc-java",
"scope": "eq",
"trust": 1.0,
"vendor": "bouncycastle",
"version": "1.04"
},
{
"_id": null,
"model": "bc-java",
"scope": "eq",
"trust": 1.0,
"vendor": "bouncycastle",
"version": "1.21"
},
{
"_id": null,
"model": "bc-java",
"scope": "eq",
"trust": 1.0,
"vendor": "bouncycastle",
"version": "1.33"
},
{
"_id": null,
"model": "bouncy-castle-crypto-package",
"scope": "eq",
"trust": 1.0,
"vendor": "bouncycastle",
"version": "1.06"
},
{
"_id": null,
"model": "bouncy-castle-crypto-package",
"scope": "eq",
"trust": 1.0,
"vendor": "bouncycastle",
"version": "1.34"
},
{
"_id": null,
"model": "bc-java",
"scope": "eq",
"trust": 1.0,
"vendor": "bouncycastle",
"version": "1.02"
},
{
"_id": null,
"model": "bc-java",
"scope": "eq",
"trust": 1.0,
"vendor": "bouncycastle",
"version": "1.17"
},
{
"_id": null,
"model": "bc-java",
"scope": "eq",
"trust": 1.0,
"vendor": "bouncycastle",
"version": "1.36"
},
{
"_id": null,
"model": "bouncy-castle-crypto-package",
"scope": "eq",
"trust": 1.0,
"vendor": "bouncycastle",
"version": "1.03"
},
{
"_id": null,
"model": "bc-java",
"scope": "eq",
"trust": 1.0,
"vendor": "bouncycastle",
"version": "1.14"
},
{
"_id": null,
"model": "bouncy-castle-crypto-package",
"scope": "lte",
"trust": 1.0,
"vendor": "bouncycastle",
"version": "1.35"
},
{
"_id": null,
"model": "bc-java",
"scope": "eq",
"trust": 1.0,
"vendor": "bouncycastle",
"version": "1.10"
},
{
"_id": null,
"model": "bc-java",
"scope": "eq",
"trust": 1.0,
"vendor": "bouncycastle",
"version": "1.11"
},
{
"_id": null,
"model": "bc-java",
"scope": "eq",
"trust": 1.0,
"vendor": "bouncycastle",
"version": "1.08"
},
{
"_id": null,
"model": "sdk 08",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"_id": null,
"model": "sdk 11",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"_id": null,
"model": "sdk 15",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"_id": null,
"model": "jre",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.5"
},
{
"_id": null,
"model": "jre",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.1.8"
},
{
"_id": null,
"model": "jre 06",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.5"
},
{
"_id": null,
"model": "jre 015",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.2.2"
},
{
"_id": null,
"model": "jre 01",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.1"
},
{
"_id": null,
"model": "jre 10",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"_id": null,
"model": "jre 14",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"_id": null,
"model": "sdk 03",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.1"
},
{
"_id": null,
"model": "jdk 09",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"_id": null,
"model": "jdk 007",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.1.6"
},
{
"_id": null,
"model": "jre 1.4.2 12",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "sdk 06",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"_id": null,
"model": "jre 02",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"_id": null,
"model": "sdk .0 02",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3"
},
{
"_id": null,
"model": "jre .0 04",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4"
},
{
"_id": null,
"model": "jre",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4"
},
{
"_id": null,
"model": "jre 07",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"_id": null,
"model": "jre 11",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"_id": null,
"model": "jre 03",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.1"
},
{
"_id": null,
"model": "sdk 02",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.1"
},
{
"_id": null,
"model": "jre 01",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"_id": null,
"model": "jre 04",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"_id": null,
"model": "jre .0 02",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3"
},
{
"_id": null,
"model": "sdk 07",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"_id": null,
"model": "jdk b 005",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.1.7"
},
{
"_id": null,
"model": "sdk 10",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"_id": null,
"model": "jre 02",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"_id": null,
"model": "sdk",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.2"
},
{
"_id": null,
"model": "jre 01",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"_id": null,
"model": "jre .0 03",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4"
},
{
"_id": null,
"model": "sdk .0 03",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4"
},
{
"_id": null,
"model": "jre 02",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.1"
},
{
"_id": null,
"model": "sdk 09",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"_id": null,
"model": "sdk 14",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"_id": null,
"model": "jdk .0 05",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.5"
},
{
"_id": null,
"model": "jre 06",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"_id": null,
"model": "sdk 12",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"_id": null,
"model": "jre",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.1"
},
{
"_id": null,
"model": "jre 03",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"_id": null,
"model": "sdk 02",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"_id": null,
"model": "sdk",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.1"
},
{
"_id": null,
"model": "sdk 08",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"_id": null,
"model": "sdk .0 4",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4"
},
{
"_id": null,
"model": "sdk .0 02",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4"
},
{
"_id": null,
"model": "sdk 007",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.2.2"
},
{
"_id": null,
"model": "jre",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"_id": null,
"model": "jre",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.2.1"
},
{
"_id": null,
"model": "jre 06",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"_id": null,
"model": "sdk 01",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.1"
},
{
"_id": null,
"model": "jre .0 02",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4"
},
{
"_id": null,
"model": "jre 13",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"_id": null,
"model": "sdk",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"_id": null,
"model": "sdk 13",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"_id": null,
"model": "jdk 008",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.1.8"
},
{
"_id": null,
"model": "jdk 08",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"_id": null,
"model": "jre 05",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"_id": null,
"model": "jre 08",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"_id": null,
"model": "jre",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.2"
},
{
"_id": null,
"model": "sdk 04",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"_id": null,
"model": "jre 12",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"_id": null,
"model": "sdk 05",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"_id": null,
"model": "sdk 03",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"_id": null,
"model": "jre 03",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"_id": null,
"model": "sdk",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4"
},
{
"_id": null,
"model": "jre .0 05",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3"
},
{
"_id": null,
"model": "jre 05",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"_id": null,
"model": "sdk 05",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"_id": null,
"model": "sdk 03",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"_id": null,
"model": "sdk 015",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.2.2"
},
{
"_id": null,
"model": "sdk",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.2.1"
},
{
"_id": null,
"model": "sdk 012",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.2.2"
},
{
"_id": null,
"model": "jre 09",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"_id": null,
"model": "sdk 014",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.2.2"
},
{
"_id": null,
"model": "jre 007",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.2.2"
},
{
"_id": null,
"model": "jdk 009",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.1.8"
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "wireshark",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "appgate network security",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "attachmatewrq",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "avaya",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "blue coat",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "gentoo linux",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "gnutls",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "hewlett packard",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "iaik java group",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "internet consortium",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "intoto",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "mandriva",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "mozilla",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "openwall gnu linux",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "opera",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "rsa security",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ssh security corp",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sybase",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "vmware",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "vandyke",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "stonesoft",
"version": null
},
{
"_id": null,
"model": "crypto package",
"scope": "lt",
"trust": 0.8,
"vendor": "bouncy castle",
"version": "1.36"
},
{
"_id": null,
"model": "java cryptography api",
"scope": "lt",
"trust": 0.8,
"vendor": "bouncy castle",
"version": "1.38"
},
{
"_id": null,
"model": "jre 005",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.2.2"
},
{
"_id": null,
"model": "jre 04",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.3.1"
},
{
"_id": null,
"model": "jre .0 01",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.4"
},
{
"_id": null,
"model": "jdk 003",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.2.1"
},
{
"_id": null,
"model": "jre 12",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.4.2"
},
{
"_id": null,
"model": "jdk",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.1.8"
},
{
"_id": null,
"model": "jdk 06",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.2.2"
},
{
"_id": null,
"model": "jre 007",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.1.8"
},
{
"_id": null,
"model": "jdk .0 04",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.5"
},
{
"_id": null,
"model": "jdk 005",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.1.8"
},
{
"_id": null,
"model": "jre",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.3"
},
{
"_id": null,
"model": "sdk 13",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.2.2"
},
{
"_id": null,
"model": "sdk 005",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.2.2"
},
{
"_id": null,
"model": "jre .0 04",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.3"
},
{
"_id": null,
"model": "jdk 006",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.2.2"
},
{
"_id": null,
"model": "sdk 01",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.3.1"
},
{
"_id": null,
"model": "jdk 05",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.2.2"
},
{
"_id": null,
"model": "jdk 007",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.1.8"
},
{
"_id": null,
"model": "jdk .0 03",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.5"
},
{
"_id": null,
"model": "jre 12",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.2.2"
},
{
"_id": null,
"model": "appeon",
"scope": "eq",
"trust": 0.6,
"vendor": "sybase",
"version": "3.1"
},
{
"_id": null,
"model": "jdk 06",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.5"
},
{
"_id": null,
"model": "jre b 007",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.1.7"
},
{
"_id": null,
"model": "sdk 05",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.3"
},
{
"_id": null,
"model": "jdk 002",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.1.8"
},
{
"_id": null,
"model": "jre 008",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.1.8"
},
{
"_id": null,
"model": "jdk 004",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.2.2"
},
{
"_id": null,
"model": "sdk 12",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.2.2"
},
{
"_id": null,
"model": "jdk 009",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.1.6"
},
{
"_id": null,
"model": "jdk 004",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.2.1"
},
{
"_id": null,
"model": "sdk 013",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.2.2"
},
{
"_id": null,
"model": "jdk b 007",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.1.7"
},
{
"_id": null,
"model": "jre 012",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.2.2"
},
{
"_id": null,
"model": "jre 005",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.1.8"
},
{
"_id": null,
"model": "jre 009",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.1.8"
},
{
"_id": null,
"model": "legion-of-the-bouncy-castle-java-crytography-api",
"scope": "eq",
"trust": 0.6,
"vendor": "bouncycastle",
"version": "1.35"
},
{
"_id": null,
"model": "legion-of-the-bouncy-castle-java-crytography-api",
"scope": "eq",
"trust": 0.6,
"vendor": "bouncycastle",
"version": "1.34"
},
{
"_id": null,
"model": "legion-of-the-bouncy-castle-java-crytography-api",
"scope": "eq",
"trust": 0.6,
"vendor": "bouncycastle",
"version": "1.33"
},
{
"_id": null,
"model": "legion-of-the-bouncy-castle-java-crytography-api",
"scope": "eq",
"trust": 0.6,
"vendor": "bouncycastle",
"version": "1.28"
},
{
"_id": null,
"model": "legion-of-the-bouncy-castle-java-crytography-api",
"scope": "eq",
"trust": 0.6,
"vendor": "bouncycastle",
"version": "1.23"
},
{
"_id": null,
"model": "legion-of-the-bouncy-castle-java-crytography-api",
"scope": "eq",
"trust": 0.6,
"vendor": "bouncycastle",
"version": "1.27"
},
{
"_id": null,
"model": "legion-of-the-bouncy-castle-java-crytography-api",
"scope": "eq",
"trust": 0.6,
"vendor": "bouncycastle",
"version": "1.32"
},
{
"_id": null,
"model": "legion-of-the-bouncy-castle-java-crytography-api",
"scope": "eq",
"trust": 0.6,
"vendor": "bouncycastle",
"version": "1.36"
},
{
"_id": null,
"model": "legion-of-the-bouncy-castle-java-crytography-api",
"scope": "eq",
"trust": 0.6,
"vendor": "bouncycastle",
"version": "1.26"
},
{
"_id": null,
"model": "legion-of-the-bouncy-castle-java-crytography-api",
"scope": "eq",
"trust": 0.6,
"vendor": "bouncycastle",
"version": "1.25"
},
{
"_id": null,
"model": "systems weblogic express",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.1"
},
{
"_id": null,
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3"
},
{
"_id": null,
"model": "security agent",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1.79"
},
{
"_id": null,
"model": "enterprise linux es ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"_id": null,
"model": "project openssl g",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"_id": null,
"model": "computing snapgear sg565",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "0"
},
{
"_id": null,
"model": "ciscoworks common services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2"
},
{
"_id": null,
"model": "communications security ssh tectia server",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.4.5"
},
{
"_id": null,
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0(1)"
},
{
"_id": null,
"model": "reflection for secure it",
"scope": "eq",
"trust": 0.3,
"vendor": "attachmate",
"version": "6.1"
},
{
"_id": null,
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.0"
},
{
"_id": null,
"model": "appliance server hosting edition",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "1.0"
},
{
"_id": null,
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "2.1"
},
{
"_id": null,
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1"
},
{
"_id": null,
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.1.0"
},
{
"_id": null,
"model": "project openssl b-36.8",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"_id": null,
"model": "enterprise linux extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"_id": null,
"model": "eii avaki sdf",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.0"
},
{
"_id": null,
"model": "risk analytics platform",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "2.9"
},
{
"_id": null,
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.03"
},
{
"_id": null,
"model": "s8300 cm",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"_id": null,
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.2"
},
{
"_id": null,
"model": "java system web server sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"_id": null,
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.4"
},
{
"_id": null,
"model": "communications security ssh tectia k",
"scope": "ne",
"trust": 0.3,
"vendor": "ssh",
"version": "4.3.10"
},
{
"_id": null,
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.1"
},
{
"_id": null,
"model": "linux enterprise desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"_id": null,
"model": "ons",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "154548.0"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "9.1"
},
{
"_id": null,
"model": "ipcop",
"scope": "eq",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.11"
},
{
"_id": null,
"model": "workstation build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0.380004"
},
{
"_id": null,
"model": "easerver",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.5"
},
{
"_id": null,
"model": "securecrt",
"scope": "eq",
"trust": 0.3,
"vendor": "vandyke",
"version": "5.2.2"
},
{
"_id": null,
"model": "hardware management console for iseries",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.3.7"
},
{
"_id": null,
"model": "workstation build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.334685"
},
{
"_id": null,
"model": "ffi global fix lite",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "0"
},
{
"_id": null,
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.2"
},
{
"_id": null,
"model": "bind b1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.7"
},
{
"_id": null,
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(0)"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.6"
},
{
"_id": null,
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(1)"
},
{
"_id": null,
"model": "project openssl h",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"_id": null,
"model": "unwired orchestrator",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.1"
},
{
"_id": null,
"model": "openvms secure web server",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1.2"
},
{
"_id": null,
"model": "propack sp6",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "3.0"
},
{
"_id": null,
"model": "project openssl i",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"_id": null,
"model": "java web proxy server sp8",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "3.6"
},
{
"_id": null,
"model": "workspace",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "1.6"
},
{
"_id": null,
"model": "2-stable-20061018",
"scope": null,
"trust": 0.3,
"vendor": "openpkg",
"version": null
},
{
"_id": null,
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"_id": null,
"model": "jre b",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.7"
},
{
"_id": null,
"model": "jre",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.3.1"
},
{
"_id": null,
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"_id": null,
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.12"
},
{
"_id": null,
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.11"
},
{
"_id": null,
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.04"
},
{
"_id": null,
"model": "linux mipsel",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"_id": null,
"model": "-release-p3",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"_id": null,
"model": "systems weblogic server for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.12"
},
{
"_id": null,
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "3.0.1"
},
{
"_id": null,
"model": "systems weblogic server for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.11"
},
{
"_id": null,
"model": "software opera web browser win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "6.0"
},
{
"_id": null,
"model": "linux professional x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"_id": null,
"model": "hat enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "3"
},
{
"_id": null,
"model": "4,0 beta",
"scope": null,
"trust": 0.3,
"vendor": "netbsd",
"version": null
},
{
"_id": null,
"model": "jre .0 01",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.3"
},
{
"_id": null,
"model": "-stablepre122300",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.2"
},
{
"_id": null,
"model": "bind a1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"_id": null,
"model": "software opera web browser 1win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.0"
},
{
"_id": null,
"model": "corporate server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "4.0"
},
{
"_id": null,
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.10"
},
{
"_id": null,
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2006.0"
},
{
"_id": null,
"model": "jdk 09",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"_id": null,
"model": "unwired accelerator and enterprise portal",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "7.0"
},
{
"_id": null,
"model": "mds",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "95000"
},
{
"_id": null,
"model": "netscape",
"scope": "eq",
"trust": 0.3,
"vendor": "netscape",
"version": "6.2.3"
},
{
"_id": null,
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "8.51"
},
{
"_id": null,
"model": "jre 12",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"_id": null,
"model": "systems weblogic express for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.13"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.8"
},
{
"_id": null,
"model": "sdk 10",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.2"
},
{
"_id": null,
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1(0)"
},
{
"_id": null,
"model": "risk analytics platform",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "3.0"
},
{
"_id": null,
"model": "java web proxy server",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "3.6"
},
{
"_id": null,
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.5.0.5"
},
{
"_id": null,
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.1"
},
{
"_id": null,
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.3"
},
{
"_id": null,
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.12"
},
{
"_id": null,
"model": "jdk 1.5.0.0 06",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "one application server standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0"
},
{
"_id": null,
"model": "siparator",
"scope": "ne",
"trust": 0.3,
"vendor": "ingate",
"version": "4.5.1"
},
{
"_id": null,
"model": "java system web server sp9",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"_id": null,
"model": "linux personal oss",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.0"
},
{
"_id": null,
"model": "sdk 04",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.3.1"
},
{
"_id": null,
"model": "communications security ssh tectia server",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.4.6"
},
{
"_id": null,
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.5.0.7"
},
{
"_id": null,
"model": "corporate server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "4.0"
},
{
"_id": null,
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.0.1"
},
{
"_id": null,
"model": "java system web server sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.1"
},
{
"_id": null,
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"_id": null,
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.1.3"
},
{
"_id": null,
"model": "access registrar",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.1"
},
{
"_id": null,
"model": "solonde etl",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "3.6"
},
{
"_id": null,
"model": "linux openexchange server",
"scope": null,
"trust": 0.3,
"vendor": "s u s e",
"version": null
},
{
"_id": null,
"model": "jsse",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.0.2"
},
{
"_id": null,
"model": "one web server sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"_id": null,
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"_id": null,
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.1.1"
},
{
"_id": null,
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.05"
},
{
"_id": null,
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.54"
},
{
"_id": null,
"model": "systems weblogic server for win32",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.1"
},
{
"_id": null,
"model": "one web server sp7",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"_id": null,
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.51"
},
{
"_id": null,
"model": "systems weblogic express for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.03"
},
{
"_id": null,
"model": "one web server sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"_id": null,
"model": "systems weblogic server for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.05"
},
{
"_id": null,
"model": "bind -p2",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.6"
},
{
"_id": null,
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.04"
},
{
"_id": null,
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.4"
},
{
"_id": null,
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.1"
},
{
"_id": null,
"model": "communications security ssh tectia server",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.1"
},
{
"_id": null,
"model": "java system web server sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.1"
},
{
"_id": null,
"model": "-release-p5",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.1"
},
{
"_id": null,
"model": "linux personal x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.0"
},
{
"_id": null,
"model": "eii avaki sdf",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "4.0"
},
{
"_id": null,
"model": "www-client/opera",
"scope": "eq",
"trust": 0.3,
"vendor": "gentoo",
"version": "9.0.2"
},
{
"_id": null,
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.3(5)"
},
{
"_id": null,
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.3"
},
{
"_id": null,
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.10"
},
{
"_id": null,
"model": "converged communications server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"_id": null,
"model": "software opera web browser win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "5.12"
},
{
"_id": null,
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.6.2"
},
{
"_id": null,
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5"
},
{
"_id": null,
"model": "project openssl d",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"_id": null,
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.01"
},
{
"_id": null,
"model": "rtds",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "2.0.1"
},
{
"_id": null,
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.2"
},
{
"_id": null,
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "44900"
},
{
"_id": null,
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.0"
},
{
"_id": null,
"model": "communications security ssh tectia server",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.4.4"
},
{
"_id": null,
"model": "project openssl beta2",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"_id": null,
"model": "call manager es56",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"_id": null,
"model": "sdk 07",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.2"
},
{
"_id": null,
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.10"
},
{
"_id": null,
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.06"
},
{
"_id": null,
"model": "systems weblogic server for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.01"
},
{
"_id": null,
"model": "systems weblogic server for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.06"
},
{
"_id": null,
"model": "systems weblogic server for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.02"
},
{
"_id": null,
"model": "personal",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"_id": null,
"model": "software opera web browser win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "5.02"
},
{
"_id": null,
"model": "systems weblogic express for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.04"
},
{
"_id": null,
"model": "project openssl e",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"_id": null,
"model": "-release-p32",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.5"
},
{
"_id": null,
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "3.1.1"
},
{
"_id": null,
"model": "jre 007",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.6"
},
{
"_id": null,
"model": "sdk",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "12.5.1"
},
{
"_id": null,
"model": "project openssl f",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"_id": null,
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1"
},
{
"_id": null,
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"_id": null,
"model": "jre 01a",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.3.1"
},
{
"_id": null,
"model": "works common services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2"
},
{
"_id": null,
"model": "reflection ftp client",
"scope": "eq",
"trust": 0.3,
"vendor": "attachmate",
"version": "12.0"
},
{
"_id": null,
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.1"
},
{
"_id": null,
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.3"
},
{
"_id": null,
"model": "unified presence server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.0"
},
{
"_id": null,
"model": "ffi global fix",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "0"
},
{
"_id": null,
"model": "communications security ssh tectia",
"scope": "ne",
"trust": 0.3,
"vendor": "ssh",
"version": "5.1.1"
},
{
"_id": null,
"model": "linux lts sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"_id": null,
"model": "call manager es33",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"_id": null,
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.1"
},
{
"_id": null,
"model": "easerver",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "6.0"
},
{
"_id": null,
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.1"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "10.2"
},
{
"_id": null,
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.5"
},
{
"_id": null,
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.1"
},
{
"_id": null,
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"_id": null,
"model": "-prerelease",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.4"
},
{
"_id": null,
"model": "jre 07",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.4.1"
},
{
"_id": null,
"model": "beta11",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0"
},
{
"_id": null,
"model": "rtds",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "3.1"
},
{
"_id": null,
"model": "jsse 01",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.0.3"
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.0.2.1"
},
{
"_id": null,
"model": "java system web server sp8",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"_id": null,
"model": "java system application server 2004q2",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0"
},
{
"_id": null,
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.2"
},
{
"_id": null,
"model": "bind b",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"_id": null,
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0.1"
},
{
"_id": null,
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.3"
},
{
"_id": null,
"model": "workstation build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.444386"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.3.132"
},
{
"_id": null,
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.1"
},
{
"_id": null,
"model": "java web proxy server sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "3.6"
},
{
"_id": null,
"model": "jre 009",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.6"
},
{
"_id": null,
"model": "communications security ssh tectia",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "2.1.3"
},
{
"_id": null,
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.5"
},
{
"_id": null,
"model": "systems weblogic server for win32",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.1"
},
{
"_id": null,
"model": "communications security ssh tectia server",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.4"
},
{
"_id": null,
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2"
},
{
"_id": null,
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "8.52"
},
{
"_id": null,
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "3.0.2"
},
{
"_id": null,
"model": "jre b 005",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.7"
},
{
"_id": null,
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5.1.639"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.5"
},
{
"_id": null,
"model": "hat enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "2.1"
},
{
"_id": null,
"model": "desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4.0"
},
{
"_id": null,
"model": "linux hppa",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"_id": null,
"model": "workstation build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.342958"
},
{
"_id": null,
"model": "jsse 02",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.0.3"
},
{
"_id": null,
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.0"
},
{
"_id": null,
"model": "application \u0026 content networking software",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "communications security ssh tectia server",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.4.2"
},
{
"_id": null,
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"_id": null,
"model": "jre 11",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.2"
},
{
"_id": null,
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.8"
},
{
"_id": null,
"model": "reflection",
"scope": "eq",
"trust": 0.3,
"vendor": "attachmate",
"version": "8.0"
},
{
"_id": null,
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.3.728"
},
{
"_id": null,
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.3(1)"
},
{
"_id": null,
"model": "ciscoworks common management foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.1"
},
{
"_id": null,
"model": "openvpn",
"scope": "ne",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.8"
},
{
"_id": null,
"model": "international cryptographic infrastructure",
"scope": "ne",
"trust": 0.3,
"vendor": "novell",
"version": "2.7.2"
},
{
"_id": null,
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.7"
},
{
"_id": null,
"model": "risk analytics platform",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "2.0"
},
{
"_id": null,
"model": "rtds",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "4.0"
},
{
"_id": null,
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1"
},
{
"_id": null,
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "8.54"
},
{
"_id": null,
"model": "software opera web browser beta",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "83"
},
{
"_id": null,
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.3.1"
},
{
"_id": null,
"model": "linux professional x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.1"
},
{
"_id": null,
"model": "systems weblogic express for win32",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.1"
},
{
"_id": null,
"model": "computing snapgear u2",
"scope": "ne",
"trust": 0.3,
"vendor": "secure",
"version": "3.1.4"
},
{
"_id": null,
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.07"
},
{
"_id": null,
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.53"
},
{
"_id": null,
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.4"
},
{
"_id": null,
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.1.1"
},
{
"_id": null,
"model": "systems weblogic server",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0"
},
{
"_id": null,
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.21"
},
{
"_id": null,
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2"
},
{
"_id": null,
"model": "java system web server sp5",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"_id": null,
"model": "computing snapgear sg580",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "0"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.4"
},
{
"_id": null,
"model": "ons 15454e optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.1"
},
{
"_id": null,
"model": "data auditing",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "4.5.3"
},
{
"_id": null,
"model": "openoffice",
"scope": "ne",
"trust": 0.3,
"vendor": "openoffice",
"version": "3.2"
},
{
"_id": null,
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.5"
},
{
"_id": null,
"model": "afaria",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.0"
},
{
"_id": null,
"model": "systems weblogic express for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.11"
},
{
"_id": null,
"model": "-release-p42",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.4"
},
{
"_id": null,
"model": "ons mstp",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154540"
},
{
"_id": null,
"model": "ssl360",
"scope": "ne",
"trust": 0.3,
"vendor": "arkoon",
"version": "2.0/3"
},
{
"_id": null,
"model": "java system application server 2004q2 r1standard",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0"
},
{
"_id": null,
"model": "seamonkey",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.0.5"
},
{
"_id": null,
"model": "hardware management console for pseries",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.3.7"
},
{
"_id": null,
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.4"
},
{
"_id": null,
"model": "communications security ssh tectia server for ibm z/os",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "5.1"
},
{
"_id": null,
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"_id": null,
"model": "easerver",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.2"
},
{
"_id": null,
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.5"
},
{
"_id": null,
"model": "secure acs solution engine",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.2"
},
{
"_id": null,
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.6(0)"
},
{
"_id": null,
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"_id": null,
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "8.0"
},
{
"_id": null,
"model": "unwired orchestrator",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "4.3"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.2"
},
{
"_id": null,
"model": "data direct odbc/ole-db drivers for ase",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "0"
},
{
"_id": null,
"model": "java system web server sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"_id": null,
"model": "s8500 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"_id": null,
"model": "hardware management console for pseries r1.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0"
},
{
"_id": null,
"model": "communications security tectia",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "2.0"
},
{
"_id": null,
"model": "bind a5",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"_id": null,
"model": "global fix lite",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "0"
},
{
"_id": null,
"model": "easerver",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.3"
},
{
"_id": null,
"model": "software opera web browser win32 beta",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.01"
},
{
"_id": null,
"model": "communications security ssh tectia manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "2.1.3"
},
{
"_id": null,
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.1"
},
{
"_id": null,
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.6.2"
},
{
"_id": null,
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1(1)"
},
{
"_id": null,
"model": "works common services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0"
},
{
"_id": null,
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.6(1)"
},
{
"_id": null,
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.8"
},
{
"_id": null,
"model": "software opera web browser linux",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "6.0.1"
},
{
"_id": null,
"model": "bind -p1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.6"
},
{
"_id": null,
"model": "netscape",
"scope": "eq",
"trust": 0.3,
"vendor": "netscape",
"version": "7.1"
},
{
"_id": null,
"model": "communications security ssh tectia server",
"scope": "ne",
"trust": 0.3,
"vendor": "ssh",
"version": "4.4.7"
},
{
"_id": null,
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.22"
},
{
"_id": null,
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.1"
},
{
"_id": null,
"model": "hardware management console for iseries r5.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"_id": null,
"model": "wide area application services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "secure acs solution engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3.1"
},
{
"_id": null,
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"_id": null,
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.0.4"
},
{
"_id": null,
"model": "virtualvault a.04.50",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "jdk 14",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"_id": null,
"model": "integrated management",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"_id": null,
"model": "secure global desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "4.2"
},
{
"_id": null,
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.14"
},
{
"_id": null,
"model": "project openssl g",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"_id": null,
"model": "bind a4",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"_id": null,
"model": "computing snapgear sg560",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "0"
},
{
"_id": null,
"model": "suse linux school server for i386",
"scope": null,
"trust": 0.3,
"vendor": "s u s e",
"version": null
},
{
"_id": null,
"model": "communications security ssh tectia connector",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "5.0.1"
},
{
"_id": null,
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.5"
},
{
"_id": null,
"model": "current",
"scope": null,
"trust": 0.3,
"vendor": "openpkg",
"version": null
},
{
"_id": null,
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.2"
},
{
"_id": null,
"model": "jre 10",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"_id": null,
"model": "rtds",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "2.0"
},
{
"_id": null,
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.4"
},
{
"_id": null,
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3"
},
{
"_id": null,
"model": "one web server",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"_id": null,
"model": "bind rc2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.7"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.0"
},
{
"_id": null,
"model": "systems weblogic express for win32",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.1"
},
{
"_id": null,
"model": "communications security ssh tectia manager",
"scope": "ne",
"trust": 0.3,
"vendor": "ssh",
"version": "2.2.1"
},
{
"_id": null,
"model": "rtds",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "3.5"
},
{
"_id": null,
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.1"
},
{
"_id": null,
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.3"
},
{
"_id": null,
"model": "systems weblogic express for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.07"
},
{
"_id": null,
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.2.1"
},
{
"_id": null,
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"_id": null,
"model": "call manager es07",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"_id": null,
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.04"
},
{
"_id": null,
"model": "communications security ssh tectia server",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.4.1"
},
{
"_id": null,
"model": "jdk 1.5.0.0 04",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "java system web server sp5",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.1"
},
{
"_id": null,
"model": "workspace",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "1.5"
},
{
"_id": null,
"model": "tomboy",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"_id": null,
"model": "hardware management console for iseries r1.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0"
},
{
"_id": null,
"model": "linux ia-64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"_id": null,
"model": "one application server platform edition",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0"
},
{
"_id": null,
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"_id": null,
"model": "reflection",
"scope": "eq",
"trust": 0.3,
"vendor": "attachmate",
"version": "x0"
},
{
"_id": null,
"model": "project openssl h",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"_id": null,
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.5"
},
{
"_id": null,
"model": "ecda",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "12.6"
},
{
"_id": null,
"model": "communications security ssh tectia manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "2.2"
},
{
"_id": null,
"model": "software opera web browser j",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.11"
},
{
"_id": null,
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.5"
},
{
"_id": null,
"model": "project openssl i",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"_id": null,
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5.1"
},
{
"_id": null,
"model": "bind rc2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"_id": null,
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0.1"
},
{
"_id": null,
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.1.1"
},
{
"_id": null,
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.4"
},
{
"_id": null,
"model": "corporate server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "3.0"
},
{
"_id": null,
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.1.2"
},
{
"_id": null,
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.4"
},
{
"_id": null,
"model": "appeon",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.0"
},
{
"_id": null,
"model": "solaris 8 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"_id": null,
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.0.1"
},
{
"_id": null,
"model": "one web server sp9",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"_id": null,
"model": "secure acs solution engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3"
},
{
"_id": null,
"model": "communications security ssh tectia connector",
"scope": "ne",
"trust": 0.3,
"vendor": "ssh",
"version": "5.0.3"
},
{
"_id": null,
"model": "secure acs for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.3"
},
{
"_id": null,
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.7"
},
{
"_id": null,
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "2.0.4"
},
{
"_id": null,
"model": "project openssl c",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"_id": null,
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.12"
},
{
"_id": null,
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.42"
},
{
"_id": null,
"model": "communications security ssh tectia server",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.2"
},
{
"_id": null,
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.1"
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.2"
},
{
"_id": null,
"model": "systems weblogic server for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.12"
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.1"
},
{
"_id": null,
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"_id": null,
"model": "call manager es50",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"_id": null,
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.3"
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "8.1.7"
},
{
"_id": null,
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "8.50"
},
{
"_id": null,
"model": "project openssl c",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.1"
},
{
"_id": null,
"model": "workspace",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "1.0"
},
{
"_id": null,
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.04"
},
{
"_id": null,
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.5"
},
{
"_id": null,
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.0"
},
{
"_id": null,
"model": "corporate server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "3.0"
},
{
"_id": null,
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "6.06"
},
{
"_id": null,
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "6.0.1"
},
{
"_id": null,
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.4"
},
{
"_id": null,
"model": "ecda",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "12.5"
},
{
"_id": null,
"model": "jre 07",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.2"
},
{
"_id": null,
"model": "s8500 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"_id": null,
"model": "s8700 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"_id": null,
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.1"
},
{
"_id": null,
"model": "sdk 05a",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.2"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.10"
},
{
"_id": null,
"model": "systems weblogic server for win32",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "9.1"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.9"
},
{
"_id": null,
"model": "software opera web browser linux",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "6.0.3"
},
{
"_id": null,
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.1"
},
{
"_id": null,
"model": "java web proxy server sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "3.6"
},
{
"_id": null,
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.3"
},
{
"_id": null,
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"_id": null,
"model": "hat network satellite (for rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "3)4.2"
},
{
"_id": null,
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.3"
},
{
"_id": null,
"model": "eii avaki sdf",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "3.0"
},
{
"_id": null,
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1(2)"
},
{
"_id": null,
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "3.1"
},
{
"_id": null,
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.2"
},
{
"_id": null,
"model": "software opera web browser beta build",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.2012981"
},
{
"_id": null,
"model": "project openssl c",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"_id": null,
"model": "-release-p20",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"_id": null,
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.3"
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2.8"
},
{
"_id": null,
"model": "bind b1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"_id": null,
"model": "secure linux",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "2.2"
},
{
"_id": null,
"model": "security mars",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2.2"
},
{
"_id": null,
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "9"
},
{
"_id": null,
"model": "eii avaki sdf",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "6.2"
},
{
"_id": null,
"model": "project openssl l",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"_id": null,
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.1"
},
{
"_id": null,
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.6"
},
{
"_id": null,
"model": "sdk 003",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.1"
},
{
"_id": null,
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "8.53"
},
{
"_id": null,
"model": "reflection sp1",
"scope": "ne",
"trust": 0.3,
"vendor": "attachmate",
"version": "14.0"
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.2.3"
},
{
"_id": null,
"model": "sdk",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.2"
},
{
"_id": null,
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.4.1"
},
{
"_id": null,
"model": "java system web server",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.1"
},
{
"_id": null,
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "2.0.1"
},
{
"_id": null,
"model": "rfid enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "2.0"
},
{
"_id": null,
"model": "current pre20010701",
"scope": null,
"trust": 0.3,
"vendor": "netbsd",
"version": null
},
{
"_id": null,
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.15"
},
{
"_id": null,
"model": "f...",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10"
},
{
"_id": null,
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.0"
},
{
"_id": null,
"model": "jdk b",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.7"
},
{
"_id": null,
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.6"
},
{
"_id": null,
"model": "systems weblogic server for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.15"
},
{
"_id": null,
"model": "-release-p38",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.3"
},
{
"_id": null,
"model": "hp-ux b.11.00",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "hp-ux b.11.31",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "linux personal x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"_id": null,
"model": "project openssl e",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"_id": null,
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.14"
},
{
"_id": null,
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.13"
},
{
"_id": null,
"model": "ciscoworks common management foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "corp banking",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "0"
},
{
"_id": null,
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.4"
},
{
"_id": null,
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"_id": null,
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.2"
},
{
"_id": null,
"model": "systems weblogic server for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.14"
},
{
"_id": null,
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.0"
},
{
"_id": null,
"model": "java system application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0"
},
{
"_id": null,
"model": "hat enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "4"
},
{
"_id": null,
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.2"
},
{
"_id": null,
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.4"
},
{
"_id": null,
"model": "linux s/390",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"_id": null,
"model": "tomboy",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.0"
},
{
"_id": null,
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2007.0"
},
{
"_id": null,
"model": "secure acs for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.3.5.1"
},
{
"_id": null,
"model": "linux enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"_id": null,
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.1.3"
},
{
"_id": null,
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.2.1"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "10.0"
},
{
"_id": null,
"model": "communications security ssh tectia server for ibm z/os",
"scope": "ne",
"trust": 0.3,
"vendor": "ssh",
"version": "5.1.1"
},
{
"_id": null,
"model": "linux lts powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"_id": null,
"model": "project openssl beta3",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"_id": null,
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.10"
},
{
"_id": null,
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.2"
},
{
"_id": null,
"model": "communications security ssh tectia k",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.3.9"
},
{
"_id": null,
"model": "one web server sp8",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"_id": null,
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"_id": null,
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.12"
},
{
"_id": null,
"model": "software opera web browser linux",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "6.10"
},
{
"_id": null,
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.11"
},
{
"_id": null,
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.4"
},
{
"_id": null,
"model": "hat red hat network satellite server",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "4.2"
},
{
"_id": null,
"model": "software opera web browser win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "6.0.5"
},
{
"_id": null,
"model": "java system application server 2004q2 r1enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0"
},
{
"_id": null,
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.10"
},
{
"_id": null,
"model": "5.4-stable",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.0"
},
{
"_id": null,
"model": "bind a6",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"_id": null,
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.3"
},
{
"_id": null,
"model": "jdk 02",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.4.2"
},
{
"_id": null,
"model": "message networking",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"_id": null,
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.9"
},
{
"_id": null,
"model": "communications security ssh tectia",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "2.1.2"
},
{
"_id": null,
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0(0)"
},
{
"_id": null,
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "8.0"
},
{
"_id": null,
"model": "-release-p8",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.10"
},
{
"_id": null,
"model": "seamonkey",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.0.3"
},
{
"_id": null,
"model": "desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3.0"
},
{
"_id": null,
"model": "communications security ssh tectia j",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.3.1"
},
{
"_id": null,
"model": "-release-p17",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.7"
},
{
"_id": null,
"model": "secure enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "2.0"
},
{
"_id": null,
"model": "rfid enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "2.2"
},
{
"_id": null,
"model": "call manager es24",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"_id": null,
"model": "powerbuilder",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "9.0"
},
{
"_id": null,
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.2"
},
{
"_id": null,
"model": "reflection",
"scope": "eq",
"trust": 0.3,
"vendor": "attachmate",
"version": "14.0"
},
{
"_id": null,
"model": "reflection",
"scope": "eq",
"trust": 0.3,
"vendor": "attachmate",
"version": "13.0.4"
},
{
"_id": null,
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "44910"
},
{
"_id": null,
"model": "s8300 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"_id": null,
"model": "software opera web browser .6win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "6.0"
},
{
"_id": null,
"model": "sdk 02",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.4.2"
},
{
"_id": null,
"model": "sdk 11",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.2"
},
{
"_id": null,
"model": "-prerelease",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.8"
},
{
"_id": null,
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.11"
},
{
"_id": null,
"model": "openvms secure web server",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1.1-1"
},
{
"_id": null,
"model": "data integration suite di",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "1.0"
},
{
"_id": null,
"model": "linux enterprise sdk",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"_id": null,
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2.1"
},
{
"_id": null,
"model": "reflection",
"scope": "eq",
"trust": 0.3,
"vendor": "attachmate",
"version": "13.0"
},
{
"_id": null,
"model": "rtds",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "3.0"
},
{
"_id": null,
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.14"
},
{
"_id": null,
"model": "java web proxy server sp7",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "3.6"
},
{
"_id": null,
"model": "systems weblogic server",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "9.0"
},
{
"_id": null,
"model": "java system application server platform edition q1 ur1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "8.12005"
},
{
"_id": null,
"model": "data auditing",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "4.5.2"
},
{
"_id": null,
"model": "communications security ssh tectia j",
"scope": "ne",
"trust": 0.3,
"vendor": "ssh",
"version": "4.3.3"
},
{
"_id": null,
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.05"
},
{
"_id": null,
"model": "openbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "openbsd",
"version": "3.9"
},
{
"_id": null,
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.3"
},
{
"_id": null,
"model": "reflection for secure it sp1",
"scope": "ne",
"trust": 0.3,
"vendor": "attachmate",
"version": "6.1"
},
{
"_id": null,
"model": "communications security ssh tectia",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "1.4"
},
{
"_id": null,
"model": "communications security ssh tectia connector",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "5.0.2"
},
{
"_id": null,
"model": "stable",
"scope": null,
"trust": 0.3,
"vendor": "openpkg",
"version": null
},
{
"_id": null,
"model": "java system web server sp10",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"_id": null,
"model": "sdk 14",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.2"
},
{
"_id": null,
"model": "4.10-prerelease",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "java enterprise system 2005q1",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "sdk 01",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.4.2"
},
{
"_id": null,
"model": "reflection sftp client",
"scope": "eq",
"trust": 0.3,
"vendor": "attachmate",
"version": "6.0"
},
{
"_id": null,
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.10"
},
{
"_id": null,
"model": "communications security ssh tectia",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "2.0"
},
{
"_id": null,
"model": "solaris 8 sparc",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "hat red hat network satellite server",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5.0"
},
{
"_id": null,
"model": "afaria",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.1"
},
{
"_id": null,
"model": "s8700 cm",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"_id": null,
"model": "linux professional oss",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.0"
},
{
"_id": null,
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2007.0"
},
{
"_id": null,
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.0"
},
{
"_id": null,
"model": "linux enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "8"
},
{
"_id": null,
"model": "system management homepage",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.9"
},
{
"_id": null,
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.0.2"
},
{
"_id": null,
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.3"
},
{
"_id": null,
"model": "linux professional x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"_id": null,
"model": "secure linux",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "3.0"
},
{
"_id": null,
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.02"
},
{
"_id": null,
"model": "appliance server workgroup edition",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "1.0"
},
{
"_id": null,
"model": "java system application server platform edition q1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "8.12005"
},
{
"_id": null,
"model": "player build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.680404"
},
{
"_id": null,
"model": "s8710 cm",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"_id": null,
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.9"
},
{
"_id": null,
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.7"
},
{
"_id": null,
"model": "iq extended enterpirse edition",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "12.7"
},
{
"_id": null,
"model": "systems weblogic express",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0"
},
{
"_id": null,
"model": "jdk 13",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"_id": null,
"model": "systems weblogic express for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.12"
},
{
"_id": null,
"model": "systems weblogic express for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.11"
},
{
"_id": null,
"model": "java system application server standard 2004q2 r5",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0.0"
},
{
"_id": null,
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.2.0"
},
{
"_id": null,
"model": "bind rc3",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.7"
},
{
"_id": null,
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.1"
},
{
"_id": null,
"model": "sdk 07a",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.2"
},
{
"_id": null,
"model": "call manager es32",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"_id": null,
"model": "interactive response",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"_id": null,
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3"
},
{
"_id": null,
"model": "-release-p20",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.6"
},
{
"_id": null,
"model": "unwired accelerator and enterprise portal",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "6.0"
},
{
"_id": null,
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.2"
},
{
"_id": null,
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.6"
},
{
"_id": null,
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.4.1"
},
{
"_id": null,
"model": "software opera web browser mac",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "5.0"
},
{
"_id": null,
"model": "eii avaki sdf",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "6.1"
},
{
"_id": null,
"model": "java system application server enterprise edition 2005q1rhel2.1/rhel3",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "8.1"
},
{
"_id": null,
"model": "communications security ssh tectia manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "2.1.2"
},
{
"_id": null,
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.6.3"
},
{
"_id": null,
"model": "international cryptographic infostructure",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "2.6.1"
},
{
"_id": null,
"model": "communications security ssh tectia k",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.3.8"
},
{
"_id": null,
"model": "linux ppc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"_id": null,
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"_id": null,
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1(3)"
},
{
"_id": null,
"model": "multi network firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "2.0"
},
{
"_id": null,
"model": "software opera web browser b",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.11"
},
{
"_id": null,
"model": "workstation build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.680404"
},
{
"_id": null,
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"_id": null,
"model": "project openssl k",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"_id": null,
"model": "communications security ssh tectia connector",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "5.0"
},
{
"_id": null,
"model": "bind rc1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.7"
},
{
"_id": null,
"model": "java system application server standard 2004q2 r4",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0.0"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "rpath",
"version": "1"
},
{
"_id": null,
"model": "bind rc3",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"_id": null,
"model": "call manager sr2",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"_id": null,
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "9.01"
},
{
"_id": null,
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"_id": null,
"model": "call manager sr2b",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"_id": null,
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "7.0"
},
{
"_id": null,
"model": "java system application server 2004q2 r2 enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0"
},
{
"_id": null,
"model": "java system web server sp6",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"_id": null,
"model": "current august",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "232006"
},
{
"_id": null,
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.6(0)"
},
{
"_id": null,
"model": "linux lts i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"_id": null,
"model": "messaging storage server",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"_id": null,
"model": "jre 05a",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.2"
},
{
"_id": null,
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"_id": null,
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.2"
},
{
"_id": null,
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.2"
},
{
"_id": null,
"model": "sdk 007",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"_id": null,
"model": "software opera web browser win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.0"
},
{
"_id": null,
"model": "systems weblogic express for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.05"
},
{
"_id": null,
"model": "one web server sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"_id": null,
"model": "intuity lx",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"_id": null,
"model": "software opera web browser win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "6.0.1"
},
{
"_id": null,
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "2.0"
},
{
"_id": null,
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.1"
},
{
"_id": null,
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.13"
},
{
"_id": null,
"model": "linux personal x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.1"
},
{
"_id": null,
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.x"
},
{
"_id": null,
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.0(1)"
},
{
"_id": null,
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "2.0.2"
},
{
"_id": null,
"model": "reflection for secure it",
"scope": "eq",
"trust": 0.3,
"vendor": "attachmate",
"version": "6.0"
},
{
"_id": null,
"model": "jre 003",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.2"
},
{
"_id": null,
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.4.3"
},
{
"_id": null,
"model": "jdk 15",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"_id": null,
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.11"
},
{
"_id": null,
"model": "systems weblogic server for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.13"
},
{
"_id": null,
"model": "communications security ssh tectia manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "2.0"
},
{
"_id": null,
"model": "cvlan",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"_id": null,
"model": "jre 099",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"_id": null,
"model": "java system application server 2004q2 r3 enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0"
},
{
"_id": null,
"model": "java enterprise system 2003q4",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "netscape",
"scope": "eq",
"trust": 0.3,
"vendor": "netscape",
"version": "7.0"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.8"
},
{
"_id": null,
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.4"
},
{
"_id": null,
"model": "java system application server 2004q2 r3 standard",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0"
},
{
"_id": null,
"model": "bind a2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"_id": null,
"model": "jre beta",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.5.0"
},
{
"_id": null,
"model": "software opera web browser win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "5.10"
},
{
"_id": null,
"model": "systems weblogic express for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.01"
},
{
"_id": null,
"model": "java system application server 2004q2",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7"
},
{
"_id": null,
"model": "systems weblogic express for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.06"
},
{
"_id": null,
"model": "systems weblogic express for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.02"
},
{
"_id": null,
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.6"
},
{
"_id": null,
"model": "linux mips",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "pardus",
"version": "20090"
},
{
"_id": null,
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.2"
},
{
"_id": null,
"model": "bind a3",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"_id": null,
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.03"
},
{
"_id": null,
"model": "ace",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0"
},
{
"_id": null,
"model": "3.1 rc3",
"scope": null,
"trust": 0.3,
"vendor": "netbsd",
"version": null
},
{
"_id": null,
"model": "e-biz impact",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.5"
},
{
"_id": null,
"model": "ase",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "11.5"
},
{
"_id": null,
"model": "systems weblogic server for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.03"
},
{
"_id": null,
"model": "hp-ux b.11.23",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.10"
},
{
"_id": null,
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "8.02"
},
{
"_id": null,
"model": "ipcop",
"scope": "eq",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.12"
},
{
"_id": null,
"model": "jre",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.6"
},
{
"_id": null,
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "3.0"
},
{
"_id": null,
"model": "java system application server enterprise 2004q2 r5",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0.0"
},
{
"_id": null,
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"_id": null,
"model": "-release-p7",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.8"
},
{
"_id": null,
"model": "unwired accelerator and enterprise portal",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "8.0"
},
{
"_id": null,
"model": "one web server sp6",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"_id": null,
"model": "jre 14",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"_id": null,
"model": "systems weblogic server for win32",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0"
},
{
"_id": null,
"model": "jre 13",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"_id": null,
"model": "powerbuilder",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "10.5"
},
{
"_id": null,
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.2"
},
{
"_id": null,
"model": "enterprise linux extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"_id": null,
"model": "jdk 12",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"_id": null,
"model": "bind b3",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"_id": null,
"model": "mach desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "2.2.1"
},
{
"_id": null,
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.6(1)"
},
{
"_id": null,
"model": "jdk 11",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"_id": null,
"model": "advanced linux environment",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "3.0"
},
{
"_id": null,
"model": "secure global desktop",
"scope": "ne",
"trust": 0.3,
"vendor": "sun",
"version": "4.3"
},
{
"_id": null,
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.4"
},
{
"_id": null,
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.5"
},
{
"_id": null,
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "8.0.2"
},
{
"_id": null,
"model": "communications security ssh tectia manager",
"scope": "ne",
"trust": 0.3,
"vendor": "ssh",
"version": "2.1.4"
},
{
"_id": null,
"model": "ipcop",
"scope": "ne",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.13"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "10.1"
},
{
"_id": null,
"model": "systems weblogic server for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.04"
},
{
"_id": null,
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.1"
},
{
"_id": null,
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.1"
},
{
"_id": null,
"model": "one web server sp10",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"_id": null,
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.0"
},
{
"_id": null,
"model": "eii avaki sdf",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "7.0"
},
{
"_id": null,
"model": "aura sip enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"_id": null,
"model": "java system application server standard platform q1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "8.12005"
},
{
"_id": null,
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.52"
},
{
"_id": null,
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.10"
},
{
"_id": null,
"model": "red hat network satellite (for rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3)4.2"
},
{
"_id": null,
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.6"
},
{
"_id": null,
"model": "ssl360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "2.0/2"
},
{
"_id": null,
"model": "webproxy a.02.10",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.4.2"
},
{
"_id": null,
"model": "java system application server enterprise 2004q2 r4",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0.0"
},
{
"_id": null,
"model": "java system web server sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.1"
},
{
"_id": null,
"model": "computing snapgear sg710",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "0"
},
{
"_id": null,
"model": "call manager es62",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"_id": null,
"model": "java system web server sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"_id": null,
"model": "secure acs build",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(1)23"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.11"
},
{
"_id": null,
"model": "one web server sp5",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"_id": null,
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "8.2"
},
{
"_id": null,
"model": "project openssl c",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"_id": null,
"model": "openvms secure web server",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.2"
},
{
"_id": null,
"model": "ace",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.3"
},
{
"_id": null,
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.10"
},
{
"_id": null,
"model": "bpi for healthcare",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "2.2"
},
{
"_id": null,
"model": "jdk 099",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"_id": null,
"model": "jre 006",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.2"
},
{
"_id": null,
"model": "s8500",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "0"
},
{
"_id": null,
"model": "software opera web browser win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "6.0.3"
},
{
"_id": null,
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3"
},
{
"_id": null,
"model": "powerbuilder",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "10.2.0"
},
{
"_id": null,
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.13"
},
{
"_id": null,
"model": "webproxy a.02.00",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "systems weblogic server",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.1"
},
{
"_id": null,
"model": "virtualvault a.04.70",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "network satellite (for rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4)5.1"
},
{
"_id": null,
"model": "jdk",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.6"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "11.0"
},
{
"_id": null,
"model": "sdk 02",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.3"
},
{
"_id": null,
"model": "s8710 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"_id": null,
"model": "hardware management console for pseries r1.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0"
},
{
"_id": null,
"model": "advanced workstation for the itanium processor ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"_id": null,
"model": "e-biz impact",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.4.5"
},
{
"_id": null,
"model": "java system application server enterprise edition q1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "8.12005"
},
{
"_id": null,
"model": "project openssl j",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"_id": null,
"model": "linux -current",
"scope": null,
"trust": 0.3,
"vendor": "slackware",
"version": null
},
{
"_id": null,
"model": "bind -p2",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.2"
},
{
"_id": null,
"model": "home",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"_id": null,
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.4"
},
{
"_id": null,
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.3"
},
{
"_id": null,
"model": "easerver",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.0"
},
{
"_id": null,
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.4.1"
},
{
"_id": null,
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5"
},
{
"_id": null,
"model": "communications security ssh tectia j",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.0"
},
{
"_id": null,
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.0"
},
{
"_id": null,
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"_id": null,
"model": "jdk 1.5.0.0 03",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10.0"
},
{
"_id": null,
"model": "project openssl k",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"_id": null,
"model": "advanced workstation for the itanium processor",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"_id": null,
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10.0"
},
{
"_id": null,
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.1"
},
{
"_id": null,
"model": "novell linux pos",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9"
},
{
"_id": null,
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154542.3(5)"
},
{
"_id": null,
"model": "ssl360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "1.0"
},
{
"_id": null,
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.10"
},
{
"_id": null,
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.0.3-1"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1"
},
{
"_id": null,
"model": "jdk 10",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"_id": null,
"model": "solaris 10 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "ffi uofx",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "0"
},
{
"_id": null,
"model": "linux ia-32",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"_id": null,
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "44920"
},
{
"_id": null,
"model": "network satellite (for rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4)4.2"
},
{
"_id": null,
"model": "suse linux openexchange server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "4.0"
},
{
"_id": null,
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.50"
},
{
"_id": null,
"model": "-prerelease",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.9"
},
{
"_id": null,
"model": "jre",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.3.0"
},
{
"_id": null,
"model": "linux professional x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.0"
},
{
"_id": null,
"model": "multimedia",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"_id": null,
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.0(2)"
},
{
"_id": null,
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.1.1"
},
{
"_id": null,
"model": "wide area file services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "1.0"
},
{
"_id": null,
"model": "call manager sr2c",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"_id": null,
"model": "java web proxy server sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "3.6"
},
{
"_id": null,
"model": "alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.0"
},
{
"_id": null,
"model": "reflection",
"scope": "ne",
"trust": 0.3,
"vendor": "attachmate",
"version": "13.0.5"
},
{
"_id": null,
"model": "systems weblogic express",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.1"
},
{
"_id": null,
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.11"
},
{
"_id": null,
"model": "secure acs for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.0"
},
{
"_id": null,
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.5"
},
{
"_id": null,
"model": "fuji",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"_id": null,
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"_id": null,
"model": "systems weblogic server for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.11"
},
{
"_id": null,
"model": "seamonkey",
"scope": "ne",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.0.6"
},
{
"_id": null,
"model": "ase",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "12.5.2"
},
{
"_id": null,
"model": "unwired orchestrator",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.0"
},
{
"_id": null,
"model": "systems weblogic express for win32",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0"
},
{
"_id": null,
"model": "afaria",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.4"
},
{
"_id": null,
"model": "jsse 03",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.0.3"
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2.0"
},
{
"_id": null,
"model": "linux lts amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"_id": null,
"model": "one web server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"_id": null,
"model": "e1.0-solid",
"scope": null,
"trust": 0.3,
"vendor": "openpkg",
"version": null
},
{
"_id": null,
"model": "jre 003",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.1"
},
{
"_id": null,
"model": "suse linux retail solution",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "8.0"
},
{
"_id": null,
"model": "systems weblogic express",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "9.2"
},
{
"_id": null,
"model": "server",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.5"
},
{
"_id": null,
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.1"
},
{
"_id": null,
"model": "firewall",
"scope": "ne",
"trust": 0.3,
"vendor": "ingate",
"version": "4.5.1"
},
{
"_id": null,
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(2)"
},
{
"_id": null,
"model": "afaria",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.2"
},
{
"_id": null,
"model": "systems weblogic server",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.1"
},
{
"_id": null,
"model": "suse linux standard server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "8.0"
},
{
"_id": null,
"model": "hardware management console for pseries r5.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"_id": null,
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.1"
},
{
"_id": null,
"model": "netscape",
"scope": "eq",
"trust": 0.3,
"vendor": "netscape",
"version": "7.2"
},
{
"_id": null,
"model": "-release/alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.1"
},
{
"_id": null,
"model": "ffi bptw",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "0"
},
{
"_id": null,
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(3)"
},
{
"_id": null,
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.1"
},
{
"_id": null,
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"_id": null,
"model": "java web proxy server sp6",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "3.6"
},
{
"_id": null,
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.0"
},
{
"_id": null,
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.5"
},
{
"_id": null,
"model": "ciscoworks common management foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.0"
},
{
"_id": null,
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.4"
},
{
"_id": null,
"model": "java system application server 2004q2 r2 standard",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0"
},
{
"_id": null,
"model": "communications security ssh tectia j",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.3.2"
},
{
"_id": null,
"model": "call manager 4.1 sr4",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "openvms secure web server",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1-1"
},
{
"_id": null,
"model": "virtualvault a.04.60",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "open-enterprise-server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "0"
},
{
"_id": null,
"model": "afaria",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.3"
},
{
"_id": null,
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.0.3"
},
{
"_id": null,
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2.1"
},
{
"_id": null,
"model": "-release-p14",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.0"
},
{
"_id": null,
"model": "reflection",
"scope": "eq",
"trust": 0.3,
"vendor": "attachmate",
"version": "10.0"
},
{
"_id": null,
"model": "java enterprise system 2005q4",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "systems weblogic express",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "9.0"
},
{
"_id": null,
"model": "hat fedora core5",
"scope": null,
"trust": 0.3,
"vendor": "red",
"version": null
},
{
"_id": null,
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.02"
},
{
"_id": null,
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.6"
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.0.2.0"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.0.1"
},
{
"_id": null,
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.4"
},
{
"_id": null,
"model": "ipcop",
"scope": "eq",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.10"
},
{
"_id": null,
"model": "systems weblogic server",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "9.2"
},
{
"_id": null,
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0.3"
},
{
"_id": null,
"model": "firewalll",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.4"
},
{
"_id": null,
"model": "one web proxy server",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "3.6"
},
{
"_id": null,
"model": "sdk 01a",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.3.1"
},
{
"_id": null,
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.15"
},
{
"_id": null,
"model": "system management homepage",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.7"
},
{
"_id": null,
"model": "beta",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.0"
},
{
"_id": null,
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.04"
},
{
"_id": null,
"model": "solaris 9 x86 update",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5"
},
{
"_id": null,
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.5"
},
{
"_id": null,
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.0.x"
},
{
"_id": null,
"model": "communications security ssh tectia manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "1.2"
},
{
"_id": null,
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.4"
},
{
"_id": null,
"model": "ace",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.5"
},
{
"_id": null,
"model": "network security services",
"scope": "ne",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.11.3"
},
{
"_id": null,
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.14"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.11"
},
{
"_id": null,
"model": "openbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "openbsd",
"version": "3.8"
},
{
"_id": null,
"model": "ons ios-based blades",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "15454"
},
{
"_id": null,
"model": "jre 004",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.2"
},
{
"_id": null,
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.23"
},
{
"_id": null,
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.07"
},
{
"_id": null,
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.3"
},
{
"_id": null,
"model": "rfid enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "2.1"
},
{
"_id": null,
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"_id": null,
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "6.0"
},
{
"_id": null,
"model": "project openssl d",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"_id": null,
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0"
},
{
"_id": null,
"model": "systems weblogic server for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.07"
},
{
"_id": null,
"model": "systems weblogic express for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.12"
},
{
"_id": null,
"model": "financials server",
"scope": "eq",
"trust": 0.3,
"vendor": "navision",
"version": "3.0"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "8.1"
},
{
"_id": null,
"model": "legion of the bouncy castle java cryptography api",
"scope": "eq",
"trust": 0.3,
"vendor": "the",
"version": "1.37"
},
{
"_id": null,
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.2"
},
{
"_id": null,
"model": "-stablepre2002-03-07",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.5"
},
{
"_id": null,
"model": "unified presence server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.0(2)"
},
{
"_id": null,
"model": "communications security ssh tectia server",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.0"
},
{
"_id": null,
"model": "communications security ssh tectia server for ibm z/os",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "5.2"
},
{
"_id": null,
"model": "communications security ssh tectia connector",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "5.1"
},
{
"_id": null,
"model": "thunderbird",
"scope": "ne",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.5.0.8"
},
{
"_id": null,
"model": "ffi cons banking",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "0"
},
{
"_id": null,
"model": "alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.0"
},
{
"_id": null,
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"_id": null,
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2(3)"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.9"
},
{
"_id": null,
"model": "java enterprise system 2004q2",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "securefx",
"scope": "eq",
"trust": 0.3,
"vendor": "van dyke",
"version": "4.0.2"
},
{
"_id": null,
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.1.1"
},
{
"_id": null,
"model": "java system web server sp7",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"_id": null,
"model": "project openssl f",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"_id": null,
"model": "ciscoworks common management foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2"
},
{
"_id": null,
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.01"
},
{
"_id": null,
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.2"
},
{
"_id": null,
"model": "linux enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "9"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.5.0.5"
},
{
"_id": null,
"model": "hp-ux b.11.11",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "software opera web browser 3win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.0"
},
{
"_id": null,
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.4"
},
{
"_id": null,
"model": "java web proxy server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "4.0"
},
{
"_id": null,
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.06"
},
{
"_id": null,
"model": "call manager es40",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"_id": null,
"model": "novell linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.0"
},
{
"_id": null,
"model": "jre 09",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.6"
},
{
"_id": null,
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.3"
},
{
"_id": null,
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "2.0.3"
},
{
"_id": null,
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0"
},
{
"_id": null,
"model": "software opera web browser 2win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.0"
},
{
"_id": null,
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "8.01"
},
{
"_id": null,
"model": "secure acs for windows server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.2"
},
{
"_id": null,
"model": "-stablepre050201",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.2"
},
{
"_id": null,
"model": "ids",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "appeon",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "2.8"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.5.0.7"
},
{
"_id": null,
"model": "software opera web browser win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "6.0.4"
},
{
"_id": null,
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"_id": null,
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0.2"
},
{
"_id": null,
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.4"
},
{
"_id": null,
"model": "bpi for healthcare",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "2.2.1"
},
{
"_id": null,
"model": "java web proxy server sp5",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "3.6"
},
{
"_id": null,
"model": "sdk .0 05",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.3"
},
{
"_id": null,
"model": "jre 003",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"_id": null,
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10.0x86"
},
{
"_id": null,
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"_id": null,
"model": "bind -p1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.2"
},
{
"_id": null,
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.2"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "9.0"
},
{
"_id": null,
"model": "series airespace wireless lan controller",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "40003.1.59.24"
},
{
"_id": null,
"model": "sdk",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.3"
},
{
"_id": null,
"model": "hardware management console for iseries r1.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0"
},
{
"_id": null,
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.5"
},
{
"_id": null,
"model": "open-enterprise-server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.0"
},
{
"_id": null,
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.20"
},
{
"_id": null,
"model": "unitedlinux",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "1.0"
},
{
"_id": null,
"model": "communications security ssh tectia server",
"scope": "ne",
"trust": 0.3,
"vendor": "ssh",
"version": "5.1.1"
},
{
"_id": null,
"model": "java system web server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"_id": null,
"model": "series airespace wireless lan controller",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "20003.1.59.24"
},
{
"_id": null,
"model": "linux personal x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"_id": null,
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.1"
},
{
"_id": null,
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.14"
},
{
"_id": null,
"model": "sdk .0 01",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.4"
},
{
"_id": null,
"model": "appliance server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "2.0"
},
{
"_id": null,
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "5.12"
},
{
"_id": null,
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0.193"
},
{
"_id": null,
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.10"
},
{
"_id": null,
"model": "call manager sr1",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"_id": null,
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4480"
},
{
"_id": null,
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.0"
},
{
"_id": null,
"model": "systems weblogic express for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.15"
},
{
"_id": null,
"model": "systems weblogic server for win32",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "9.0"
},
{
"_id": null,
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.6.4"
},
{
"_id": null,
"model": "iq",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "12.7"
},
{
"_id": null,
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "8.2"
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.0.2.2"
},
{
"_id": null,
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.2"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.10"
},
{
"_id": null,
"model": "ace",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0"
},
{
"_id": null,
"model": "s8300 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"_id": null,
"model": "systems weblogic express for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.14"
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.3.1"
},
{
"_id": null,
"model": "communications security ssh tectia server",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.3"
},
{
"_id": null,
"model": "jre .0 03",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.3"
},
{
"_id": null,
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.5"
},
{
"_id": null,
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.3.1"
},
{
"_id": null,
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0"
},
{
"_id": null,
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"_id": null,
"model": "mfolio",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "2.0"
},
{
"_id": null,
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.3.1"
},
{
"_id": null,
"model": "communications security ssh tectia server for ibm z/os",
"scope": "ne",
"trust": 0.3,
"vendor": "ssh",
"version": "5.2.1"
},
{
"_id": null,
"model": "enterprise linux ws ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"_id": null,
"model": "s8710 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"_id": null,
"model": "software opera web browser win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "5.11"
},
{
"_id": null,
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.3"
},
{
"_id": null,
"model": "bind rc1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"_id": null,
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.3"
},
{
"_id": null,
"model": "solaris 9 sparc",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "bind b1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"_id": null,
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2"
},
{
"_id": null,
"model": "jdk 003",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"_id": null,
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3"
},
{
"_id": null,
"model": "communications security ssh tectia",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "1.3"
},
{
"_id": null,
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.2"
},
{
"_id": null,
"model": "sip proxy server",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "secure acs for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.3.6.1"
},
{
"_id": null,
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.3"
},
{
"_id": null,
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.0"
},
{
"_id": null,
"model": "bind b2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"_id": null,
"model": "software opera web browser win32 beta",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.02"
},
{
"_id": null,
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.5"
},
{
"_id": null,
"model": "secure acs solution engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3.2"
},
{
"_id": null,
"model": "systems weblogic express",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "9.1"
},
{
"_id": null,
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.10"
},
{
"_id": null,
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.1"
},
{
"_id": null,
"model": "iq",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "12.6"
},
{
"_id": null,
"model": "firefox",
"scope": "ne",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.5.8"
},
{
"_id": null,
"model": "linux m68k",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"_id": null,
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0(2)"
},
{
"_id": null,
"model": "messaging storage server mm3.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"_id": null,
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.7"
},
{
"_id": null,
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"_id": null,
"model": "s8500 cm",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"_id": null,
"model": "network security services",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.11"
},
{
"_id": null,
"model": "hat enterprise linux as ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "2.1"
},
{
"_id": null,
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.7"
},
{
"_id": null,
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.4"
},
{
"_id": null,
"model": "ons mspp",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154540"
},
{
"_id": null,
"model": "jsse",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.0.3"
},
{
"_id": null,
"model": "current pre20010805",
"scope": null,
"trust": 0.3,
"vendor": "netbsd",
"version": null
},
{
"_id": null,
"model": "software opera web browser win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "6.0.2"
},
{
"_id": null,
"model": "java web proxy server",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "4.0"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"_id": null,
"model": "software opera web browser linux",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "5.0"
},
{
"_id": null,
"model": "call manager es55",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"_id": null,
"model": "eii avaki sdf",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.1"
},
{
"_id": null,
"model": "player build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.380004"
},
{
"_id": null,
"model": "legion of the bouncy castle java cryptography api",
"scope": "ne",
"trust": 0.3,
"vendor": "the",
"version": "1.38"
},
{
"_id": null,
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.2"
},
{
"_id": null,
"model": "linux alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"_id": null,
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5.1.657"
},
{
"_id": null,
"model": "software opera web browser linux",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "6.0.2"
},
{
"_id": null,
"model": "systems weblogic server",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "9.1"
},
{
"_id": null,
"model": "java system web server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.1"
},
{
"_id": null,
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.1"
},
{
"_id": null,
"model": "java web proxy server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "3.6"
},
{
"_id": null,
"model": "solaris update",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "95"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.3"
},
{
"_id": null,
"model": "solonde etl",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "4.0"
},
{
"_id": null,
"model": "jdk",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.1"
},
{
"_id": null,
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2006.0"
},
{
"_id": null,
"model": "project openssl beta1",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"_id": null,
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"_id": null,
"model": "iq",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "12.5"
},
{
"_id": null,
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.6"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.0.2"
},
{
"_id": null,
"model": "aura sip enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.0"
},
{
"_id": null,
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3"
},
{
"_id": null,
"model": "s8700 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"_id": null,
"model": "vshell",
"scope": "eq",
"trust": 0.3,
"vendor": "van dyke",
"version": "3.0"
},
{
"_id": null,
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.1.3"
},
{
"_id": null,
"model": "system management homepage",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.8"
},
{
"_id": null,
"model": "application control engine module",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "solaris 9 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "project openssl m",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"_id": null,
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"_id": null,
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.13"
},
{
"_id": null,
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.2"
},
{
"_id": null,
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.3"
},
{
"_id": null,
"model": "interactive response",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"_id": null,
"model": "easerver",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.1"
},
{
"_id": null,
"model": "java system web server",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"_id": null,
"model": "project openssl j",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"_id": null,
"model": "communications security ssh tectia server",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.4.3"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#723736"
},
{
"db": "CERT/CC",
"id": "VU#247744"
},
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#191336"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#594904"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "BID",
"id": "19849"
},
{
"db": "CNNVD",
"id": "CNNVD-200903-494"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-002716"
},
{
"db": "NVD",
"id": "CVE-2007-6721"
}
]
},
"configurations": {
"_id": null,
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:bouncycastle:bouncy-castle-crypto-package",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:bouncycastle:legion-of-the-bouncy-castle-java-crytography-api",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2009-002716"
}
]
},
"credits": {
"_id": null,
"data": "Dr. S. N. Henson NISCC uniras@niscc.gov.uk",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200903-494"
}
],
"trust": 0.6
},
"cve": "CVE-2007-6721",
"cvss": {
"_id": null,
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2007-6721",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2007-6721",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#247744",
"trust": 0.8,
"value": "0.28"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#386964",
"trust": 0.8,
"value": "0.32"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#191336",
"trust": 0.8,
"value": "0.34"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#845620",
"trust": 0.8,
"value": "7.56"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#594904",
"trust": 0.8,
"value": "0.63"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#547300",
"trust": 0.8,
"value": "2.53"
},
{
"author": "NVD",
"id": "CVE-2007-6721",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-200903-494",
"trust": 0.6,
"value": "CRITICAL"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#247744"
},
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#191336"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#594904"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "CNNVD",
"id": "CNNVD-200903-494"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-002716"
},
{
"db": "NVD",
"id": "CVE-2007-6721"
}
]
},
"description": {
"_id": null,
"data": "The Legion of the Bouncy Castle Java Cryptography API before release 1.38, as used in Crypto Provider Package before 1.36, has unknown impact and remote attack vectors related to \"a Bleichenbacher vulnerability in simple RSA CMS signatures without signed attributes.\". Wireshark contains a vulnerability in the XOT dissector that may cause the application to crash. A flaw in the OpenSSL library could allow a remote attacker to cause a denial of service on an affected application. A buffer overflow in certain Apple AirPort drivers may allow an attacker to execute arbitrary code with system privileges, or create a denial-of-service condition. Multiple RSA implementations fail to properly handle RSA signatures. This vulnerability may allow an attacker to forge RSA signatures. \nAn attacker may exploit this issue to sign digital certificates or RSA keys and take advantage of trust relationships that depend on these credentials, possibly posing as a trusted party and signing a certificate or key. \nAll versions prior to and including OpenSSL 0.9.7j and 0.9.8b are affected by this vulnerability. Updates are available. \n\n----------------------------------------------------------------------\n\nTo improve our services to our customers, we have made a number of\nadditions to the Secunia Advisories and have started translating the\nadvisories to German. \n\nThe improvements will help our customers to get a better\nunderstanding of how we reached our conclusions, how it was rated,\nour thoughts on exploitation, attack vectors, and scenarios. \n\nThis includes:\n* Reason for rating\n* Extended description\n* Extended solution\n* Exploit code or links to exploit code\n* Deep links\n\nRead the full description:\nhttp://corporate.secunia.com/products/48/?r=l\n\nContact Secunia Sales for more information:\nhttp://corporate.secunia.com/how_to_buy/15/?r=l\n\n----------------------------------------------------------------------\n\nTITLE:\nApple Airport Probe Response Kernel Memory Corruption Vulnerability\n\nSECUNIA ADVISORY ID:\nSA22679\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/22679/\n\nCRITICAL:\nModerately critical\n\nIMPACT:\nDoS, System access\n\nWHERE:\n\u003eFrom remote\n\nOPERATING SYSTEM:\nApple Macintosh OS X\nhttp://secunia.com/product/96/\n\nDESCRIPTION:\nH.D. Moore has reported a vulnerability in the Apple Airport driver,\nwhich potentially can be exploited by malicious people to compromise\na vulnerable system. \n\nThe vulnerability is caused due to an error in the Airport driver\nprovided with Orinoco-based Airport cards when handling probe\nresponse frames. This can be exploited to overwrite kernel memory and\npotentially execute arbitrary code when the driver is running in\nactive scanning mode. \n\nThe vulnerability is reported in the driver on a PowerBook running\nversion 10.4.8. \n\nSOLUTION:\nDo not place the card into active scanning mode. \n\nPROVIDED AND/OR DISCOVERED BY:\nH D Moore\n\nORIGINAL ADVISORY:\nhttp://projects.info-pull.com/mokb/MOKB-01-11-2006.html\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2007-6721"
},
{
"db": "CERT/CC",
"id": "VU#723736"
},
{
"db": "CERT/CC",
"id": "VU#247744"
},
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#191336"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#594904"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-002716"
},
{
"db": "BID",
"id": "19849"
},
{
"db": "PACKETSTORM",
"id": "51595"
}
],
"trust": 7.02
},
"external_ids": {
"_id": null,
"data": [
{
"db": "NVD",
"id": "CVE-2007-6721",
"trust": 2.7
},
{
"db": "SECUNIA",
"id": "23280",
"trust": 2.4
},
{
"db": "SECUNIA",
"id": "23309",
"trust": 2.4
},
{
"db": "BID",
"id": "22083",
"trust": 2.4
},
{
"db": "SECUNIA",
"id": "22259",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "23155",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "22094",
"trust": 1.6
},
{
"db": "OSVDB",
"id": "50358",
"trust": 1.6
},
{
"db": "OSVDB",
"id": "50360",
"trust": 1.6
},
{
"db": "OSVDB",
"id": "50359",
"trust": 1.6
},
{
"db": "CERT/CC",
"id": "VU#845620",
"trust": 1.1
},
{
"db": "CERT/CC",
"id": "VU#594904",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "22679",
"trust": 0.9
},
{
"db": "BID",
"id": "20762",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "22692",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "22672",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "22797",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "22841",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "22929",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "22590",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "22659",
"trust": 0.8
},
{
"db": "CERT/CC",
"id": "VU#723736",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "23340",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "22671",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "23351",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "22385",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "23131",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "22544",
"trust": 0.8
},
{
"db": "CERT/CC",
"id": "VU#247744",
"trust": 0.8
},
{
"db": "BID",
"id": "20246",
"trust": 0.8
},
{
"db": "CERT/CC",
"id": "VU#386964",
"trust": 0.8
},
{
"db": "CERT/CC",
"id": "VU#191336",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "21709",
"trust": 0.8
},
{
"db": "SECTRACK",
"id": "1017143",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "22646",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "22207",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "22212",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "22116",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "22216",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "22220",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "22330",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "22130",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "22240",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "22260",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "22165",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "22166",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "22172",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "22284",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "22186",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "22193",
"trust": 0.8
},
{
"db": "BID",
"id": "20249",
"trust": 0.8
},
{
"db": "SECTRACK",
"id": "1016943",
"trust": 0.8
},
{
"db": "XF",
"id": "29237",
"trust": 0.8
},
{
"db": "CERT/CC",
"id": "VU#547300",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2009-002716",
"trust": 0.8
},
{
"db": "MLIST",
"id": "[DEV-CRYPTO] 20071109 BOUNCY CASTLE CRYPTO PROVIDER PACKAGE VERSION 1.36 NOW AVAILABLE",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-200903-494",
"trust": 0.6
},
{
"db": "BID",
"id": "19849",
"trust": 0.3
},
{
"db": "PACKETSTORM",
"id": "51595",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#723736"
},
{
"db": "CERT/CC",
"id": "VU#247744"
},
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#191336"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#594904"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "BID",
"id": "19849"
},
{
"db": "PACKETSTORM",
"id": "51595"
},
{
"db": "CNNVD",
"id": "CNNVD-200903-494"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-002716"
},
{
"db": "NVD",
"id": "CVE-2007-6721"
}
]
},
"id": "VAR-200110-0170",
"iot": {
"_id": null,
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.24822762333333337
},
"last_update_date": "2026-04-10T22:39:12.079000Z",
"patch": {
"_id": null,
"data": [
{
"title": "msg08195",
"trust": 0.8,
"url": "http://www.bouncycastle.org/devmailarchive/msg08195.html"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2009-002716"
}
]
},
"problemtype_data": {
"_id": null,
"data": [
{
"problemtype": "NVD-CWE-noinfo",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2007-6721"
}
]
},
"references": {
"_id": null,
"data": [
{
"trust": 2.4,
"url": "http://www.openssl.org/news/secadv_20060928.txt"
},
{
"trust": 2.4,
"url": "http://secunia.com/advisories/23280/"
},
{
"trust": 2.4,
"url": "http://secunia.com/advisories/23309/"
},
{
"trust": 2.4,
"url": "http://www.securityfocus.com/bid/22083"
},
{
"trust": 1.9,
"url": "http://freshmeat.net/projects/bouncycastlecryptoapi/releases/265580"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/23155/"
},
{
"trust": 1.6,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102668-1"
},
{
"trust": 1.6,
"url": "http://www.bouncycastle.org/devmailarchive/msg08195.html"
},
{
"trust": 1.6,
"url": "http://www.bouncycastle.org/csharp/"
},
{
"trust": 1.6,
"url": "http://www.osvdb.org/50360"
},
{
"trust": 1.6,
"url": "http://www.osvdb.org/50359"
},
{
"trust": 1.6,
"url": "http://www.osvdb.org/50358"
},
{
"trust": 1.6,
"url": "http://www.bouncycastle.org/releasenotes.html"
},
{
"trust": 1.1,
"url": "http://docs.info.apple.com/article.html?artnum=304829"
},
{
"trust": 1.1,
"url": "http://www.imc.org/ietf-openpgp/mail-archive/msg14307.html"
},
{
"trust": 0.9,
"url": "http://secunia.com/advisories/22679/"
},
{
"trust": 0.9,
"url": "http://projects.info-pull.com/mokb/mokb-01-11-2006.html"
},
{
"trust": 0.8,
"url": "http://www.wireshark.org/security/wnpa-sec-2006-03.html "
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/20762 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22590 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22659/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22672/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22692/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22797/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22841/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22929/"
},
{
"trust": 0.8,
"url": "http://www.openssl.org/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/23131/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22544/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22385/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22671/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/23340/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22094/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22259/"
},
{
"trust": 0.8,
"url": "http://www.f-secure.com/security/fsc-2006-6.shtml"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/23351/"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnvu%23386964/index.html"
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/20246"
},
{
"trust": 0.8,
"url": "http://standards.ieee.org/announcements/pr_frames.html"
},
{
"trust": 0.8,
"url": "http://www.matasano.com/log/469/many-rsa-signatures-may-be-forgeable-in-openssl-and-elsewhere/"
},
{
"trust": 0.8,
"url": "http://www.openssl.org/news/secadv_20060905.txt "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/21709/"
},
{
"trust": 0.8,
"url": "http://www.rsasecurity.com/rsalabs/node.asp?id=2125"
},
{
"trust": 0.8,
"url": "http://www.ietf.org/rfc/rfc3447.txt"
},
{
"trust": 0.8,
"url": "http://www.sun.com/software/products/appsrvr/index.xml"
},
{
"trust": 0.8,
"url": "http://www.sun.com/download/products.xml?id=438cfb75"
},
{
"trust": 0.8,
"url": "http://www.sun.com/download/products.xml?id=43a84f89"
},
{
"trust": 0.8,
"url": "http://www.mozilla.org/projects/security/pki/nss/"
},
{
"trust": 0.8,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102670-1 "
},
{
"trust": 0.8,
"url": "http://en.wikipedia.org/wiki/ssl"
},
{
"trust": 0.8,
"url": "http://www.frsirt.com/english/advisories/2006/4299 "
},
{
"trust": 0.8,
"url": "http://securitytracker.com/id?1017143 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22646 "
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnvu%23547300/index.html"
},
{
"trust": 0.8,
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-september/049715.html "
},
{
"trust": 0.8,
"url": "https://issues.rpath.com/browse/rpl-613 "
},
{
"trust": 0.8,
"url": "http://www.openssl.org/news/secadv_20060928.txt "
},
{
"trust": 0.8,
"url": "http://kolab.org/security/kolab-vendor-notice-11.txt "
},
{
"trust": 0.8,
"url": "http://openvpn.net/changelog.html "
},
{
"trust": 0.8,
"url": "http://www.serv-u.com/releasenotes/ "
},
{
"trust": 0.8,
"url": "http://openbsd.org/errata.html#openssl2 "
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/20249 "
},
{
"trust": 0.8,
"url": "http://securitytracker.com/id?1016943 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22130 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22094 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22165 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22186 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22193 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22207 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22259 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22260 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22166 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22172 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22212 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22240 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22216 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22116 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22220 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22284 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22330 "
},
{
"trust": 0.8,
"url": "http://xforce.iss.net/xforce/xfdb/29237 "
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-6721"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2007-6721"
},
{
"trust": 0.6,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102656-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18\u0026id=3117"
},
{
"trust": 0.3,
"url": "http://support.avaya.com/elmodocs2/security/asa-2006-188.htm"
},
{
"trust": 0.3,
"url": "http://support.avaya.com/elmodocs2/security/asa-2006-196.htm"
},
{
"trust": 0.3,
"url": "http://support.avaya.com/elmodocs2/security/asa-2006-224.htm"
},
{
"trust": 0.3,
"url": "http://support.avaya.com/elmodocs2/security/asa-2006-246.htm"
},
{
"trust": 0.3,
"url": "http://www.isc.org/index.pl?/sw/bind/bind9.4-beta.php"
},
{
"trust": 0.3,
"url": "http://marc.theaimsgroup.com/?l=bind-announce\u0026m=116253119512445\u0026w=2"
},
{
"trust": 0.3,
"url": "http://www.bluecoat.com"
},
{
"trust": 0.3,
"url": "http://www.cisco.com/warp/public/707/cisco-air-20061108-openssl.shtml"
},
{
"trust": 0.3,
"url": "http://www.cisco.com/warp/public/707/cisco-sr-20061108-openssl.shtml"
},
{
"trust": 0.3,
"url": "http://www.oracle.com/technology/deploy/security/critical-patch-updates/cpujan2007.html"
},
{
"trust": 0.3,
"url": "http://www.cdc.informatik.tu-darmstadt.de/securebrowser/"
},
{
"trust": 0.3,
"url": "http://www.ipcop.org/modules.php?op=modload\u0026name=news\u0026file=article\u0026sid=31\u0026mode=thread\u0026order=0\u0026thold=0"
},
{
"trust": 0.3,
"url": "http://www.mozilla.org/security/announce/2006/mfsa2006-60.html"
},
{
"trust": 0.3,
"url": "http://www.mozilla.org/security/announce/2006/mfsa2006-66.html"
},
{
"trust": 0.3,
"url": "ftp://ftp.netbsd.org/pub/netbsd/security/advisories/netbsd-sa2006-023.txt.asc"
},
{
"trust": 0.3,
"url": "http://support.attachmate.com/techdocs/2137.html"
},
{
"trust": 0.3,
"url": "http://www.ingate.com/relnote-451.php"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2006-0735.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2006-0661.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2006-0675.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2006-0676.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2006-0677.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2006-0733.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2006-0734.html"
},
{
"trust": 0.3,
"url": "http://www.openssl.org/news/secadv_20060905.txt"
},
{
"trust": 0.3,
"url": "http://www.ssh.com/company/news/2006/english/security/article/786/"
},
{
"trust": 0.3,
"url": "http://www.arkoon.fr/upload/alertes/44ak-2006-04-en-1.1_ssl360_openssl_rsa.pdf"
},
{
"trust": 0.3,
"url": "http://www1.vandyke.com/support/advisory/2007/01/845620.html"
},
{
"trust": 0.3,
"url": "http://www.openoffice.org/security/cves/cve-2006-4339.html"
},
{
"trust": 0.3,
"url": "http://www.bluecoat.com/support/knowledge/openssl_rsa_signature_forgery.html"
},
{
"trust": 0.3,
"url": "http://www.slackware.com/security/list.php?l=slackware-security\u0026y=2006"
},
{
"trust": 0.3,
"url": "http://www.cyberguard.info/snapgear/releases.html"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102657-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102696-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102722-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102744-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102648-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "http://www.vmware.com/support/server/doc/releasenotes_server.html"
},
{
"trust": 0.3,
"url": "http://www.kb.cert.org/vuls/id/845620"
},
{
"trust": 0.3,
"url": "/archive/1/446038"
},
{
"trust": 0.3,
"url": "http://docs.info.apple.com/article.html?artnum=307177"
},
{
"trust": 0.3,
"url": "http://support.avaya.com/elmodocs2/security/asa-2007-091.htm"
},
{
"trust": 0.3,
"url": "http://support.avaya.com/elmodocs2/security/asa-2006-250.htm"
},
{
"trust": 0.3,
"url": "https://www.itrc.hp.com/service/cki/docdisplay.do?docid=emr_na-c02475053"
},
{
"trust": 0.3,
"url": "http://www2.itrc.hp.com/service/cki/docdisplay.do?admit=-1335382922+1174502331230+28353475\u0026docid=c00774579"
},
{
"trust": 0.3,
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-january/051708.html"
},
{
"trust": 0.3,
"url": "https://rhn.redhat.com/errata/rhsa-2007-0062.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2007-0072.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0264.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0525.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0629.html"
},
{
"trust": 0.3,
"url": "https://secure-support.novell.com/kanisaplatform/publishing/41/3143224_f.sal_public.html"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-200708-1"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102759-1"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102759-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102781-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "http://www.sybase.com/detail?id=1047991"
},
{
"trust": 0.3,
"url": "http://www.kb.cert.org/vuls/id/594904"
},
{
"trust": 0.1,
"url": "http://secunia.com/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://corporate.secunia.com/products/48/?r=l"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/96/"
},
{
"trust": 0.1,
"url": "http://corporate.secunia.com/how_to_buy/15/?r=l"
},
{
"trust": 0.1,
"url": "http://secunia.com/about_secunia_advisories/"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#723736"
},
{
"db": "CERT/CC",
"id": "VU#247744"
},
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#191336"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#594904"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "BID",
"id": "19849"
},
{
"db": "PACKETSTORM",
"id": "51595"
},
{
"db": "CNNVD",
"id": "CNNVD-200903-494"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-002716"
},
{
"db": "NVD",
"id": "CVE-2007-6721"
}
]
},
"sources": {
"_id": null,
"data": [
{
"db": "CERT/CC",
"id": "VU#723736",
"ident": null
},
{
"db": "CERT/CC",
"id": "VU#247744",
"ident": null
},
{
"db": "CERT/CC",
"id": "VU#386964",
"ident": null
},
{
"db": "CERT/CC",
"id": "VU#191336",
"ident": null
},
{
"db": "CERT/CC",
"id": "VU#845620",
"ident": null
},
{
"db": "CERT/CC",
"id": "VU#594904",
"ident": null
},
{
"db": "CERT/CC",
"id": "VU#547300",
"ident": null
},
{
"db": "BID",
"id": "19849",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "51595",
"ident": null
},
{
"db": "CNNVD",
"id": "CNNVD-200903-494",
"ident": null
},
{
"db": "JVNDB",
"id": "JVNDB-2009-002716",
"ident": null
},
{
"db": "NVD",
"id": "CVE-2007-6721",
"ident": null
}
]
},
"sources_release_date": {
"_id": null,
"data": [
{
"date": "2006-11-30T00:00:00",
"db": "CERT/CC",
"id": "VU#723736",
"ident": null
},
{
"date": "2006-09-28T00:00:00",
"db": "CERT/CC",
"id": "VU#247744",
"ident": null
},
{
"date": "2006-09-28T00:00:00",
"db": "CERT/CC",
"id": "VU#386964",
"ident": null
},
{
"date": "2006-11-30T00:00:00",
"db": "CERT/CC",
"id": "VU#191336",
"ident": null
},
{
"date": "2006-09-11T00:00:00",
"db": "CERT/CC",
"id": "VU#845620",
"ident": null
},
{
"date": "2007-02-08T00:00:00",
"db": "CERT/CC",
"id": "VU#594904",
"ident": null
},
{
"date": "2006-09-28T00:00:00",
"db": "CERT/CC",
"id": "VU#547300",
"ident": null
},
{
"date": "2006-09-05T00:00:00",
"db": "BID",
"id": "19849",
"ident": null
},
{
"date": "2006-11-03T00:05:01",
"db": "PACKETSTORM",
"id": "51595",
"ident": null
},
{
"date": "2001-10-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200903-494",
"ident": null
},
{
"date": "2012-06-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2009-002716",
"ident": null
},
{
"date": "2009-03-30T01:30:00.217000",
"db": "NVD",
"id": "CVE-2007-6721",
"ident": null
}
]
},
"sources_update_date": {
"_id": null,
"data": [
{
"date": "2006-12-20T00:00:00",
"db": "CERT/CC",
"id": "VU#723736",
"ident": null
},
{
"date": "2007-02-09T00:00:00",
"db": "CERT/CC",
"id": "VU#247744",
"ident": null
},
{
"date": "2011-07-22T00:00:00",
"db": "CERT/CC",
"id": "VU#386964",
"ident": null
},
{
"date": "2006-11-30T00:00:00",
"db": "CERT/CC",
"id": "VU#191336",
"ident": null
},
{
"date": "2007-02-08T00:00:00",
"db": "CERT/CC",
"id": "VU#845620",
"ident": null
},
{
"date": "2007-02-09T00:00:00",
"db": "CERT/CC",
"id": "VU#594904",
"ident": null
},
{
"date": "2011-07-22T00:00:00",
"db": "CERT/CC",
"id": "VU#547300",
"ident": null
},
{
"date": "2015-03-19T08:19:00",
"db": "BID",
"id": "19849",
"ident": null
},
{
"date": "2009-03-30T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200903-494",
"ident": null
},
{
"date": "2012-06-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2009-002716",
"ident": null
},
{
"date": "2025-05-12T17:37:16.527000",
"db": "NVD",
"id": "CVE-2007-6721",
"ident": null
}
]
},
"threat_type": {
"_id": null,
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200903-494"
}
],
"trust": 0.6
},
"title": {
"_id": null,
"data": "Wireshark contains an unspecified vulnerability in the XOT dissector",
"sources": [
{
"db": "CERT/CC",
"id": "VU#723736"
}
],
"trust": 0.8
},
"type": {
"_id": null,
"data": "lack of information",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200903-494"
}
],
"trust": 0.6
}
}
VAR-200309-0035
Vulnerability from variot - Updated: 2026-04-10 22:38A "buffer management error" in buffer_append_space of buffer.c for OpenSSH before 3.7 may allow remote attackers to execute arbitrary code by causing an incorrect amount of memory to be freed and corrupting the heap, a different vulnerability than CVE-2003-0695. While the full impact of these vulnerabilities are unclear, they may lead to memory corruption and a denial-of-service situation. ------------ This vulnerability information is a summary of multiple vulnerabilities released at the same time. Please note that the contents of vulnerability information other than the title are included. ------------ OpenSSH Project More distributed OpenSSH 3.7 (Portable Edition OpenSSH 3.7p1) Previously, there were deficiencies in buffer management. If a remote attacker receives a packet of a deliberate length that frees other nearby areas when releasing the buffer, the heap area can be destroyed. As a result, remote attackers who exploit this issue sshd Can be put into a denial of service, and arbitrary code execution has been suggested. The routine in which the problem exists is OpenSSH Others that are using similar routines since being used since the initial release of SSH The implementation of may also be affected. SSH Secure Shell/Ciso IOS Has been reported by the vendor to be unaffected by this issue. Also, F-Secure SSH about, 1.3.14 (for Unix) Previously affected, 2.x Since then, the vendor has reported that it will not be affected. Initially this problem (CAN-2003-0693) Is buffer.c Inside buffer_append_space() Discovered in the function, OpenSSH 3.7p1 It was solved with. However, since a similar problem was discovered in other places after that, this problem was solved. OpenSSH 3.7.1p1 Has been released. (CAN-2003-0695) In addition, memory management issues that are different from the above issues (CAN-2003-0682) Has also been reported, OpenSSH 3.7.1p2 It can be solved by updating to. still, Red Hat Linux About the vendor 2003 Year 9 Moon 17 Advisory published by date (RHSA-2003:279-17) Indicated in RPM Updates to the package, Turboinux About the vendor 2003 Year 9 Moon 24 Advisory published on date (TLSA-2003-53) All of these issues are due to updates to the packages indicated in (CAN-2003-0682/CAN-2003-0693/CAN-2003-0695) Can be eliminated.Please refer to the “Overview” for the impact of this vulnerability. The issue may cause a denial of service. This condition can reportedly be triggered by an overly large packet. There are also unconfirmed rumors of an exploit for this vulnerability circulating in the wild. OpenSSH has revised their advisory, pointing out a similar issue in the 'channels.c' source file and an additional issue in 'buffer.c'. Solar Designer has also reportedly pointed out additional instances of the problem that may also present vulnerabilities
Show details on source website{
"affected_products": {
"_id": null,
"data": [
{
"_id": null,
"model": "catos",
"scope": "eq",
"trust": 3.3,
"vendor": "cisco",
"version": "5.5"
},
{
"_id": null,
"model": "catos",
"scope": "eq",
"trust": 2.7,
"vendor": "cisco",
"version": "6.1"
},
{
"_id": null,
"model": "catos csx",
"scope": "eq",
"trust": 2.4,
"vendor": "cisco",
"version": "5.3"
},
{
"_id": null,
"model": "catalyst csx",
"scope": "eq",
"trust": 2.4,
"vendor": "cisco",
"version": "60005.3"
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "mandriva",
"version": null
},
{
"_id": null,
"model": "catos",
"scope": "eq",
"trust": 1.2,
"vendor": "cisco",
"version": "6.3"
},
{
"_id": null,
"model": "catos csx",
"scope": "eq",
"trust": 1.2,
"vendor": "cisco",
"version": "5.2"
},
{
"_id": null,
"model": "openssh",
"scope": "lte",
"trust": 1.0,
"vendor": "openbsd",
"version": "3.7"
},
{
"_id": null,
"model": "catos",
"scope": "eq",
"trust": 0.9,
"vendor": "cisco",
"version": "6.2"
},
{
"_id": null,
"model": "catos",
"scope": "eq",
"trust": 0.9,
"vendor": "cisco",
"version": "5.4"
},
{
"_id": null,
"model": "catos",
"scope": "eq",
"trust": 0.9,
"vendor": "cisco",
"version": "5.1"
},
{
"_id": null,
"model": "catos",
"scope": "eq",
"trust": 0.9,
"vendor": "cisco",
"version": "4.5"
},
{
"_id": null,
"model": "catalyst",
"scope": "eq",
"trust": 0.9,
"vendor": "cisco",
"version": "60006.1"
},
{
"_id": null,
"model": "catalyst",
"scope": "eq",
"trust": 0.9,
"vendor": "cisco",
"version": "60005.5"
},
{
"_id": null,
"model": "catalyst",
"scope": "eq",
"trust": 0.9,
"vendor": "cisco",
"version": "50006.1"
},
{
"_id": null,
"model": "catalyst",
"scope": "eq",
"trust": 0.9,
"vendor": "cisco",
"version": "40006.1"
},
{
"_id": null,
"model": "catalyst",
"scope": "eq",
"trust": 0.9,
"vendor": "cisco",
"version": "40005.1"
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "appgate network security ab",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "apple computer",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "cray",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "cyclades",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "debian linux",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "f secure",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "foundry",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "guardian digital",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ibm eserver",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ingrian",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "mirapoint",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "netbsd",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "network appliance",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "nokia",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "openpkg",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "openssh",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "openwall gnu linux",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "red hat",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "riverstone",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sco",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "suse linux",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "slackware",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sun microsystems",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "tfs",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "trustix secure linux",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "vmware",
"version": null
},
{
"_id": null,
"model": "openssh",
"scope": "eq",
"trust": 0.8,
"vendor": "openbsd",
"version": "3.7.1p1"
},
{
"_id": null,
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "1.1"
},
{
"_id": null,
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "2.0"
},
{
"_id": null,
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "2.1"
},
{
"_id": null,
"model": "cobalt raq550",
"scope": null,
"trust": 0.8,
"vendor": "sun microsystems",
"version": null
},
{
"_id": null,
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "9 (sparc)"
},
{
"_id": null,
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "9 (x86)"
},
{
"_id": null,
"model": "turbolinux server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "6.5"
},
{
"_id": null,
"model": "turbolinux server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "7"
},
{
"_id": null,
"model": "turbolinux server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "8"
},
{
"_id": null,
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "11.00"
},
{
"_id": null,
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "11.04"
},
{
"_id": null,
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "11.11"
},
{
"_id": null,
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "11.22"
},
{
"_id": null,
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "11.23"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "7.1"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "7.2"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "7.3"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "8.0"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "9"
},
{
"_id": null,
"model": "catos",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "7.1"
},
{
"_id": null,
"model": "catos csx",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "5.1"
},
{
"_id": null,
"model": "catalyst",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "50005.1"
},
{
"_id": null,
"model": "catalyst",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "50004.5"
},
{
"_id": null,
"model": "catalyst",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "40005.5"
},
{
"_id": null,
"model": "catalyst",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "40005.2"
},
{
"_id": null,
"model": "openssh",
"scope": "eq",
"trust": 0.6,
"vendor": "openbsd",
"version": "3.7"
},
{
"_id": null,
"model": "solaris 9 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "solaris",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "9"
},
{
"_id": null,
"model": "cobalt raq",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "550"
},
{
"_id": null,
"model": "stonegate",
"scope": "eq",
"trust": 0.3,
"vendor": "stonesoft",
"version": "2.2.1"
},
{
"_id": null,
"model": "stonegate",
"scope": "eq",
"trust": 0.3,
"vendor": "stonesoft",
"version": "2.2"
},
{
"_id": null,
"model": "stonegate",
"scope": "eq",
"trust": 0.3,
"vendor": "stonesoft",
"version": "2.1"
},
{
"_id": null,
"model": "stonegate",
"scope": "eq",
"trust": 0.3,
"vendor": "stonesoft",
"version": "2.0.9"
},
{
"_id": null,
"model": "stonegate",
"scope": "eq",
"trust": 0.3,
"vendor": "stonesoft",
"version": "2.0.8"
},
{
"_id": null,
"model": "stonegate",
"scope": "eq",
"trust": 0.3,
"vendor": "stonesoft",
"version": "2.0.7"
},
{
"_id": null,
"model": "stonegate",
"scope": "eq",
"trust": 0.3,
"vendor": "stonesoft",
"version": "2.0.6"
},
{
"_id": null,
"model": "stonegate",
"scope": "eq",
"trust": 0.3,
"vendor": "stonesoft",
"version": "2.0.5"
},
{
"_id": null,
"model": "stonegate",
"scope": "eq",
"trust": 0.3,
"vendor": "stonesoft",
"version": "2.0.4"
},
{
"_id": null,
"model": "stonegate",
"scope": "eq",
"trust": 0.3,
"vendor": "stonesoft",
"version": "2.0.1"
},
{
"_id": null,
"model": "stonegate",
"scope": "eq",
"trust": 0.3,
"vendor": "stonesoft",
"version": "1.7.2"
},
{
"_id": null,
"model": "stonegate",
"scope": "eq",
"trust": 0.3,
"vendor": "stonesoft",
"version": "1.7.1"
},
{
"_id": null,
"model": "stonegate",
"scope": "eq",
"trust": 0.3,
"vendor": "stonesoft",
"version": "1.7"
},
{
"_id": null,
"model": "stonegate",
"scope": "eq",
"trust": 0.3,
"vendor": "stonesoft",
"version": "1.6.3"
},
{
"_id": null,
"model": "stonegate",
"scope": "eq",
"trust": 0.3,
"vendor": "stonesoft",
"version": "1.6.2"
},
{
"_id": null,
"model": "stonegate",
"scope": "eq",
"trust": 0.3,
"vendor": "stonesoft",
"version": "1.5.18"
},
{
"_id": null,
"model": "stonegate",
"scope": "eq",
"trust": 0.3,
"vendor": "stonesoft",
"version": "1.5.17"
},
{
"_id": null,
"model": "os",
"scope": "eq",
"trust": 0.3,
"vendor": "snapgear",
"version": "1.8.4"
},
{
"_id": null,
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.22"
},
{
"_id": null,
"model": "irix m",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.21"
},
{
"_id": null,
"model": "irix f",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.21"
},
{
"_id": null,
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.21"
},
{
"_id": null,
"model": "irix m",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.20"
},
{
"_id": null,
"model": "irix f",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.20"
},
{
"_id": null,
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.20"
},
{
"_id": null,
"model": "irix m",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.19"
},
{
"_id": null,
"model": "irix f",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.19"
},
{
"_id": null,
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.19"
},
{
"_id": null,
"model": "open server",
"scope": "eq",
"trust": 0.3,
"vendor": "sco",
"version": "5.0.7"
},
{
"_id": null,
"model": "openssh-server-3.5p1-6.i386.rpm",
"scope": null,
"trust": 0.3,
"vendor": "redhat",
"version": null
},
{
"_id": null,
"model": "openssh-server-3.4p1-2.i386.rpm",
"scope": null,
"trust": 0.3,
"vendor": "redhat",
"version": null
},
{
"_id": null,
"model": "openssh-server-3.1p1-3.i386.rpm",
"scope": null,
"trust": 0.3,
"vendor": "redhat",
"version": null
},
{
"_id": null,
"model": "openssh-server-2.9p2-7.ia64.rpm",
"scope": null,
"trust": 0.3,
"vendor": "redhat",
"version": null
},
{
"_id": null,
"model": "openssh-server-2.9p2-7.i386.rpm",
"scope": null,
"trust": 0.3,
"vendor": "redhat",
"version": null
},
{
"_id": null,
"model": "openssh-server-2.5.2p2-5.i386.rpm",
"scope": null,
"trust": 0.3,
"vendor": "redhat",
"version": null
},
{
"_id": null,
"model": "openssh-clients-3.5p1-6.i386.rpm",
"scope": null,
"trust": 0.3,
"vendor": "redhat",
"version": null
},
{
"_id": null,
"model": "openssh-clients-3.4p1-2.i386.rpm",
"scope": null,
"trust": 0.3,
"vendor": "redhat",
"version": null
},
{
"_id": null,
"model": "openssh-clients-3.1p1-3.i386.rpm",
"scope": null,
"trust": 0.3,
"vendor": "redhat",
"version": null
},
{
"_id": null,
"model": "openssh-clients-2.9p2-7.ia64.rpm",
"scope": null,
"trust": 0.3,
"vendor": "redhat",
"version": null
},
{
"_id": null,
"model": "openssh-clients-2.9p2-7.i386.rpm",
"scope": null,
"trust": 0.3,
"vendor": "redhat",
"version": null
},
{
"_id": null,
"model": "openssh-clients-2.5.2p2-5.i386.rpm",
"scope": null,
"trust": 0.3,
"vendor": "redhat",
"version": null
},
{
"_id": null,
"model": "openssh-askpass-gnome-3.5p1-6.i386.rpm",
"scope": null,
"trust": 0.3,
"vendor": "redhat",
"version": null
},
{
"_id": null,
"model": "openssh-askpass-gnome-3.4p1-2.i386.rpm",
"scope": null,
"trust": 0.3,
"vendor": "redhat",
"version": null
},
{
"_id": null,
"model": "openssh-askpass-gnome-3.1p1-3.i386.rpm",
"scope": null,
"trust": 0.3,
"vendor": "redhat",
"version": null
},
{
"_id": null,
"model": "openssh-askpass-gnome-2.9p2-7.ia64.rpm",
"scope": null,
"trust": 0.3,
"vendor": "redhat",
"version": null
},
{
"_id": null,
"model": "openssh-askpass-gnome-2.9p2-7.i386.rpm",
"scope": null,
"trust": 0.3,
"vendor": "redhat",
"version": null
},
{
"_id": null,
"model": "openssh-askpass-gnome-2.5.2p2-5.i386.rpm",
"scope": null,
"trust": 0.3,
"vendor": "redhat",
"version": null
},
{
"_id": null,
"model": "openssh-askpass-3.5p1-6.i386.rpm",
"scope": null,
"trust": 0.3,
"vendor": "redhat",
"version": null
},
{
"_id": null,
"model": "openssh-askpass-3.4p1-2.i386.rpm",
"scope": null,
"trust": 0.3,
"vendor": "redhat",
"version": null
},
{
"_id": null,
"model": "openssh-askpass-3.1p1-3.i386.rpm",
"scope": null,
"trust": 0.3,
"vendor": "redhat",
"version": null
},
{
"_id": null,
"model": "openssh-askpass-2.9p2-7.ia64.rpm",
"scope": null,
"trust": 0.3,
"vendor": "redhat",
"version": null
},
{
"_id": null,
"model": "openssh-askpass-2.9p2-7.i386.rpm",
"scope": null,
"trust": 0.3,
"vendor": "redhat",
"version": null
},
{
"_id": null,
"model": "openssh-askpass-2.5.2p2-5.i386.rpm",
"scope": null,
"trust": 0.3,
"vendor": "redhat",
"version": null
},
{
"_id": null,
"model": "openssh-3.5p1-6.i386.rpm",
"scope": null,
"trust": 0.3,
"vendor": "redhat",
"version": null
},
{
"_id": null,
"model": "openssh-3.4p1-2.i386.rpm",
"scope": null,
"trust": 0.3,
"vendor": "redhat",
"version": null
},
{
"_id": null,
"model": "openssh-3.1p1-3.i386.rpm",
"scope": null,
"trust": 0.3,
"vendor": "redhat",
"version": null
},
{
"_id": null,
"model": "openssh-2.9p2-7.ia64.rpm",
"scope": null,
"trust": 0.3,
"vendor": "redhat",
"version": null
},
{
"_id": null,
"model": "openssh-2.9p2-7.i386.rpm",
"scope": null,
"trust": 0.3,
"vendor": "redhat",
"version": null
},
{
"_id": null,
"model": "openssh-2.5.2p2-5.i386.rpm",
"scope": null,
"trust": 0.3,
"vendor": "redhat",
"version": null
},
{
"_id": null,
"model": "p1",
"scope": "eq",
"trust": 0.3,
"vendor": "openssh",
"version": "3.7"
},
{
"_id": null,
"model": "openssh",
"scope": "eq",
"trust": 0.3,
"vendor": "openssh",
"version": "3.7"
},
{
"_id": null,
"model": "p2",
"scope": "eq",
"trust": 0.3,
"vendor": "openssh",
"version": "3.6.1"
},
{
"_id": null,
"model": "p1",
"scope": "eq",
"trust": 0.3,
"vendor": "openssh",
"version": "3.6.1"
},
{
"_id": null,
"model": "openssh",
"scope": "eq",
"trust": 0.3,
"vendor": "openssh",
"version": "3.6.1"
},
{
"_id": null,
"model": "p1",
"scope": "eq",
"trust": 0.3,
"vendor": "openssh",
"version": "3.5"
},
{
"_id": null,
"model": "openssh",
"scope": "eq",
"trust": 0.3,
"vendor": "openssh",
"version": "3.5"
},
{
"_id": null,
"model": "p1-1",
"scope": "eq",
"trust": 0.3,
"vendor": "openssh",
"version": "3.4"
},
{
"_id": null,
"model": "p1",
"scope": "eq",
"trust": 0.3,
"vendor": "openssh",
"version": "3.4"
},
{
"_id": null,
"model": "openssh",
"scope": "eq",
"trust": 0.3,
"vendor": "openssh",
"version": "3.4"
},
{
"_id": null,
"model": "p1",
"scope": "eq",
"trust": 0.3,
"vendor": "openssh",
"version": "3.3"
},
{
"_id": null,
"model": "openssh",
"scope": "eq",
"trust": 0.3,
"vendor": "openssh",
"version": "3.3"
},
{
"_id": null,
"model": "p1",
"scope": "eq",
"trust": 0.3,
"vendor": "openssh",
"version": "3.2.3"
},
{
"_id": null,
"model": "p1",
"scope": "eq",
"trust": 0.3,
"vendor": "openssh",
"version": "3.2.2"
},
{
"_id": null,
"model": "openssh",
"scope": "eq",
"trust": 0.3,
"vendor": "openssh",
"version": "3.2"
},
{
"_id": null,
"model": "p1",
"scope": "eq",
"trust": 0.3,
"vendor": "openssh",
"version": "3.1"
},
{
"_id": null,
"model": "openssh",
"scope": "eq",
"trust": 0.3,
"vendor": "openssh",
"version": "3.1"
},
{
"_id": null,
"model": "p1",
"scope": "eq",
"trust": 0.3,
"vendor": "openssh",
"version": "3.0.2"
},
{
"_id": null,
"model": "openssh",
"scope": "eq",
"trust": 0.3,
"vendor": "openssh",
"version": "3.0.2"
},
{
"_id": null,
"model": "p1",
"scope": "eq",
"trust": 0.3,
"vendor": "openssh",
"version": "3.0.1"
},
{
"_id": null,
"model": "openssh",
"scope": "eq",
"trust": 0.3,
"vendor": "openssh",
"version": "3.0.1"
},
{
"_id": null,
"model": "p1",
"scope": "eq",
"trust": 0.3,
"vendor": "openssh",
"version": "3.0"
},
{
"_id": null,
"model": "openssh",
"scope": "eq",
"trust": 0.3,
"vendor": "openssh",
"version": "3.0"
},
{
"_id": null,
"model": "openssh",
"scope": "eq",
"trust": 0.3,
"vendor": "openssh",
"version": "2.9.9"
},
{
"_id": null,
"model": "openbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "openbsd",
"version": "3.3"
},
{
"_id": null,
"model": "openbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "openbsd",
"version": "3.2"
},
{
"_id": null,
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "1.6.1"
},
{
"_id": null,
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "1.6"
},
{
"_id": null,
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "1.5.3"
},
{
"_id": null,
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "1.5.2"
},
{
"_id": null,
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "1.5.1"
},
{
"_id": null,
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "1.5"
},
{
"_id": null,
"model": "secureadmin for netcache",
"scope": "eq",
"trust": 0.3,
"vendor": "netapp",
"version": "5.5"
},
{
"_id": null,
"model": "secureadmin",
"scope": "eq",
"trust": 0.3,
"vendor": "netapp",
"version": "3.0"
},
{
"_id": null,
"model": "networks serverironxl/g",
"scope": null,
"trust": 0.3,
"vendor": "foundry",
"version": null
},
{
"_id": null,
"model": "networks serverironxl",
"scope": null,
"trust": 0.3,
"vendor": "foundry",
"version": null
},
{
"_id": null,
"model": "networks serveriron800",
"scope": null,
"trust": 0.3,
"vendor": "foundry",
"version": null
},
{
"_id": null,
"model": "networks serveriron400",
"scope": null,
"trust": 0.3,
"vendor": "foundry",
"version": null
},
{
"_id": null,
"model": "networks serveriron",
"scope": "eq",
"trust": 0.3,
"vendor": "foundry",
"version": "7.1.09"
},
{
"_id": null,
"model": "networks serveriron",
"scope": "eq",
"trust": 0.3,
"vendor": "foundry",
"version": "6.0"
},
{
"_id": null,
"model": "networks serveriron t12",
"scope": "eq",
"trust": 0.3,
"vendor": "foundry",
"version": "5.1.10"
},
{
"_id": null,
"model": "networks ironview",
"scope": null,
"trust": 0.3,
"vendor": "foundry",
"version": null
},
{
"_id": null,
"model": "networks fastiron",
"scope": "eq",
"trust": 0.3,
"vendor": "foundry",
"version": "7.1.09"
},
{
"_id": null,
"model": "networks edgeiron 4802f",
"scope": "eq",
"trust": 0.3,
"vendor": "foundry",
"version": "0"
},
{
"_id": null,
"model": "networks bigiron",
"scope": "eq",
"trust": 0.3,
"vendor": "foundry",
"version": "7.1.09"
},
{
"_id": null,
"model": "ssh",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "1.3.14"
},
{
"_id": null,
"model": "open software",
"scope": "eq",
"trust": 0.3,
"vendor": "cray",
"version": "3.0"
},
{
"_id": null,
"model": "webns",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.20.0.03"
},
{
"_id": null,
"model": "webns",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.10.2.06"
},
{
"_id": null,
"model": "webns",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.10.1.02"
},
{
"_id": null,
"model": "webns b4",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6.10"
},
{
"_id": null,
"model": "webns",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6.10"
},
{
"_id": null,
"model": "sn storage router sn5428-3.3.2-k9",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5428"
},
{
"_id": null,
"model": "sn storage router sn5428-3.3.1-k9",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5428"
},
{
"_id": null,
"model": "sn storage router sn5428-3.2.2-k9",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5428"
},
{
"_id": null,
"model": "sn storage router sn5428-3.2.1-k9",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5428"
},
{
"_id": null,
"model": "sn storage router sn5428-2.5.1-k9",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5428"
},
{
"_id": null,
"model": "sn storage router sn5428-2-3.3.2-k9",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5428"
},
{
"_id": null,
"model": "sn storage router sn5428-2-3.3.1-k9",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5428"
},
{
"_id": null,
"model": "secure intrusion detection system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "pgw2200 softswitch",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4480"
},
{
"_id": null,
"model": "css11800 content services switch",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "css11506 content services switch",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "css11503 content services switch",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "css11501 content services switch",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "css11150 content services switch",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "css11050 content services switch",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "css11000 content services switch",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "ciscoworks wireless lan solution engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1105"
},
{
"_id": null,
"model": "ciscoworks hosting solution engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1105"
},
{
"_id": null,
"model": "catos",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.6(1)"
},
{
"_id": null,
"model": "catos",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.6"
},
{
"_id": null,
"model": "catos",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.5(1)"
},
{
"_id": null,
"model": "catos",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.5"
},
{
"_id": null,
"model": "catos",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.4(3)"
},
{
"_id": null,
"model": "catos",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.4(2)"
},
{
"_id": null,
"model": "catos",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.4(1)"
},
{
"_id": null,
"model": "catos",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.4(0.63)"
},
{
"_id": null,
"model": "catos clr",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.4"
},
{
"_id": null,
"model": "catos",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.4"
},
{
"_id": null,
"model": "catos",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.3(2)"
},
{
"_id": null,
"model": "catos",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.3(1)"
},
{
"_id": null,
"model": "catos",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.3"
},
{
"_id": null,
"model": "catos",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.2(2)"
},
{
"_id": null,
"model": "catos",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.2(1)"
},
{
"_id": null,
"model": "catos",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.2(0.65)"
},
{
"_id": null,
"model": "catos",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.1(2)"
},
{
"_id": null,
"model": "catos",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.1(1)"
},
{
"_id": null,
"model": "catos",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6.4(3)"
},
{
"_id": null,
"model": "catos",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6.4(2)"
},
{
"_id": null,
"model": "catos",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6.4(1)"
},
{
"_id": null,
"model": "catos",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6.3(9)"
},
{
"_id": null,
"model": "catos",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6.3(8.3)"
},
{
"_id": null,
"model": "catos",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6.3(8)"
},
{
"_id": null,
"model": "catos",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6.3(7)"
},
{
"_id": null,
"model": "catos",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6.3(6)"
},
{
"_id": null,
"model": "catos",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6.3(5.10)"
},
{
"_id": null,
"model": "catos",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6.3(5)"
},
{
"_id": null,
"model": "catos",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6.3(4)"
},
{
"_id": null,
"model": "catos",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6.3(3)x1"
},
{
"_id": null,
"model": "catos",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6.3(3)x"
},
{
"_id": null,
"model": "catos",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6.3(3)"
},
{
"_id": null,
"model": "catos",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6.3(2)"
},
{
"_id": null,
"model": "catos",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6.3(10)"
},
{
"_id": null,
"model": "catos",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6.3(1)"
},
{
"_id": null,
"model": "catos",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6.2(3)"
},
{
"_id": null,
"model": "catos",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6.2(2)"
},
{
"_id": null,
"model": "catos",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6.2(1)"
},
{
"_id": null,
"model": "catos",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6.1(4)"
},
{
"_id": null,
"model": "catos",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6.1(3)"
},
{
"_id": null,
"model": "catos",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6.1(2)"
},
{
"_id": null,
"model": "catos",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6.1(1)"
},
{
"_id": null,
"model": "catos",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.5(9)"
},
{
"_id": null,
"model": "catos cv",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.5"
},
{
"_id": null,
"model": "catos",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.5(8)"
},
{
"_id": null,
"model": "catos",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.5(7)"
},
{
"_id": null,
"model": "catos",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.5(6)"
},
{
"_id": null,
"model": "catos",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.5(5)"
},
{
"_id": null,
"model": "catos",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.5(4)"
},
{
"_id": null,
"model": "catos",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.5(3)"
},
{
"_id": null,
"model": "catos",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.5(2)"
},
{
"_id": null,
"model": "catos",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.5(19)"
},
{
"_id": null,
"model": "catos",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.5(18)"
},
{
"_id": null,
"model": "catos",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.5(17)"
},
{
"_id": null,
"model": "catos",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.5(16.2)"
},
{
"_id": null,
"model": "catos",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.5(16)"
},
{
"_id": null,
"model": "catos",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.5(15)"
},
{
"_id": null,
"model": "catos",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.5(14)"
},
{
"_id": null,
"model": "catos",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.5(13.5)"
},
{
"_id": null,
"model": "catos",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.5(13)"
},
{
"_id": null,
"model": "catos",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.5(12)"
},
{
"_id": null,
"model": "catos",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.5(11)"
},
{
"_id": null,
"model": "catos",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.5(10)"
},
{
"_id": null,
"model": "catos",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.5(1)"
},
{
"_id": null,
"model": "catos",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.4(4)"
},
{
"_id": null,
"model": "catos",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.4(3)"
},
{
"_id": null,
"model": "catos",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.4(2)"
},
{
"_id": null,
"model": "catos",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.4(1)"
},
{
"_id": null,
"model": "catos",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.2"
},
{
"_id": null,
"model": "catos",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.2(7)"
},
{
"_id": null,
"model": "catos",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.2(6)"
},
{
"_id": null,
"model": "catos",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.2(5)"
},
{
"_id": null,
"model": "catos",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.2(4)"
},
{
"_id": null,
"model": "catos",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.2(3)"
},
{
"_id": null,
"model": "catos",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.2(2)"
},
{
"_id": null,
"model": "catos",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.2(1)"
},
{
"_id": null,
"model": "catos",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1(1)"
},
{
"_id": null,
"model": "catos",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5(9)"
},
{
"_id": null,
"model": "catos",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5(8)"
},
{
"_id": null,
"model": "catos",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5(7)"
},
{
"_id": null,
"model": "catos",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5(6)"
},
{
"_id": null,
"model": "catos",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5(5)"
},
{
"_id": null,
"model": "catos",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5(4)"
},
{
"_id": null,
"model": "catos",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5(3)"
},
{
"_id": null,
"model": "catos",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5(2)"
},
{
"_id": null,
"model": "catos",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5(13)"
},
{
"_id": null,
"model": "catos",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5(12)"
},
{
"_id": null,
"model": "catos",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5(11)"
},
{
"_id": null,
"model": "catos",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5(10)"
},
{
"_id": null,
"model": "catos",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5(1)"
},
{
"_id": null,
"model": "catos",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.4(1)"
},
{
"_id": null,
"model": "catos",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.3"
},
{
"_id": null,
"model": "catos",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2(2)"
},
{
"_id": null,
"model": "catos",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2(1)"
},
{
"_id": null,
"model": "catos",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(3)"
},
{
"_id": null,
"model": "catos",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(2)"
},
{
"_id": null,
"model": "catos",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(1)"
},
{
"_id": null,
"model": "catalyst ws-x6380-nam",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "76003.1"
},
{
"_id": null,
"model": "catalyst ws-svc-nam-2",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "76003.1"
},
{
"_id": null,
"model": "catalyst ws-svc-nam-1",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "76003.1"
},
{
"_id": null,
"model": "catalyst ws-svc-nam-2",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "76002.2"
},
{
"_id": null,
"model": "catalyst ws-svc-nam-1",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "76002.2"
},
{
"_id": null,
"model": "catalyst ws-x6380-nam",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "76002.1"
},
{
"_id": null,
"model": "catalyst ws-x6380-nam",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "65003.1"
},
{
"_id": null,
"model": "catalyst ws-svc-nam-2",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "65003.1"
},
{
"_id": null,
"model": "catalyst ws-svc-nam-1",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "65003.1"
},
{
"_id": null,
"model": "catalyst ws-svc-nam-2",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "65002.2"
},
{
"_id": null,
"model": "catalyst ws-svc-nam-1",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "65002.2"
},
{
"_id": null,
"model": "catalyst ws-x6380-nam",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "65002.1"
},
{
"_id": null,
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "60007.6(1)"
},
{
"_id": null,
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "60007.5(1)"
},
{
"_id": null,
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "60007.1(2)"
},
{
"_id": null,
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "60007.1"
},
{
"_id": null,
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "60006.3(4)"
},
{
"_id": null,
"model": "catalyst pan",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "60006.3"
},
{
"_id": null,
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "60006.2(0.111)"
},
{
"_id": null,
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "60006.2(0.110)"
},
{
"_id": null,
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "60006.1(2.13)"
},
{
"_id": null,
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "60006.1(1)"
},
{
"_id": null,
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "60005.5(4)"
},
{
"_id": null,
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "60005.5(3)"
},
{
"_id": null,
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "60005.5(2)"
},
{
"_id": null,
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "60005.5(13)"
},
{
"_id": null,
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "60005.5(1)"
},
{
"_id": null,
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "60005.4.1"
},
{
"_id": null,
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "60005.4(4)"
},
{
"_id": null,
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "60005.4(3)"
},
{
"_id": null,
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "60005.4(2)"
},
{
"_id": null,
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "60005.4(1)"
},
{
"_id": null,
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "60005.4"
},
{
"_id": null,
"model": "catalyst ws-x6380-nam",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "60003.1"
},
{
"_id": null,
"model": "catalyst ws-svc-nam-2",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "60003.1"
},
{
"_id": null,
"model": "catalyst ws-svc-nam-1",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "60003.1"
},
{
"_id": null,
"model": "catalyst ws-svc-nam-2",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "60002.2"
},
{
"_id": null,
"model": "catalyst ws-svc-nam-1",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "60002.2"
},
{
"_id": null,
"model": "catalyst ws-x6380-nam",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "60002.1"
},
{
"_id": null,
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "50006.3(4)"
},
{
"_id": null,
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "50006.1(3)"
},
{
"_id": null,
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "50006.1(2)"
},
{
"_id": null,
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "50006.1(1)"
},
{
"_id": null,
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "50005.5(7)"
},
{
"_id": null,
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "50005.5(6)"
},
{
"_id": null,
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "50005.5"
},
{
"_id": null,
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "50005.5(4)"
},
{
"_id": null,
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "50005.5(3)"
},
{
"_id": null,
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "50005.5(2)"
},
{
"_id": null,
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "50005.5(13)"
},
{
"_id": null,
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "50005.5(1)"
},
{
"_id": null,
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "50005.4.1"
},
{
"_id": null,
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "50005.4(4)"
},
{
"_id": null,
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "50005.4(3)"
},
{
"_id": null,
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "50005.4(2)"
},
{
"_id": null,
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "50005.4(1)"
},
{
"_id": null,
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "50005.2(4)"
},
{
"_id": null,
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "50005.2(3)"
},
{
"_id": null,
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "50005.2(2)"
},
{
"_id": null,
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "50005.2(1)"
},
{
"_id": null,
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "50005.2"
},
{
"_id": null,
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "50005.1(1)"
},
{
"_id": null,
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "50004.5(9)"
},
{
"_id": null,
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "50004.5(8)"
},
{
"_id": null,
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "50004.5(7)"
},
{
"_id": null,
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "50004.5(6)"
},
{
"_id": null,
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "50004.5(5)"
},
{
"_id": null,
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "50004.5(4)"
},
{
"_id": null,
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "50004.5(3)"
},
{
"_id": null,
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "50004.5(2)"
},
{
"_id": null,
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "50004.5(12)"
},
{
"_id": null,
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "50004.5(11)"
},
{
"_id": null,
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "50004.5(10)"
},
{
"_id": null,
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5000"
},
{
"_id": null,
"model": "catalyst 4912g",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "40007.6(1)"
},
{
"_id": null,
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "40007.5(1)"
},
{
"_id": null,
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "40007.1.2"
},
{
"_id": null,
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "40007.1(2)"
},
{
"_id": null,
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "40007.1"
},
{
"_id": null,
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "40006.3.5"
},
{
"_id": null,
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "40006.3(4)"
},
{
"_id": null,
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "40006.1(1)"
},
{
"_id": null,
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "40005.5.5"
},
{
"_id": null,
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "40005.5(4)"
},
{
"_id": null,
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "40005.5(3)"
},
{
"_id": null,
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "40005.5(2)"
},
{
"_id": null,
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "40005.5(13)"
},
{
"_id": null,
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "40005.5(1)"
},
{
"_id": null,
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "40005.4.1"
},
{
"_id": null,
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "40005.4(3)"
},
{
"_id": null,
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "40005.4(2)"
},
{
"_id": null,
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "40005.4(1)"
},
{
"_id": null,
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "40005.4"
},
{
"_id": null,
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "40005.2(7)"
},
{
"_id": null,
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "40005.2(6)"
},
{
"_id": null,
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "40005.2(5)"
},
{
"_id": null,
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "40005.2(4)"
},
{
"_id": null,
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "40005.2(2)"
},
{
"_id": null,
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "40005.2(1)"
},
{
"_id": null,
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "40005.1(1)"
},
{
"_id": null,
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "40004.5(9)"
},
{
"_id": null,
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "40004.5(8)"
},
{
"_id": null,
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "40004.5(7)"
},
{
"_id": null,
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "40004.5(6)"
},
{
"_id": null,
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "40004.5(5)"
},
{
"_id": null,
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "40004.5"
},
{
"_id": null,
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "40004.5(4)"
},
{
"_id": null,
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "40004.5(3)"
},
{
"_id": null,
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "40004.5(2)"
},
{
"_id": null,
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "40004.5(10)"
},
{
"_id": null,
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4000"
},
{
"_id": null,
"model": "catalyst 2948g",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "29005.5(13)"
},
{
"_id": null,
"model": "catalyst 2980g-a",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "catalyst 2980g",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "openlinux workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "caldera",
"version": "3.1.1"
},
{
"_id": null,
"model": "openlinux server",
"scope": "eq",
"trust": 0.3,
"vendor": "caldera",
"version": "3.1.1"
},
{
"_id": null,
"model": "coat systems sgme",
"scope": "eq",
"trust": 0.3,
"vendor": "blue",
"version": "2.1.6"
},
{
"_id": null,
"model": "coat systems sg2 secure proxy",
"scope": "eq",
"trust": 0.3,
"vendor": "blue",
"version": "0"
},
{
"_id": null,
"model": "coat systems security gateway os",
"scope": "eq",
"trust": 0.3,
"vendor": "blue",
"version": "3.1"
},
{
"_id": null,
"model": "coat systems security gateway os sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "blue",
"version": "2.1.5001"
},
{
"_id": null,
"model": "coat systems security gateway os",
"scope": "eq",
"trust": 0.3,
"vendor": "blue",
"version": "2.1.9"
},
{
"_id": null,
"model": "coat systems proxysg",
"scope": "eq",
"trust": 0.3,
"vendor": "blue",
"version": "0"
},
{
"_id": null,
"model": "coat systems cacheos ca/sa",
"scope": "eq",
"trust": 0.3,
"vendor": "blue",
"version": "4.1.10"
},
{
"_id": null,
"model": "os",
"scope": "ne",
"trust": 0.3,
"vendor": "snapgear",
"version": "1.8.5"
},
{
"_id": null,
"model": "irix",
"scope": "ne",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.22"
},
{
"_id": null,
"model": "p1",
"scope": "ne",
"trust": 0.3,
"vendor": "openssh",
"version": "3.7.1"
},
{
"_id": null,
"model": "openssh",
"scope": "ne",
"trust": 0.3,
"vendor": "openssh",
"version": "3.7.1"
},
{
"_id": null,
"model": "p1",
"scope": "ne",
"trust": 0.3,
"vendor": "openssh",
"version": "3.7"
},
{
"_id": null,
"model": "openssh",
"scope": "ne",
"trust": 0.3,
"vendor": "openssh",
"version": "3.7"
},
{
"_id": null,
"model": "ssh",
"scope": "ne",
"trust": 0.3,
"vendor": "f secure",
"version": "1.3.15"
},
{
"_id": null,
"model": "catos",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "8.1(3)"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#333628"
},
{
"db": "BID",
"id": "8628"
},
{
"db": "CNNVD",
"id": "CNNVD-200309-032"
},
{
"db": "JVNDB",
"id": "JVNDB-2003-000274"
},
{
"db": "NVD",
"id": "CVE-2003-0693"
}
]
},
"configurations": {
"_id": null,
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:openbsd:openssh",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:misc:miraclelinux_asianux_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:sun:sun_cobalt_raq_550",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:sun:solaris",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:turbolinux:turbolinux_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:hp:hp-ux",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:redhat:linux",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2003-000274"
}
]
},
"credits": {
"_id": null,
"data": "OpenSSH Security Advisory",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200309-032"
}
],
"trust": 0.6
},
"cve": "CVE-2003-0693",
"cvss": {
"_id": null,
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2003-0693",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2003-0693",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#333628",
"trust": 0.8,
"value": "28.98"
},
{
"author": "NVD",
"id": "CVE-2003-0693",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-200309-032",
"trust": 0.6,
"value": "CRITICAL"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#333628"
},
{
"db": "CNNVD",
"id": "CNNVD-200309-032"
},
{
"db": "JVNDB",
"id": "JVNDB-2003-000274"
},
{
"db": "NVD",
"id": "CVE-2003-0693"
}
]
},
"description": {
"_id": null,
"data": "A \"buffer management error\" in buffer_append_space of buffer.c for OpenSSH before 3.7 may allow remote attackers to execute arbitrary code by causing an incorrect amount of memory to be freed and corrupting the heap, a different vulnerability than CVE-2003-0695. While the full impact of these vulnerabilities are unclear, they may lead to memory corruption and a denial-of-service situation. ------------ This vulnerability information is a summary of multiple vulnerabilities released at the same time. Please note that the contents of vulnerability information other than the title are included. ------------ OpenSSH Project More distributed OpenSSH 3.7 (Portable Edition OpenSSH 3.7p1) Previously, there were deficiencies in buffer management. If a remote attacker receives a packet of a deliberate length that frees other nearby areas when releasing the buffer, the heap area can be destroyed. As a result, remote attackers who exploit this issue sshd Can be put into a denial of service, and arbitrary code execution has been suggested. The routine in which the problem exists is OpenSSH Others that are using similar routines since being used since the initial release of SSH The implementation of may also be affected. SSH Secure Shell/Ciso IOS Has been reported by the vendor to be unaffected by this issue. Also, F-Secure SSH about, 1.3.14 (for Unix) Previously affected, 2.x Since then, the vendor has reported that it will not be affected. Initially this problem (CAN-2003-0693) Is buffer.c Inside buffer_append_space() Discovered in the function, OpenSSH 3.7p1 It was solved with. However, since a similar problem was discovered in other places after that, this problem was solved. OpenSSH 3.7.1p1 Has been released. (CAN-2003-0695) In addition, memory management issues that are different from the above issues (CAN-2003-0682) Has also been reported, OpenSSH 3.7.1p2 It can be solved by updating to. still, Red Hat Linux About the vendor 2003 Year 9 Moon 17 Advisory published by date (RHSA-2003:279-17) Indicated in RPM Updates to the package, Turboinux About the vendor 2003 Year 9 Moon 24 Advisory published on date (TLSA-2003-53) All of these issues are due to updates to the packages indicated in (CAN-2003-0682/CAN-2003-0693/CAN-2003-0695) Can be eliminated.Please refer to the \u201cOverview\u201d for the impact of this vulnerability. The issue may cause a denial of service. This condition can reportedly be triggered by an overly large packet. \nThere are also unconfirmed rumors of an exploit for this vulnerability circulating in the wild. \nOpenSSH has revised their advisory, pointing out a similar issue in the \u0027channels.c\u0027 source file and an additional issue in \u0027buffer.c\u0027. Solar Designer has also reportedly pointed out additional instances of the problem that may also present vulnerabilities",
"sources": [
{
"db": "NVD",
"id": "CVE-2003-0693"
},
{
"db": "CERT/CC",
"id": "VU#333628"
},
{
"db": "JVNDB",
"id": "JVNDB-2003-000274"
},
{
"db": "BID",
"id": "8628"
}
],
"trust": 2.61
},
"external_ids": {
"_id": null,
"data": [
{
"db": "CERT/CC",
"id": "VU#333628",
"trust": 3.2
},
{
"db": "NVD",
"id": "CVE-2003-0693",
"trust": 2.7
},
{
"db": "XF",
"id": "13191",
"trust": 1.4
},
{
"db": "BID",
"id": "8628",
"trust": 1.1
},
{
"db": "OPENWALL",
"id": "OSS-SECURITY/2024/07/01/3",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "10156",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2003-000274",
"trust": 0.8
},
{
"db": "FULLDISC",
"id": "20030916 THE LOWDOWN ON SSH VULNERABILITY",
"trust": 0.6
},
{
"db": "FULLDISC",
"id": "20030915 NEW SSH EXPLOIT?",
"trust": 0.6
},
{
"db": "FULLDISC",
"id": "20030915 OPENSSH REMOTE EXPLOIT",
"trust": 0.6
},
{
"db": "OVAL",
"id": "OVAL:ORG.MITRE.OVAL:DEF:447",
"trust": 0.6
},
{
"db": "OVAL",
"id": "OVAL:ORG.MITRE.OVAL:DEF:2719",
"trust": 0.6
},
{
"db": "BUGTRAQ",
"id": "20030916 OPENSSH BUFFER MANAGEMENT BUG ADVISORY",
"trust": 0.6
},
{
"db": "BUGTRAQ",
"id": "20030917 [OPENPKG-SA-2003.040] OPENPKG SECURITY ADVISORY (OPENSSH)",
"trust": 0.6
},
{
"db": "BUGTRAQ",
"id": "20030916 [SLACKWARE-SECURITY] OPENSSH SECURITY ADVISORY (SSA:2003-259-01)",
"trust": 0.6
},
{
"db": "MANDRAKE",
"id": "MDKSA-2003:090",
"trust": 0.6
},
{
"db": "CERT/CC",
"id": "CA-2003-24",
"trust": 0.6
},
{
"db": "SUNALERT",
"id": "1000620",
"trust": 0.6
},
{
"db": "DEBIAN",
"id": "DSA-383",
"trust": 0.6
},
{
"db": "DEBIAN",
"id": "DSA-382",
"trust": 0.6
},
{
"db": "TRUSTIX",
"id": "2003-0033",
"trust": 0.6
},
{
"db": "REDHAT",
"id": "RHSA-2003:280",
"trust": 0.6
},
{
"db": "REDHAT",
"id": "RHSA-2003:279",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-200309-032",
"trust": 0.6
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#333628"
},
{
"db": "BID",
"id": "8628"
},
{
"db": "CNNVD",
"id": "CNNVD-200309-032"
},
{
"db": "JVNDB",
"id": "JVNDB-2003-000274"
},
{
"db": "NVD",
"id": "CVE-2003-0693"
}
]
},
"id": "VAR-200309-0035",
"iot": {
"_id": null,
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.38200912
},
"last_update_date": "2026-04-10T22:38:42.068000Z",
"patch": {
"_id": null,
"data": [
{
"title": "2003120401",
"trust": 0.8,
"url": "http://support.f-secure.com/enu/corporate/supportissue/ssh/comments/comments-issue-2003120401.shtml"
},
{
"title": "HPSBUX0311-302",
"trust": 0.8,
"url": "http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX0311-302"
},
{
"title": "HPSBUX0309-282",
"trust": 0.8,
"url": "http://www2.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX0309-282"
},
{
"title": "HPSBUX0311-302",
"trust": 0.8,
"url": "http://h50221.www5.hp.com/upassist/itrc_japan/assist2/secbltn/HP-UX/HPSBUX0311-302.html"
},
{
"title": "HPSBUX0309-282",
"trust": 0.8,
"url": "http://h50221.www5.hp.com/upassist/itrc_japan/assist2/secbltn/HP-UX/HPSBUX0309-282.html"
},
{
"title": "openssh",
"trust": 0.8,
"url": "http://www.miraclelinux.com/support/update/data/openssh.html"
},
{
"title": "buffer.adv",
"trust": 0.8,
"url": "http://www.openssh.com/txt/buffer.adv"
},
{
"title": "RHSA-2003:279",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/RHSA-2003-279.html"
},
{
"title": "471",
"trust": 0.8,
"url": "http://www.ssh.com/company/newsroom/article/471/"
},
{
"title": "56862",
"trust": 0.8,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-56862-1"
},
{
"title": "56861",
"trust": 0.8,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-56861-1"
},
{
"title": "56862",
"trust": 0.8,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-56862-3"
},
{
"title": "56861",
"trust": 0.8,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-56861-3"
},
{
"title": "550 OpenSSH Security Update",
"trust": 0.8,
"url": "http://sunsolve.sun.com/pub-cgi/show.pl?target=cobalt/raq550.eng\u0026amp;nav=patchpage"
},
{
"title": "TLSA-2003-53",
"trust": 0.8,
"url": "http://www.turbolinux.com/security/2003/TLSA-2003-53.txt"
},
{
"title": "TLSA-2003-51",
"trust": 0.8,
"url": "http://www.turbolinux.com/security/2003/TLSA-2003-51.txt"
},
{
"title": "RHSA-2003:279",
"trust": 0.8,
"url": "http://www.jp.redhat.com/support/errata/RHSA/RHSA-2003-279J.html"
},
{
"title": "TLSA-2003-53",
"trust": 0.8,
"url": "http://www.turbolinux.co.jp/security/2003/TLSA-2003-53j.txt"
},
{
"title": "TLSA-2003-51",
"trust": 0.8,
"url": "http://www.turbolinux.co.jp/security/2003/TLSA-2003-51j.txt"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2003-000274"
}
]
},
"problemtype_data": {
"_id": null,
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2003-0693"
}
]
},
"references": {
"_id": null,
"data": [
{
"trust": 2.7,
"url": "http://www.openssh.com/txt/buffer.adv"
},
{
"trust": 2.7,
"url": "http://www.cert.org/advisories/ca-2003-24.html"
},
{
"trust": 2.4,
"url": "http://www.kb.cert.org/vuls/id/333628"
},
{
"trust": 1.6,
"url": "http://www.redhat.com/support/errata/rhsa-2003-280.html"
},
{
"trust": 1.6,
"url": "http://www.debian.org/security/2003/dsa-383"
},
{
"trust": 1.6,
"url": "http://www.debian.org/security/2003/dsa-382"
},
{
"trust": 1.6,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1000620.1-1"
},
{
"trust": 1.6,
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2003-september/010146.html"
},
{
"trust": 1.6,
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2003-september/010135.html"
},
{
"trust": 1.6,
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2003-september/010103.html"
},
{
"trust": 1.6,
"url": "http://www.mandriva.com/security/advisories?name=mdksa-2003:090"
},
{
"trust": 1.4,
"url": "http://xforce.iss.net/xforce/xfdb/13191"
},
{
"trust": 1.2,
"url": "http://marc.theaimsgroup.com/?l=bugtraq\u0026m=106373247528528\u0026w=2"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=106373546332230\u0026w=2"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=106374466212309\u0026w=2"
},
{
"trust": 1.0,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a2719"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=106381396120332\u0026w=2"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=106373247528528\u0026w=2"
},
{
"trust": 1.0,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/13191"
},
{
"trust": 1.0,
"url": "http://www.openwall.com/lists/oss-security/2024/07/01/3"
},
{
"trust": 1.0,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a447"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=106381409220492\u0026w=2"
},
{
"trust": 0.8,
"url": "http://www.mindrot.org/pipermail/openssh-unix-announce/2003-september/000062.html"
},
{
"trust": 0.8,
"url": "http://www.freebsd.org/cgi/cvsweb.cgi/ports/security/openssh/files/patch-buffer.c"
},
{
"trust": 0.8,
"url": "http://www.secunia.com/advisories/10156/"
},
{
"trust": 0.8,
"url": "http://www.ciac.org/ciac/bulletins/n-151.shtml"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2003-0693"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/wr/2003/wr033801.txt"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnca-2003-24"
},
{
"trust": 0.8,
"url": "http://jvn.jp/tr/trca-2003-24"
},
{
"trust": 0.8,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2003-0693"
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/8628"
},
{
"trust": 0.8,
"url": "http://www.isskk.co.jp/support/techinfo/general/openssh144.html"
},
{
"trust": 0.6,
"url": "http://marc.theaimsgroup.com/?l=bugtraq\u0026m=106381409220492\u0026w=2"
},
{
"trust": 0.6,
"url": "http://marc.theaimsgroup.com/?l=bugtraq\u0026m=106381396120332\u0026w=2"
},
{
"trust": 0.6,
"url": "http://marc.theaimsgroup.com/?l=bugtraq\u0026m=106374466212309\u0026w=2"
},
{
"trust": 0.6,
"url": "http://marc.theaimsgroup.com/?l=bugtraq\u0026m=106373546332230\u0026w=2"
},
{
"trust": 0.6,
"url": "http://oval.mitre.org/repository/data/getdef?id=oval:org.mitre.oval:def:447"
},
{
"trust": 0.6,
"url": "http://oval.mitre.org/repository/data/getdef?id=oval:org.mitre.oval:def:2719"
},
{
"trust": 0.3,
"url": "http://www.slackware.org/security/viewer.php?l=slackware-security\u0026y=2003\u0026m=slackware-security.368193"
},
{
"trust": 0.3,
"url": "http://www.bluecoat.com/downloads/support/bcs_openssh_vulnerability.pdf"
},
{
"trust": 0.3,
"url": "http://www.openwall.com/owl/changes-current.shtml"
},
{
"trust": 0.3,
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20030917-openssh.shtml"
},
{
"trust": 0.3,
"url": "http://distro.conectiva.com.br/atualizacoes/index.php?id=a\u0026anuncio=000739"
},
{
"trust": 0.3,
"url": "http://www.freebsd.org/cgi/cvsweb.cgi/src/crypto/openssh/buffer.c.diff?r1=1.1.1.6\u0026r2=1.1.1.7\u0026f=h"
},
{
"trust": 0.3,
"url": "http://www.f-secure.com/support/technical/ssh/ssh1_openssh_buffer_management.shtml"
},
{
"trust": 0.3,
"url": "http://support.novell.com/cgi-bin/search/searchtid.cgi?/2968534.htm"
},
{
"trust": 0.3,
"url": "http://www.netapp.com/support/"
},
{
"trust": 0.3,
"url": "http://www.stonesoft.com/document/art/3031.html"
},
{
"trust": 0.3,
"url": "http://www.foundrynet.com/solutions/advisories/openssh333628.html"
},
{
"trust": 0.3,
"url": "http://www.netscreen.com/services/security/alerts/openssh_1.jsp"
},
{
"trust": 0.3,
"url": "http://support.novell.com/cgi-bin/search/searchtid.cgi?/2967067.htm"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert%2f56861"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert%2f56862"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/pub-cgi/show.pl?target=cobalt/raq550.eng\u0026nav=patchpage"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/patches/linux/security.html"
},
{
"trust": 0.3,
"url": "http://www.yellowdoglinux.com/resources/errata/ydu-20030917-1.txt"
},
{
"trust": 0.3,
"url": "/archive/1/337921"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#333628"
},
{
"db": "BID",
"id": "8628"
},
{
"db": "CNNVD",
"id": "CNNVD-200309-032"
},
{
"db": "JVNDB",
"id": "JVNDB-2003-000274"
},
{
"db": "NVD",
"id": "CVE-2003-0693"
}
]
},
"sources": {
"_id": null,
"data": [
{
"db": "CERT/CC",
"id": "VU#333628",
"ident": null
},
{
"db": "BID",
"id": "8628",
"ident": null
},
{
"db": "CNNVD",
"id": "CNNVD-200309-032",
"ident": null
},
{
"db": "JVNDB",
"id": "JVNDB-2003-000274",
"ident": null
},
{
"db": "NVD",
"id": "CVE-2003-0693",
"ident": null
}
]
},
"sources_release_date": {
"_id": null,
"data": [
{
"date": "2003-09-16T00:00:00",
"db": "CERT/CC",
"id": "VU#333628",
"ident": null
},
{
"date": "2003-09-16T00:00:00",
"db": "BID",
"id": "8628",
"ident": null
},
{
"date": "2003-09-22T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200309-032",
"ident": null
},
{
"date": "2007-04-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2003-000274",
"ident": null
},
{
"date": "2003-09-22T04:00:00",
"db": "NVD",
"id": "CVE-2003-0693",
"ident": null
}
]
},
"sources_update_date": {
"_id": null,
"data": [
{
"date": "2008-08-12T00:00:00",
"db": "CERT/CC",
"id": "VU#333628",
"ident": null
},
{
"date": "2009-11-05T23:47:00",
"db": "BID",
"id": "8628",
"ident": null
},
{
"date": "2006-03-28T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200309-032",
"ident": null
},
{
"date": "2007-04-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2003-000274",
"ident": null
},
{
"date": "2025-04-03T01:03:51.193000",
"db": "NVD",
"id": "CVE-2003-0693",
"ident": null
}
]
},
"threat_type": {
"_id": null,
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200309-032"
}
],
"trust": 0.6
},
"title": {
"_id": null,
"data": "OpenSSH contains buffer management errors",
"sources": [
{
"db": "CERT/CC",
"id": "VU#333628"
}
],
"trust": 0.8
},
"type": {
"_id": null,
"data": "Boundary Condition Error",
"sources": [
{
"db": "BID",
"id": "8628"
},
{
"db": "CNNVD",
"id": "CNNVD-200309-032"
}
],
"trust": 0.9
}
}
VAR-201602-0272
Vulnerability from variot - Updated: 2026-04-10 22:35ssl/s2_srvr.c in OpenSSL 1.0.1 before 1.0.1r and 1.0.2 before 1.0.2f does not prevent use of disabled ciphers, which makes it easier for man-in-the-middle attackers to defeat cryptographic protection mechanisms by performing computations on SSLv2 traffic, related to the get_client_master_key and get_client_hello functions. OpenSSL may generate unsafe primes for use in the Diffie-Hellman protocol, which may lead to disclosure of enough information for an attacker to recover the private encryption key. Network traffic encrypted using an RSA-based SSL certificate may be decrypted if enough SSLv2 handshake data can be collected. This is known as the "DROWN" attack in the media. OpenSSL is prone to a security-bypass vulnerability. Successfully exploiting this issue may allow attackers to perform unauthorized actions. This may lead to other attacks. OpenSSL Security Advisory [1st March 2016] =========================================
NOTE: With this update, OpenSSL is disabling the SSLv2 protocol by default, as well as removing SSLv2 EXPORT ciphers. We strongly advise against the use of SSLv2 due not only to the issues described below, but to the other known deficiencies in the protocol as described at https://tools.ietf.org/html/rfc6176
Cross-protocol attack on TLS using SSLv2 (DROWN) (CVE-2016-0800)
Severity: High
A cross-protocol attack was discovered that could lead to decryption of TLS sessions by using a server supporting SSLv2 and EXPORT cipher suites as a Bleichenbacher RSA padding oracle. Note that traffic between clients and non-vulnerable servers can be decrypted provided another server supporting SSLv2 and EXPORT ciphers (even with a different protocol such as SMTP, IMAP or POP) shares the RSA keys of the non-vulnerable server.
Recovering one session key requires the attacker to perform approximately 2^50 computation, as well as thousands of connections to the affected server. A more efficient variant of the DROWN attack exists against unpatched OpenSSL servers using versions that predate 1.0.2a, 1.0.1m, 1.0.0r and 0.9.8zf released on 19/Mar/2015 (see CVE-2016-0703 below).
Users can avoid this issue by disabling the SSLv2 protocol in all their SSL/TLS servers, if they've not done so already. Disabling all SSLv2 ciphers is also sufficient, provided the patches for CVE-2015-3197 (fixed in OpenSSL 1.0.1r and 1.0.2f) have been deployed. Servers that have not disabled the SSLv2 protocol, and are not patched for CVE-2015-3197 are vulnerable to DROWN even if all SSLv2 ciphers are nominally disabled, because malicious clients can force the use of SSLv2 with EXPORT ciphers.
OpenSSL 1.0.2g and 1.0.1s deploy the following mitigation against DROWN:
SSLv2 is now by default disabled at build-time. Builds that are not configured with "enable-ssl2" will not support SSLv2. Even if "enable-ssl2" is used, users who want to negotiate SSLv2 via the version-flexible SSLv23_method() will need to explicitly call either of:
SSL_CTX_clear_options(ctx, SSL_OP_NO_SSLv2); or SSL_clear_options(ssl, SSL_OP_NO_SSLv2);
as appropriate. Even if either of those is used, or the application explicitly uses the version-specific SSLv2_method() or its client or server variants, SSLv2 ciphers vulnerable to exhaustive search key recovery have been removed. Specifically, the SSLv2 40-bit EXPORT ciphers, and SSLv2 56-bit DES are no longer available.
In addition, weak ciphers in SSLv3 and up are now disabled in default builds of OpenSSL. Builds that are not configured with "enable-weak-ssl-ciphers" will not provide any "EXPORT" or "LOW" strength ciphers.
OpenSSL 1.0.2 users should upgrade to 1.0.2g OpenSSL 1.0.1 users should upgrade to 1.0.1s
This issue was reported to OpenSSL on December 29th 2015 by Nimrod Aviram and Sebastian Schinzel. The fix was developed by Viktor Dukhovni and Matt Caswell of OpenSSL.
Double-free in DSA code (CVE-2016-0705)
Severity: Low
A double free bug was discovered when OpenSSL parses malformed DSA private keys and could lead to a DoS attack or memory corruption for applications that receive DSA private keys from untrusted sources. This scenario is considered rare.
This issue affects OpenSSL versions 1.0.2 and 1.0.1.
OpenSSL 1.0.2 users should upgrade to 1.0.2g OpenSSL 1.0.1 users should upgrade to 1.0.1s
This issue was reported to OpenSSL on February 7th 2016 by Adam Langley (Google/BoringSSL) using libFuzzer. The fix was developed by Dr Stephen Henson of OpenSSL.
Memory leak in SRP database lookups (CVE-2016-0798)
Severity: Low
The SRP user database lookup method SRP_VBASE_get_by_user had confusing memory management semantics; the returned pointer was sometimes newly allocated, and sometimes owned by the callee. The calling code has no way of distinguishing these two cases.
Specifically, SRP servers that configure a secret seed to hide valid login information are vulnerable to a memory leak: an attacker connecting with an invalid username can cause a memory leak of around 300 bytes per connection. Servers that do not configure SRP, or configure SRP but do not configure a seed are not vulnerable.
In Apache, the seed directive is known as SSLSRPUnknownUserSeed.
To mitigate the memory leak, the seed handling in SRP_VBASE_get_by_user is now disabled even if the user has configured a seed. Applications are advised to migrate to SRP_VBASE_get1_by_user. However, note that OpenSSL makes no strong guarantees about the indistinguishability of valid and invalid logins. In particular, computations are currently not carried out in constant time.
This issue affects OpenSSL versions 1.0.2 and 1.0.1.
OpenSSL 1.0.2 users should upgrade to 1.0.2g OpenSSL 1.0.1 users should upgrade to 1.0.1s
This issue was discovered on February 23rd 2016 by Emilia Käsper of the OpenSSL development team. Emilia Käsper also developed the fix.
BN_hex2bn/BN_dec2bn NULL pointer deref/heap corruption (CVE-2016-0797)
Severity: Low
In the BN_hex2bn function the number of hex digits is calculated using an int value |i|. Later |bn_expand| is called with a value of |i * 4|. For large values of |i| this can result in |bn_expand| not allocating any memory because |i * 4| is negative. This can leave the internal BIGNUM data field as NULL leading to a subsequent NULL ptr deref. For very large values of |i|, the calculation |i * 4| could be a positive value smaller than |i|. In this case memory is allocated to the internal BIGNUM data field, but it is insufficiently sized leading to heap corruption. A similar issue exists in BN_dec2bn. This could have security consequences if BN_hex2bn/BN_dec2bn is ever called by user applications with very large untrusted hex/dec data. This is anticipated to be a rare occurrence.
All OpenSSL internal usage of these functions use data that is not expected to be untrusted, e.g. config file data or application command line arguments. If user developed applications generate config file data based on untrusted data then it is possible that this could also lead to security consequences. This is also anticipated to be rare.
This issue affects OpenSSL versions 1.0.2 and 1.0.1.
OpenSSL 1.0.2 users should upgrade to 1.0.2g OpenSSL 1.0.1 users should upgrade to 1.0.1s
This issue was reported to OpenSSL on February 19th 2016 by Guido Vranken. The fix was developed by Matt Caswell of the OpenSSL development team.
Fix memory issues in BIO_*printf functions (CVE-2016-0799)
Severity: Low
The internal |fmtstr| function used in processing a "%s" format string in the BIO_*printf functions could overflow while calculating the length of a string and cause an OOB read when printing very long strings.
Additionally the internal |doapr_outch| function can attempt to write to an OOB memory location (at an offset from the NULL pointer) in the event of a memory allocation failure. In 1.0.2 and below this could be caused where the size of a buffer to be allocated is greater than INT_MAX. E.g. this could be in processing a very long "%s" format string. Memory leaks can also occur.
The first issue may mask the second issue dependent on compiler behaviour. These problems could enable attacks where large amounts of untrusted data is passed to the BIO_*printf functions. If applications use these functions in this way then they could be vulnerable. OpenSSL itself uses these functions when printing out human-readable dumps of ASN.1 data. Therefore applications that print this data could be vulnerable if the data is from untrusted sources. OpenSSL command line applications could also be vulnerable where they print out ASN.1 data, or if untrusted data is passed as command line arguments.
Libssl is not considered directly vulnerable. Additionally certificates etc received via remote connections via libssl are also unlikely to be able to trigger these issues because of message size limits enforced within libssl.
This issue affects OpenSSL versions 1.0.2 and 1.0.1.
OpenSSL 1.0.2 users should upgrade to 1.0.2g OpenSSL 1.0.1 users should upgrade to 1.0.1s
This issue was reported to OpenSSL on February 23rd by Guido Vranken. The fix was developed by Matt Caswell of the OpenSSL development team.
Side channel attack on modular exponentiation (CVE-2016-0702)
Severity: Low
A side-channel attack was found which makes use of cache-bank conflicts on the Intel Sandy-Bridge microarchitecture which could lead to the recovery of RSA keys. The ability to exploit this issue is limited as it relies on an attacker who has control of code in a thread running on the same hyper-threaded core as the victim thread which is performing decryptions.
This issue affects OpenSSL versions 1.0.2 and 1.0.1.
OpenSSL 1.0.2 users should upgrade to 1.0.2g OpenSSL 1.0.1 users should upgrade to 1.0.1s
This issue was reported to OpenSSL on Jan 8th 2016 by Yuval Yarom, The University of Adelaide and NICTA, Daniel Genkin, Technion and Tel Aviv University, and Nadia Heninger, University of Pennsylvania with more information at http://cachebleed.info. The fix was developed by Andy Polyakov of OpenSSL.
Divide-and-conquer session key recovery in SSLv2 (CVE-2016-0703)
Severity: High
This issue only affected versions of OpenSSL prior to March 19th 2015 at which time the code was refactored to address vulnerability CVE-2015-0293.
s2_srvr.c did not enforce that clear-key-length is 0 for non-export ciphers. If clear-key bytes are present for these ciphers, they displace encrypted-key bytes. This leads to an efficient divide-and-conquer key recovery attack: if an eavesdropper has intercepted an SSLv2 handshake, they can use the server as an oracle to determine the SSLv2 master-key, using only 16 connections to the server and negligible computation.
More importantly, this leads to a more efficient version of DROWN that is effective against non-export ciphersuites, and requires no significant computation.
This issue affected OpenSSL versions 1.0.2, 1.0.1l, 1.0.0q, 0.9.8ze and all earlier versions. It was fixed in OpenSSL 1.0.2a, 1.0.1m, 1.0.0r and 0.9.8zf (released March 19th 2015).
This issue was reported to OpenSSL on February 10th 2016 by David Adrian and J. Alex Halderman of the University of Michigan. The underlying defect had by then already been fixed by Emilia Käsper of OpenSSL on March 4th 2015. The fix for this issue can be identified by commits ae50d827 (1.0.2a), cd56a08d (1.0.1m), 1a08063 (1.0.0r) and 65c588c (0.9.8zf).
Bleichenbacher oracle in SSLv2 (CVE-2016-0704)
Severity: Moderate
This issue only affected versions of OpenSSL prior to March 19th 2015 at which time the code was refactored to address the vulnerability CVE-2015-0293.
s2_srvr.c overwrite the wrong bytes in the master-key when applying Bleichenbacher protection for export cipher suites. This provides a Bleichenbacher oracle, and could potentially allow more efficient variants of the DROWN attack.
This issue affected OpenSSL versions 1.0.2, 1.0.1l, 1.0.0q, 0.9.8ze and all earlier versions. It was fixed in OpenSSL 1.0.2a, 1.0.1m, 1.0.0r and 0.9.8zf (released March 19th 2015).
This issue was reported to OpenSSL on February 10th 2016 by David Adrian and J. Alex Halderman of the University of Michigan. The underlying defect had by then already been fixed by Emilia Käsper of OpenSSL on March 4th 2015. The fix for this issue can be identified by commits ae50d827 (1.0.2a), cd56a08d (1.0.1m), 1a08063 (1.0.0r) and 65c588c (0.9.8zf).
Note
As per our previous announcements and our Release Strategy (https://www.openssl.org/policies/releasestrat.html), support for OpenSSL version 1.0.1 will cease on 31st December 2016. No security updates for that version will be provided after that date. Users of 1.0.1 are advised to upgrade.
Support for versions 0.9.8 and 1.0.0 ended on 31st December 2015. Those versions are no longer receiving security updates.
References
URL for this Security Advisory: https://www.openssl.org/news/secadv/20160301.txt
Note: the online version of the advisory may be updated with additional details over time.
For details of OpenSSL severity classifications please see: https://www.openssl.org/policies/secpolicy.html . Description:
Red Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. It is comprised of the Apache HTTP Server, the Apache Tomcat Servlet container, Apache Tomcat Connector(mod_jk), JBoss HTTP Connector (mod_cluster), Hibernate, and the Tomcat Native library. Relevant releases/architectures:
RHEL 7-based RHEV-H - noarch RHEV Hypervisor for RHEL-6 - noarch
- The Red Hat Enterprise Virtualization Hypervisor is a dedicated Kernel-based Virtual Machine (KVM) hypervisor.
Note: Red Hat Enterprise Virtualization Hypervisor is only available for the Intel 64 and AMD64 architectures with virtualization extensions. An attacker could create specially crafted DSA private keys that, when processed by an application compiled against OpenSSL, could cause the application to crash. (CVE-2016-0705)
An integer overflow flaw, leading to a NULL pointer dereference or a heap-based memory corruption, was found in the way some BIGNUM functions of OpenSSL were implemented. Applications that use these functions with large untrusted input could crash or, potentially, execute arbitrary code.
Changes to the rhev-hypervisor component:
-
Previously, a race between services during boot prevented network configuration from upgrading correctly. The risk for the race has now been reduced significantly to allow the upgrade of the network configuration to complete correctly. (BZ#1194068)
-
Previously, using the text user interface (TUI) to log in to the administrator account of Red Hat Enterprise Virtualization Hypervisor failed with a Python backtrace. This update makes the "six" module correctly importable under all circumstances, which ensures that logging in to Red Hat Enterprise Virtualization Hypervisor using TUI proceeds as expected. (BZ#1246836)
-
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
Note: the current version of the following document is available here: https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c05390893
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c05390893 Version: 1
HPESBHF03703 rev.1 - HPE Network Products including Comware v7 and VCX using OpenSSL, Remote Unauthorized Disclosure of Information
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible. The vulnerabilities could be remotely exploited resulting in disclosure of information.
References:
- CVE-2015-3197 - OpenSSL, Remote unauthorized disclosure of information
- CVE-2016-0701 - OpenSSL, Remote unauthorized disclosure of information
SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. Please refer to the RESOLUTION below for a list of updated products. Please refer to the RESOLUTION below for a list of updated products.
BACKGROUND
CVSS Base Metrics ================= Reference, CVSS V3 Score/Vector, CVSS V2 Score/Vector
CVE-2015-3197
5.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
4.3 (AV:N/AC:M/Au:N/C:P/I:N/A:N)
CVE-2016-0701
3.7 CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
2.6 (AV:N/AC:H/Au:N/C:P/I:N/A:N)
Information on CVSS is documented in
HPE Customer Notice HPSN-2008-002 here:
https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c01345499
RESOLUTION
HPE has made the following software updates to resolve the vulnerability in the Comware v7 and VCX products.
COMWARE 7 Products
- 12500 (Comware 7) - Version: R7377P01
- HP Network Products
- JC072B HP 12500 Main Processing Unit
- JC085A HP A12518 Switch Chassis
- JC086A HP A12508 Switch Chassis
- JC652A HP 12508 DC Switch Chassis
- JC653A HP 12518 DC Switch Chassis
- JC654A HP 12504 AC Switch Chassis
- JC655A HP 12504 DC Switch Chassis
- JF430A HP A12518 Switch Chassis
- JF430B HP 12518 Switch Chassis
- JF430C HP 12518 AC Switch Chassis
- JF431A HP A12508 Switch Chassis
- JF431B HP 12508 Switch Chassis
- JF431C HP 12508 AC Switch Chassis
- JG497A HP 12500 MPU w/Comware V7 OS
- JG782A HP FF 12508E AC Switch Chassis
- JG783A HP FF 12508E DC Switch Chassis
- JG784A HP FF 12518E AC Switch Chassis
- JG785A HP FF 12518E DC Switch Chassis
- JG802A HP FF 12500E MPU
- CVEs
- CVE-2015-3197
- CVE-2016-0701
- 10500 (Comware 7) - Version: R7183
- HP Network Products
- JC611A HP 10508-V Switch Chassis
- JC612A HP 10508 Switch Chassis
- JC613A HP 10504 Switch Chassis
- JC748A HP 10512 Switch Chassis
- JG608A HP FlexFabric 11908-V Switch Chassis
- JG609A HP FlexFabric 11900 Main Processing Unit
- JG820A HP 10504 TAA Switch Chassis
- JG821A HP 10508 TAA Switch Chassis
- JG822A HP 10508-V TAA Switch Chassis
- JG823A HP 10512 TAA Switch Chassis
- JG496A HP 10500 Type A MPU w/Comware v7 OS
- JH198A HP 10500 Type D Main Processing Unit with Comware v7 Operating System
- JH206A HP 10500 Type D TAA-compliant with Comware v7 Operating System Main Processing Unit
- CVEs
- CVE-2015-3197
- CVE-2016-0701
- 12900 (Comware 7) - Version: R1150
- HP Network Products
- JG619A HP FlexFabric 12910 Switch AC Chassis
- JG621A HP FlexFabric 12910 Main Processing Unit
- JG632A HP FlexFabric 12916 Switch AC Chassis
- JG634A HP FlexFabric 12916 Main Processing Unit
- JH104A HP FlexFabric 12900E Main Processing Unit
- JH114A HP FlexFabric 12910 TAA-compliant Main Processing Unit
- JH263A HP FlexFabric 12904E Main Processing Unit
- JH255A HP FlexFabric 12908E Switch Chassis
- JH262A HP FlexFabric 12904E Switch Chassis
- JH113A HP FlexFabric 12910 TAA-compliant Switch AC Chassis
- JH103A HP FlexFabric 12916E Switch Chassis
- CVEs
- CVE-2015-3197
- CVE-2016-0701
- 5900 (Comware 7) - Version: R2432P01
- HP Network Products
- JC772A HP 5900AF-48XG-4QSFP+ Switch
- JG296A HP 5920AF-24XG Switch
- JG336A HP 5900AF-48XGT-4QSFP+ Switch
- JG510A HP 5900AF-48G-4XG-2QSFP+ Switch
- JG554A HP 5900AF-48XG-4QSFP+ TAA Switch
- JG555A HP 5920AF-24XG TAA Switch
- JG838A HP FF 5900CP-48XG-4QSFP+ Switch
- JH036A HP FlexFabric 5900CP 48XG 4QSFP+ TAA-Compliant
- JH037A HP 5900AF 48XGT 4QSFP+ TAA-Compliant Switch
- JH038A HP 5900AF 48G 4XG 2QSFP+ TAA-Compliant
- CVEs
- CVE-2015-3197
- CVE-2016-0701
- MSR1000 (Comware 7) - Version: R0306P30
- HP Network Products
- JG875A HP MSR1002-4 AC Router
- JH060A HP MSR1003-8S AC Router
- CVEs
- CVE-2015-3197
- CVE-2016-0701
- MSR2000 (Comware 7) - Version: R0306P30
- HP Network Products
- JG411A HP MSR2003 AC Router
- JG734A HP MSR2004-24 AC Router
- JG735A HP MSR2004-48 Router
- JG866A HP MSR2003 TAA-compliant AC Router
- CVEs
- CVE-2015-3197
- CVE-2016-0701
- MSR3000 (Comware 7) - Version: R0306P30
- HP Network Products
- JG404A HP MSR3064 Router
- JG405A HP MSR3044 Router
- JG406A HP MSR3024 AC Router
- JG409A HP MSR3012 AC Router
- JG409B HPE MSR3012 AC Router
- JG861A HP MSR3024 TAA-compliant AC Router
- CVEs
- CVE-2015-3197
- CVE-2016-0701
- MSR4000 (Comware 7) - Version: R0306P30
- HP Network Products
- JG402A HP MSR4080 Router Chassis
- JG403A HP MSR4060 Router Chassis
- JG412A HP MSR4000 MPU-100 Main Processing Unit
- JG869A HP MSR4000 TAA-compliant MPU-100 Main Processing Unit
- CVEs
- CVE-2015-3197
- CVE-2016-0701
- MSR95X - Version: R0306P30
- HP Network Products
- JH296A HPE MSR954 1GbE SFP 2GbE-WAN 4GbE-LAN CWv7 Router
- JH297A HPE MSR954-W 1GbE SFP (WW) 2GbE-WAN 4GbE-LAN Wireless 802.11n CWv7 Router
- JH298A HPE MSR954-W 1GbE SFP LTE (AM) 2GbE-WAN 4GbE-LAN Wireless 802.11n CWv7 Router
- JH299A HPE MSR954-W 1GbE SFP LTE (WW) 2GbE-WAN 4GbE-LAN Wireless 802.11n CWv7 Router
- CVEs
- CVE-2015-3197
- CVE-2016-0701
- VSR (Comware 7) - Version: E0322P01
- HP Network Products
- JG810AAE HP VSR1001 Virtual Services Router 60 Day Evaluation Software
- JG811AAE HP VSR1001 Comware 7 Virtual Services Router
- JG812AAE HP VSR1004 Comware 7 Virtual Services Router
- JG813AAE HP VSR1008 Comware 7 Virtual Services Router
- CVEs
- CVE-2015-3197
- CVE-2016-0701
- 7900 (Comware 7) - Version: R2150
- HP Network Products
- JG682A HP FlexFabric 7904 Switch Chassis
- JG841A HP FlexFabric 7910 Switch Chassis
- JG842A HP FlexFabric 7910 7.2Tbps Fabric / Main Processing Unit
- JH001A HP FlexFabric 7910 2.4Tbps Fabric / Main Processing Unit
- JH122A HP FlexFabric 7904 TAA-compliant Switch Chassis
- JH123A HP FlexFabric 7910 TAA-compliant Switch Chassis
- JH124A HP FlexFabric 7910 7.2Tbps TAA-compliant Fabric/Main Processing Unit
- JH125A HP FlexFabric 7910 2.4Tbps TAA-compliant Fabric/Main Processing Unit
- CVEs
- CVE-2015-3197
- CVE-2016-0701
- 5130EI (Comware 7) - Version: R3113P02
- HP Network Products
- JG932A HP 5130-24G-4SFP+ EI Switch
- JG933A HP 5130-24G-SFP-4SFP+ EI Switch
- JG934A HP 5130-48G-4SFP+ EI Switch
- JG936A HP 5130-24G-PoE+-4SFP+ (370W) EI Switch
- JG937A HP 5130-48G-PoE+-4SFP+ (370W) EI Switch
- JG938A HP 5130-24G-2SFP+-2XGT EI Switch
- JG939A HP 5130-48G-2SFP+-2XGT EI Switch
- JG940A HP 5130-24G-PoE+-2SFP+-2XGT (370W) EI Switch
- JG941A HP 5130-48G-PoE+-2SFP+-2XGT (370W) EI Switch
- JG975A HP 5130-24G-4SFP+ EI Brazil Switch
- JG976A HP 5130-48G-4SFP+ EI Brazil Switch
- JG977A HP 5130-24G-PoE+-4SFP+ (370W) EI Brazil Switch
- JG978A HP 5130-48G-PoE+-4SFP+ (370W) EI Brazil Switch
- CVEs
- CVE-2015-3197
- CVE-2016-0701
- 6125XLG - Version: R2432P01
- HP Network Products
- 711307-B21 HP 6125XLG Blade Switch
- 737230-B21 HP 6125XLG Blade Switch with TAA
- CVEs
- CVE-2015-3197
- CVE-2016-0701
- 6127XLG - Version: R2432P01
- HP Network Products
- 787635-B21 HP 6127XLG Blade Switch Opt Kit
- 787635-B22 HP 6127XLG Blade Switch with TAA
- CVEs
- CVE-2015-3197
- CVE-2016-0701
- Moonshot - Version: R2432P01
- HP Network Products
- 786617-B21 - HP Moonshot-45Gc Switch Module
- 704654-B21 - HP Moonshot-45XGc Switch Module
- 786619-B21 - HP Moonshot-180XGc Switch Module
- CVEs
- CVE-2015-3197
- CVE-2016-0701
- 5700 (Comware 7) - Version: R2432P01
- HP Network Products
- JG894A HP FlexFabric 5700-48G-4XG-2QSFP+ Switch
- JG895A HP FlexFabric 5700-48G-4XG-2QSFP+ TAA-compliant Switch
- JG896A HP FlexFabric 5700-40XG-2QSFP+ Switch
- JG897A HP FlexFabric 5700-40XG-2QSFP+ TAA-compliant Switch
- JG898A HP FlexFabric 5700-32XGT-8XG-2QSFP+ Switch
- JG899A HP FlexFabric 5700-32XGT-8XG-2QSFP+ TAA-compliant Switch
- CVEs
- CVE-2015-3197
- CVE-2016-0701
- 5930 (Comware 7) - Version: R2432P01
- HP Network Products
- JG726A HP FlexFabric 5930 32QSFP+ Switch
- JG727A HP FlexFabric 5930 32QSFP+ TAA-compliant Switch
- JH178A HP FlexFabric 5930 2QSFP+ 2-slot Switch
- JH179A HP FlexFabric 5930 4-slot Switch
- JH187A HP FlexFabric 5930 2QSFP+ 2-slot TAA-compliant Switch
- JH188A HP FlexFabric 5930 4-slot TAA-compliant Switch
- CVEs
- CVE-2015-3197
- CVE-2016-0701
- 1950 (Comware 7) - Version: R3113P02
- HP Network Products
- JG960A HP 1950-24G-4XG Switch
- JG961A HP 1950-48G-2SFP+-2XGT Switch
- JG962A HP 1950-24G-2SFP+-2XGT-PoE+(370W) Switch
- JG963A HP 1950-48G-2SFP+-2XGT-PoE+(370W) Switch
- CVEs
- CVE-2015-3197
- CVE-2016-0701
- 7500 (Comware 7) - Version: R7183
- HP Network Products
- JD238C HP 7510 Switch Chassis
- JD239C HP 7506 Switch Chassis
- JD240C HP 7503 Switch Chassis
- JD242C HP 7502 Switch Chassis
- JH207A HP 7500 1.2Tbps Fabric with 2-port 40GbE QSFP+ for IRF-Only Main Processing Unit
- JH208A HP 7502 Main Processing Unit
- JH209A HP 7500 2.4Tbps Fabric with 8-port 1/10GbE SFP+ and 2-port 40GbE QSFP+ Main Processing Unit
- CVEs
- CVE-2015-3197
- CVE-2016-0701
- 5130HI - Version: R1120P07
- HP Network Products
- JH323A HPE 5130 24G 4SFP+ 1-slot HI Switch
- JH324A HPE 5130 48G 4SFP+ 1-slot HI Switch
- JH325A HPE 5130 24G PoE+ 4SFP+ 1-slot HI Switch
- JH326A HPE 5130 48G PoE+ 4SFP+ 1-slot HI Switch
- CVEs
- CVE-2015-3197
- CVE-2016-0701
- 5510HI - Version: R1120P07
- HP Network Products
- JH145A HPE 5510 24G 4SFP+ HI 1-slot Switch
- JH146A HPE 5510 48G 4SFP+ HI 1-slot Switch
- JH147A HPE 5510 24G PoE+ 4SFP+ HI 1-slot Switch
- JH148A HPE 5510 48G PoE+ 4SFP+ HI 1-slot Switch
- JH149A HPE 5510 24G SFP 4SFP+ HI 1-slot Switch
- CVEs
- CVE-2015-3197
- CVE-2016-0701
- VCX - Version: 9.8.19
- HP Network Products
- J9672A HP VCX V7205 Platform w/ DL360 G7 Srvr
- J9668A HP VCX IPC V7005 Pltfrm w/ DL120 G6 Srvr
- JC517A HP VCX V7205 Platform w/DL 360 G6 Server
- JE355A HP VCX V6000 Branch Platform 9.0
- JC516A HP VCX V7005 Platform w/DL 120 G6 Server
- JC518A HP VCX Connect 200 Primry 120 G6 Server
- J9669A HP VCX IPC V7310 Pltfrm w/ DL360 G7 Srvr
- JE341A HP VCX Connect 100 Secondary
- JE252A HP VCX Connect Primary MIM Module
- JE253A HP VCX Connect Secondary MIM Module
- JE254A HP VCX Branch MIM Module
- JE355A HP VCX V6000 Branch Platform 9.0
- JD028A HP MS30-40 RTR w/VCX + T1/FXO/FXS/Mod
- JD023A HP MSR30-40 Router with VCX MIM Module
- JD024A HP MSR30-16 RTR w/VCX Ent Br Com MIM
- JD025A HP MSR30-16 RTR w/VCX + 4FXO/2FXS Mod
- JD026A HP MSR30-16 RTR w/VCX + 8FXO/4FXS Mod
- JD027A HP MSR30-16 RTR w/VCX + 8BRI/4FXS Mod
- JD029A HP MSR30-16 RTR w/VCX + E1/4BRI/4FXS
- JE340A HP VCX Connect 100 Pri Server 9.0
- JE342A HP VCX Connect 100 Sec Server 9.0
- CVEs
- CVE-2015-3197
Note: Please contact HPE Technical Support if any assistance is needed acquiring the software updates.
HISTORY Version:1 (rev.1) - 14 February 2017 Initial release
Third Party Security Patches: Third party security patches that are to be installed on systems running Hewlett Packard Enterprise (HPE) software products should be applied in accordance with the customer's patch management policy.
Support: For issues about implementing the recommendations of this Security Bulletin, contact normal HPE Services support channel. For other issues about the content of this Security Bulletin, send e-mail to security-alert@hpe.com.
Report: To report a potential security vulnerability for any HPE supported product: Web form: https://www.hpe.com/info/report-security-vulnerability Email: security-alert@hpe.com
Subscribe: To initiate a subscription to receive future HPE Security Bulletin alerts via Email: http://www.hpe.com/support/Subscriber_Choice
Security Bulletin Archive: A list of recently released Security Bulletins is available here: http://www.hpe.com/support/Security_Bulletin_Archive
Software Product Category: The Software Product Category is represented in the title by the two characters following HPSB.
3C = 3COM 3P = 3rd Party Software GN = HPE General Software HF = HPE Hardware and Firmware MU = Multi-Platform Software NS = NonStop Servers OV = OpenVMS PV = ProCurve ST = Storage Software UX = HP-UX
Copyright 2016 Hewlett Packard Enterprise
Hewlett Packard Enterprise shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett Packard Enterprise and the names of Hewlett Packard Enterprise products referenced herein are trademarks of Hewlett Packard Enterprise in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. 5.9 server) - i386, ia64, x86_64
-
Gentoo Linux Security Advisory GLSA 201601-05
https://security.gentoo.org/
Severity: Normal Title: OpenSSL: Multiple vulnerabilities Date: January 29, 2016 Bugs: #572854 ID: 201601-05
Synopsis
Multiple vulnerabilities have been found in OpenSSL, allowing remote attackers to disclose sensitive information and complete weak handshakes.
Affected packages
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 dev-libs/openssl < 1.0.2f >= 1.0.2f
Description
Multiple vulnerabilities have been discovered in OpenSSL. Please review the upstream advisory and CVE identifiers referenced below for details.
Impact
A remote attacker could disclose a server's private DH exponent, or complete SSLv2 handshakes using ciphers that have been disabled on the server.
Workaround
There is no known workaround at this time.
Resolution
All OpenSSL users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=dev-libs/openssl-1.0.2f"
References
[ 1 ] CVE-2015-3197 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-3197 [ 2 ] CVE-2016-0701 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0701 [ 3 ] OpenSSL Security Advisory [28th Jan 2016] http://openssl.org/news/secadv/20160128.txt
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
https://security.gentoo.org/glsa/201601-05
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2016 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
===================================================================== Red Hat Security Advisory
Synopsis: Important: openssl security update Advisory ID: RHSA-2016:0303-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2016-0303.html Issue date: 2016-03-01 CVE Names: CVE-2015-0293 CVE-2015-3197 CVE-2016-0703 CVE-2016-0704 CVE-2016-0800 =====================================================================
- Summary:
Updated openssl packages that fix multiple security issues are now available for Red Hat Enterprise Linux 6.2, 6.4, and 6.5 Advanced Update Support.
Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.
- Relevant releases/architectures:
Red Hat Enterprise Linux Server AUS (v. 6.2) - x86_64 Red Hat Enterprise Linux Server AUS (v. 6.4) - x86_64 Red Hat Enterprise Linux Server AUS (v. 6.5) - x86_64 Red Hat Enterprise Linux Server Optional AUS (v. 6.2) - x86_64 Red Hat Enterprise Linux Server Optional AUS (v. 6.4) - x86_64 Red Hat Enterprise Linux Server Optional AUS (v. 6.5) - x86_64
- Description:
OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols, as well as a full-strength, general purpose cryptography library.
A padding oracle flaw was found in the Secure Sockets Layer version 2.0 (SSLv2) protocol. An attacker can potentially use this flaw to decrypt RSA-encrypted cipher text from a connection using a newer SSL/TLS protocol version, allowing them to decrypt such connections. For more information, refer to the knowledge base article linked to in the References section.
It was discovered that the SSLv2 servers using OpenSSL accepted SSLv2 connection handshakes that indicated non-zero clear key length for non-export cipher suites. An attacker could use a SSLv2 server using OpenSSL as a Bleichenbacher oracle.
A denial of service flaw was found in the way OpenSSL handled SSLv2 handshake messages. This could result in weak SSLv2 ciphers being used for SSLv2 connections, making them vulnerable to man-in-the-middle attacks. (CVE-2015-3197)
Red Hat would like to thank the OpenSSL project for reporting these issues. Upstream acknowledges Nimrod Aviram and Sebastian Schinzel as the original reporters of CVE-2016-0800 and CVE-2015-3197; David Adrian (University of Michigan) and J. Alex Halderman (University of Michigan) as the original reporters of CVE-2016-0703 and CVE-2016-0704; and Sean Burford (Google) and Emilia Käsper (OpenSSL development team) as the original reporters of CVE-2015-0293.
All openssl users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. For the update to take effect, all services linked to the OpenSSL library must be restarted, or the system rebooted.
- Solution:
Before applying this update, make sure all previously released errata relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
- Bugs fixed (https://bugzilla.redhat.com/):
1202404 - CVE-2015-0293 openssl: assertion failure in SSLv2 servers 1301846 - CVE-2015-3197 OpenSSL: SSLv2 doesn't block disabled ciphers 1310593 - CVE-2016-0800 SSL/TLS: Cross-protocol attack on TLS using SSLv2 (DROWN) 1310811 - CVE-2016-0703 openssl: Divide-and-conquer session key recovery in SSLv2 1310814 - CVE-2016-0704 openssl: SSLv2 Bleichenbacher protection overwrites wrong bytes for export ciphers
- Package List:
Red Hat Enterprise Linux Server AUS (v. 6.2):
Source: openssl-1.0.0-20.el6_2.8.src.rpm
x86_64: openssl-1.0.0-20.el6_2.8.i686.rpm openssl-1.0.0-20.el6_2.8.x86_64.rpm openssl-debuginfo-1.0.0-20.el6_2.8.i686.rpm openssl-debuginfo-1.0.0-20.el6_2.8.x86_64.rpm openssl-devel-1.0.0-20.el6_2.8.i686.rpm openssl-devel-1.0.0-20.el6_2.8.x86_64.rpm
Red Hat Enterprise Linux Server AUS (v. 6.4):
Source: openssl-1.0.0-27.el6_4.5.src.rpm
x86_64: openssl-1.0.0-27.el6_4.5.i686.rpm openssl-1.0.0-27.el6_4.5.x86_64.rpm openssl-debuginfo-1.0.0-27.el6_4.5.i686.rpm openssl-debuginfo-1.0.0-27.el6_4.5.x86_64.rpm openssl-devel-1.0.0-27.el6_4.5.i686.rpm openssl-devel-1.0.0-27.el6_4.5.x86_64.rpm
Red Hat Enterprise Linux Server AUS (v. 6.5):
Source: openssl-1.0.1e-16.el6_5.16.src.rpm
x86_64: openssl-1.0.1e-16.el6_5.16.i686.rpm openssl-1.0.1e-16.el6_5.16.x86_64.rpm openssl-debuginfo-1.0.1e-16.el6_5.16.i686.rpm openssl-debuginfo-1.0.1e-16.el6_5.16.x86_64.rpm openssl-devel-1.0.1e-16.el6_5.16.i686.rpm openssl-devel-1.0.1e-16.el6_5.16.x86_64.rpm
Red Hat Enterprise Linux Server Optional AUS (v. 6.2):
Source: openssl-1.0.0-20.el6_2.8.src.rpm
x86_64: openssl-debuginfo-1.0.0-20.el6_2.8.x86_64.rpm openssl-perl-1.0.0-20.el6_2.8.x86_64.rpm openssl-static-1.0.0-20.el6_2.8.x86_64.rpm
Red Hat Enterprise Linux Server Optional AUS (v. 6.4):
Source: openssl-1.0.0-27.el6_4.5.src.rpm
x86_64: openssl-debuginfo-1.0.0-27.el6_4.5.x86_64.rpm openssl-perl-1.0.0-27.el6_4.5.x86_64.rpm openssl-static-1.0.0-27.el6_4.5.x86_64.rpm
Red Hat Enterprise Linux Server Optional AUS (v. 6.5):
Source: openssl-1.0.1e-16.el6_5.16.src.rpm
x86_64: openssl-debuginfo-1.0.1e-16.el6_5.16.x86_64.rpm openssl-perl-1.0.1e-16.el6_5.16.x86_64.rpm openssl-static-1.0.1e-16.el6_5.16.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/
- References:
https://access.redhat.com/security/cve/CVE-2015-0293 https://access.redhat.com/security/cve/CVE-2015-3197 https://access.redhat.com/security/cve/CVE-2016-0703 https://access.redhat.com/security/cve/CVE-2016-0704 https://access.redhat.com/security/cve/CVE-2016-0800 https://access.redhat.com/security/updates/classification/#important https://access.redhat.com/articles/2176731 https://drownattack.com/ https://openssl.org/news/secadv/20160128.txt https://openssl.org/news/secadv/20160301.txt
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2016 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iD8DBQFW1cFVXlSAg2UNWIIRAiHFAKCv4By3YintGgRYJJyhA7n3FrUn1wCfZHLr V2xviZUG2H9rWZyjayig0oY= =rw6Q -----END PGP SIGNATURE-----
-- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce
Show details on source website{
"affected_products": {
"_id": null,
"data": [
{
"_id": null,
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "oss support tools",
"scope": "eq",
"trust": 1.6,
"vendor": "oracle",
"version": "8.11.16.3.8"
},
{
"_id": null,
"model": "vm virtualbox",
"scope": "eq",
"trust": 1.6,
"vendor": "oracle",
"version": "5.0.16"
},
{
"_id": null,
"model": "peoplesoft enterprise peopletools",
"scope": "eq",
"trust": 1.3,
"vendor": "oracle",
"version": "8.53"
},
{
"_id": null,
"model": "exalogic infrastructure",
"scope": "eq",
"trust": 1.3,
"vendor": "oracle",
"version": "2.0"
},
{
"_id": null,
"model": "peoplesoft enterprise peopletools",
"scope": "eq",
"trust": 1.3,
"vendor": "oracle",
"version": "8.54"
},
{
"_id": null,
"model": "exalogic infrastructure",
"scope": "eq",
"trust": 1.3,
"vendor": "oracle",
"version": "1.0"
},
{
"_id": null,
"model": "peoplesoft enterprise peopletools",
"scope": "eq",
"trust": 1.3,
"vendor": "oracle",
"version": "8.55"
},
{
"_id": null,
"model": "tuxedo",
"scope": "eq",
"trust": 1.3,
"vendor": "oracle",
"version": "12.1.1.0"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1p"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1f"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1l"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1d"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1h"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1c"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1j"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.2a"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.2d"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1o"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1e"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1g"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.2"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.2b"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.2c"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1q"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1a"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.2e"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1i"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1k"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1n"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1b"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1m"
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ecsystems nl",
"version": null
},
{
"_id": null,
"model": "communications network charging and control",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.0.0.2.0"
},
{
"_id": null,
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.2.0.3"
},
{
"_id": null,
"model": "cloud manager with openstack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2"
},
{
"_id": null,
"model": "wireless ap",
"scope": "ne",
"trust": 0.3,
"vendor": "extremenetworks",
"version": "396510.11.1"
},
{
"_id": null,
"model": "power hmc",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.3.0.0"
},
{
"_id": null,
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.2.0.2"
},
{
"_id": null,
"model": "registered envelope service",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "10.2-release-p8",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "wireless ap",
"scope": "eq",
"trust": 0.3,
"vendor": "extremenetworks",
"version": "382510.1.1"
},
{
"_id": null,
"model": "cloud manager with openstack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1.0.3"
},
{
"_id": null,
"model": "proactive network operations center",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.9"
},
{
"_id": null,
"model": "enterprise virtualization",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"_id": null,
"model": "project openssl 1.0.1e",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.10"
},
{
"_id": null,
"model": "business process manager standard",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.5"
},
{
"_id": null,
"model": "primavera p6 enterprise project portfolio management",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "15.1"
},
{
"_id": null,
"model": "cognos insight fp if",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "10.216"
},
{
"_id": null,
"model": "project openssl 1.0.1a",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "pureapplication system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1"
},
{
"_id": null,
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.5.1.6"
},
{
"_id": null,
"model": "computer telephony integration object server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.5.1.131"
},
{
"_id": null,
"model": "cloud manager with openstack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1"
},
{
"_id": null,
"model": "powerkvm",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1"
},
{
"_id": null,
"model": "power hmc",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.4.0.0"
},
{
"_id": null,
"model": "10.1-release-p26",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "cloud manager with openstack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2.0.2"
},
{
"_id": null,
"model": "unified contact center enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.0.11"
},
{
"_id": null,
"model": "cognos insight fp",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2.26"
},
{
"_id": null,
"model": "10.1-release-p5",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "10.0"
},
{
"_id": null,
"model": "watson explorer foundational components",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0.0.6"
},
{
"_id": null,
"model": "real-time compression appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1.2"
},
{
"_id": null,
"model": "cloud manager with openstack interim fix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2.0.3"
},
{
"_id": null,
"model": "business process manager express",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.6"
},
{
"_id": null,
"model": "prime license manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "cloud manager with openstack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1.0.2"
},
{
"_id": null,
"model": "9.3-release-p22",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "10.1-release-p28",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "email gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.6.2"
},
{
"_id": null,
"model": "flex system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.4.0"
},
{
"_id": null,
"model": "ons series multiservice provisioning platforms",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154540"
},
{
"_id": null,
"model": "solaris",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10"
},
{
"_id": null,
"model": "cloud manager with openstack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1.0.1"
},
{
"_id": null,
"model": "image construction and composition tool",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.3.1.0"
},
{
"_id": null,
"model": "asa next-generation firewall services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "9.3-release-p10",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.3-release-p1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "opensuse evergreen",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11.4"
},
{
"_id": null,
"model": "infosphere master data management standard/advanced edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "11.5"
},
{
"_id": null,
"model": "mq light client module for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.2014091001"
},
{
"_id": null,
"model": "powerkvm build",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1.157"
},
{
"_id": null,
"model": "tivoli provisioning manager for os deployment build",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1.1051.07"
},
{
"_id": null,
"model": "security identity manager virtual appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.3"
},
{
"_id": null,
"model": "nexus",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "70000"
},
{
"_id": null,
"model": "unified series ip phones",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "78000"
},
{
"_id": null,
"model": "project openssl 1.0.1g",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "primavera p6 enterprise project portfolio management",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "8.3"
},
{
"_id": null,
"model": "cloud manager with openstack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3.0.4"
},
{
"_id": null,
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.5"
},
{
"_id": null,
"model": "cloud manager with openstack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3.0.1"
},
{
"_id": null,
"model": "10.1-release-p17",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "cloud manager with openstack interim fix",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1.0.5"
},
{
"_id": null,
"model": "project openssl 1.0.1i",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "cloud manager with openstack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1.0.4.2"
},
{
"_id": null,
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.0"
},
{
"_id": null,
"model": "wireless ap",
"scope": "ne",
"trust": 0.3,
"vendor": "extremenetworks",
"version": "386510.1.4"
},
{
"_id": null,
"model": "security identity manager virtual appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.2"
},
{
"_id": null,
"model": "unified attendant console advanced",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "tivoli provisioning manager for os deployment",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1"
},
{
"_id": null,
"model": "10.2-release-p9",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "10.1-release-p27",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "telepresence tx series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "90000"
},
{
"_id": null,
"model": "telepresence system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "10000"
},
{
"_id": null,
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2"
},
{
"_id": null,
"model": "mq light client module for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.2014090800"
},
{
"_id": null,
"model": "10.2-release-p6",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "cloud manager with openstack interix fix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2.0.3"
},
{
"_id": null,
"model": "unified attendant console premium edition",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "real-time compression appliance",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1.2.17"
},
{
"_id": null,
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.0.7"
},
{
"_id": null,
"model": "mediasense",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "prime optical for sps",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "pureapplication system",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.1"
},
{
"_id": null,
"model": "wireless ap",
"scope": "ne",
"trust": 0.3,
"vendor": "extremenetworks",
"version": "380110.1.4"
},
{
"_id": null,
"model": "cognos tm1 interim fix",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "10.1.1.2"
},
{
"_id": null,
"model": "initiate master data service",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.5"
},
{
"_id": null,
"model": "wireless ap",
"scope": "eq",
"trust": 0.3,
"vendor": "extremenetworks",
"version": "396510.1.1"
},
{
"_id": null,
"model": "vm server for",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "x863.3"
},
{
"_id": null,
"model": "power hmc",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.3.0.0"
},
{
"_id": null,
"model": "flex system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.2"
},
{
"_id": null,
"model": "flex system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.1"
},
{
"_id": null,
"model": "business process manager express",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.5"
},
{
"_id": null,
"model": "cognos insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2.1"
},
{
"_id": null,
"model": "flex system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.0.1"
},
{
"_id": null,
"model": "tivoli provisioning manager for images",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.19"
},
{
"_id": null,
"model": "anyres live",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.0.3"
},
{
"_id": null,
"model": "initiate master data service",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.1"
},
{
"_id": null,
"model": "unified attendant console business edition",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "9.3-release-p36",
"scope": "ne",
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "cloud manager with openstack interim fix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1.0.5"
},
{
"_id": null,
"model": "powerkvm sp3",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1.1"
},
{
"_id": null,
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.0.14"
},
{
"_id": null,
"model": "wireless ap",
"scope": "eq",
"trust": 0.3,
"vendor": "extremenetworks",
"version": "380510.1.1"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.2"
},
{
"_id": null,
"model": "enterprise manager ops center",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "12.1.4"
},
{
"_id": null,
"model": "powerkvm",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1"
},
{
"_id": null,
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.0.3"
},
{
"_id": null,
"model": "mds series multilayer switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "90000"
},
{
"_id": null,
"model": "videoscape control suite foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.11"
},
{
"_id": null,
"model": "cognos insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2"
},
{
"_id": null,
"model": "proventia network enterprise scanner",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.3"
},
{
"_id": null,
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.1"
},
{
"_id": null,
"model": "prime collaboration deployment",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "cloud manager with openstack interim fix1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3.0.6"
},
{
"_id": null,
"model": "9.3-release-p35",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "10.2-release-p10",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.0.19"
},
{
"_id": null,
"model": "rational developer for i",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.5.0.1"
},
{
"_id": null,
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0"
},
{
"_id": null,
"model": "unified computing system b-series servers",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "rational developer for i",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.1"
},
{
"_id": null,
"model": "infosphere master data management provider hub",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.0"
},
{
"_id": null,
"model": "watson explorer foundational components",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.0.0.2"
},
{
"_id": null,
"model": "initiate master data service",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.7"
},
{
"_id": null,
"model": "sdk for node.js",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.0.20"
},
{
"_id": null,
"model": "telepresence server on multiparty media",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3200"
},
{
"_id": null,
"model": "9.3-release-p2",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.3-stable",
"scope": "ne",
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "10.1-release-p1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "rational application developer for websphere software",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1"
},
{
"_id": null,
"model": "cloud manager with openstack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1.0.4"
},
{
"_id": null,
"model": "10.1-release-p9",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "linux x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "14.1"
},
{
"_id": null,
"model": "project openssl 1.0.1c",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "smartcloud entry appliance fixpac",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1"
},
{
"_id": null,
"model": "pureapplication system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0"
},
{
"_id": null,
"model": "wireless ap",
"scope": "ne",
"trust": 0.3,
"vendor": "extremenetworks",
"version": "382510.11.1"
},
{
"_id": null,
"model": "wireless ap",
"scope": "eq",
"trust": 0.3,
"vendor": "extremenetworks",
"version": "386510.1.1"
},
{
"_id": null,
"model": "project openssl 1.0.1f",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "datapower gateways",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.13"
},
{
"_id": null,
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.0.15"
},
{
"_id": null,
"model": "project openssl 1.0.2a",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "telepresence system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "13000"
},
{
"_id": null,
"model": "tivoli provisioning manager for images",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.0"
},
{
"_id": null,
"model": "netezza diagnostics tools",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3.1.2"
},
{
"_id": null,
"model": "wireless ap",
"scope": "eq",
"trust": 0.3,
"vendor": "extremenetworks",
"version": "371510.1.1"
},
{
"_id": null,
"model": "powerkvm build",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.12"
},
{
"_id": null,
"model": "cloud manager with openstack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3.0.2"
},
{
"_id": null,
"model": "initiate master data service",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.0"
},
{
"_id": null,
"model": "9.3-release-p3",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "telepresence system series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "30000"
},
{
"_id": null,
"model": "business process manager standard",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.7"
},
{
"_id": null,
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.0.1"
},
{
"_id": null,
"model": "cloud manager with openstack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3.0.3"
},
{
"_id": null,
"model": "cognos tm1 fix pack",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2.26"
},
{
"_id": null,
"model": "sdk for node.js",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "1.2.0.10"
},
{
"_id": null,
"model": "tivoli provisioning manager for os deployment",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.19"
},
{
"_id": null,
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0.2"
},
{
"_id": null,
"model": "cognos tm1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.1.0"
},
{
"_id": null,
"model": "project openssl 1.0.2d",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "intrusion prevention system solutions",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "email gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.6.3.2"
},
{
"_id": null,
"model": "rational developer for aix and linux",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.1"
},
{
"_id": null,
"model": "cloud manager with openstack interim fix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3.0.4"
},
{
"_id": null,
"model": "tivoli provisioning manager for images build",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.20280.6"
},
{
"_id": null,
"model": "9.3-release-p25",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.0"
},
{
"_id": null,
"model": "unified attendant console department edition",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "primavera p6 enterprise project portfolio management",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "8.4"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "14.1"
},
{
"_id": null,
"model": "cognos tm1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2.2"
},
{
"_id": null,
"model": "nexus",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "60000"
},
{
"_id": null,
"model": "wireless ap",
"scope": "eq",
"trust": 0.3,
"vendor": "extremenetworks",
"version": "380110.1.1"
},
{
"_id": null,
"model": "primavera p6 enterprise project portfolio management",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "15.2"
},
{
"_id": null,
"model": "datapower gateways",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.10"
},
{
"_id": null,
"model": "email gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.6.1"
},
{
"_id": null,
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.2"
},
{
"_id": null,
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1"
},
{
"_id": null,
"model": "cloupia unified infrastructure controller",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "enterprise session border controller ecz7.3m2p2",
"scope": null,
"trust": 0.3,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "flex system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.20"
},
{
"_id": null,
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.12"
},
{
"_id": null,
"model": "smartcloud entry",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1"
},
{
"_id": null,
"model": "project openssl 1.0.1n",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "infosphere master data management standard/advanced edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "11.0"
},
{
"_id": null,
"model": "project openssl 1.0.1o",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "linux x86 64 -current",
"scope": null,
"trust": 0.3,
"vendor": "slackware",
"version": null
},
{
"_id": null,
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "10.1"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "14.0"
},
{
"_id": null,
"model": "power hmc",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.9.0.0"
},
{
"_id": null,
"model": "project openssl 1.0.2e",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "project openssl 1.0.1q",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "9.3"
},
{
"_id": null,
"model": "wireless ap",
"scope": "ne",
"trust": 0.3,
"vendor": "extremenetworks",
"version": "371510.1.4"
},
{
"_id": null,
"model": "wireless ap",
"scope": "ne",
"trust": 0.3,
"vendor": "extremenetworks",
"version": "380110.11.1"
},
{
"_id": null,
"model": "communications network charging and control",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.0.2.0.0"
},
{
"_id": null,
"model": "infosphere data explorer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.2"
},
{
"_id": null,
"model": "pureapplication system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.0.0"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5"
},
{
"_id": null,
"model": "agent desktop",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.2.0.9"
},
{
"_id": null,
"model": "email gateway",
"scope": "ne",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.6.404"
},
{
"_id": null,
"model": "wireless ap",
"scope": "ne",
"trust": 0.3,
"vendor": "extremenetworks",
"version": "393510.11.1"
},
{
"_id": null,
"model": "9.3-release-p21",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.3-release-p24",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "webex messenger service",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.6"
},
{
"_id": null,
"model": "10.1-release-p19",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "cisco directors and switches with nx-os",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0"
},
{
"_id": null,
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3"
},
{
"_id": null,
"model": "enterprise linux server aus",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6.4"
},
{
"_id": null,
"model": "smartcloud entry appliance fixpac",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.2"
},
{
"_id": null,
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.0.5"
},
{
"_id": null,
"model": "10.1-release-p29",
"scope": "ne",
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.3-release-p13",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "cloud manager with openstack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3"
},
{
"_id": null,
"model": "nx-os nexus",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "90000"
},
{
"_id": null,
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.9"
},
{
"_id": null,
"model": "powerkvm build",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1.165.6"
},
{
"_id": null,
"model": "mobility services engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "unified ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "89450"
},
{
"_id": null,
"model": "initiate master data service provider hub",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.5"
},
{
"_id": null,
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.0.10"
},
{
"_id": null,
"model": "smartcloud entry appliance fix pack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.11"
},
{
"_id": null,
"model": "netezza diagnostics tools",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3.1.1"
},
{
"_id": null,
"model": "wireless ap",
"scope": "ne",
"trust": 0.3,
"vendor": "extremenetworks",
"version": "382510.1.4"
},
{
"_id": null,
"model": "infosphere master data management standard/advanced edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "11.3"
},
{
"_id": null,
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.1"
},
{
"_id": null,
"model": "email security appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "primavera p6 enterprise project portfolio management",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "16.1"
},
{
"_id": null,
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.2.0.8"
},
{
"_id": null,
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.0.13"
},
{
"_id": null,
"model": "10.2-release-p11",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.0.6"
},
{
"_id": null,
"model": "business process manager express",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.7"
},
{
"_id": null,
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.5"
},
{
"_id": null,
"model": "mq light client module for node.js 1.0.2014091000-red",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "power hmc",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.2.0.0"
},
{
"_id": null,
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.0"
},
{
"_id": null,
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.0.18"
},
{
"_id": null,
"model": "9.3-release-p33",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.8"
},
{
"_id": null,
"model": "enterprise linux server aus",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6.2"
},
{
"_id": null,
"model": "jabber for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "10.2"
},
{
"_id": null,
"model": "smartcloud entry appliance fix pack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.21"
},
{
"_id": null,
"model": "cloud manager with openstack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2.0.3"
},
{
"_id": null,
"model": "ethernet switch 40g 10g",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "642.0"
},
{
"_id": null,
"model": "telepresence video communication server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6"
},
{
"_id": null,
"model": "telepresence system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "11000"
},
{
"_id": null,
"model": "centos",
"scope": "eq",
"trust": 0.3,
"vendor": "centos",
"version": "7"
},
{
"_id": null,
"model": "10.1-release-p25",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "wireless ap",
"scope": "eq",
"trust": 0.3,
"vendor": "extremenetworks",
"version": "393510.1.1"
},
{
"_id": null,
"model": "flex system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1"
},
{
"_id": null,
"model": "ethernet switch 40g 10g",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "722.0"
},
{
"_id": null,
"model": "datapower gateways",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.0.6"
},
{
"_id": null,
"model": "rational developer for i",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1"
},
{
"_id": null,
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.0.9"
},
{
"_id": null,
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.7"
},
{
"_id": null,
"model": "security guardium",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.0"
},
{
"_id": null,
"model": "tivoli provisioning manager for os deployment",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1.0.2"
},
{
"_id": null,
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.0.0"
},
{
"_id": null,
"model": "email gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.6.4"
},
{
"_id": null,
"model": "cloud manager with openstack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3.0.6"
},
{
"_id": null,
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.0.13"
},
{
"_id": null,
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.0.4"
},
{
"_id": null,
"model": "wireless ap",
"scope": "ne",
"trust": 0.3,
"vendor": "extremenetworks",
"version": "380510.1.4"
},
{
"_id": null,
"model": "project openssl 1.0.1m",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "13.1"
},
{
"_id": null,
"model": "expressway series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "project openssl 1.0.2g",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "cisco directors and switches with nx-os",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0"
},
{
"_id": null,
"model": "email gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.6.3.1"
},
{
"_id": null,
"model": "project openssl 1.0.2f",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.5"
},
{
"_id": null,
"model": "10.1-release-p6",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "enterprise linux server aus",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6.5"
},
{
"_id": null,
"model": "security identity manager virtual appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.1.0"
},
{
"_id": null,
"model": "initiate master data service provider hub",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.7"
},
{
"_id": null,
"model": "edge digital media player",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3000"
},
{
"_id": null,
"model": "enterprise manager ops center",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "12.2.2"
},
{
"_id": null,
"model": "smartcloud entry",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.2"
},
{
"_id": null,
"model": "linux enterprise server sp4 ltss",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"_id": null,
"model": "nexus",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3x000"
},
{
"_id": null,
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.0.5"
},
{
"_id": null,
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0.1"
},
{
"_id": null,
"model": "nx-os nexus",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "50000"
},
{
"_id": null,
"model": "linux x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "14.0"
},
{
"_id": null,
"model": "wireless ap",
"scope": "ne",
"trust": 0.3,
"vendor": "extremenetworks",
"version": "396510.1.4"
},
{
"_id": null,
"model": "project openssl 1.0.1j",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "solaris sru",
"scope": "ne",
"trust": 0.3,
"vendor": "oracle",
"version": "11.36.5"
},
{
"_id": null,
"model": "oss support tools oracle explorer",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2"
},
{
"_id": null,
"model": "unified attendant console standard",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "rational developer for i",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.5.0.2"
},
{
"_id": null,
"model": "project openssl 1.0.1d",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "wireless ap",
"scope": "ne",
"trust": 0.3,
"vendor": "extremenetworks",
"version": "380510.11.1"
},
{
"_id": null,
"model": "security identity governance and intelligence",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.1"
},
{
"_id": null,
"model": "telepresence server on multiparty media",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3100"
},
{
"_id": null,
"model": "9.3-release-p31",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "cloud manager with openstack interim fix1",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3.0.6"
},
{
"_id": null,
"model": "smartcloud entry appliance fixpac",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "3.2"
},
{
"_id": null,
"model": "prime performance manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "rational developer for aix and linux",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1"
},
{
"_id": null,
"model": "prime collaboration provisioning",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "centos",
"scope": "eq",
"trust": 0.3,
"vendor": "centos",
"version": "5"
},
{
"_id": null,
"model": "tivoli provisioning manager for os deployment build",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.20280.6"
},
{
"_id": null,
"model": "sun network 10ge switch 72p",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.2"
},
{
"_id": null,
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.0.12"
},
{
"_id": null,
"model": "vm server for",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "x863.4"
},
{
"_id": null,
"model": "project openssl 1.0.1r",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "cisco directors and switches with nx-os",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0"
},
{
"_id": null,
"model": "power hmc",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.1.0.0"
},
{
"_id": null,
"model": "telepresence server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "87107010"
},
{
"_id": null,
"model": "powerkvm build",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.13"
},
{
"_id": null,
"model": "tivoli netcool reporter",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2"
},
{
"_id": null,
"model": "rational developer for i",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.5"
},
{
"_id": null,
"model": "rational developer for i",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.1.1"
},
{
"_id": null,
"model": "telepresence server on virtual machine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "cognos tm1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2"
},
{
"_id": null,
"model": "cloud manager with openstack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1.0.5"
},
{
"_id": null,
"model": "10.2-release-p12",
"scope": "ne",
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "rational application developer for websphere software",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.5"
},
{
"_id": null,
"model": "switch es1-24",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.3"
},
{
"_id": null,
"model": "infosphere data explorer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.2-4"
},
{
"_id": null,
"model": "unified communications manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "tivoli provisioning manager for os deployment",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1.3"
},
{
"_id": null,
"model": "powerkvm build",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1.165.4"
},
{
"_id": null,
"model": "communications network charging and control",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.0.1.0.0"
},
{
"_id": null,
"model": "10.2-stable",
"scope": "ne",
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.0.14"
},
{
"_id": null,
"model": "email gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.6.3"
},
{
"_id": null,
"model": "9.3-release-p5",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.2.0.4"
},
{
"_id": null,
"model": "unified intelligent contact management enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "security identity manager virtual appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.1"
},
{
"_id": null,
"model": "project openssl 1.0.1k",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.3"
},
{
"_id": null,
"model": "rational developer for aix and linux",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.1.2"
},
{
"_id": null,
"model": "telepresence",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "13100"
},
{
"_id": null,
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.0.2"
},
{
"_id": null,
"model": "linux -current",
"scope": null,
"trust": 0.3,
"vendor": "slackware",
"version": null
},
{
"_id": null,
"model": "project openssl 1.0.1b",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "pureapplication system",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1.2.2"
},
{
"_id": null,
"model": "watson explorer foundational components",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.0.0.0"
},
{
"_id": null,
"model": "powerkvm build",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1.165.1"
},
{
"_id": null,
"model": "telepresence conductor",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "image construction and composition tool",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.3.2.0"
},
{
"_id": null,
"model": "series ip phones",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "88000"
},
{
"_id": null,
"model": "smartcloud entry appliance fixpac",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1"
},
{
"_id": null,
"model": "project openssl 1.0.1s",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "i",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1"
},
{
"_id": null,
"model": "pureapplication system if",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0.0.18"
},
{
"_id": null,
"model": "centos",
"scope": "eq",
"trust": 0.3,
"vendor": "centos",
"version": "6"
},
{
"_id": null,
"model": "sun blade ethernet switched nem 24p 10ge",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "60001.2"
},
{
"_id": null,
"model": "infosphere master data management standard/advanced edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "11.4"
},
{
"_id": null,
"model": "cognos tm1 interim fix",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2.0.2"
},
{
"_id": null,
"model": "10.1-release-p23",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "10.1-release-p16",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "business process manager standard",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.6"
},
{
"_id": null,
"model": "security identity manager virtual appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.0"
},
{
"_id": null,
"model": "unified communications manager session management edition",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "communications network charging and control",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.0.0.1.0"
},
{
"_id": null,
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"_id": null,
"model": "9.3-release-p6",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "powerkvm build",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1.165.5"
},
{
"_id": null,
"model": "i",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2"
},
{
"_id": null,
"model": "9.3-release-p9",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "project openssl 1.0.2c",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "mq light client module for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.2014090801"
},
{
"_id": null,
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.0.12"
},
{
"_id": null,
"model": "rational developer for aix and linux",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.1.1"
},
{
"_id": null,
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1"
},
{
"_id": null,
"model": "powerkvm sp1",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1"
},
{
"_id": null,
"model": "telepresence system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "500-320"
},
{
"_id": null,
"model": "unified attendant console enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "unified contact center express",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "cognos insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2.2"
},
{
"_id": null,
"model": "tivoli provisioning manager for os deployment",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1"
},
{
"_id": null,
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.0.0"
},
{
"_id": null,
"model": "watson explorer foundational components",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0.0.0"
},
{
"_id": null,
"model": "project openssl 1.0.2b",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "powerkvm build",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1.165.7"
},
{
"_id": null,
"model": "flex system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.2.1"
},
{
"_id": null,
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.8"
},
{
"_id": null,
"model": "flex system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.3.0"
},
{
"_id": null,
"model": "9.3-release-p34",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "emergency responder",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "flex system chassis management module 2pet",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.0.2"
},
{
"_id": null,
"model": "telepresence system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "500-370"
},
{
"_id": null,
"model": "jd edwards enterpriseone tools",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2.0.5"
},
{
"_id": null,
"model": "wireless ap",
"scope": "ne",
"trust": 0.3,
"vendor": "extremenetworks",
"version": "371510.11.1"
},
{
"_id": null,
"model": "cloud manager with openstack interim fix",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2.0.3"
},
{
"_id": null,
"model": "nexus",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "30000"
},
{
"_id": null,
"model": "enterprise manager ops center",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "12.3.2"
},
{
"_id": null,
"model": "project openssl 1.0.1l",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "im and presence service",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "vm virtualbox",
"scope": "ne",
"trust": 0.3,
"vendor": "oracle",
"version": "5.0.16"
},
{
"_id": null,
"model": "9.3-release-p29",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "extremexos",
"scope": "eq",
"trust": 0.3,
"vendor": "extremenetworks",
"version": "0"
},
{
"_id": null,
"model": "wireless ap",
"scope": "ne",
"trust": 0.3,
"vendor": "extremenetworks",
"version": "386510.11.1"
},
{
"_id": null,
"model": "cognos insight fp if",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2.126"
},
{
"_id": null,
"model": "vm server for",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "x863.2"
},
{
"_id": null,
"model": "tivoli provisioning manager for images system edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x7.1.1.0"
},
{
"_id": null,
"model": "unity connection",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "wireless ap",
"scope": "ne",
"trust": 0.3,
"vendor": "extremenetworks",
"version": "393510.1.4"
},
{
"_id": null,
"model": "communications network charging and control",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.4.1.5.0"
},
{
"_id": null,
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.0.1"
},
{
"_id": null,
"model": "project openssl 1.0.1h",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "powerkvm build",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1.158"
},
{
"_id": null,
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1"
},
{
"_id": null,
"model": "flex system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.0"
},
{
"_id": null,
"model": "cloud manager with openstack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2.0.1"
},
{
"_id": null,
"model": "project openssl 1.0.1p",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#257823"
},
{
"db": "CERT/CC",
"id": "VU#583776"
},
{
"db": "BID",
"id": "82237"
},
{
"db": "CNNVD",
"id": "CNNVD-201602-026"
},
{
"db": "NVD",
"id": "CVE-2015-3197"
}
]
},
"credits": {
"_id": null,
"data": "Nimrod Aviram and Sebastian Schinzel",
"sources": [
{
"db": "BID",
"id": "82237"
},
{
"db": "CNNVD",
"id": "CNNVD-201602-026"
}
],
"trust": 0.9
},
"cve": "CVE-2015-3197",
"cvss": {
"_id": null,
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CVE-2015-3197",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.1,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"availabilityRequirement": "NOT DEFINED",
"baseScore": 7.1,
"collateralDamagePotential": "NOT DEFINED",
"confidentialityImpact": "COMPLETE",
"confidentialityRequirement": "HIGH",
"enviromentalScore": 6.5,
"exploitability": "PROOF-OF-CONCEPT",
"exploitabilityScore": 4.9,
"id": "CVE-2016-0800",
"impactScore": 9.2,
"integrityImpact": "COMPLETE",
"integrityRequirement": "HIGH",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"remediationLevel": "WORKAROUND",
"reportConfidence": "CONFIRMED",
"severity": "HIGH",
"targetDistribution": "HIGH",
"trust": 0.8,
"userInteractionRequired": null,
"vector_string": "AV:N/AC:H/Au:N/C:C/I:C/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.2,
"id": "CVE-2015-3197",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2015-3197",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2016-0800",
"trust": 0.8,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201602-026",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2015-3197",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#583776"
},
{
"db": "VULMON",
"id": "CVE-2015-3197"
},
{
"db": "CNNVD",
"id": "CNNVD-201602-026"
},
{
"db": "NVD",
"id": "CVE-2015-3197"
}
]
},
"description": {
"_id": null,
"data": "ssl/s2_srvr.c in OpenSSL 1.0.1 before 1.0.1r and 1.0.2 before 1.0.2f does not prevent use of disabled ciphers, which makes it easier for man-in-the-middle attackers to defeat cryptographic protection mechanisms by performing computations on SSLv2 traffic, related to the get_client_master_key and get_client_hello functions. OpenSSL may generate unsafe primes for use in the Diffie-Hellman protocol, which may lead to disclosure of enough information for an attacker to recover the private encryption key. Network traffic encrypted using an RSA-based SSL certificate may be decrypted if enough SSLv2 handshake data can be collected. This is known as the \"DROWN\" attack in the media. OpenSSL is prone to a security-bypass vulnerability. \nSuccessfully exploiting this issue may allow attackers to perform unauthorized actions. This may lead to other attacks. OpenSSL Security Advisory [1st March 2016]\n=========================================\n\nNOTE: With this update, OpenSSL is disabling the SSLv2 protocol by default, as\nwell as removing SSLv2 EXPORT ciphers. We strongly advise against the use of\nSSLv2 due not only to the issues described below, but to the other known\ndeficiencies in the protocol as described at\nhttps://tools.ietf.org/html/rfc6176\n\n\nCross-protocol attack on TLS using SSLv2 (DROWN) (CVE-2016-0800)\n================================================================\n\nSeverity: High\n\nA cross-protocol attack was discovered that could lead to decryption of TLS\nsessions by using a server supporting SSLv2 and EXPORT cipher suites as a\nBleichenbacher RSA padding oracle. Note that traffic between clients and\nnon-vulnerable servers can be decrypted provided another server supporting\nSSLv2 and EXPORT ciphers (even with a different protocol such as SMTP, IMAP or\nPOP) shares the RSA keys of the non-vulnerable server. \n\nRecovering one session key requires the attacker to perform approximately 2^50\ncomputation, as well as thousands of connections to the affected server. A more\nefficient variant of the DROWN attack exists against unpatched OpenSSL servers\nusing versions that predate 1.0.2a, 1.0.1m, 1.0.0r and 0.9.8zf released on\n19/Mar/2015 (see CVE-2016-0703 below). \n\nUsers can avoid this issue by disabling the SSLv2 protocol in all their SSL/TLS\nservers, if they\u0027ve not done so already. Disabling all SSLv2 ciphers is also\nsufficient, provided the patches for CVE-2015-3197 (fixed in OpenSSL 1.0.1r and\n1.0.2f) have been deployed. Servers that have not disabled the SSLv2 protocol,\nand are not patched for CVE-2015-3197 are vulnerable to DROWN even if all SSLv2\nciphers are nominally disabled, because malicious clients can force the use of\nSSLv2 with EXPORT ciphers. \n\nOpenSSL 1.0.2g and 1.0.1s deploy the following mitigation against DROWN:\n\nSSLv2 is now by default disabled at build-time. Builds that are not configured\nwith \"enable-ssl2\" will not support SSLv2. Even if \"enable-ssl2\" is used,\nusers who want to negotiate SSLv2 via the version-flexible SSLv23_method() will\nneed to explicitly call either of:\n\n SSL_CTX_clear_options(ctx, SSL_OP_NO_SSLv2);\n or\n SSL_clear_options(ssl, SSL_OP_NO_SSLv2);\n\nas appropriate. Even if either of those is used, or the application explicitly\nuses the version-specific SSLv2_method() or its client or server variants,\nSSLv2 ciphers vulnerable to exhaustive search key recovery have been removed. \nSpecifically, the SSLv2 40-bit EXPORT ciphers, and SSLv2 56-bit DES are no\nlonger available. \n\nIn addition, weak ciphers in SSLv3 and up are now disabled in default builds of\nOpenSSL. Builds that are not configured with \"enable-weak-ssl-ciphers\" will\nnot provide any \"EXPORT\" or \"LOW\" strength ciphers. \n\nOpenSSL 1.0.2 users should upgrade to 1.0.2g\nOpenSSL 1.0.1 users should upgrade to 1.0.1s\n\nThis issue was reported to OpenSSL on December 29th 2015 by Nimrod Aviram and\nSebastian Schinzel. The fix was developed by Viktor Dukhovni and Matt Caswell\nof OpenSSL. \n\n\nDouble-free in DSA code (CVE-2016-0705)\n=======================================\n\nSeverity: Low\n\nA double free bug was discovered when OpenSSL parses malformed DSA private keys\nand could lead to a DoS attack or memory corruption for applications that\nreceive DSA private keys from untrusted sources. This scenario is considered\nrare. \n\nThis issue affects OpenSSL versions 1.0.2 and 1.0.1. \n\nOpenSSL 1.0.2 users should upgrade to 1.0.2g\nOpenSSL 1.0.1 users should upgrade to 1.0.1s\n\nThis issue was reported to OpenSSL on February 7th 2016 by Adam Langley\n(Google/BoringSSL) using libFuzzer. The fix was developed by Dr Stephen Henson\nof OpenSSL. \n\n\nMemory leak in SRP database lookups (CVE-2016-0798)\n===================================================\n\nSeverity: Low\n\nThe SRP user database lookup method SRP_VBASE_get_by_user had\nconfusing memory management semantics; the returned pointer was sometimes newly\nallocated, and sometimes owned by the callee. The calling code has no way of\ndistinguishing these two cases. \n\nSpecifically, SRP servers that configure a secret seed to hide valid\nlogin information are vulnerable to a memory leak: an attacker\nconnecting with an invalid username can cause a memory leak of around\n300 bytes per connection. Servers that do not configure SRP, or\nconfigure SRP but do not configure a seed are not vulnerable. \n\nIn Apache, the seed directive is known as SSLSRPUnknownUserSeed. \n\nTo mitigate the memory leak, the seed handling in\nSRP_VBASE_get_by_user is now disabled even if the user has configured\na seed. Applications are advised to migrate to\nSRP_VBASE_get1_by_user. However, note that OpenSSL makes no strong\nguarantees about the indistinguishability of valid and invalid\nlogins. In particular, computations are currently not carried out in\nconstant time. \n\nThis issue affects OpenSSL versions 1.0.2 and 1.0.1. \n\nOpenSSL 1.0.2 users should upgrade to 1.0.2g\nOpenSSL 1.0.1 users should upgrade to 1.0.1s\n\nThis issue was discovered on February 23rd 2016 by Emilia K\u00e4sper of\nthe OpenSSL development team. Emilia K\u00e4sper also developed the fix. \n\n\nBN_hex2bn/BN_dec2bn NULL pointer deref/heap corruption (CVE-2016-0797)\n======================================================================\n\nSeverity: Low\n\nIn the BN_hex2bn function the number of hex digits is calculated using an int\nvalue |i|. Later |bn_expand| is called with a value of |i * 4|. For large values\nof |i| this can result in |bn_expand| not allocating any memory because |i * 4|\nis negative. This can leave the internal BIGNUM data field as NULL leading to a\nsubsequent NULL ptr deref. For very large values of |i|, the calculation |i * 4|\ncould be a positive value smaller than |i|. In this case memory is allocated to\nthe internal BIGNUM data field, but it is insufficiently sized leading to heap\ncorruption. A similar issue exists in BN_dec2bn. This could have security\nconsequences if BN_hex2bn/BN_dec2bn is ever called by user applications with\nvery large untrusted hex/dec data. This is anticipated to be a rare occurrence. \n\nAll OpenSSL internal usage of these functions use data that is not expected to\nbe untrusted, e.g. config file data or application command line arguments. If\nuser developed applications generate config file data based on untrusted data\nthen it is possible that this could also lead to security consequences. This is\nalso anticipated to be rare. \n\nThis issue affects OpenSSL versions 1.0.2 and 1.0.1. \n\nOpenSSL 1.0.2 users should upgrade to 1.0.2g\nOpenSSL 1.0.1 users should upgrade to 1.0.1s\n\nThis issue was reported to OpenSSL on February 19th 2016 by Guido Vranken. The\nfix was developed by Matt Caswell of the OpenSSL development team. \n\nFix memory issues in BIO_*printf functions (CVE-2016-0799)\n==========================================================\n\nSeverity: Low\n\nThe internal |fmtstr| function used in processing a \"%s\" format string in the\nBIO_*printf functions could overflow while calculating the length of a string\nand cause an OOB read when printing very long strings. \n\nAdditionally the internal |doapr_outch| function can attempt to write to an OOB\nmemory location (at an offset from the NULL pointer) in the event of a memory\nallocation failure. In 1.0.2 and below this could be caused where the size of a\nbuffer to be allocated is greater than INT_MAX. E.g. this could be in processing\na very long \"%s\" format string. Memory leaks can also occur. \n\nThe first issue may mask the second issue dependent on compiler behaviour. \nThese problems could enable attacks where large amounts of untrusted data is\npassed to the BIO_*printf functions. If applications use these functions in this\nway then they could be vulnerable. OpenSSL itself uses these functions when\nprinting out human-readable dumps of ASN.1 data. Therefore applications that\nprint this data could be vulnerable if the data is from untrusted sources. \nOpenSSL command line applications could also be vulnerable where they print out\nASN.1 data, or if untrusted data is passed as command line arguments. \n\nLibssl is not considered directly vulnerable. Additionally certificates etc\nreceived via remote connections via libssl are also unlikely to be able to\ntrigger these issues because of message size limits enforced within libssl. \n\nThis issue affects OpenSSL versions 1.0.2 and 1.0.1. \n\nOpenSSL 1.0.2 users should upgrade to 1.0.2g\nOpenSSL 1.0.1 users should upgrade to 1.0.1s\n\nThis issue was reported to OpenSSL on February 23rd by Guido Vranken. The\nfix was developed by Matt Caswell of the OpenSSL development team. \n\nSide channel attack on modular exponentiation (CVE-2016-0702)\n=============================================================\n\nSeverity: Low\n\nA side-channel attack was found which makes use of cache-bank conflicts on the\nIntel Sandy-Bridge microarchitecture which could lead to the recovery of RSA\nkeys. The ability to exploit this issue is limited as it relies on an attacker\nwho has control of code in a thread running on the same hyper-threaded core as\nthe victim thread which is performing decryptions. \n\nThis issue affects OpenSSL versions 1.0.2 and 1.0.1. \n\nOpenSSL 1.0.2 users should upgrade to 1.0.2g\nOpenSSL 1.0.1 users should upgrade to 1.0.1s\n\nThis issue was reported to OpenSSL on Jan 8th 2016 by Yuval Yarom, The\nUniversity of Adelaide and NICTA, Daniel Genkin, Technion and Tel Aviv\nUniversity, and Nadia Heninger, University of Pennsylvania with more\ninformation at http://cachebleed.info. The fix was developed by Andy Polyakov\nof OpenSSL. \n\n\nDivide-and-conquer session key recovery in SSLv2 (CVE-2016-0703)\n================================================================\n\nSeverity: High\n\nThis issue only affected versions of OpenSSL prior to March 19th 2015 at which\ntime the code was refactored to address vulnerability CVE-2015-0293. \n\ns2_srvr.c did not enforce that clear-key-length is 0 for non-export ciphers. If\nclear-key bytes are present for these ciphers, they *displace* encrypted-key\nbytes. This leads to an efficient divide-and-conquer key recovery attack: if an\neavesdropper has intercepted an SSLv2 handshake, they can use the server as an\noracle to determine the SSLv2 master-key, using only 16 connections to the\nserver and negligible computation. \n\nMore importantly, this leads to a more efficient version of DROWN that is\neffective against non-export ciphersuites, and requires no significant\ncomputation. \n\nThis issue affected OpenSSL versions 1.0.2, 1.0.1l, 1.0.0q, 0.9.8ze and all\nearlier versions. It was fixed in OpenSSL 1.0.2a, 1.0.1m, 1.0.0r and 0.9.8zf\n(released March 19th 2015). \n\nThis issue was reported to OpenSSL on February 10th 2016 by David Adrian and J. \nAlex Halderman of the University of Michigan. The underlying defect had by\nthen already been fixed by Emilia K\u00e4sper of OpenSSL on March 4th 2015. The fix\nfor this issue can be identified by commits ae50d827 (1.0.2a), cd56a08d\n(1.0.1m), 1a08063 (1.0.0r) and 65c588c (0.9.8zf). \n\n\nBleichenbacher oracle in SSLv2 (CVE-2016-0704)\n==============================================\n\nSeverity: Moderate\n\nThis issue only affected versions of OpenSSL prior to March 19th 2015 at which\ntime the code was refactored to address the vulnerability CVE-2015-0293. \n\ns2_srvr.c overwrite the wrong bytes in the master-key when applying\nBleichenbacher protection for export cipher suites. This provides a\nBleichenbacher oracle, and could potentially allow more efficient variants of\nthe DROWN attack. \n\nThis issue affected OpenSSL versions 1.0.2, 1.0.1l, 1.0.0q, 0.9.8ze and all\nearlier versions. It was fixed in OpenSSL 1.0.2a, 1.0.1m, 1.0.0r and 0.9.8zf\n(released March 19th 2015). \n\nThis issue was reported to OpenSSL on February 10th 2016 by David Adrian and J. \nAlex Halderman of the University of Michigan. The underlying defect had by\nthen already been fixed by Emilia K\u00e4sper of OpenSSL on March 4th 2015. The fix\nfor this issue can be identified by commits ae50d827 (1.0.2a), cd56a08d\n(1.0.1m), 1a08063 (1.0.0r) and 65c588c (0.9.8zf). \n\nNote\n====\n\nAs per our previous announcements and our Release Strategy\n(https://www.openssl.org/policies/releasestrat.html), support for OpenSSL\nversion 1.0.1 will cease on 31st December 2016. No security updates for that\nversion will be provided after that date. Users of 1.0.1 are advised to\nupgrade. \n\nSupport for versions 0.9.8 and 1.0.0 ended on 31st December 2015. Those\nversions are no longer receiving security updates. \n\nReferences\n==========\n\nURL for this Security Advisory:\nhttps://www.openssl.org/news/secadv/20160301.txt\n\nNote: the online version of the advisory may be updated with additional details\nover time. \n\nFor details of OpenSSL severity classifications please see:\nhttps://www.openssl.org/policies/secpolicy.html\n. Description:\n\nRed Hat JBoss Web Server is a fully integrated and certified set of\ncomponents for hosting Java web applications. It is comprised of the\nApache HTTP Server, the Apache Tomcat Servlet container, Apache Tomcat\nConnector(mod_jk), JBoss HTTP Connector (mod_cluster), Hibernate, and\nthe Tomcat Native library. Relevant releases/architectures:\n\nRHEL 7-based RHEV-H - noarch\nRHEV Hypervisor for RHEL-6 - noarch\n\n3. The Red Hat Enterprise \nVirtualization Hypervisor is a dedicated Kernel-based Virtual Machine \n(KVM) hypervisor. \n\nNote: Red Hat Enterprise Virtualization Hypervisor is only available \nfor the Intel 64 and AMD64 architectures with virtualization \nextensions. An \nattacker could create specially crafted DSA private keys that, when \nprocessed by an application compiled against OpenSSL, could cause \nthe application to crash. (CVE-2016-0705)\n\nAn integer overflow flaw, leading to a NULL pointer dereference or a\nheap-based memory corruption, was found in the way some BIGNUM \nfunctions of OpenSSL were implemented. Applications that use these \nfunctions with large untrusted input could crash or, potentially, \nexecute arbitrary code. \n\nChanges to the rhev-hypervisor component:\n\n* Previously, a race between services during boot prevented network \nconfiguration from upgrading correctly. The risk for the race has \nnow been reduced significantly to allow the upgrade of the network \nconfiguration to complete correctly. (BZ#1194068)\n\n* Previously, using the text user interface (TUI) to log in to the \nadministrator account of Red Hat Enterprise Virtualization \nHypervisor failed with a Python backtrace. This update makes the \n\"six\" module correctly importable under all circumstances, which \nensures that logging in to Red Hat Enterprise Virtualization \nHypervisor using TUI proceeds as expected. (BZ#1246836)\n\n4. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA256\n\nNote: the current version of the following document is available here:\nhttps://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c05390893\n\nSUPPORT COMMUNICATION - SECURITY BULLETIN\n\nDocument ID: c05390893\nVersion: 1\n\nHPESBHF03703 rev.1 - HPE Network Products including Comware v7 and VCX using\nOpenSSL, Remote Unauthorized Disclosure of Information\n\nNOTICE: The information in this Security Bulletin should be acted upon as\nsoon as possible. The vulnerabilities could be\nremotely exploited resulting in disclosure of information. \n\nReferences:\n\n - CVE-2015-3197 - OpenSSL, Remote unauthorized disclosure of information\n - CVE-2016-0701 - OpenSSL, Remote unauthorized disclosure of information\n\nSUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. Please\nrefer to the RESOLUTION below for a list of updated products. Please refer to the RESOLUTION below for a list of updated\nproducts. \n\nBACKGROUND\n\n CVSS Base Metrics\n =================\n Reference, CVSS V3 Score/Vector, CVSS V2 Score/Vector\n\n CVE-2015-3197\n 5.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N\n 4.3 (AV:N/AC:M/Au:N/C:P/I:N/A:N)\n\n CVE-2016-0701\n 3.7 CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N\n 2.6 (AV:N/AC:H/Au:N/C:P/I:N/A:N)\n\n Information on CVSS is documented in\n HPE Customer Notice HPSN-2008-002 here:\n\nhttps://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c01345499\n\nRESOLUTION\n\nHPE has made the following software updates to resolve the vulnerability in\nthe Comware v7 and VCX products. \n\n**COMWARE 7 Products**\n\n + **12500 (Comware 7) - Version: R7377P01**\n * HP Network Products\n - JC072B HP 12500 Main Processing Unit\n - JC085A HP A12518 Switch Chassis\n - JC086A HP A12508 Switch Chassis\n - JC652A HP 12508 DC Switch Chassis\n - JC653A HP 12518 DC Switch Chassis\n - JC654A HP 12504 AC Switch Chassis\n - JC655A HP 12504 DC Switch Chassis\n - JF430A HP A12518 Switch Chassis\n - JF430B HP 12518 Switch Chassis\n - JF430C HP 12518 AC Switch Chassis\n - JF431A HP A12508 Switch Chassis\n - JF431B HP 12508 Switch Chassis\n - JF431C HP 12508 AC Switch Chassis\n - JG497A HP 12500 MPU w/Comware V7 OS\n - JG782A HP FF 12508E AC Switch Chassis\n - JG783A HP FF 12508E DC Switch Chassis\n - JG784A HP FF 12518E AC Switch Chassis\n - JG785A HP FF 12518E DC Switch Chassis\n - JG802A HP FF 12500E MPU\n * CVEs\n - CVE-2015-3197\n - CVE-2016-0701\n + **10500 (Comware 7) - Version: R7183**\n * HP Network Products\n - JC611A HP 10508-V Switch Chassis\n - JC612A HP 10508 Switch Chassis\n - JC613A HP 10504 Switch Chassis\n - JC748A HP 10512 Switch Chassis\n - JG608A HP FlexFabric 11908-V Switch Chassis\n - JG609A HP FlexFabric 11900 Main Processing Unit\n - JG820A HP 10504 TAA Switch Chassis\n - JG821A HP 10508 TAA Switch Chassis\n - JG822A HP 10508-V TAA Switch Chassis\n - JG823A HP 10512 TAA Switch Chassis\n - JG496A HP 10500 Type A MPU w/Comware v7 OS\n - JH198A HP 10500 Type D Main Processing Unit with Comware v7 Operating\nSystem\n - JH206A HP 10500 Type D TAA-compliant with Comware v7 Operating System\nMain Processing Unit\n * CVEs\n - CVE-2015-3197\n - CVE-2016-0701\n + **12900 (Comware 7) - Version: R1150**\n * HP Network Products\n - JG619A HP FlexFabric 12910 Switch AC Chassis\n - JG621A HP FlexFabric 12910 Main Processing Unit\n - JG632A HP FlexFabric 12916 Switch AC Chassis\n - JG634A HP FlexFabric 12916 Main Processing Unit\n - JH104A HP FlexFabric 12900E Main Processing Unit\n - JH114A HP FlexFabric 12910 TAA-compliant Main Processing Unit\n - JH263A HP FlexFabric 12904E Main Processing Unit\n - JH255A HP FlexFabric 12908E Switch Chassis\n - JH262A HP FlexFabric 12904E Switch Chassis\n - JH113A HP FlexFabric 12910 TAA-compliant Switch AC Chassis\n - JH103A HP FlexFabric 12916E Switch Chassis\n * CVEs\n - CVE-2015-3197\n - CVE-2016-0701\n + **5900 (Comware 7) - Version: R2432P01**\n * HP Network Products\n - JC772A HP 5900AF-48XG-4QSFP+ Switch\n - JG296A HP 5920AF-24XG Switch\n - JG336A HP 5900AF-48XGT-4QSFP+ Switch\n - JG510A HP 5900AF-48G-4XG-2QSFP+ Switch\n - JG554A HP 5900AF-48XG-4QSFP+ TAA Switch\n - JG555A HP 5920AF-24XG TAA Switch\n - JG838A HP FF 5900CP-48XG-4QSFP+ Switch\n - JH036A HP FlexFabric 5900CP 48XG 4QSFP+ TAA-Compliant\n - JH037A HP 5900AF 48XGT 4QSFP+ TAA-Compliant Switch\n - JH038A HP 5900AF 48G 4XG 2QSFP+ TAA-Compliant\n * CVEs\n - CVE-2015-3197\n - CVE-2016-0701\n + **MSR1000 (Comware 7) - Version: R0306P30**\n * HP Network Products\n - JG875A HP MSR1002-4 AC Router\n - JH060A HP MSR1003-8S AC Router\n * CVEs\n - CVE-2015-3197\n - CVE-2016-0701\n + **MSR2000 (Comware 7) - Version: R0306P30**\n * HP Network Products\n - JG411A HP MSR2003 AC Router\n - JG734A HP MSR2004-24 AC Router\n - JG735A HP MSR2004-48 Router\n - JG866A HP MSR2003 TAA-compliant AC Router\n * CVEs\n - CVE-2015-3197\n - CVE-2016-0701\n + **MSR3000 (Comware 7) - Version: R0306P30**\n * HP Network Products\n - JG404A HP MSR3064 Router\n - JG405A HP MSR3044 Router\n - JG406A HP MSR3024 AC Router\n - JG409A HP MSR3012 AC Router\n - JG409B HPE MSR3012 AC Router\n - JG861A HP MSR3024 TAA-compliant AC Router\n * CVEs\n - CVE-2015-3197\n - CVE-2016-0701\n + **MSR4000 (Comware 7) - Version: R0306P30**\n * HP Network Products\n - JG402A HP MSR4080 Router Chassis\n - JG403A HP MSR4060 Router Chassis\n - JG412A HP MSR4000 MPU-100 Main Processing Unit\n - JG869A HP MSR4000 TAA-compliant MPU-100 Main Processing Unit\n * CVEs\n - CVE-2015-3197\n - CVE-2016-0701\n + **MSR95X - Version: R0306P30**\n * HP Network Products\n - JH296A HPE MSR954 1GbE SFP 2GbE-WAN 4GbE-LAN CWv7 Router\n - JH297A HPE MSR954-W 1GbE SFP (WW) 2GbE-WAN 4GbE-LAN Wireless 802.11n\nCWv7 Router\n - JH298A HPE MSR954-W 1GbE SFP LTE (AM) 2GbE-WAN 4GbE-LAN Wireless\n802.11n CWv7 Router\n - JH299A HPE MSR954-W 1GbE SFP LTE (WW) 2GbE-WAN 4GbE-LAN Wireless\n802.11n CWv7 Router\n * CVEs\n - CVE-2015-3197\n - CVE-2016-0701\n + **VSR (Comware 7) - Version: E0322P01**\n * HP Network Products\n - JG810AAE HP VSR1001 Virtual Services Router 60 Day Evaluation\nSoftware\n - JG811AAE HP VSR1001 Comware 7 Virtual Services Router\n - JG812AAE HP VSR1004 Comware 7 Virtual Services Router\n - JG813AAE HP VSR1008 Comware 7 Virtual Services Router\n * CVEs\n - CVE-2015-3197\n - CVE-2016-0701\n + **7900 (Comware 7) - Version: R2150**\n * HP Network Products\n - JG682A HP FlexFabric 7904 Switch Chassis\n - JG841A HP FlexFabric 7910 Switch Chassis\n - JG842A HP FlexFabric 7910 7.2Tbps Fabric / Main Processing Unit\n - JH001A HP FlexFabric 7910 2.4Tbps Fabric / Main Processing Unit\n - JH122A HP FlexFabric 7904 TAA-compliant Switch Chassis\n - JH123A HP FlexFabric 7910 TAA-compliant Switch Chassis\n - JH124A HP FlexFabric 7910 7.2Tbps TAA-compliant Fabric/Main\nProcessing Unit\n - JH125A HP FlexFabric 7910 2.4Tbps TAA-compliant Fabric/Main\nProcessing Unit\n * CVEs\n - CVE-2015-3197\n - CVE-2016-0701\n + **5130EI (Comware 7) - Version: R3113P02**\n * HP Network Products\n - JG932A HP 5130-24G-4SFP+ EI Switch\n - JG933A HP 5130-24G-SFP-4SFP+ EI Switch\n - JG934A HP 5130-48G-4SFP+ EI Switch\n - JG936A HP 5130-24G-PoE+-4SFP+ (370W) EI Switch\n - JG937A HP 5130-48G-PoE+-4SFP+ (370W) EI Switch\n - JG938A HP 5130-24G-2SFP+-2XGT EI Switch\n - JG939A HP 5130-48G-2SFP+-2XGT EI Switch\n - JG940A HP 5130-24G-PoE+-2SFP+-2XGT (370W) EI Switch\n - JG941A HP 5130-48G-PoE+-2SFP+-2XGT (370W) EI Switch\n - JG975A HP 5130-24G-4SFP+ EI Brazil Switch\n - JG976A HP 5130-48G-4SFP+ EI Brazil Switch\n - JG977A HP 5130-24G-PoE+-4SFP+ (370W) EI Brazil Switch\n - JG978A HP 5130-48G-PoE+-4SFP+ (370W) EI Brazil Switch\n * CVEs\n - CVE-2015-3197\n - CVE-2016-0701\n + **6125XLG - Version: R2432P01**\n * HP Network Products\n - 711307-B21 HP 6125XLG Blade Switch\n - 737230-B21 HP 6125XLG Blade Switch with TAA\n * CVEs\n - CVE-2015-3197\n - CVE-2016-0701\n + **6127XLG - Version: R2432P01**\n * HP Network Products\n - 787635-B21 HP 6127XLG Blade Switch Opt Kit\n - 787635-B22 HP 6127XLG Blade Switch with TAA\n * CVEs\n - CVE-2015-3197\n - CVE-2016-0701\n + **Moonshot - Version: R2432P01**\n * HP Network Products\n - 786617-B21 - HP Moonshot-45Gc Switch Module\n - 704654-B21 - HP Moonshot-45XGc Switch Module\n - 786619-B21 - HP Moonshot-180XGc Switch Module\n * CVEs\n - CVE-2015-3197\n - CVE-2016-0701\n + **5700 (Comware 7) - Version: R2432P01**\n * HP Network Products\n - JG894A HP FlexFabric 5700-48G-4XG-2QSFP+ Switch\n - JG895A HP FlexFabric 5700-48G-4XG-2QSFP+ TAA-compliant Switch\n - JG896A HP FlexFabric 5700-40XG-2QSFP+ Switch\n - JG897A HP FlexFabric 5700-40XG-2QSFP+ TAA-compliant Switch\n - JG898A HP FlexFabric 5700-32XGT-8XG-2QSFP+ Switch\n - JG899A HP FlexFabric 5700-32XGT-8XG-2QSFP+ TAA-compliant Switch\n * CVEs\n - CVE-2015-3197\n - CVE-2016-0701\n + **5930 (Comware 7) - Version: R2432P01**\n * HP Network Products\n - JG726A HP FlexFabric 5930 32QSFP+ Switch\n - JG727A HP FlexFabric 5930 32QSFP+ TAA-compliant Switch\n - JH178A HP FlexFabric 5930 2QSFP+ 2-slot Switch\n - JH179A HP FlexFabric 5930 4-slot Switch\n - JH187A HP FlexFabric 5930 2QSFP+ 2-slot TAA-compliant Switch\n - JH188A HP FlexFabric 5930 4-slot TAA-compliant Switch\n * CVEs\n - CVE-2015-3197\n - CVE-2016-0701\n + **1950 (Comware 7) - Version: R3113P02**\n * HP Network Products\n - JG960A HP 1950-24G-4XG Switch\n - JG961A HP 1950-48G-2SFP+-2XGT Switch\n - JG962A HP 1950-24G-2SFP+-2XGT-PoE+(370W) Switch\n - JG963A HP 1950-48G-2SFP+-2XGT-PoE+(370W) Switch\n * CVEs\n - CVE-2015-3197\n - CVE-2016-0701\n + **7500 (Comware 7) - Version: R7183**\n * HP Network Products\n - JD238C HP 7510 Switch Chassis\n - JD239C HP 7506 Switch Chassis\n - JD240C HP 7503 Switch Chassis\n - JD242C HP 7502 Switch Chassis\n - JH207A HP 7500 1.2Tbps Fabric with 2-port 40GbE QSFP+ for IRF-Only\nMain Processing Unit\n - JH208A HP 7502 Main Processing Unit\n - JH209A HP 7500 2.4Tbps Fabric with 8-port 1/10GbE SFP+ and 2-port\n40GbE QSFP+ Main Processing Unit\n * CVEs\n - CVE-2015-3197\n - CVE-2016-0701\n + **5130HI - Version: R1120P07**\n * HP Network Products\n - JH323A HPE 5130 24G 4SFP+ 1-slot HI Switch\n - JH324A HPE 5130 48G 4SFP+ 1-slot HI Switch\n - JH325A HPE 5130 24G PoE+ 4SFP+ 1-slot HI Switch\n - JH326A HPE 5130 48G PoE+ 4SFP+ 1-slot HI Switch\n * CVEs\n - CVE-2015-3197\n - CVE-2016-0701\n + **5510HI - Version: R1120P07**\n * HP Network Products\n - JH145A HPE 5510 24G 4SFP+ HI 1-slot Switch\n - JH146A HPE 5510 48G 4SFP+ HI 1-slot Switch\n - JH147A HPE 5510 24G PoE+ 4SFP+ HI 1-slot Switch\n - JH148A HPE 5510 48G PoE+ 4SFP+ HI 1-slot Switch\n - JH149A HPE 5510 24G SFP 4SFP+ HI 1-slot Switch\n * CVEs\n - CVE-2015-3197\n - CVE-2016-0701\n + **VCX - Version: 9.8.19**\n * HP Network Products\n - J9672A HP VCX V7205 Platform w/ DL360 G7 Srvr\n - J9668A HP VCX IPC V7005 Pltfrm w/ DL120 G6 Srvr\n - JC517A HP VCX V7205 Platform w/DL 360 G6 Server\n - JE355A HP VCX V6000 Branch Platform 9.0\n - JC516A HP VCX V7005 Platform w/DL 120 G6 Server\n - JC518A HP VCX Connect 200 Primry 120 G6 Server\n - J9669A HP VCX IPC V7310 Pltfrm w/ DL360 G7 Srvr\n - JE341A HP VCX Connect 100 Secondary\n - JE252A HP VCX Connect Primary MIM Module\n - JE253A HP VCX Connect Secondary MIM Module\n - JE254A HP VCX Branch MIM Module\n - JE355A HP VCX V6000 Branch Platform 9.0\n - JD028A HP MS30-40 RTR w/VCX + T1/FXO/FXS/Mod\n - JD023A HP MSR30-40 Router with VCX MIM Module\n - JD024A HP MSR30-16 RTR w/VCX Ent Br Com MIM\n - JD025A HP MSR30-16 RTR w/VCX + 4FXO/2FXS Mod\n - JD026A HP MSR30-16 RTR w/VCX + 8FXO/4FXS Mod\n - JD027A HP MSR30-16 RTR w/VCX + 8BRI/4FXS Mod\n - JD029A HP MSR30-16 RTR w/VCX + E1/4BRI/4FXS\n - JE340A HP VCX Connect 100 Pri Server 9.0\n - JE342A HP VCX Connect 100 Sec Server 9.0\n * CVEs\n - CVE-2015-3197\n \n **Note:** Please contact HPE Technical Support if any assistance is needed\nacquiring the software updates. \n\nHISTORY\nVersion:1 (rev.1) - 14 February 2017 Initial release\n\nThird Party Security Patches: Third party security patches that are to be\ninstalled on systems running Hewlett Packard Enterprise (HPE) software\nproducts should be applied in accordance with the customer\u0027s patch management\npolicy. \n\nSupport: For issues about implementing the recommendations of this Security\nBulletin, contact normal HPE Services support channel. For other issues about\nthe content of this Security Bulletin, send e-mail to security-alert@hpe.com. \n\nReport: To report a potential security vulnerability for any HPE supported\nproduct:\n Web form: https://www.hpe.com/info/report-security-vulnerability\n Email: security-alert@hpe.com\n\nSubscribe: To initiate a subscription to receive future HPE Security Bulletin\nalerts via Email: http://www.hpe.com/support/Subscriber_Choice\n\nSecurity Bulletin Archive: A list of recently released Security Bulletins is\navailable here: http://www.hpe.com/support/Security_Bulletin_Archive\n\nSoftware Product Category: The Software Product Category is represented in\nthe title by the two characters following HPSB. \n\n3C = 3COM\n3P = 3rd Party Software\nGN = HPE General Software\nHF = HPE Hardware and Firmware\nMU = Multi-Platform Software\nNS = NonStop Servers\nOV = OpenVMS\nPV = ProCurve\nST = Storage Software\nUX = HP-UX\n\nCopyright 2016 Hewlett Packard Enterprise\n\nHewlett Packard Enterprise shall not be liable for technical or editorial\nerrors or omissions contained herein. The information provided is provided\n\"as is\" without warranty of any kind. To the extent permitted by law, neither\nHP or its affiliates, subcontractors or suppliers will be liable for\nincidental,special or consequential damages including downtime cost; lost\nprofits; damages relating to the procurement of substitute products or\nservices; or damages for loss of data, or software restoration. The\ninformation in this document is subject to change without notice. Hewlett\nPackard Enterprise and the names of Hewlett Packard Enterprise products\nreferenced herein are trademarks of Hewlett Packard Enterprise in the United\nStates and other countries. Other product and company names mentioned herein\nmay be trademarks of their respective owners. 5.9 server) - i386, ia64, x86_64\n\n3. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 201601-05\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n https://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: Normal\n Title: OpenSSL: Multiple vulnerabilities\n Date: January 29, 2016\n Bugs: #572854\n ID: 201601-05\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nMultiple vulnerabilities have been found in OpenSSL, allowing remote\nattackers to disclose sensitive information and complete weak\nhandshakes. \n\nAffected packages\n=================\n\n -------------------------------------------------------------------\n Package / Vulnerable / Unaffected\n -------------------------------------------------------------------\n 1 dev-libs/openssl \u003c 1.0.2f \u003e= 1.0.2f\n\nDescription\n===========\n\nMultiple vulnerabilities have been discovered in OpenSSL. Please review\nthe upstream advisory and CVE identifiers referenced below for details. \n\nImpact\n======\n\nA remote attacker could disclose a server\u0027s private DH exponent, or\ncomplete SSLv2 handshakes using ciphers that have been disabled on the\nserver. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll OpenSSL users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=dev-libs/openssl-1.0.2f\"\n\nReferences\n==========\n\n[ 1 ] CVE-2015-3197\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-3197\n[ 2 ] CVE-2016-0701\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0701\n[ 3 ] OpenSSL Security Advisory [28th Jan 2016]\n http://openssl.org/news/secadv/20160128.txt\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n https://security.gentoo.org/glsa/201601-05\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2016 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n\n\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=====================================================================\n Red Hat Security Advisory\n\nSynopsis: Important: openssl security update\nAdvisory ID: RHSA-2016:0303-01\nProduct: Red Hat Enterprise Linux\nAdvisory URL: https://rhn.redhat.com/errata/RHSA-2016-0303.html\nIssue date: 2016-03-01\nCVE Names: CVE-2015-0293 CVE-2015-3197 CVE-2016-0703 \n CVE-2016-0704 CVE-2016-0800 \n=====================================================================\n\n1. Summary:\n\nUpdated openssl packages that fix multiple security issues are now\navailable for Red Hat Enterprise Linux 6.2, 6.4, and 6.5 Advanced Update\nSupport. \n\nRed Hat Product Security has rated this update as having Important security\nimpact. Common Vulnerability Scoring System (CVSS) base scores, which give\ndetailed severity ratings, are available for each vulnerability from the\nCVE links in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux Server AUS (v. 6.2) - x86_64\nRed Hat Enterprise Linux Server AUS (v. 6.4) - x86_64\nRed Hat Enterprise Linux Server AUS (v. 6.5) - x86_64\nRed Hat Enterprise Linux Server Optional AUS (v. 6.2) - x86_64\nRed Hat Enterprise Linux Server Optional AUS (v. 6.4) - x86_64\nRed Hat Enterprise Linux Server Optional AUS (v. 6.5) - x86_64\n\n3. Description:\n\nOpenSSL is a toolkit that implements the Secure Sockets Layer (SSL v2/v3)\nand Transport Layer Security (TLS v1) protocols, as well as a\nfull-strength, general purpose cryptography library. \n\nA padding oracle flaw was found in the Secure Sockets Layer version 2.0\n(SSLv2) protocol. An attacker can potentially use this flaw to decrypt\nRSA-encrypted cipher text from a connection using a newer SSL/TLS protocol\nversion, allowing them to decrypt such connections. For more information, refer to the knowledge base\narticle linked to in the References section. \n\nIt was discovered that the SSLv2 servers using OpenSSL accepted SSLv2\nconnection handshakes that indicated non-zero clear key length for\nnon-export cipher suites. An attacker could use a SSLv2 server using OpenSSL as a \nBleichenbacher oracle. \n\nA denial of service flaw was found in the way OpenSSL handled SSLv2\nhandshake messages. This could result in weak\nSSLv2 ciphers being used for SSLv2 connections, making them vulnerable to\nman-in-the-middle attacks. (CVE-2015-3197)\n\nRed Hat would like to thank the OpenSSL project for reporting these issues. \nUpstream acknowledges Nimrod Aviram and Sebastian Schinzel as the original\nreporters of CVE-2016-0800 and CVE-2015-3197; David Adrian (University of\nMichigan) and J. Alex Halderman (University of Michigan) as the original\nreporters of CVE-2016-0703 and CVE-2016-0704; and Sean Burford (Google) and\nEmilia K\u00e4sper (OpenSSL development team) as the original reporters of\nCVE-2015-0293. \n\nAll openssl users are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues. For the update to take\neffect, all services linked to the OpenSSL library must be restarted, or\nthe system rebooted. \n\n4. Solution:\n\nBefore applying this update, make sure all previously released errata\nrelevant to your system have been applied. \n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258\n\n5. Bugs fixed (https://bugzilla.redhat.com/):\n\n1202404 - CVE-2015-0293 openssl: assertion failure in SSLv2 servers\n1301846 - CVE-2015-3197 OpenSSL: SSLv2 doesn\u0027t block disabled ciphers\n1310593 - CVE-2016-0800 SSL/TLS: Cross-protocol attack on TLS using SSLv2 (DROWN)\n1310811 - CVE-2016-0703 openssl: Divide-and-conquer session key recovery in SSLv2\n1310814 - CVE-2016-0704 openssl: SSLv2 Bleichenbacher protection overwrites wrong bytes for export ciphers\n\n6. Package List:\n\nRed Hat Enterprise Linux Server AUS (v. 6.2):\n\nSource:\nopenssl-1.0.0-20.el6_2.8.src.rpm\n\nx86_64:\nopenssl-1.0.0-20.el6_2.8.i686.rpm\nopenssl-1.0.0-20.el6_2.8.x86_64.rpm\nopenssl-debuginfo-1.0.0-20.el6_2.8.i686.rpm\nopenssl-debuginfo-1.0.0-20.el6_2.8.x86_64.rpm\nopenssl-devel-1.0.0-20.el6_2.8.i686.rpm\nopenssl-devel-1.0.0-20.el6_2.8.x86_64.rpm\n\nRed Hat Enterprise Linux Server AUS (v. 6.4):\n\nSource:\nopenssl-1.0.0-27.el6_4.5.src.rpm\n\nx86_64:\nopenssl-1.0.0-27.el6_4.5.i686.rpm\nopenssl-1.0.0-27.el6_4.5.x86_64.rpm\nopenssl-debuginfo-1.0.0-27.el6_4.5.i686.rpm\nopenssl-debuginfo-1.0.0-27.el6_4.5.x86_64.rpm\nopenssl-devel-1.0.0-27.el6_4.5.i686.rpm\nopenssl-devel-1.0.0-27.el6_4.5.x86_64.rpm\n\nRed Hat Enterprise Linux Server AUS (v. 6.5):\n\nSource:\nopenssl-1.0.1e-16.el6_5.16.src.rpm\n\nx86_64:\nopenssl-1.0.1e-16.el6_5.16.i686.rpm\nopenssl-1.0.1e-16.el6_5.16.x86_64.rpm\nopenssl-debuginfo-1.0.1e-16.el6_5.16.i686.rpm\nopenssl-debuginfo-1.0.1e-16.el6_5.16.x86_64.rpm\nopenssl-devel-1.0.1e-16.el6_5.16.i686.rpm\nopenssl-devel-1.0.1e-16.el6_5.16.x86_64.rpm\n\nRed Hat Enterprise Linux Server Optional AUS (v. 6.2):\n\nSource:\nopenssl-1.0.0-20.el6_2.8.src.rpm\n\nx86_64:\nopenssl-debuginfo-1.0.0-20.el6_2.8.x86_64.rpm\nopenssl-perl-1.0.0-20.el6_2.8.x86_64.rpm\nopenssl-static-1.0.0-20.el6_2.8.x86_64.rpm\n\nRed Hat Enterprise Linux Server Optional AUS (v. 6.4):\n\nSource:\nopenssl-1.0.0-27.el6_4.5.src.rpm\n\nx86_64:\nopenssl-debuginfo-1.0.0-27.el6_4.5.x86_64.rpm\nopenssl-perl-1.0.0-27.el6_4.5.x86_64.rpm\nopenssl-static-1.0.0-27.el6_4.5.x86_64.rpm\n\nRed Hat Enterprise Linux Server Optional AUS (v. 6.5):\n\nSource:\nopenssl-1.0.1e-16.el6_5.16.src.rpm\n\nx86_64:\nopenssl-debuginfo-1.0.1e-16.el6_5.16.x86_64.rpm\nopenssl-perl-1.0.1e-16.el6_5.16.x86_64.rpm\nopenssl-static-1.0.1e-16.el6_5.16.x86_64.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. References:\n\nhttps://access.redhat.com/security/cve/CVE-2015-0293\nhttps://access.redhat.com/security/cve/CVE-2015-3197\nhttps://access.redhat.com/security/cve/CVE-2016-0703\nhttps://access.redhat.com/security/cve/CVE-2016-0704\nhttps://access.redhat.com/security/cve/CVE-2016-0800\nhttps://access.redhat.com/security/updates/classification/#important\nhttps://access.redhat.com/articles/2176731\nhttps://drownattack.com/\nhttps://openssl.org/news/secadv/20160128.txt\nhttps://openssl.org/news/secadv/20160301.txt\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2016 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niD8DBQFW1cFVXlSAg2UNWIIRAiHFAKCv4By3YintGgRYJJyhA7n3FrUn1wCfZHLr\nV2xviZUG2H9rWZyjayig0oY=\n=rw6Q\n-----END PGP SIGNATURE-----\n\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce",
"sources": [
{
"db": "NVD",
"id": "CVE-2015-3197"
},
{
"db": "CERT/CC",
"id": "VU#257823"
},
{
"db": "CERT/CC",
"id": "VU#583776"
},
{
"db": "BID",
"id": "82237"
},
{
"db": "VULMON",
"id": "CVE-2015-3197"
},
{
"db": "PACKETSTORM",
"id": "169660"
},
{
"db": "PACKETSTORM",
"id": "136213"
},
{
"db": "PACKETSTORM",
"id": "136151"
},
{
"db": "PACKETSTORM",
"id": "141101"
},
{
"db": "PACKETSTORM",
"id": "136032"
},
{
"db": "PACKETSTORM",
"id": "135515"
},
{
"db": "PACKETSTORM",
"id": "136031"
},
{
"db": "PACKETSTORM",
"id": "136034"
},
{
"db": "PACKETSTORM",
"id": "136030"
}
],
"trust": 3.51
},
"exploit_availability": {
"_id": null,
"data": [
{
"reference": "https://www.kb.cert.org/vuls/id/583776",
"trust": 0.8,
"type": "poc"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#583776"
}
]
},
"external_ids": {
"_id": null,
"data": [
{
"db": "NVD",
"id": "CVE-2015-3197",
"trust": 2.9
},
{
"db": "CERT/CC",
"id": "VU#257823",
"trust": 2.8
},
{
"db": "BID",
"id": "82237",
"trust": 2.0
},
{
"db": "SIEMENS",
"id": "SSA-412672",
"trust": 1.7
},
{
"db": "BID",
"id": "91787",
"trust": 1.7
},
{
"db": "SECTRACK",
"id": "1034849",
"trust": 1.7
},
{
"db": "JUNIPER",
"id": "JSA10759",
"trust": 1.7
},
{
"db": "CERT/CC",
"id": "VU#583776",
"trust": 1.1
},
{
"db": "AUSCERT",
"id": "ESB-2022.0696",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201602-026",
"trust": 0.6
},
{
"db": "MCAFEE",
"id": "SB10203",
"trust": 0.3
},
{
"db": "ICS CERT",
"id": "ICSA-22-349-21",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2015-3197",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "169660",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "136213",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "136151",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "141101",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "136032",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "135515",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "136031",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "136034",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "136030",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#257823"
},
{
"db": "CERT/CC",
"id": "VU#583776"
},
{
"db": "VULMON",
"id": "CVE-2015-3197"
},
{
"db": "BID",
"id": "82237"
},
{
"db": "PACKETSTORM",
"id": "169660"
},
{
"db": "PACKETSTORM",
"id": "136213"
},
{
"db": "PACKETSTORM",
"id": "136151"
},
{
"db": "PACKETSTORM",
"id": "141101"
},
{
"db": "PACKETSTORM",
"id": "136032"
},
{
"db": "PACKETSTORM",
"id": "135515"
},
{
"db": "PACKETSTORM",
"id": "136031"
},
{
"db": "PACKETSTORM",
"id": "136034"
},
{
"db": "PACKETSTORM",
"id": "136030"
},
{
"db": "CNNVD",
"id": "CNNVD-201602-026"
},
{
"db": "NVD",
"id": "CVE-2015-3197"
}
]
},
"id": "VAR-201602-0272",
"iot": {
"_id": null,
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.4889322099999999
},
"last_update_date": "2026-04-10T22:35:14.450000Z",
"patch": {
"_id": null,
"data": [
{
"title": "OpenSSL Security vulnerabilities",
"trust": 0.6,
"url": "http://123.124.177.30/web/xxk/bdxqById.tag?id=60033"
},
{
"title": "The Register",
"trust": 0.2,
"url": "https://www.theregister.co.uk/2016/01/29/openssl_patch_quashes_rare_https_nasty_shores_up_crypto_chops/"
},
{
"title": "Red Hat: CVE-2015-3197",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database\u0026qid=CVE-2015-3197"
},
{
"title": "Cisco: Multiple Vulnerabilities in OpenSSL (January 2016) Affecting Cisco Products",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts\u0026qid=cisco-sa-20160129-openssl"
},
{
"title": "Amazon Linux AMI: ALAS-2016-682",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami\u0026qid=ALAS-2016-682"
},
{
"title": "Symantec Security Advisories: SA111 : OpenSSL Vulnerabilities 28-Jan-2016",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=symantec_security_advisories\u0026qid=83d562565218abbdbef42ef8962d127b"
},
{
"title": "Amazon Linux AMI: ALAS-2016-661",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami\u0026qid=ALAS-2016-661"
},
{
"title": "Oracle: Oracle Critical Patch Update Advisory - October 2017",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=523d3f220a64ff01dd95e064bd37566a"
},
{
"title": "Oracle Solaris Third Party Bulletins: Oracle Solaris Third Party Bulletin - January 2016",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_solaris_third_party_bulletins\u0026qid=eb439566c9130adc92d21bc093204cf8"
},
{
"title": "Oracle VM Server for x86 Bulletins: Oracle VM Server for x86 Bulletin - July 2016",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_vm_server_for_x86_bulletins\u0026qid=6c15273f6bf4a785175f27073b98a1ce"
},
{
"title": "Oracle Linux Bulletins: Oracle Linux Bulletin - January 2016",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_linux_bulletins\u0026qid=8ad80411af3e936eb2998df70506cc71"
},
{
"title": "Oracle: Oracle Critical Patch Update Advisory - October 2016",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=05aabe19d38058b7814ef5514aab4c0c"
},
{
"title": "Oracle: Oracle Critical Patch Update Advisory - July 2017",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=2f446a7e1ea263c0c3a365776c6713f2"
},
{
"title": "Oracle: Oracle Critical Patch Update Advisory - April 2016",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=122319027ae43d6d626710f1b1bb1d43"
},
{
"title": "Oracle: Oracle Critical Patch Update Advisory - July 2016",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=3a04485ebb79f7fbc2472bf9af5ce489"
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/Live-Hack-CVE/CVE-2015-3197 "
},
{
"title": "changelog",
"trust": 0.1,
"url": "https://github.com/halon/changelog "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/imhunterand/hackerone-publicy-disclosed "
},
{
"title": "satellite-host-cve",
"trust": 0.1,
"url": "https://github.com/RedHatSatellite/satellite-host-cve "
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2015-3197"
},
{
"db": "CNNVD",
"id": "CNNVD-201602-026"
}
]
},
"problemtype_data": {
"_id": null,
"data": [
{
"problemtype": "CWE-200",
"trust": 1.0
},
{
"problemtype": "CWE-310",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2015-3197"
}
]
},
"references": {
"_id": null,
"data": [
{
"trust": 2.1,
"url": "https://www.kb.cert.org/vuls/id/257823"
},
{
"trust": 2.0,
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html"
},
{
"trust": 2.0,
"url": "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html"
},
{
"trust": 2.0,
"url": "http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html"
},
{
"trust": 2.0,
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html"
},
{
"trust": 1.8,
"url": "https://security.gentoo.org/glsa/201601-05"
},
{
"trust": 1.7,
"url": "http://www.openssl.org/news/secadv/20160128.txt"
},
{
"trust": 1.7,
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/91787"
},
{
"trust": 1.7,
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/82237"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00015.html"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00017.html"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00003.html"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00010.html"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00007.html"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00009.html"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00001.html"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00017.html"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00004.html"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00025.html"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00002.html"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00006.html"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00011.html"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00038.html"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00012.html"
},
{
"trust": 1.7,
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf"
},
{
"trust": 1.7,
"url": "https://security.freebsd.org/advisories/freebsd-sa-16:11.openssl.asc"
},
{
"trust": 1.7,
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html"
},
{
"trust": 1.7,
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html"
},
{
"trust": 1.7,
"url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?doclocale=en_us\u0026docid=emr_na-hpesbhf03724en_us"
},
{
"trust": 1.7,
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c05390893"
},
{
"trust": 1.7,
"url": "http://kb.juniper.net/infocenter/index?page=content\u0026id=jsa10759"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id/1034849"
},
{
"trust": 1.7,
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-january/176373.html"
},
{
"trust": 1.4,
"url": "https://mta.openssl.org/pipermail/openssl-announce/2016-january/000061.html"
},
{
"trust": 1.1,
"url": "https://www.openssl.org/news/vulnerabilities.html#y2016"
},
{
"trust": 1.1,
"url": "https://git.openssl.org/?p=openssl.git%3ba=commit%3bh=d81a1600588b726c2bdccda7efad3cc7a87d6245"
},
{
"trust": 0.9,
"url": "https://www.openssl.org/news/secadv/20160301.txt"
},
{
"trust": 0.9,
"url": "https://tools.ietf.org/html/rfc6176"
},
{
"trust": 0.9,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-3197"
},
{
"trust": 0.8,
"url": "http://intothesymmetry.blogspot.com/2016/01/openssl-key-recovery-attack-on-dh-small.html"
},
{
"trust": 0.8,
"url": "http://tools.ietf.org/html/rfc5114"
},
{
"trust": 0.8,
"url": "http://webstore.ansi.org/recorddetail.aspx?sku=ansi+x9.42-2003+%28r2013%29"
},
{
"trust": 0.8,
"url": "http://drownattack.com"
},
{
"trust": 0.7,
"url": "https://access.redhat.com/security/cve/cve-2015-3197"
},
{
"trust": 0.7,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0800"
},
{
"trust": 0.6,
"url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.6,
"url": "https://bugzilla.redhat.com/):"
},
{
"trust": 0.6,
"url": "https://access.redhat.com/articles/11258"
},
{
"trust": 0.6,
"url": "https://access.redhat.com/security/cve/cve-2016-0800"
},
{
"trust": 0.6,
"url": "https://access.redhat.com/security/team/contact/"
},
{
"trust": 0.6,
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"trust": 0.6,
"url": "https://git.openssl.org/?p=openssl.git;a=commit;h=d81a1600588b726c2bdccda7efad3cc7a87d6245"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2022.0696"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-0293"
},
{
"trust": 0.5,
"url": "https://access.redhat.com/security/team/key/"
},
{
"trust": 0.5,
"url": "https://openssl.org/news/secadv/20160128.txt"
},
{
"trust": 0.4,
"url": "http://rhn.redhat.com/errata/rhsa-2016-0303.html"
},
{
"trust": 0.4,
"url": "http://rhn.redhat.com/errata/rhsa-2016-0379.html"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0704"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0703"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/cve/cve-2015-0293"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/articles/2176731"
},
{
"trust": 0.4,
"url": "https://openssl.org/news/secadv/20160301.txt"
},
{
"trust": 0.4,
"url": "https://drownattack.com/"
},
{
"trust": 0.3,
"url": "http://openssl.org/"
},
{
"trust": 0.3,
"url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20160129-openssl"
},
{
"trust": 0.3,
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2016-2881694.html"
},
{
"trust": 0.3,
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=sb10203"
},
{
"trust": 0.3,
"url": "http://aix.software.ibm.com/aix/efixes/security/openssl_advisory17.asc"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3t1023433"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3t1023836"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3t1023987"
},
{
"trust": 0.3,
"url": "https://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5099307"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=nas8n1021143"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=nas8n1021265"
},
{
"trust": 0.3,
"url": "https://www.freebsd.org/security/advisories/freebsd-sa-16:11.openssl.asc"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3t1024066"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1s1005820"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1s1009610"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21976345"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21976356"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21977014"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21977018"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21977144"
},
{
"trust": 0.3,
"url": "https://www-01.ibm.com/support/docview.wss?uid=swg21978361"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21978438"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21978941"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21979086"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21979209"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21980207"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21980965"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21980969"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21981438"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21982099"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21982336"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21982697"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21984601"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21985213"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21985698"
},
{
"trust": 0.3,
"url": "https://www-01.ibm.com/support/docview.wss?uid=swg21987174"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21987175"
},
{
"trust": 0.3,
"url": "https://gtacknowledge.extremenetworks.com/articles/vulnerability_notice/vn-2016-002-openssl/?q=cve-2015-3197\u0026l=en_us\u0026fs=search\u0026pn=1"
},
{
"trust": 0.3,
"url": "http://www.kb.cert.org/vuls/id/583776"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21979476"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0797"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2016-0704"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2016-0703"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0705"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0702"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2016-0797"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0701"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/310.html"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/200.html"
},
{
"trust": 0.1,
"url": "https://github.com/live-hack-cve/cve-2015-3197"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://github.com/halon/changelog"
},
{
"trust": 0.1,
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-349-21"
},
{
"trust": 0.1,
"url": "http://cachebleed.info."
},
{
"trust": 0.1,
"url": "https://www.openssl.org/policies/secpolicy.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0798"
},
{
"trust": 0.1,
"url": "https://www.openssl.org/policies/releasestrat.html),"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0799"
},
{
"trust": 0.1,
"url": "https://rhn.redhat.com/errata/rhsa-2016-0445.html"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/jbossnetwork/restricted/listsoftware.html?downloadtype=securitypatches\u0026product=webserver\u0026version=2.1.0"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0702"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0705"
},
{
"trust": 0.1,
"url": "https://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c05390893"
},
{
"trust": 0.1,
"url": "http://www.hpe.com/support/security_bulletin_archive"
},
{
"trust": 0.1,
"url": "https://www.hpe.com/info/report-security-vulnerability"
},
{
"trust": 0.1,
"url": "https://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c01345499"
},
{
"trust": 0.1,
"url": "http://www.hpe.com/support/subscriber_choice"
},
{
"trust": 0.1,
"url": "https://rhn.redhat.com/errata/rhsa-2016-0304.html"
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "https://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-3197"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0701"
},
{
"trust": 0.1,
"url": "https://rhn.redhat.com/errata/rhsa-2016-0306.html"
},
{
"trust": 0.1,
"url": "https://rhn.redhat.com/errata/rhsa-2016-0302.html"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#257823"
},
{
"db": "CERT/CC",
"id": "VU#583776"
},
{
"db": "VULMON",
"id": "CVE-2015-3197"
},
{
"db": "BID",
"id": "82237"
},
{
"db": "PACKETSTORM",
"id": "169660"
},
{
"db": "PACKETSTORM",
"id": "136213"
},
{
"db": "PACKETSTORM",
"id": "136151"
},
{
"db": "PACKETSTORM",
"id": "141101"
},
{
"db": "PACKETSTORM",
"id": "136032"
},
{
"db": "PACKETSTORM",
"id": "135515"
},
{
"db": "PACKETSTORM",
"id": "136031"
},
{
"db": "PACKETSTORM",
"id": "136034"
},
{
"db": "PACKETSTORM",
"id": "136030"
},
{
"db": "CNNVD",
"id": "CNNVD-201602-026"
},
{
"db": "NVD",
"id": "CVE-2015-3197"
}
]
},
"sources": {
"_id": null,
"data": [
{
"db": "CERT/CC",
"id": "VU#257823",
"ident": null
},
{
"db": "CERT/CC",
"id": "VU#583776",
"ident": null
},
{
"db": "VULMON",
"id": "CVE-2015-3197",
"ident": null
},
{
"db": "BID",
"id": "82237",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "169660",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "136213",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "136151",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "141101",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "136032",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "135515",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "136031",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "136034",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "136030",
"ident": null
},
{
"db": "CNNVD",
"id": "CNNVD-201602-026",
"ident": null
},
{
"db": "NVD",
"id": "CVE-2015-3197",
"ident": null
}
]
},
"sources_release_date": {
"_id": null,
"data": [
{
"date": "2016-01-28T00:00:00",
"db": "CERT/CC",
"id": "VU#257823",
"ident": null
},
{
"date": "2016-03-01T00:00:00",
"db": "CERT/CC",
"id": "VU#583776",
"ident": null
},
{
"date": "2016-02-15T00:00:00",
"db": "VULMON",
"id": "CVE-2015-3197",
"ident": null
},
{
"date": "2016-01-28T00:00:00",
"db": "BID",
"id": "82237",
"ident": null
},
{
"date": "2016-03-01T12:12:12",
"db": "PACKETSTORM",
"id": "169660",
"ident": null
},
{
"date": "2016-03-14T23:44:31",
"db": "PACKETSTORM",
"id": "136213",
"ident": null
},
{
"date": "2016-03-10T14:57:03",
"db": "PACKETSTORM",
"id": "136151",
"ident": null
},
{
"date": "2017-02-15T14:19:58",
"db": "PACKETSTORM",
"id": "141101",
"ident": null
},
{
"date": "2016-03-02T15:44:44",
"db": "PACKETSTORM",
"id": "136032",
"ident": null
},
{
"date": "2016-01-29T23:23:00",
"db": "PACKETSTORM",
"id": "135515",
"ident": null
},
{
"date": "2016-03-02T14:06:22",
"db": "PACKETSTORM",
"id": "136031",
"ident": null
},
{
"date": "2016-03-02T18:33:33",
"db": "PACKETSTORM",
"id": "136034",
"ident": null
},
{
"date": "2016-03-02T14:05:55",
"db": "PACKETSTORM",
"id": "136030",
"ident": null
},
{
"date": "2016-01-28T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201602-026",
"ident": null
},
{
"date": "2016-02-15T02:59:01.980000",
"db": "NVD",
"id": "CVE-2015-3197",
"ident": null
}
]
},
"sources_update_date": {
"_id": null,
"data": [
{
"date": "2016-01-29T00:00:00",
"db": "CERT/CC",
"id": "VU#257823",
"ident": null
},
{
"date": "2016-03-14T00:00:00",
"db": "CERT/CC",
"id": "VU#583776",
"ident": null
},
{
"date": "2023-11-07T00:00:00",
"db": "VULMON",
"id": "CVE-2015-3197",
"ident": null
},
{
"date": "2017-12-19T22:01:00",
"db": "BID",
"id": "82237",
"ident": null
},
{
"date": "2022-12-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201602-026",
"ident": null
},
{
"date": "2025-04-12T10:46:40.837000",
"db": "NVD",
"id": "CVE-2015-3197",
"ident": null
}
]
},
"threat_type": {
"_id": null,
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "135515"
},
{
"db": "CNNVD",
"id": "CNNVD-201602-026"
}
],
"trust": 0.7
},
"title": {
"_id": null,
"data": "OpenSSL re-uses unsafe prime numbers in Diffie-Hellman protocol",
"sources": [
{
"db": "CERT/CC",
"id": "VU#257823"
}
],
"trust": 0.8
},
"type": {
"_id": null,
"data": "information disclosure",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201602-026"
}
],
"trust": 0.6
}
}
VAR-201506-0268
Vulnerability from variot - Updated: 2026-04-10 22:34The pcntl_exec implementation in PHP before 5.4.41, 5.5.x before 5.5.25, and 5.6.x before 5.6.9 truncates a pathname upon encountering a \x00 character, which might allow remote attackers to bypass intended extension restrictions and execute files with unexpected names via a crafted first argument. NOTE: this vulnerability exists because of an incomplete fix for CVE-2006-7243. Supplementary information : CWE Vulnerability type by CWE-19: Data Handling ( Data processing ) Has been identified. PHP is prone to a security-bypass vulnerability. An attacker can leverage this issue to bypass security restrictions and perform unauthorized actions. This may aid in further attacks. PHP (PHP: Hypertext Preprocessor, PHP: Hypertext Preprocessor) is an open source general-purpose computer scripting language jointly maintained by the PHP Group and the open source community. The language is mainly used for Web development and supports a variety of databases and operating systems. A security vulnerability exists in PHP's implementation of pcntl_exec, which stems from the fact that the program does not allow null bytes in pathnames. The following versions are affected: PHP prior to 5.4.41, 5.5.x prior to 5.5.25, and 5.6.x prior to 5.6.9. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
===================================================================== Red Hat Security Advisory
Synopsis: Important: php security and bug fix update Advisory ID: RHSA-2015:1135-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2015-1135.html Issue date: 2015-06-23 CVE Names: CVE-2014-8142 CVE-2014-9652 CVE-2014-9705 CVE-2014-9709 CVE-2015-0231 CVE-2015-0232 CVE-2015-0273 CVE-2015-2301 CVE-2015-2348 CVE-2015-2783 CVE-2015-2787 CVE-2015-3307 CVE-2015-3329 CVE-2015-3330 CVE-2015-3411 CVE-2015-3412 CVE-2015-4021 CVE-2015-4022 CVE-2015-4024 CVE-2015-4025 CVE-2015-4026 CVE-2015-4147 CVE-2015-4148 CVE-2015-4598 CVE-2015-4599 CVE-2015-4600 CVE-2015-4601 CVE-2015-4602 CVE-2015-4603 CVE-2015-4604 CVE-2015-4605 =====================================================================
- Summary:
Updated php packages that fix multiple security issues and several bugs are now available for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.
- Relevant releases/architectures:
Red Hat Enterprise Linux Client Optional (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64 Red Hat Enterprise Linux Server (v. 7) - ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 7) - ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 7) - x86_64 Red Hat Enterprise Linux Workstation Optional (v. 7) - x86_64
- Description:
PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server.
A flaw was found in the way the PHP module for the Apache httpd web server handled pipelined requests. A remote attacker could use this flaw to trigger the execution of a PHP script in a deinitialized interpreter, causing it to crash or, possibly, execute arbitrary code. (CVE-2015-3330)
A flaw was found in the way PHP parsed multipart HTTP POST requests. A specially crafted request could cause PHP to use an excessive amount of CPU time. (CVE-2015-4024)
An uninitialized pointer use flaw was found in PHP's Exif extension. A specially crafted JPEG or TIFF file could cause a PHP application using the exif_read_data() function to crash or, possibly, execute arbitrary code with the privileges of the user running that PHP application. (CVE-2015-0232)
An integer overflow flaw leading to a heap-based buffer overflow was found in the way PHP's FTP extension parsed file listing FTP server responses. A malicious FTP server could use this flaw to cause a PHP application to crash or, possibly, execute arbitrary code. (CVE-2015-4022)
Multiple flaws were discovered in the way PHP performed object unserialization. Specially crafted input processed by the unserialize() function could cause a PHP application to crash or, possibly, execute arbitrary code. (CVE-2014-8142, CVE-2015-0231, CVE-2015-0273, CVE-2015-2787, CVE-2015-4147, CVE-2015-4148, CVE-2015-4599, CVE-2015-4600, CVE-2015-4601, CVE-2015-4602, CVE-2015-4603)
It was found that certain PHP functions did not properly handle file names containing a NULL character. (CVE-2015-2348, CVE-2015-4025, CVE-2015-4026, CVE-2015-3411, CVE-2015-3412, CVE-2015-4598)
Multiple flaws were found in the way the way PHP's Phar extension parsed Phar archives. A specially crafted archive could cause PHP to crash or, possibly, execute arbitrary code when opened. (CVE-2015-2301, CVE-2015-2783, CVE-2015-3307, CVE-2015-3329, CVE-2015-4021)
Multiple flaws were found in PHP's File Information (fileinfo) extension. A remote attacker could cause a PHP application to crash if it used fileinfo to identify type of attacker supplied files. (CVE-2014-9652, CVE-2015-4604, CVE-2015-4605)
A heap buffer overflow flaw was found in the enchant_broker_request_dict() function of PHP's enchant extension. An attacker able to make a PHP application enchant dictionaries could possibly cause it to crash. (CVE-2014-9705)
A buffer over-read flaw was found in the GD library used by the PHP gd extension. A specially crafted GIF file could cause a PHP application using the imagecreatefromgif() function to crash. (CVE-2014-9709)
This update also fixes the following bugs:
-
The libgmp library in some cases terminated unexpectedly with a segmentation fault when being used with other libraries that use the GMP memory management. With this update, PHP no longer changes libgmp memory allocators, which prevents the described crash from occurring. (BZ#1212305)
-
When using the Open Database Connectivity (ODBC) API, the PHP process in some cases terminated unexpectedly with a segmentation fault. The underlying code has been adjusted to prevent this crash. (BZ#1212299)
-
Previously, running PHP on a big-endian system sometimes led to memory corruption in the fileinfo module. This update adjusts the behavior of the PHP pointer so that it can be freed without causing memory corruption. (BZ#1212298)
All php users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. After installing the updated packages, the httpd daemon must be restarted for the update to take effect.
- Solution:
Before applying this update, make sure all previously released errata relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
- Bugs fixed (https://bugzilla.redhat.com/):
1175718 - CVE-2014-8142 php: use after free vulnerability in unserialize() 1185397 - CVE-2015-0231 php: use after free vulnerability in unserialize() (incomplete fix of CVE-2014-8142) 1185472 - CVE-2015-0232 php: Free called on unitialized pointer in exif.c 1188599 - CVE-2014-9652 file: out of bounds read in mconvert() 1188639 - CVE-2014-9709 gd: buffer read overflow in gd_gif_in.c 1194730 - CVE-2015-0273 php: use after free vulnerability in unserialize() with DateTimeZone 1194737 - CVE-2014-9705 php: heap buffer overflow in enchant_broker_request_dict() 1194747 - CVE-2015-2301 php: use after free in phar_object.c 1204868 - CVE-2015-4147 php: SoapClient's __call() type confusion through unserialize() 1207676 - CVE-2015-2787 php: use-after-free vulnerability in the process_nested_data function in ext/standard/var_unserializer.re 1207682 - CVE-2015-2348 php: move_uploaded_file() NUL byte injection in file name 1213394 - CVE-2015-3330 php: pipelined request executed in deinitialized interpreter under httpd 2.4 1213407 - CVE-2015-3411 php: missing null byte checks for paths in various PHP extensions 1213442 - CVE-2015-4604 CVE-2015-4605 php: denial of service when processing a crafted file with Fileinfo 1213446 - CVE-2015-2783 php: buffer over-read in Phar metadata parsing 1213449 - CVE-2015-3329 php: buffer overflow in phar_set_inode() 1222485 - CVE-2015-4024 php: multipart/form-data request paring CPU usage DoS 1222538 - CVE-2015-4599 CVE-2015-4600 CVE-2015-4601 php: type confusion issue in unserialize() with various SOAP methods 1223408 - CVE-2015-4025 php: CVE-2006-7243 regressions in 5.4+ 1223412 - CVE-2015-4022 php: integer overflow leading to heap overflow when reading FTP file listing 1223422 - CVE-2015-4026 php: pcntl_exec() accepts paths with NUL character 1223425 - CVE-2015-4021 php: memory corruption in phar_parse_tarfile caused by empty entry file name 1223441 - CVE-2015-3307 php: invalid pointer free() in phar_tar_process_metadata() 1226916 - CVE-2015-4148 php: SoapClient's do_soap_call() type confusion after unserialize() 1232823 - CVE-2015-3412 php: missing null byte checks for paths in various PHP extensions 1232897 - CVE-2015-4598 php: missing null byte checks for paths in DOM and GD extensions 1232918 - CVE-2015-4603 php: exception::getTraceAsString type confusion issue after unserialize 1232923 - CVE-2015-4602 php: Incomplete Class unserialization type confusion
- Package List:
Red Hat Enterprise Linux Client Optional (v. 7):
Source: php-5.4.16-36.el7_1.src.rpm
x86_64: php-5.4.16-36.el7_1.x86_64.rpm php-bcmath-5.4.16-36.el7_1.x86_64.rpm php-cli-5.4.16-36.el7_1.x86_64.rpm php-common-5.4.16-36.el7_1.x86_64.rpm php-dba-5.4.16-36.el7_1.x86_64.rpm php-debuginfo-5.4.16-36.el7_1.x86_64.rpm php-devel-5.4.16-36.el7_1.x86_64.rpm php-embedded-5.4.16-36.el7_1.x86_64.rpm php-enchant-5.4.16-36.el7_1.x86_64.rpm php-fpm-5.4.16-36.el7_1.x86_64.rpm php-gd-5.4.16-36.el7_1.x86_64.rpm php-intl-5.4.16-36.el7_1.x86_64.rpm php-ldap-5.4.16-36.el7_1.x86_64.rpm php-mbstring-5.4.16-36.el7_1.x86_64.rpm php-mysql-5.4.16-36.el7_1.x86_64.rpm php-mysqlnd-5.4.16-36.el7_1.x86_64.rpm php-odbc-5.4.16-36.el7_1.x86_64.rpm php-pdo-5.4.16-36.el7_1.x86_64.rpm php-pgsql-5.4.16-36.el7_1.x86_64.rpm php-process-5.4.16-36.el7_1.x86_64.rpm php-pspell-5.4.16-36.el7_1.x86_64.rpm php-recode-5.4.16-36.el7_1.x86_64.rpm php-snmp-5.4.16-36.el7_1.x86_64.rpm php-soap-5.4.16-36.el7_1.x86_64.rpm php-xml-5.4.16-36.el7_1.x86_64.rpm php-xmlrpc-5.4.16-36.el7_1.x86_64.rpm
Red Hat Enterprise Linux ComputeNode Optional (v. 7):
Source: php-5.4.16-36.el7_1.src.rpm
x86_64: php-5.4.16-36.el7_1.x86_64.rpm php-bcmath-5.4.16-36.el7_1.x86_64.rpm php-cli-5.4.16-36.el7_1.x86_64.rpm php-common-5.4.16-36.el7_1.x86_64.rpm php-dba-5.4.16-36.el7_1.x86_64.rpm php-debuginfo-5.4.16-36.el7_1.x86_64.rpm php-devel-5.4.16-36.el7_1.x86_64.rpm php-embedded-5.4.16-36.el7_1.x86_64.rpm php-enchant-5.4.16-36.el7_1.x86_64.rpm php-fpm-5.4.16-36.el7_1.x86_64.rpm php-gd-5.4.16-36.el7_1.x86_64.rpm php-intl-5.4.16-36.el7_1.x86_64.rpm php-ldap-5.4.16-36.el7_1.x86_64.rpm php-mbstring-5.4.16-36.el7_1.x86_64.rpm php-mysql-5.4.16-36.el7_1.x86_64.rpm php-mysqlnd-5.4.16-36.el7_1.x86_64.rpm php-odbc-5.4.16-36.el7_1.x86_64.rpm php-pdo-5.4.16-36.el7_1.x86_64.rpm php-pgsql-5.4.16-36.el7_1.x86_64.rpm php-process-5.4.16-36.el7_1.x86_64.rpm php-pspell-5.4.16-36.el7_1.x86_64.rpm php-recode-5.4.16-36.el7_1.x86_64.rpm php-snmp-5.4.16-36.el7_1.x86_64.rpm php-soap-5.4.16-36.el7_1.x86_64.rpm php-xml-5.4.16-36.el7_1.x86_64.rpm php-xmlrpc-5.4.16-36.el7_1.x86_64.rpm
Red Hat Enterprise Linux Server (v. 7):
Source: php-5.4.16-36.el7_1.src.rpm
ppc64: php-5.4.16-36.el7_1.ppc64.rpm php-cli-5.4.16-36.el7_1.ppc64.rpm php-common-5.4.16-36.el7_1.ppc64.rpm php-debuginfo-5.4.16-36.el7_1.ppc64.rpm php-gd-5.4.16-36.el7_1.ppc64.rpm php-ldap-5.4.16-36.el7_1.ppc64.rpm php-mysql-5.4.16-36.el7_1.ppc64.rpm php-odbc-5.4.16-36.el7_1.ppc64.rpm php-pdo-5.4.16-36.el7_1.ppc64.rpm php-pgsql-5.4.16-36.el7_1.ppc64.rpm php-process-5.4.16-36.el7_1.ppc64.rpm php-recode-5.4.16-36.el7_1.ppc64.rpm php-soap-5.4.16-36.el7_1.ppc64.rpm php-xml-5.4.16-36.el7_1.ppc64.rpm php-xmlrpc-5.4.16-36.el7_1.ppc64.rpm
s390x: php-5.4.16-36.el7_1.s390x.rpm php-cli-5.4.16-36.el7_1.s390x.rpm php-common-5.4.16-36.el7_1.s390x.rpm php-debuginfo-5.4.16-36.el7_1.s390x.rpm php-gd-5.4.16-36.el7_1.s390x.rpm php-ldap-5.4.16-36.el7_1.s390x.rpm php-mysql-5.4.16-36.el7_1.s390x.rpm php-odbc-5.4.16-36.el7_1.s390x.rpm php-pdo-5.4.16-36.el7_1.s390x.rpm php-pgsql-5.4.16-36.el7_1.s390x.rpm php-process-5.4.16-36.el7_1.s390x.rpm php-recode-5.4.16-36.el7_1.s390x.rpm php-soap-5.4.16-36.el7_1.s390x.rpm php-xml-5.4.16-36.el7_1.s390x.rpm php-xmlrpc-5.4.16-36.el7_1.s390x.rpm
x86_64: php-5.4.16-36.el7_1.x86_64.rpm php-cli-5.4.16-36.el7_1.x86_64.rpm php-common-5.4.16-36.el7_1.x86_64.rpm php-debuginfo-5.4.16-36.el7_1.x86_64.rpm php-gd-5.4.16-36.el7_1.x86_64.rpm php-ldap-5.4.16-36.el7_1.x86_64.rpm php-mysql-5.4.16-36.el7_1.x86_64.rpm php-odbc-5.4.16-36.el7_1.x86_64.rpm php-pdo-5.4.16-36.el7_1.x86_64.rpm php-pgsql-5.4.16-36.el7_1.x86_64.rpm php-process-5.4.16-36.el7_1.x86_64.rpm php-recode-5.4.16-36.el7_1.x86_64.rpm php-soap-5.4.16-36.el7_1.x86_64.rpm php-xml-5.4.16-36.el7_1.x86_64.rpm php-xmlrpc-5.4.16-36.el7_1.x86_64.rpm
Red Hat Enterprise Linux Server (v. 7):
Source: php-5.4.16-36.ael7b_1.src.rpm
ppc64le: php-5.4.16-36.ael7b_1.ppc64le.rpm php-cli-5.4.16-36.ael7b_1.ppc64le.rpm php-common-5.4.16-36.ael7b_1.ppc64le.rpm php-debuginfo-5.4.16-36.ael7b_1.ppc64le.rpm php-gd-5.4.16-36.ael7b_1.ppc64le.rpm php-ldap-5.4.16-36.ael7b_1.ppc64le.rpm php-mysql-5.4.16-36.ael7b_1.ppc64le.rpm php-odbc-5.4.16-36.ael7b_1.ppc64le.rpm php-pdo-5.4.16-36.ael7b_1.ppc64le.rpm php-pgsql-5.4.16-36.ael7b_1.ppc64le.rpm php-process-5.4.16-36.ael7b_1.ppc64le.rpm php-recode-5.4.16-36.ael7b_1.ppc64le.rpm php-soap-5.4.16-36.ael7b_1.ppc64le.rpm php-xml-5.4.16-36.ael7b_1.ppc64le.rpm php-xmlrpc-5.4.16-36.ael7b_1.ppc64le.rpm
Red Hat Enterprise Linux Server Optional (v. 7):
ppc64: php-bcmath-5.4.16-36.el7_1.ppc64.rpm php-dba-5.4.16-36.el7_1.ppc64.rpm php-debuginfo-5.4.16-36.el7_1.ppc64.rpm php-devel-5.4.16-36.el7_1.ppc64.rpm php-embedded-5.4.16-36.el7_1.ppc64.rpm php-enchant-5.4.16-36.el7_1.ppc64.rpm php-fpm-5.4.16-36.el7_1.ppc64.rpm php-intl-5.4.16-36.el7_1.ppc64.rpm php-mbstring-5.4.16-36.el7_1.ppc64.rpm php-mysqlnd-5.4.16-36.el7_1.ppc64.rpm php-pspell-5.4.16-36.el7_1.ppc64.rpm php-snmp-5.4.16-36.el7_1.ppc64.rpm
s390x: php-bcmath-5.4.16-36.el7_1.s390x.rpm php-dba-5.4.16-36.el7_1.s390x.rpm php-debuginfo-5.4.16-36.el7_1.s390x.rpm php-devel-5.4.16-36.el7_1.s390x.rpm php-embedded-5.4.16-36.el7_1.s390x.rpm php-enchant-5.4.16-36.el7_1.s390x.rpm php-fpm-5.4.16-36.el7_1.s390x.rpm php-intl-5.4.16-36.el7_1.s390x.rpm php-mbstring-5.4.16-36.el7_1.s390x.rpm php-mysqlnd-5.4.16-36.el7_1.s390x.rpm php-pspell-5.4.16-36.el7_1.s390x.rpm php-snmp-5.4.16-36.el7_1.s390x.rpm
x86_64: php-bcmath-5.4.16-36.el7_1.x86_64.rpm php-dba-5.4.16-36.el7_1.x86_64.rpm php-debuginfo-5.4.16-36.el7_1.x86_64.rpm php-devel-5.4.16-36.el7_1.x86_64.rpm php-embedded-5.4.16-36.el7_1.x86_64.rpm php-enchant-5.4.16-36.el7_1.x86_64.rpm php-fpm-5.4.16-36.el7_1.x86_64.rpm php-intl-5.4.16-36.el7_1.x86_64.rpm php-mbstring-5.4.16-36.el7_1.x86_64.rpm php-mysqlnd-5.4.16-36.el7_1.x86_64.rpm php-pspell-5.4.16-36.el7_1.x86_64.rpm php-snmp-5.4.16-36.el7_1.x86_64.rpm
Red Hat Enterprise Linux Server Optional (v. 7):
ppc64le: php-bcmath-5.4.16-36.ael7b_1.ppc64le.rpm php-dba-5.4.16-36.ael7b_1.ppc64le.rpm php-debuginfo-5.4.16-36.ael7b_1.ppc64le.rpm php-devel-5.4.16-36.ael7b_1.ppc64le.rpm php-embedded-5.4.16-36.ael7b_1.ppc64le.rpm php-enchant-5.4.16-36.ael7b_1.ppc64le.rpm php-fpm-5.4.16-36.ael7b_1.ppc64le.rpm php-intl-5.4.16-36.ael7b_1.ppc64le.rpm php-mbstring-5.4.16-36.ael7b_1.ppc64le.rpm php-mysqlnd-5.4.16-36.ael7b_1.ppc64le.rpm php-pspell-5.4.16-36.ael7b_1.ppc64le.rpm php-snmp-5.4.16-36.ael7b_1.ppc64le.rpm
Red Hat Enterprise Linux Workstation (v. 7):
Source: php-5.4.16-36.el7_1.src.rpm
x86_64: php-5.4.16-36.el7_1.x86_64.rpm php-cli-5.4.16-36.el7_1.x86_64.rpm php-common-5.4.16-36.el7_1.x86_64.rpm php-debuginfo-5.4.16-36.el7_1.x86_64.rpm php-gd-5.4.16-36.el7_1.x86_64.rpm php-ldap-5.4.16-36.el7_1.x86_64.rpm php-mysql-5.4.16-36.el7_1.x86_64.rpm php-odbc-5.4.16-36.el7_1.x86_64.rpm php-pdo-5.4.16-36.el7_1.x86_64.rpm php-pgsql-5.4.16-36.el7_1.x86_64.rpm php-process-5.4.16-36.el7_1.x86_64.rpm php-recode-5.4.16-36.el7_1.x86_64.rpm php-soap-5.4.16-36.el7_1.x86_64.rpm php-xml-5.4.16-36.el7_1.x86_64.rpm php-xmlrpc-5.4.16-36.el7_1.x86_64.rpm
Red Hat Enterprise Linux Workstation Optional (v. 7):
x86_64: php-bcmath-5.4.16-36.el7_1.x86_64.rpm php-dba-5.4.16-36.el7_1.x86_64.rpm php-debuginfo-5.4.16-36.el7_1.x86_64.rpm php-devel-5.4.16-36.el7_1.x86_64.rpm php-embedded-5.4.16-36.el7_1.x86_64.rpm php-enchant-5.4.16-36.el7_1.x86_64.rpm php-fpm-5.4.16-36.el7_1.x86_64.rpm php-intl-5.4.16-36.el7_1.x86_64.rpm php-mbstring-5.4.16-36.el7_1.x86_64.rpm php-mysqlnd-5.4.16-36.el7_1.x86_64.rpm php-pspell-5.4.16-36.el7_1.x86_64.rpm php-snmp-5.4.16-36.el7_1.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/
- References:
https://access.redhat.com/security/cve/CVE-2014-8142 https://access.redhat.com/security/cve/CVE-2014-9652 https://access.redhat.com/security/cve/CVE-2014-9705 https://access.redhat.com/security/cve/CVE-2014-9709 https://access.redhat.com/security/cve/CVE-2015-0231 https://access.redhat.com/security/cve/CVE-2015-0232 https://access.redhat.com/security/cve/CVE-2015-0273 https://access.redhat.com/security/cve/CVE-2015-2301 https://access.redhat.com/security/cve/CVE-2015-2348 https://access.redhat.com/security/cve/CVE-2015-2783 https://access.redhat.com/security/cve/CVE-2015-2787 https://access.redhat.com/security/cve/CVE-2015-3307 https://access.redhat.com/security/cve/CVE-2015-3329 https://access.redhat.com/security/cve/CVE-2015-3330 https://access.redhat.com/security/cve/CVE-2015-3411 https://access.redhat.com/security/cve/CVE-2015-3412 https://access.redhat.com/security/cve/CVE-2015-4021 https://access.redhat.com/security/cve/CVE-2015-4022 https://access.redhat.com/security/cve/CVE-2015-4024 https://access.redhat.com/security/cve/CVE-2015-4025 https://access.redhat.com/security/cve/CVE-2015-4026 https://access.redhat.com/security/cve/CVE-2015-4147 https://access.redhat.com/security/cve/CVE-2015-4148 https://access.redhat.com/security/cve/CVE-2015-4598 https://access.redhat.com/security/cve/CVE-2015-4599 https://access.redhat.com/security/cve/CVE-2015-4600 https://access.redhat.com/security/cve/CVE-2015-4601 https://access.redhat.com/security/cve/CVE-2015-4602 https://access.redhat.com/security/cve/CVE-2015-4603 https://access.redhat.com/security/cve/CVE-2015-4604 https://access.redhat.com/security/cve/CVE-2015-4605 https://access.redhat.com/security/updates/classification/#important
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2015 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iD8DBQFViR1aXlSAg2UNWIIRAuxPAJ42GLQVzvzc9kje0VjDv8NZWcPv6QCbBL+O dtqycPWs+07GhjmZ6NNx5Bg= =FREZ -----END PGP SIGNATURE-----
-- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce . ============================================================================ Ubuntu Security Notice USN-2658-1 July 06, 2015
php5 vulnerabilities
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 15.04
- Ubuntu 14.10
- Ubuntu 14.04 LTS
- Ubuntu 12.04 LTS
Summary:
Several security issues were fixed in PHP.
Software Description: - php5: HTML-embedded scripting language interpreter
Details:
Neal Poole and Tomas Hoger discovered that PHP incorrectly handled NULL bytes in file paths. (CVE-2015-3411, CVE-2015-3412, CVE-2015-4025, CVE-2015-4026, CVE-2015-4598)
Emmanuel Law discovered that the PHP phar extension incorrectly handled filenames starting with a NULL byte. (CVE-2015-4021)
Max Spelsberg discovered that PHP incorrectly handled the LIST command when connecting to remote FTP servers. (CVE-2015-4022, CVE-2015-4643)
Shusheng Liu discovered that PHP incorrectly handled certain malformed form data. (CVE-2015-4024)
Andrea Palazzo discovered that the PHP Soap client incorrectly validated data types. (CVE-2015-4147)
Andrea Palazzo discovered that the PHP Soap client incorrectly validated that the uri property is a string. A remote attacker could possibly use these issues to obtain sensitive information or cause a denial of service. This issue only affected Ubuntu 15.04. (CVE-2015-4644)
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 15.04: libapache2-mod-php5 5.6.4+dfsg-4ubuntu6.2 php5-cgi 5.6.4+dfsg-4ubuntu6.2 php5-cli 5.6.4+dfsg-4ubuntu6.2 php5-fpm 5.6.4+dfsg-4ubuntu6.2
Ubuntu 14.10: libapache2-mod-php5 5.5.12+dfsg-2ubuntu4.6 php5-cgi 5.5.12+dfsg-2ubuntu4.6 php5-cli 5.5.12+dfsg-2ubuntu4.6 php5-fpm 5.5.12+dfsg-2ubuntu4.6
Ubuntu 14.04 LTS: libapache2-mod-php5 5.5.9+dfsg-1ubuntu4.11 php5-cgi 5.5.9+dfsg-1ubuntu4.11 php5-cli 5.5.9+dfsg-1ubuntu4.11 php5-fpm 5.5.9+dfsg-1ubuntu4.11
Ubuntu 12.04 LTS: libapache2-mod-php5 5.3.10-1ubuntu3.19 php5-cgi 5.3.10-1ubuntu3.19 php5-cli 5.3.10-1ubuntu3.19 php5-fpm 5.3.10-1ubuntu3.19
In general, a standard system update will make all the necessary changes. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201606-10
https://security.gentoo.org/
Severity: Normal Title: PHP: Multiple vulnerabilities Date: June 19, 2016 Bugs: #537586, #541098, #544186, #544330, #546872, #549538, #552408, #555576, #555830, #556952, #559612, #562882, #571254, #573892, #577376 ID: 201606-10
Synopsis
Multiple vulnerabilities have been found in PHP, the worst of which could lead to arbitrary code execution, or cause a Denial of Service condition.
Background
PHP is a widely-used general-purpose scripting language that is especially suited for Web development and can be embedded into HTML. Please review the CVE identifiers referenced below for details.
Workaround
There is no known workaround at this time.
Resolution
All PHP 5.4 users should upgrade to the latest 5.5 stable branch, as PHP 5.4 is now masked in Portage:
# emerge --sync # emerge --ask --oneshot --verbose ">=dev=lang/php-5.5.33"
All PHP 5.5 users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=dev=lang/php-5.5.33"
All PHP 5.6 users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=dev=lang/php-5.6.19"
References
[ 1 ] CVE-2013-6501 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-6501 [ 2 ] CVE-2014-9705 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-9705 [ 3 ] CVE-2014-9709 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-9709 [ 4 ] CVE-2015-0231 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0231 [ 5 ] CVE-2015-0273 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0273 [ 6 ] CVE-2015-1351 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-1351 [ 7 ] CVE-2015-1352 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-1352 [ 8 ] CVE-2015-2301 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-2301 [ 9 ] CVE-2015-2348 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-2348 [ 10 ] CVE-2015-2783 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-2783 [ 11 ] CVE-2015-2787 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-2787 [ 12 ] CVE-2015-3329 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-3329 [ 13 ] CVE-2015-3330 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-3330 [ 14 ] CVE-2015-4021 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-4021 [ 15 ] CVE-2015-4022 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-4022 [ 16 ] CVE-2015-4025 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-4025 [ 17 ] CVE-2015-4026 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-4026 [ 18 ] CVE-2015-4147 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-4147 [ 19 ] CVE-2015-4148 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-4148 [ 20 ] CVE-2015-4642 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-4642 [ 21 ] CVE-2015-4643 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-4643 [ 22 ] CVE-2015-4644 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-4644 [ 23 ] CVE-2015-6831 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-6831 [ 24 ] CVE-2015-6832 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-6832 [ 25 ] CVE-2015-6833 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-6833 [ 26 ] CVE-2015-6834 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-6834 [ 27 ] CVE-2015-6835 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-6835 [ 28 ] CVE-2015-6836 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-6836 [ 29 ] CVE-2015-6837 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-6837 [ 30 ] CVE-2015-6838 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-6838 [ 31 ] CVE-2015-7803 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7803 [ 32 ] CVE-2015-7804 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7804
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
https://security.gentoo.org/glsa/201606-10
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2016 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
Show details on source website{
"affected_products": {
"_id": null,
"data": [
{
"_id": null,
"model": "enterprise linux server",
"scope": "eq",
"trust": 1.6,
"vendor": "redhat",
"version": "7.0"
},
{
"_id": null,
"model": "enterprise linux hpc node eus",
"scope": "eq",
"trust": 1.6,
"vendor": "redhat",
"version": "7.1"
},
{
"_id": null,
"model": "enterprise linux workstation",
"scope": "eq",
"trust": 1.6,
"vendor": "redhat",
"version": "7.0"
},
{
"_id": null,
"model": "enterprise linux server eus",
"scope": "eq",
"trust": 1.6,
"vendor": "redhat",
"version": "7.1"
},
{
"_id": null,
"model": "enterprise linux hpc node",
"scope": "eq",
"trust": 1.6,
"vendor": "redhat",
"version": "7.0"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 1.3,
"vendor": "php",
"version": "5.6.5"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 1.3,
"vendor": "php",
"version": "5.6.4"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 1.3,
"vendor": "php",
"version": "5.5.21"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 1.3,
"vendor": "php",
"version": "5.5.14"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 1.3,
"vendor": "php",
"version": "5.5.13"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 1.3,
"vendor": "php",
"version": "5.5.12"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 1.3,
"vendor": "php",
"version": "5.5.11"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 1.3,
"vendor": "php",
"version": "5.5.10"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 1.3,
"vendor": "php",
"version": "5.5.6"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 1.3,
"vendor": "php",
"version": "5.5.5"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 1.3,
"vendor": "php",
"version": "5.5.4"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 1.3,
"vendor": "php",
"version": "5.5.3"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 1.3,
"vendor": "php",
"version": "5.5.1"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 1.3,
"vendor": "php",
"version": "5.6.8"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 1.3,
"vendor": "php",
"version": "5.6.7"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 1.3,
"vendor": "php",
"version": "5.6.6"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 1.3,
"vendor": "php",
"version": "5.6.3"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 1.3,
"vendor": "php",
"version": "5.6.2"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 1.3,
"vendor": "php",
"version": "5.5.9"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 1.3,
"vendor": "php",
"version": "5.5.8"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 1.3,
"vendor": "php",
"version": "5.5.7"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 1.3,
"vendor": "php",
"version": "5.5.24"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 1.3,
"vendor": "php",
"version": "5.5.23"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 1.3,
"vendor": "php",
"version": "5.5.22"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 1.3,
"vendor": "php",
"version": "5.5.20"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 1.3,
"vendor": "php",
"version": "5.5.2"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 1.3,
"vendor": "php",
"version": "5.5.19"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 1.3,
"vendor": "php",
"version": "5.5.18"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 1.3,
"vendor": "php",
"version": "5.4.39"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.0"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "6.0"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 1.0,
"vendor": "php",
"version": "5.5.0"
},
{
"_id": null,
"model": "php",
"scope": "lte",
"trust": 1.0,
"vendor": "php",
"version": "5.4.40"
},
{
"_id": null,
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.0"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 1.0,
"vendor": "php",
"version": "5.6.0"
},
{
"_id": null,
"model": "mac os x",
"scope": "lte",
"trust": 1.0,
"vendor": "apple",
"version": "10.10.4"
},
{
"_id": null,
"model": "mac os x",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "10.9.5"
},
{
"_id": null,
"model": "mac os x",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "10.10 to 10.10.4"
},
{
"_id": null,
"model": "php",
"scope": "lt",
"trust": 0.8,
"vendor": "the php group",
"version": "5.6.x"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 0.8,
"vendor": "the php group",
"version": "5.6.9"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 0.8,
"vendor": "the php group",
"version": "5.5.25"
},
{
"_id": null,
"model": "php",
"scope": "lt",
"trust": 0.8,
"vendor": "the php group",
"version": "5.5.x"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "15.04"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "14.10"
},
{
"_id": null,
"model": "linux lts",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "14.04"
},
{
"_id": null,
"model": "linux lts i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "12.04"
},
{
"_id": null,
"model": "linux lts amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "12.04"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "14.1"
},
{
"_id": null,
"model": "linux x86 64 -current",
"scope": null,
"trust": 0.3,
"vendor": "slackware",
"version": null
},
{
"_id": null,
"model": "linux x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "14.1"
},
{
"_id": null,
"model": "linux x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "14.0"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "14.0"
},
{
"_id": null,
"model": "linux -current",
"scope": null,
"trust": 0.3,
"vendor": "slackware",
"version": null
},
{
"_id": null,
"model": "enterprise linux workstation optional",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"_id": null,
"model": "enterprise linux workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7"
},
{
"_id": null,
"model": "enterprise linux workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"_id": null,
"model": "enterprise linux server optional",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"_id": null,
"model": "enterprise linux server",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7"
},
{
"_id": null,
"model": "enterprise linux server",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"_id": null,
"model": "enterprise linux hpc node optional",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"_id": null,
"model": "enterprise linux hpc node",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7"
},
{
"_id": null,
"model": "enterprise linux hpc node",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"_id": null,
"model": "enterprise linux desktop optional",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"_id": null,
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 0.3,
"vendor": "php",
"version": "5.6.1"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 0.3,
"vendor": "php",
"version": "5.5"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 0.3,
"vendor": "php",
"version": "5.4.37"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 0.3,
"vendor": "php",
"version": "5.4.30"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 0.3,
"vendor": "php",
"version": "5.4.29"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 0.3,
"vendor": "php",
"version": "5.4.26"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 0.3,
"vendor": "php",
"version": "5.4.25"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 0.3,
"vendor": "php",
"version": "5.4.17"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 0.3,
"vendor": "php",
"version": "5.4.14"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 0.3,
"vendor": "php",
"version": "5.4.8"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 0.3,
"vendor": "php",
"version": "5.4.7"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 0.3,
"vendor": "php",
"version": "5.4.6"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 0.3,
"vendor": "php",
"version": "5.4.4"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 0.3,
"vendor": "php",
"version": "5.4.3"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 0.3,
"vendor": "php",
"version": "5.4.2"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 0.3,
"vendor": "php",
"version": "5.4.1"
},
{
"_id": null,
"model": "rc1",
"scope": "eq",
"trust": 0.3,
"vendor": "php",
"version": "5.6.8"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 0.3,
"vendor": "php",
"version": "5.6"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 0.3,
"vendor": "php",
"version": "5.5.17"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 0.3,
"vendor": "php",
"version": "5.5.16"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 0.3,
"vendor": "php",
"version": "5.5.15"
},
{
"_id": null,
"model": "rc2",
"scope": "eq",
"trust": 0.3,
"vendor": "php",
"version": "5.5.0"
},
{
"_id": null,
"model": "rc1",
"scope": "eq",
"trust": 0.3,
"vendor": "php",
"version": "5.5.0"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 0.3,
"vendor": "php",
"version": "5.4.9"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 0.3,
"vendor": "php",
"version": "5.4.5"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 0.3,
"vendor": "php",
"version": "5.4.40"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 0.3,
"vendor": "php",
"version": "5.4.38"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 0.3,
"vendor": "php",
"version": "5.4.36"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 0.3,
"vendor": "php",
"version": "5.4.35"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 0.3,
"vendor": "php",
"version": "5.4.34"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 0.3,
"vendor": "php",
"version": "5.4.33"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 0.3,
"vendor": "php",
"version": "5.4.32"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 0.3,
"vendor": "php",
"version": "5.4.31"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 0.3,
"vendor": "php",
"version": "5.4.28"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 0.3,
"vendor": "php",
"version": "5.4.27"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 0.3,
"vendor": "php",
"version": "5.4.24"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 0.3,
"vendor": "php",
"version": "5.4.23"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 0.3,
"vendor": "php",
"version": "5.4.22"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 0.3,
"vendor": "php",
"version": "5.4.21"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 0.3,
"vendor": "php",
"version": "5.4.20"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 0.3,
"vendor": "php",
"version": "5.4.19"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 0.3,
"vendor": "php",
"version": "5.4.18"
},
{
"_id": null,
"model": "rc1",
"scope": "eq",
"trust": 0.3,
"vendor": "php",
"version": "5.4.16"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 0.3,
"vendor": "php",
"version": "5.4.16"
},
{
"_id": null,
"model": "rc1",
"scope": "eq",
"trust": 0.3,
"vendor": "php",
"version": "5.4.15"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 0.3,
"vendor": "php",
"version": "5.4.15"
},
{
"_id": null,
"model": "rc1",
"scope": "eq",
"trust": 0.3,
"vendor": "php",
"version": "5.4.14"
},
{
"_id": null,
"model": "rc1",
"scope": "eq",
"trust": 0.3,
"vendor": "php",
"version": "5.4.13"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 0.3,
"vendor": "php",
"version": "5.4.13"
},
{
"_id": null,
"model": "rc2",
"scope": "eq",
"trust": 0.3,
"vendor": "php",
"version": "5.4.12"
},
{
"_id": null,
"model": "rc1",
"scope": "eq",
"trust": 0.3,
"vendor": "php",
"version": "5.4.12"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 0.3,
"vendor": "php",
"version": "5.4.12"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 0.3,
"vendor": "php",
"version": "5.4.11"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 0.3,
"vendor": "php",
"version": "5.4.10"
},
{
"_id": null,
"model": "5.4.0rc2",
"scope": null,
"trust": 0.3,
"vendor": "php",
"version": null
},
{
"_id": null,
"model": "solaris",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "11.3"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "7"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.2"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6"
},
{
"_id": null,
"model": "flex system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.20"
},
{
"_id": null,
"model": "flex system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.2"
},
{
"_id": null,
"model": "flex system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.2.1"
},
{
"_id": null,
"model": "flex system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.2"
},
{
"_id": null,
"model": "flex system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1"
},
{
"_id": null,
"model": "flex system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.3.0"
},
{
"_id": null,
"model": "flex system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.1.0"
},
{
"_id": null,
"model": "flex system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.1"
},
{
"_id": null,
"model": "flex system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.0.1"
},
{
"_id": null,
"model": "flex system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.0.0"
},
{
"_id": null,
"model": "flex system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.0"
},
{
"_id": null,
"model": "flex system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.2.1.0"
},
{
"_id": null,
"model": "flex system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.2.0.0"
},
{
"_id": null,
"model": "flex system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.0.0"
},
{
"_id": null,
"model": "flex system chassis management module 2pet",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "linux s/390",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "linux mips",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "linux ia-64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "linux ia-32",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "centos",
"scope": "eq",
"trust": 0.3,
"vendor": "centos",
"version": "6"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.9.5"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.10.4"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.10.3"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.10.2"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.10.1"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.10"
},
{
"_id": null,
"model": "alienvault",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "5.0.4"
},
{
"_id": null,
"model": "alienvault",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "5.1"
},
{
"_id": null,
"model": "alienvault",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "5.0"
},
{
"_id": null,
"model": "alienvault",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.15.2"
},
{
"_id": null,
"model": "alienvault",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.15.1"
},
{
"_id": null,
"model": "alienvault",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.15"
},
{
"_id": null,
"model": "alienvault",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.14"
},
{
"_id": null,
"model": "alienvault",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.13"
},
{
"_id": null,
"model": "alienvault",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.12.1"
},
{
"_id": null,
"model": "alienvault",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.12"
},
{
"_id": null,
"model": "php",
"scope": "ne",
"trust": 0.3,
"vendor": "php",
"version": "5.6.9"
},
{
"_id": null,
"model": "php",
"scope": "ne",
"trust": 0.3,
"vendor": "php",
"version": "5.5.25"
},
{
"_id": null,
"model": "php",
"scope": "ne",
"trust": 0.3,
"vendor": "php",
"version": "5.4.41"
},
{
"_id": null,
"model": "flex system chassis management module 2pet14c-2.5.5c",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "mac os",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "x10.10.5"
},
{
"_id": null,
"model": "alienvault",
"scope": "ne",
"trust": 0.3,
"vendor": "alienvault",
"version": "5.2"
}
],
"sources": [
{
"db": "BID",
"id": "75056"
},
{
"db": "CNNVD",
"id": "CNNVD-201506-132"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-003052"
},
{
"db": "NVD",
"id": "CVE-2015-4026"
}
]
},
"configurations": {
"_id": null,
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:php:php",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:apple:mac_os_x",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-003052"
}
]
},
"credits": {
"_id": null,
"data": "Red Hat",
"sources": [
{
"db": "PACKETSTORM",
"id": "132440"
},
{
"db": "PACKETSTORM",
"id": "132406"
},
{
"db": "PACKETSTORM",
"id": "132619"
},
{
"db": "PACKETSTORM",
"id": "132442"
}
],
"trust": 0.4
},
"cve": "CVE-2015-4026",
"cvss": {
"_id": null,
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2015-4026",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 1.9,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-81987",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2015-4026",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2015-4026",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201506-132",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-81987",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2015-4026",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-81987"
},
{
"db": "VULMON",
"id": "CVE-2015-4026"
},
{
"db": "CNNVD",
"id": "CNNVD-201506-132"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-003052"
},
{
"db": "NVD",
"id": "CVE-2015-4026"
}
]
},
"description": {
"_id": null,
"data": "The pcntl_exec implementation in PHP before 5.4.41, 5.5.x before 5.5.25, and 5.6.x before 5.6.9 truncates a pathname upon encountering a \\x00 character, which might allow remote attackers to bypass intended extension restrictions and execute files with unexpected names via a crafted first argument. NOTE: this vulnerability exists because of an incomplete fix for CVE-2006-7243. Supplementary information : CWE Vulnerability type by CWE-19: Data Handling ( Data processing ) Has been identified. PHP is prone to a security-bypass vulnerability. \nAn attacker can leverage this issue to bypass security restrictions and perform unauthorized actions. This may aid in further attacks. PHP (PHP: Hypertext Preprocessor, PHP: Hypertext Preprocessor) is an open source general-purpose computer scripting language jointly maintained by the PHP Group and the open source community. The language is mainly used for Web development and supports a variety of databases and operating systems. A security vulnerability exists in PHP\u0027s implementation of pcntl_exec, which stems from the fact that the program does not allow null bytes in pathnames. The following versions are affected: PHP prior to 5.4.41, 5.5.x prior to 5.5.25, and 5.6.x prior to 5.6.9. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=====================================================================\n Red Hat Security Advisory\n\nSynopsis: Important: php security and bug fix update\nAdvisory ID: RHSA-2015:1135-01\nProduct: Red Hat Enterprise Linux\nAdvisory URL: https://rhn.redhat.com/errata/RHSA-2015-1135.html\nIssue date: 2015-06-23\nCVE Names: CVE-2014-8142 CVE-2014-9652 CVE-2014-9705 \n CVE-2014-9709 CVE-2015-0231 CVE-2015-0232 \n CVE-2015-0273 CVE-2015-2301 CVE-2015-2348 \n CVE-2015-2783 CVE-2015-2787 CVE-2015-3307 \n CVE-2015-3329 CVE-2015-3330 CVE-2015-3411 \n CVE-2015-3412 CVE-2015-4021 CVE-2015-4022 \n CVE-2015-4024 CVE-2015-4025 CVE-2015-4026 \n CVE-2015-4147 CVE-2015-4148 CVE-2015-4598 \n CVE-2015-4599 CVE-2015-4600 CVE-2015-4601 \n CVE-2015-4602 CVE-2015-4603 CVE-2015-4604 \n CVE-2015-4605 \n=====================================================================\n\n1. Summary:\n\nUpdated php packages that fix multiple security issues and several bugs\nare now available for Red Hat Enterprise Linux 7. \n\nRed Hat Product Security has rated this update as having Important security\nimpact. Common Vulnerability Scoring System (CVSS) base scores, which give\ndetailed severity ratings, are available for each vulnerability from the\nCVE links in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux Client Optional (v. 7) - x86_64\nRed Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64\nRed Hat Enterprise Linux Server (v. 7) - ppc64, ppc64le, s390x, x86_64\nRed Hat Enterprise Linux Server Optional (v. 7) - ppc64, ppc64le, s390x, x86_64\nRed Hat Enterprise Linux Workstation (v. 7) - x86_64\nRed Hat Enterprise Linux Workstation Optional (v. 7) - x86_64\n\n3. Description:\n\nPHP is an HTML-embedded scripting language commonly used with the Apache\nHTTP Server. \n\nA flaw was found in the way the PHP module for the Apache httpd web server\nhandled pipelined requests. A remote attacker could use this flaw to\ntrigger the execution of a PHP script in a deinitialized interpreter,\ncausing it to crash or, possibly, execute arbitrary code. (CVE-2015-3330)\n\nA flaw was found in the way PHP parsed multipart HTTP POST requests. A\nspecially crafted request could cause PHP to use an excessive amount of CPU\ntime. (CVE-2015-4024)\n\nAn uninitialized pointer use flaw was found in PHP\u0027s Exif extension. A\nspecially crafted JPEG or TIFF file could cause a PHP application using the\nexif_read_data() function to crash or, possibly, execute arbitrary code\nwith the privileges of the user running that PHP application. \n(CVE-2015-0232)\n\nAn integer overflow flaw leading to a heap-based buffer overflow was found\nin the way PHP\u0027s FTP extension parsed file listing FTP server responses. A\nmalicious FTP server could use this flaw to cause a PHP application to\ncrash or, possibly, execute arbitrary code. (CVE-2015-4022)\n\nMultiple flaws were discovered in the way PHP performed object\nunserialization. Specially crafted input processed by the unserialize()\nfunction could cause a PHP application to crash or, possibly, execute\narbitrary code. (CVE-2014-8142, CVE-2015-0231, CVE-2015-0273,\nCVE-2015-2787, CVE-2015-4147, CVE-2015-4148, CVE-2015-4599, CVE-2015-4600,\nCVE-2015-4601, CVE-2015-4602, CVE-2015-4603)\n\nIt was found that certain PHP functions did not properly handle file names\ncontaining a NULL character. (CVE-2015-2348, CVE-2015-4025, CVE-2015-4026,\nCVE-2015-3411, CVE-2015-3412, CVE-2015-4598)\n\nMultiple flaws were found in the way the way PHP\u0027s Phar extension parsed\nPhar archives. A specially crafted archive could cause PHP to crash or,\npossibly, execute arbitrary code when opened. (CVE-2015-2301,\nCVE-2015-2783, CVE-2015-3307, CVE-2015-3329, CVE-2015-4021)\n\nMultiple flaws were found in PHP\u0027s File Information (fileinfo) extension. \nA remote attacker could cause a PHP application to crash if it used\nfileinfo to identify type of attacker supplied files. (CVE-2014-9652,\nCVE-2015-4604, CVE-2015-4605)\n\nA heap buffer overflow flaw was found in the enchant_broker_request_dict()\nfunction of PHP\u0027s enchant extension. An attacker able to make a PHP\napplication enchant dictionaries could possibly cause it to crash. \n(CVE-2014-9705)\n\nA buffer over-read flaw was found in the GD library used by the PHP gd\nextension. A specially crafted GIF file could cause a PHP application using\nthe imagecreatefromgif() function to crash. (CVE-2014-9709)\n\nThis update also fixes the following bugs:\n\n* The libgmp library in some cases terminated unexpectedly with a\nsegmentation fault when being used with other libraries that use the GMP\nmemory management. With this update, PHP no longer changes libgmp memory\nallocators, which prevents the described crash from occurring. (BZ#1212305)\n\n* When using the Open Database Connectivity (ODBC) API, the PHP process\nin some cases terminated unexpectedly with a segmentation fault. The\nunderlying code has been adjusted to prevent this crash. (BZ#1212299)\n\n* Previously, running PHP on a big-endian system sometimes led to memory\ncorruption in the fileinfo module. This update adjusts the behavior of\nthe PHP pointer so that it can be freed without causing memory corruption. \n(BZ#1212298)\n\nAll php users are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues. After installing the\nupdated packages, the httpd daemon must be restarted for the update to\ntake effect. \n\n4. Solution:\n\nBefore applying this update, make sure all previously released errata\nrelevant to your system have been applied. \n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258\n\n5. Bugs fixed (https://bugzilla.redhat.com/):\n\n1175718 - CVE-2014-8142 php: use after free vulnerability in unserialize()\n1185397 - CVE-2015-0231 php: use after free vulnerability in unserialize() (incomplete fix of CVE-2014-8142)\n1185472 - CVE-2015-0232 php: Free called on unitialized pointer in exif.c\n1188599 - CVE-2014-9652 file: out of bounds read in mconvert()\n1188639 - CVE-2014-9709 gd: buffer read overflow in gd_gif_in.c\n1194730 - CVE-2015-0273 php: use after free vulnerability in unserialize() with DateTimeZone\n1194737 - CVE-2014-9705 php: heap buffer overflow in enchant_broker_request_dict()\n1194747 - CVE-2015-2301 php: use after free in phar_object.c\n1204868 - CVE-2015-4147 php: SoapClient\u0027s __call() type confusion through unserialize()\n1207676 - CVE-2015-2787 php: use-after-free vulnerability in the process_nested_data function in ext/standard/var_unserializer.re\n1207682 - CVE-2015-2348 php: move_uploaded_file() NUL byte injection in file name\n1213394 - CVE-2015-3330 php: pipelined request executed in deinitialized interpreter under httpd 2.4\n1213407 - CVE-2015-3411 php: missing null byte checks for paths in various PHP extensions\n1213442 - CVE-2015-4604 CVE-2015-4605 php: denial of service when processing a crafted file with Fileinfo\n1213446 - CVE-2015-2783 php: buffer over-read in Phar metadata parsing\n1213449 - CVE-2015-3329 php: buffer overflow in phar_set_inode()\n1222485 - CVE-2015-4024 php: multipart/form-data request paring CPU usage DoS\n1222538 - CVE-2015-4599 CVE-2015-4600 CVE-2015-4601 php: type confusion issue in unserialize() with various SOAP methods\n1223408 - CVE-2015-4025 php: CVE-2006-7243 regressions in 5.4+\n1223412 - CVE-2015-4022 php: integer overflow leading to heap overflow when reading FTP file listing\n1223422 - CVE-2015-4026 php: pcntl_exec() accepts paths with NUL character\n1223425 - CVE-2015-4021 php: memory corruption in phar_parse_tarfile caused by empty entry file name\n1223441 - CVE-2015-3307 php: invalid pointer free() in phar_tar_process_metadata()\n1226916 - CVE-2015-4148 php: SoapClient\u0027s do_soap_call() type confusion after unserialize()\n1232823 - CVE-2015-3412 php: missing null byte checks for paths in various PHP extensions\n1232897 - CVE-2015-4598 php: missing null byte checks for paths in DOM and GD extensions\n1232918 - CVE-2015-4603 php: exception::getTraceAsString type confusion issue after unserialize\n1232923 - CVE-2015-4602 php: Incomplete Class unserialization type confusion\n\n6. Package List:\n\nRed Hat Enterprise Linux Client Optional (v. 7):\n\nSource:\nphp-5.4.16-36.el7_1.src.rpm\n\nx86_64:\nphp-5.4.16-36.el7_1.x86_64.rpm\nphp-bcmath-5.4.16-36.el7_1.x86_64.rpm\nphp-cli-5.4.16-36.el7_1.x86_64.rpm\nphp-common-5.4.16-36.el7_1.x86_64.rpm\nphp-dba-5.4.16-36.el7_1.x86_64.rpm\nphp-debuginfo-5.4.16-36.el7_1.x86_64.rpm\nphp-devel-5.4.16-36.el7_1.x86_64.rpm\nphp-embedded-5.4.16-36.el7_1.x86_64.rpm\nphp-enchant-5.4.16-36.el7_1.x86_64.rpm\nphp-fpm-5.4.16-36.el7_1.x86_64.rpm\nphp-gd-5.4.16-36.el7_1.x86_64.rpm\nphp-intl-5.4.16-36.el7_1.x86_64.rpm\nphp-ldap-5.4.16-36.el7_1.x86_64.rpm\nphp-mbstring-5.4.16-36.el7_1.x86_64.rpm\nphp-mysql-5.4.16-36.el7_1.x86_64.rpm\nphp-mysqlnd-5.4.16-36.el7_1.x86_64.rpm\nphp-odbc-5.4.16-36.el7_1.x86_64.rpm\nphp-pdo-5.4.16-36.el7_1.x86_64.rpm\nphp-pgsql-5.4.16-36.el7_1.x86_64.rpm\nphp-process-5.4.16-36.el7_1.x86_64.rpm\nphp-pspell-5.4.16-36.el7_1.x86_64.rpm\nphp-recode-5.4.16-36.el7_1.x86_64.rpm\nphp-snmp-5.4.16-36.el7_1.x86_64.rpm\nphp-soap-5.4.16-36.el7_1.x86_64.rpm\nphp-xml-5.4.16-36.el7_1.x86_64.rpm\nphp-xmlrpc-5.4.16-36.el7_1.x86_64.rpm\n\nRed Hat Enterprise Linux ComputeNode Optional (v. 7):\n\nSource:\nphp-5.4.16-36.el7_1.src.rpm\n\nx86_64:\nphp-5.4.16-36.el7_1.x86_64.rpm\nphp-bcmath-5.4.16-36.el7_1.x86_64.rpm\nphp-cli-5.4.16-36.el7_1.x86_64.rpm\nphp-common-5.4.16-36.el7_1.x86_64.rpm\nphp-dba-5.4.16-36.el7_1.x86_64.rpm\nphp-debuginfo-5.4.16-36.el7_1.x86_64.rpm\nphp-devel-5.4.16-36.el7_1.x86_64.rpm\nphp-embedded-5.4.16-36.el7_1.x86_64.rpm\nphp-enchant-5.4.16-36.el7_1.x86_64.rpm\nphp-fpm-5.4.16-36.el7_1.x86_64.rpm\nphp-gd-5.4.16-36.el7_1.x86_64.rpm\nphp-intl-5.4.16-36.el7_1.x86_64.rpm\nphp-ldap-5.4.16-36.el7_1.x86_64.rpm\nphp-mbstring-5.4.16-36.el7_1.x86_64.rpm\nphp-mysql-5.4.16-36.el7_1.x86_64.rpm\nphp-mysqlnd-5.4.16-36.el7_1.x86_64.rpm\nphp-odbc-5.4.16-36.el7_1.x86_64.rpm\nphp-pdo-5.4.16-36.el7_1.x86_64.rpm\nphp-pgsql-5.4.16-36.el7_1.x86_64.rpm\nphp-process-5.4.16-36.el7_1.x86_64.rpm\nphp-pspell-5.4.16-36.el7_1.x86_64.rpm\nphp-recode-5.4.16-36.el7_1.x86_64.rpm\nphp-snmp-5.4.16-36.el7_1.x86_64.rpm\nphp-soap-5.4.16-36.el7_1.x86_64.rpm\nphp-xml-5.4.16-36.el7_1.x86_64.rpm\nphp-xmlrpc-5.4.16-36.el7_1.x86_64.rpm\n\nRed Hat Enterprise Linux Server (v. 7):\n\nSource:\nphp-5.4.16-36.el7_1.src.rpm\n\nppc64:\nphp-5.4.16-36.el7_1.ppc64.rpm\nphp-cli-5.4.16-36.el7_1.ppc64.rpm\nphp-common-5.4.16-36.el7_1.ppc64.rpm\nphp-debuginfo-5.4.16-36.el7_1.ppc64.rpm\nphp-gd-5.4.16-36.el7_1.ppc64.rpm\nphp-ldap-5.4.16-36.el7_1.ppc64.rpm\nphp-mysql-5.4.16-36.el7_1.ppc64.rpm\nphp-odbc-5.4.16-36.el7_1.ppc64.rpm\nphp-pdo-5.4.16-36.el7_1.ppc64.rpm\nphp-pgsql-5.4.16-36.el7_1.ppc64.rpm\nphp-process-5.4.16-36.el7_1.ppc64.rpm\nphp-recode-5.4.16-36.el7_1.ppc64.rpm\nphp-soap-5.4.16-36.el7_1.ppc64.rpm\nphp-xml-5.4.16-36.el7_1.ppc64.rpm\nphp-xmlrpc-5.4.16-36.el7_1.ppc64.rpm\n\ns390x:\nphp-5.4.16-36.el7_1.s390x.rpm\nphp-cli-5.4.16-36.el7_1.s390x.rpm\nphp-common-5.4.16-36.el7_1.s390x.rpm\nphp-debuginfo-5.4.16-36.el7_1.s390x.rpm\nphp-gd-5.4.16-36.el7_1.s390x.rpm\nphp-ldap-5.4.16-36.el7_1.s390x.rpm\nphp-mysql-5.4.16-36.el7_1.s390x.rpm\nphp-odbc-5.4.16-36.el7_1.s390x.rpm\nphp-pdo-5.4.16-36.el7_1.s390x.rpm\nphp-pgsql-5.4.16-36.el7_1.s390x.rpm\nphp-process-5.4.16-36.el7_1.s390x.rpm\nphp-recode-5.4.16-36.el7_1.s390x.rpm\nphp-soap-5.4.16-36.el7_1.s390x.rpm\nphp-xml-5.4.16-36.el7_1.s390x.rpm\nphp-xmlrpc-5.4.16-36.el7_1.s390x.rpm\n\nx86_64:\nphp-5.4.16-36.el7_1.x86_64.rpm\nphp-cli-5.4.16-36.el7_1.x86_64.rpm\nphp-common-5.4.16-36.el7_1.x86_64.rpm\nphp-debuginfo-5.4.16-36.el7_1.x86_64.rpm\nphp-gd-5.4.16-36.el7_1.x86_64.rpm\nphp-ldap-5.4.16-36.el7_1.x86_64.rpm\nphp-mysql-5.4.16-36.el7_1.x86_64.rpm\nphp-odbc-5.4.16-36.el7_1.x86_64.rpm\nphp-pdo-5.4.16-36.el7_1.x86_64.rpm\nphp-pgsql-5.4.16-36.el7_1.x86_64.rpm\nphp-process-5.4.16-36.el7_1.x86_64.rpm\nphp-recode-5.4.16-36.el7_1.x86_64.rpm\nphp-soap-5.4.16-36.el7_1.x86_64.rpm\nphp-xml-5.4.16-36.el7_1.x86_64.rpm\nphp-xmlrpc-5.4.16-36.el7_1.x86_64.rpm\n\nRed Hat Enterprise Linux Server (v. 7):\n\nSource:\nphp-5.4.16-36.ael7b_1.src.rpm\n\nppc64le:\nphp-5.4.16-36.ael7b_1.ppc64le.rpm\nphp-cli-5.4.16-36.ael7b_1.ppc64le.rpm\nphp-common-5.4.16-36.ael7b_1.ppc64le.rpm\nphp-debuginfo-5.4.16-36.ael7b_1.ppc64le.rpm\nphp-gd-5.4.16-36.ael7b_1.ppc64le.rpm\nphp-ldap-5.4.16-36.ael7b_1.ppc64le.rpm\nphp-mysql-5.4.16-36.ael7b_1.ppc64le.rpm\nphp-odbc-5.4.16-36.ael7b_1.ppc64le.rpm\nphp-pdo-5.4.16-36.ael7b_1.ppc64le.rpm\nphp-pgsql-5.4.16-36.ael7b_1.ppc64le.rpm\nphp-process-5.4.16-36.ael7b_1.ppc64le.rpm\nphp-recode-5.4.16-36.ael7b_1.ppc64le.rpm\nphp-soap-5.4.16-36.ael7b_1.ppc64le.rpm\nphp-xml-5.4.16-36.ael7b_1.ppc64le.rpm\nphp-xmlrpc-5.4.16-36.ael7b_1.ppc64le.rpm\n\nRed Hat Enterprise Linux Server Optional (v. 7):\n\nppc64:\nphp-bcmath-5.4.16-36.el7_1.ppc64.rpm\nphp-dba-5.4.16-36.el7_1.ppc64.rpm\nphp-debuginfo-5.4.16-36.el7_1.ppc64.rpm\nphp-devel-5.4.16-36.el7_1.ppc64.rpm\nphp-embedded-5.4.16-36.el7_1.ppc64.rpm\nphp-enchant-5.4.16-36.el7_1.ppc64.rpm\nphp-fpm-5.4.16-36.el7_1.ppc64.rpm\nphp-intl-5.4.16-36.el7_1.ppc64.rpm\nphp-mbstring-5.4.16-36.el7_1.ppc64.rpm\nphp-mysqlnd-5.4.16-36.el7_1.ppc64.rpm\nphp-pspell-5.4.16-36.el7_1.ppc64.rpm\nphp-snmp-5.4.16-36.el7_1.ppc64.rpm\n\ns390x:\nphp-bcmath-5.4.16-36.el7_1.s390x.rpm\nphp-dba-5.4.16-36.el7_1.s390x.rpm\nphp-debuginfo-5.4.16-36.el7_1.s390x.rpm\nphp-devel-5.4.16-36.el7_1.s390x.rpm\nphp-embedded-5.4.16-36.el7_1.s390x.rpm\nphp-enchant-5.4.16-36.el7_1.s390x.rpm\nphp-fpm-5.4.16-36.el7_1.s390x.rpm\nphp-intl-5.4.16-36.el7_1.s390x.rpm\nphp-mbstring-5.4.16-36.el7_1.s390x.rpm\nphp-mysqlnd-5.4.16-36.el7_1.s390x.rpm\nphp-pspell-5.4.16-36.el7_1.s390x.rpm\nphp-snmp-5.4.16-36.el7_1.s390x.rpm\n\nx86_64:\nphp-bcmath-5.4.16-36.el7_1.x86_64.rpm\nphp-dba-5.4.16-36.el7_1.x86_64.rpm\nphp-debuginfo-5.4.16-36.el7_1.x86_64.rpm\nphp-devel-5.4.16-36.el7_1.x86_64.rpm\nphp-embedded-5.4.16-36.el7_1.x86_64.rpm\nphp-enchant-5.4.16-36.el7_1.x86_64.rpm\nphp-fpm-5.4.16-36.el7_1.x86_64.rpm\nphp-intl-5.4.16-36.el7_1.x86_64.rpm\nphp-mbstring-5.4.16-36.el7_1.x86_64.rpm\nphp-mysqlnd-5.4.16-36.el7_1.x86_64.rpm\nphp-pspell-5.4.16-36.el7_1.x86_64.rpm\nphp-snmp-5.4.16-36.el7_1.x86_64.rpm\n\nRed Hat Enterprise Linux Server Optional (v. 7):\n\nppc64le:\nphp-bcmath-5.4.16-36.ael7b_1.ppc64le.rpm\nphp-dba-5.4.16-36.ael7b_1.ppc64le.rpm\nphp-debuginfo-5.4.16-36.ael7b_1.ppc64le.rpm\nphp-devel-5.4.16-36.ael7b_1.ppc64le.rpm\nphp-embedded-5.4.16-36.ael7b_1.ppc64le.rpm\nphp-enchant-5.4.16-36.ael7b_1.ppc64le.rpm\nphp-fpm-5.4.16-36.ael7b_1.ppc64le.rpm\nphp-intl-5.4.16-36.ael7b_1.ppc64le.rpm\nphp-mbstring-5.4.16-36.ael7b_1.ppc64le.rpm\nphp-mysqlnd-5.4.16-36.ael7b_1.ppc64le.rpm\nphp-pspell-5.4.16-36.ael7b_1.ppc64le.rpm\nphp-snmp-5.4.16-36.ael7b_1.ppc64le.rpm\n\nRed Hat Enterprise Linux Workstation (v. 7):\n\nSource:\nphp-5.4.16-36.el7_1.src.rpm\n\nx86_64:\nphp-5.4.16-36.el7_1.x86_64.rpm\nphp-cli-5.4.16-36.el7_1.x86_64.rpm\nphp-common-5.4.16-36.el7_1.x86_64.rpm\nphp-debuginfo-5.4.16-36.el7_1.x86_64.rpm\nphp-gd-5.4.16-36.el7_1.x86_64.rpm\nphp-ldap-5.4.16-36.el7_1.x86_64.rpm\nphp-mysql-5.4.16-36.el7_1.x86_64.rpm\nphp-odbc-5.4.16-36.el7_1.x86_64.rpm\nphp-pdo-5.4.16-36.el7_1.x86_64.rpm\nphp-pgsql-5.4.16-36.el7_1.x86_64.rpm\nphp-process-5.4.16-36.el7_1.x86_64.rpm\nphp-recode-5.4.16-36.el7_1.x86_64.rpm\nphp-soap-5.4.16-36.el7_1.x86_64.rpm\nphp-xml-5.4.16-36.el7_1.x86_64.rpm\nphp-xmlrpc-5.4.16-36.el7_1.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation Optional (v. 7):\n\nx86_64:\nphp-bcmath-5.4.16-36.el7_1.x86_64.rpm\nphp-dba-5.4.16-36.el7_1.x86_64.rpm\nphp-debuginfo-5.4.16-36.el7_1.x86_64.rpm\nphp-devel-5.4.16-36.el7_1.x86_64.rpm\nphp-embedded-5.4.16-36.el7_1.x86_64.rpm\nphp-enchant-5.4.16-36.el7_1.x86_64.rpm\nphp-fpm-5.4.16-36.el7_1.x86_64.rpm\nphp-intl-5.4.16-36.el7_1.x86_64.rpm\nphp-mbstring-5.4.16-36.el7_1.x86_64.rpm\nphp-mysqlnd-5.4.16-36.el7_1.x86_64.rpm\nphp-pspell-5.4.16-36.el7_1.x86_64.rpm\nphp-snmp-5.4.16-36.el7_1.x86_64.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. References:\n\nhttps://access.redhat.com/security/cve/CVE-2014-8142\nhttps://access.redhat.com/security/cve/CVE-2014-9652\nhttps://access.redhat.com/security/cve/CVE-2014-9705\nhttps://access.redhat.com/security/cve/CVE-2014-9709\nhttps://access.redhat.com/security/cve/CVE-2015-0231\nhttps://access.redhat.com/security/cve/CVE-2015-0232\nhttps://access.redhat.com/security/cve/CVE-2015-0273\nhttps://access.redhat.com/security/cve/CVE-2015-2301\nhttps://access.redhat.com/security/cve/CVE-2015-2348\nhttps://access.redhat.com/security/cve/CVE-2015-2783\nhttps://access.redhat.com/security/cve/CVE-2015-2787\nhttps://access.redhat.com/security/cve/CVE-2015-3307\nhttps://access.redhat.com/security/cve/CVE-2015-3329\nhttps://access.redhat.com/security/cve/CVE-2015-3330\nhttps://access.redhat.com/security/cve/CVE-2015-3411\nhttps://access.redhat.com/security/cve/CVE-2015-3412\nhttps://access.redhat.com/security/cve/CVE-2015-4021\nhttps://access.redhat.com/security/cve/CVE-2015-4022\nhttps://access.redhat.com/security/cve/CVE-2015-4024\nhttps://access.redhat.com/security/cve/CVE-2015-4025\nhttps://access.redhat.com/security/cve/CVE-2015-4026\nhttps://access.redhat.com/security/cve/CVE-2015-4147\nhttps://access.redhat.com/security/cve/CVE-2015-4148\nhttps://access.redhat.com/security/cve/CVE-2015-4598\nhttps://access.redhat.com/security/cve/CVE-2015-4599\nhttps://access.redhat.com/security/cve/CVE-2015-4600\nhttps://access.redhat.com/security/cve/CVE-2015-4601\nhttps://access.redhat.com/security/cve/CVE-2015-4602\nhttps://access.redhat.com/security/cve/CVE-2015-4603\nhttps://access.redhat.com/security/cve/CVE-2015-4604\nhttps://access.redhat.com/security/cve/CVE-2015-4605\nhttps://access.redhat.com/security/updates/classification/#important\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2015 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niD8DBQFViR1aXlSAg2UNWIIRAuxPAJ42GLQVzvzc9kje0VjDv8NZWcPv6QCbBL+O\ndtqycPWs+07GhjmZ6NNx5Bg=\n=FREZ\n-----END PGP SIGNATURE-----\n\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n. ============================================================================\nUbuntu Security Notice USN-2658-1\nJuly 06, 2015\n\nphp5 vulnerabilities\n============================================================================\n\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 15.04\n- Ubuntu 14.10\n- Ubuntu 14.04 LTS\n- Ubuntu 12.04 LTS\n\nSummary:\n\nSeveral security issues were fixed in PHP. \n\nSoftware Description:\n- php5: HTML-embedded scripting language interpreter\n\nDetails:\n\nNeal Poole and Tomas Hoger discovered that PHP incorrectly handled NULL\nbytes in file paths. (CVE-2015-3411, CVE-2015-3412, CVE-2015-4025, CVE-2015-4026,\nCVE-2015-4598)\n\nEmmanuel Law discovered that the PHP phar extension incorrectly handled\nfilenames starting with a NULL byte. (CVE-2015-4021)\n\nMax Spelsberg discovered that PHP incorrectly handled the LIST command\nwhen connecting to remote FTP servers. (CVE-2015-4022,\nCVE-2015-4643)\n\nShusheng Liu discovered that PHP incorrectly handled certain malformed form\ndata. (CVE-2015-4024)\n\nAndrea Palazzo discovered that the PHP Soap client incorrectly validated\ndata types. (CVE-2015-4147)\n\nAndrea Palazzo discovered that the PHP Soap client incorrectly validated\nthat the uri property is a string. A remote attacker could possibly use these issues to\nobtain sensitive information or cause a denial of service. This issue only affected Ubuntu\n15.04. (CVE-2015-4644)\n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 15.04:\n libapache2-mod-php5 5.6.4+dfsg-4ubuntu6.2\n php5-cgi 5.6.4+dfsg-4ubuntu6.2\n php5-cli 5.6.4+dfsg-4ubuntu6.2\n php5-fpm 5.6.4+dfsg-4ubuntu6.2\n\nUbuntu 14.10:\n libapache2-mod-php5 5.5.12+dfsg-2ubuntu4.6\n php5-cgi 5.5.12+dfsg-2ubuntu4.6\n php5-cli 5.5.12+dfsg-2ubuntu4.6\n php5-fpm 5.5.12+dfsg-2ubuntu4.6\n\nUbuntu 14.04 LTS:\n libapache2-mod-php5 5.5.9+dfsg-1ubuntu4.11\n php5-cgi 5.5.9+dfsg-1ubuntu4.11\n php5-cli 5.5.9+dfsg-1ubuntu4.11\n php5-fpm 5.5.9+dfsg-1ubuntu4.11\n\nUbuntu 12.04 LTS:\n libapache2-mod-php5 5.3.10-1ubuntu3.19\n php5-cgi 5.3.10-1ubuntu3.19\n php5-cli 5.3.10-1ubuntu3.19\n php5-fpm 5.3.10-1ubuntu3.19\n\nIn general, a standard system update will make all the necessary changes. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 201606-10\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n https://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: Normal\n Title: PHP: Multiple vulnerabilities\n Date: June 19, 2016\n Bugs: #537586, #541098, #544186, #544330, #546872, #549538,\n #552408, #555576, #555830, #556952, #559612, #562882,\n #571254, #573892, #577376\n ID: 201606-10\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nMultiple vulnerabilities have been found in PHP, the worst of which\ncould lead to arbitrary code execution, or cause a Denial of Service\ncondition. \n\nBackground\n==========\n\nPHP is a widely-used general-purpose scripting language that is\nespecially suited for Web development and can be embedded into HTML. Please review the\nCVE identifiers referenced below for details. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll PHP 5.4 users should upgrade to the latest 5.5 stable branch, as\nPHP 5.4 is now masked in Portage:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=dev=lang/php-5.5.33\"\n\nAll PHP 5.5 users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=dev=lang/php-5.5.33\"\n\nAll PHP 5.6 users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=dev=lang/php-5.6.19\"\n\nReferences\n==========\n\n[ 1 ] CVE-2013-6501\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-6501\n[ 2 ] CVE-2014-9705\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-9705\n[ 3 ] CVE-2014-9709\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-9709\n[ 4 ] CVE-2015-0231\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0231\n[ 5 ] CVE-2015-0273\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0273\n[ 6 ] CVE-2015-1351\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-1351\n[ 7 ] CVE-2015-1352\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-1352\n[ 8 ] CVE-2015-2301\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-2301\n[ 9 ] CVE-2015-2348\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-2348\n[ 10 ] CVE-2015-2783\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-2783\n[ 11 ] CVE-2015-2787\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-2787\n[ 12 ] CVE-2015-3329\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-3329\n[ 13 ] CVE-2015-3330\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-3330\n[ 14 ] CVE-2015-4021\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-4021\n[ 15 ] CVE-2015-4022\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-4022\n[ 16 ] CVE-2015-4025\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-4025\n[ 17 ] CVE-2015-4026\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-4026\n[ 18 ] CVE-2015-4147\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-4147\n[ 19 ] CVE-2015-4148\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-4148\n[ 20 ] CVE-2015-4642\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-4642\n[ 21 ] CVE-2015-4643\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-4643\n[ 22 ] CVE-2015-4644\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-4644\n[ 23 ] CVE-2015-6831\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-6831\n[ 24 ] CVE-2015-6832\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-6832\n[ 25 ] CVE-2015-6833\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-6833\n[ 26 ] CVE-2015-6834\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-6834\n[ 27 ] CVE-2015-6835\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-6835\n[ 28 ] CVE-2015-6836\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-6836\n[ 29 ] CVE-2015-6837\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-6837\n[ 30 ] CVE-2015-6838\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-6838\n[ 31 ] CVE-2015-7803\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7803\n[ 32 ] CVE-2015-7804\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7804\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n https://security.gentoo.org/glsa/201606-10\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2016 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2015-4026"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-003052"
},
{
"db": "BID",
"id": "75056"
},
{
"db": "VULHUB",
"id": "VHN-81987"
},
{
"db": "VULMON",
"id": "CVE-2015-4026"
},
{
"db": "PACKETSTORM",
"id": "132440"
},
{
"db": "PACKETSTORM",
"id": "132406"
},
{
"db": "PACKETSTORM",
"id": "132619"
},
{
"db": "PACKETSTORM",
"id": "132531"
},
{
"db": "PACKETSTORM",
"id": "132442"
},
{
"db": "PACKETSTORM",
"id": "137539"
}
],
"trust": 2.61
},
"external_ids": {
"_id": null,
"data": [
{
"db": "NVD",
"id": "CVE-2015-4026",
"trust": 3.5
},
{
"db": "BID",
"id": "75056",
"trust": 2.1
},
{
"db": "SECTRACK",
"id": "1032431",
"trust": 1.8
},
{
"db": "JVNDB",
"id": "JVNDB-2015-003052",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201506-132",
"trust": 0.7
},
{
"db": "VULHUB",
"id": "VHN-81987",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2015-4026",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "132440",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "132406",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "132619",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "132531",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "132442",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "137539",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-81987"
},
{
"db": "VULMON",
"id": "CVE-2015-4026"
},
{
"db": "BID",
"id": "75056"
},
{
"db": "PACKETSTORM",
"id": "132440"
},
{
"db": "PACKETSTORM",
"id": "132406"
},
{
"db": "PACKETSTORM",
"id": "132619"
},
{
"db": "PACKETSTORM",
"id": "132531"
},
{
"db": "PACKETSTORM",
"id": "132442"
},
{
"db": "PACKETSTORM",
"id": "137539"
},
{
"db": "CNNVD",
"id": "CNNVD-201506-132"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-003052"
},
{
"db": "NVD",
"id": "CVE-2015-4026"
}
]
},
"id": "VAR-201506-0268",
"iot": {
"_id": null,
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-81987"
}
],
"trust": 0.01
},
"last_update_date": "2026-04-10T22:34:06.025000Z",
"patch": {
"_id": null,
"data": [
{
"title": "APPLE-SA-2015-08-13-2 OS X Yosemite v10.10.5 and Security Update 2015-006",
"trust": 0.8,
"url": "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html"
},
{
"title": "HT205031",
"trust": 0.8,
"url": "https://support.apple.com/en-us/HT205031"
},
{
"title": "HT205031",
"trust": 0.8,
"url": "https://support.apple.com/ja-jp/HT205031"
},
{
"title": "Sec Bug #68598",
"trust": 0.8,
"url": "https://bugs.php.net/bug.php?id=68598"
},
{
"title": "PHP 5 ChangeLog",
"trust": 0.8,
"url": "http://php.net/ChangeLog-5.php"
},
{
"title": "TLSA-2015-15",
"trust": 0.8,
"url": "http://www.turbolinux.co.jp/security/2015/TLSA-2015-15j.html"
},
{
"title": "Debian Security Advisories: DSA-3280-1 php5 -- security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=46f85ac4e3abfa7a18e115fb47892db6"
},
{
"title": "Amazon Linux AMI: ALAS-2015-535",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami\u0026qid=ALAS-2015-535"
},
{
"title": "Amazon Linux AMI: ALAS-2015-534",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami\u0026qid=ALAS-2015-534"
},
{
"title": "Amazon Linux AMI: ALAS-2015-536",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami\u0026qid=ALAS-2015-536"
},
{
"title": "Ubuntu Security Notice: php5 vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-2658-1"
},
{
"title": "Apple: OS X Yosemite v10.10.5 and Security Update 2015-006",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=apple_security_advisories\u0026qid=9834d0d73bf28fb80d3390930bafd906"
},
{
"title": "Oracle Solaris Third Party Bulletins: Oracle Solaris Third Party Bulletin - July 2017",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_solaris_third_party_bulletins\u0026qid=a22ad41e97bbfc5abb0bb927bf43089c"
},
{
"title": "Oracle Linux Bulletins: Oracle Linux Bulletin - January 2016",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_linux_bulletins\u0026qid=8ad80411af3e936eb2998df70506cc71"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2015-4026"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-003052"
}
]
},
"problemtype_data": {
"_id": null,
"data": [
{
"problemtype": "CWE-19",
"trust": 1.1
},
{
"problemtype": "CWE-Other",
"trust": 0.8
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-81987"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-003052"
},
{
"db": "NVD",
"id": "CVE-2015-4026"
}
]
},
"references": {
"_id": null,
"data": [
{
"trust": 2.2,
"url": "http://rhn.redhat.com/errata/rhsa-2015-1135.html"
},
{
"trust": 2.1,
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html"
},
{
"trust": 2.1,
"url": "https://bugs.php.net/bug.php?id=68598"
},
{
"trust": 1.9,
"url": "https://security.gentoo.org/glsa/201606-10"
},
{
"trust": 1.9,
"url": "http://rhn.redhat.com/errata/rhsa-2015-1186.html"
},
{
"trust": 1.9,
"url": "http://rhn.redhat.com/errata/rhsa-2015-1187.html"
},
{
"trust": 1.9,
"url": "http://rhn.redhat.com/errata/rhsa-2015-1219.html"
},
{
"trust": 1.8,
"url": "http://lists.apple.com/archives/security-announce/2015/aug/msg00001.html"
},
{
"trust": 1.8,
"url": "http://www.securityfocus.com/bid/75056"
},
{
"trust": 1.8,
"url": "http://php.net/changelog-5.php"
},
{
"trust": 1.8,
"url": "https://support.apple.com/kb/ht205031"
},
{
"trust": 1.8,
"url": "http://www.debian.org/security/2015/dsa-3280"
},
{
"trust": 1.8,
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-may/158616.html"
},
{
"trust": 1.8,
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-may/159031.html"
},
{
"trust": 1.8,
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-may/158915.html"
},
{
"trust": 1.8,
"url": "http://rhn.redhat.com/errata/rhsa-2015-1218.html"
},
{
"trust": 1.8,
"url": "http://www.securitytracker.com/id/1032431"
},
{
"trust": 1.8,
"url": "http://lists.opensuse.org/opensuse-updates/2015-06/msg00002.html"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-4026"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-4026"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-4021"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-4025"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-4026"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-4022"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-4598"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-4024"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-3411"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/cve/cve-2015-4024"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-3330"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/cve/cve-2015-4021"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/cve/cve-2015-4022"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-3412"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/articles/11258"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/team/contact/"
},
{
"trust": 0.4,
"url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/cve/cve-2015-4026"
},
{
"trust": 0.4,
"url": "https://bugzilla.redhat.com/):"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-4602"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/cve/cve-2015-4598"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/cve/cve-2015-4025"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-3329"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/team/key/"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-2783"
},
{
"trust": 0.3,
"url": "http://www.php.net"
},
{
"trust": 0.3,
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1223422"
},
{
"trust": 0.3,
"url": "http://prod.lists.apple.com/archives/security-announce/2015/aug/msg00001.html"
},
{
"trust": 0.3,
"url": "https://www.oracle.com/technetwork/topics/security/bulletinjul2017-3814622.html"
},
{
"trust": 0.3,
"url": "https://www.alienvault.com/forums/discussion/6075/security-advisory-alienvault-v5-2-addresses-55-vulnerabilities"
},
{
"trust": 0.3,
"url": "https://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5099196"
},
{
"trust": 0.3,
"url": "https://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5098669"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-4605"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2015-4603"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2015-4604"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2015-3330"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2015-3307"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2015-3411"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2015-2783"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2015-4602"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-3307"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2015-3412"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-4604"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2015-3329"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2015-4605"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-4603"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-4148"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-4147"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-4601"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-4600"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-0231"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-2348"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-9705"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-4599"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-2301"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-2787"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-9709"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-0273"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-4644"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-4643"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/19.html"
},
{
"trust": 0.1,
"url": "http://tools.cisco.com/security/center/viewalert.x?alertid=39140"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://usn.ubuntu.com/2658-1/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-8142"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2015-4600"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2015-4147"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2015-4148"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-0232"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2015-0232"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2015-0273"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2014-9705"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2015-4599"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2015-2787"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2015-4601"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2015-2301"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2015-2348"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2014-8142"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2014-9709"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-9652"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2014-9652"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2015-0231"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/php5/5.6.4+dfsg-4ubuntu6.2"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/php5/5.5.9+dfsg-1ubuntu4.11"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/php5/5.5.12+dfsg-2ubuntu4.6"
},
{
"trust": 0.1,
"url": "http://www.ubuntu.com/usn/usn-2658-1"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/php5/5.3.10-1ubuntu3.19"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-2301"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-1352"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-2348"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-4022"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-6836"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-9709"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-4026"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-6836"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-6831"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-0273"
},
{
"trust": 0.1,
"url": "https://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-4021"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-7804"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-4643"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-6501"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-6834"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-6835"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-4642"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-1351"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-1352"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-6832"
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-6832"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-6831"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-6835"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-3330"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-6838"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-4642"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-2787"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-4148"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-6501"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-4147"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-2783"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-3329"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-7803"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-6837"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-1351"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-6833"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-4025"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-4644"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-9705"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-6834"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-0231"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-6833"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-81987"
},
{
"db": "VULMON",
"id": "CVE-2015-4026"
},
{
"db": "BID",
"id": "75056"
},
{
"db": "PACKETSTORM",
"id": "132440"
},
{
"db": "PACKETSTORM",
"id": "132406"
},
{
"db": "PACKETSTORM",
"id": "132619"
},
{
"db": "PACKETSTORM",
"id": "132531"
},
{
"db": "PACKETSTORM",
"id": "132442"
},
{
"db": "PACKETSTORM",
"id": "137539"
},
{
"db": "CNNVD",
"id": "CNNVD-201506-132"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-003052"
},
{
"db": "NVD",
"id": "CVE-2015-4026"
}
]
},
"sources": {
"_id": null,
"data": [
{
"db": "VULHUB",
"id": "VHN-81987",
"ident": null
},
{
"db": "VULMON",
"id": "CVE-2015-4026",
"ident": null
},
{
"db": "BID",
"id": "75056",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "132440",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "132406",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "132619",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "132531",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "132442",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "137539",
"ident": null
},
{
"db": "CNNVD",
"id": "CNNVD-201506-132",
"ident": null
},
{
"db": "JVNDB",
"id": "JVNDB-2015-003052",
"ident": null
},
{
"db": "NVD",
"id": "CVE-2015-4026",
"ident": null
}
]
},
"sources_release_date": {
"_id": null,
"data": [
{
"date": "2015-06-09T00:00:00",
"db": "VULHUB",
"id": "VHN-81987",
"ident": null
},
{
"date": "2015-06-09T00:00:00",
"db": "VULMON",
"id": "CVE-2015-4026",
"ident": null
},
{
"date": "2015-05-14T00:00:00",
"db": "BID",
"id": "75056",
"ident": null
},
{
"date": "2015-06-25T14:18:12",
"db": "PACKETSTORM",
"id": "132440",
"ident": null
},
{
"date": "2015-06-23T14:07:16",
"db": "PACKETSTORM",
"id": "132406",
"ident": null
},
{
"date": "2015-07-09T23:16:26",
"db": "PACKETSTORM",
"id": "132619",
"ident": null
},
{
"date": "2015-07-07T00:23:34",
"db": "PACKETSTORM",
"id": "132531",
"ident": null
},
{
"date": "2015-06-25T14:18:25",
"db": "PACKETSTORM",
"id": "132442",
"ident": null
},
{
"date": "2016-06-19T15:55:00",
"db": "PACKETSTORM",
"id": "137539",
"ident": null
},
{
"date": "2015-06-10T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201506-132",
"ident": null
},
{
"date": "2015-06-12T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-003052",
"ident": null
},
{
"date": "2015-06-09T18:59:08.597000",
"db": "NVD",
"id": "CVE-2015-4026",
"ident": null
}
]
},
"sources_update_date": {
"_id": null,
"data": [
{
"date": "2019-04-22T00:00:00",
"db": "VULHUB",
"id": "VHN-81987",
"ident": null
},
{
"date": "2019-04-22T00:00:00",
"db": "VULMON",
"id": "CVE-2015-4026",
"ident": null
},
{
"date": "2017-07-21T13:07:00",
"db": "BID",
"id": "75056",
"ident": null
},
{
"date": "2019-04-23T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201506-132",
"ident": null
},
{
"date": "2015-08-31T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-003052",
"ident": null
},
{
"date": "2025-04-12T10:46:40.837000",
"db": "NVD",
"id": "CVE-2015-4026",
"ident": null
}
]
},
"threat_type": {
"_id": null,
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "132440"
},
{
"db": "PACKETSTORM",
"id": "132406"
},
{
"db": "PACKETSTORM",
"id": "132531"
},
{
"db": "PACKETSTORM",
"id": "132442"
},
{
"db": "CNNVD",
"id": "CNNVD-201506-132"
}
],
"trust": 1.0
},
"title": {
"_id": null,
"data": "PHP of pcntl_exec Vulnerability that can prevent extension restrictions in the implementation of",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-003052"
}
],
"trust": 0.8
},
"type": {
"_id": null,
"data": "code problem",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201506-132"
}
],
"trust": 0.6
}
}
VAR-200904-0809
Vulnerability from variot - Updated: 2026-04-10 22:30The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allows remote attackers to execute arbitrary code via a crafted PDF file that triggers a free of invalid data. Xpdf is an open source viewer for Portable Document Format (PDF) files. A denial of service attack vulnerability exists in the JBIG2 decoder of Xpdf. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
SUSE Security Announcement
Package: cups
Announcement ID: SUSE-SA:2009:024
Date: Wed, 22 Apr 2009 13:00:00 +0000
Affected Products: openSUSE 10.3
openSUSE 11.0
openSUSE 11.1
SUSE SLES 9
Novell Linux Desktop 9
Open Enterprise Server
Novell Linux POS 9
SUSE Linux Enterprise Desktop 10 SP2
SUSE Linux Enterprise Server 10 SP2
SLE 11
Vulnerability Type: remote code execution
Severity (1-10): 8 (critical)
SUSE Default Package: yes
Cross-References: CVE-2009-0146, CVE-2009-0147, CVE-2009-0163
CVE-2009-0165, CVE-2009-0166, CVE-2009-0799
CVE-2009-0800, CVE-2009-1179, CVE-2009-1180
CVE-2009-1181, CVE-2009-1182, CVE-2009-1183
Content of This Advisory:
1) Security Vulnerability Resolved:
fixed remotely exploitable overflows
Problem Description
2) Solution or Work-Around
3) Special Instructions and Notes
4) Package Location and Checksums
5) Pending Vulnerabilities, Solutions, and Work-Arounds:
none
6) Authenticity Verification and Additional Information
1) Problem Description and Brief Discussion
The Common Unix Printing System, CUPS, is a printing server for unix-like operating systems. It allows a local user to print documents as well as remote users via port 631/tcp.
There were two security vulnerabilities fixed in cups.
The first one can be triggered by a specially crafted tiff file. This
file could lead to an integer overflow in the 'imagetops' filter which caused an heap overflow later. This bug is probably exploitable remotely by users having remote access to the CUPS server and allows the execution of arbitrary code with the privileges of the cupsd process. (CVE-2009-0163)
The second issue affects the JBIG2 decoding of the 'pdftops' filter.
The JBIG2 decoding routines are vulnerable to various software failure types like integer and buffer overflows and it is believed to be exploit- able remotely to execute arbitrary code with the privileges of the cupsd process. (CVE-2009-0146, CVE-2009-0147, CVE-2009-0165, CVE-2009-0166, CVE-2009-0799, CVE-2009-0800, CVE-2009-1179, CVE-2009-1180, CVE-2009-1181, CVE-2009-1182, CVE-2009-1183)
2) Solution or Work-Around
none
3) Special Instructions and Notes
none
4) Package Location and Checksums
The preferred method for installing security updates is to use the YaST Online Update (YOU) tool. YOU detects which updates are required and automatically performs the necessary steps to verify and install them. Alternatively, download the update packages for your distribution manually and verify their integrity by the methods listed in Section 6 of this announcement. Then install the packages using the command
rpm -Fhv <file.rpm>
to apply the update, replacing with the filename of the downloaded RPM package.
x86 Platform:
openSUSE 11.1: http://download.opensuse.org/debug/update/11.1/rpm/i586/cups-debuginfo-1.3.9-7.2.1.i586.rpm http://download.opensuse.org/debug/update/11.1/rpm/i586/cups-debugsource-1.3.9-7.2.1.i586.rpm http://download.opensuse.org/update/11.1/rpm/i586/cups-1.3.9-7.2.1.i586.rpm http://download.opensuse.org/update/11.1/rpm/i586/cups-client-1.3.9-7.2.1.i586.rpm http://download.opensuse.org/update/11.1/rpm/i586/cups-devel-1.3.9-7.2.1.i586.rpm http://download.opensuse.org/update/11.1/rpm/i586/cups-libs-1.3.9-7.2.1.i586.rpm
openSUSE 11.0: http://download.opensuse.org/debug/update/11.0/rpm/i586/cups-debuginfo-1.3.7-25.8.i586.rpm http://download.opensuse.org/debug/update/11.0/rpm/i586/cups-debugsource-1.3.7-25.8.i586.rpm http://download.opensuse.org/update/11.0/rpm/i586/cups-1.3.7-25.8.i586.rpm http://download.opensuse.org/update/11.0/rpm/i586/cups-client-1.3.7-25.8.i586.rpm http://download.opensuse.org/update/11.0/rpm/i586/cups-devel-1.3.7-25.8.i586.rpm http://download.opensuse.org/update/11.0/rpm/i586/cups-libs-1.3.7-25.8.i586.rpm
openSUSE 10.3: http://download.opensuse.org/update/10.3/rpm/i586/cups-1.2.12-22.21.i586.rpm http://download.opensuse.org/update/10.3/rpm/i586/cups-client-1.2.12-22.21.i586.rpm http://download.opensuse.org/update/10.3/rpm/i586/cups-devel-1.2.12-22.21.i586.rpm http://download.opensuse.org/update/10.3/rpm/i586/cups-libs-1.2.12-22.21.i586.rpm
Power PC Platform:
openSUSE 11.1: http://download.opensuse.org/debug/update/11.1/rpm/ppc/cups-debuginfo-1.3.9-7.2.1.ppc.rpm http://download.opensuse.org/debug/update/11.1/rpm/ppc/cups-debugsource-1.3.9-7.2.1.ppc.rpm http://download.opensuse.org/update/11.1/rpm/ppc/cups-1.3.9-7.2.1.ppc.rpm http://download.opensuse.org/update/11.1/rpm/ppc/cups-client-1.3.9-7.2.1.ppc.rpm http://download.opensuse.org/update/11.1/rpm/ppc/cups-devel-1.3.9-7.2.1.ppc.rpm http://download.opensuse.org/update/11.1/rpm/ppc/cups-libs-1.3.9-7.2.1.ppc.rpm http://download.opensuse.org/update/11.1/rpm/ppc/cups-libs-64bit-1.3.9-7.2.1.ppc.rpm
openSUSE 11.0: http://download.opensuse.org/debug/update/11.0/rpm/ppc/cups-debuginfo-1.3.7-25.8.ppc.rpm http://download.opensuse.org/debug/update/11.0/rpm/ppc/cups-debugsource-1.3.7-25.8.ppc.rpm http://download.opensuse.org/update/11.0/rpm/ppc/cups-1.3.7-25.8.ppc.rpm http://download.opensuse.org/update/11.0/rpm/ppc/cups-client-1.3.7-25.8.ppc.rpm http://download.opensuse.org/update/11.0/rpm/ppc/cups-devel-1.3.7-25.8.ppc.rpm http://download.opensuse.org/update/11.0/rpm/ppc/cups-libs-1.3.7-25.8.ppc.rpm http://download.opensuse.org/update/11.0/rpm/ppc/cups-libs-64bit-1.3.7-25.8.ppc.rpm
openSUSE 10.3: http://download.opensuse.org/update/10.3/rpm/ppc/cups-1.2.12-22.21.ppc.rpm http://download.opensuse.org/update/10.3/rpm/ppc/cups-client-1.2.12-22.21.ppc.rpm http://download.opensuse.org/update/10.3/rpm/ppc/cups-devel-1.2.12-22.21.ppc.rpm http://download.opensuse.org/update/10.3/rpm/ppc/cups-libs-1.2.12-22.21.ppc.rpm http://download.opensuse.org/update/10.3/rpm/ppc/cups-libs-64bit-1.2.12-22.21.ppc.rpm
x86-64 Platform:
openSUSE 11.1: http://download.opensuse.org/debug/update/11.1/rpm/x86_64/cups-debuginfo-1.3.9-7.2.1.x86_64.rpm http://download.opensuse.org/debug/update/11.1/rpm/x86_64/cups-debugsource-1.3.9-7.2.1.x86_64.rpm http://download.opensuse.org/update/11.1/rpm/x86_64/cups-1.3.9-7.2.1.x86_64.rpm http://download.opensuse.org/update/11.1/rpm/x86_64/cups-client-1.3.9-7.2.1.x86_64.rpm http://download.opensuse.org/update/11.1/rpm/x86_64/cups-devel-1.3.9-7.2.1.x86_64.rpm http://download.opensuse.org/update/11.1/rpm/x86_64/cups-libs-1.3.9-7.2.1.x86_64.rpm http://download.opensuse.org/update/11.1/rpm/x86_64/cups-libs-32bit-1.3.9-7.2.1.x86_64.rpm
openSUSE 11.0: http://download.opensuse.org/debug/update/11.0/rpm/x86_64/cups-debuginfo-1.3.7-25.8.x86_64.rpm http://download.opensuse.org/debug/update/11.0/rpm/x86_64/cups-debugsource-1.3.7-25.8.x86_64.rpm http://download.opensuse.org/update/11.0/rpm/x86_64/cups-1.3.7-25.8.x86_64.rpm http://download.opensuse.org/update/11.0/rpm/x86_64/cups-client-1.3.7-25.8.x86_64.rpm http://download.opensuse.org/update/11.0/rpm/x86_64/cups-devel-1.3.7-25.8.x86_64.rpm http://download.opensuse.org/update/11.0/rpm/x86_64/cups-libs-1.3.7-25.8.x86_64.rpm http://download.opensuse.org/update/11.0/rpm/x86_64/cups-libs-32bit-1.3.7-25.8.x86_64.rpm
openSUSE 10.3: http://download.opensuse.org/update/10.3/rpm/x86_64/cups-1.2.12-22.21.x86_64.rpm http://download.opensuse.org/update/10.3/rpm/x86_64/cups-client-1.2.12-22.21.x86_64.rpm http://download.opensuse.org/update/10.3/rpm/x86_64/cups-devel-1.2.12-22.21.x86_64.rpm http://download.opensuse.org/update/10.3/rpm/x86_64/cups-libs-1.2.12-22.21.x86_64.rpm http://download.opensuse.org/update/10.3/rpm/x86_64/cups-libs-32bit-1.2.12-22.21.x86_64.rpm
Sources:
openSUSE 11.1: http://download.opensuse.org/update/11.1/rpm/src/cups-1.3.9-7.2.1.src.rpm
openSUSE 11.0: http://download.opensuse.org/update/11.0/rpm/src/cups-1.3.7-25.8.src.rpm
openSUSE 10.3: http://download.opensuse.org/update/10.3/rpm/src/cups-1.2.12-22.21.src.rpm
Our maintenance customers are notified individually. The packages are offered for installation from the maintenance web:
Open Enterprise Server http://download.novell.com/index.jsp?search=Search&set_restricted=true&keywords=403675f837530f047eb825dcb7428cf3
Novell Linux POS 9 http://download.novell.com/index.jsp?search=Search&set_restricted=true&keywords=403675f837530f047eb825dcb7428cf3
Novell Linux Desktop 9 http://download.novell.com/index.jsp?search=Search&set_restricted=true&keywords=403675f837530f047eb825dcb7428cf3
SUSE SLES 9 http://download.novell.com/index.jsp?search=Search&set_restricted=true&keywords=403675f837530f047eb825dcb7428cf3
SUSE Linux Enterprise Server 10 SP2 http://download.novell.com/index.jsp?search=Search&set_restricted=true&keywords=a777264f13a7d9d882a7d024d831be1f
SUSE Linux Enterprise Desktop 10 SP2 http://download.novell.com/index.jsp?search=Search&set_restricted=true&keywords=a777264f13a7d9d882a7d024d831be1f
SLES 11 http://download.novell.com/index.jsp?search=Search&set_restricted=true&keywords=22d7a0746f9c204f5ecc1395385739f7
SLED 11 http://download.novell.com/index.jsp?search=Search&set_restricted=true&keywords=22d7a0746f9c204f5ecc1395385739f7
SLE 11 http://download.novell.com/index.jsp?search=Search&set_restricted=true&keywords=22d7a0746f9c204f5ecc1395385739f7
SLES 11 DEBUGINFO http://download.novell.com/index.jsp?search=Search&set_restricted=true&keywords=22d7a0746f9c204f5ecc1395385739f7
5) Pending Vulnerabilities, Solutions, and Work-Arounds:
none
6) Authenticity Verification and Additional Information
-
Announcement authenticity verification:
SUSE security announcements are published via mailing lists and on Web sites. The authenticity and integrity of a SUSE security announcement is guaranteed by a cryptographic signature in each announcement. All SUSE security announcements are published with a valid signature.
To verify the signature of the announcement, save it as text into a file and run the command
gpg --verify
replacing with the name of the file where you saved the announcement. The output for a valid signature looks like:
gpg: Signature made using RSA key ID 3D25D3D9 gpg: Good signature from "SuSE Security Team security@suse.de"
where is replaced by the date the document was signed.
If the security team's key is not contained in your key ring, you can import it from the first installation CD. To import the key, use the command
gpg --import gpg-pubkey-3d25d3d9-36e12d04.asc
-
Package authenticity verification:
SUSE update packages are available on many mirror FTP servers all over the world. While this service is considered valuable and important to the free and open source software community, the authenticity and the integrity of a package needs to be verified to ensure that it has not been tampered with.
The internal rpm package signatures provide an easy way to verify the authenticity of an RPM package. Use the command
rpm -v --checksig
to verify the signature of the package, replacing with the filename of the RPM package downloaded. The package is unmodified if it contains a valid signature from build@suse.de with the key ID 9C800ACA.
This key is automatically imported into the RPM database (on RPMv4-based distributions) and the gpg key ring of 'root' during installation. You can also find it on the first installation CD and at the end of this announcement.
-
SUSE runs two security mailing lists to which any interested party may subscribe:
opensuse-security@opensuse.org - General Linux and SUSE security discussion. All SUSE security announcements are sent to this list. To subscribe, send an e-mail to opensuse-security+subscribe@opensuse.org.
opensuse-security-announce@opensuse.org - SUSE's announce-only mailing list. Only SUSE's security announcements are sent to this list. To subscribe, send an e-mail to opensuse-security-announce+subscribe@opensuse.org.
===================================================================== SUSE's security contact is security@suse.com or security@suse.de. The security@suse.de public key is listed below. =====================================================================
The information in this advisory may be distributed or reproduced, provided that the advisory is not modified in any way. In particular, the clear text signature should show proof of the authenticity of the text.
SUSE Linux Products GmbH provides no warranties of any kind whatsoever with respect to the information contained in this security advisory.
Type Bits/KeyID Date User ID pub 2048R/3D25D3D9 1999-03-06 SuSE Security Team security@suse.de pub 1024D/9C800ACA 2000-10-19 SuSE Package Signing Key build@suse.de
- -----BEGIN PGP PUBLIC KEY BLOCK----- Version: GnuPG v1.4.2 (GNU/Linux)
mQENAzbhLQQAAAEIAKAkXHe0lWRBXLpn38hMHy03F0I4Sszmoc8aaKJrhfhyMlOA BqvklPLE2f9UrI4Xc860gH79ZREwAgPt0pi6+SleNFLNcNFAuuHMLQOOsaMFatbz JR9i4m/lf6q929YROu5zB48rBAlcfTm+IBbijaEdnqpwGib45wE/Cfy6FAttBHQh 1Kp+r/jPbf1mYAvljUfHKuvbg8t2EIQz/5yGp+n5trn9pElfQO2cRBq8LFpf1l+U P7EKjFmlOq+Gs/fF98/dP3DfniSd78LQPq5vp8RL8nr/o2i7jkAQ33m4f1wOBWd+ cZovrKXYlXiR+Bf7m2hpZo+/sAzhd7LmAD0l09kABRG0JVN1U0UgU2VjdXJpdHkg VGVhbSA8c2VjdXJpdHlAc3VzZS5kZT6JARUDBRA24S1H5Fiyh7HKPEUBAVcOB/9b yHYji1/+4Xc2GhvXK0FSJN0MGgeXgW47yxDL7gmR4mNgjlIOUHZj0PEpVjWepOJ7 tQS3L9oP6cpj1Fj/XxuLbkp5VCQ61hpt54coQAvYrnT9rtWEGN+xmwejT1WmYmDJ xG+EGBXKr+XP69oIUl1E2JO3rXeklulgjqRKos4cdXKgyjWZ7CP9V9daRXDtje63 Om8gwSdU/nCvhdRIWp/Vwbf7Ia8iZr9OJ5YuQl0DBG4qmGDDrvImgPAFkYFzwlqo choXFQ9y0YVCV41DnR+GYhwl2qBd81T8aXhihEGPIgaw3g8gd8B5o6mPVgl+nJqI BkEYGBusiag2pS6qwznZiQEVAwUQNuEtBHey5gA9JdPZAQFtOAf+KVh939b0J94u v/kpg4xs1LthlhquhbHcKNoVTNspugiC3qMPyvSX4XcBr2PC0cVkS4Z9PY9iCfT+ x9WM96g39dAF+le2CCx7XISk9XXJ4ApEy5g4AuK7NYgAJd39PPbERgWnxjxir9g0 Ix30dS30bW39D+3NPU5Ho9TD/B7UDFvYT5AWHl3MGwo3a1RhTs6sfgL7yQ3U+mvq MkTExZb5mfN1FeaYKMopoI4VpzNVeGxQWIz67VjJHVyUlF20ekOz4kWVgsxkc8G2 saqZd6yv2EwqYTi8BDAduweP33KrQc4KDDommQNDOXxaKOeCoESIdM4p7Esdjq1o L0oixF12CohGBBARAgAGBQI7HmHDAAoJEJ5A4xAACqukTlQAoI4QzP9yjPohY7OU F7J3eKBTzp25AJ42BmtSd3pvm5ldmognWF3Trhp+GYkAlQMFEDe3O8IWkDf+zvyS FQEBAfkD/3GG5UgJj18UhYmh1gfjIlDcPAeqMwSytEHDENmHC+vlZQ/p0mT9tPiW tp34io54mwr+bLPN8l6B5GJNkbGvH6M+mO7R8Lj4nHL6pyAv3PQr83WyLHcaX7It Klj371/4yzKV6qpz43SGRK4MacLo2rNZ/dNej7lwPCtzCcFYwqkiiEYEEBECAAYF AjoaQqQACgkQx1KqMrDf94ArewCfWnTUDG5gNYkmHG4bYL8fQcizyA4An2eVo/n+ 3J2KRWSOhpAMsnMxtPbBmQGiBDnu9IERBACT8Y35+2vv4MGVKiLEMOl9GdST6MCk YS3yEKeueNWc+z/0Kvff4JctBsgs47tjmiI9sl0eHjm3gTR8rItXMN6sJEUHWzDP +Y0PFPboMvKx0FXl/A0dM+HFrruCgBlWt6FA+okRySQiliuI5phwqkXefl9AhkwR 8xocQSVCFxcwvwCglVcOQliHu8jwRQHxlRE0tkwQQI0D+wfQwKdvhDplxHJ5nf7U 8c/yE/vdvpN6lF0tmFrKXBUX+K7u4ifrZlQvj/81M4INjtXreqDiJtr99Rs6xa0S cZqITuZC4CWxJa9GynBED3+D2t1V/f8l0smsuYoFOF7Ib49IkTdbtwAThlZp8bEh ELBeGaPdNCcmfZ66rKUdG5sRA/9ovnc1krSQF2+sqB9/o7w5/q2qiyzwOSTnkjtB UVKn4zLUOf6aeBAoV6NMCC3Kj9aZHfA+ND0ehPaVGJgjaVNFhPi4x0e7BULdvgOo AqajLfvkURHAeSsxXIoEmyW/xC1sBbDkDUIBSx5oej73XCZgnj/inphRqGpsb+1n KFvF+rQoU3VTRSBQYWNrYWdlIFNpZ25pbmcgS2V5IDxidWlsZEBzdXNlLmRlPohi BBMRAgAiBQJA2AY+AhsDBQkObd+9BAsHAwIDFQIDAxYCAQIeAQIXgAAKCRCoTtro nIAKypCfAJ9RuZ6ZSV7QW4pTgTIxQ+ABPp0sIwCffG9bCNnrETPlgOn+dGEkAWeg KL+IRgQQEQIABgUCOnBeUgAKCRCeQOMQAAqrpNzOAKCL512FZvv4VZx94TpbA9lx yoAejACeOO1HIbActAevk5MUBhNeLZa/qM2JARUDBRA6cGBvd7LmAD0l09kBATWn B/9An5vfiUUE1VQnt+T/EYklES3tXXaJJp9pHMa4fzFa8jPVtv5UBHGee3XoUNDV wM2OgSEISZxbzdXGnqIlcT08TzBUD9i579uifklLsnr35SJDZ6ram51/CWOnnaVh UzneOA9gTPSr+/fT3WeVnwJiQCQ30kNLWVXWATMnsnT486eAOlT6UNBPYQLpUprF 5Yryk23pQUPAgJENDEqeU6iIO9Ot1ZPtB0lniw+/xCi13D360o1tZDYOp0hHHJN3 D3EN8C1yPqZd5CvvznYvB6bWBIpWcRgdn2DUVMmpU661jwqGlRz1F84JG/xe4jGu zgpJt9IXSzyohEJB6XG5+D0BuQINBDnu9JIQCACEkdBN6Mxf5WvqDWkcMRy6wnrd 9DYJ8UUTmIT2iQf07tRUKJJ9v0JXfx2Z4d08IQSMNRaq4VgSe+PdYgIy0fbj23Vi a5/gO7fJEpD2hd2f+pMnOWvH2rOOIbeYfuhzAc6BQjAKtmgR0ERUTafTM9Wb6F13 CNZZNZfDqnFDP6L12w3z3F7FFXkz07Rs3AIto1ZfYZd4sCSpMr/0S5nLrHbIvGLp 271hhQBeRmmoGEKO2JRelGgUJ2CUzOdtwDIKT0LbCpvaP8PVnYF5IFoYJIWRHqlE t5ucTXstZy7vYjL6vTP4l5xs+LIOkNmPhqmfsgLzVo0UaLt80hOwc4NvDCOLAAMG B/9g+9V3ORzw4LvO1pwRYJqfDKUq/EJ0rNMMD4N8RLpZRhKHKJUm9nNHLbksnlZw rbSTM5LpC/U6sheLP+l0bLVoq0lmsCcUSyh+mY6PxWirLIWCn/IAZAGnXb6Zd6Tt IJlGG6pqUN8QxGJYQnonl0uTJKHJENbI9sWHQdcTtBMc34gorHFCo1Bcvpnc1LFL rWn7mfoGx6INQjf3HGQpMXAWuSBQhzkazY6vaWFpa8bBJ+gKbBuySWzNm3rFtT5H RKMWpO+M9bHp4d+puY0L1YwN1OMatcMMpcWnZpiWiR83oi32+xtWUY2U7Ae38mMa g8zFbpeqPQUsDv9V7CAJ1dbriEwEGBECAAwFAkDYBnoFCQ5t3+gACgkQqE7a6JyA CspnpgCfRbYwxT3iq+9l/PgNTUNTZOlof2oAn25y0eGi0371jap9kOV6uq71sUuO =ypVs - -----END PGP PUBLIC KEY BLOCK-----
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (GNU/Linux)
iQEVAwUBSe8qrney5gA9JdPZAQI4aQf/e938Hr+O1QYi9y5cm9ycOcaFHWx0oZED yyOc4lUYZrb7qjmErPHfpoMR9c2XZlmESwKY0RZjddxe+vINDrOcMuI4nrp12ObP uYvSAAz3xgpXzVtW5B/90ihHJAqHAnwOsdO8adt6PtKCt7T2gMPuQV0RSz3BRy// qtBHDNyTBRPK7ex/YKUyQAbNENQUa3r9BaHpTHWjscfCoQch4Wz5hmLKv/n7eYdj CFetsr6zu3hn3isKD8EPTIMbkpaYBMxp53UnNiRmVRy0Gb7zlBz5ByYQaYY+YKf/ OZ+ZHRTuDsNbAT03QtkvML3yqr3Yobb39DFa+cSsH2c9xTdwWdzSAg== =ZnS5 -----END PGP SIGNATURE-----
Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ . =========================================================== Ubuntu Security Notice USN-759-1 April 16, 2009 poppler vulnerabilities CVE-2009-0146, CVE-2009-0147, CVE-2009-0166, CVE-2009-0799, CVE-2009-0800, CVE-2009-1179, CVE-2009-1180, CVE-2009-1181, CVE-2009-1182, CVE-2009-1183, CVE-2009-1187, CVE-2009-1188 ===========================================================
A security issue affects the following Ubuntu releases:
Ubuntu 6.06 LTS Ubuntu 8.04 LTS Ubuntu 8.10
This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu.
The problem can be corrected by upgrading your system to the following package versions:
Ubuntu 6.06 LTS: libpoppler1 0.5.1-0ubuntu7.5 libpoppler1-glib 0.5.1-0ubuntu7.5
Ubuntu 8.04 LTS: libpoppler-glib2 0.6.4-1ubuntu3.2 libpoppler2 0.6.4-1ubuntu3.2
Ubuntu 8.10: libpoppler-glib3 0.8.7-1ubuntu0.2 libpoppler3 0.8.7-1ubuntu0.2
In general, a standard system upgrade is sufficient to effect the necessary changes.
Details follow:
Will Dormann, Alin Rad Pop, Braden Thomas, and Drew Yao discovered that poppler contained multiple security issues in its JBIG2 decoder. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Mandriva Linux Security Advisory MDVSA-2010:055 http://www.mandriva.com/security/
Package : poppler Date : March 4, 2010 Affected: 2008.0
Problem Description:
An out-of-bounds reading flaw in the JBIG2 decoder allows remote attackers to cause a denial of service (crash) via a crafted PDF file (CVE-2009-0799). NOTE: some of these details are obtained from third party information. NOTE: this issue reportedly exists because of an incomplete fix for CVE-2009-1188 (CVE-2009-3603). NOTE: this may overlap CVE-2009-0791 (CVE-2009-3605). NOTE: some of these details are obtained from third party information (CVE-2009-3607). This update provides fixes for that vulnerabilities.
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0799 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0800 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1179 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1180 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1181 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1182 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1183 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1188 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3603 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3604 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3605 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3606 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3607 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3608 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3609 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3938
Updated Packages:
Mandriva Linux 2008.0: 0b4c544fea742c847cb56b9fbc33f412 2008.0/i586/libpoppler3-0.8.7-2.4mdv2008.0.i586.rpm b991aecb282a882f6ee5640bcc832e5d 2008.0/i586/libpoppler-devel-0.8.7-2.4mdv2008.0.i586.rpm afe27149192bdca20b911965febc5ee2 2008.0/i586/libpoppler-glib3-0.8.7-2.4mdv2008.0.i586.rpm 379d7bdd3dde6cbf9bd43c7b9e2723c3 2008.0/i586/libpoppler-glib-devel-0.8.7-2.4mdv2008.0.i586.rpm d7f58c500ff93f75998e1a0ba8e05c9e 2008.0/i586/libpoppler-qt2-0.8.7-2.4mdv2008.0.i586.rpm 64a5f31e3feb593c1ce0be10a24aec43 2008.0/i586/libpoppler-qt4-3-0.8.7-2.4mdv2008.0.i586.rpm 5e3182c22daabbf93056b8a94545fbd9 2008.0/i586/libpoppler-qt4-devel-0.8.7-2.4mdv2008.0.i586.rpm 9eaa15826e2ab184de24cf0b1aeda2e6 2008.0/i586/libpoppler-qt-devel-0.8.7-2.4mdv2008.0.i586.rpm 53fa179984dc9c0442292a77bab496b0 2008.0/i586/poppler-0.8.7-2.4mdv2008.0.i586.rpm c8146a94a038650fc5a1704196b1b087 2008.0/SRPMS/poppler-0.8.7-2.4mdv2008.0.src.rpm
Mandriva Linux 2008.0/X86_64: ebde9bf055ba6854f7348da4dd2ba7b4 2008.0/x86_64/lib64poppler3-0.8.7-2.4mdv2008.0.x86_64.rpm c200ff892641cebd5e49ebc2d05fb1c0 2008.0/x86_64/lib64poppler-devel-0.8.7-2.4mdv2008.0.x86_64.rpm 6ee35af2904995be70a1d83adc2a2d86 2008.0/x86_64/lib64poppler-glib3-0.8.7-2.4mdv2008.0.x86_64.rpm a4ad93d7caf1bfaa25f1e511da8c9208 2008.0/x86_64/lib64poppler-glib-devel-0.8.7-2.4mdv2008.0.x86_64.rpm 86205b42fd719dd722799de7f215d021 2008.0/x86_64/lib64poppler-qt2-0.8.7-2.4mdv2008.0.x86_64.rpm 523f9debc4c5db056eb5484aa066960e 2008.0/x86_64/lib64poppler-qt4-3-0.8.7-2.4mdv2008.0.x86_64.rpm 79a6a65ada1a4e4573d9ca50ea1995f0 2008.0/x86_64/lib64poppler-qt4-devel-0.8.7-2.4mdv2008.0.x86_64.rpm ea0e41c890b571f6bbc217983aa2f3ec 2008.0/x86_64/lib64poppler-qt-devel-0.8.7-2.4mdv2008.0.x86_64.rpm 2086f89f02c674a8428f9d88d9e3c8d2 2008.0/x86_64/poppler-0.8.7-2.4mdv2008.0.x86_64.rpm c8146a94a038650fc5a1704196b1b087 2008.0/SRPMS/poppler-0.8.7-2.4mdv2008.0.src.rpm
To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandriva for security. (CVE-2009-0163)
Integer overflow in the JBIG2 decoder in Xpdf 3.02pl2 and earlier, as used in Poppler and other products, when running on Mac OS X, has unspecified impact, related to g*allocn.
Update:
Packages for 2008.0 are being provided due to extended support for Corporate products. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201310-03
http://security.gentoo.org/
Severity: Normal Title: Poppler: Multiple vulnerabilities Date: October 06, 2013 Bugs: #263028, #290430, #290464, #308017, #338878, #352581, #459866, #480366 ID: 201310-03
Synopsis
Multiple vulnerabilities have been found in Poppler, some of which may allow execution of arbitrary code.
Background
Poppler is a cross-platform PDF rendering library originally based on Xpdf.
Affected packages
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 app-text/poppler < 0.22.2-r1 >= 0.22.2-r1
Description
Multiple vulnerabilities have been discovered in Poppler. Please review the CVE identifiers referenced below for details.
Workaround
There is no known workaround at this time.
Resolution
All Poppler users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=app-text/poppler-0.22.2-r1"
References
[ 1 ] CVE-2009-0146 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0146 [ 2 ] CVE-2009-0147 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0147 [ 3 ] CVE-2009-0165 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0165 [ 4 ] CVE-2009-0166 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0166 [ 5 ] CVE-2009-0195 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0195 [ 6 ] CVE-2009-0799 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0799 [ 7 ] CVE-2009-0800 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0800 [ 8 ] CVE-2009-1179 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1179 [ 9 ] CVE-2009-1180 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1180 [ 10 ] CVE-2009-1181 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1181 [ 11 ] CVE-2009-1182 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1182 [ 12 ] CVE-2009-1183 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1183 [ 13 ] CVE-2009-1187 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1187 [ 14 ] CVE-2009-1188 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1188 [ 15 ] CVE-2009-3603 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3603 [ 16 ] CVE-2009-3604 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3604 [ 17 ] CVE-2009-3605 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3605 [ 18 ] CVE-2009-3606 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3606 [ 19 ] CVE-2009-3607 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3607 [ 20 ] CVE-2009-3608 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3608 [ 21 ] CVE-2009-3609 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3609 [ 22 ] CVE-2009-3938 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3938 [ 23 ] CVE-2010-3702 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3702 [ 24 ] CVE-2010-3703 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3703 [ 25 ] CVE-2010-3704 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3704 [ 26 ] CVE-2010-4653 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4653 [ 27 ] CVE-2010-4654 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4654 [ 28 ] CVE-2012-2142 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2142 [ 29 ] CVE-2013-1788 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1788 [ 30 ] CVE-2013-1789 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1789 [ 31 ] CVE-2013-1790 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1790
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201310-03.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2013 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5 .
This update upgrades KDE in Mandriva Linux 2008.0 to version 3.5.10, which brings many bugfixes, overall improvements and many security fixes.
For the old stable distribution (etch), these problems have been fixed in version 3.01-9.1+etch6.
For the stable distribution (lenny), these problems have been fixed in version 3.02-1.4+lenny1.
For the unstable distribution (sid), these problems will be fixed in a forthcoming version.
We recommend that you upgrade your xpdf packages.
Upgrade instructions
wget url will fetch the file for you dpkg -i file.deb will install the referenced file.
If you are using the apt-get package manager, use the line for sources.list as given below:
apt-get update will update the internal database apt-get upgrade will install corrected packages
You may use an automated update by adding the resources from the footer to the proper configuration.
Debian GNU/Linux 4.0 alias etch
Debian GNU/Linux 5.0 alias lenny
Debian (oldstable)
Oldstable updates are available for alpha, amd64, arm, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.
Source archives:
http://security.debian.org/pool/updates/main/x/xpdf/xpdf_3.01-9.1+etch6.dsc Size/MD5 checksum: 974 9c04059981f8b036d7e6e39c7f0aeb21 http://security.debian.org/pool/updates/main/x/xpdf/xpdf_3.01-9.1+etch6.diff.gz Size/MD5 checksum: 46835 c69a67b9ff487403e7c3ff819c6ff734 http://security.debian.org/pool/updates/main/x/xpdf/xpdf_3.01.orig.tar.gz Size/MD5 checksum: 599778 e004c69c7dddef165d768b1362b44268
Architecture independent packages:
http://security.debian.org/pool/updates/main/x/xpdf/xpdf-common_3.01-9.1+etch6_all.deb Size/MD5 checksum: 62834 dd8f37161c3b2430cb1cd65c911e9f86 http://security.debian.org/pool/updates/main/x/xpdf/xpdf_3.01-9.1+etch6_all.deb Size/MD5 checksum: 1278 d6da8e00b02ab3f17ec44b90fff6bb30
alpha architecture (DEC Alpha)
http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.01-9.1+etch6_alpha.deb Size/MD5 checksum: 920352 83b7d74d9ebae9b26da91de7c91d3502 http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.01-9.1+etch6_alpha.deb Size/MD5 checksum: 1687294 9862913548fff9bfda37a6fe075df5b0
amd64 architecture (AMD x86_64 (AMD64))
http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.01-9.1+etch6_amd64.deb Size/MD5 checksum: 809202 171520d7642019943bfe7166876f5da5 http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.01-9.1+etch6_amd64.deb Size/MD5 checksum: 1493308 9575f135e9ec312f9e6d7d2517dd8f5b
arm architecture (ARM)
http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.01-9.1+etch6_arm.deb Size/MD5 checksum: 803714 6db06ffcba7f6d7576ed356e7989557d http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.01-9.1+etch6_arm.deb Size/MD5 checksum: 1468616 9afde01dda379acd4e7edfbccc7c7b2d
hppa architecture (HP PA RISC)
http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.01-9.1+etch6_hppa.deb Size/MD5 checksum: 1773794 c9012a9d3919ec40dcea1264ac27a6fe http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.01-9.1+etch6_hppa.deb Size/MD5 checksum: 963060 565daaf6f15ff7593d560ef7a2f94364
i386 architecture (Intel ia32)
http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.01-9.1+etch6_i386.deb Size/MD5 checksum: 796992 5270bef04f1c2e924b813dffe6050d89 http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.01-9.1+etch6_i386.deb Size/MD5 checksum: 1458826 b2f3cbaac0ffcce0bb8d7e656bf11b02
ia64 architecture (Intel ia64)
http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.01-9.1+etch6_ia64.deb Size/MD5 checksum: 1217142 afeaf9bfc66ebb69767703bfb30bbd4c http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.01-9.1+etch6_ia64.deb Size/MD5 checksum: 2218472 6545e9b6f58a84c0daa76baa8a0db629
mipsel architecture (MIPS (Little Endian))
http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.01-9.1+etch6_mipsel.deb Size/MD5 checksum: 946638 5323268be89e54c5c8eb7ae13f0eab14 http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.01-9.1+etch6_mipsel.deb Size/MD5 checksum: 1721268 0b710c0bcc6ffefe29f683ab09d3cbe8
powerpc architecture (PowerPC)
http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.01-9.1+etch6_powerpc.deb Size/MD5 checksum: 1554798 eadd6236b778761086d436dd8db986e4 http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.01-9.1+etch6_powerpc.deb Size/MD5 checksum: 849204 d22f5d59f03d6484e149d7536a25a517
s390 architecture (IBM S/390)
http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.01-9.1+etch6_s390.deb Size/MD5 checksum: 1401814 0e3f588c64e8fa9a102ebcae29c4d807 http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.01-9.1+etch6_s390.deb Size/MD5 checksum: 767392 4b7c1a868f2f909c2dce25087da77817
sparc architecture (Sun SPARC/UltraSPARC)
http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.01-9.1+etch6_sparc.deb Size/MD5 checksum: 1394680 8b17e2339e2a908a610271eb678495b1 http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.01-9.1+etch6_sparc.deb Size/MD5 checksum: 763618 f3897333018702ee926e41ca5f58dc92
Debian (stable)
Stable updates are available for alpha, amd64, arm, armel, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.
Source archives:
http://security.debian.org/pool/updates/main/x/xpdf/xpdf_3.02-1.4+lenny1.dsc Size/MD5 checksum: 1266 faeebc4dfc74129ca708a6345bb483f7 http://security.debian.org/pool/updates/main/x/xpdf/xpdf_3.02.orig.tar.gz Size/MD5 checksum: 674912 599dc4cc65a07ee868cf92a667a913d2 http://security.debian.org/pool/updates/main/x/xpdf/xpdf_3.02-1.4+lenny1.diff.gz Size/MD5 checksum: 42280 362f72e95494f51a19eeb898b9a527ac
Architecture independent packages:
http://security.debian.org/pool/updates/main/x/xpdf/xpdf-common_3.02-1.4+lenny1_all.deb Size/MD5 checksum: 67664 b5f063bf32cbeaf1aaeec315dc8aff0a http://security.debian.org/pool/updates/main/x/xpdf/xpdf_3.02-1.4+lenny1_all.deb Size/MD5 checksum: 1268 f67780458dac3c38cd59bfde186f9a3b
alpha architecture (DEC Alpha)
http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.02-1.4+lenny1_alpha.deb Size/MD5 checksum: 1896344 f65f591413c25a23ea2aaccba2b5b634 http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.02-1.4+lenny1_alpha.deb Size/MD5 checksum: 1018434 cb679c93bbc428ea852bd4ef3103e42d
amd64 architecture (AMD x86_64 (AMD64))
http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.02-1.4+lenny1_amd64.deb Size/MD5 checksum: 1709514 1e1277251a6dd0bb0a551997efd39175 http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.02-1.4+lenny1_amd64.deb Size/MD5 checksum: 921892 fb7de1db5e3885365c3ad74c3646ab57
arm architecture (ARM)
http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.02-1.4+lenny1_arm.deb Size/MD5 checksum: 1667088 58ddefe40598d6fe4a5016145163ef45 http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.02-1.4+lenny1_arm.deb Size/MD5 checksum: 907908 881594298fe547cefa3d528c519d369f
armel architecture (ARM EABI)
http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.02-1.4+lenny1_armel.deb Size/MD5 checksum: 886242 51d55f7c4de41c5d4051f41fde9b7389 http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.02-1.4+lenny1_armel.deb Size/MD5 checksum: 1602392 bc996edfad6d1995cb4ef2f4c7760b51
hppa architecture (HP PA RISC)
http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.02-1.4+lenny1_hppa.deb Size/MD5 checksum: 1076286 fa3ac4a1001abf3e892bb1397b06ff17 http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.02-1.4+lenny1_hppa.deb Size/MD5 checksum: 1985520 e95263d094e2c8d6aa72ee1edb9105f3
i386 architecture (Intel ia32)
http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.02-1.4+lenny1_i386.deb Size/MD5 checksum: 876656 441042932886fa29adae731338f6b5bd http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.02-1.4+lenny1_i386.deb Size/MD5 checksum: 1611730 52516381da25dbb0c1145e2b7cdf692a
ia64 architecture (Intel ia64)
http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.02-1.4+lenny1_ia64.deb Size/MD5 checksum: 1380222 0ffaee560534c9d69df433340679c8fc http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.02-1.4+lenny1_ia64.deb Size/MD5 checksum: 2519970 eb4f4e5c173557fa8ae713f123cbb193
mips architecture (MIPS (Big Endian))
http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.02-1.4+lenny1_mips.deb Size/MD5 checksum: 1894924 58b336b114ef5c8fb9fc6244411b4cf4 http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.02-1.4+lenny1_mips.deb Size/MD5 checksum: 1040834 ae8ed06ea2ed07e3a064c6bd28e80933
mipsel architecture (MIPS (Little Endian))
http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.02-1.4+lenny1_mipsel.deb Size/MD5 checksum: 1026954 eac8167230b8fa208cdbc5b196f0c624 http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.02-1.4+lenny1_mipsel.deb Size/MD5 checksum: 1872050 8f2e99ce5a102d099ba22543f246d5bd
powerpc architecture (PowerPC)
http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.02-1.4+lenny1_powerpc.deb Size/MD5 checksum: 1788584 7d1466cc8770bd92f299c1cc772f64e7 http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.02-1.4+lenny1_powerpc.deb Size/MD5 checksum: 968838 7cc8568d6b74348300066e42b27f90c2
s390 architecture (IBM S/390)
http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.02-1.4+lenny1_s390.deb Size/MD5 checksum: 871666 1dde93a4cc0a28b90f92c05f0d181079 http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.02-1.4+lenny1_s390.deb Size/MD5 checksum: 1598270 201ad07e4853843dce22f22daa41fd35
sparc architecture (Sun SPARC/UltraSPARC)
http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.02-1.4+lenny1_sparc.deb Size/MD5 checksum: 863662 446f2d8fe6483d3741648c4db1ff5b82 http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.02-1.4+lenny1_sparc.deb Size/MD5 checksum: 1586262 52861c00f406c35db8a6e6f3269cc37d
These files will probably be moved into the stable distribution on its next update
Show details on source website{
"affected_products": {
"_id": null,
"data": [
{
"_id": null,
"model": "poppler",
"scope": "eq",
"trust": 1.6,
"vendor": "poppler",
"version": "0.3.2"
},
{
"_id": null,
"model": "poppler",
"scope": "eq",
"trust": 1.6,
"vendor": "poppler",
"version": "0.1.2"
},
{
"_id": null,
"model": "poppler",
"scope": "eq",
"trust": 1.6,
"vendor": "poppler",
"version": "0.1"
},
{
"_id": null,
"model": "poppler",
"scope": "eq",
"trust": 1.6,
"vendor": "poppler",
"version": "0.4.0"
},
{
"_id": null,
"model": "poppler",
"scope": "eq",
"trust": 1.6,
"vendor": "poppler",
"version": "0.3.1"
},
{
"_id": null,
"model": "poppler",
"scope": "eq",
"trust": 1.6,
"vendor": "poppler",
"version": "0.4.1"
},
{
"_id": null,
"model": "poppler",
"scope": "eq",
"trust": 1.6,
"vendor": "poppler",
"version": "0.3.3"
},
{
"_id": null,
"model": "poppler",
"scope": "eq",
"trust": 1.6,
"vendor": "poppler",
"version": "0.3.0"
},
{
"_id": null,
"model": "poppler",
"scope": "eq",
"trust": 1.6,
"vendor": "poppler",
"version": "0.2.0"
},
{
"_id": null,
"model": "poppler",
"scope": "eq",
"trust": 1.6,
"vendor": "poppler",
"version": "0.1.1"
},
{
"_id": null,
"model": "cups",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.1.18"
},
{
"_id": null,
"model": "cups",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.1.10-1"
},
{
"_id": null,
"model": "cups",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.1.20"
},
{
"_id": null,
"model": "xpdf",
"scope": "eq",
"trust": 1.0,
"vendor": "foolabs",
"version": "0.91c"
},
{
"_id": null,
"model": "xpdf",
"scope": "eq",
"trust": 1.0,
"vendor": "foolabs",
"version": "0.92e"
},
{
"_id": null,
"model": "cups",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.1.7"
},
{
"_id": null,
"model": "xpdf",
"scope": "eq",
"trust": 1.0,
"vendor": "foolabs",
"version": "0.93a"
},
{
"_id": null,
"model": "cups",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.1.6-3"
},
{
"_id": null,
"model": "xpdfreader",
"scope": "eq",
"trust": 1.0,
"vendor": "glyphandcog",
"version": "2.02"
},
{
"_id": null,
"model": "poppler",
"scope": "eq",
"trust": 1.0,
"vendor": "poppler",
"version": "0.5.1"
},
{
"_id": null,
"model": "cups",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.1"
},
{
"_id": null,
"model": "cups",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.2.12"
},
{
"_id": null,
"model": "xpdfreader",
"scope": "eq",
"trust": 1.0,
"vendor": "glyphandcog",
"version": "0.92"
},
{
"_id": null,
"model": "poppler",
"scope": "eq",
"trust": 1.0,
"vendor": "poppler",
"version": "0.10.1"
},
{
"_id": null,
"model": "xpdf",
"scope": "eq",
"trust": 1.0,
"vendor": "foolabs",
"version": "0.92c"
},
{
"_id": null,
"model": "cups",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.3.6"
},
{
"_id": null,
"model": "xpdfreader",
"scope": "eq",
"trust": 1.0,
"vendor": "glyphandcog",
"version": "0.5"
},
{
"_id": null,
"model": "xpdf",
"scope": "eq",
"trust": 1.0,
"vendor": "foolabs",
"version": "0.92d"
},
{
"_id": null,
"model": "xpdfreader",
"scope": "eq",
"trust": 1.0,
"vendor": "glyphandcog",
"version": "2.03"
},
{
"_id": null,
"model": "xpdfreader",
"scope": "eq",
"trust": 1.0,
"vendor": "glyphandcog",
"version": "0.4"
},
{
"_id": null,
"model": "cups",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.1.1"
},
{
"_id": null,
"model": "cups",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.1.6"
},
{
"_id": null,
"model": "cups",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.1.12"
},
{
"_id": null,
"model": "poppler",
"scope": "eq",
"trust": 1.0,
"vendor": "poppler",
"version": "0.10.0"
},
{
"_id": null,
"model": "cups",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.2.8"
},
{
"_id": null,
"model": "poppler",
"scope": "eq",
"trust": 1.0,
"vendor": "poppler",
"version": "0.8.6"
},
{
"_id": null,
"model": "cups",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.1.17"
},
{
"_id": null,
"model": "poppler",
"scope": "eq",
"trust": 1.0,
"vendor": "poppler",
"version": "0.7.0"
},
{
"_id": null,
"model": "poppler",
"scope": "eq",
"trust": 1.0,
"vendor": "poppler",
"version": "0.4.3"
},
{
"_id": null,
"model": "poppler",
"scope": "eq",
"trust": 1.0,
"vendor": "poppler",
"version": "0.8.4"
},
{
"_id": null,
"model": "poppler",
"scope": "eq",
"trust": 1.0,
"vendor": "poppler",
"version": "0.6.4"
},
{
"_id": null,
"model": "cups",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.3.11"
},
{
"_id": null,
"model": "cups",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.1.16"
},
{
"_id": null,
"model": "poppler",
"scope": "eq",
"trust": 1.0,
"vendor": "poppler",
"version": "0.5.3"
},
{
"_id": null,
"model": "cups",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.1.3"
},
{
"_id": null,
"model": "xpdfreader",
"scope": "eq",
"trust": 1.0,
"vendor": "glyphandcog",
"version": "2.00"
},
{
"_id": null,
"model": "xpdf",
"scope": "eq",
"trust": 1.0,
"vendor": "foolabs",
"version": "0.5a"
},
{
"_id": null,
"model": "cups",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.1.13"
},
{
"_id": null,
"model": "cups",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.3.7"
},
{
"_id": null,
"model": "cups",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.1.5-1"
},
{
"_id": null,
"model": "cups",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.1.6-1"
},
{
"_id": null,
"model": "poppler",
"scope": "eq",
"trust": 1.0,
"vendor": "poppler",
"version": "0.9.0"
},
{
"_id": null,
"model": "xpdfreader",
"scope": "eq",
"trust": 1.0,
"vendor": "glyphandcog",
"version": "2.01"
},
{
"_id": null,
"model": "poppler",
"scope": "eq",
"trust": 1.0,
"vendor": "poppler",
"version": "0.10.4"
},
{
"_id": null,
"model": "poppler",
"scope": "eq",
"trust": 1.0,
"vendor": "poppler",
"version": "0.5.4"
},
{
"_id": null,
"model": "poppler",
"scope": "eq",
"trust": 1.0,
"vendor": "poppler",
"version": "0.8.1"
},
{
"_id": null,
"model": "cups",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.1.19"
},
{
"_id": null,
"model": "cups",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.1.23"
},
{
"_id": null,
"model": "cups",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.2.4"
},
{
"_id": null,
"model": "xpdfreader",
"scope": "eq",
"trust": 1.0,
"vendor": "glyphandcog",
"version": "3.01"
},
{
"_id": null,
"model": "cups",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.2.10"
},
{
"_id": null,
"model": "cups",
"scope": "lte",
"trust": 1.0,
"vendor": "apple",
"version": "1.3.9"
},
{
"_id": null,
"model": "cups",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.2.9"
},
{
"_id": null,
"model": "xpdfreader",
"scope": "eq",
"trust": 1.0,
"vendor": "glyphandcog",
"version": "0.2"
},
{
"_id": null,
"model": "cups",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.1.22"
},
{
"_id": null,
"model": "poppler",
"scope": "eq",
"trust": 1.0,
"vendor": "poppler",
"version": "0.5.0"
},
{
"_id": null,
"model": "poppler",
"scope": "eq",
"trust": 1.0,
"vendor": "poppler",
"version": "0.4.2"
},
{
"_id": null,
"model": "poppler",
"scope": "eq",
"trust": 1.0,
"vendor": "poppler",
"version": "0.8.5"
},
{
"_id": null,
"model": "xpdfreader",
"scope": "eq",
"trust": 1.0,
"vendor": "glyphandcog",
"version": "3.00"
},
{
"_id": null,
"model": "cups",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.3.1"
},
{
"_id": null,
"model": "cups",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.3.5"
},
{
"_id": null,
"model": "poppler",
"scope": "eq",
"trust": 1.0,
"vendor": "poppler",
"version": "0.10.3"
},
{
"_id": null,
"model": "cups",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.1.5"
},
{
"_id": null,
"model": "xpdfreader",
"scope": "lte",
"trust": 1.0,
"vendor": "glyphandcog",
"version": "3.02"
},
{
"_id": null,
"model": "poppler",
"scope": "eq",
"trust": 1.0,
"vendor": "poppler",
"version": "0.5.90"
},
{
"_id": null,
"model": "xpdf",
"scope": "eq",
"trust": 1.0,
"vendor": "foolabs",
"version": "0.91a"
},
{
"_id": null,
"model": "poppler",
"scope": "lte",
"trust": 1.0,
"vendor": "poppler",
"version": "0.10.5"
},
{
"_id": null,
"model": "poppler",
"scope": "eq",
"trust": 1.0,
"vendor": "poppler",
"version": "0.5.91"
},
{
"_id": null,
"model": "poppler",
"scope": "eq",
"trust": 1.0,
"vendor": "poppler",
"version": "0.6.3"
},
{
"_id": null,
"model": "xpdfreader",
"scope": "eq",
"trust": 1.0,
"vendor": "glyphandcog",
"version": "1.01"
},
{
"_id": null,
"model": "cups",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.2.5"
},
{
"_id": null,
"model": "cups",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.3.8"
},
{
"_id": null,
"model": "poppler",
"scope": "eq",
"trust": 1.0,
"vendor": "poppler",
"version": "0.8.7"
},
{
"_id": null,
"model": "cups",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.1.9"
},
{
"_id": null,
"model": "xpdf",
"scope": "eq",
"trust": 1.0,
"vendor": "foolabs",
"version": "0.93b"
},
{
"_id": null,
"model": "poppler",
"scope": "eq",
"trust": 1.0,
"vendor": "poppler",
"version": "0.7.3"
},
{
"_id": null,
"model": "cups",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.1.10"
},
{
"_id": null,
"model": "xpdfreader",
"scope": "eq",
"trust": 1.0,
"vendor": "glyphandcog",
"version": "0.90"
},
{
"_id": null,
"model": "poppler",
"scope": "eq",
"trust": 1.0,
"vendor": "poppler",
"version": "0.9.2"
},
{
"_id": null,
"model": "cups",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.1.9-1"
},
{
"_id": null,
"model": "cups",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.2.11"
},
{
"_id": null,
"model": "xpdfreader",
"scope": "eq",
"trust": 1.0,
"vendor": "glyphandcog",
"version": "0.6"
},
{
"_id": null,
"model": "cups",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.2.2"
},
{
"_id": null,
"model": "cups",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.2.3"
},
{
"_id": null,
"model": "poppler",
"scope": "eq",
"trust": 1.0,
"vendor": "poppler",
"version": "0.7.2"
},
{
"_id": null,
"model": "poppler",
"scope": "eq",
"trust": 1.0,
"vendor": "poppler",
"version": "0.4.4"
},
{
"_id": null,
"model": "poppler",
"scope": "eq",
"trust": 1.0,
"vendor": "poppler",
"version": "0.7.1"
},
{
"_id": null,
"model": "poppler",
"scope": "eq",
"trust": 1.0,
"vendor": "poppler",
"version": "0.8.0"
},
{
"_id": null,
"model": "cups",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.3.10"
},
{
"_id": null,
"model": "cups",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.1.5-2"
},
{
"_id": null,
"model": "xpdf",
"scope": "eq",
"trust": 1.0,
"vendor": "foolabs",
"version": "0.91b"
},
{
"_id": null,
"model": "xpdf",
"scope": "eq",
"trust": 1.0,
"vendor": "foolabs",
"version": "0.92b"
},
{
"_id": null,
"model": "cups",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.1.4"
},
{
"_id": null,
"model": "cups",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.1.21"
},
{
"_id": null,
"model": "poppler",
"scope": "eq",
"trust": 1.0,
"vendor": "poppler",
"version": "0.9.3"
},
{
"_id": null,
"model": "cups",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.2.0"
},
{
"_id": null,
"model": "cups",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.1.8"
},
{
"_id": null,
"model": "poppler",
"scope": "eq",
"trust": 1.0,
"vendor": "poppler",
"version": "0.5.2"
},
{
"_id": null,
"model": "cups",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.3.3"
},
{
"_id": null,
"model": "cups",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.3.2"
},
{
"_id": null,
"model": "xpdf",
"scope": "eq",
"trust": 1.0,
"vendor": "foolabs",
"version": "1.00a"
},
{
"_id": null,
"model": "xpdfreader",
"scope": "eq",
"trust": 1.0,
"vendor": "glyphandcog",
"version": "0.93"
},
{
"_id": null,
"model": "cups",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.1.2"
},
{
"_id": null,
"model": "poppler",
"scope": "eq",
"trust": 1.0,
"vendor": "poppler",
"version": "0.9.1"
},
{
"_id": null,
"model": "xpdfreader",
"scope": "eq",
"trust": 1.0,
"vendor": "glyphandcog",
"version": "0.91"
},
{
"_id": null,
"model": "poppler",
"scope": "eq",
"trust": 1.0,
"vendor": "poppler",
"version": "0.6.0"
},
{
"_id": null,
"model": "cups",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.2.6"
},
{
"_id": null,
"model": "cups",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.1.15"
},
{
"_id": null,
"model": "cups",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.3.4"
},
{
"_id": null,
"model": "xpdf",
"scope": "eq",
"trust": 1.0,
"vendor": "foolabs",
"version": "0.93c"
},
{
"_id": null,
"model": "xpdfreader",
"scope": "eq",
"trust": 1.0,
"vendor": "glyphandcog",
"version": "0.3"
},
{
"_id": null,
"model": "xpdfreader",
"scope": "eq",
"trust": 1.0,
"vendor": "glyphandcog",
"version": "0.80"
},
{
"_id": null,
"model": "poppler",
"scope": "eq",
"trust": 1.0,
"vendor": "poppler",
"version": "0.8.2"
},
{
"_id": null,
"model": "cups",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.1.6-2"
},
{
"_id": null,
"model": "xpdfreader",
"scope": "eq",
"trust": 1.0,
"vendor": "glyphandcog",
"version": "1.00"
},
{
"_id": null,
"model": "cups",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.2.7"
},
{
"_id": null,
"model": "cups",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.3.0"
},
{
"_id": null,
"model": "xpdf",
"scope": "eq",
"trust": 1.0,
"vendor": "foolabs",
"version": "0.92a"
},
{
"_id": null,
"model": "cups",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.1.14"
},
{
"_id": null,
"model": "poppler",
"scope": "eq",
"trust": 1.0,
"vendor": "poppler",
"version": "0.5.9"
},
{
"_id": null,
"model": "poppler",
"scope": "eq",
"trust": 1.0,
"vendor": "poppler",
"version": "0.6.1"
},
{
"_id": null,
"model": "poppler",
"scope": "eq",
"trust": 1.0,
"vendor": "poppler",
"version": "0.8.3"
},
{
"_id": null,
"model": "xpdf",
"scope": "eq",
"trust": 1.0,
"vendor": "foolabs",
"version": "0.7a"
},
{
"_id": null,
"model": "cups",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.2.1"
},
{
"_id": null,
"model": "poppler",
"scope": "eq",
"trust": 1.0,
"vendor": "poppler",
"version": "0.6.2"
},
{
"_id": null,
"model": "cups",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.1.11"
},
{
"_id": null,
"model": "xpdfreader",
"scope": "eq",
"trust": 1.0,
"vendor": "glyphandcog",
"version": "0.7"
},
{
"_id": null,
"model": "poppler",
"scope": "eq",
"trust": 1.0,
"vendor": "poppler",
"version": "0.10.2"
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "apple computer",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "debian gnu linux",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "fedora",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "gentoo linux",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "mandriva s a",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "novell",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "poppler",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "red hat",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "research in motion rim",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "suse linux",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "slackware linux",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "turbolinux",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ubuntu",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "xpdf",
"version": null
},
{
"_id": null,
"model": "cups",
"scope": "lte",
"trust": 0.8,
"vendor": "cups",
"version": "1.3.9"
},
{
"_id": null,
"model": "poppler",
"scope": "lt",
"trust": 0.8,
"vendor": "freedesktop",
"version": "0.10.6"
},
{
"_id": null,
"model": "xpdf",
"scope": "lte",
"trust": 0.8,
"vendor": "glyph cog",
"version": "3.02pl2"
},
{
"_id": null,
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "3 (x86)"
},
{
"_id": null,
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "3 (x86-64)"
},
{
"_id": null,
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "4.0"
},
{
"_id": null,
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "4.0 (x86-64)"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3 (as)"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3 (es)"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3 (ws)"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 (as)"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 (es)"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 (ws)"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4.7 (as)"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4.7 (es)"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4.8 (as)"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4.8 (es)"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5 (server)"
},
{
"_id": null,
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3.0"
},
{
"_id": null,
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4.0"
},
{
"_id": null,
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5.0 (client)"
},
{
"_id": null,
"model": "enterprise linux eus",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5.3.z (server)"
},
{
"_id": null,
"model": "rhel desktop workstation",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5 (client)"
},
{
"_id": null,
"model": "rhel optional productivity applications",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5 (server)"
},
{
"_id": null,
"model": "rhel optional productivity applications eus",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5.3.z (server)"
},
{
"_id": null,
"model": "infoframe documentskipper",
"scope": null,
"trust": 0.8,
"vendor": "nec",
"version": null
},
{
"_id": null,
"model": "infoframe imagingcore",
"scope": null,
"trust": 0.8,
"vendor": "nec",
"version": null
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#196617"
},
{
"db": "CNNVD",
"id": "CNNVD-200904-452"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-001264"
},
{
"db": "NVD",
"id": "CVE-2009-1180"
}
]
},
"configurations": {
"_id": null,
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:cups:cups",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:freedesktop:poppler",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:glyphandcog:xpdf",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:misc:miraclelinux_asianux_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:redhat:enterprise_linux",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:redhat:enterprise_linux_desktop",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:redhat:enterprise_linux_eus",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:redhat:rhel_desktop_workstation",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:rhel_optional_productivity_applications",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:rhel_optional_productivity_applications_eus",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:nec:infoframe_documentskipper",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:nec:infoframe_imagingcore",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2009-001264"
}
]
},
"credits": {
"_id": null,
"data": "Alin Rad Pop Will Dormann",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200904-452"
}
],
"trust": 0.6
},
"cve": "CVE-2009-1180",
"cvss": {
"_id": null,
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CVE-2009-1180",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.9,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CARNEGIE MELLON",
"availabilityImpact": "PARTIAL",
"availabilityRequirement": "NOT DEFINED",
"baseScore": 9.0,
"collateralDamagePotential": "NOT DEFINED",
"confidentialityImpact": "COMPLETE",
"confidentialityRequirement": "NOT DEFINED",
"enviromentalScore": 7.0,
"exploitability": "PROOF-OF-CONCEPT",
"exploitabilityScore": 8.6,
"id": "VU#196617",
"impactScore": 9.5,
"integrityImpact": "COMPLETE",
"integrityRequirement": "NOT DEFINED",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"remediationLevel": "OFFICIAL FIX",
"reportConfidence": "CONFIRMED",
"severity": "HIGH",
"targetDistribution": "NOT DEFINED",
"trust": 0.8,
"userInteractionRequired": null,
"vector_string": "AV:N/AC:M/Au:N/C:C/I:C/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "VHN-38626",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2009-1180",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#196617",
"trust": 0.8,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2009-1180",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-200904-452",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-38626",
"trust": 0.1,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2009-1180",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#196617"
},
{
"db": "VULHUB",
"id": "VHN-38626"
},
{
"db": "VULMON",
"id": "CVE-2009-1180"
},
{
"db": "CNNVD",
"id": "CNNVD-200904-452"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-001264"
},
{
"db": "NVD",
"id": "CVE-2009-1180"
}
]
},
"description": {
"_id": null,
"data": "The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allows remote attackers to execute arbitrary code via a crafted PDF file that triggers a free of invalid data. Xpdf is an open source viewer for Portable Document Format (PDF) files. A denial of service attack vulnerability exists in the JBIG2 decoder of Xpdf. \n-----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n______________________________________________________________________________\n\n SUSE Security Announcement\n\n Package: cups\n Announcement ID: SUSE-SA:2009:024\n Date: Wed, 22 Apr 2009 13:00:00 +0000\n Affected Products: openSUSE 10.3\n openSUSE 11.0\n openSUSE 11.1\n SUSE SLES 9\n Novell Linux Desktop 9\n Open Enterprise Server\n Novell Linux POS 9\n SUSE Linux Enterprise Desktop 10 SP2\n SUSE Linux Enterprise Server 10 SP2\n SLE 11\n Vulnerability Type: remote code execution\n Severity (1-10): 8 (critical)\n SUSE Default Package: yes\n Cross-References: CVE-2009-0146, CVE-2009-0147, CVE-2009-0163\n CVE-2009-0165, CVE-2009-0166, CVE-2009-0799\n CVE-2009-0800, CVE-2009-1179, CVE-2009-1180\n CVE-2009-1181, CVE-2009-1182, CVE-2009-1183\n\n Content of This Advisory:\n 1) Security Vulnerability Resolved:\n fixed remotely exploitable overflows\n Problem Description\n 2) Solution or Work-Around\n 3) Special Instructions and Notes\n 4) Package Location and Checksums\n 5) Pending Vulnerabilities, Solutions, and Work-Arounds:\n none\n 6) Authenticity Verification and Additional Information\n\n______________________________________________________________________________\n\n1) Problem Description and Brief Discussion\n\n The Common Unix Printing System, CUPS, is a printing server for unix-like\n operating systems. It allows a local user to print documents as well as\n remote users via port 631/tcp. \n\n There were two security vulnerabilities fixed in cups. \n\n The first one can be triggered by a specially crafted tiff file. This \n file could lead to an integer overflow in the \u0027imagetops\u0027 filter which \n caused an heap overflow later. \n This bug is probably exploitable remotely by users having remote access\n to the CUPS server and allows the execution of arbitrary code with the\n privileges of the cupsd process. (CVE-2009-0163)\n\n The second issue affects the JBIG2 decoding of the \u0027pdftops\u0027 filter. \n The JBIG2 decoding routines are vulnerable to various software failure\n types like integer and buffer overflows and it is believed to be exploit-\n able remotely to execute arbitrary code with the privileges of the cupsd\n process. \n (CVE-2009-0146, CVE-2009-0147, CVE-2009-0165, CVE-2009-0166, CVE-2009-0799,\n CVE-2009-0800, CVE-2009-1179, CVE-2009-1180, CVE-2009-1181, CVE-2009-1182,\n CVE-2009-1183)\n\n2) Solution or Work-Around\n\n none\n\n3) Special Instructions and Notes\n\n none\n\n4) Package Location and Checksums\n\n The preferred method for installing security updates is to use the YaST\n Online Update (YOU) tool. YOU detects which updates are required and\n automatically performs the necessary steps to verify and install them. \n Alternatively, download the update packages for your distribution manually\n and verify their integrity by the methods listed in Section 6 of this\n announcement. Then install the packages using the command\n\n rpm -Fhv \u003cfile.rpm\u003e\n\n to apply the update, replacing \u003cfile.rpm\u003e with the filename of the\n downloaded RPM package. \n\n \n x86 Platform:\n \n openSUSE 11.1:\n http://download.opensuse.org/debug/update/11.1/rpm/i586/cups-debuginfo-1.3.9-7.2.1.i586.rpm\n http://download.opensuse.org/debug/update/11.1/rpm/i586/cups-debugsource-1.3.9-7.2.1.i586.rpm\n http://download.opensuse.org/update/11.1/rpm/i586/cups-1.3.9-7.2.1.i586.rpm\n http://download.opensuse.org/update/11.1/rpm/i586/cups-client-1.3.9-7.2.1.i586.rpm\n http://download.opensuse.org/update/11.1/rpm/i586/cups-devel-1.3.9-7.2.1.i586.rpm\n http://download.opensuse.org/update/11.1/rpm/i586/cups-libs-1.3.9-7.2.1.i586.rpm\n \n openSUSE 11.0:\n http://download.opensuse.org/debug/update/11.0/rpm/i586/cups-debuginfo-1.3.7-25.8.i586.rpm\n http://download.opensuse.org/debug/update/11.0/rpm/i586/cups-debugsource-1.3.7-25.8.i586.rpm\n http://download.opensuse.org/update/11.0/rpm/i586/cups-1.3.7-25.8.i586.rpm\n http://download.opensuse.org/update/11.0/rpm/i586/cups-client-1.3.7-25.8.i586.rpm\n http://download.opensuse.org/update/11.0/rpm/i586/cups-devel-1.3.7-25.8.i586.rpm\n http://download.opensuse.org/update/11.0/rpm/i586/cups-libs-1.3.7-25.8.i586.rpm\n \n openSUSE 10.3:\n http://download.opensuse.org/update/10.3/rpm/i586/cups-1.2.12-22.21.i586.rpm\n http://download.opensuse.org/update/10.3/rpm/i586/cups-client-1.2.12-22.21.i586.rpm\n http://download.opensuse.org/update/10.3/rpm/i586/cups-devel-1.2.12-22.21.i586.rpm\n http://download.opensuse.org/update/10.3/rpm/i586/cups-libs-1.2.12-22.21.i586.rpm\n \n Power PC Platform:\n \n openSUSE 11.1:\n http://download.opensuse.org/debug/update/11.1/rpm/ppc/cups-debuginfo-1.3.9-7.2.1.ppc.rpm\n http://download.opensuse.org/debug/update/11.1/rpm/ppc/cups-debugsource-1.3.9-7.2.1.ppc.rpm\n http://download.opensuse.org/update/11.1/rpm/ppc/cups-1.3.9-7.2.1.ppc.rpm\n http://download.opensuse.org/update/11.1/rpm/ppc/cups-client-1.3.9-7.2.1.ppc.rpm\n http://download.opensuse.org/update/11.1/rpm/ppc/cups-devel-1.3.9-7.2.1.ppc.rpm\n http://download.opensuse.org/update/11.1/rpm/ppc/cups-libs-1.3.9-7.2.1.ppc.rpm\n http://download.opensuse.org/update/11.1/rpm/ppc/cups-libs-64bit-1.3.9-7.2.1.ppc.rpm\n \n openSUSE 11.0:\n http://download.opensuse.org/debug/update/11.0/rpm/ppc/cups-debuginfo-1.3.7-25.8.ppc.rpm\n http://download.opensuse.org/debug/update/11.0/rpm/ppc/cups-debugsource-1.3.7-25.8.ppc.rpm\n http://download.opensuse.org/update/11.0/rpm/ppc/cups-1.3.7-25.8.ppc.rpm\n http://download.opensuse.org/update/11.0/rpm/ppc/cups-client-1.3.7-25.8.ppc.rpm\n http://download.opensuse.org/update/11.0/rpm/ppc/cups-devel-1.3.7-25.8.ppc.rpm\n http://download.opensuse.org/update/11.0/rpm/ppc/cups-libs-1.3.7-25.8.ppc.rpm\n http://download.opensuse.org/update/11.0/rpm/ppc/cups-libs-64bit-1.3.7-25.8.ppc.rpm\n \n openSUSE 10.3:\n http://download.opensuse.org/update/10.3/rpm/ppc/cups-1.2.12-22.21.ppc.rpm\n http://download.opensuse.org/update/10.3/rpm/ppc/cups-client-1.2.12-22.21.ppc.rpm\n http://download.opensuse.org/update/10.3/rpm/ppc/cups-devel-1.2.12-22.21.ppc.rpm\n http://download.opensuse.org/update/10.3/rpm/ppc/cups-libs-1.2.12-22.21.ppc.rpm\n http://download.opensuse.org/update/10.3/rpm/ppc/cups-libs-64bit-1.2.12-22.21.ppc.rpm\n \n x86-64 Platform:\n \n openSUSE 11.1:\n http://download.opensuse.org/debug/update/11.1/rpm/x86_64/cups-debuginfo-1.3.9-7.2.1.x86_64.rpm\n http://download.opensuse.org/debug/update/11.1/rpm/x86_64/cups-debugsource-1.3.9-7.2.1.x86_64.rpm\n http://download.opensuse.org/update/11.1/rpm/x86_64/cups-1.3.9-7.2.1.x86_64.rpm\n http://download.opensuse.org/update/11.1/rpm/x86_64/cups-client-1.3.9-7.2.1.x86_64.rpm\n http://download.opensuse.org/update/11.1/rpm/x86_64/cups-devel-1.3.9-7.2.1.x86_64.rpm\n http://download.opensuse.org/update/11.1/rpm/x86_64/cups-libs-1.3.9-7.2.1.x86_64.rpm\n http://download.opensuse.org/update/11.1/rpm/x86_64/cups-libs-32bit-1.3.9-7.2.1.x86_64.rpm\n \n openSUSE 11.0:\n http://download.opensuse.org/debug/update/11.0/rpm/x86_64/cups-debuginfo-1.3.7-25.8.x86_64.rpm\n http://download.opensuse.org/debug/update/11.0/rpm/x86_64/cups-debugsource-1.3.7-25.8.x86_64.rpm\n http://download.opensuse.org/update/11.0/rpm/x86_64/cups-1.3.7-25.8.x86_64.rpm\n http://download.opensuse.org/update/11.0/rpm/x86_64/cups-client-1.3.7-25.8.x86_64.rpm\n http://download.opensuse.org/update/11.0/rpm/x86_64/cups-devel-1.3.7-25.8.x86_64.rpm\n http://download.opensuse.org/update/11.0/rpm/x86_64/cups-libs-1.3.7-25.8.x86_64.rpm\n http://download.opensuse.org/update/11.0/rpm/x86_64/cups-libs-32bit-1.3.7-25.8.x86_64.rpm\n \n openSUSE 10.3:\n http://download.opensuse.org/update/10.3/rpm/x86_64/cups-1.2.12-22.21.x86_64.rpm\n http://download.opensuse.org/update/10.3/rpm/x86_64/cups-client-1.2.12-22.21.x86_64.rpm\n http://download.opensuse.org/update/10.3/rpm/x86_64/cups-devel-1.2.12-22.21.x86_64.rpm\n http://download.opensuse.org/update/10.3/rpm/x86_64/cups-libs-1.2.12-22.21.x86_64.rpm\n http://download.opensuse.org/update/10.3/rpm/x86_64/cups-libs-32bit-1.2.12-22.21.x86_64.rpm\n \n Sources:\n \n openSUSE 11.1:\n http://download.opensuse.org/update/11.1/rpm/src/cups-1.3.9-7.2.1.src.rpm\n \n openSUSE 11.0:\n http://download.opensuse.org/update/11.0/rpm/src/cups-1.3.7-25.8.src.rpm\n \n openSUSE 10.3:\n http://download.opensuse.org/update/10.3/rpm/src/cups-1.2.12-22.21.src.rpm\n \n Our maintenance customers are notified individually. The packages are\n offered for installation from the maintenance web:\n \n Open Enterprise Server\n http://download.novell.com/index.jsp?search=Search\u0026set_restricted=true\u0026keywords=403675f837530f047eb825dcb7428cf3\n \n Novell Linux POS 9\n http://download.novell.com/index.jsp?search=Search\u0026set_restricted=true\u0026keywords=403675f837530f047eb825dcb7428cf3\n \n Novell Linux Desktop 9\n http://download.novell.com/index.jsp?search=Search\u0026set_restricted=true\u0026keywords=403675f837530f047eb825dcb7428cf3\n \n SUSE SLES 9\n http://download.novell.com/index.jsp?search=Search\u0026set_restricted=true\u0026keywords=403675f837530f047eb825dcb7428cf3\n \n SUSE Linux Enterprise Server 10 SP2\n http://download.novell.com/index.jsp?search=Search\u0026set_restricted=true\u0026keywords=a777264f13a7d9d882a7d024d831be1f\n \n SUSE Linux Enterprise Desktop 10 SP2\n http://download.novell.com/index.jsp?search=Search\u0026set_restricted=true\u0026keywords=a777264f13a7d9d882a7d024d831be1f\n \n SLES 11\n http://download.novell.com/index.jsp?search=Search\u0026set_restricted=true\u0026keywords=22d7a0746f9c204f5ecc1395385739f7\n \n SLED 11\n http://download.novell.com/index.jsp?search=Search\u0026set_restricted=true\u0026keywords=22d7a0746f9c204f5ecc1395385739f7\n \n SLE 11\n http://download.novell.com/index.jsp?search=Search\u0026set_restricted=true\u0026keywords=22d7a0746f9c204f5ecc1395385739f7\n \n SLES 11 DEBUGINFO\n http://download.novell.com/index.jsp?search=Search\u0026set_restricted=true\u0026keywords=22d7a0746f9c204f5ecc1395385739f7\n\n______________________________________________________________________________\n\n5) Pending Vulnerabilities, Solutions, and Work-Arounds:\n\n none\n______________________________________________________________________________\n\n6) Authenticity Verification and Additional Information\n\n - Announcement authenticity verification:\n\n SUSE security announcements are published via mailing lists and on Web\n sites. The authenticity and integrity of a SUSE security announcement is\n guaranteed by a cryptographic signature in each announcement. All SUSE\n security announcements are published with a valid signature. \n\n To verify the signature of the announcement, save it as text into a file\n and run the command\n\n gpg --verify \u003cfile\u003e\n\n replacing \u003cfile\u003e with the name of the file where you saved the\n announcement. The output for a valid signature looks like:\n\n gpg: Signature made \u003cDATE\u003e using RSA key ID 3D25D3D9\n gpg: Good signature from \"SuSE Security Team \u003csecurity@suse.de\u003e\"\n\n where \u003cDATE\u003e is replaced by the date the document was signed. \n\n If the security team\u0027s key is not contained in your key ring, you can\n import it from the first installation CD. To import the key, use the\n command\n\n gpg --import gpg-pubkey-3d25d3d9-36e12d04.asc\n\n - Package authenticity verification:\n\n SUSE update packages are available on many mirror FTP servers all over the\n world. While this service is considered valuable and important to the free\n and open source software community, the authenticity and the integrity of\n a package needs to be verified to ensure that it has not been tampered\n with. \n\n The internal rpm package signatures provide an easy way to verify the\n authenticity of an RPM package. Use the command\n\n rpm -v --checksig \u003cfile.rpm\u003e\n\n to verify the signature of the package, replacing \u003cfile.rpm\u003e with the\n filename of the RPM package downloaded. The package is unmodified if it\n contains a valid signature from build@suse.de with the key ID 9C800ACA. \n\n This key is automatically imported into the RPM database (on\n RPMv4-based distributions) and the gpg key ring of \u0027root\u0027 during\n installation. You can also find it on the first installation CD and at\n the end of this announcement. \n\n - SUSE runs two security mailing lists to which any interested party may\n subscribe:\n\n opensuse-security@opensuse.org\n - General Linux and SUSE security discussion. \n All SUSE security announcements are sent to this list. \n To subscribe, send an e-mail to\n \u003copensuse-security+subscribe@opensuse.org\u003e. \n\n opensuse-security-announce@opensuse.org\n - SUSE\u0027s announce-only mailing list. \n Only SUSE\u0027s security announcements are sent to this list. \n To subscribe, send an e-mail to\n \u003copensuse-security-announce+subscribe@opensuse.org\u003e. \n\n =====================================================================\n SUSE\u0027s security contact is \u003csecurity@suse.com\u003e or \u003csecurity@suse.de\u003e. \n The \u003csecurity@suse.de\u003e public key is listed below. \n =====================================================================\n______________________________________________________________________________\n\n The information in this advisory may be distributed or reproduced,\n provided that the advisory is not modified in any way. In particular, the\n clear text signature should show proof of the authenticity of the text. \n\n SUSE Linux Products GmbH provides no warranties of any kind whatsoever\n with respect to the information contained in this security advisory. \n\nType Bits/KeyID Date User ID\npub 2048R/3D25D3D9 1999-03-06 SuSE Security Team \u003csecurity@suse.de\u003e\npub 1024D/9C800ACA 2000-10-19 SuSE Package Signing Key \u003cbuild@suse.de\u003e\n\n- -----BEGIN PGP PUBLIC KEY BLOCK-----\nVersion: GnuPG v1.4.2 (GNU/Linux)\n\nmQENAzbhLQQAAAEIAKAkXHe0lWRBXLpn38hMHy03F0I4Sszmoc8aaKJrhfhyMlOA\nBqvklPLE2f9UrI4Xc860gH79ZREwAgPt0pi6+SleNFLNcNFAuuHMLQOOsaMFatbz\nJR9i4m/lf6q929YROu5zB48rBAlcfTm+IBbijaEdnqpwGib45wE/Cfy6FAttBHQh\n1Kp+r/jPbf1mYAvljUfHKuvbg8t2EIQz/5yGp+n5trn9pElfQO2cRBq8LFpf1l+U\nP7EKjFmlOq+Gs/fF98/dP3DfniSd78LQPq5vp8RL8nr/o2i7jkAQ33m4f1wOBWd+\ncZovrKXYlXiR+Bf7m2hpZo+/sAzhd7LmAD0l09kABRG0JVN1U0UgU2VjdXJpdHkg\nVGVhbSA8c2VjdXJpdHlAc3VzZS5kZT6JARUDBRA24S1H5Fiyh7HKPEUBAVcOB/9b\nyHYji1/+4Xc2GhvXK0FSJN0MGgeXgW47yxDL7gmR4mNgjlIOUHZj0PEpVjWepOJ7\ntQS3L9oP6cpj1Fj/XxuLbkp5VCQ61hpt54coQAvYrnT9rtWEGN+xmwejT1WmYmDJ\nxG+EGBXKr+XP69oIUl1E2JO3rXeklulgjqRKos4cdXKgyjWZ7CP9V9daRXDtje63\nOm8gwSdU/nCvhdRIWp/Vwbf7Ia8iZr9OJ5YuQl0DBG4qmGDDrvImgPAFkYFzwlqo\nchoXFQ9y0YVCV41DnR+GYhwl2qBd81T8aXhihEGPIgaw3g8gd8B5o6mPVgl+nJqI\nBkEYGBusiag2pS6qwznZiQEVAwUQNuEtBHey5gA9JdPZAQFtOAf+KVh939b0J94u\nv/kpg4xs1LthlhquhbHcKNoVTNspugiC3qMPyvSX4XcBr2PC0cVkS4Z9PY9iCfT+\nx9WM96g39dAF+le2CCx7XISk9XXJ4ApEy5g4AuK7NYgAJd39PPbERgWnxjxir9g0\nIx30dS30bW39D+3NPU5Ho9TD/B7UDFvYT5AWHl3MGwo3a1RhTs6sfgL7yQ3U+mvq\nMkTExZb5mfN1FeaYKMopoI4VpzNVeGxQWIz67VjJHVyUlF20ekOz4kWVgsxkc8G2\nsaqZd6yv2EwqYTi8BDAduweP33KrQc4KDDommQNDOXxaKOeCoESIdM4p7Esdjq1o\nL0oixF12CohGBBARAgAGBQI7HmHDAAoJEJ5A4xAACqukTlQAoI4QzP9yjPohY7OU\nF7J3eKBTzp25AJ42BmtSd3pvm5ldmognWF3Trhp+GYkAlQMFEDe3O8IWkDf+zvyS\nFQEBAfkD/3GG5UgJj18UhYmh1gfjIlDcPAeqMwSytEHDENmHC+vlZQ/p0mT9tPiW\ntp34io54mwr+bLPN8l6B5GJNkbGvH6M+mO7R8Lj4nHL6pyAv3PQr83WyLHcaX7It\nKlj371/4yzKV6qpz43SGRK4MacLo2rNZ/dNej7lwPCtzCcFYwqkiiEYEEBECAAYF\nAjoaQqQACgkQx1KqMrDf94ArewCfWnTUDG5gNYkmHG4bYL8fQcizyA4An2eVo/n+\n3J2KRWSOhpAMsnMxtPbBmQGiBDnu9IERBACT8Y35+2vv4MGVKiLEMOl9GdST6MCk\nYS3yEKeueNWc+z/0Kvff4JctBsgs47tjmiI9sl0eHjm3gTR8rItXMN6sJEUHWzDP\n+Y0PFPboMvKx0FXl/A0dM+HFrruCgBlWt6FA+okRySQiliuI5phwqkXefl9AhkwR\n8xocQSVCFxcwvwCglVcOQliHu8jwRQHxlRE0tkwQQI0D+wfQwKdvhDplxHJ5nf7U\n8c/yE/vdvpN6lF0tmFrKXBUX+K7u4ifrZlQvj/81M4INjtXreqDiJtr99Rs6xa0S\ncZqITuZC4CWxJa9GynBED3+D2t1V/f8l0smsuYoFOF7Ib49IkTdbtwAThlZp8bEh\nELBeGaPdNCcmfZ66rKUdG5sRA/9ovnc1krSQF2+sqB9/o7w5/q2qiyzwOSTnkjtB\nUVKn4zLUOf6aeBAoV6NMCC3Kj9aZHfA+ND0ehPaVGJgjaVNFhPi4x0e7BULdvgOo\nAqajLfvkURHAeSsxXIoEmyW/xC1sBbDkDUIBSx5oej73XCZgnj/inphRqGpsb+1n\nKFvF+rQoU3VTRSBQYWNrYWdlIFNpZ25pbmcgS2V5IDxidWlsZEBzdXNlLmRlPohi\nBBMRAgAiBQJA2AY+AhsDBQkObd+9BAsHAwIDFQIDAxYCAQIeAQIXgAAKCRCoTtro\nnIAKypCfAJ9RuZ6ZSV7QW4pTgTIxQ+ABPp0sIwCffG9bCNnrETPlgOn+dGEkAWeg\nKL+IRgQQEQIABgUCOnBeUgAKCRCeQOMQAAqrpNzOAKCL512FZvv4VZx94TpbA9lx\nyoAejACeOO1HIbActAevk5MUBhNeLZa/qM2JARUDBRA6cGBvd7LmAD0l09kBATWn\nB/9An5vfiUUE1VQnt+T/EYklES3tXXaJJp9pHMa4fzFa8jPVtv5UBHGee3XoUNDV\nwM2OgSEISZxbzdXGnqIlcT08TzBUD9i579uifklLsnr35SJDZ6ram51/CWOnnaVh\nUzneOA9gTPSr+/fT3WeVnwJiQCQ30kNLWVXWATMnsnT486eAOlT6UNBPYQLpUprF\n5Yryk23pQUPAgJENDEqeU6iIO9Ot1ZPtB0lniw+/xCi13D360o1tZDYOp0hHHJN3\nD3EN8C1yPqZd5CvvznYvB6bWBIpWcRgdn2DUVMmpU661jwqGlRz1F84JG/xe4jGu\nzgpJt9IXSzyohEJB6XG5+D0BuQINBDnu9JIQCACEkdBN6Mxf5WvqDWkcMRy6wnrd\n9DYJ8UUTmIT2iQf07tRUKJJ9v0JXfx2Z4d08IQSMNRaq4VgSe+PdYgIy0fbj23Vi\na5/gO7fJEpD2hd2f+pMnOWvH2rOOIbeYfuhzAc6BQjAKtmgR0ERUTafTM9Wb6F13\nCNZZNZfDqnFDP6L12w3z3F7FFXkz07Rs3AIto1ZfYZd4sCSpMr/0S5nLrHbIvGLp\n271hhQBeRmmoGEKO2JRelGgUJ2CUzOdtwDIKT0LbCpvaP8PVnYF5IFoYJIWRHqlE\nt5ucTXstZy7vYjL6vTP4l5xs+LIOkNmPhqmfsgLzVo0UaLt80hOwc4NvDCOLAAMG\nB/9g+9V3ORzw4LvO1pwRYJqfDKUq/EJ0rNMMD4N8RLpZRhKHKJUm9nNHLbksnlZw\nrbSTM5LpC/U6sheLP+l0bLVoq0lmsCcUSyh+mY6PxWirLIWCn/IAZAGnXb6Zd6Tt\nIJlGG6pqUN8QxGJYQnonl0uTJKHJENbI9sWHQdcTtBMc34gorHFCo1Bcvpnc1LFL\nrWn7mfoGx6INQjf3HGQpMXAWuSBQhzkazY6vaWFpa8bBJ+gKbBuySWzNm3rFtT5H\nRKMWpO+M9bHp4d+puY0L1YwN1OMatcMMpcWnZpiWiR83oi32+xtWUY2U7Ae38mMa\ng8zFbpeqPQUsDv9V7CAJ1dbriEwEGBECAAwFAkDYBnoFCQ5t3+gACgkQqE7a6JyA\nCspnpgCfRbYwxT3iq+9l/PgNTUNTZOlof2oAn25y0eGi0371jap9kOV6uq71sUuO\n=ypVs\n- -----END PGP PUBLIC KEY BLOCK-----\n\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.5 (GNU/Linux)\n\niQEVAwUBSe8qrney5gA9JdPZAQI4aQf/e938Hr+O1QYi9y5cm9ycOcaFHWx0oZED\nyyOc4lUYZrb7qjmErPHfpoMR9c2XZlmESwKY0RZjddxe+vINDrOcMuI4nrp12ObP\nuYvSAAz3xgpXzVtW5B/90ihHJAqHAnwOsdO8adt6PtKCt7T2gMPuQV0RSz3BRy//\nqtBHDNyTBRPK7ex/YKUyQAbNENQUa3r9BaHpTHWjscfCoQch4Wz5hmLKv/n7eYdj\nCFetsr6zu3hn3isKD8EPTIMbkpaYBMxp53UnNiRmVRy0Gb7zlBz5ByYQaYY+YKf/\nOZ+ZHRTuDsNbAT03QtkvML3yqr3Yobb39DFa+cSsH2c9xTdwWdzSAg==\n=ZnS5\n-----END PGP SIGNATURE-----\n\n_______________________________________________\nFull-Disclosure - We believe in it. \nCharter: http://lists.grok.org.uk/full-disclosure-charter.html\nHosted and sponsored by Secunia - http://secunia.com/\n. ===========================================================\nUbuntu Security Notice USN-759-1 April 16, 2009\npoppler vulnerabilities\nCVE-2009-0146, CVE-2009-0147, CVE-2009-0166, CVE-2009-0799,\nCVE-2009-0800, CVE-2009-1179, CVE-2009-1180, CVE-2009-1181,\nCVE-2009-1182, CVE-2009-1183, CVE-2009-1187, CVE-2009-1188\n===========================================================\n\nA security issue affects the following Ubuntu releases:\n\nUbuntu 6.06 LTS\nUbuntu 8.04 LTS\nUbuntu 8.10\n\nThis advisory also applies to the corresponding versions of\nKubuntu, Edubuntu, and Xubuntu. \n\nThe problem can be corrected by upgrading your system to the\nfollowing package versions:\n\nUbuntu 6.06 LTS:\n libpoppler1 0.5.1-0ubuntu7.5\n libpoppler1-glib 0.5.1-0ubuntu7.5\n\nUbuntu 8.04 LTS:\n libpoppler-glib2 0.6.4-1ubuntu3.2\n libpoppler2 0.6.4-1ubuntu3.2\n\nUbuntu 8.10:\n libpoppler-glib3 0.8.7-1ubuntu0.2\n libpoppler3 0.8.7-1ubuntu0.2\n\nIn general, a standard system upgrade is sufficient to effect the\nnecessary changes. \n\nDetails follow:\n\nWill Dormann, Alin Rad Pop, Braden Thomas, and Drew Yao discovered that\npoppler contained multiple security issues in its JBIG2 decoder. \n-----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n _______________________________________________________________________\n\n Mandriva Linux Security Advisory MDVSA-2010:055\n http://www.mandriva.com/security/\n _______________________________________________________________________\n\n Package : poppler\n Date : March 4, 2010\n Affected: 2008.0\n _______________________________________________________________________\n\n Problem Description:\n\n An out-of-bounds reading flaw in the JBIG2 decoder allows remote\n attackers to cause a denial of service (crash) via a crafted PDF file\n (CVE-2009-0799). NOTE: some of these details are obtained\n from third party information. NOTE: this issue reportedly exists\n because of an incomplete fix for CVE-2009-1188 (CVE-2009-3603). NOTE: this may overlap CVE-2009-0791\n (CVE-2009-3605). NOTE:\n some of these details are obtained from third party information\n (CVE-2009-3607). \n This update provides fixes for that vulnerabilities. \n _______________________________________________________________________\n\n References:\n\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0799\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0800\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1179\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1180\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1181\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1182\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1183\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1188\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3603\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3604\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3605\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3606\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3607\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3608\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3609\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3938\n _______________________________________________________________________\n\n Updated Packages:\n\n Mandriva Linux 2008.0:\n 0b4c544fea742c847cb56b9fbc33f412 2008.0/i586/libpoppler3-0.8.7-2.4mdv2008.0.i586.rpm\n b991aecb282a882f6ee5640bcc832e5d 2008.0/i586/libpoppler-devel-0.8.7-2.4mdv2008.0.i586.rpm\n afe27149192bdca20b911965febc5ee2 2008.0/i586/libpoppler-glib3-0.8.7-2.4mdv2008.0.i586.rpm\n 379d7bdd3dde6cbf9bd43c7b9e2723c3 2008.0/i586/libpoppler-glib-devel-0.8.7-2.4mdv2008.0.i586.rpm\n d7f58c500ff93f75998e1a0ba8e05c9e 2008.0/i586/libpoppler-qt2-0.8.7-2.4mdv2008.0.i586.rpm\n 64a5f31e3feb593c1ce0be10a24aec43 2008.0/i586/libpoppler-qt4-3-0.8.7-2.4mdv2008.0.i586.rpm\n 5e3182c22daabbf93056b8a94545fbd9 2008.0/i586/libpoppler-qt4-devel-0.8.7-2.4mdv2008.0.i586.rpm\n 9eaa15826e2ab184de24cf0b1aeda2e6 2008.0/i586/libpoppler-qt-devel-0.8.7-2.4mdv2008.0.i586.rpm\n 53fa179984dc9c0442292a77bab496b0 2008.0/i586/poppler-0.8.7-2.4mdv2008.0.i586.rpm \n c8146a94a038650fc5a1704196b1b087 2008.0/SRPMS/poppler-0.8.7-2.4mdv2008.0.src.rpm\n\n Mandriva Linux 2008.0/X86_64:\n ebde9bf055ba6854f7348da4dd2ba7b4 2008.0/x86_64/lib64poppler3-0.8.7-2.4mdv2008.0.x86_64.rpm\n c200ff892641cebd5e49ebc2d05fb1c0 2008.0/x86_64/lib64poppler-devel-0.8.7-2.4mdv2008.0.x86_64.rpm\n 6ee35af2904995be70a1d83adc2a2d86 2008.0/x86_64/lib64poppler-glib3-0.8.7-2.4mdv2008.0.x86_64.rpm\n a4ad93d7caf1bfaa25f1e511da8c9208 2008.0/x86_64/lib64poppler-glib-devel-0.8.7-2.4mdv2008.0.x86_64.rpm\n 86205b42fd719dd722799de7f215d021 2008.0/x86_64/lib64poppler-qt2-0.8.7-2.4mdv2008.0.x86_64.rpm\n 523f9debc4c5db056eb5484aa066960e 2008.0/x86_64/lib64poppler-qt4-3-0.8.7-2.4mdv2008.0.x86_64.rpm\n 79a6a65ada1a4e4573d9ca50ea1995f0 2008.0/x86_64/lib64poppler-qt4-devel-0.8.7-2.4mdv2008.0.x86_64.rpm\n ea0e41c890b571f6bbc217983aa2f3ec 2008.0/x86_64/lib64poppler-qt-devel-0.8.7-2.4mdv2008.0.x86_64.rpm\n 2086f89f02c674a8428f9d88d9e3c8d2 2008.0/x86_64/poppler-0.8.7-2.4mdv2008.0.x86_64.rpm \n c8146a94a038650fc5a1704196b1b087 2008.0/SRPMS/poppler-0.8.7-2.4mdv2008.0.src.rpm\n _______________________________________________________________________\n\n To upgrade automatically use MandrivaUpdate or urpmi. The verification\n of md5 checksums and GPG signatures is performed automatically for you. \n\n All packages are signed by Mandriva for security. (CVE-2009-0163)\n \n Integer overflow in the JBIG2 decoder in Xpdf 3.02pl2 and earlier,\n as used in Poppler and other products, when running on Mac OS X,\n has unspecified impact, related to g*allocn. \n\n Update:\n\n Packages for 2008.0 are being provided due to extended support for\n Corporate products. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 201310-03\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n http://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: Normal\n Title: Poppler: Multiple vulnerabilities\n Date: October 06, 2013\n Bugs: #263028, #290430, #290464, #308017, #338878, #352581,\n #459866, #480366\n ID: 201310-03\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nMultiple vulnerabilities have been found in Poppler, some of which may\nallow execution of arbitrary code. \n\nBackground\n==========\n\nPoppler is a cross-platform PDF rendering library originally based on\nXpdf. \n\nAffected packages\n=================\n\n -------------------------------------------------------------------\n Package / Vulnerable / Unaffected\n -------------------------------------------------------------------\n 1 app-text/poppler \u003c 0.22.2-r1 \u003e= 0.22.2-r1\n\nDescription\n===========\n\nMultiple vulnerabilities have been discovered in Poppler. Please review\nthe CVE identifiers referenced below for details. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll Poppler users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=app-text/poppler-0.22.2-r1\"\n\nReferences\n==========\n\n[ 1 ] CVE-2009-0146\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0146\n[ 2 ] CVE-2009-0147\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0147\n[ 3 ] CVE-2009-0165\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0165\n[ 4 ] CVE-2009-0166\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0166\n[ 5 ] CVE-2009-0195\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0195\n[ 6 ] CVE-2009-0799\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0799\n[ 7 ] CVE-2009-0800\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0800\n[ 8 ] CVE-2009-1179\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1179\n[ 9 ] CVE-2009-1180\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1180\n[ 10 ] CVE-2009-1181\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1181\n[ 11 ] CVE-2009-1182\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1182\n[ 12 ] CVE-2009-1183\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1183\n[ 13 ] CVE-2009-1187\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1187\n[ 14 ] CVE-2009-1188\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1188\n[ 15 ] CVE-2009-3603\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3603\n[ 16 ] CVE-2009-3604\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3604\n[ 17 ] CVE-2009-3605\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3605\n[ 18 ] CVE-2009-3606\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3606\n[ 19 ] CVE-2009-3607\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3607\n[ 20 ] CVE-2009-3608\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3608\n[ 21 ] CVE-2009-3609\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3609\n[ 22 ] CVE-2009-3938\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3938\n[ 23 ] CVE-2010-3702\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3702\n[ 24 ] CVE-2010-3703\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3703\n[ 25 ] CVE-2010-3704\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3704\n[ 26 ] CVE-2010-4653\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4653\n[ 27 ] CVE-2010-4654\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4654\n[ 28 ] CVE-2012-2142\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2142\n[ 29 ] CVE-2013-1788\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1788\n[ 30 ] CVE-2013-1789\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1789\n[ 31 ] CVE-2013-1790\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1790\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-201310-03.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2013 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n. \n \n This update upgrades KDE in Mandriva Linux 2008.0 to version 3.5.10,\n which brings many bugfixes, overall improvements and many security\n fixes. \n\nFor the old stable distribution (etch), these problems have been fixed in version\n3.01-9.1+etch6. \n\nFor the stable distribution (lenny), these problems have been fixed in version\n3.02-1.4+lenny1. \n\nFor the unstable distribution (sid), these problems will be fixed in a\nforthcoming version. \n\nWe recommend that you upgrade your xpdf packages. \n\nUpgrade instructions\n- --------------------\n\nwget url\n will fetch the file for you\ndpkg -i file.deb\n will install the referenced file. \n\nIf you are using the apt-get package manager, use the line for\nsources.list as given below:\n\napt-get update\n will update the internal database\napt-get upgrade\n will install corrected packages\n\nYou may use an automated update by adding the resources from the\nfooter to the proper configuration. \n\n\nDebian GNU/Linux 4.0 alias etch\n- -------------------------------\n\nDebian GNU/Linux 5.0 alias lenny\n- --------------------------------\n\nDebian (oldstable)\n- ------------------\n\nOldstable updates are available for alpha, amd64, arm, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc. \n\nSource archives:\n\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf_3.01-9.1+etch6.dsc\n Size/MD5 checksum: 974 9c04059981f8b036d7e6e39c7f0aeb21\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf_3.01-9.1+etch6.diff.gz\n Size/MD5 checksum: 46835 c69a67b9ff487403e7c3ff819c6ff734\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf_3.01.orig.tar.gz\n Size/MD5 checksum: 599778 e004c69c7dddef165d768b1362b44268\n\nArchitecture independent packages:\n\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf-common_3.01-9.1+etch6_all.deb\n Size/MD5 checksum: 62834 dd8f37161c3b2430cb1cd65c911e9f86\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf_3.01-9.1+etch6_all.deb\n Size/MD5 checksum: 1278 d6da8e00b02ab3f17ec44b90fff6bb30\n\nalpha architecture (DEC Alpha)\n\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.01-9.1+etch6_alpha.deb\n Size/MD5 checksum: 920352 83b7d74d9ebae9b26da91de7c91d3502\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.01-9.1+etch6_alpha.deb\n Size/MD5 checksum: 1687294 9862913548fff9bfda37a6fe075df5b0\n\namd64 architecture (AMD x86_64 (AMD64))\n\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.01-9.1+etch6_amd64.deb\n Size/MD5 checksum: 809202 171520d7642019943bfe7166876f5da5\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.01-9.1+etch6_amd64.deb\n Size/MD5 checksum: 1493308 9575f135e9ec312f9e6d7d2517dd8f5b\n\narm architecture (ARM)\n\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.01-9.1+etch6_arm.deb\n Size/MD5 checksum: 803714 6db06ffcba7f6d7576ed356e7989557d\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.01-9.1+etch6_arm.deb\n Size/MD5 checksum: 1468616 9afde01dda379acd4e7edfbccc7c7b2d\n\nhppa architecture (HP PA RISC)\n\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.01-9.1+etch6_hppa.deb\n Size/MD5 checksum: 1773794 c9012a9d3919ec40dcea1264ac27a6fe\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.01-9.1+etch6_hppa.deb\n Size/MD5 checksum: 963060 565daaf6f15ff7593d560ef7a2f94364\n\ni386 architecture (Intel ia32)\n\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.01-9.1+etch6_i386.deb\n Size/MD5 checksum: 796992 5270bef04f1c2e924b813dffe6050d89\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.01-9.1+etch6_i386.deb\n Size/MD5 checksum: 1458826 b2f3cbaac0ffcce0bb8d7e656bf11b02\n\nia64 architecture (Intel ia64)\n\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.01-9.1+etch6_ia64.deb\n Size/MD5 checksum: 1217142 afeaf9bfc66ebb69767703bfb30bbd4c\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.01-9.1+etch6_ia64.deb\n Size/MD5 checksum: 2218472 6545e9b6f58a84c0daa76baa8a0db629\n\nmipsel architecture (MIPS (Little Endian))\n\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.01-9.1+etch6_mipsel.deb\n Size/MD5 checksum: 946638 5323268be89e54c5c8eb7ae13f0eab14\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.01-9.1+etch6_mipsel.deb\n Size/MD5 checksum: 1721268 0b710c0bcc6ffefe29f683ab09d3cbe8\n\npowerpc architecture (PowerPC)\n\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.01-9.1+etch6_powerpc.deb\n Size/MD5 checksum: 1554798 eadd6236b778761086d436dd8db986e4\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.01-9.1+etch6_powerpc.deb\n Size/MD5 checksum: 849204 d22f5d59f03d6484e149d7536a25a517\n\ns390 architecture (IBM S/390)\n\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.01-9.1+etch6_s390.deb\n Size/MD5 checksum: 1401814 0e3f588c64e8fa9a102ebcae29c4d807\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.01-9.1+etch6_s390.deb\n Size/MD5 checksum: 767392 4b7c1a868f2f909c2dce25087da77817\n\nsparc architecture (Sun SPARC/UltraSPARC)\n\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.01-9.1+etch6_sparc.deb\n Size/MD5 checksum: 1394680 8b17e2339e2a908a610271eb678495b1\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.01-9.1+etch6_sparc.deb\n Size/MD5 checksum: 763618 f3897333018702ee926e41ca5f58dc92\n\nDebian (stable)\n- ---------------\n\nStable updates are available for alpha, amd64, arm, armel, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc. \n\nSource archives:\n\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf_3.02-1.4+lenny1.dsc\n Size/MD5 checksum: 1266 faeebc4dfc74129ca708a6345bb483f7\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf_3.02.orig.tar.gz\n Size/MD5 checksum: 674912 599dc4cc65a07ee868cf92a667a913d2\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf_3.02-1.4+lenny1.diff.gz\n Size/MD5 checksum: 42280 362f72e95494f51a19eeb898b9a527ac\n\nArchitecture independent packages:\n\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf-common_3.02-1.4+lenny1_all.deb\n Size/MD5 checksum: 67664 b5f063bf32cbeaf1aaeec315dc8aff0a\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf_3.02-1.4+lenny1_all.deb\n Size/MD5 checksum: 1268 f67780458dac3c38cd59bfde186f9a3b\n\nalpha architecture (DEC Alpha)\n\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.02-1.4+lenny1_alpha.deb\n Size/MD5 checksum: 1896344 f65f591413c25a23ea2aaccba2b5b634\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.02-1.4+lenny1_alpha.deb\n Size/MD5 checksum: 1018434 cb679c93bbc428ea852bd4ef3103e42d\n\namd64 architecture (AMD x86_64 (AMD64))\n\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.02-1.4+lenny1_amd64.deb\n Size/MD5 checksum: 1709514 1e1277251a6dd0bb0a551997efd39175\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.02-1.4+lenny1_amd64.deb\n Size/MD5 checksum: 921892 fb7de1db5e3885365c3ad74c3646ab57\n\narm architecture (ARM)\n\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.02-1.4+lenny1_arm.deb\n Size/MD5 checksum: 1667088 58ddefe40598d6fe4a5016145163ef45\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.02-1.4+lenny1_arm.deb\n Size/MD5 checksum: 907908 881594298fe547cefa3d528c519d369f\n\narmel architecture (ARM EABI)\n\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.02-1.4+lenny1_armel.deb\n Size/MD5 checksum: 886242 51d55f7c4de41c5d4051f41fde9b7389\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.02-1.4+lenny1_armel.deb\n Size/MD5 checksum: 1602392 bc996edfad6d1995cb4ef2f4c7760b51\n\nhppa architecture (HP PA RISC)\n\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.02-1.4+lenny1_hppa.deb\n Size/MD5 checksum: 1076286 fa3ac4a1001abf3e892bb1397b06ff17\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.02-1.4+lenny1_hppa.deb\n Size/MD5 checksum: 1985520 e95263d094e2c8d6aa72ee1edb9105f3\n\ni386 architecture (Intel ia32)\n\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.02-1.4+lenny1_i386.deb\n Size/MD5 checksum: 876656 441042932886fa29adae731338f6b5bd\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.02-1.4+lenny1_i386.deb\n Size/MD5 checksum: 1611730 52516381da25dbb0c1145e2b7cdf692a\n\nia64 architecture (Intel ia64)\n\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.02-1.4+lenny1_ia64.deb\n Size/MD5 checksum: 1380222 0ffaee560534c9d69df433340679c8fc\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.02-1.4+lenny1_ia64.deb\n Size/MD5 checksum: 2519970 eb4f4e5c173557fa8ae713f123cbb193\n\nmips architecture (MIPS (Big Endian))\n\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.02-1.4+lenny1_mips.deb\n Size/MD5 checksum: 1894924 58b336b114ef5c8fb9fc6244411b4cf4\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.02-1.4+lenny1_mips.deb\n Size/MD5 checksum: 1040834 ae8ed06ea2ed07e3a064c6bd28e80933\n\nmipsel architecture (MIPS (Little Endian))\n\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.02-1.4+lenny1_mipsel.deb\n Size/MD5 checksum: 1026954 eac8167230b8fa208cdbc5b196f0c624\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.02-1.4+lenny1_mipsel.deb\n Size/MD5 checksum: 1872050 8f2e99ce5a102d099ba22543f246d5bd\n\npowerpc architecture (PowerPC)\n\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.02-1.4+lenny1_powerpc.deb\n Size/MD5 checksum: 1788584 7d1466cc8770bd92f299c1cc772f64e7\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.02-1.4+lenny1_powerpc.deb\n Size/MD5 checksum: 968838 7cc8568d6b74348300066e42b27f90c2\n\ns390 architecture (IBM S/390)\n\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.02-1.4+lenny1_s390.deb\n Size/MD5 checksum: 871666 1dde93a4cc0a28b90f92c05f0d181079\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.02-1.4+lenny1_s390.deb\n Size/MD5 checksum: 1598270 201ad07e4853843dce22f22daa41fd35\n\nsparc architecture (Sun SPARC/UltraSPARC)\n\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.02-1.4+lenny1_sparc.deb\n Size/MD5 checksum: 863662 446f2d8fe6483d3741648c4db1ff5b82\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.02-1.4+lenny1_sparc.deb\n Size/MD5 checksum: 1586262 52861c00f406c35db8a6e6f3269cc37d\n\n\n These files will probably be moved into the stable distribution on\n its next update",
"sources": [
{
"db": "NVD",
"id": "CVE-2009-1180"
},
{
"db": "CERT/CC",
"id": "VU#196617"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-001264"
},
{
"db": "VULHUB",
"id": "VHN-38626"
},
{
"db": "VULMON",
"id": "CVE-2009-1180"
},
{
"db": "PACKETSTORM",
"id": "76918"
},
{
"db": "PACKETSTORM",
"id": "76751"
},
{
"db": "PACKETSTORM",
"id": "86958"
},
{
"db": "PACKETSTORM",
"id": "77313"
},
{
"db": "PACKETSTORM",
"id": "82087"
},
{
"db": "PACKETSTORM",
"id": "83554"
},
{
"db": "PACKETSTORM",
"id": "123523"
},
{
"db": "PACKETSTORM",
"id": "84482"
},
{
"db": "PACKETSTORM",
"id": "77279"
}
],
"trust": 3.33
},
"exploit_availability": {
"_id": null,
"data": [
{
"reference": "https://www.kb.cert.org/vuls/id/196617",
"trust": 0.8,
"type": "poc"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#196617"
}
]
},
"external_ids": {
"_id": null,
"data": [
{
"db": "NVD",
"id": "CVE-2009-1180",
"trust": 3.5
},
{
"db": "BID",
"id": "34568",
"trust": 3.4
},
{
"db": "SECUNIA",
"id": "34291",
"trust": 3.4
},
{
"db": "CERT/CC",
"id": "VU#196617",
"trust": 3.4
},
{
"db": "SECUNIA",
"id": "34481",
"trust": 2.6
},
{
"db": "SECUNIA",
"id": "35064",
"trust": 2.6
},
{
"db": "SECUNIA",
"id": "34746",
"trust": 2.6
},
{
"db": "SECUNIA",
"id": "34756",
"trust": 2.6
},
{
"db": "SECUNIA",
"id": "34963",
"trust": 2.6
},
{
"db": "SECUNIA",
"id": "34755",
"trust": 2.6
},
{
"db": "VUPEN",
"id": "ADV-2009-1077",
"trust": 2.6
},
{
"db": "VUPEN",
"id": "ADV-2009-1076",
"trust": 2.6
},
{
"db": "VUPEN",
"id": "ADV-2009-1066",
"trust": 2.6
},
{
"db": "VUPEN",
"id": "ADV-2009-1065",
"trust": 2.6
},
{
"db": "SECTRACK",
"id": "1022073",
"trust": 2.6
},
{
"db": "SECUNIA",
"id": "35618",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "34852",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "35065",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "34959",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "35685",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "34991",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "35037",
"trust": 1.8
},
{
"db": "VUPEN",
"id": "ADV-2010-1040",
"trust": 1.8
},
{
"db": "SECTRACK",
"id": "1022072",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2009-001264",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-200904-452",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-38626",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2009-1180",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "76918",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "76751",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "86958",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "77313",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "82087",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "83554",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "123523",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "84482",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "77279",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#196617"
},
{
"db": "VULHUB",
"id": "VHN-38626"
},
{
"db": "VULMON",
"id": "CVE-2009-1180"
},
{
"db": "PACKETSTORM",
"id": "76918"
},
{
"db": "PACKETSTORM",
"id": "76751"
},
{
"db": "PACKETSTORM",
"id": "86958"
},
{
"db": "PACKETSTORM",
"id": "77313"
},
{
"db": "PACKETSTORM",
"id": "82087"
},
{
"db": "PACKETSTORM",
"id": "83554"
},
{
"db": "PACKETSTORM",
"id": "123523"
},
{
"db": "PACKETSTORM",
"id": "84482"
},
{
"db": "PACKETSTORM",
"id": "77279"
},
{
"db": "CNNVD",
"id": "CNNVD-200904-452"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-001264"
},
{
"db": "NVD",
"id": "CVE-2009-1180"
}
]
},
"id": "VAR-200904-0809",
"iot": {
"_id": null,
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-38626"
}
],
"trust": 0.01
},
"last_update_date": "2026-04-10T22:30:16.949000Z",
"patch": {
"_id": null,
"data": [
{
"title": "poppler-0.5.4-4.4.9.1AXS3",
"trust": 0.8,
"url": "https://tsn.miraclelinux.com/tsn_local/index.php?m=errata\u0026a=detail\u0026eid=437"
},
{
"title": "kdegraphics-3.5.5-3.5AXS3",
"trust": 0.8,
"url": "https://tsn.miraclelinux.com/tsn_local/index.php?m=errata\u0026a=detail\u0026eid=766"
},
{
"title": "tetex-3.0-33.8.5.0.1.AXS3",
"trust": 0.8,
"url": "https://tsn.miraclelinux.com/tsn_local/index.php?m=errata\u0026a=detail\u0026eid=1040"
},
{
"title": "cups-1.3.7-8.4.1AXS3",
"trust": 0.8,
"url": "https://tsn.miraclelinux.com/tsn_local/index.php?m=errata\u0026a=detail\u0026eid=428"
},
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.cups.org/"
},
{
"title": "2059",
"trust": 0.8,
"url": "http://www.miraclelinux.com/support/index.php?q=node/99\u0026errata_id=2059"
},
{
"title": "NV10-003",
"trust": 0.8,
"url": "http://www.nec.co.jp/security-info/secinfo/nv10-003.html"
},
{
"title": "Poppler 0.11 Releases",
"trust": 0.8,
"url": "http://poppler.freedesktop.org/releases.html"
},
{
"title": "RHSA-2010:0400",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/RHSA-2010-0400.html"
},
{
"title": "RHSA-2009:0429",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/RHSA-2009-0429.html"
},
{
"title": "RHSA-2009:0430",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/RHSA-2009-0430.html"
},
{
"title": "RHSA-2009:0431",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/RHSA-2009-0431.html"
},
{
"title": "RHSA-2009:0458",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/RHSA-2009-0458.html"
},
{
"title": "RHSA-2009:0480",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/RHSA-2009-0480.html"
},
{
"title": "RHSA-2010:0399",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/RHSA-2010-0399.html"
},
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.foolabs.com/xpdf/"
},
{
"title": "RHSA-2009:0458",
"trust": 0.8,
"url": "https://www.jp.redhat.com/support/errata/RHSA/RHSA-2009-0458J.html"
},
{
"title": "RHSA-2009:0480",
"trust": 0.8,
"url": "https://www.jp.redhat.com/support/errata/RHSA/RHSA-2009-0480J.html"
},
{
"title": "RHSA-2009:0429",
"trust": 0.8,
"url": "https://www.jp.redhat.com/support/errata/RHSA/RHSA-2009-0429J.html"
},
{
"title": "RHSA-2009:0430",
"trust": 0.8,
"url": "https://www.jp.redhat.com/support/errata/RHSA/RHSA-2009-0430J.html"
},
{
"title": "RHSA-2009:0431",
"trust": 0.8,
"url": "https://www.jp.redhat.com/support/errata/RHSA/RHSA-2009-0431J.html"
},
{
"title": "Red Hat: Important: xpdf security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20090430 - Security Advisory"
},
{
"title": "Red Hat: Important: cups security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20090429 - Security Advisory"
},
{
"title": "Red Hat: Important: kdegraphics security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20090431 - Security Advisory"
},
{
"title": "Red Hat: Important: gpdf security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20090458 - Security Advisory"
},
{
"title": "Red Hat: Important: poppler security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20090480 - Security Advisory"
},
{
"title": "Ubuntu Security Notice: poppler vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-759-1"
},
{
"title": "Debian CVElist Bug Report Logs: xpdf: multiple vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs\u0026qid=773868e24bff06cb90f9c91803114d93"
},
{
"title": "Ubuntu Security Notice: koffice vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-973-1"
},
{
"title": "Debian CVElist Bug Report Logs: poppler: multiple vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs\u0026qid=1ea2bd34c90a7e17e7b2d6fe49c98e66"
},
{
"title": "Debian Security Advisories: DSA-1790-1 xpdf -- multiple vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=6375d8b8a733e9a6329048ef00e50271"
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/0xCyberY/CVE-T4PDF "
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2009-1180"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-001264"
}
]
},
"problemtype_data": {
"_id": null,
"data": [
{
"problemtype": "CWE-399",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-38626"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-001264"
},
{
"db": "NVD",
"id": "CVE-2009-1180"
}
]
},
"references": {
"_id": null,
"data": [
{
"trust": 3.4,
"url": "http://www.securityfocus.com/bid/34568"
},
{
"trust": 2.7,
"url": "http://www.kb.cert.org/vuls/id/196617"
},
{
"trust": 2.6,
"url": "http://www.debian.org/security/2009/dsa-1790"
},
{
"trust": 2.6,
"url": "http://www.securitytracker.com/id?1022073"
},
{
"trust": 2.6,
"url": "http://secunia.com/advisories/34291"
},
{
"trust": 2.6,
"url": "http://secunia.com/advisories/34481"
},
{
"trust": 2.6,
"url": "http://secunia.com/advisories/34746"
},
{
"trust": 2.6,
"url": "http://secunia.com/advisories/34755"
},
{
"trust": 2.6,
"url": "http://secunia.com/advisories/34756"
},
{
"trust": 2.6,
"url": "http://secunia.com/advisories/34963"
},
{
"trust": 2.6,
"url": "http://secunia.com/advisories/35064"
},
{
"trust": 2.6,
"url": "http://www.vupen.com/english/advisories/2009/1065"
},
{
"trust": 2.6,
"url": "http://www.vupen.com/english/advisories/2009/1066"
},
{
"trust": 2.6,
"url": "http://www.vupen.com/english/advisories/2009/1076"
},
{
"trust": 2.6,
"url": "http://www.vupen.com/english/advisories/2009/1077"
},
{
"trust": 1.8,
"url": "http://secunia.com/advisories/34852"
},
{
"trust": 1.8,
"url": "http://secunia.com/advisories/34959"
},
{
"trust": 1.8,
"url": "http://secunia.com/advisories/34991"
},
{
"trust": 1.8,
"url": "http://secunia.com/advisories/35037"
},
{
"trust": 1.8,
"url": "http://secunia.com/advisories/35065"
},
{
"trust": 1.8,
"url": "http://secunia.com/advisories/35618"
},
{
"trust": 1.8,
"url": "http://secunia.com/advisories/35685"
},
{
"trust": 1.8,
"url": "http://www.vupen.com/english/advisories/2010/1040"
},
{
"trust": 1.8,
"url": "http://www.debian.org/security/2009/dsa-1793"
},
{
"trust": 1.8,
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-july/msg00567.html"
},
{
"trust": 1.8,
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-june/msg01277.html"
},
{
"trust": 1.8,
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-june/msg01291.html"
},
{
"trust": 1.8,
"url": "http://www.mandriva.com/security/advisories?name=mdvsa-2009:101"
},
{
"trust": 1.8,
"url": "http://www.mandriva.com/security/advisories?name=mdvsa-2010:087"
},
{
"trust": 1.8,
"url": "http://www.mandriva.com/security/advisories?name=mdvsa-2011:175"
},
{
"trust": 1.8,
"url": "http://www.redhat.com/support/errata/rhsa-2009-0429.html"
},
{
"trust": 1.8,
"url": "http://www.redhat.com/support/errata/rhsa-2009-0430.html"
},
{
"trust": 1.8,
"url": "http://www.redhat.com/support/errata/rhsa-2009-0431.html"
},
{
"trust": 1.8,
"url": "http://rhn.redhat.com/errata/rhsa-2009-0458.html"
},
{
"trust": 1.8,
"url": "http://www.redhat.com/support/errata/rhsa-2009-0480.html"
},
{
"trust": 1.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00011.html"
},
{
"trust": 1.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html"
},
{
"trust": 1.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html"
},
{
"trust": 1.8,
"url": "http://poppler.freedesktop.org/releases.html"
},
{
"trust": 1.8,
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=495892"
},
{
"trust": 1.8,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a9926"
},
{
"trust": 1.7,
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2009\u0026m=slackware-security.578477"
},
{
"trust": 1.2,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-1180"
},
{
"trust": 0.9,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-1180"
},
{
"trust": 0.9,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-1179"
},
{
"trust": 0.9,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-1182"
},
{
"trust": 0.9,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-0799"
},
{
"trust": 0.9,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-0800"
},
{
"trust": 0.9,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-1181"
},
{
"trust": 0.9,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-1183"
},
{
"trust": 0.8,
"url": "http://cgit.freedesktop.org/poppler/poppler/commit/?id=9f1312f3d7dfa7e536606a7c7296b7c876b11c00"
},
{
"trust": 0.8,
"url": "ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.02pl3.patch"
},
{
"trust": 0.8,
"url": "http://www.ubuntu.com/usn/usn-759-1"
},
{
"trust": 0.8,
"url": "http://blackberry.com/btsc/kb17953"
},
{
"trust": 0.8,
"url": "http://rhn.redhat.com/errata/rhsa-2009-0429.html"
},
{
"trust": 0.8,
"url": "http://rhn.redhat.com/errata/rhsa-2009-0431.html"
},
{
"trust": 0.8,
"url": "http://www.mandriva.com/en/security/advisories?name=mdvsa-2009:101"
},
{
"trust": 0.8,
"url": "http://support.apple.com/kb/ht3549"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/34291/"
},
{
"trust": 0.8,
"url": "http://www.securitytracker.com/alerts/2009/apr/1022072.html"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnvu196617/index.html"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-0146"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-0166"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-0147"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnvu196617/"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2009-1180"
},
{
"trust": 0.7,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-0165"
},
{
"trust": 0.4,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-1181"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3609"
},
{
"trust": 0.4,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-0800"
},
{
"trust": 0.4,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-3609"
},
{
"trust": 0.4,
"url": "http://www.mandriva.com/security/"
},
{
"trust": 0.4,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-0799"
},
{
"trust": 0.4,
"url": "http://www.mandriva.com/security/advisories"
},
{
"trust": 0.4,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-3608"
},
{
"trust": 0.4,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-1183"
},
{
"trust": 0.4,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-1182"
},
{
"trust": 0.4,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-1179"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3608"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-0163"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-1188"
},
{
"trust": 0.3,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-0147"
},
{
"trust": 0.3,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-0166"
},
{
"trust": 0.3,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-0146"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-0195"
},
{
"trust": 0.3,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-0165"
},
{
"trust": 0.2,
"url": "http://secunia.com/"
},
{
"trust": 0.2,
"url": "http://lists.grok.org.uk/full-disclosure-charter.html"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-1187"
},
{
"trust": 0.2,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-3605"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3607"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3938"
},
{
"trust": 0.2,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-3603"
},
{
"trust": 0.2,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-3606"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3604"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3606"
},
{
"trust": 0.2,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-3604"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3605"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3603"
},
{
"trust": 0.2,
"url": "http://www.debian.org/security/"
},
{
"trust": 0.2,
"url": "http://packages.debian.org/\u003cpkg\u003e"
},
{
"trust": 0.2,
"url": "http://www.debian.org/security/faq"
},
{
"trust": 0.2,
"url": "http://security.debian.org/"
},
{
"trust": 0.2,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-0163"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-0791"
},
{
"trust": 0.2,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-0791"
},
{
"trust": 0.2,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-0949"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-0949"
},
{
"trust": 0.2,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-0195"
},
{
"trust": 0.1,
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026amp;y=2009\u0026amp;m=slackware-security.578477"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/399.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2009:0430"
},
{
"trust": 0.1,
"url": "https://usn.ubuntu.com/759-1/"
},
{
"trust": 0.1,
"url": "http://download.opensuse.org/update/10.3/rpm/i586/cups-libs-1.2.12-22.21.i586.rpm"
},
{
"trust": 0.1,
"url": "http://download.opensuse.org/update/11.1/rpm/ppc/cups-devel-1.3.9-7.2.1.ppc.rpm"
},
{
"trust": 0.1,
"url": "http://download.opensuse.org/update/11.1/rpm/x86_64/cups-devel-1.3.9-7.2.1.x86_64.rpm"
},
{
"trust": 0.1,
"url": "http://download.opensuse.org/debug/update/11.0/rpm/ppc/cups-debugsource-1.3.7-25.8.ppc.rpm"
},
{
"trust": 0.1,
"url": "http://download.opensuse.org/update/11.0/rpm/ppc/cups-libs-64bit-1.3.7-25.8.ppc.rpm"
},
{
"trust": 0.1,
"url": "http://download.opensuse.org/update/11.1/rpm/x86_64/cups-libs-1.3.9-7.2.1.x86_64.rpm"
},
{
"trust": 0.1,
"url": "http://download.opensuse.org/update/10.3/rpm/x86_64/cups-client-1.2.12-22.21.x86_64.rpm"
},
{
"trust": 0.1,
"url": "http://download.opensuse.org/update/11.0/rpm/i586/cups-1.3.7-25.8.i586.rpm"
},
{
"trust": 0.1,
"url": "http://download.opensuse.org/update/11.0/rpm/ppc/cups-devel-1.3.7-25.8.ppc.rpm"
},
{
"trust": 0.1,
"url": "http://download.opensuse.org/update/10.3/rpm/ppc/cups-libs-64bit-1.2.12-22.21.ppc.rpm"
},
{
"trust": 0.1,
"url": "http://download.opensuse.org/update/10.3/rpm/src/cups-1.2.12-22.21.src.rpm"
},
{
"trust": 0.1,
"url": "http://download.opensuse.org/debug/update/11.1/rpm/i586/cups-debuginfo-1.3.9-7.2.1.i586.rpm"
},
{
"trust": 0.1,
"url": "http://download.novell.com/index.jsp?search=search\u0026set_restricted=true\u0026keywords=22d7a0746f9c204f5ecc1395385739f7"
},
{
"trust": 0.1,
"url": "http://download.opensuse.org/update/10.3/rpm/i586/cups-devel-1.2.12-22.21.i586.rpm"
},
{
"trust": 0.1,
"url": "http://download.opensuse.org/update/10.3/rpm/x86_64/cups-libs-1.2.12-22.21.x86_64.rpm"
},
{
"trust": 0.1,
"url": "http://download.opensuse.org/update/11.1/rpm/i586/cups-1.3.9-7.2.1.i586.rpm"
},
{
"trust": 0.1,
"url": "http://download.opensuse.org/debug/update/11.1/rpm/i586/cups-debugsource-1.3.9-7.2.1.i586.rpm"
},
{
"trust": 0.1,
"url": "http://download.opensuse.org/debug/update/11.0/rpm/x86_64/cups-debuginfo-1.3.7-25.8.x86_64.rpm"
},
{
"trust": 0.1,
"url": "http://download.opensuse.org/debug/update/11.0/rpm/i586/cups-debuginfo-1.3.7-25.8.i586.rpm"
},
{
"trust": 0.1,
"url": "http://download.opensuse.org/update/11.0/rpm/i586/cups-client-1.3.7-25.8.i586.rpm"
},
{
"trust": 0.1,
"url": "http://download.opensuse.org/update/11.1/rpm/ppc/cups-client-1.3.9-7.2.1.ppc.rpm"
},
{
"trust": 0.1,
"url": "http://download.opensuse.org/update/10.3/rpm/ppc/cups-client-1.2.12-22.21.ppc.rpm"
},
{
"trust": 0.1,
"url": "http://download.opensuse.org/update/10.3/rpm/ppc/cups-1.2.12-22.21.ppc.rpm"
},
{
"trust": 0.1,
"url": "http://download.opensuse.org/update/11.1/rpm/ppc/cups-libs-1.3.9-7.2.1.ppc.rpm"
},
{
"trust": 0.1,
"url": "http://download.opensuse.org/update/11.1/rpm/i586/cups-devel-1.3.9-7.2.1.i586.rpm"
},
{
"trust": 0.1,
"url": "http://download.opensuse.org/update/11.1/rpm/i586/cups-libs-1.3.9-7.2.1.i586.rpm"
},
{
"trust": 0.1,
"url": "http://download.novell.com/index.jsp?search=search\u0026set_restricted=true\u0026keywords=403675f837530f047eb825dcb7428cf3"
},
{
"trust": 0.1,
"url": "http://download.opensuse.org/debug/update/11.1/rpm/ppc/cups-debuginfo-1.3.9-7.2.1.ppc.rpm"
},
{
"trust": 0.1,
"url": "http://download.opensuse.org/update/11.0/rpm/src/cups-1.3.7-25.8.src.rpm"
},
{
"trust": 0.1,
"url": "http://download.opensuse.org/update/11.1/rpm/ppc/cups-1.3.9-7.2.1.ppc.rpm"
},
{
"trust": 0.1,
"url": "http://download.opensuse.org/debug/update/11.1/rpm/x86_64/cups-debuginfo-1.3.9-7.2.1.x86_64.rpm"
},
{
"trust": 0.1,
"url": "http://download.opensuse.org/update/11.1/rpm/src/cups-1.3.9-7.2.1.src.rpm"
},
{
"trust": 0.1,
"url": "http://download.opensuse.org/update/11.0/rpm/i586/cups-devel-1.3.7-25.8.i586.rpm"
},
{
"trust": 0.1,
"url": "http://download.opensuse.org/update/11.0/rpm/x86_64/cups-libs-1.3.7-25.8.x86_64.rpm"
},
{
"trust": 0.1,
"url": "http://download.opensuse.org/update/11.1/rpm/x86_64/cups-client-1.3.9-7.2.1.x86_64.rpm"
},
{
"trust": 0.1,
"url": "http://download.opensuse.org/update/11.0/rpm/ppc/cups-1.3.7-25.8.ppc.rpm"
},
{
"trust": 0.1,
"url": "http://download.opensuse.org/update/11.0/rpm/i586/cups-libs-1.3.7-25.8.i586.rpm"
},
{
"trust": 0.1,
"url": "http://download.opensuse.org/update/11.1/rpm/x86_64/cups-1.3.9-7.2.1.x86_64.rpm"
},
{
"trust": 0.1,
"url": "http://download.opensuse.org/debug/update/11.1/rpm/x86_64/cups-debugsource-1.3.9-7.2.1.x86_64.rpm"
},
{
"trust": 0.1,
"url": "http://download.opensuse.org/update/10.3/rpm/x86_64/cups-1.2.12-22.21.x86_64.rpm"
},
{
"trust": 0.1,
"url": "http://download.opensuse.org/update/10.3/rpm/x86_64/cups-devel-1.2.12-22.21.x86_64.rpm"
},
{
"trust": 0.1,
"url": "http://download.opensuse.org/update/10.3/rpm/ppc/cups-libs-1.2.12-22.21.ppc.rpm"
},
{
"trust": 0.1,
"url": "http://download.opensuse.org/update/11.1/rpm/x86_64/cups-libs-32bit-1.3.9-7.2.1.x86_64.rpm"
},
{
"trust": 0.1,
"url": "http://download.opensuse.org/update/11.1/rpm/i586/cups-client-1.3.9-7.2.1.i586.rpm"
},
{
"trust": 0.1,
"url": "http://download.opensuse.org/update/11.1/rpm/ppc/cups-libs-64bit-1.3.9-7.2.1.ppc.rpm"
},
{
"trust": 0.1,
"url": "http://download.opensuse.org/debug/update/11.0/rpm/ppc/cups-debuginfo-1.3.7-25.8.ppc.rpm"
},
{
"trust": 0.1,
"url": "http://download.opensuse.org/update/11.0/rpm/x86_64/cups-1.3.7-25.8.x86_64.rpm"
},
{
"trust": 0.1,
"url": "http://download.opensuse.org/update/10.3/rpm/i586/cups-1.2.12-22.21.i586.rpm"
},
{
"trust": 0.1,
"url": "http://download.opensuse.org/update/11.0/rpm/x86_64/cups-client-1.3.7-25.8.x86_64.rpm"
},
{
"trust": 0.1,
"url": "http://download.opensuse.org/update/11.0/rpm/x86_64/cups-libs-32bit-1.3.7-25.8.x86_64.rpm"
},
{
"trust": 0.1,
"url": "http://download.opensuse.org/debug/update/11.0/rpm/i586/cups-debugsource-1.3.7-25.8.i586.rpm"
},
{
"trust": 0.1,
"url": "http://download.opensuse.org/update/11.0/rpm/ppc/cups-libs-1.3.7-25.8.ppc.rpm"
},
{
"trust": 0.1,
"url": "http://download.opensuse.org/update/11.0/rpm/x86_64/cups-devel-1.3.7-25.8.x86_64.rpm"
},
{
"trust": 0.1,
"url": "http://download.opensuse.org/debug/update/11.0/rpm/x86_64/cups-debugsource-1.3.7-25.8.x86_64.rpm"
},
{
"trust": 0.1,
"url": "http://download.opensuse.org/debug/update/11.1/rpm/ppc/cups-debugsource-1.3.9-7.2.1.ppc.rpm"
},
{
"trust": 0.1,
"url": "http://download.opensuse.org/update/10.3/rpm/x86_64/cups-libs-32bit-1.2.12-22.21.x86_64.rpm"
},
{
"trust": 0.1,
"url": "http://download.opensuse.org/update/10.3/rpm/ppc/cups-devel-1.2.12-22.21.ppc.rpm"
},
{
"trust": 0.1,
"url": "http://download.opensuse.org/update/10.3/rpm/i586/cups-client-1.2.12-22.21.i586.rpm"
},
{
"trust": 0.1,
"url": "http://download.opensuse.org/update/11.0/rpm/ppc/cups-client-1.3.7-25.8.ppc.rpm"
},
{
"trust": 0.1,
"url": "http://download.novell.com/index.jsp?search=search\u0026set_restricted=true\u0026keywords=a777264f13a7d9d882a7d024d831be1f"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/p/poppler/libpoppler3_0.8.7-1ubuntu0.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-glib-dev_0.5.1-0ubuntu7.5_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler1_0.5.1-0ubuntu7.5_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/p/poppler/poppler-utils_0.5.1-0ubuntu7.5_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt2_0.8.7-1ubuntu0.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-glib-dev_0.5.1-0ubuntu7.5_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-qt4-dev_0.6.4-1ubuntu3.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt4-dev_0.6.4-1ubuntu3.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-glib2_0.6.4-1ubuntu3.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler2_0.6.4-1ubuntu3.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/p/poppler/libpoppler3_0.8.7-1ubuntu0.2_lpia.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-glib-dev_0.6.4-1ubuntu3.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-qt-dev_0.5.1-0ubuntu7.5_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-dev_0.5.1-0ubuntu7.5_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-qt-dev_0.6.4-1ubuntu3.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-qt2_0.8.7-1ubuntu0.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/p/poppler/libpoppler2_0.6.4-1ubuntu3.2_lpia.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/p/poppler/poppler-dbg_0.8.7-1ubuntu0.2_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-dev_0.6.4-1ubuntu3.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/p/poppler/poppler-utils_0.6.4-1ubuntu3.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/p/poppler/poppler-utils_0.8.7-1ubuntu0.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt-dev_0.8.7-1ubuntu0.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-glib-dev_0.5.1-0ubuntu7.5_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-glib2_0.6.4-1ubuntu3.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-glib-dev_0.8.7-1ubuntu0.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt2_0.8.7-1ubuntu0.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt4-dev_0.8.7-1ubuntu0.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler1-glib_0.5.1-0ubuntu7.5_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/p/poppler/poppler_0.6.4.orig.tar.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/p/poppler/poppler-utils_0.6.4-1ubuntu3.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-qt4-2_0.6.4-1ubuntu3.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt-dev_0.6.4-1ubuntu3.2_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-glib-dev_0.8.7-1ubuntu0.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-qt2_0.6.4-1ubuntu3.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/p/poppler/poppler-utils_0.6.4-1ubuntu3.2_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/p/poppler/poppler-dbg_0.8.7-1ubuntu0.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler3_0.8.7-1ubuntu0.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-glib2_0.6.4-1ubuntu3.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/p/poppler/poppler-dbg_0.8.7-1ubuntu0.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-glib3_0.8.7-1ubuntu0.2_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/p/poppler/poppler_0.5.1-0ubuntu7.5.diff.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-dev_0.5.1-0ubuntu7.5_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/p/poppler/poppler_0.6.4-1ubuntu3.2.dsc"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-glib3_0.8.7-1ubuntu0.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-glib-dev_0.6.4-1ubuntu3.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/p/poppler/libpoppler2_0.6.4-1ubuntu3.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-dev_0.8.7-1ubuntu0.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt2_0.6.4-1ubuntu3.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-glib2_0.6.4-1ubuntu3.2_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/p/poppler/poppler-utils_0.8.7-1ubuntu0.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/p/poppler/poppler_0.5.1-0ubuntu7.5.dsc"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-qt4-dev_0.8.7-1ubuntu0.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-qt4-3_0.8.7-1ubuntu0.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/p/poppler/poppler-utils_0.6.4-1ubuntu3.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt4-3_0.8.7-1ubuntu0.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-glib-dev_0.6.4-1ubuntu3.2_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler1-qt_0.5.1-0ubuntu7.5_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt-dev_0.8.7-1ubuntu0.2_lpia.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt4-dev_0.8.7-1ubuntu0.2_lpia.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/p/poppler/poppler-utils_0.6.4-1ubuntu3.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt2_0.6.4-1ubuntu3.2_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-qt4-2_0.6.4-1ubuntu3.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler1-qt_0.5.1-0ubuntu7.5_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt-dev_0.6.4-1ubuntu3.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt4-3_0.8.7-1ubuntu0.2_lpia.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-glib3_0.8.7-1ubuntu0.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/p/poppler/poppler-utils_0.8.7-1ubuntu0.2_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/p/poppler/poppler-utils_0.8.7-1ubuntu0.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/p/poppler/poppler_0.8.7-1ubuntu0.2.dsc"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/p/poppler/libpoppler2_0.6.4-1ubuntu3.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/p/poppler/poppler-utils_0.8.7-1ubuntu0.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt4-2_0.6.4-1ubuntu3.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/p/poppler/poppler-utils_0.5.1-0ubuntu7.5_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt-dev_0.8.7-1ubuntu0.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt4-dev_0.8.7-1ubuntu0.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler1-glib_0.5.1-0ubuntu7.5_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-dev_0.6.4-1ubuntu3.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-dev_0.8.7-1ubuntu0.2_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/p/poppler/poppler-dbg_0.8.7-1ubuntu0.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt2_0.8.7-1ubuntu0.2_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler1-glib_0.5.1-0ubuntu7.5_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-glib3_0.8.7-1ubuntu0.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler1-qt_0.5.1-0ubuntu7.5_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt4-dev_0.6.4-1ubuntu3.2_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-qt-dev_0.5.1-0ubuntu7.5_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/p/poppler/poppler_0.6.4-1ubuntu3.2.diff.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-glib-dev_0.6.4-1ubuntu3.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-qt2_0.6.4-1ubuntu3.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-glib-dev_0.5.1-0ubuntu7.5_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt-dev_0.6.4-1ubuntu3.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-qt4-dev_0.8.7-1ubuntu0.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-glib2_0.6.4-1ubuntu3.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-glib-dev_0.8.7-1ubuntu0.2_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-qt4-dev_0.6.4-1ubuntu3.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/p/poppler/libpoppler3_0.8.7-1ubuntu0.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-qt4-3_0.8.7-1ubuntu0.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-glib-dev_0.8.7-1ubuntu0.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-dev_0.8.7-1ubuntu0.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-dev_0.8.7-1ubuntu0.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-glib-dev_0.8.7-1ubuntu0.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-qt2_0.8.7-1ubuntu0.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-dev_0.6.4-1ubuntu3.2_lpia.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt4-dev_0.6.4-1ubuntu3.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt2_0.6.4-1ubuntu3.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-dev_0.5.1-0ubuntu7.5_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/p/poppler/poppler_0.8.7.orig.tar.gz"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt4-2_0.6.4-1ubuntu3.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler1-qt_0.5.1-0ubuntu7.5_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-dev_0.6.4-1ubuntu3.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/p/poppler/poppler_0.5.1.orig.tar.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/p/poppler/poppler-utils_0.5.1-0ubuntu7.5_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-dev_0.5.1-0ubuntu7.5_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-qt-dev_0.8.7-1ubuntu0.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler1_0.5.1-0ubuntu7.5_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-glib-dev_0.6.4-1ubuntu3.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler1-glib_0.5.1-0ubuntu7.5_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-qt-dev_0.8.7-1ubuntu0.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler1_0.5.1-0ubuntu7.5_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-dev_0.8.7-1ubuntu0.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/p/poppler/poppler-utils_0.5.1-0ubuntu7.5_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-qt-dev_0.6.4-1ubuntu3.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler2_0.6.4-1ubuntu3.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-dev_0.6.4-1ubuntu3.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/p/poppler/poppler_0.8.7-1ubuntu0.2.diff.gz"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/p/poppler/poppler-dbg_0.8.7-1ubuntu0.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-qt-dev_0.5.1-0ubuntu7.5_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler3_0.8.7-1ubuntu0.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-glib3_0.8.7-1ubuntu0.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt4-2_0.6.4-1ubuntu3.2_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler1_0.5.1-0ubuntu7.5_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt4-3_0.8.7-1ubuntu0.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-qt-dev_0.5.1-0ubuntu7.5_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-3938"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-1188"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-3607"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kmrml_3.5.9-3+lenny1_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kcoloredit_3.5.9-3+lenny1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-dbg_3.5.5-3etch3_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics_3.5.9-3+lenny1.diff.gz"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-dev_3.5.5-3etch3_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kmrml_3.5.5-3etch3_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kcoloredit_3.5.5-3etch3_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kdvi_3.5.5-3etch3_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kiconedit_3.5.5-3etch3_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kooka_3.5.9-3+lenny1_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kcoloredit_3.5.5-3etch3_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kolourpaint_3.5.5-3etch3_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kcoloredit_3.5.5-3etch3_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kfax_3.5.5-3etch3_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/ksnapshot_3.5.9-3+lenny1_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-dbg_3.5.5-3etch3_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kuickshow_3.5.9-3+lenny1_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kgamma_3.5.5-3etch3_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kpdf_3.5.5-3etch3_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/ksvg_3.5.9-3+lenny1_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kpdf_3.5.5-3etch3_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kruler_3.5.5-3etch3_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kolourpaint_3.5.5-3etch3_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kooka_3.5.9-3+lenny1_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/ksnapshot_3.5.9-3+lenny1_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kamera_3.5.9-3+lenny1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-dev_3.5.5-3etch3_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/ksnapshot_3.5.9-3+lenny1_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kiconedit_3.5.5-3etch3_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kviewshell_3.5.5-3etch3_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kooka_3.5.5-3etch3_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kviewshell_3.5.5-3etch3_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kolourpaint_3.5.9-3+lenny1_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kgamma_3.5.9-3+lenny1_armel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kuickshow_3.5.5-3etch3_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kpdf_3.5.5-3etch3_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kghostview_3.5.5-3etch3_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kooka_3.5.5-3etch3_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kviewshell_3.5.9-3+lenny1_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/ksvg_3.5.9-3+lenny1_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kview_3.5.5-3etch3_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kghostview_3.5.5-3etch3_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kamera_3.5.5-3etch3_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kfaxview_3.5.5-3etch3_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kmrml_3.5.5-3etch3_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kamera_3.5.9-3+lenny1_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/ksvg_3.5.9-3+lenny1_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kamera_3.5.5-3etch3_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kmrml_3.5.5-3etch3_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kruler_3.5.9-3+lenny1_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-dev_3.5.9-3+lenny1_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kviewshell_3.5.9-3+lenny1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kcoloredit_3.5.9-3+lenny1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kcoloredit_3.5.9-3+lenny1_armel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kolourpaint_3.5.9-3+lenny1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kcoloredit_3.5.9-3+lenny1_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/ksvg_3.5.5-3etch3_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/ksnapshot_3.5.9-3+lenny1_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kfax_3.5.9-3+lenny1_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kpdf_3.5.5-3etch3_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan1_3.5.5-3etch3_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kghostview_3.5.9-3+lenny1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kruler_3.5.9-3+lenny1_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kmrml_3.5.9-3+lenny1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kruler_3.5.5-3etch3_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kviewshell_3.5.5-3etch3_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kfaxview_3.5.9-3+lenny1_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan1_3.5.9-3+lenny1_armel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kmrml_3.5.9-3+lenny1_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/ksvg_3.5.5-3etch3_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kolourpaint_3.5.9-3+lenny1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kruler_3.5.9-3+lenny1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kooka_3.5.9-3+lenny1_armel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kghostview_3.5.9-3+lenny1_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kdvi_3.5.5-3etch3_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-dbg_3.5.9-3+lenny1_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kgamma_3.5.9-3+lenny1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kooka_3.5.5-3etch3_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kooka_3.5.5-3etch3_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kdvi_3.5.5-3etch3_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan-dev_3.5.9-3+lenny1_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-dev_3.5.5-3etch3_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan1_3.5.5-3etch3_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kgamma_3.5.9-3+lenny1_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-dev_3.5.5-3etch3_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kgamma_3.5.9-3+lenny1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kmrml_3.5.9-3+lenny1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/ksvg_3.5.9-3+lenny1_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/ksvg_3.5.9-3+lenny1_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-dbg_3.5.9-3+lenny1_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan1_3.5.5-3etch3_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kviewshell_3.5.9-3+lenny1_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kviewshell_3.5.9-3+lenny1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kpdf_3.5.5-3etch3_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kfax_3.5.5-3etch3_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kruler_3.5.9-3+lenny1_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kghostview_3.5.9-3+lenny1_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kolourpaint_3.5.9-3+lenny1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-kfile-plugins_3.5.5-3etch3_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kfaxview_3.5.5-3etch3_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kamera_3.5.5-3etch3_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-kfile-plugins_3.5.5-3etch3_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan-dev_3.5.5-3etch3_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kmrml_3.5.9-3+lenny1_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kview_3.5.9-3+lenny1_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan-dev_3.5.9-3+lenny1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan-dev_3.5.9-3+lenny1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kmrml_3.5.9-3+lenny1_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/ksnapshot_3.5.9-3+lenny1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/ksvg_3.5.5-3etch3_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kpdf_3.5.5-3etch3_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kpdf_3.5.9-3+lenny1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kviewshell_3.5.5-3etch3_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kooka_3.5.9-3+lenny1_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kdvi_3.5.9-3+lenny1_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kview_3.5.9-3+lenny1_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kuickshow_3.5.5-3etch3_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kruler_3.5.5-3etch3_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan-dev_3.5.5-3etch3_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan1_3.5.5-3etch3_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kgamma_3.5.9-3+lenny1_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kviewshell_3.5.9-3+lenny1_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kooka_3.5.5-3etch3_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kview_3.5.9-3+lenny1_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/ksvg_3.5.5-3etch3_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-kfile-plugins_3.5.9-3+lenny1_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kpdf_3.5.9-3+lenny1_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kdvi_3.5.9-3+lenny1_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/ksvg_3.5.9-3+lenny1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kfaxview_3.5.5-3etch3_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kruler_3.5.5-3etch3_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-dbg_3.5.5-3etch3_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kghostview_3.5.9-3+lenny1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kgamma_3.5.9-3+lenny1_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-dev_3.5.5-3etch3_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kpovmodeler_3.5.5-3etch3_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-dbg_3.5.9-3+lenny1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kpovmodeler_3.5.9-3+lenny1_armel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan-dev_3.5.5-3etch3_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kolourpaint_3.5.9-3+lenny1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/ksnapshot_3.5.5-3etch3_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kuickshow_3.5.5-3etch3_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kfaxview_3.5.5-3etch3_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-kfile-plugins_3.5.5-3etch3_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kooka_3.5.9-3+lenny1_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-dbg_3.5.5-3etch3_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan-dev_3.5.9-3+lenny1_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kdvi_3.5.5-3etch3_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kolourpaint_3.5.9-3+lenny1_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kcoloredit_3.5.5-3etch3_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan1_3.5.9-3+lenny1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kcoloredit_3.5.9-3+lenny1_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kpovmodeler_3.5.9-3+lenny1_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kolourpaint_3.5.9-3+lenny1_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kruler_3.5.5-3etch3_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-kfile-plugins_3.5.9-3+lenny1_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kfaxview_3.5.9-3+lenny1_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kview_3.5.9-3+lenny1_armel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kpdf_3.5.9-3+lenny1_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kpovmodeler_3.5.5-3etch3_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kmrml_3.5.5-3etch3_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kview_3.5.5-3etch3_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/ksnapshot_3.5.5-3etch3_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kpdf_3.5.9-3+lenny1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kiconedit_3.5.9-3+lenny1_armel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kmrml_3.5.9-3+lenny1_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kooka_3.5.9-3+lenny1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kcoloredit_3.5.9-3+lenny1_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kghostview_3.5.9-3+lenny1_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kpdf_3.5.9-3+lenny1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/ksvg_3.5.9-3+lenny1_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kuickshow_3.5.9-3+lenny1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kcoloredit_3.5.9-3+lenny1_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/ksnapshot_3.5.5-3etch3_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-dbg_3.5.9-3+lenny1_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kiconedit_3.5.9-3+lenny1_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kview_3.5.9-3+lenny1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kfaxview_3.5.5-3etch3_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-doc-html_3.5.9-3+lenny1_all.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kghostview_3.5.9-3+lenny1_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-kfile-plugins_3.5.9-3+lenny1_armel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kuickshow_3.5.5-3etch3_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kghostview_3.5.9-3+lenny1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kamera_3.5.5-3etch3_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kiconedit_3.5.9-3+lenny1_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kghostview_3.5.5-3etch3_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kfaxview_3.5.9-3+lenny1_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kooka_3.5.9-3+lenny1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kamera_3.5.9-3+lenny1_armel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-dev_3.5.5-3etch3_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kdvi_3.5.9-3+lenny1_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-dbg_3.5.9-3+lenny1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kview_3.5.5-3etch3_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kmrml_3.5.5-3etch3_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kpovmodeler_3.5.9-3+lenny1_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kview_3.5.9-3+lenny1_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kfaxview_3.5.9-3+lenny1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kmrml_3.5.5-3etch3_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kiconedit_3.5.9-3+lenny1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kpdf_3.5.9-3+lenny1_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-dev_3.5.9-3+lenny1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan1_3.5.9-3+lenny1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan-dev_3.5.9-3+lenny1_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kviewshell_3.5.9-3+lenny1_armel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan-dev_3.5.9-3+lenny1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kuickshow_3.5.5-3etch3_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kiconedit_3.5.9-3+lenny1_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kdvi_3.5.9-3+lenny1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan-dev_3.5.9-3+lenny1_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan1_3.5.9-3+lenny1_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kpdf_3.5.9-3+lenny1_armel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kolourpaint_3.5.5-3etch3_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-dev_3.5.9-3+lenny1_armel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kpovmodeler_3.5.5-3etch3_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kamera_3.5.9-3+lenny1_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kolourpaint_3.5.9-3+lenny1_armel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kdvi_3.5.5-3etch3_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kview_3.5.9-3+lenny1_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-dev_3.5.9-3+lenny1_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kruler_3.5.5-3etch3_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kiconedit_3.5.9-3+lenny1_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kolourpaint_3.5.9-3+lenny1_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan1_3.5.5-3etch3_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kgamma_3.5.5-3etch3_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kcoloredit_3.5.9-3+lenny1_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kiconedit_3.5.5-3etch3_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-doc-html_3.5.5-3etch3_all.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-dbg_3.5.5-3etch3_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kgamma_3.5.5-3etch3_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kcoloredit_3.5.9-3+lenny1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kruler_3.5.5-3etch3_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kfax_3.5.5-3etch3_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kmrml_3.5.9-3+lenny1_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-kfile-plugins_3.5.9-3+lenny1_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kfax_3.5.9-3+lenny1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-kfile-plugins_3.5.9-3+lenny1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-dev_3.5.5-3etch3_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kfaxview_3.5.9-3+lenny1_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kpovmodeler_3.5.5-3etch3_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/ksnapshot_3.5.5-3etch3_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/ksnapshot_3.5.5-3etch3_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics_3.5.5.orig.tar.gz"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kfaxview_3.5.5-3etch3_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kviewshell_3.5.5-3etch3_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/ksvg_3.5.9-3+lenny1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kuickshow_3.5.9-3+lenny1_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kiconedit_3.5.9-3+lenny1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-dev_3.5.9-3+lenny1_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-kfile-plugins_3.5.9-3+lenny1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-kfile-plugins_3.5.5-3etch3_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/ksvg_3.5.5-3etch3_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kooka_3.5.5-3etch3_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kpdf_3.5.5-3etch3_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kgamma_3.5.5-3etch3_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kuickshow_3.5.9-3+lenny1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kcoloredit_3.5.9-3+lenny1_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-dbg_3.5.9-3+lenny1_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kamera_3.5.5-3etch3_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics_3.5.5-3etch3.diff.gz"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kview_3.5.5-3etch3_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan1_3.5.9-3+lenny1_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan1_3.5.5-3etch3_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kooka_3.5.5-3etch3_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan1_3.5.9-3+lenny1_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kolourpaint_3.5.9-3+lenny1_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan-dev_3.5.5-3etch3_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/ksnapshot_3.5.9-3+lenny1_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kpovmodeler_3.5.9-3+lenny1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-dev_3.5.9-3+lenny1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-dev_3.5.5-3etch3_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-dev_3.5.9-3+lenny1_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-kfile-plugins_3.5.9-3+lenny1_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-dbg_3.5.5-3etch3_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kooka_3.5.9-3+lenny1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kgamma_3.5.5-3etch3_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/ksvg_3.5.5-3etch3_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-kfile-plugins_3.5.5-3etch3_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-dbg_3.5.5-3etch3_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kfax_3.5.9-3+lenny1_armel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/ksvg_3.5.5-3etch3_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kruler_3.5.5-3etch3_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kcoloredit_3.5.5-3etch3_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/ksnapshot_3.5.5-3etch3_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kooka_3.5.5-3etch3_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kmrml_3.5.9-3+lenny1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan1_3.5.9-3+lenny1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kfax_3.5.5-3etch3_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kviewshell_3.5.9-3+lenny1_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kpovmodeler_3.5.5-3etch3_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kiconedit_3.5.5-3etch3_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kuickshow_3.5.5-3etch3_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kamera_3.5.9-3+lenny1_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kfaxview_3.5.9-3+lenny1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kuickshow_3.5.9-3+lenny1_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan1_3.5.9-3+lenny1_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-dev_3.5.9-3+lenny1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kuickshow_3.5.9-3+lenny1_armel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/ksnapshot_3.5.9-3+lenny1_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/ksnapshot_3.5.9-3+lenny1_armel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kuickshow_3.5.9-3+lenny1_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kolourpaint_3.5.5-3etch3_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kamera_3.5.9-3+lenny1_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kruler_3.5.5-3etch3_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kcoloredit_3.5.9-3+lenny1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/ksvg_3.5.9-3+lenny1_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-dev_3.5.5-3etch3_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kruler_3.5.9-3+lenny1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-dev_3.5.5-3etch3_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics_3.5.5-3etch3.dsc"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kiconedit_3.5.5-3etch3_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan-dev_3.5.9-3+lenny1_armel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan1_3.5.5-3etch3_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kamera_3.5.9-3+lenny1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kuickshow_3.5.5-3etch3_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kview_3.5.9-3+lenny1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kiconedit_3.5.9-3+lenny1_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-kfile-plugins_3.5.5-3etch3_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kdvi_3.5.9-3+lenny1_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kamera_3.5.5-3etch3_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/ksnapshot_3.5.5-3etch3_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kviewshell_3.5.9-3+lenny1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan-dev_3.5.5-3etch3_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kfaxview_3.5.5-3etch3_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/ksnapshot_3.5.9-3+lenny1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kdvi_3.5.9-3+lenny1_armel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kiconedit_3.5.9-3+lenny1_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kamera_3.5.5-3etch3_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kmrml_3.5.5-3etch3_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kpovmodeler_3.5.5-3etch3_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-dbg_3.5.5-3etch3_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kpovmodeler_3.5.9-3+lenny1_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kamera_3.5.9-3+lenny1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kfaxview_3.5.9-3+lenny1_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-dev_3.5.9-3+lenny1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kfaxview_3.5.5-3etch3_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kfax_3.5.5-3etch3_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics_3.5.9-3+lenny1.dsc"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kgamma_3.5.5-3etch3_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kpovmodeler_3.5.9-3+lenny1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-kfile-plugins_3.5.5-3etch3_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kgamma_3.5.5-3etch3_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/ksnapshot_3.5.5-3etch3_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kghostview_3.5.5-3etch3_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kfaxview_3.5.5-3etch3_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kpovmodeler_3.5.9-3+lenny1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-dbg_3.5.9-3+lenny1_armel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kgamma_3.5.9-3+lenny1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kgamma_3.5.9-3+lenny1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kview_3.5.5-3etch3_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kview_3.5.9-3+lenny1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kviewshell_3.5.9-3+lenny1_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kghostview_3.5.5-3etch3_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kamera_3.5.5-3etch3_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kview_3.5.9-3+lenny1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan-dev_3.5.5-3etch3_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan-dev_3.5.5-3etch3_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kruler_3.5.9-3+lenny1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kghostview_3.5.5-3etch3_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kcoloredit_3.5.9-3+lenny1_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan-dev_3.5.5-3etch3_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kghostview_3.5.5-3etch3_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/ksvg_3.5.9-3+lenny1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kruler_3.5.9-3+lenny1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kcoloredit_3.5.5-3etch3_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-dbg_3.5.9-3+lenny1_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kgamma_3.5.5-3etch3_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kviewshell_3.5.5-3etch3_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-dbg_3.5.9-3+lenny1_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kfax_3.5.5-3etch3_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics_3.5.5-3etch3_all.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kruler_3.5.5-3etch3_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/ksnapshot_3.5.9-3+lenny1_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/ksnapshot_3.5.5-3etch3_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kgamma_3.5.9-3+lenny1_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kfaxview_3.5.9-3+lenny1_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/ksnapshot_3.5.5-3etch3_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kdvi_3.5.5-3etch3_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kpovmodeler_3.5.9-3+lenny1_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kpdf_3.5.5-3etch3_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kmrml_3.5.5-3etch3_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kamera_3.5.9-3+lenny1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kdvi_3.5.9-3+lenny1_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kpovmodeler_3.5.5-3etch3_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan1_3.5.9-3+lenny1_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kruler_3.5.9-3+lenny1_armel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kghostview_3.5.9-3+lenny1_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kghostview_3.5.5-3etch3_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-dbg_3.5.9-3+lenny1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kooka_3.5.9-3+lenny1_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kdvi_3.5.5-3etch3_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kruler_3.5.9-3+lenny1_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kgamma_3.5.9-3+lenny1_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kviewshell_3.5.9-3+lenny1_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan1_3.5.5-3etch3_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kviewshell_3.5.5-3etch3_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-dev_3.5.9-3+lenny1_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan1_3.5.5-3etch3_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-kfile-plugins_3.5.9-3+lenny1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-dbg_3.5.5-3etch3_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-kfile-plugins_3.5.9-3+lenny1_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan1_3.5.9-3+lenny1_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kviewshell_3.5.9-3+lenny1_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kpovmodeler_3.5.5-3etch3_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kfax_3.5.5-3etch3_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kfax_3.5.5-3etch3_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kiconedit_3.5.9-3+lenny1_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kuickshow_3.5.9-3+lenny1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kamera_3.5.9-3+lenny1_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kdvi_3.5.9-3+lenny1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kfax_3.5.9-3+lenny1_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kruler_3.5.9-3+lenny1_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-kfile-plugins_3.5.5-3etch3_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kooka_3.5.5-3etch3_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kgamma_3.5.9-3+lenny1_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kpovmodeler_3.5.9-3+lenny1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kolourpaint_3.5.5-3etch3_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan-dev_3.5.9-3+lenny1_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan1_3.5.9-3+lenny1_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kamera_3.5.5-3etch3_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kviewshell_3.5.5-3etch3_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kghostview_3.5.9-3+lenny1_armel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kooka_3.5.9-3+lenny1_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kiconedit_3.5.5-3etch3_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kamera_3.5.5-3etch3_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-kfile-plugins_3.5.5-3etch3_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-kfile-plugins_3.5.9-3+lenny1_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kpovmodeler_3.5.9-3+lenny1_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kgamma_3.5.5-3etch3_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan-dev_3.5.9-3+lenny1_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kpdf_3.5.9-3+lenny1_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kpdf_3.5.9-3+lenny1_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kview_3.5.9-3+lenny1_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-kfile-plugins_3.5.9-3+lenny1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kdvi_3.5.5-3etch3_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kpovmodeler_3.5.9-3+lenny1_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kuickshow_3.5.9-3+lenny1_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan1_3.5.5-3etch3_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kcoloredit_3.5.5-3etch3_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kview_3.5.5-3etch3_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kfax_3.5.9-3+lenny1_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics_3.5.9-3+lenny1_all.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kviewshell_3.5.5-3etch3_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kview_3.5.9-3+lenny1_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kamera_3.5.9-3+lenny1_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kolourpaint_3.5.5-3etch3_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kuickshow_3.5.5-3etch3_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kmrml_3.5.5-3etch3_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kolourpaint_3.5.5-3etch3_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kdvi_3.5.5-3etch3_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kiconedit_3.5.5-3etch3_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kfax_3.5.9-3+lenny1_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan-dev_3.5.5-3etch3_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kghostview_3.5.5-3etch3_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan-dev_3.5.5-3etch3_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kfaxview_3.5.9-3+lenny1_armel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kamera_3.5.9-3+lenny1_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kiconedit_3.5.5-3etch3_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kooka_3.5.9-3+lenny1_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kdvi_3.5.9-3+lenny1_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kpdf_3.5.9-3+lenny1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kpovmodeler_3.5.5-3etch3_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kmrml_3.5.9-3+lenny1_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kruler_3.5.9-3+lenny1_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics_3.5.9.orig.tar.gz"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kviewshell_3.5.9-3+lenny1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kuickshow_3.5.5-3etch3_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kuickshow_3.5.5-3etch3_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan1_3.5.9-3+lenny1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/ksvg_3.5.5-3etch3_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kooka_3.5.9-3+lenny1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kfax_3.5.9-3+lenny1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kruler_3.5.9-3+lenny1_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-dev_3.5.9-3+lenny1_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kiconedit_3.5.9-3+lenny1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kfaxview_3.5.9-3+lenny1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kcoloredit_3.5.5-3etch3_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-dbg_3.5.5-3etch3_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/ksvg_3.5.9-3+lenny1_armel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kpdf_3.5.5-3etch3_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kview_3.5.5-3etch3_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-dbg_3.5.9-3+lenny1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-kfile-plugins_3.5.5-3etch3_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kmrml_3.5.9-3+lenny1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kolourpaint_3.5.5-3etch3_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kpovmodeler_3.5.9-3+lenny1_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-dbg_3.5.9-3+lenny1_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/ksvg_3.5.5-3etch3_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kolourpaint_3.5.9-3+lenny1_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kiconedit_3.5.5-3etch3_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kfax_3.5.9-3+lenny1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kdvi_3.5.9-3+lenny1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kfax_3.5.9-3+lenny1_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kiconedit_3.5.5-3etch3_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kfax_3.5.9-3+lenny1_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kghostview_3.5.9-3+lenny1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kcoloredit_3.5.5-3etch3_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kuickshow_3.5.9-3+lenny1_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kfax_3.5.5-3etch3_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kfaxview_3.5.5-3etch3_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kview_3.5.5-3etch3_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kfax_3.5.5-3etch3_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan-dev_3.5.9-3+lenny1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kooka_3.5.5-3etch3_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kfax_3.5.9-3+lenny1_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kfax_3.5.9-3+lenny1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kmrml_3.5.9-3+lenny1_armel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kfaxview_3.5.9-3+lenny1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kdvi_3.5.5-3etch3_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kdvi_3.5.9-3+lenny1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kpdf_3.5.5-3etch3_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kolourpaint_3.5.9-3+lenny1_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kolourpaint_3.5.5-3etch3_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kuickshow_3.5.9-3+lenny1_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kpdf_3.5.9-3+lenny1_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kdvi_3.5.9-3+lenny1_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kmrml_3.5.5-3etch3_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kview_3.5.5-3etch3_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kpdf_3.5.9-3+lenny1_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kgamma_3.5.9-3+lenny1_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan-dev_3.5.9-3+lenny1_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/ksnapshot_3.5.9-3+lenny1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kgamma_3.5.5-3etch3_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kfaxview_3.5.9-3+lenny1_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/ksnapshot_3.5.9-3+lenny1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kview_3.5.5-3etch3_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/ksvg_3.5.5-3etch3_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kghostview_3.5.9-3+lenny1_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kiconedit_3.5.9-3+lenny1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kuickshow_3.5.9-3+lenny1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-dev_3.5.9-3+lenny1_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/ksvg_3.5.9-3+lenny1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kcoloredit_3.5.5-3etch3_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kghostview_3.5.9-3+lenny1_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kviewshell_3.5.5-3etch3_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-kfile-plugins_3.5.9-3+lenny1_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kpovmodeler_3.5.5-3etch3_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kolourpaint_3.5.5-3etch3_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kdegraphics/kghostview_3.5.5-3etch3_s390.deb"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-1183"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-1187"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-1180"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-0165"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-0800"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-3606"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-3608"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-1182"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-4653"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-3609"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3702"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3702"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-0166"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1790"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-3604"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-3603"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-2142"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1789"
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3703"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-1181"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-3607"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-1179"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-1188"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-3938"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1788"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/glsa/glsa-201310-03.xml"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3704"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3704"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-3605"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-4654"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-0146"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-0195"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-4654"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-0799"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-2142"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3703"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-4653"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-0147"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-0689"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-1725"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-1687"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-1698"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-1690"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-2537"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-1698"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-0689"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-2537"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-1687"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-2702"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-1690"
},
{
"trust": 0.1,
"url": "https://qa.mandriva.com/56485"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-1725"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-2702"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xpdf/xpdf_3.01-9.1+etch6_all.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xpdf/xpdf_3.02-1.4+lenny1_all.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.02-1.4+lenny1_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.01-9.1+etch6_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.01-9.1+etch6_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.01-9.1+etch6_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.02-1.4+lenny1_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.02-1.4+lenny1_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.01-9.1+etch6_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.02-1.4+lenny1_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.01-9.1+etch6_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.01-9.1+etch6_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.02-1.4+lenny1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.02-1.4+lenny1_armel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.02-1.4+lenny1_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xpdf/xpdf_3.02.orig.tar.gz"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.02-1.4+lenny1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.02-1.4+lenny1_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.01-9.1+etch6_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.02-1.4+lenny1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.01-9.1+etch6_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.02-1.4+lenny1_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.01-9.1+etch6_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.02-1.4+lenny1_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.02-1.4+lenny1_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.02-1.4+lenny1_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xpdf/xpdf_3.01.orig.tar.gz"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xpdf/xpdf-common_3.02-1.4+lenny1_all.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.02-1.4+lenny1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xpdf/xpdf_3.02-1.4+lenny1.dsc"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.02-1.4+lenny1_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.02-1.4+lenny1_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.01-9.1+etch6_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.02-1.4+lenny1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.01-9.1+etch6_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.02-1.4+lenny1_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.02-1.4+lenny1_armel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.01-9.1+etch6_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xpdf/xpdf_3.01-9.1+etch6.diff.gz"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.01-9.1+etch6_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xpdf/xpdf_3.02-1.4+lenny1.diff.gz"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.01-9.1+etch6_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xpdf/xpdf-common_3.01-9.1+etch6_all.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.01-9.1+etch6_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.02-1.4+lenny1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.01-9.1+etch6_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.01-9.1+etch6_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.01-9.1+etch6_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.01-9.1+etch6_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.02-1.4+lenny1_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.01-9.1+etch6_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xpdf/xpdf_3.01-9.1+etch6.dsc"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.02-1.4+lenny1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.02-1.4+lenny1_powerpc.deb"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#196617"
},
{
"db": "VULHUB",
"id": "VHN-38626"
},
{
"db": "VULMON",
"id": "CVE-2009-1180"
},
{
"db": "PACKETSTORM",
"id": "76918"
},
{
"db": "PACKETSTORM",
"id": "76751"
},
{
"db": "PACKETSTORM",
"id": "86958"
},
{
"db": "PACKETSTORM",
"id": "77313"
},
{
"db": "PACKETSTORM",
"id": "82087"
},
{
"db": "PACKETSTORM",
"id": "83554"
},
{
"db": "PACKETSTORM",
"id": "123523"
},
{
"db": "PACKETSTORM",
"id": "84482"
},
{
"db": "PACKETSTORM",
"id": "77279"
},
{
"db": "CNNVD",
"id": "CNNVD-200904-452"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-001264"
},
{
"db": "NVD",
"id": "CVE-2009-1180"
}
]
},
"sources": {
"_id": null,
"data": [
{
"db": "CERT/CC",
"id": "VU#196617",
"ident": null
},
{
"db": "VULHUB",
"id": "VHN-38626",
"ident": null
},
{
"db": "VULMON",
"id": "CVE-2009-1180",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "76918",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "76751",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "86958",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "77313",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "82087",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "83554",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "123523",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "84482",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "77279",
"ident": null
},
{
"db": "CNNVD",
"id": "CNNVD-200904-452",
"ident": null
},
{
"db": "JVNDB",
"id": "JVNDB-2009-001264",
"ident": null
},
{
"db": "NVD",
"id": "CVE-2009-1180",
"ident": null
}
]
},
"sources_release_date": {
"_id": null,
"data": [
{
"date": "2009-04-16T00:00:00",
"db": "CERT/CC",
"id": "VU#196617",
"ident": null
},
{
"date": "2009-04-23T00:00:00",
"db": "VULHUB",
"id": "VHN-38626",
"ident": null
},
{
"date": "2009-04-23T00:00:00",
"db": "VULMON",
"id": "CVE-2009-1180",
"ident": null
},
{
"date": "2009-04-22T21:36:03",
"db": "PACKETSTORM",
"id": "76918",
"ident": null
},
{
"date": "2009-04-16T22:44:57",
"db": "PACKETSTORM",
"id": "76751",
"ident": null
},
{
"date": "2010-03-06T15:35:47",
"db": "PACKETSTORM",
"id": "86958",
"ident": null
},
{
"date": "2009-05-07T03:53:50",
"db": "PACKETSTORM",
"id": "77313",
"ident": null
},
{
"date": "2009-10-21T02:57:54",
"db": "PACKETSTORM",
"id": "82087",
"ident": null
},
{
"date": "2009-12-08T01:31:40",
"db": "PACKETSTORM",
"id": "83554",
"ident": null
},
{
"date": "2013-10-07T22:31:57",
"db": "PACKETSTORM",
"id": "123523",
"ident": null
},
{
"date": "2009-12-30T22:10:19",
"db": "PACKETSTORM",
"id": "84482",
"ident": null
},
{
"date": "2009-05-05T22:51:02",
"db": "PACKETSTORM",
"id": "77279",
"ident": null
},
{
"date": "2009-04-23T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200904-452",
"ident": null
},
{
"date": "2009-05-28T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2009-001264",
"ident": null
},
{
"date": "2009-04-23T17:30:01.767000",
"db": "NVD",
"id": "CVE-2009-1180",
"ident": null
}
]
},
"sources_update_date": {
"_id": null,
"data": [
{
"date": "2012-03-28T00:00:00",
"db": "CERT/CC",
"id": "VU#196617",
"ident": null
},
{
"date": "2019-03-06T00:00:00",
"db": "VULHUB",
"id": "VHN-38626",
"ident": null
},
{
"date": "2019-03-06T00:00:00",
"db": "VULMON",
"id": "CVE-2009-1180",
"ident": null
},
{
"date": "2019-04-02T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200904-452",
"ident": null
},
{
"date": "2010-05-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2009-001264",
"ident": null
},
{
"date": "2025-04-09T00:30:58.490000",
"db": "NVD",
"id": "CVE-2009-1180",
"ident": null
}
]
},
"threat_type": {
"_id": null,
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200904-452"
}
],
"trust": 0.6
},
"title": {
"_id": null,
"data": "Xpdf and poppler contain multiple vulnerabilities in the processing of JBIG2 data",
"sources": [
{
"db": "CERT/CC",
"id": "VU#196617"
}
],
"trust": 0.8
},
"type": {
"_id": null,
"data": "resource management error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200904-452"
}
],
"trust": 0.6
}
}
VAR-201509-0003
Vulnerability from variot - Updated: 2026-04-10 22:29buffer.c in named in ISC BIND 9.x before 9.9.7-P3 and 9.10.x before 9.10.2-P4 allows remote attackers to cause a denial of service (assertion failure and daemon exit) by creating a zone containing a malformed DNSSEC key and issuing a query for a name in that zone. ISC BIND is prone to a remote denial-of-service vulnerability. Attackers can exploit this issue to crash the affected application, denying service to legitimate users. ISC BIND is a set of open source software that implements the DNS protocol maintained by the Internet Systems Consortium (ISC) company in the United States. A security vulnerability exists in the buffer.c file in named in versions 9.x prior to ISC BIND 9.9.7-P3 and 9.10.x prior to 9.10.2-P4.
Here are the details from the Slackware 14.1 ChangeLog: +--------------------------+ patches/packages/bind-9.9.7_P3-i486-1_slack14.1.txz: Upgraded. This update fixes two denial-of-service vulnerabilities: + CVE-2015-5722 is a denial-of-service vector which can be exploited remotely against a BIND server that is performing validation on DNSSEC-signed records. Validating recursive resolvers are at the greatest risk from this defect, but it has not been ruled out that it could be exploited against an authoritative-only nameserver under limited conditions. Servers that are not performing validation are not vulnerable. However, ISC does not recommend disabling validation as a workaround to this issue as it exposes the server to other types of attacks. Upgrading to the patched versions is the recommended solution. All versions of BIND since 9.0.0 are vulnerable to CVE-2015-5722. Validation is not required. Recursive resolvers are at the greatest risk from this defect, but it has not been ruled out that it could be exploited against an authoritative-only nameserver under limited conditions. Only versions of BIND since 9.9.7 and 9.10.2 are vulnerable to CVE-2015-5986. For more information, see: https://kb.isc.org/article/AA-01287/0 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5722 https://kb.isc.org/article/AA-01291/0 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5986 ( Security fix ) +--------------------------+
Where to find the new packages: +-----------------------------+
Thanks to the friendly folks at the OSU Open Source Lab (http://osuosl.org) for donating FTP and rsync hosting to the Slackware project! :-)
Also see the "Get Slack" section on http://slackware.com for additional mirror sites near you.
Updated package for Slackware 13.0: ftp://ftp.slackware.com/pub/slackware/slackware-13.0/patches/packages/bind-9.9.7_P3-i486-1_slack13.0.txz
Updated package for Slackware x86_64 13.0: ftp://ftp.slackware.com/pub/slackware/slackware64-13.0/patches/packages/bind-9.9.7_P3-x86_64-1_slack13.0.txz
Updated package for Slackware 13.1: ftp://ftp.slackware.com/pub/slackware/slackware-13.1/patches/packages/bind-9.9.7_P3-i486-1_slack13.1.txz
Updated package for Slackware x86_64 13.1: ftp://ftp.slackware.com/pub/slackware/slackware64-13.1/patches/packages/bind-9.9.7_P3-x86_64-1_slack13.1.txz
Updated package for Slackware 13.37: ftp://ftp.slackware.com/pub/slackware/slackware-13.37/patches/packages/bind-9.9.7_P3-i486-1_slack13.37.txz
Updated package for Slackware x86_64 13.37: ftp://ftp.slackware.com/pub/slackware/slackware64-13.37/patches/packages/bind-9.9.7_P3-x86_64-1_slack13.37.txz
Updated package for Slackware 14.0: ftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/bind-9.9.7_P3-i486-1_slack14.0.txz
Updated package for Slackware x86_64 14.0: ftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/bind-9.9.7_P3-x86_64-1_slack14.0.txz
Updated package for Slackware 14.1: ftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/bind-9.9.7_P3-i486-1_slack14.1.txz
Updated package for Slackware x86_64 14.1: ftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/bind-9.9.7_P3-x86_64-1_slack14.1.txz
Updated package for Slackware -current: ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/bind-9.10.2_P4-i586-1.txz
Updated package for Slackware x86_64 -current: ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/bind-9.10.2_P4-x86_64-1.txz
MD5 signatures: +-------------+
Slackware 13.0 package: 627f6c6827eca24776d790166801de25 bind-9.9.7_P3-i486-1_slack13.0.txz
Slackware x86_64 13.0 package: 49082f50322af84efe8d91459599b837 bind-9.9.7_P3-x86_64-1_slack13.0.txz
Slackware 13.1 package: 4dd375df46e84dbecb9f296e2fec692a bind-9.9.7_P3-i486-1_slack13.1.txz
Slackware x86_64 13.1 package: 90b4376b145544d9a63c28dcb891ca47 bind-9.9.7_P3-x86_64-1_slack13.1.txz
Slackware 13.37 package: 181ce9e11eb9d909c5c06b8ddd5bb1b5 bind-9.9.7_P3-i486-1_slack13.37.txz
Slackware x86_64 13.37 package: 368f7a3b977865b0132bdcd129e70813 bind-9.9.7_P3-x86_64-1_slack13.37.txz
Slackware 14.0 package: 3bb80a54fb5d0f76d17ef33cf06a074d bind-9.9.7_P3-i486-1_slack14.0.txz
Slackware x86_64 14.0 package: d77b36e48e2c033ffa9d99816979304f bind-9.9.7_P3-x86_64-1_slack14.0.txz
Slackware 14.1 package: ada9c70208885b4c7904364e040360f9 bind-9.9.7_P3-i486-1_slack14.1.txz
Slackware x86_64 14.1 package: a78fbe27ba2834d2918fa26ce96d5083 bind-9.9.7_P3-x86_64-1_slack14.1.txz
Slackware -current package: 450614c08d5fac56c8d2701394d1af50 n/bind-9.10.2_P4-i586-1.txz
Slackware x86_64 -current package: 32e680d6bce8dac3ad5ba54958f68f95 n/bind-9.10.2_P4-x86_64-1.txz
Installation instructions: +------------------------+
Upgrade the package as root:
upgradepkg bind-9.9.7_P3-i486-1_slack14.1.txz
Then, restart the name server:
/etc/rc.d/rc.bind restart
+-----+
Slackware Linux Security Team http://slackware.com/gpg-key security@slackware.com
+------------------------------------------------------------------------+ | To leave the slackware-security mailing list: | +------------------------------------------------------------------------+ | Send an email to majordomo@slackware.com with this text in the body of | | the email message: | | | | unsubscribe slackware-security | | | | You will get a confirmation message back containing instructions to | | complete the process. Please do not reply to this email address.
Updates for the oldstable distribution (wheezy) will be released shortly.
For the stable distribution (jessie), this problem has been fixed in version 9.9.5.dfsg-9+deb8u3.
For the unstable distribution (sid), this problem will be fixed soon.
We recommend that you upgrade your bind9 packages.
Release Date: 2015-12-16 Last Updated: 2015-12-16
Potential Security Impact: Remote Denial of Service (DoS)
Source: Hewlett Packard Enterprise, Product Security Response Team
VULNERABILITY SUMMARY Potential security vulnerabilities have been identified in the HP-UX BIND service running named. The vulnerabilities could be exploited remotely to create a Denial of Service (DoS).
References:
CVE-2015-5722 CVE-2015-8000 PSRT102967
SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. BIND for HP-UX Release B.11.11 9.3.2 named prior to C.9.3.2.15.0
BACKGROUND
CVSS 2.0 Base Metrics
Reference Base Vector Base Score CVE-2015-5722 (AV:N/AC:L/Au:N/C:N/I:N/A:C) 7.8 CVE-2015-8000 (AV:N/AC:M/Au:N/C:N/I:N/A:C) 7.1 =========================================================== Information on CVSS is documented in HP Customer Notice: HPSN-2008-002
RESOLUTION
HP has provided the following software updates to resolve the vulnerabilities in the HP-UX BIND service running named.
-
BIND 9.3.2 for HP-UX Release B.11.11
Depot: HP_UX_11.11_DNSUPGRADE_C.9.3.2.15.0_HP-UX_B.11.11_32_64
Note: The depot files can be found here:
https://h20392.www2.hp.com/portal/swdepot/displayProductInfo.do?productNu
mber=BIND
MANUAL ACTIONS: Yes - Update Download and install the software update
PRODUCT SPECIFIC INFORMATION HP-UX Software Assistant: HP-UX Software Assistant is an enhanced application that replaces HP-UX Security Patch Check. It analyzes all Security Bulletins issued by HP and lists recommended actions that may apply to a specific HP-UX system. It can also download patches and create a depot automatically. For more information see: https://www.hp.com/go/swa
The following text is for use by the HP-UX Software Assistant.
AFFECTED VERSIONS
For BIND 9.3.2 HP-UX B.11.11 =================== BindUpgrade.BIND-UPGRADE BindUpgrade.BIND2-UPGRADE action: install revision C.9.3.2.15.0 or subsequent
END AFFECTED VERSIONS
HISTORY Version:1 (rev.1) - 16 December 2015 Initial release
Third Party Security Patches: Third party security patches that are to be installed on systems running Hewlett Packard Enterprise (HPE) software products should be applied in accordance with the customer's patch management policy.
Support: For issues about implementing the recommendations of this Security Bulletin, contact normal HPE Services support channel. For other issues about the content of this Security Bulletin, send e-mail to security-alert@hpe.com.
Report: To report a potential security vulnerability with any HPE supported product, send Email to: security-alert@hpe.com
Subscribe: To initiate a subscription to receive future HPE Security Bulletin alerts via Email: http://www.hpe.com/support/Subscriber_Choice
Security Bulletin Archive: A list of recently released Security Bulletins is available here: http://www.hpe.com/support/Security_Bulletin_Archive
Software Product Category: The Software Product Category is represented in the title by the two characters following HPSB.
3C = 3COM 3P = 3rd Party Software GN = HPE General Software HF = HPE Hardware and Firmware MU = Multi-Platform Software NS = NonStop Servers OV = OpenVMS PV = ProCurve ST = Storage Software UX = HP-UX
Copyright 2015 Hewlett Packard Enterprise
Hewlett Packard Enterprise shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett Packard Enterprise and the names of Hewlett Packard Enterprise products referenced herein are trademarks of Hewlett Packard Enterprise in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
===================================================================== Red Hat Security Advisory
Synopsis: Important: bind security update Advisory ID: RHSA-2016:0078-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2016-0078.html Issue date: 2016-01-28 CVE Names: CVE-2014-8500 CVE-2015-5477 CVE-2015-5722 CVE-2015-8000 =====================================================================
- Summary:
Updated bind packages that fix multiple security issues are now available for Red Hat Enterprise Linux 6.4 and 6.5 Advanced Update Support.
Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.
- Relevant releases/architectures:
Red Hat Enterprise Linux Server AUS (v. 6.4) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server AUS (v. 6.5) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server Optional AUS (v. 6.4) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server Optional AUS (v. 6.5) - i386, ppc64, s390x, x86_64
- Description:
The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly.
A denial of service flaw was found in the way BIND followed DNS delegations. A remote attacker could use a specially crafted zone containing a large number of referrals which, when looked up and processed, would cause named to use excessive amounts of memory or crash. (CVE-2014-8500)
A flaw was found in the way BIND handled requests for TKEY DNS resource records. A remote attacker could use this flaw to make named (functioning as an authoritative DNS server or a DNS resolver) exit unexpectedly with an assertion failure via a specially crafted DNS request packet. (CVE-2015-5477)
A denial of service flaw was found in the way BIND parsed certain malformed DNSSEC keys. (CVE-2015-5722)
A denial of service flaw was found in the way BIND processed certain records with malformed class attributes. A remote attacker could use this flaw to send a query to request a cached record with a malformed class attribute that would cause named functioning as an authoritative or recursive server to crash. (CVE-2015-8000)
Note: This issue affects authoritative servers as well as recursive servers, however authoritative servers are at limited risk if they perform authentication when making recursive queries to resolve addresses for servers listed in NS RRSETs.
Red Hat would like to thank ISC for reporting the CVE-2015-5477, CVE-2015-5722, and CVE-2015-8000 issues. Upstream acknowledges Jonathan Foote as the original reporter of CVE-2015-5477, and Hanno Böck as the original reporter of CVE-2015-5722.
All bind users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. After installing the update, the BIND daemon (named) will be restarted automatically.
- Solution:
Before applying this update, make sure all previously released errata relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
- Package List:
Red Hat Enterprise Linux Server AUS (v. 6.4):
Source: bind-9.8.2-0.17.rc1.el6_4.7.src.rpm
i386: bind-9.8.2-0.17.rc1.el6_4.7.i686.rpm bind-chroot-9.8.2-0.17.rc1.el6_4.7.i686.rpm bind-debuginfo-9.8.2-0.17.rc1.el6_4.7.i686.rpm bind-libs-9.8.2-0.17.rc1.el6_4.7.i686.rpm bind-utils-9.8.2-0.17.rc1.el6_4.7.i686.rpm
ppc64: bind-9.8.2-0.17.rc1.el6_4.7.ppc64.rpm bind-chroot-9.8.2-0.17.rc1.el6_4.7.ppc64.rpm bind-debuginfo-9.8.2-0.17.rc1.el6_4.7.ppc.rpm bind-debuginfo-9.8.2-0.17.rc1.el6_4.7.ppc64.rpm bind-libs-9.8.2-0.17.rc1.el6_4.7.ppc.rpm bind-libs-9.8.2-0.17.rc1.el6_4.7.ppc64.rpm bind-utils-9.8.2-0.17.rc1.el6_4.7.ppc64.rpm
s390x: bind-9.8.2-0.17.rc1.el6_4.7.s390x.rpm bind-chroot-9.8.2-0.17.rc1.el6_4.7.s390x.rpm bind-debuginfo-9.8.2-0.17.rc1.el6_4.7.s390.rpm bind-debuginfo-9.8.2-0.17.rc1.el6_4.7.s390x.rpm bind-libs-9.8.2-0.17.rc1.el6_4.7.s390.rpm bind-libs-9.8.2-0.17.rc1.el6_4.7.s390x.rpm bind-utils-9.8.2-0.17.rc1.el6_4.7.s390x.rpm
x86_64: bind-9.8.2-0.17.rc1.el6_4.7.x86_64.rpm bind-chroot-9.8.2-0.17.rc1.el6_4.7.x86_64.rpm bind-debuginfo-9.8.2-0.17.rc1.el6_4.7.i686.rpm bind-debuginfo-9.8.2-0.17.rc1.el6_4.7.x86_64.rpm bind-libs-9.8.2-0.17.rc1.el6_4.7.i686.rpm bind-libs-9.8.2-0.17.rc1.el6_4.7.x86_64.rpm bind-utils-9.8.2-0.17.rc1.el6_4.7.x86_64.rpm
Red Hat Enterprise Linux Server AUS (v. 6.5):
Source: bind-9.8.2-0.23.rc1.el6_5.2.src.rpm
i386: bind-9.8.2-0.23.rc1.el6_5.2.i686.rpm bind-chroot-9.8.2-0.23.rc1.el6_5.2.i686.rpm bind-debuginfo-9.8.2-0.23.rc1.el6_5.2.i686.rpm bind-libs-9.8.2-0.23.rc1.el6_5.2.i686.rpm bind-utils-9.8.2-0.23.rc1.el6_5.2.i686.rpm
ppc64: bind-9.8.2-0.23.rc1.el6_5.2.ppc64.rpm bind-chroot-9.8.2-0.23.rc1.el6_5.2.ppc64.rpm bind-debuginfo-9.8.2-0.23.rc1.el6_5.2.ppc.rpm bind-debuginfo-9.8.2-0.23.rc1.el6_5.2.ppc64.rpm bind-libs-9.8.2-0.23.rc1.el6_5.2.ppc.rpm bind-libs-9.8.2-0.23.rc1.el6_5.2.ppc64.rpm bind-utils-9.8.2-0.23.rc1.el6_5.2.ppc64.rpm
s390x: bind-9.8.2-0.23.rc1.el6_5.2.s390x.rpm bind-chroot-9.8.2-0.23.rc1.el6_5.2.s390x.rpm bind-debuginfo-9.8.2-0.23.rc1.el6_5.2.s390.rpm bind-debuginfo-9.8.2-0.23.rc1.el6_5.2.s390x.rpm bind-libs-9.8.2-0.23.rc1.el6_5.2.s390.rpm bind-libs-9.8.2-0.23.rc1.el6_5.2.s390x.rpm bind-utils-9.8.2-0.23.rc1.el6_5.2.s390x.rpm
x86_64: bind-9.8.2-0.23.rc1.el6_5.2.x86_64.rpm bind-chroot-9.8.2-0.23.rc1.el6_5.2.x86_64.rpm bind-debuginfo-9.8.2-0.23.rc1.el6_5.2.i686.rpm bind-debuginfo-9.8.2-0.23.rc1.el6_5.2.x86_64.rpm bind-libs-9.8.2-0.23.rc1.el6_5.2.i686.rpm bind-libs-9.8.2-0.23.rc1.el6_5.2.x86_64.rpm bind-utils-9.8.2-0.23.rc1.el6_5.2.x86_64.rpm
Red Hat Enterprise Linux Server Optional AUS (v. 6.4):
Source: bind-9.8.2-0.17.rc1.el6_4.7.src.rpm
i386: bind-debuginfo-9.8.2-0.17.rc1.el6_4.7.i686.rpm bind-devel-9.8.2-0.17.rc1.el6_4.7.i686.rpm bind-sdb-9.8.2-0.17.rc1.el6_4.7.i686.rpm
ppc64: bind-debuginfo-9.8.2-0.17.rc1.el6_4.7.ppc.rpm bind-debuginfo-9.8.2-0.17.rc1.el6_4.7.ppc64.rpm bind-devel-9.8.2-0.17.rc1.el6_4.7.ppc.rpm bind-devel-9.8.2-0.17.rc1.el6_4.7.ppc64.rpm bind-sdb-9.8.2-0.17.rc1.el6_4.7.ppc64.rpm
s390x: bind-debuginfo-9.8.2-0.17.rc1.el6_4.7.s390.rpm bind-debuginfo-9.8.2-0.17.rc1.el6_4.7.s390x.rpm bind-devel-9.8.2-0.17.rc1.el6_4.7.s390.rpm bind-devel-9.8.2-0.17.rc1.el6_4.7.s390x.rpm bind-sdb-9.8.2-0.17.rc1.el6_4.7.s390x.rpm
x86_64: bind-debuginfo-9.8.2-0.17.rc1.el6_4.7.i686.rpm bind-debuginfo-9.8.2-0.17.rc1.el6_4.7.x86_64.rpm bind-devel-9.8.2-0.17.rc1.el6_4.7.i686.rpm bind-devel-9.8.2-0.17.rc1.el6_4.7.x86_64.rpm bind-sdb-9.8.2-0.17.rc1.el6_4.7.x86_64.rpm
Red Hat Enterprise Linux Server Optional AUS (v. 6.5):
Source: bind-9.8.2-0.23.rc1.el6_5.2.src.rpm
i386: bind-debuginfo-9.8.2-0.23.rc1.el6_5.2.i686.rpm bind-devel-9.8.2-0.23.rc1.el6_5.2.i686.rpm bind-sdb-9.8.2-0.23.rc1.el6_5.2.i686.rpm
ppc64: bind-debuginfo-9.8.2-0.23.rc1.el6_5.2.ppc.rpm bind-debuginfo-9.8.2-0.23.rc1.el6_5.2.ppc64.rpm bind-devel-9.8.2-0.23.rc1.el6_5.2.ppc.rpm bind-devel-9.8.2-0.23.rc1.el6_5.2.ppc64.rpm bind-sdb-9.8.2-0.23.rc1.el6_5.2.ppc64.rpm
s390x: bind-debuginfo-9.8.2-0.23.rc1.el6_5.2.s390.rpm bind-debuginfo-9.8.2-0.23.rc1.el6_5.2.s390x.rpm bind-devel-9.8.2-0.23.rc1.el6_5.2.s390.rpm bind-devel-9.8.2-0.23.rc1.el6_5.2.s390x.rpm bind-sdb-9.8.2-0.23.rc1.el6_5.2.s390x.rpm
x86_64: bind-debuginfo-9.8.2-0.23.rc1.el6_5.2.i686.rpm bind-debuginfo-9.8.2-0.23.rc1.el6_5.2.x86_64.rpm bind-devel-9.8.2-0.23.rc1.el6_5.2.i686.rpm bind-devel-9.8.2-0.23.rc1.el6_5.2.x86_64.rpm bind-sdb-9.8.2-0.23.rc1.el6_5.2.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/
- References:
https://access.redhat.com/security/cve/CVE-2014-8500 https://access.redhat.com/security/cve/CVE-2015-5477 https://access.redhat.com/security/cve/CVE-2015-5722 https://access.redhat.com/security/cve/CVE-2015-8000 https://access.redhat.com/security/updates/classification/#important https://kb.isc.org/article/AA-01216 https://kb.isc.org/article/AA-01272 https://kb.isc.org/article/AA-01287 https://kb.isc.org/article/AA-01317
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2016 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iD8DBQFWqhylXlSAg2UNWIIRAqZ/AKCoKFjvPavmvpq8cC3SSEMtpGtycQCfShgo 0jc/9uvkc44V3h5ZDR/fILQ= =90gw -----END PGP SIGNATURE-----
-- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce.
Affected packages
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 net-dns/bind < 9.10.2_p4 >= 9.10.2_p4
Description
A vulnerability has been discovered in BIND's named utility leading to a Denial of Service condition.
Impact
A remote attacker may be able to cause Denial of Service condition via specially constructed zone data.
Workaround
There is no known workaround at this time.
Resolution
All BIND users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=net-dns/bind-9.10.2_p4"
References
[ 1 ] CVE-2015-1349 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-1349 [ 2 ] CVE-2015-4620 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-4620 [ 3 ] CVE-2015-5477 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5477 [ 4 ] CVE-2015-5722 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5722 [ 5 ] CVE-2015-5986 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5986
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
https://security.gentoo.org/glsa/201510-01
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2015 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
Show details on source website{
"affected_products": {
"_id": null,
"data": [
{
"_id": null,
"model": "bind",
"scope": "lte",
"trust": 1.0,
"vendor": "isc",
"version": "9.9.7"
},
{
"_id": null,
"model": "bind",
"scope": "lte",
"trust": 1.0,
"vendor": "isc",
"version": "9.10.2"
},
{
"_id": null,
"model": "mac os x server",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "5.0.15"
},
{
"_id": null,
"model": "bind",
"scope": "eq",
"trust": 0.6,
"vendor": "isc",
"version": "9.9.7"
},
{
"_id": null,
"model": "bind",
"scope": "eq",
"trust": 0.6,
"vendor": "isc",
"version": "9.10.2"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "15.04"
},
{
"_id": null,
"model": "linux lts",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "14.04"
},
{
"_id": null,
"model": "linux lts i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "12.04"
},
{
"_id": null,
"model": "linux lts amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "12.04"
},
{
"_id": null,
"model": "linux enterprise server sp4 ltss",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"_id": null,
"model": "opensuse evergreen",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11.4"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "14.1"
},
{
"_id": null,
"model": "linux x86 64 -current",
"scope": null,
"trust": 0.3,
"vendor": "slackware",
"version": null
},
{
"_id": null,
"model": "linux x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "14.1"
},
{
"_id": null,
"model": "linux x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "14.0"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "14.0"
},
{
"_id": null,
"model": "linux x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "13.37"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "13.37"
},
{
"_id": null,
"model": "linux x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "13.1"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "13.1"
},
{
"_id": null,
"model": "linux x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "13.0"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "13.0"
},
{
"_id": null,
"model": "linux -current",
"scope": null,
"trust": 0.3,
"vendor": "slackware",
"version": null
},
{
"_id": null,
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "13.2"
},
{
"_id": null,
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "13.1"
},
{
"_id": null,
"model": "enterprise linux workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7"
},
{
"_id": null,
"model": "enterprise linux workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"_id": null,
"model": "enterprise linux server",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7"
},
{
"_id": null,
"model": "enterprise linux server",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"_id": null,
"model": "enterprise linux hpc node",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7"
},
{
"_id": null,
"model": "enterprise linux hpc node",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"_id": null,
"model": "enterprise linux desktop workstation client",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"_id": null,
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7"
},
{
"_id": null,
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"_id": null,
"model": "enterprise linux desktop client",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"_id": null,
"model": "enterprise linux server",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"_id": null,
"model": "vm server for",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "x863.4"
},
{
"_id": null,
"model": "vm server for",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "x863.3"
},
{
"_id": null,
"model": "vm server for",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "x863.2"
},
{
"_id": null,
"model": "solaris",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "11.2"
},
{
"_id": null,
"model": "solaris",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "7"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5"
},
{
"_id": null,
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.6"
},
{
"_id": null,
"model": "bind p3",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.5.1"
},
{
"_id": null,
"model": "bind p1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.5.1"
},
{
"_id": null,
"model": "bind a2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.5"
},
{
"_id": null,
"model": "bind a1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.5"
},
{
"_id": null,
"model": "bind p3",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4.3"
},
{
"_id": null,
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4.3"
},
{
"_id": null,
"model": "bind -p1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4.1"
},
{
"_id": null,
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4.1"
},
{
"_id": null,
"model": "bind rc2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"_id": null,
"model": "bind rc1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"_id": null,
"model": "bind b4",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"_id": null,
"model": "bind b2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"_id": null,
"model": "bind b1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"_id": null,
"model": "bind a6",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"_id": null,
"model": "bind a5",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"_id": null,
"model": "bind a4",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"_id": null,
"model": "bind a3",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"_id": null,
"model": "bind a2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"_id": null,
"model": "bind a1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"_id": null,
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"_id": null,
"model": "bind p1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.6"
},
{
"_id": null,
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.6"
},
{
"_id": null,
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.5"
},
{
"_id": null,
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.4"
},
{
"_id": null,
"model": "bind rc3",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"_id": null,
"model": "bind rc2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"_id": null,
"model": "bind rc1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"_id": null,
"model": "bind b1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"_id": null,
"model": "bind b",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"_id": null,
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"_id": null,
"model": "bind -p2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.2"
},
{
"_id": null,
"model": "bind -p1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.2"
},
{
"_id": null,
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.2"
},
{
"_id": null,
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3"
},
{
"_id": null,
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.8"
},
{
"_id": null,
"model": "bind rc3",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.7"
},
{
"_id": null,
"model": "bind rc2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.7"
},
{
"_id": null,
"model": "bind rc1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.7"
},
{
"_id": null,
"model": "bind b1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.7"
},
{
"_id": null,
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.7"
},
{
"_id": null,
"model": "bind -p2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.6"
},
{
"_id": null,
"model": "bind -p1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.6"
},
{
"_id": null,
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.6"
},
{
"_id": null,
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.5"
},
{
"_id": null,
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.4"
},
{
"_id": null,
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.3"
},
{
"_id": null,
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.2"
},
{
"_id": null,
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.1"
},
{
"_id": null,
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2"
},
{
"_id": null,
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.1.3"
},
{
"_id": null,
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.1.2"
},
{
"_id": null,
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.1.1"
},
{
"_id": null,
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.1"
},
{
"_id": null,
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.0.1"
},
{
"_id": null,
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.0"
},
{
"_id": null,
"model": "bind 9.7.1-p2",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"_id": null,
"model": "bind p1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.7.1"
},
{
"_id": null,
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.7.1"
},
{
"_id": null,
"model": "bind p2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.7.0"
},
{
"_id": null,
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.7.0"
},
{
"_id": null,
"model": "bind 9.6.1-p3",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"_id": null,
"model": "bind 9.6.1-p2",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"_id": null,
"model": "bind 9.6.0-p1",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"_id": null,
"model": "bind 9.5.2-p2",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"_id": null,
"model": "bind 9.5.2-p1",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"_id": null,
"model": "bind 9.5.1b1",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"_id": null,
"model": "bind 9.5.0b2",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"_id": null,
"model": "bind 9.5.0b1",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"_id": null,
"model": "bind 9.5.0a7",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"_id": null,
"model": "bind 9.5.0a6",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"_id": null,
"model": "bind 9.5.0a5",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"_id": null,
"model": "bind 9.5.0a4",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"_id": null,
"model": "bind 9.5.0a3",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"_id": null,
"model": "bind 9.5.0-p2-w2",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"_id": null,
"model": "bind 9.5.0-p2-w1",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"_id": null,
"model": "bind 9.5.0-p2",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"_id": null,
"model": "bind 9.4.3b2",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"_id": null,
"model": "bind 9.4.3-p5",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"_id": null,
"model": "bind 9.4.3-p4",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"_id": null,
"model": "bind 9.4.3-p1",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"_id": null,
"model": "bind 9.4.2-p2-w2",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"_id": null,
"model": "bind 9.4.2-p2-w1",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"_id": null,
"model": "bind 9.4.2-p2",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"_id": null,
"model": "bind 9.3.5-p2-w1",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"_id": null,
"model": "bind 9.3.5-p2",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.3"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.14"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.4.0"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.3.50"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.3.4"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.3.3"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.3.2"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.3.0"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.2.6"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.2.5"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.2.4"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.2.0"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.1.9"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.1.8"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.1.3"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.1.1"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.1.0"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.0.13"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.0.12"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.0.11"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.0.10"
},
{
"_id": null,
"model": "smartcloud provisioning",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.13"
},
{
"_id": null,
"model": "smartcloud provisioning",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.12"
},
{
"_id": null,
"model": "smartcloud provisioning",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1.0.1"
},
{
"_id": null,
"model": "smartcloud provisioning",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1.0"
},
{
"_id": null,
"model": "smart analytics system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5600v39.7"
},
{
"_id": null,
"model": "smart analytics system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5600v310.1"
},
{
"_id": null,
"model": "smart analytics system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5600v29.7"
},
{
"_id": null,
"model": "smart analytics system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5600v210.1"
},
{
"_id": null,
"model": "smart analytics system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5600v19.7"
},
{
"_id": null,
"model": "smart analytics system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5600v110.1"
},
{
"_id": null,
"model": "security proventia network enterprise scanner",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.3"
},
{
"_id": null,
"model": "netezza host management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.9.0"
},
{
"_id": null,
"model": "netezza host management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.8.0"
},
{
"_id": null,
"model": "netezza host management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.7.0"
},
{
"_id": null,
"model": "netezza host management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.6.0"
},
{
"_id": null,
"model": "netezza host management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.3"
},
{
"_id": null,
"model": "netezza host management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.2.0"
},
{
"_id": null,
"model": "lotus protector for mail security",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.80"
},
{
"_id": null,
"model": "lotus protector for mail security",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.8.1.0"
},
{
"_id": null,
"model": "i",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2"
},
{
"_id": null,
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1"
},
{
"_id": null,
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1"
},
{
"_id": null,
"model": "vcx",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "9.8.17"
},
{
"_id": null,
"model": "hp-ux b.11.31.09",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "hp-ux b.11.31.08",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "hp-ux b.11.31.06",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "hp-ux b.11.31",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "hp-ux b.11.23",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"_id": null,
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.9"
},
{
"_id": null,
"model": "-prerelease",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.9"
},
{
"_id": null,
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.9"
},
{
"_id": null,
"model": "9.3-release-p9",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.3-release-p6",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.3-release-p5",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.3-release-p3",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.3-release-p24",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.3-release-p22",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.3-release-p21",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.3-release-p2",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.3-release-p13",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.3-release-p10",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.3-release-p1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.3-rc3-p1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.3-rc2-p1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.3-rc2",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.3-rc1-p2",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.3-rc",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.3-prerelease",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.3-beta3-p2",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.3-beta1-p2",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.3-beta1-p1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.3-beta1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "9.3"
},
{
"_id": null,
"model": "9.2-stable",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.2-releng",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.2-release-p9",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.2-release-p8",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.2-release-p7",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.2-release-p5",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.2-release-p4",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.2-release-p3",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.2-release-p16",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.2-release-p15",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.2-release-p13",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.2-release-p12",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.2-release-p11",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.2-release-p10",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.2-rc3-p1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.2-rc2-p2",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.2-rc2",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.2-rc1-p2",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.2-rc1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "rc2",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "9.2"
},
{
"_id": null,
"model": "rc1",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "9.2"
},
{
"_id": null,
"model": "prerelease",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "9.2"
},
{
"_id": null,
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "9.2"
},
{
"_id": null,
"model": "9.1-stable",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.1-releng",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.1-release-p7",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.1-release-p3",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.1-release-p23",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.1-release-p22",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.1-release-p20",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.1-release-p19",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.1-release-p18",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.1-release-p17",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.1-release-p16",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.1-release-p15",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.1-release-p14",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.1-release-p12",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.1-release-p11",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.1-release-p10",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.1-release-p1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.1-rc2",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.1-rc1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.1--releng",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "release-p5",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "9.1"
},
{
"_id": null,
"model": "release-p4",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "9.1"
},
{
"_id": null,
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "9.1"
},
{
"_id": null,
"model": "9.0-stable",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.0-releng",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.0-release-p6",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.0-release",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.0-rc3",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.0-rc1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.0--releng",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "9.0"
},
{
"_id": null,
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "linux s/390",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "linux mips",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "linux ia-64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "linux ia-32",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "centos",
"scope": "eq",
"trust": 0.3,
"vendor": "centos",
"version": "6"
},
{
"_id": null,
"model": "centos",
"scope": "eq",
"trust": 0.3,
"vendor": "centos",
"version": "5"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x5.0.3"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x4.1.5"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x3.2.2"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x3.2.1"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x3.1.2"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x2.2.5"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x2.2.3"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x2.2.2"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x2.2.1"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x2.1.1"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x4.1"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x4.0"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x3.2"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x3.0"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x2.1"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x2.0"
},
{
"_id": null,
"model": "alienvault",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "5.0.4"
},
{
"_id": null,
"model": "alienvault",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "5.1"
},
{
"_id": null,
"model": "alienvault",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "5.0"
},
{
"_id": null,
"model": "alienvault",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.15.2"
},
{
"_id": null,
"model": "alienvault",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.15.1"
},
{
"_id": null,
"model": "alienvault",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.15"
},
{
"_id": null,
"model": "alienvault",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.14"
},
{
"_id": null,
"model": "alienvault",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.13"
},
{
"_id": null,
"model": "alienvault",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.12.1"
},
{
"_id": null,
"model": "alienvault",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.12"
},
{
"_id": null,
"model": "netezza host management",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.10.0"
},
{
"_id": null,
"model": "vcx",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "9.8.18"
},
{
"_id": null,
"model": "hp-ux c.9.7.3.8.0",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "9.3-stable",
"scope": "ne",
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.3-release-p25",
"scope": "ne",
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "mac os server",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "x5.0.15"
},
{
"_id": null,
"model": "alienvault",
"scope": "ne",
"trust": 0.3,
"vendor": "alienvault",
"version": "5.2"
}
],
"sources": [
{
"db": "BID",
"id": "76605"
},
{
"db": "CNNVD",
"id": "CNNVD-201509-057"
},
{
"db": "NVD",
"id": "CVE-2015-5722"
}
]
},
"credits": {
"_id": null,
"data": "Hanno B\u0026amp;amp;amp;amp;amp;amp;amp;ouml;ck from the Fuzzing Project",
"sources": [
{
"db": "BID",
"id": "76605"
}
],
"trust": 0.3
},
"cve": "CVE-2015-5722",
"cvss": {
"_id": null,
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CVE-2015-5722",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 1.1,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "VHN-83683",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2015-5722",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201509-057",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-83683",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2015-5722",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-83683"
},
{
"db": "VULMON",
"id": "CVE-2015-5722"
},
{
"db": "CNNVD",
"id": "CNNVD-201509-057"
},
{
"db": "NVD",
"id": "CVE-2015-5722"
}
]
},
"description": {
"_id": null,
"data": "buffer.c in named in ISC BIND 9.x before 9.9.7-P3 and 9.10.x before 9.10.2-P4 allows remote attackers to cause a denial of service (assertion failure and daemon exit) by creating a zone containing a malformed DNSSEC key and issuing a query for a name in that zone. ISC BIND is prone to a remote denial-of-service vulnerability. \nAttackers can exploit this issue to crash the affected application, denying service to legitimate users. ISC BIND is a set of open source software that implements the DNS protocol maintained by the Internet Systems Consortium (ISC) company in the United States. A security vulnerability exists in the buffer.c file in named in versions 9.x prior to ISC BIND 9.9.7-P3 and 9.10.x prior to 9.10.2-P4. \n\n\nHere are the details from the Slackware 14.1 ChangeLog:\n+--------------------------+\npatches/packages/bind-9.9.7_P3-i486-1_slack14.1.txz: Upgraded. \n This update fixes two denial-of-service vulnerabilities:\n + CVE-2015-5722 is a denial-of-service vector which can be\n exploited remotely against a BIND server that is performing\n validation on DNSSEC-signed records. Validating recursive\n resolvers are at the greatest risk from this defect, but it has not\n been ruled out that it could be exploited against an\n authoritative-only nameserver under limited conditions. Servers\n that are not performing validation are not vulnerable. However,\n ISC does not recommend disabling validation as a workaround to\n this issue as it exposes the server to other types of attacks. \n Upgrading to the patched versions is the recommended solution. \n All versions of BIND since 9.0.0 are vulnerable to CVE-2015-5722. Validation\n is not required. Recursive resolvers are at the greatest risk\n from this defect, but it has not been ruled out that it could\n be exploited against an authoritative-only nameserver under\n limited conditions. \n Only versions of BIND since 9.9.7 and 9.10.2 are vulnerable to\n CVE-2015-5986. \n For more information, see:\n https://kb.isc.org/article/AA-01287/0\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5722\n https://kb.isc.org/article/AA-01291/0\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5986\n (* Security fix *)\n+--------------------------+\n\n\nWhere to find the new packages:\n+-----------------------------+\n\nThanks to the friendly folks at the OSU Open Source Lab\n(http://osuosl.org) for donating FTP and rsync hosting\nto the Slackware project! :-)\n\nAlso see the \"Get Slack\" section on http://slackware.com for\nadditional mirror sites near you. \n\nUpdated package for Slackware 13.0:\nftp://ftp.slackware.com/pub/slackware/slackware-13.0/patches/packages/bind-9.9.7_P3-i486-1_slack13.0.txz\n\nUpdated package for Slackware x86_64 13.0:\nftp://ftp.slackware.com/pub/slackware/slackware64-13.0/patches/packages/bind-9.9.7_P3-x86_64-1_slack13.0.txz\n\nUpdated package for Slackware 13.1:\nftp://ftp.slackware.com/pub/slackware/slackware-13.1/patches/packages/bind-9.9.7_P3-i486-1_slack13.1.txz\n\nUpdated package for Slackware x86_64 13.1:\nftp://ftp.slackware.com/pub/slackware/slackware64-13.1/patches/packages/bind-9.9.7_P3-x86_64-1_slack13.1.txz\n\nUpdated package for Slackware 13.37:\nftp://ftp.slackware.com/pub/slackware/slackware-13.37/patches/packages/bind-9.9.7_P3-i486-1_slack13.37.txz\n\nUpdated package for Slackware x86_64 13.37:\nftp://ftp.slackware.com/pub/slackware/slackware64-13.37/patches/packages/bind-9.9.7_P3-x86_64-1_slack13.37.txz\n\nUpdated package for Slackware 14.0:\nftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/bind-9.9.7_P3-i486-1_slack14.0.txz\n\nUpdated package for Slackware x86_64 14.0:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/bind-9.9.7_P3-x86_64-1_slack14.0.txz\n\nUpdated package for Slackware 14.1:\nftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/bind-9.9.7_P3-i486-1_slack14.1.txz\n\nUpdated package for Slackware x86_64 14.1:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/bind-9.9.7_P3-x86_64-1_slack14.1.txz\n\nUpdated package for Slackware -current:\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/bind-9.10.2_P4-i586-1.txz\n\nUpdated package for Slackware x86_64 -current:\nftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/bind-9.10.2_P4-x86_64-1.txz\n\n\nMD5 signatures:\n+-------------+\n\nSlackware 13.0 package:\n627f6c6827eca24776d790166801de25 bind-9.9.7_P3-i486-1_slack13.0.txz\n\nSlackware x86_64 13.0 package:\n49082f50322af84efe8d91459599b837 bind-9.9.7_P3-x86_64-1_slack13.0.txz\n\nSlackware 13.1 package:\n4dd375df46e84dbecb9f296e2fec692a bind-9.9.7_P3-i486-1_slack13.1.txz\n\nSlackware x86_64 13.1 package:\n90b4376b145544d9a63c28dcb891ca47 bind-9.9.7_P3-x86_64-1_slack13.1.txz\n\nSlackware 13.37 package:\n181ce9e11eb9d909c5c06b8ddd5bb1b5 bind-9.9.7_P3-i486-1_slack13.37.txz\n\nSlackware x86_64 13.37 package:\n368f7a3b977865b0132bdcd129e70813 bind-9.9.7_P3-x86_64-1_slack13.37.txz\n\nSlackware 14.0 package:\n3bb80a54fb5d0f76d17ef33cf06a074d bind-9.9.7_P3-i486-1_slack14.0.txz\n\nSlackware x86_64 14.0 package:\nd77b36e48e2c033ffa9d99816979304f bind-9.9.7_P3-x86_64-1_slack14.0.txz\n\nSlackware 14.1 package:\nada9c70208885b4c7904364e040360f9 bind-9.9.7_P3-i486-1_slack14.1.txz\n\nSlackware x86_64 14.1 package:\na78fbe27ba2834d2918fa26ce96d5083 bind-9.9.7_P3-x86_64-1_slack14.1.txz\n\nSlackware -current package:\n450614c08d5fac56c8d2701394d1af50 n/bind-9.10.2_P4-i586-1.txz\n\nSlackware x86_64 -current package:\n32e680d6bce8dac3ad5ba54958f68f95 n/bind-9.10.2_P4-x86_64-1.txz\n\n\nInstallation instructions:\n+------------------------+\n\nUpgrade the package as root:\n# upgradepkg bind-9.9.7_P3-i486-1_slack14.1.txz\n\nThen, restart the name server:\n\n# /etc/rc.d/rc.bind restart\n\n\n+-----+\n\nSlackware Linux Security Team\nhttp://slackware.com/gpg-key\nsecurity@slackware.com\n\n+------------------------------------------------------------------------+\n| To leave the slackware-security mailing list: |\n+------------------------------------------------------------------------+\n| Send an email to majordomo@slackware.com with this text in the body of |\n| the email message: |\n| |\n| unsubscribe slackware-security |\n| |\n| You will get a confirmation message back containing instructions to |\n| complete the process. Please do not reply to this email address. \n\nUpdates for the oldstable distribution (wheezy) will be released shortly. \n\nFor the stable distribution (jessie), this problem has been fixed in\nversion 9.9.5.dfsg-9+deb8u3. \n\nFor the unstable distribution (sid), this problem will be fixed soon. \n\nWe recommend that you upgrade your bind9 packages. \n\nRelease Date: 2015-12-16\nLast Updated: 2015-12-16\n\nPotential Security Impact: Remote Denial of Service (DoS)\n\nSource: Hewlett Packard Enterprise, Product Security Response Team\n\nVULNERABILITY SUMMARY\nPotential security vulnerabilities have been identified in the HP-UX BIND\nservice running named. The vulnerabilities could be exploited remotely to\ncreate a Denial of Service (DoS). \n\nReferences:\n\n CVE-2015-5722\n CVE-2015-8000\n PSRT102967\n\nSUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. \nBIND for HP-UX Release B.11.11 9.3.2 named prior to C.9.3.2.15.0\n\nBACKGROUND\n\nCVSS 2.0 Base Metrics\n===========================================================\n Reference Base Vector Base Score\nCVE-2015-5722 (AV:N/AC:L/Au:N/C:N/I:N/A:C) 7.8\nCVE-2015-8000 (AV:N/AC:M/Au:N/C:N/I:N/A:C) 7.1\n===========================================================\n Information on CVSS is documented\n in HP Customer Notice: HPSN-2008-002\n\nRESOLUTION\n\nHP has provided the following software updates to resolve the vulnerabilities\nin the HP-UX BIND service running named. \n\n - BIND 9.3.2 for HP-UX Release B.11.11\n\n Depot: HP_UX_11.11_DNSUPGRADE_C.9.3.2.15.0_HP-UX_B.11.11_32_64\n\n Note: The depot files can be found here:\n\n https://h20392.www2.hp.com/portal/swdepot/displayProductInfo.do?productNu\nmber=BIND\n\nMANUAL ACTIONS: Yes - Update\nDownload and install the software update\n\nPRODUCT SPECIFIC INFORMATION\nHP-UX Software Assistant: HP-UX Software Assistant is an enhanced application\nthat replaces HP-UX Security Patch Check. It analyzes all Security Bulletins\nissued by HP and lists recommended actions that may apply to a specific HP-UX\nsystem. It can also download patches and create a depot automatically. For\nmore information see: https://www.hp.com/go/swa\n\nThe following text is for use by the HP-UX Software Assistant. \n\nAFFECTED VERSIONS\n\nFor BIND 9.3.2\nHP-UX B.11.11\n===================\nBindUpgrade.BIND-UPGRADE\nBindUpgrade.BIND2-UPGRADE\naction: install revision C.9.3.2.15.0 or subsequent\n\nEND AFFECTED VERSIONS\n\nHISTORY\nVersion:1 (rev.1) - 16 December 2015 Initial release\n\nThird Party Security Patches: Third party security patches that are to be\ninstalled on systems running Hewlett Packard Enterprise (HPE) software\nproducts should be applied in accordance with the customer\u0027s patch management\npolicy. \n\nSupport: For issues about implementing the recommendations of this Security\nBulletin, contact normal HPE Services support channel. For other issues about\nthe content of this Security Bulletin, send e-mail to security-alert@hpe.com. \n\nReport: To report a potential security vulnerability with any HPE supported\nproduct, send Email to: security-alert@hpe.com\n\nSubscribe: To initiate a subscription to receive future HPE Security Bulletin\nalerts via Email: http://www.hpe.com/support/Subscriber_Choice\n\nSecurity Bulletin Archive: A list of recently released Security Bulletins is\navailable here: http://www.hpe.com/support/Security_Bulletin_Archive\n\nSoftware Product Category: The Software Product Category is represented in\nthe title by the two characters following HPSB. \n\n3C = 3COM\n3P = 3rd Party Software\nGN = HPE General Software\nHF = HPE Hardware and Firmware\nMU = Multi-Platform Software\nNS = NonStop Servers\nOV = OpenVMS\nPV = ProCurve\nST = Storage Software\nUX = HP-UX\n\nCopyright 2015 Hewlett Packard Enterprise\n\nHewlett Packard Enterprise shall not be liable for technical or editorial\nerrors or omissions contained herein. The information provided is provided\n\"as is\" without warranty of any kind. To the extent permitted by law, neither\nHP or its affiliates, subcontractors or suppliers will be liable for\nincidental,special or consequential damages including downtime cost; lost\nprofits; damages relating to the procurement of substitute products or\nservices; or damages for loss of data, or software restoration. The\ninformation in this document is subject to change without notice. Hewlett\nPackard Enterprise and the names of Hewlett Packard Enterprise products\nreferenced herein are trademarks of Hewlett Packard Enterprise in the United\nStates and other countries. Other product and company names mentioned herein\nmay be trademarks of their respective owners. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=====================================================================\n Red Hat Security Advisory\n\nSynopsis: Important: bind security update\nAdvisory ID: RHSA-2016:0078-01\nProduct: Red Hat Enterprise Linux\nAdvisory URL: https://rhn.redhat.com/errata/RHSA-2016-0078.html\nIssue date: 2016-01-28\nCVE Names: CVE-2014-8500 CVE-2015-5477 CVE-2015-5722 \n CVE-2015-8000 \n=====================================================================\n\n1. Summary:\n\nUpdated bind packages that fix multiple security issues are now available\nfor Red Hat Enterprise Linux 6.4 and 6.5 Advanced Update Support. \n\nRed Hat Product Security has rated this update as having Important security\nimpact. Common Vulnerability Scoring System (CVSS) base scores, which give\ndetailed severity ratings, are available for each vulnerability from the\nCVE links in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux Server AUS (v. 6.4) - i386, ppc64, s390x, x86_64\nRed Hat Enterprise Linux Server AUS (v. 6.5) - i386, ppc64, s390x, x86_64\nRed Hat Enterprise Linux Server Optional AUS (v. 6.4) - i386, ppc64, s390x, x86_64\nRed Hat Enterprise Linux Server Optional AUS (v. 6.5) - i386, ppc64, s390x, x86_64\n\n3. Description:\n\nThe Berkeley Internet Name Domain (BIND) is an implementation of the Domain\nName System (DNS) protocols. BIND includes a DNS server (named); a resolver\nlibrary (routines for applications to use when interfacing with DNS); and\ntools for verifying that the DNS server is operating correctly. \n\nA denial of service flaw was found in the way BIND followed DNS\ndelegations. A remote attacker could use a specially crafted zone\ncontaining a large number of referrals which, when looked up and processed,\nwould cause named to use excessive amounts of memory or crash. \n(CVE-2014-8500)\n\nA flaw was found in the way BIND handled requests for TKEY DNS resource\nrecords. A remote attacker could use this flaw to make named (functioning\nas an authoritative DNS server or a DNS resolver) exit unexpectedly with an\nassertion failure via a specially crafted DNS request packet. \n(CVE-2015-5477)\n\nA denial of service flaw was found in the way BIND parsed certain malformed\nDNSSEC keys. (CVE-2015-5722)\n\nA denial of service flaw was found in the way BIND processed certain\nrecords with malformed class attributes. A remote attacker could use this\nflaw to send a query to request a cached record with a malformed class\nattribute that would cause named functioning as an authoritative or\nrecursive server to crash. (CVE-2015-8000)\n\nNote: This issue affects authoritative servers as well as recursive\nservers, however authoritative servers are at limited risk if they perform\nauthentication when making recursive queries to resolve addresses for\nservers listed in NS RRSETs. \n\nRed Hat would like to thank ISC for reporting the CVE-2015-5477,\nCVE-2015-5722, and CVE-2015-8000 issues. Upstream acknowledges Jonathan\nFoote as the original reporter of CVE-2015-5477, and Hanno B\u00f6ck as the\noriginal reporter of CVE-2015-5722. \n\nAll bind users are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues. After installing the\nupdate, the BIND daemon (named) will be restarted automatically. \n\n4. Solution:\n\nBefore applying this update, make sure all previously released errata\nrelevant to your system have been applied. \n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258\n\n5. Package List:\n\nRed Hat Enterprise Linux Server AUS (v. 6.4):\n\nSource:\nbind-9.8.2-0.17.rc1.el6_4.7.src.rpm\n\ni386:\nbind-9.8.2-0.17.rc1.el6_4.7.i686.rpm\nbind-chroot-9.8.2-0.17.rc1.el6_4.7.i686.rpm\nbind-debuginfo-9.8.2-0.17.rc1.el6_4.7.i686.rpm\nbind-libs-9.8.2-0.17.rc1.el6_4.7.i686.rpm\nbind-utils-9.8.2-0.17.rc1.el6_4.7.i686.rpm\n\nppc64:\nbind-9.8.2-0.17.rc1.el6_4.7.ppc64.rpm\nbind-chroot-9.8.2-0.17.rc1.el6_4.7.ppc64.rpm\nbind-debuginfo-9.8.2-0.17.rc1.el6_4.7.ppc.rpm\nbind-debuginfo-9.8.2-0.17.rc1.el6_4.7.ppc64.rpm\nbind-libs-9.8.2-0.17.rc1.el6_4.7.ppc.rpm\nbind-libs-9.8.2-0.17.rc1.el6_4.7.ppc64.rpm\nbind-utils-9.8.2-0.17.rc1.el6_4.7.ppc64.rpm\n\ns390x:\nbind-9.8.2-0.17.rc1.el6_4.7.s390x.rpm\nbind-chroot-9.8.2-0.17.rc1.el6_4.7.s390x.rpm\nbind-debuginfo-9.8.2-0.17.rc1.el6_4.7.s390.rpm\nbind-debuginfo-9.8.2-0.17.rc1.el6_4.7.s390x.rpm\nbind-libs-9.8.2-0.17.rc1.el6_4.7.s390.rpm\nbind-libs-9.8.2-0.17.rc1.el6_4.7.s390x.rpm\nbind-utils-9.8.2-0.17.rc1.el6_4.7.s390x.rpm\n\nx86_64:\nbind-9.8.2-0.17.rc1.el6_4.7.x86_64.rpm\nbind-chroot-9.8.2-0.17.rc1.el6_4.7.x86_64.rpm\nbind-debuginfo-9.8.2-0.17.rc1.el6_4.7.i686.rpm\nbind-debuginfo-9.8.2-0.17.rc1.el6_4.7.x86_64.rpm\nbind-libs-9.8.2-0.17.rc1.el6_4.7.i686.rpm\nbind-libs-9.8.2-0.17.rc1.el6_4.7.x86_64.rpm\nbind-utils-9.8.2-0.17.rc1.el6_4.7.x86_64.rpm\n\nRed Hat Enterprise Linux Server AUS (v. 6.5):\n\nSource:\nbind-9.8.2-0.23.rc1.el6_5.2.src.rpm\n\ni386:\nbind-9.8.2-0.23.rc1.el6_5.2.i686.rpm\nbind-chroot-9.8.2-0.23.rc1.el6_5.2.i686.rpm\nbind-debuginfo-9.8.2-0.23.rc1.el6_5.2.i686.rpm\nbind-libs-9.8.2-0.23.rc1.el6_5.2.i686.rpm\nbind-utils-9.8.2-0.23.rc1.el6_5.2.i686.rpm\n\nppc64:\nbind-9.8.2-0.23.rc1.el6_5.2.ppc64.rpm\nbind-chroot-9.8.2-0.23.rc1.el6_5.2.ppc64.rpm\nbind-debuginfo-9.8.2-0.23.rc1.el6_5.2.ppc.rpm\nbind-debuginfo-9.8.2-0.23.rc1.el6_5.2.ppc64.rpm\nbind-libs-9.8.2-0.23.rc1.el6_5.2.ppc.rpm\nbind-libs-9.8.2-0.23.rc1.el6_5.2.ppc64.rpm\nbind-utils-9.8.2-0.23.rc1.el6_5.2.ppc64.rpm\n\ns390x:\nbind-9.8.2-0.23.rc1.el6_5.2.s390x.rpm\nbind-chroot-9.8.2-0.23.rc1.el6_5.2.s390x.rpm\nbind-debuginfo-9.8.2-0.23.rc1.el6_5.2.s390.rpm\nbind-debuginfo-9.8.2-0.23.rc1.el6_5.2.s390x.rpm\nbind-libs-9.8.2-0.23.rc1.el6_5.2.s390.rpm\nbind-libs-9.8.2-0.23.rc1.el6_5.2.s390x.rpm\nbind-utils-9.8.2-0.23.rc1.el6_5.2.s390x.rpm\n\nx86_64:\nbind-9.8.2-0.23.rc1.el6_5.2.x86_64.rpm\nbind-chroot-9.8.2-0.23.rc1.el6_5.2.x86_64.rpm\nbind-debuginfo-9.8.2-0.23.rc1.el6_5.2.i686.rpm\nbind-debuginfo-9.8.2-0.23.rc1.el6_5.2.x86_64.rpm\nbind-libs-9.8.2-0.23.rc1.el6_5.2.i686.rpm\nbind-libs-9.8.2-0.23.rc1.el6_5.2.x86_64.rpm\nbind-utils-9.8.2-0.23.rc1.el6_5.2.x86_64.rpm\n\nRed Hat Enterprise Linux Server Optional AUS (v. 6.4):\n\nSource:\nbind-9.8.2-0.17.rc1.el6_4.7.src.rpm\n\ni386:\nbind-debuginfo-9.8.2-0.17.rc1.el6_4.7.i686.rpm\nbind-devel-9.8.2-0.17.rc1.el6_4.7.i686.rpm\nbind-sdb-9.8.2-0.17.rc1.el6_4.7.i686.rpm\n\nppc64:\nbind-debuginfo-9.8.2-0.17.rc1.el6_4.7.ppc.rpm\nbind-debuginfo-9.8.2-0.17.rc1.el6_4.7.ppc64.rpm\nbind-devel-9.8.2-0.17.rc1.el6_4.7.ppc.rpm\nbind-devel-9.8.2-0.17.rc1.el6_4.7.ppc64.rpm\nbind-sdb-9.8.2-0.17.rc1.el6_4.7.ppc64.rpm\n\ns390x:\nbind-debuginfo-9.8.2-0.17.rc1.el6_4.7.s390.rpm\nbind-debuginfo-9.8.2-0.17.rc1.el6_4.7.s390x.rpm\nbind-devel-9.8.2-0.17.rc1.el6_4.7.s390.rpm\nbind-devel-9.8.2-0.17.rc1.el6_4.7.s390x.rpm\nbind-sdb-9.8.2-0.17.rc1.el6_4.7.s390x.rpm\n\nx86_64:\nbind-debuginfo-9.8.2-0.17.rc1.el6_4.7.i686.rpm\nbind-debuginfo-9.8.2-0.17.rc1.el6_4.7.x86_64.rpm\nbind-devel-9.8.2-0.17.rc1.el6_4.7.i686.rpm\nbind-devel-9.8.2-0.17.rc1.el6_4.7.x86_64.rpm\nbind-sdb-9.8.2-0.17.rc1.el6_4.7.x86_64.rpm\n\nRed Hat Enterprise Linux Server Optional AUS (v. 6.5):\n\nSource:\nbind-9.8.2-0.23.rc1.el6_5.2.src.rpm\n\ni386:\nbind-debuginfo-9.8.2-0.23.rc1.el6_5.2.i686.rpm\nbind-devel-9.8.2-0.23.rc1.el6_5.2.i686.rpm\nbind-sdb-9.8.2-0.23.rc1.el6_5.2.i686.rpm\n\nppc64:\nbind-debuginfo-9.8.2-0.23.rc1.el6_5.2.ppc.rpm\nbind-debuginfo-9.8.2-0.23.rc1.el6_5.2.ppc64.rpm\nbind-devel-9.8.2-0.23.rc1.el6_5.2.ppc.rpm\nbind-devel-9.8.2-0.23.rc1.el6_5.2.ppc64.rpm\nbind-sdb-9.8.2-0.23.rc1.el6_5.2.ppc64.rpm\n\ns390x:\nbind-debuginfo-9.8.2-0.23.rc1.el6_5.2.s390.rpm\nbind-debuginfo-9.8.2-0.23.rc1.el6_5.2.s390x.rpm\nbind-devel-9.8.2-0.23.rc1.el6_5.2.s390.rpm\nbind-devel-9.8.2-0.23.rc1.el6_5.2.s390x.rpm\nbind-sdb-9.8.2-0.23.rc1.el6_5.2.s390x.rpm\n\nx86_64:\nbind-debuginfo-9.8.2-0.23.rc1.el6_5.2.i686.rpm\nbind-debuginfo-9.8.2-0.23.rc1.el6_5.2.x86_64.rpm\nbind-devel-9.8.2-0.23.rc1.el6_5.2.i686.rpm\nbind-devel-9.8.2-0.23.rc1.el6_5.2.x86_64.rpm\nbind-sdb-9.8.2-0.23.rc1.el6_5.2.x86_64.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. References:\n\nhttps://access.redhat.com/security/cve/CVE-2014-8500\nhttps://access.redhat.com/security/cve/CVE-2015-5477\nhttps://access.redhat.com/security/cve/CVE-2015-5722\nhttps://access.redhat.com/security/cve/CVE-2015-8000\nhttps://access.redhat.com/security/updates/classification/#important\nhttps://kb.isc.org/article/AA-01216\nhttps://kb.isc.org/article/AA-01272\nhttps://kb.isc.org/article/AA-01287\nhttps://kb.isc.org/article/AA-01317\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2016 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niD8DBQFWqhylXlSAg2UNWIIRAqZ/AKCoKFjvPavmvpq8cC3SSEMtpGtycQCfShgo\n0jc/9uvkc44V3h5ZDR/fILQ=\n=90gw\n-----END PGP SIGNATURE-----\n\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce. \n\nAffected packages\n=================\n\n -------------------------------------------------------------------\n Package / Vulnerable / Unaffected\n -------------------------------------------------------------------\n 1 net-dns/bind \u003c 9.10.2_p4 \u003e= 9.10.2_p4 \n\nDescription\n===========\n\nA vulnerability has been discovered in BIND\u0027s named utility leading to\na Denial of Service condition. \n\nImpact\n======\n\nA remote attacker may be able to cause Denial of Service condition via\nspecially constructed zone data. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll BIND users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=net-dns/bind-9.10.2_p4\"\n\nReferences\n==========\n\n[ 1 ] CVE-2015-1349\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-1349\n[ 2 ] CVE-2015-4620\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-4620\n[ 3 ] CVE-2015-5477\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5477\n[ 4 ] CVE-2015-5722\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5722\n[ 5 ] CVE-2015-5986\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5986\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n https://security.gentoo.org/glsa/201510-01\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2015 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2015-5722"
},
{
"db": "BID",
"id": "76605"
},
{
"db": "VULHUB",
"id": "VHN-83683"
},
{
"db": "VULMON",
"id": "CVE-2015-5722"
},
{
"db": "PACKETSTORM",
"id": "133411"
},
{
"db": "PACKETSTORM",
"id": "133410"
},
{
"db": "PACKETSTORM",
"id": "134864"
},
{
"db": "PACKETSTORM",
"id": "135473"
},
{
"db": "PACKETSTORM",
"id": "135472"
},
{
"db": "PACKETSTORM",
"id": "134008"
}
],
"trust": 1.89
},
"exploit_availability": {
"_id": null,
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-83683",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-83683"
}
]
},
"external_ids": {
"_id": null,
"data": [
{
"db": "NVD",
"id": "CVE-2015-5722",
"trust": 2.7
},
{
"db": "ISC",
"id": "AA-01287",
"trust": 2.4
},
{
"db": "BID",
"id": "76605",
"trust": 1.5
},
{
"db": "ISC",
"id": "AA-01306",
"trust": 1.2
},
{
"db": "ISC",
"id": "AA-01438",
"trust": 1.2
},
{
"db": "ISC",
"id": "AA-01307",
"trust": 1.2
},
{
"db": "ISC",
"id": "AA-01305",
"trust": 1.2
},
{
"db": "MCAFEE",
"id": "SB10134",
"trust": 1.2
},
{
"db": "SECTRACK",
"id": "1033452",
"trust": 1.2
},
{
"db": "CNNVD",
"id": "CNNVD-201509-057",
"trust": 0.7
},
{
"db": "PACKETSTORM",
"id": "133410",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "133411",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "134864",
"trust": 0.2
},
{
"db": "ISC",
"id": "AA-01317",
"trust": 0.2
},
{
"db": "ISC",
"id": "AA-01272",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "134441",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "133407",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "134059",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "133423",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "133408",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "133434",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "133409",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-83683",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2015-5722",
"trust": 0.1
},
{
"db": "ISC",
"id": "AA-01291",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "135473",
"trust": 0.1
},
{
"db": "ISC",
"id": "AA-01216",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "135472",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "134008",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-83683"
},
{
"db": "VULMON",
"id": "CVE-2015-5722"
},
{
"db": "BID",
"id": "76605"
},
{
"db": "PACKETSTORM",
"id": "133411"
},
{
"db": "PACKETSTORM",
"id": "133410"
},
{
"db": "PACKETSTORM",
"id": "134864"
},
{
"db": "PACKETSTORM",
"id": "135473"
},
{
"db": "PACKETSTORM",
"id": "135472"
},
{
"db": "PACKETSTORM",
"id": "134008"
},
{
"db": "CNNVD",
"id": "CNNVD-201509-057"
},
{
"db": "NVD",
"id": "CVE-2015-5722"
}
]
},
"id": "VAR-201509-0003",
"iot": {
"_id": null,
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-83683"
}
],
"trust": 0.01
},
"last_update_date": "2026-04-10T22:29:18.635000Z",
"patch": {
"_id": null,
"data": [
{
"title": "Debian Security Advisories: DSA-3350-1 bind9 -- security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=2d4f632833a43c4eaa5805f28e3b91fe"
},
{
"title": "Ubuntu Security Notice: bind9 vulnerability",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-2728-1"
},
{
"title": "Amazon Linux AMI: ALAS-2015-594",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami\u0026qid=ALAS-2015-594"
},
{
"title": "Apple: OS X Server 5.0.15",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=apple_security_advisories\u0026qid=e4f689e38c48c81fbfd32d7313793956"
},
{
"title": "Oracle Solaris Third Party Bulletins: Oracle Solaris Third Party Bulletin - July 2015",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_solaris_third_party_bulletins\u0026qid=8b701aba68029ec36b631a8e26157a22"
},
{
"title": "Oracle VM Server for x86 Bulletins: Oracle VM Server for x86 Bulletin - July 2016",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_vm_server_for_x86_bulletins\u0026qid=6c15273f6bf4a785175f27073b98a1ce"
},
{
"title": "afl-cve",
"trust": 0.1,
"url": "https://github.com/mrash/afl-cve "
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2015-5722"
}
]
},
"problemtype_data": {
"_id": null,
"data": [
{
"problemtype": "CWE-20",
"trust": 1.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-83683"
},
{
"db": "NVD",
"id": "CVE-2015-5722"
}
]
},
"references": {
"_id": null,
"data": [
{
"trust": 2.0,
"url": "https://kb.isc.org/article/aa-01287"
},
{
"trust": 1.5,
"url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html"
},
{
"trust": 1.5,
"url": "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html"
},
{
"trust": 1.5,
"url": "http://rhn.redhat.com/errata/rhsa-2015-1705.html"
},
{
"trust": 1.5,
"url": "http://rhn.redhat.com/errata/rhsa-2015-1706.html"
},
{
"trust": 1.5,
"url": "http://rhn.redhat.com/errata/rhsa-2015-1707.html"
},
{
"trust": 1.3,
"url": "http://www.securityfocus.com/bid/76605"
},
{
"trust": 1.3,
"url": "https://security.gentoo.org/glsa/201510-01"
},
{
"trust": 1.3,
"url": "http://rhn.redhat.com/errata/rhsa-2016-0078.html"
},
{
"trust": 1.3,
"url": "http://rhn.redhat.com/errata/rhsa-2016-0079.html"
},
{
"trust": 1.2,
"url": "http://lists.apple.com/archives/security-announce/2015/oct/msg00009.html"
},
{
"trust": 1.2,
"url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04891218"
},
{
"trust": 1.2,
"url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04923105"
},
{
"trust": 1.2,
"url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04952480"
},
{
"trust": 1.2,
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c05095918"
},
{
"trust": 1.2,
"url": "https://kb.isc.org/article/aa-01305"
},
{
"trust": 1.2,
"url": "https://kb.isc.org/article/aa-01306"
},
{
"trust": 1.2,
"url": "https://kb.isc.org/article/aa-01307"
},
{
"trust": 1.2,
"url": "https://kb.isc.org/article/aa-01438"
},
{
"trust": 1.2,
"url": "https://security.netapp.com/advisory/ntap-20190730-0001/"
},
{
"trust": 1.2,
"url": "https://support.apple.com/ht205376"
},
{
"trust": 1.2,
"url": "http://www.debian.org/security/2015/dsa-3350"
},
{
"trust": 1.2,
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-september/165810.html"
},
{
"trust": 1.2,
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-september/167465.html"
},
{
"trust": 1.2,
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-september/165996.html"
},
{
"trust": 1.2,
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-october/168686.html"
},
{
"trust": 1.2,
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-september/165750.html"
},
{
"trust": 1.2,
"url": "http://www.securitytracker.com/id/1033452"
},
{
"trust": 1.2,
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00005.html"
},
{
"trust": 1.2,
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00006.html"
},
{
"trust": 1.2,
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00012.html"
},
{
"trust": 1.2,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00033.html"
},
{
"trust": 1.2,
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00020.html"
},
{
"trust": 1.2,
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00002.html"
},
{
"trust": 1.2,
"url": "http://www.ubuntu.com/usn/usn-2728-1"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=144294073801304\u0026w=2"
},
{
"trust": 1.1,
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=sb10134"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-5722"
},
{
"trust": 0.4,
"url": "https://kb.isc.org/article/aa-01287/0"
},
{
"trust": 0.3,
"url": "http://www.isc.org/products/bind/"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c04952480"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c04800156"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c04891218"
},
{
"trust": 0.3,
"url": "http://www.ibm.com/support/docview.wss?uid=swg21964962"
},
{
"trust": 0.3,
"url": "https://www.us-cert.gov/ncas/current-activity/2015/09/16/internet-systems-consortium-isc-releases-security-updates-bind"
},
{
"trust": 0.3,
"url": "https://www.alienvault.com/forums/discussion/6075/security-advisory-alienvault-v5-2-addresses-55-vulnerabilities"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=nas8n1020931"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21966398"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21966952"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21968047"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21968076"
},
{
"trust": 0.3,
"url": "https://aix.software.ibm.com/aix/efixes/security/bind_advisory9.asc"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-8000"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-5477"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-5986"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2015-5477"
},
{
"trust": 0.2,
"url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2015-5722"
},
{
"trust": 0.2,
"url": "https://kb.isc.org/article/aa-01317"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2015-8000"
},
{
"trust": 0.2,
"url": "https://bugzilla.redhat.com/):"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/team/key/"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/articles/11258"
},
{
"trust": 0.2,
"url": "https://kb.isc.org/article/aa-01272"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/team/contact/"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"trust": 0.1,
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026amp;id=sb10134"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=144294073801304\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/20.html"
},
{
"trust": 0.1,
"url": "https://www.debian.org/security/./dsa-3350"
},
{
"trust": 0.1,
"url": "https://usn.ubuntu.com/2728-1/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-5986"
},
{
"trust": 0.1,
"url": "http://slackware.com"
},
{
"trust": 0.1,
"url": "http://osuosl.org)"
},
{
"trust": 0.1,
"url": "http://slackware.com/gpg-key"
},
{
"trust": 0.1,
"url": "https://kb.isc.org/article/aa-01291/0"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-5722"
},
{
"trust": 0.1,
"url": "https://www.debian.org/security/"
},
{
"trust": 0.1,
"url": "https://www.debian.org/security/faq"
},
{
"trust": 0.1,
"url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_n"
},
{
"trust": 0.1,
"url": "http://www.hpe.com/support/security_bulletin_archive"
},
{
"trust": 0.1,
"url": "https://h20392.www2.hp.com/portal/swdepot/displayproductinfo.do?productnu"
},
{
"trust": 0.1,
"url": "https://www.hp.com/go/swa"
},
{
"trust": 0.1,
"url": "http://www.hpe.com/support/subscriber_choice"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-8500"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2014-8500"
},
{
"trust": 0.1,
"url": "https://kb.isc.org/article/aa-01216"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-4620"
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-1349"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-5986"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-4620"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-5722"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-5477"
},
{
"trust": 0.1,
"url": "https://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-1349"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-83683"
},
{
"db": "VULMON",
"id": "CVE-2015-5722"
},
{
"db": "BID",
"id": "76605"
},
{
"db": "PACKETSTORM",
"id": "133411"
},
{
"db": "PACKETSTORM",
"id": "133410"
},
{
"db": "PACKETSTORM",
"id": "134864"
},
{
"db": "PACKETSTORM",
"id": "135473"
},
{
"db": "PACKETSTORM",
"id": "135472"
},
{
"db": "PACKETSTORM",
"id": "134008"
},
{
"db": "CNNVD",
"id": "CNNVD-201509-057"
},
{
"db": "NVD",
"id": "CVE-2015-5722"
}
]
},
"sources": {
"_id": null,
"data": [
{
"db": "VULHUB",
"id": "VHN-83683",
"ident": null
},
{
"db": "VULMON",
"id": "CVE-2015-5722",
"ident": null
},
{
"db": "BID",
"id": "76605",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "133411",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "133410",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "134864",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "135473",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "135472",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "134008",
"ident": null
},
{
"db": "CNNVD",
"id": "CNNVD-201509-057",
"ident": null
},
{
"db": "NVD",
"id": "CVE-2015-5722",
"ident": null
}
]
},
"sources_release_date": {
"_id": null,
"data": [
{
"date": "2015-09-05T00:00:00",
"db": "VULHUB",
"id": "VHN-83683",
"ident": null
},
{
"date": "2015-09-05T00:00:00",
"db": "VULMON",
"id": "CVE-2015-5722",
"ident": null
},
{
"date": "2015-09-02T00:00:00",
"db": "BID",
"id": "76605",
"ident": null
},
{
"date": "2015-09-03T22:26:39",
"db": "PACKETSTORM",
"id": "133411",
"ident": null
},
{
"date": "2015-09-03T22:26:33",
"db": "PACKETSTORM",
"id": "133410",
"ident": null
},
{
"date": "2015-12-16T20:22:00",
"db": "PACKETSTORM",
"id": "134864",
"ident": null
},
{
"date": "2016-01-28T17:19:00",
"db": "PACKETSTORM",
"id": "135473",
"ident": null
},
{
"date": "2016-01-28T17:18:54",
"db": "PACKETSTORM",
"id": "135472",
"ident": null
},
{
"date": "2015-10-18T21:06:41",
"db": "PACKETSTORM",
"id": "134008",
"ident": null
},
{
"date": "2015-09-07T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201509-057",
"ident": null
},
{
"date": "2015-09-05T02:59:03.307000",
"db": "NVD",
"id": "CVE-2015-5722",
"ident": null
}
]
},
"sources_update_date": {
"_id": null,
"data": [
{
"date": "2016-12-31T00:00:00",
"db": "VULHUB",
"id": "VHN-83683",
"ident": null
},
{
"date": "2016-12-31T00:00:00",
"db": "VULMON",
"id": "CVE-2015-5722",
"ident": null
},
{
"date": "2016-07-29T17:00:00",
"db": "BID",
"id": "76605",
"ident": null
},
{
"date": "2015-09-10T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201509-057",
"ident": null
},
{
"date": "2025-04-12T10:46:40.837000",
"db": "NVD",
"id": "CVE-2015-5722",
"ident": null
}
]
},
"threat_type": {
"_id": null,
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "135473"
},
{
"db": "PACKETSTORM",
"id": "135472"
},
{
"db": "CNNVD",
"id": "CNNVD-201509-057"
}
],
"trust": 0.8
},
"title": {
"_id": null,
"data": "ISC BIND named Input validation vulnerability",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201509-057"
}
],
"trust": 0.6
},
"type": {
"_id": null,
"data": "input validation",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201509-057"
}
],
"trust": 0.6
}
}
VAR-201410-0371
Vulnerability from variot - Updated: 2026-04-10 22:25Memory leak in d1_srtp.c in the DTLS SRTP extension in OpenSSL 1.0.1 before 1.0.1j allows remote attackers to cause a denial of service (memory consumption) via a crafted handshake message. OpenSSL is prone to a security-bypass vulnerability. Successfully exploiting this issue will allow attackers to bypass security restrictions and perform unauthorized actions. This could be exploited in a Denial Of Service attack. This issue affects OpenSSL 1.0.1 server implementations for both SSL/TLS and DTLS regardless of whether SRTP is used or configured. Implementations of OpenSSL that have been compiled with OPENSSL_NO_SRTP defined are not affected.
OpenSSL 1.0.1 users should upgrade to 1.0.1j.
This issue was reported to OpenSSL on 26th September 2014, based on an original issue and patch developed by the LibreSSL project. Further analysis of the issue was performed by the OpenSSL team.
The fix was developed by the OpenSSL team.
Session Ticket Memory Leak (CVE-2014-3567)
Severity: Medium
When an OpenSSL SSL/TLS/DTLS server receives a session ticket the integrity of that ticket is first verified. In the event of a session ticket integrity check failing, OpenSSL will fail to free memory causing a memory leak. By sending a large number of invalid session tickets an attacker could exploit this issue in a Denial Of Service attack.
OpenSSL 1.0.1 users should upgrade to 1.0.1j. OpenSSL 1.0.0 users should upgrade to 1.0.0o. OpenSSL 0.9.8 users should upgrade to 0.9.8zc.
This issue was reported to OpenSSL on 8th October 2014.
The fix was developed by Stephen Henson of the OpenSSL core team.
SSL 3.0 Fallback protection
Severity: Medium
OpenSSL has added support for TLS_FALLBACK_SCSV to allow applications to block the ability for a MITM attacker to force a protocol downgrade.
Some client applications (such as browsers) will reconnect using a downgraded protocol to work around interoperability bugs in older servers. This could be exploited by an active man-in-the-middle to downgrade connections to SSL 3.0 even if both sides of the connection support higher protocols. SSL 3.0 contains a number of weaknesses including POODLE (CVE-2014-3566).
OpenSSL 1.0.1 users should upgrade to 1.0.1j. OpenSSL 1.0.0 users should upgrade to 1.0.0o. OpenSSL 0.9.8 users should upgrade to 0.9.8zc.
https://tools.ietf.org/html/draft-ietf-tls-downgrade-scsv-00 https://www.openssl.org/~bodo/ssl-poodle.pdf
Support for TLS_FALLBACK_SCSV was developed by Adam Langley and Bodo Moeller.
Build option no-ssl3 is incomplete (CVE-2014-3568)
Severity: Low
When OpenSSL is configured with "no-ssl3" as a build option, servers could accept and complete a SSL 3.0 handshake, and clients could be configured to send them.
OpenSSL 1.0.1 users should upgrade to 1.0.1j. OpenSSL 1.0.0 users should upgrade to 1.0.0o. OpenSSL 0.9.8 users should upgrade to 0.9.8zc.
This issue was reported to OpenSSL by Akamai Technologies on 14th October 2014.
The fix was developed by Akamai and the OpenSSL team.
References
URL for this Security Advisory: https://www.openssl.org/news/secadv_20141015.txt
Note: the online version of the advisory may be updated with additional details over time.
For details of OpenSSL severity classifications please see: https://www.openssl.org/about/secpolicy.html
. HP BladeSystem c-Class Onboard Administrator (OA) 4.30 and earlier.
Go to http://www.hp.com/go/oa
Select "Onboard Administrator Firmware" Select product name as ""HP BLc3000 Onboard Administrator Option" or "HP BLc7000 Onboard Administrator Option" Select the operating system from the list of choices Select Firmware version 4.40 for download Refer to the HP BladeSystem Onboard Administrator User Guide for steps to update the Onboard Administrator firmware.
Here are the details from the Slackware 14.1 ChangeLog: +--------------------------+ patches/packages/openssl-solibs-1.0.1j-i486-1_slack14.1.txz: Upgraded. ( Security fix ) patches/packages/openssl-1.0.1j-i486-1_slack14.1.txz: Upgraded. For more information, see: https://www.openssl.org/news/secadv_20141015.txt http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3513 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3566 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3567 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3568 ( Security fix ) +--------------------------+
Where to find the new packages: +-----------------------------+
Thanks to the friendly folks at the OSU Open Source Lab (http://osuosl.org) for donating FTP and rsync hosting to the Slackware project! :-)
Also see the "Get Slack" section on http://slackware.com for additional mirror sites near you.
Updated packages for Slackware 13.0: ftp://ftp.slackware.com/pub/slackware/slackware-13.0/patches/packages/openssl-0.9.8zc-i486-1_slack13.0.txz ftp://ftp.slackware.com/pub/slackware/slackware-13.0/patches/packages/openssl-solibs-0.9.8zc-i486-1_slack13.0.txz
Updated packages for Slackware x86_64 13.0: ftp://ftp.slackware.com/pub/slackware/slackware64-13.0/patches/packages/openssl-0.9.8zc-x86_64-1_slack13.0.txz ftp://ftp.slackware.com/pub/slackware/slackware64-13.0/patches/packages/openssl-solibs-0.9.8zc-x86_64-1_slack13.0.txz
Updated packages for Slackware 13.1: ftp://ftp.slackware.com/pub/slackware/slackware-13.1/patches/packages/openssl-0.9.8zc-i486-1_slack13.1.txz ftp://ftp.slackware.com/pub/slackware/slackware-13.1/patches/packages/openssl-solibs-0.9.8zc-i486-1_slack13.1.txz
Updated packages for Slackware x86_64 13.1: ftp://ftp.slackware.com/pub/slackware/slackware64-13.1/patches/packages/openssl-0.9.8zc-x86_64-1_slack13.1.txz ftp://ftp.slackware.com/pub/slackware/slackware64-13.1/patches/packages/openssl-solibs-0.9.8zc-x86_64-1_slack13.1.txz
Updated packages for Slackware 13.37: ftp://ftp.slackware.com/pub/slackware/slackware-13.37/patches/packages/openssl-0.9.8zc-i486-1_slack13.37.txz ftp://ftp.slackware.com/pub/slackware/slackware-13.37/patches/packages/openssl-solibs-0.9.8zc-i486-1_slack13.37.txz
Updated packages for Slackware x86_64 13.37: ftp://ftp.slackware.com/pub/slackware/slackware64-13.37/patches/packages/openssl-0.9.8zc-x86_64-1_slack13.37.txz ftp://ftp.slackware.com/pub/slackware/slackware64-13.37/patches/packages/openssl-solibs-0.9.8zc-x86_64-1_slack13.37.txz
Updated packages for Slackware 14.0: ftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/openssl-1.0.1j-i486-1_slack14.0.txz ftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/openssl-solibs-1.0.1j-i486-1_slack14.0.txz
Updated packages for Slackware x86_64 14.0: ftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/openssl-1.0.1j-x86_64-1_slack14.0.txz ftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/openssl-solibs-1.0.1j-x86_64-1_slack14.0.txz
Updated packages for Slackware 14.1: ftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/openssl-1.0.1j-i486-1_slack14.1.txz ftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/openssl-solibs-1.0.1j-i486-1_slack14.1.txz
Updated packages for Slackware x86_64 14.1: ftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/openssl-1.0.1j-x86_64-1_slack14.1.txz ftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/openssl-solibs-1.0.1j-x86_64-1_slack14.1.txz
Updated packages for Slackware -current: ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/a/openssl-solibs-1.0.1j-i486-1.txz ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/openssl-1.0.1j-i486-1.txz
Updated packages for Slackware x86_64 -current: ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/a/openssl-solibs-1.0.1j-x86_64-1.txz ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/openssl-1.0.1j-x86_64-1.txz
MD5 signatures: +-------------+
Slackware 13.0 packages: 44d336a121b39296f0e6bbeeb283dd2b openssl-0.9.8zc-i486-1_slack13.0.txz 8342cfb351e59ecf5ea6d8cba66f0040 openssl-solibs-0.9.8zc-i486-1_slack13.0.txz
Slackware x86_64 13.0 packages: 671f12535bdc10ab24388b713351aca2 openssl-0.9.8zc-x86_64-1_slack13.0.txz 21e380284cdfab2fd15fffe2e0aed526 openssl-solibs-0.9.8zc-x86_64-1_slack13.0.txz
Slackware 13.1 packages: 64cb819f1e07522bd5d7ceedd0a9ab50 openssl-0.9.8zc-i486-1_slack13.1.txz 5fe4e385b2251cfd7e8ae5963ec6cef1 openssl-solibs-0.9.8zc-i486-1_slack13.1.txz
Slackware x86_64 13.1 packages: 94feb6699d6f2cc7750a6b2e17ccaaa2 openssl-0.9.8zc-x86_64-1_slack13.1.txz 2c17e4286509c29074ab0168367b851e openssl-solibs-0.9.8zc-x86_64-1_slack13.1.txz
Slackware 13.37 packages: 4483d91c776c7e23c59246c4e0aa24aa openssl-0.9.8zc-i486-1_slack13.37.txz fedd58eb19bc13c9dd88d947827a7370 openssl-solibs-0.9.8zc-i486-1_slack13.37.txz
Slackware x86_64 13.37 packages: 5d48ac1e9339efc35e304c7d48b2e762 openssl-0.9.8zc-x86_64-1_slack13.37.txz 6f5e2b576259477c13f12cbed9be8804 openssl-solibs-0.9.8zc-x86_64-1_slack13.37.txz
Slackware 14.0 packages: 2b678160283bc696565dc8bd8b28c0eb openssl-1.0.1j-i486-1_slack14.0.txz f7762615c990713e9e86d4da962f1022 openssl-solibs-1.0.1j-i486-1_slack14.0.txz
Slackware x86_64 14.0 packages: 41010ca37d49b74e7d7dc3f1c6ddc57e openssl-1.0.1j-x86_64-1_slack14.0.txz 40dc6f3de217279d6140c1efcc0d45c8 openssl-solibs-1.0.1j-x86_64-1_slack14.0.txz
Slackware 14.1 packages: 024ecea55e22e47f9fbb4b81a7b72a51 openssl-1.0.1j-i486-1_slack14.1.txz 0a575668bb41ec4c2160800611f7f627 openssl-solibs-1.0.1j-i486-1_slack14.1.txz
Slackware x86_64 14.1 packages: d07fe289f7998a584c2b0d9810a8b9aa openssl-1.0.1j-x86_64-1_slack14.1.txz 1ffc5d0c02b0c60cefa5cf9189bfc71d openssl-solibs-1.0.1j-x86_64-1_slack14.1.txz
Slackware -current packages: 53c9f51a79460bbfc5dec5720317cd53 a/openssl-solibs-1.0.1j-i486-1.txz cc059aa63494f3b005a886c70bc3f5d6 n/openssl-1.0.1j-i486-1.txz
Slackware x86_64 -current packages: 500709555e652adcd84b4e02dfab4eeb a/openssl-solibs-1.0.1j-x86_64-1.txz c483ca9c450fa90a901ac013276ccc53 n/openssl-1.0.1j-x86_64-1.txz
Installation instructions: +------------------------+
Upgrade the packages as root:
upgradepkg openssl-1.0.1j-i486-1_slack14.1.txz openssl-solibs-1.0.1j-i486-1_slack14.1.txz
+-----+
Slackware Linux Security Team http://slackware.com/gpg-key security@slackware.com
+------------------------------------------------------------------------+ | To leave the slackware-security mailing list: | +------------------------------------------------------------------------+ | Send an email to majordomo@slackware.com with this text in the body of | | the email message: | | | | unsubscribe slackware-security | | | | You will get a confirmation message back containing instructions to | | complete the process. Please do not reply to this email address. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emr_na-c04540692
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c04540692 Version: 1
HPSBGN03233 rev.1 - HP OneView running OpenSSL, Remote Denial of Service (DoS), Unauthorized Access, and Disclosure of Information
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2015-01-13 Last Updated: 2015-01-13
Potential Security Impact: Remote Denial of Service (DoS), unauthorized access, disclosure of information
Source: Hewlett-Packard Company, HP Software Security Response Team
VULNERABILITY SUMMARY Potential security vulnerabilities have been identified with HP OneView running OpenSSL and Bash Shell. These vulnerabilities (POODLE and Shellshock) could be exploited remotely to create a Denial of Service (DoS), allow unauthorized access, or disclose information.
References:
CVE-2014-3513 CVE-2014-3566 CVE-2014-3567 CVE-2014-6271 CVE-2014-6277 CVE-2014-6278 CVE-2014-7169 CVE-2014-7186 CVE-2014-7187 SSRT101739 SSRT101868
SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. HP OneView versions prior to 1.20
BACKGROUND
CVSS 2.0 Base Metrics
Reference Base Vector Base Score CVE-2014-3513 (AV:N/AC:M/Au:N/C:N/I:N/A:C) 7.1 CVE-2014-3566 (AV:N/AC:M/Au:N/C:P/I:N/A:N) 4.3 CVE-2014-3567 (AV:N/AC:M/Au:N/C:N/I:N/A:C) 7.1 CVE-2014-6271 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2014-6277 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2014-6278 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2014-7169 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2014-7186 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2014-7187 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 =========================================================== Information on CVSS is documented in HP Customer Notice: HPSN-2008-002
RESOLUTION
HP has released the following software update to resolve the vulnerabilities in HP OneView.
Existing users may upgrade to HP OneView version 1.20 using the Update Appliance feature in HP OneView.
HP OneView version 1.20 is available from the following location:
https://h20392.www2.hp.com/portal/swdepot/displayProductInfo.do?productNumber =Z7550-63180
Note: The upgrade (.bin) or a new install (.ova) is also available:
An HP Passport login is required.
Go to the HP Software Depot site at http://www.software.hp.com and search for HP OneView.
HISTORY Version:1 (rev.1) - 13 January 2015 Initial release
Third Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy.
Support: For issues about implementing the recommendations of this Security Bulletin, contact normal HP Services support channel. For other issues about the content of this Security Bulletin, send e-mail to security-alert@hp.com.
Report: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com
Subscribe: To initiate a subscription to receive future HP Security Bulletin alerts via Email: http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins
Security Bulletin Archive: A list of recently released Security Bulletins is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/secBullArchive/
Software Product Category: The Software Product Category is represented in the title by the two characters following HPSB.
3C = 3COM 3P = 3rd Party Software GN = HP General Software HF = HP Hardware and Firmware MP = MPE/iX MU = Multi-Platform Software NS = NonStop Servers OV = OpenVMS PI = Printing and Imaging PV = ProCurve ST = Storage Software TU = Tru64 UNIX UX = HP-UX
Copyright 2015 Hewlett-Packard Development Company, L.P. Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
===================================================================== Red Hat Security Advisory
Synopsis: Important: openssl security update Advisory ID: RHSA-2014:1692-01 Product: Red Hat Storage Advisory URL: https://rhn.redhat.com/errata/RHSA-2014-1692.html Issue date: 2014-10-22 CVE Names: CVE-2014-3513 CVE-2014-3567 =====================================================================
- Summary:
Updated openssl packages that contain a backported patch to mitigate the CVE-2014-3566 issue and fix two security issues are now available for Red Hat Storage 2.1.
Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.
- Relevant releases/architectures:
Red Hat Storage Server 2.1 - x86_64
- Description:
OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL), Transport Layer Security (TLS), and Datagram Transport Layer Security (DTLS) protocols, as well as a full-strength, general purpose cryptography library.
This update adds support for the TLS Fallback Signaling Cipher Suite Value (TLS_FALLBACK_SCSV), which can be used to prevent protocol downgrade attacks against applications which re-connect using a lower SSL/TLS protocol version when the initial connection indicating the highest supported protocol version fails.
This can prevent a forceful downgrade of the communication to SSL 3.0. The SSL 3.0 protocol was found to be vulnerable to the padding oracle attack when using block cipher suites in cipher block chaining (CBC) mode. This issue is identified as CVE-2014-3566, and also known under the alias POODLE. This SSL 3.0 protocol flaw will not be addressed in a future update; it is recommended that users configure their applications to require at least TLS protocol version 1.0 for secure communication.
For additional information about this flaw, see the Knowledgebase article at https://access.redhat.com/articles/1232123
A memory leak flaw was found in the way OpenSSL parsed the DTLS Secure Real-time Transport Protocol (SRTP) extension data. (CVE-2014-3567)
All OpenSSL users are advised to upgrade to these updated packages, which contain backported patches to mitigate the CVE-2014-3566 issue and correct the CVE-2014-3513 and CVE-2014-3567 issues. For the update to take effect, all services linked to the OpenSSL library (such as httpd and other SSL-enabled services) must be restarted or the system rebooted.
- Solution:
Before applying this update, make sure all previously released errata relevant to your system have been applied.
This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/articles/11258
- Package List:
Red Hat Storage Server 2.1:
Source: openssl-1.0.1e-30.el6_6.2.src.rpm
x86_64: openssl-1.0.1e-30.el6_6.2.x86_64.rpm openssl-debuginfo-1.0.1e-30.el6_6.2.x86_64.rpm openssl-devel-1.0.1e-30.el6_6.2.x86_64.rpm openssl-perl-1.0.1e-30.el6_6.2.x86_64.rpm openssl-static-1.0.1e-30.el6_6.2.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/
- References:
https://access.redhat.com/security/cve/CVE-2014-3513 https://access.redhat.com/security/cve/CVE-2014-3567 https://access.redhat.com/security/updates/classification/#important https://access.redhat.com/articles/1232123
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2014 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iD8DBQFUR/NUXlSAg2UNWIIRAlZHAJwPwsoiJDn5RhI6U8eFkIzxyQopkQCePynp RpfQCptdJIpd6WXO7pw1vVo= =T20t -----END PGP SIGNATURE-----
-- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce
Show details on source website{
"affected_products": {
"_id": null,
"data": [
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1e"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1g"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1f"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1h"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1a"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1d"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1i"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1c"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1b"
},
{
"_id": null,
"model": "bladecenter advanced management module 3.66n",
"scope": "ne",
"trust": 0.9,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "bladecenter advanced management module 3.66k",
"scope": null,
"trust": 0.9,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "global console manager",
"scope": "ne",
"trust": 0.6,
"vendor": "ibm",
"version": "1.26.1.23978"
},
{
"_id": null,
"model": "global console manager",
"scope": "eq",
"trust": 0.6,
"vendor": "ibm",
"version": "1.4.2.15036"
},
{
"_id": null,
"model": "global console manager",
"scope": "eq",
"trust": 0.6,
"vendor": "ibm",
"version": "1.20.20.23447"
},
{
"_id": null,
"model": "project openssl 1.0.0a",
"scope": null,
"trust": 0.6,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "local console manager",
"scope": "eq",
"trust": 0.6,
"vendor": "ibm",
"version": "1.2.39.0"
},
{
"_id": null,
"model": "local console manager",
"scope": "eq",
"trust": 0.6,
"vendor": "ibm",
"version": "1.2.27.00"
},
{
"_id": null,
"model": "local console manager",
"scope": "ne",
"trust": 0.6,
"vendor": "ibm",
"version": "1.2.40.00"
},
{
"_id": null,
"model": "cognos controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.1"
},
{
"_id": null,
"model": "security network intrusion prevention system gx7412-05",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.1"
},
{
"_id": null,
"model": "aura collaboration environment",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.0"
},
{
"_id": null,
"model": "security network intrusion prevention system gx5108-v2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.2"
},
{
"_id": null,
"model": "upward integration modules for vmware vsphere",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.5"
},
{
"_id": null,
"model": "rational software architect realtime edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.1"
},
{
"_id": null,
"model": "bladecenter advanced management module 25r5778",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "q",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"_id": null,
"model": null,
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "16200"
},
{
"_id": null,
"model": "security network intrusion prevention system gx5208-v2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6"
},
{
"_id": null,
"model": "bladecenter -s",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1948"
},
{
"_id": null,
"model": "flex system fc3171 8gb san pass-thru",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.3"
},
{
"_id": null,
"model": "security network intrusion prevention system gx4004",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.4"
},
{
"_id": null,
"model": "k",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"_id": null,
"model": "upward integration modules scvmm add-in",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.3"
},
{
"_id": null,
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.0"
},
{
"_id": null,
"model": "project openssl 0.9.8f",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "switch series",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "58200"
},
{
"_id": null,
"model": "system management homepage",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "7.4.1"
},
{
"_id": null,
"model": "security network intrusion prevention system gx5108",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.5"
},
{
"_id": null,
"model": "switch series r1809p03",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "5820"
},
{
"_id": null,
"model": "project openssl 1.0.0d",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "cloudsystem matrix",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.4"
},
{
"_id": null,
"model": "project openssl 1.0.1e",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "security network intrusion prevention system gx5008",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.5"
},
{
"_id": null,
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.2"
},
{
"_id": null,
"model": "project openssl beta3",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0.1"
},
{
"_id": null,
"model": "vcenter server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.1"
},
{
"_id": null,
"model": "insight control",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3"
},
{
"_id": null,
"model": "security network intrusion prevention system gx5108-v2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.1"
},
{
"_id": null,
"model": "project openssl 1.0.1a",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "msr4000",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"_id": null,
"model": "systems director storage control",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2.1.0"
},
{
"_id": null,
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"_id": null,
"model": "aspera shares",
"scope": "eq",
"trust": 0.3,
"vendor": "asperasoft",
"version": "1.7.5"
},
{
"_id": null,
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2.1"
},
{
"_id": null,
"model": "mcp r3303p18",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "6600"
},
{
"_id": null,
"model": "storwize unified",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70001.5.0.1"
},
{
"_id": null,
"model": "security network intrusion prevention system gx5108",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.4"
},
{
"_id": null,
"model": "msr3000 r0106p18",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "project openssl k",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"_id": null,
"model": "security network intrusion prevention system gx3002",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.2"
},
{
"_id": null,
"model": "security network intrusion prevention system gx5008",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.4"
},
{
"_id": null,
"model": "flex system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.2.0.0"
},
{
"_id": null,
"model": "project openssl 1.0.0g",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "sle client tools",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"_id": null,
"model": "tivoli netcool/reporter",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.5"
},
{
"_id": null,
"model": null,
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "850/8700"
},
{
"_id": null,
"model": "insight control server provisioning",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "7.5.1"
},
{
"_id": null,
"model": "r5203p11",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "3100v2"
},
{
"_id": null,
"model": "f5000-s",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"_id": null,
"model": "msr1000 r2513p33",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "xcode",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.3.1"
},
{
"_id": null,
"model": "netscaler t1",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "0"
},
{
"_id": null,
"model": "project openssl 0.9.8zb",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "esxi",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.1"
},
{
"_id": null,
"model": "msr9xx",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"_id": null,
"model": "j",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"_id": null,
"model": "switch series",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "58300"
},
{
"_id": null,
"model": "project openssl 1.0.1j",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.2"
},
{
"_id": null,
"model": "upward integration modules for vmware vsphere",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.1"
},
{
"_id": null,
"model": "tivoli dynamic workload console",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.6.0.0"
},
{
"_id": null,
"model": "wb",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"_id": null,
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "xcode",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "2.3"
},
{
"_id": null,
"model": "security network intrusion prevention system gx7412",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6"
},
{
"_id": null,
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2.3"
},
{
"_id": null,
"model": "image construction and composition tool",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.3.1.0"
},
{
"_id": null,
"model": "n",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"_id": null,
"model": "project openssl 1.0.0o",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "pa",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"_id": null,
"model": "aspera",
"scope": "ne",
"trust": 0.3,
"vendor": "asperasoft",
"version": "3.5.2"
},
{
"_id": null,
"model": "matrix operating environment",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3"
},
{
"_id": null,
"model": "m210",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"_id": null,
"model": "version control agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2"
},
{
"_id": null,
"model": "vsr1000",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"_id": null,
"model": "r15xx",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "19100"
},
{
"_id": null,
"model": "project openssl 0.9.8w",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "security network intrusion prevention system gv200",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3"
},
{
"_id": null,
"model": "cognos tm1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.5.2"
},
{
"_id": null,
"model": "switch series",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "119000"
},
{
"_id": null,
"model": "flex system fc3171 8gb san switch",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.5.4"
},
{
"_id": null,
"model": "flex system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.1.0"
},
{
"_id": null,
"model": "switch series r5319p10",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "3610"
},
{
"_id": null,
"model": "project openssl 1.0.0m",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3.1"
},
{
"_id": null,
"model": "msr1000 russian version r2513l40.ru",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "rational application developer for websphere",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.1"
},
{
"_id": null,
"model": "project openssl 1.0.1g",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.0"
},
{
"_id": null,
"model": "project openssl 0.9.8m",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "f5000-c",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"_id": null,
"model": "project openssl j",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"_id": null,
"model": "rational application developer for websphere",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1"
},
{
"_id": null,
"model": "security network intrusion prevention system gx4004",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6"
},
{
"_id": null,
"model": "security virtual server protection for vmware",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.0.1"
},
{
"_id": null,
"model": "security network intrusion prevention system gv1000",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6"
},
{
"_id": null,
"model": "tivoli dynamic workload console",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.2"
},
{
"_id": null,
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.1"
},
{
"_id": null,
"model": "command center appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "0"
},
{
"_id": null,
"model": "aspera shares",
"scope": "eq",
"trust": 0.3,
"vendor": "asperasoft",
"version": "1.0.1"
},
{
"_id": null,
"model": "bladecenter -t",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8720"
},
{
"_id": null,
"model": "storwize unified",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70001.3.23"
},
{
"_id": null,
"model": "storwize unified",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70001.5.0.2"
},
{
"_id": null,
"model": "storwize unified",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70001.4.2.1"
},
{
"_id": null,
"model": "xcode",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.2.4"
},
{
"_id": null,
"model": "aura communication manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"_id": null,
"model": "a6600",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"_id": null,
"model": "netscaler gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "0"
},
{
"_id": null,
"model": "project openssl 1.0.1i",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "r1828p06",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "12500"
},
{
"_id": null,
"model": "flex system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.2"
},
{
"_id": null,
"model": "r2122",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "7900"
},
{
"_id": null,
"model": "xcode",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.0"
},
{
"_id": null,
"model": "project openssl 1.0.0h",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "security network intrusion prevention system gx3002",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.5"
},
{
"_id": null,
"model": "systems director",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.3.1.1"
},
{
"_id": null,
"model": "u200s and cs f5123p30",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "security network intrusion prevention system gx5108",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6"
},
{
"_id": null,
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0"
},
{
"_id": null,
"model": "storwize unified",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70001.5.0.0"
},
{
"_id": null,
"model": "security network intrusion prevention system gv200",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.5"
},
{
"_id": null,
"model": "xcode",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.1.1"
},
{
"_id": null,
"model": "security network intrusion prevention system gx5008-v2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3"
},
{
"_id": null,
"model": "security network intrusion prevention system gx5008",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6"
},
{
"_id": null,
"model": "xcode",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "6.3"
},
{
"_id": null,
"model": "xcode",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.1"
},
{
"_id": null,
"model": "bladecenter -s",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8886"
},
{
"_id": null,
"model": "security network intrusion prevention system gx7800",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3"
},
{
"_id": null,
"model": "security network intrusion prevention system gx7412-10",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.2"
},
{
"_id": null,
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.5.0"
},
{
"_id": null,
"model": "office connect ps1810",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"_id": null,
"model": "qradar siem mr2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1"
},
{
"_id": null,
"model": "aura communication manager ssp04",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3"
},
{
"_id": null,
"model": "tivoli workload scheduler distributed fp03",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.6.0"
},
{
"_id": null,
"model": "upward integration modules for microsoft system center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.5.2"
},
{
"_id": null,
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.0.7"
},
{
"_id": null,
"model": "project openssl 0.9.8r",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "ex series network switches for ibm products pre 12.3r9",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "tivoli dynamic workload console",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5"
},
{
"_id": null,
"model": "tivoli workload scheduler distributed",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.1"
},
{
"_id": null,
"model": "f1000-a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"_id": null,
"model": "aspera faspex",
"scope": "eq",
"trust": 0.3,
"vendor": "asperasoft",
"version": "3.0.3"
},
{
"_id": null,
"model": "security network intrusion prevention system gx3002",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.4"
},
{
"_id": null,
"model": "hsr6602 r3303p18",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "m.10",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"_id": null,
"model": "xcode",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.1.3"
},
{
"_id": null,
"model": "project openssl 0.9.8n",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "a6600 russian version",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"_id": null,
"model": "virtual connect enterprise manager sdk",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.4"
},
{
"_id": null,
"model": null,
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "79000"
},
{
"_id": null,
"model": "aspera proxy",
"scope": "ne",
"trust": 0.3,
"vendor": "asperasoft",
"version": "1.2.3"
},
{
"_id": null,
"model": "si switch series",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "51200"
},
{
"_id": null,
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3"
},
{
"_id": null,
"model": "security network intrusion prevention system gv200",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.4"
},
{
"_id": null,
"model": "cloudsystem matrix",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2"
},
{
"_id": null,
"model": "f1000-s",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"_id": null,
"model": "project openssl 0.9.8y",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": null,
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "3100v2-480"
},
{
"_id": null,
"model": "aspera mobile",
"scope": "eq",
"trust": 0.3,
"vendor": "asperasoft",
"version": "0"
},
{
"_id": null,
"model": "matrix operating environment",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.5"
},
{
"_id": null,
"model": "flex system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.2"
},
{
"_id": null,
"model": "msr93x",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"_id": null,
"model": "upward integration modules for microsoft system center",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "5.5.3"
},
{
"_id": null,
"model": "flex system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.1"
},
{
"_id": null,
"model": "project openssl beta4",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0.0"
},
{
"_id": null,
"model": "security network intrusion prevention system gx7412",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.1"
},
{
"_id": null,
"model": "h.10",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"_id": null,
"model": "r1104",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "1620"
},
{
"_id": null,
"model": "upward integration modules hardware management pack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.5.2"
},
{
"_id": null,
"model": "upward integration modules for microsoft system center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.2"
},
{
"_id": null,
"model": "u200s and cs",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"_id": null,
"model": "netscaler application delivery controller",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "0"
},
{
"_id": null,
"model": "project openssl 1.0.0l",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "vcenter server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.0"
},
{
"_id": null,
"model": "systems director",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.3.20"
},
{
"_id": null,
"model": "security network intrusion prevention system gx4004-v2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.2"
},
{
"_id": null,
"model": "upward integration modules integrated installer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.5.2"
},
{
"_id": null,
"model": "general parallel file system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.5.0"
},
{
"_id": null,
"model": "project openssl beta5",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0.0"
},
{
"_id": null,
"model": "bladecenter -e",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7967"
},
{
"_id": null,
"model": "flex system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.0.1"
},
{
"_id": null,
"model": "aspera drive",
"scope": "eq",
"trust": 0.3,
"vendor": "asperasoft",
"version": "0"
},
{
"_id": null,
"model": "storwize unified",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70001.4.1.1"
},
{
"_id": null,
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3"
},
{
"_id": null,
"model": "version control agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.3"
},
{
"_id": null,
"model": "matrix operating environment",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.2"
},
{
"_id": null,
"model": "insight control server deployment",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.0"
},
{
"_id": null,
"model": "russian version r3303p18",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "6602"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.3"
},
{
"_id": null,
"model": "xcode",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.1.4"
},
{
"_id": null,
"model": "tivoli workload scheduler distributed",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.4"
},
{
"_id": null,
"model": "f1000-e",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"_id": null,
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.0.3"
},
{
"_id": null,
"model": "project openssl 0.9.8p",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.1"
},
{
"_id": null,
"model": "security network intrusion prevention system gx5008-v2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.5"
},
{
"_id": null,
"model": "security network intrusion prevention system gx5208",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.1"
},
{
"_id": null,
"model": "cognos tm1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2.2.0"
},
{
"_id": null,
"model": "bladecenter -h",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8852"
},
{
"_id": null,
"model": "12500(comware",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "v7)0"
},
{
"_id": null,
"model": "security network intrusion prevention system gx4002",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3"
},
{
"_id": null,
"model": "g switch series",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "48000"
},
{
"_id": null,
"model": "bladecenter -ht",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8750"
},
{
"_id": null,
"model": "upward integration modules for microsoft system center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.5.1"
},
{
"_id": null,
"model": "security network intrusion prevention system gx5108",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3"
},
{
"_id": null,
"model": "vcx",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"_id": null,
"model": "security network intrusion prevention system gv1000",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.1"
},
{
"_id": null,
"model": "linux ia-64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": null,
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "57000"
},
{
"_id": null,
"model": "systems director",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.3.5.0"
},
{
"_id": null,
"model": "esxi",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.0"
},
{
"_id": null,
"model": "aspera console",
"scope": "eq",
"trust": 0.3,
"vendor": "asperasoft",
"version": "2.3.1"
},
{
"_id": null,
"model": "msr50-g2",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"_id": null,
"model": "xcode",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "6.0.1"
},
{
"_id": null,
"model": "insight control",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2"
},
{
"_id": null,
"model": "systems director common agent for linux",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.3.5"
},
{
"_id": null,
"model": "r",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"_id": null,
"model": "security network intrusion prevention system gx5008-v2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.4"
},
{
"_id": null,
"model": "security network intrusion prevention system gx7412-05",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.2"
},
{
"_id": null,
"model": "cognos insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2.0.1"
},
{
"_id": null,
"model": "esxi esxi550-20150110",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5"
},
{
"_id": null,
"model": "ei switch series r2221p08",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "5500"
},
{
"_id": null,
"model": "kb",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"_id": null,
"model": "msr30",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"_id": null,
"model": "power hmc",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.7.8.0"
},
{
"_id": null,
"model": "switch series",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "129000"
},
{
"_id": null,
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3.3"
},
{
"_id": null,
"model": "msr1000",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"_id": null,
"model": "msr30 russian version 2513l40.ru",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "i.10",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"_id": null,
"model": "tivoli workload scheduler distributed fp05",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.1"
},
{
"_id": null,
"model": "tivoli workload scheduler distributed fp01",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.0"
},
{
"_id": null,
"model": "cloudsystem matrix",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.1"
},
{
"_id": null,
"model": "project openssl 0.9.8za",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "security network intrusion prevention system gx7412-10",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.5"
},
{
"_id": null,
"model": "m.08",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"_id": null,
"model": "project openssl 0.9.8m beta1",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.2"
},
{
"_id": null,
"model": "version control agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.1"
},
{
"_id": null,
"model": "systems director storage control",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2.4.1"
},
{
"_id": null,
"model": "security network intrusion prevention system gx5008",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.1"
},
{
"_id": null,
"model": "a6600 r3303p18",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "project openssl 0.9.8q",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "systems insight manager",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "7.5.1"
},
{
"_id": null,
"model": "9500e",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"_id": null,
"model": "ssl for openvms",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1.4-493"
},
{
"_id": null,
"model": "msr20 russian version",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"_id": null,
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "9.2"
},
{
"_id": null,
"model": "switch series r1118p11",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "5830"
},
{
"_id": null,
"model": "aura communication manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3.8"
},
{
"_id": null,
"model": "rational application developer for websphere",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.0.1"
},
{
"_id": null,
"model": "aura presence services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"_id": null,
"model": "tivoli workload scheduler for z/os connector",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5"
},
{
"_id": null,
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3.6"
},
{
"_id": null,
"model": "security network intrusion prevention system gx4002",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.5"
},
{
"_id": null,
"model": "storwize unified",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70001.4.3.6"
},
{
"_id": null,
"model": "secblade iii",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"_id": null,
"model": "rational software architect realtime edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1"
},
{
"_id": null,
"model": "flex system fc3171 8gb san switch",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.3"
},
{
"_id": null,
"model": "ssl for openvms",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1.4-453"
},
{
"_id": null,
"model": "security network intrusion prevention system gx7412-10",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.4"
},
{
"_id": null,
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.3"
},
{
"_id": null,
"model": "security network intrusion prevention system gv200",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6"
},
{
"_id": null,
"model": "aura presence services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.2"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.1"
},
{
"_id": null,
"model": "sle client tools for x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"_id": null,
"model": "storwize unified",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70001.4"
},
{
"_id": null,
"model": "msr30 r2513p33",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "tivoli workload scheduler for z/os connector",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.6"
},
{
"_id": null,
"model": "msr50-g2 r2513p33",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "project openssl 1.0.1c",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "ssl for openvms",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1.4-467"
},
{
"_id": null,
"model": "msr1000 russian version",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"_id": null,
"model": "vb",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"_id": null,
"model": "pureapplication system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0"
},
{
"_id": null,
"model": "bladecenter -e",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1881"
},
{
"_id": null,
"model": "xcode",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.3.2"
},
{
"_id": null,
"model": "smart analytics system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "56001"
},
{
"_id": null,
"model": "ka",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"_id": null,
"model": "office connect pk",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "18100"
},
{
"_id": null,
"model": "security network intrusion prevention system gx4002",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.4"
},
{
"_id": null,
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8v"
},
{
"_id": null,
"model": "security network intrusion prevention system gx5108-v2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3"
},
{
"_id": null,
"model": "project openssl 1.0.1f",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "yb",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"_id": null,
"model": "f5000 f3210p22",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "upward integration modules for vmware vsphere",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.2"
},
{
"_id": null,
"model": "security network intrusion prevention system gx6116",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.2"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.4.1"
},
{
"_id": null,
"model": "systems director storage control",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2.3.1"
},
{
"_id": null,
"model": "upward integration modules for microsoft system center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.1"
},
{
"_id": null,
"model": "upward integration modules scvmm add-in",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.2"
},
{
"_id": null,
"model": "systems director common agent for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.3.5"
},
{
"_id": null,
"model": "project openssl 0.9.8g",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "cms r17",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"_id": null,
"model": "flex system fc3171 8gb san switch and san pass-thru",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.5.03.00"
},
{
"_id": null,
"model": "storwize unified",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70001.41"
},
{
"_id": null,
"model": "aspera ondemand for google cloud",
"scope": "eq",
"trust": 0.3,
"vendor": "asperasoft",
"version": "0"
},
{
"_id": null,
"model": "power hmc",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.8.2.0"
},
{
"_id": null,
"model": "storwize unified",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70001.3.21"
},
{
"_id": null,
"model": "flex system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.0.0"
},
{
"_id": null,
"model": "aura utility services sp7",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3"
},
{
"_id": null,
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2.4"
},
{
"_id": null,
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "9.0"
},
{
"_id": null,
"model": "tivoli workload scheduler distributed fp04",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5"
},
{
"_id": null,
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "security network intrusion prevention system gx7412-05",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.5"
},
{
"_id": null,
"model": "security network intrusion prevention system gx6116",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.1"
},
{
"_id": null,
"model": "matrix operating environment",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.2"
},
{
"_id": null,
"model": "hsr6602 russian version",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"_id": null,
"model": "xcode",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "2.1"
},
{
"_id": null,
"model": "aspera console",
"scope": "ne",
"trust": 0.3,
"vendor": "asperasoft",
"version": "2.5.3"
},
{
"_id": null,
"model": "insight control",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.4"
},
{
"_id": null,
"model": "e",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"_id": null,
"model": "mcp russian version r3303p18",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "6600"
},
{
"_id": null,
"model": "cloudsystem matrix",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.1"
},
{
"_id": null,
"model": "tivoli workload scheduler for applications fp02",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.4"
},
{
"_id": null,
"model": "rational software architect",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.1"
},
{
"_id": null,
"model": "security network intrusion prevention system gx5008-v2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6"
},
{
"_id": null,
"model": "security network intrusion prevention system gx3002",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3"
},
{
"_id": null,
"model": "ei switch series",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "51200"
},
{
"_id": null,
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0.2"
},
{
"_id": null,
"model": "project openssl beta2",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0"
},
{
"_id": null,
"model": "security network intrusion prevention system gx7800",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6"
},
{
"_id": null,
"model": "security network intrusion prevention system gx5208-v2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.2"
},
{
"_id": null,
"model": "bladecenter -s",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7779"
},
{
"_id": null,
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3"
},
{
"_id": null,
"model": "upward integration modules for vmware vsphere",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "3.5.3"
},
{
"_id": null,
"model": "systems director",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.3.2.2"
},
{
"_id": null,
"model": "flex system fc3171 8gb san pass-thru",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.2"
},
{
"_id": null,
"model": "msr50 russian version",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"_id": null,
"model": "xcode",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.1.2"
},
{
"_id": null,
"model": "xcode",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.0.2"
},
{
"_id": null,
"model": "xcode",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.2"
},
{
"_id": null,
"model": "linux mips",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "security network intrusion prevention system gx7412-05",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.4"
},
{
"_id": null,
"model": "hsr6800 r3303p18",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "storwize unified",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70001.3.20"
},
{
"_id": null,
"model": "msr3000",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"_id": null,
"model": "security network intrusion prevention system gx5108-v2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.5"
},
{
"_id": null,
"model": "hp-ux b.11.11",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "aspera faspex",
"scope": "ne",
"trust": 0.3,
"vendor": "asperasoft",
"version": "3.9"
},
{
"_id": null,
"model": "tivoli dynamic workload console",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.1"
},
{
"_id": null,
"model": "storwize unified",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70001.40"
},
{
"_id": null,
"model": "msr2000 r0106p18",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "va",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"_id": null,
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.4.1"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "14.1"
},
{
"_id": null,
"model": "security network intrusion prevention system gx5208-v2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.1"
},
{
"_id": null,
"model": "storwize unified",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70001.4.32"
},
{
"_id": null,
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"_id": null,
"model": "aspera ondemand for softlayer",
"scope": "eq",
"trust": 0.3,
"vendor": "asperasoft",
"version": "0"
},
{
"_id": null,
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2"
},
{
"_id": null,
"model": "storage provisioning manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.4"
},
{
"_id": null,
"model": "switch series",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "125000"
},
{
"_id": null,
"model": "xcode",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.4"
},
{
"_id": null,
"model": "switch series r1809p03",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "5800"
},
{
"_id": null,
"model": "flex system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.0.0"
},
{
"_id": null,
"model": "aspera ondemand for azure",
"scope": "eq",
"trust": 0.3,
"vendor": "asperasoft",
"version": "0"
},
{
"_id": null,
"model": "r2311p05",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "5700"
},
{
"_id": null,
"model": "aspera shares",
"scope": "ne",
"trust": 0.3,
"vendor": "asperasoft",
"version": "1.9"
},
{
"_id": null,
"model": "hi switch series r5501p06",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "5500"
},
{
"_id": null,
"model": "xcode",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "6.0"
},
{
"_id": null,
"model": "qradar risk manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.3"
},
{
"_id": null,
"model": "flex system fc3171 8gb san pass-thru",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.1"
},
{
"_id": null,
"model": "secblade iii r3820p03",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "security network intrusion prevention system gx5108-v2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.4"
},
{
"_id": null,
"model": "msm",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "6.46.4.2.1"
},
{
"_id": null,
"model": "systems director",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.3.3.1"
},
{
"_id": null,
"model": "cloudsystem matrix",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.2"
},
{
"_id": null,
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.5.0"
},
{
"_id": null,
"model": "aspera client",
"scope": "eq",
"trust": 0.3,
"vendor": "asperasoft",
"version": "0"
},
{
"_id": null,
"model": "insight control server deployment",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.1"
},
{
"_id": null,
"model": "project openssl 0.9.8l",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.1.1"
},
{
"_id": null,
"model": "infosphere information server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "11.3"
},
{
"_id": null,
"model": "flex system fc3171 8gb san pass-thru",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1"
},
{
"_id": null,
"model": "hsr6800 russian version",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"_id": null,
"model": "flex system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.20"
},
{
"_id": null,
"model": "matrix operating environment",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.4"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.1"
},
{
"_id": null,
"model": "systems director common agent for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.3.4"
},
{
"_id": null,
"model": "aspera outlook plugin",
"scope": "eq",
"trust": 0.3,
"vendor": "asperasoft",
"version": "0"
},
{
"_id": null,
"model": "project openssl 0.9.8zc",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "project openssl h",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"_id": null,
"model": "switch series (comware",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "10500v5)0"
},
{
"_id": null,
"model": "systems director",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.2.1.0"
},
{
"_id": null,
"model": "r3303p18",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "6602"
},
{
"_id": null,
"model": "xcode",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.2.5"
},
{
"_id": null,
"model": "image construction and composition tool",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.1.3"
},
{
"_id": null,
"model": "security network intrusion prevention system gx4002",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6"
},
{
"_id": null,
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3"
},
{
"_id": null,
"model": "power hmc",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.7.3.0"
},
{
"_id": null,
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2.3"
},
{
"_id": null,
"model": "project openssl i",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"_id": null,
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3.2"
},
{
"_id": null,
"model": "systems director",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.3.1.0"
},
{
"_id": null,
"model": "u200a and m",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"_id": null,
"model": "storwize unified",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70001.4.2.0"
},
{
"_id": null,
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "10.1"
},
{
"_id": null,
"model": "project openssl 1.0.0i",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "smart analytics system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "56003"
},
{
"_id": null,
"model": "storage provisioning manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.2.2"
},
{
"_id": null,
"model": "storwize unified",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70001.3.0.0"
},
{
"_id": null,
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.2"
},
{
"_id": null,
"model": "security network intrusion prevention system gx7412",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.2"
},
{
"_id": null,
"model": "pureapplication system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.4.1"
},
{
"_id": null,
"model": "msr20-1x r2513p33",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "hp-ux b.11.23",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "r1105",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "1920"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2"
},
{
"_id": null,
"model": "storwize unified",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70001.5.2.0"
},
{
"_id": null,
"model": "vcenter server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5"
},
{
"_id": null,
"model": "r11xx",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "19100"
},
{
"_id": null,
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "9.3"
},
{
"_id": null,
"model": "systems director common agent for linux",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.3.1"
},
{
"_id": null,
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3.1"
},
{
"_id": null,
"model": "systems director",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.2.1.2"
},
{
"_id": null,
"model": "cognos planning",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.1.1"
},
{
"_id": null,
"model": "tivoli workload scheduler for applications",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.6"
},
{
"_id": null,
"model": "tivoli workload scheduler for z/os connector fp02",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.6"
},
{
"_id": null,
"model": "xcode",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "6.2"
},
{
"_id": null,
"model": "security virtual server protection for vmware",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1"
},
{
"_id": null,
"model": "insight control server provisioning",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.5.0"
},
{
"_id": null,
"model": "insight control server provisioning",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.4.0"
},
{
"_id": null,
"model": "security network intrusion prevention system gx5008-v2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.1"
},
{
"_id": null,
"model": "project openssl 1.0.0e",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "security network intrusion prevention system gx5208",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.2"
},
{
"_id": null,
"model": "mac os",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "x10.10.2"
},
{
"_id": null,
"model": "security network intrusion prevention system gx7800",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.1"
},
{
"_id": null,
"model": "project openssl beta1",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0"
},
{
"_id": null,
"model": "storage provisioning manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.2"
},
{
"_id": null,
"model": "version control agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3"
},
{
"_id": null,
"model": "security network intrusion prevention system gx7412-10",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3"
},
{
"_id": null,
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"_id": null,
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"_id": null,
"model": "switch series",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "58000"
},
{
"_id": null,
"model": "security network intrusion prevention system gv1000",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.2"
},
{
"_id": null,
"model": "system management homepage",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "7.5.5"
},
{
"_id": null,
"model": "storwize unified",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70001.4.1.0"
},
{
"_id": null,
"model": "ssl for openvms",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1.4"
},
{
"_id": null,
"model": "project openssl c",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"_id": null,
"model": "esxi",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5"
},
{
"_id": null,
"model": "aspera shares",
"scope": "eq",
"trust": 0.3,
"vendor": "asperasoft",
"version": "1.7.3"
},
{
"_id": null,
"model": "si switch series r2221p08",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "5500"
},
{
"_id": null,
"model": "security network intrusion prevention system gx7412-05",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6"
},
{
"_id": null,
"model": "aura collaboration environment",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"_id": null,
"model": "cognos insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2.1.2"
},
{
"_id": null,
"model": "aspera connect server",
"scope": "eq",
"trust": 0.3,
"vendor": "asperasoft",
"version": "0"
},
{
"_id": null,
"model": "insight control server deployment",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.1.2"
},
{
"_id": null,
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.1"
},
{
"_id": null,
"model": "z/tpf",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.10"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.10.1"
},
{
"_id": null,
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8x"
},
{
"_id": null,
"model": "r2110p03",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "3100v2-48"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.2"
},
{
"_id": null,
"model": "storage provisioning manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.3.2"
},
{
"_id": null,
"model": "tivoli workload scheduler distributed",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1"
},
{
"_id": null,
"model": "ps110",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"_id": null,
"model": "upward integration modules hardware management pack",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "5.5.3"
},
{
"_id": null,
"model": "storwize unified",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70001.4.33"
},
{
"_id": null,
"model": "xcode",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.2.1"
},
{
"_id": null,
"model": "9500e r1828p06",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "storwize unified",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70001.4.3.0"
},
{
"_id": null,
"model": "upward integration modules integrated installer",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "5.5.3"
},
{
"_id": null,
"model": "insight control server deployment",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.1"
},
{
"_id": null,
"model": "security network intrusion prevention system gx4004",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.1"
},
{
"_id": null,
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"_id": null,
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.4"
},
{
"_id": null,
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.3"
},
{
"_id": null,
"model": "project openssl 0.9.8t",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "f5000-s r3811p03",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "storwize unified",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70001.3.1.0"
},
{
"_id": null,
"model": "security network intrusion prevention system gx4004-v2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3"
},
{
"_id": null,
"model": "a6600 russian version r3303p18",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "security network intrusion prevention system gx5108-v2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6"
},
{
"_id": null,
"model": "xcode",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.2.3"
},
{
"_id": null,
"model": "security network intrusion prevention system gx5008",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.2"
},
{
"_id": null,
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.0.6"
},
{
"_id": null,
"model": "switch series (comware",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "10500v7)0"
},
{
"_id": null,
"model": "aspera faspex",
"scope": "eq",
"trust": 0.3,
"vendor": "asperasoft",
"version": "3.7.5"
},
{
"_id": null,
"model": "systems director",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.3.2.1"
},
{
"_id": null,
"model": "project openssl 1.0.0c",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "tivoli workload scheduler distributed fp03",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5"
},
{
"_id": null,
"model": "qradar vulnerability manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.3"
},
{
"_id": null,
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "8.0"
},
{
"_id": null,
"model": "systems director storage control",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2.2.0"
},
{
"_id": null,
"model": "security network intrusion prevention system gx4002",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.1"
},
{
"_id": null,
"model": "msr30-16 russian version",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"_id": null,
"model": "hsr6602",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"_id": null,
"model": "security network intrusion prevention system gx5108",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.1"
},
{
"_id": null,
"model": "systems director common agent for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.3.1"
},
{
"_id": null,
"model": "security network intrusion prevention system gx7412",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.5"
},
{
"_id": null,
"model": "cloudsystem matrix",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.3"
},
{
"_id": null,
"model": "power hmc",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.8.1.0"
},
{
"_id": null,
"model": "xcode",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.2.1"
},
{
"_id": null,
"model": "msr30-16 russian version 2513l40.ru",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "msr20-1x russian version",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"_id": null,
"model": "ra",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"_id": null,
"model": "f5000-c r3811p03",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.10.4"
},
{
"_id": null,
"model": "si switch series",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "55000"
},
{
"_id": null,
"model": "xcode",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.1.1"
},
{
"_id": null,
"model": "rf manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"_id": null,
"model": "tivoli workload scheduler distributed",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5"
},
{
"_id": null,
"model": "power hmc",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.7.9.0"
},
{
"_id": null,
"model": "flex system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.4"
},
{
"_id": null,
"model": "security network intrusion prevention system gx3002",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6"
},
{
"_id": null,
"model": "systems director storage control",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2.6.0"
},
{
"_id": null,
"model": "cognos planning",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.1"
},
{
"_id": null,
"model": "tivoli workload scheduler for z/os connector fp03",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.1"
},
{
"_id": null,
"model": "project openssl 1.0.0f",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "security network intrusion prevention system gx7412-05",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3"
},
{
"_id": null,
"model": "hsr6800",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"_id": null,
"model": "ei switch series r2221p08",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "5120"
},
{
"_id": null,
"model": "project openssl d",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"_id": null,
"model": "tivoli management framework",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1.1"
},
{
"_id": null,
"model": "security network intrusion prevention system gx7412",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.4"
},
{
"_id": null,
"model": "pureapplication system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1"
},
{
"_id": null,
"model": "cloudsystem matrix",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3"
},
{
"_id": null,
"model": "xcode",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "2.2"
},
{
"_id": null,
"model": "h.07",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"_id": null,
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.1"
},
{
"_id": null,
"model": "ssl for openvms",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "1.4-495"
},
{
"_id": null,
"model": "systems director storage control",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2.1.1"
},
{
"_id": null,
"model": "msr50 g2 russian version 2513l40.ru",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1"
},
{
"_id": null,
"model": "security network intrusion prevention system gx5208",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.5"
},
{
"_id": null,
"model": "sle client tools for s390x",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"_id": null,
"model": "tivoli workload scheduler distributed",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.6"
},
{
"_id": null,
"model": "security network intrusion prevention system gx4004-v2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.5"
},
{
"_id": null,
"model": "cognos insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2.2.2"
},
{
"_id": null,
"model": "office connect pm",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "18100"
},
{
"_id": null,
"model": "project openssl 1.0.0j",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "matrix operating environment",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2"
},
{
"_id": null,
"model": "project openssl 1.0.0b",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "switch series",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "36100"
},
{
"_id": null,
"model": "security network intrusion prevention system gv1000",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.5"
},
{
"_id": null,
"model": "msr30-16",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"_id": null,
"model": "ya",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"_id": null,
"model": "switch series r2311p05",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "5900"
},
{
"_id": null,
"model": "xcode",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.3"
},
{
"_id": null,
"model": "bladecenter t advanced management module 32r0835",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "msm",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "6.26.2.1.2"
},
{
"_id": null,
"model": "hi switch series",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "55000"
},
{
"_id": null,
"model": "msr30-1x russian version",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"_id": null,
"model": "systems director",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.3.3.0"
},
{
"_id": null,
"model": "msr30-1x",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"_id": null,
"model": "lotus protector for mail security",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.80"
},
{
"_id": null,
"model": "ssl for openvms",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1.4-471"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.0"
},
{
"_id": null,
"model": "version control agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.2"
},
{
"_id": null,
"model": "switch series r2110p03",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "3600v2"
},
{
"_id": null,
"model": "aura presence services sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"_id": null,
"model": "12500(comware r7328p04",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "v7)"
},
{
"_id": null,
"model": "security network intrusion prevention system gx5208",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.4"
},
{
"_id": null,
"model": "infosphere information server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1"
},
{
"_id": null,
"model": "aura presence services sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"_id": null,
"model": "aspera console",
"scope": "eq",
"trust": 0.3,
"vendor": "asperasoft",
"version": "2.0.1"
},
{
"_id": null,
"model": "systems director common agent for linux",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.3.3"
},
{
"_id": null,
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3.3"
},
{
"_id": null,
"model": "security network intrusion prevention system gx4004-v2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.4"
},
{
"_id": null,
"model": "systems director storage control",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2.3.2"
},
{
"_id": null,
"model": "xcode",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.0"
},
{
"_id": null,
"model": "systems director common agent for linux",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.3.4"
},
{
"_id": null,
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.0.5"
},
{
"_id": null,
"model": "tivoli workload scheduler distributed fp07",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.4"
},
{
"_id": null,
"model": "w",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"_id": null,
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0.1"
},
{
"_id": null,
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.1.1"
},
{
"_id": null,
"model": "security network intrusion prevention system gv1000",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.4"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.1.2"
},
{
"_id": null,
"model": "msr30 russian version",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"_id": null,
"model": "hp-ux b.11.31",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "r15xx r1513p95",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "1910"
},
{
"_id": null,
"model": "linux s/390",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "lotus protector for mail security",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.8.1.0"
},
{
"_id": null,
"model": "power hmc",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.7.7.0"
},
{
"_id": null,
"model": "msr4000 r0106p18",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "msr50 russian version 2513l40.ru",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "project openssl beta3",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0"
},
{
"_id": null,
"model": "project openssl f",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.1"
},
{
"_id": null,
"model": "bladecenter -t",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8730"
},
{
"_id": null,
"model": "switch series",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "3600v20"
},
{
"_id": null,
"model": "cloudbridge",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "0"
},
{
"_id": null,
"model": "msr30-1x r2513p33",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": null,
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "3100v20"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.3"
},
{
"_id": null,
"model": "version control repository manager",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "7.5.1"
},
{
"_id": null,
"model": "pb",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"_id": null,
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2.2"
},
{
"_id": null,
"model": "xcode",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "2.0"
},
{
"_id": null,
"model": "tivoli workload scheduler for applications fp01",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5"
},
{
"_id": null,
"model": "msm",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "6.56.5.1.0"
},
{
"_id": null,
"model": "msr50 r2513p33",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "aspera enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "asperasoft",
"version": "0"
},
{
"_id": null,
"model": "security network intrusion prevention system gx6116",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3"
},
{
"_id": null,
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2"
},
{
"_id": null,
"model": "upward integration modules for microsoft system center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.5"
},
{
"_id": null,
"model": "tivoli workload scheduler distributed fp02",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.6"
},
{
"_id": null,
"model": "project openssl 1.0.1d",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "aura presence services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"_id": null,
"model": "bladecenter -h",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7989"
},
{
"_id": null,
"model": "switch series r6708p10",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "7500"
},
{
"_id": null,
"model": "rational software architect",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1"
},
{
"_id": null,
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3.10"
},
{
"_id": null,
"model": "g switch series r2221p08",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "4800"
},
{
"_id": null,
"model": "flex system fc3171 8gb san switch",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.2"
},
{
"_id": null,
"model": "project openssl beta1",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0.1"
},
{
"_id": null,
"model": "f1000-e r3181p05",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "bladecenter -ht",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8740"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.10.5"
},
{
"_id": null,
"model": "flex system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.2.1.0"
},
{
"_id": null,
"model": "security network intrusion prevention system gv200",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.2"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.2"
},
{
"_id": null,
"model": "msr9xx r2513p33",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "mcp russian version",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "66000"
},
{
"_id": null,
"model": "4510g switch series r2221p08",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "r11xx r1107",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "1910"
},
{
"_id": null,
"model": "wx5002/5004",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"_id": null,
"model": "matrix operating environment",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.1"
},
{
"_id": null,
"model": "infosphere information server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5"
},
{
"_id": null,
"model": "msr30-16 r2513p33",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "cognos controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5"
},
{
"_id": null,
"model": "msr30-1x russian version 2513l40.ru",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "cognos controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.1.1"
},
{
"_id": null,
"model": "aspera point to point",
"scope": "eq",
"trust": 0.3,
"vendor": "asperasoft",
"version": "0"
},
{
"_id": null,
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "aspera console",
"scope": "eq",
"trust": 0.3,
"vendor": "asperasoft",
"version": "2.3"
},
{
"_id": null,
"model": "aura presence services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.1"
},
{
"_id": null,
"model": "msr50",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"_id": null,
"model": "security network intrusion prevention system gx3002",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.1"
},
{
"_id": null,
"model": "aspera faspex",
"scope": "eq",
"trust": 0.3,
"vendor": "asperasoft",
"version": "3.7.7"
},
{
"_id": null,
"model": "xcode",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "7.0"
},
{
"_id": null,
"model": "switch series r2111p06",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "11900"
},
{
"_id": null,
"model": "f1000-a r3734p06",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "security network intrusion prevention system gx5208-v2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3"
},
{
"_id": null,
"model": "security network intrusion prevention system gx7412-10",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6"
},
{
"_id": null,
"model": "security network intrusion prevention system gv200",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.1"
},
{
"_id": null,
"model": "hsr6602 russian version r3303p18",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.10"
},
{
"_id": null,
"model": "aspera orchestrator",
"scope": "ne",
"trust": 0.3,
"vendor": "asperasoft",
"version": "2.10"
},
{
"_id": null,
"model": null,
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "8300"
},
{
"_id": null,
"model": "flex system fc3171 8gb san switch",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.1"
},
{
"_id": null,
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.2"
},
{
"_id": null,
"model": "hsr6800 russian version r3303p18",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "storwize unified",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70001.5.1.3"
},
{
"_id": null,
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2.4"
},
{
"_id": null,
"model": "systems director common agent for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.3.3"
},
{
"_id": null,
"model": "project openssl 1.0.0n",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.0"
},
{
"_id": null,
"model": "insight control server provisioning",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.4.1"
},
{
"_id": null,
"model": "aura session manager sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"_id": null,
"model": "systems director storage control",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2.4.0"
},
{
"_id": null,
"model": "ei switch series",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "51300"
},
{
"_id": null,
"model": "security network intrusion prevention system gx6116",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.5"
},
{
"_id": null,
"model": "tivoli dynamic workload console",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.4"
},
{
"_id": null,
"model": "switch series",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "59200"
},
{
"_id": null,
"model": "cognos tm1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2"
},
{
"_id": null,
"model": "y",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"_id": null,
"model": "u",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"_id": null,
"model": "insight control",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "7.5.1"
},
{
"_id": null,
"model": "4210g switch series r2221p08",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "xcode",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "2.4.1"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.3.1"
},
{
"_id": null,
"model": "tivoli dynamic workload console",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1"
},
{
"_id": null,
"model": "storwize unified",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70001.4.34"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "14.0"
},
{
"_id": null,
"model": "aura communication manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3"
},
{
"_id": null,
"model": "aspera proxy",
"scope": "eq",
"trust": 0.3,
"vendor": "asperasoft",
"version": "0"
},
{
"_id": null,
"model": "l",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"_id": null,
"model": "security network intrusion prevention system gx5208",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6"
},
{
"_id": null,
"model": "server migration pack",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.5"
},
{
"_id": null,
"model": "security network intrusion prevention system gx4004-v2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6"
},
{
"_id": null,
"model": "xcode",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.2.2"
},
{
"_id": null,
"model": "4210g switch series",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"_id": null,
"model": "security network intrusion prevention system gx5008-v2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.2"
},
{
"_id": null,
"model": "m220",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"_id": null,
"model": "smart analytics system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "56002"
},
{
"_id": null,
"model": "security network intrusion prevention system gx7800",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.2"
},
{
"_id": null,
"model": "insight control",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.5"
},
{
"_id": null,
"model": "security network intrusion prevention system gx6116",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.4"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.9.5"
},
{
"_id": null,
"model": "cognos controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2.1"
},
{
"_id": null,
"model": "f5000",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"_id": null,
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3"
},
{
"_id": null,
"model": "aspera ondemand for amazon",
"scope": "eq",
"trust": 0.3,
"vendor": "asperasoft",
"version": "0"
},
{
"_id": null,
"model": "virtual connect enterprise manager sdk",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "7.4.1"
},
{
"_id": null,
"model": "ei switch series",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "55000"
},
{
"_id": null,
"model": "sdk for node.js",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.0.9"
},
{
"_id": null,
"model": "version control agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.2"
},
{
"_id": null,
"model": "msm",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "6.36.3.1.0"
},
{
"_id": null,
"model": "aura system manager sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"_id": null,
"model": "security network intrusion prevention system gx5208-v2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.5"
},
{
"_id": null,
"model": "project openssl 0.9.8o",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.0.2"
},
{
"_id": null,
"model": "server migration pack",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "7.5.1"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "13.1"
},
{
"_id": null,
"model": "project openssl e",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"_id": null,
"model": "project openssl 1.0.1b",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "project openssl 1.0.0k",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "bladecenter -h",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1886"
},
{
"_id": null,
"model": "msr20-1x",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"_id": null,
"model": "aspera cargo",
"scope": "eq",
"trust": 0.3,
"vendor": "asperasoft",
"version": "0"
},
{
"_id": null,
"model": "switch series",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "59000"
},
{
"_id": null,
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.1"
},
{
"_id": null,
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.4"
},
{
"_id": null,
"model": "matrix operating environment",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.1"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "13.0"
},
{
"_id": null,
"model": "security network intrusion prevention system gx7412",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3"
},
{
"_id": null,
"model": "storwize unified",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70001.3.0.5"
},
{
"_id": null,
"model": "security network intrusion prevention system gx4004",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.2"
},
{
"_id": null,
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "4.2"
},
{
"_id": null,
"model": "msr2000",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"_id": null,
"model": "a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"_id": null,
"model": "mcp",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "66000"
},
{
"_id": null,
"model": null,
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "125000"
},
{
"_id": null,
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"_id": null,
"model": "switch series",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "75000"
},
{
"_id": null,
"model": "qradar siem",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.3"
},
{
"_id": null,
"model": null,
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "19200"
},
{
"_id": null,
"model": "security network intrusion prevention system gx5208-v2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.4"
},
{
"_id": null,
"model": "cognos controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.1"
},
{
"_id": null,
"model": "aura utility services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3"
},
{
"_id": null,
"model": "xcode",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.0.1"
},
{
"_id": null,
"model": "bladecenter -e",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8677"
},
{
"_id": null,
"model": "si switch series r1513p95",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "5120"
},
{
"_id": null,
"model": "upward integration modules for vmware vsphere",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.5.2"
},
{
"_id": null,
"model": "cognos controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2"
},
{
"_id": null,
"model": "systems director common agent for linux",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.3.2"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.8.5"
},
{
"_id": null,
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"_id": null,
"model": "systems director storage control",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2.2.1"
},
{
"_id": null,
"model": "f",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"_id": null,
"model": "project openssl 0.9.8s",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "security network intrusion prevention system gx4002",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.2"
},
{
"_id": null,
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.0"
},
{
"_id": null,
"model": "tivoli workload scheduler distributed",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.2"
},
{
"_id": null,
"model": "security network intrusion prevention system gx5208",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3"
},
{
"_id": null,
"model": "qradar risk manager mr2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1"
},
{
"_id": null,
"model": "security network intrusion prevention system gx5108",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.2"
},
{
"_id": null,
"model": "security network intrusion prevention system gx7412-10",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.1"
},
{
"_id": null,
"model": "switch series r1005p15",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "12900"
},
{
"_id": null,
"model": "systems director storage control",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2.3.0"
},
{
"_id": null,
"model": "security network intrusion prevention system gx4004",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3"
},
{
"_id": null,
"model": "aura utility services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"_id": null,
"model": "security network intrusion prevention system gv1000",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3"
},
{
"_id": null,
"model": "office connect p",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "18100"
},
{
"_id": null,
"model": "aspera orchestrator",
"scope": "eq",
"trust": 0.3,
"vendor": "asperasoft",
"version": "0"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.1"
},
{
"_id": null,
"model": "r2507p34",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "6000"
},
{
"_id": null,
"model": "infosphere information server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.1"
},
{
"_id": null,
"model": "linux ia-32",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "13.37"
},
{
"_id": null,
"model": "netscaler service delivery appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "0"
},
{
"_id": null,
"model": "f1000-s r3734p06",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "matrix operating environment",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "7.5.1"
},
{
"_id": null,
"model": "project openssl beta2",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0.1"
},
{
"_id": null,
"model": "msr50 g2 russian version",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"_id": null,
"model": "flex system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.2.1"
},
{
"_id": null,
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.3"
},
{
"_id": null,
"model": "security network intrusion prevention system gx7800",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.5"
},
{
"_id": null,
"model": "manager for sle sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "111.7"
},
{
"_id": null,
"model": "studio onsite",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "1.3"
},
{
"_id": null,
"model": "msr20-1x russian version 2513l40.ru",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "security network intrusion prevention system gx4004-v2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.1"
},
{
"_id": null,
"model": "cloudsystem matrix",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.2"
},
{
"_id": null,
"model": "secblade ssl vpn",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"_id": null,
"model": null,
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "66020"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3"
},
{
"_id": null,
"model": "infosphere information server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.7"
},
{
"_id": null,
"model": "systems director",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.3.0.0"
},
{
"_id": null,
"model": "insight control server deployment",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.2"
},
{
"_id": null,
"model": "tivoli workload scheduler distributed fp04",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.1"
},
{
"_id": null,
"model": "security network intrusion prevention system gx5008",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3"
},
{
"_id": null,
"model": "russian version",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "66020"
},
{
"_id": null,
"model": null,
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "60000"
},
{
"_id": null,
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "10.0"
},
{
"_id": null,
"model": "office connect pl",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "18100"
},
{
"_id": null,
"model": "security network intrusion prevention system gx6116",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6"
},
{
"_id": null,
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "msr20 russian version 2513l40.ru",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "secblade fw",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"_id": null,
"model": "u200a and m f5123p30",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.2"
},
{
"_id": null,
"model": "t",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"_id": null,
"model": "security network intrusion prevention system gx7800",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.4"
},
{
"_id": null,
"model": "switch series (comware r1208p10",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "10500v5)"
},
{
"_id": null,
"model": "4510g switch series",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"_id": null,
"model": "upward integration modules for vmware vsphere",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.5.1"
},
{
"_id": null,
"model": "security network intrusion prevention system gx4004",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.5"
},
{
"_id": null,
"model": "vsr1000 r0204p01",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "switch series r2311p05",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "5920"
},
{
"_id": null,
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3.4"
},
{
"_id": null,
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "8.4"
},
{
"_id": null,
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.4"
},
{
"_id": null,
"model": "storage provisioning manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.3"
},
{
"_id": null,
"model": "security virtual server protection for vmware",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.1"
},
{
"_id": null,
"model": "ssl for openvms",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1.4-476"
},
{
"_id": null,
"model": "systems director common agent for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.3.2"
},
{
"_id": null,
"model": "project openssl 0.9.8u",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "xcode",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.3.3"
},
{
"_id": null,
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "9.1"
},
{
"_id": null,
"model": "ei switch series r3108p03",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "5130"
},
{
"_id": null,
"model": "project openssl 1.0.1h",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "cognos tm1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.1.1"
},
{
"_id": null,
"model": "flex system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.0"
}
],
"sources": [
{
"db": "BID",
"id": "70585"
},
{
"db": "NVD",
"id": "CVE-2014-3513"
}
]
},
"credits": {
"_id": null,
"data": "HP",
"sources": [
{
"db": "PACKETSTORM",
"id": "131306"
},
{
"db": "PACKETSTORM",
"id": "129932"
},
{
"db": "PACKETSTORM",
"id": "132085"
},
{
"db": "PACKETSTORM",
"id": "137292"
},
{
"db": "PACKETSTORM",
"id": "132081"
}
],
"trust": 0.5
},
"cve": "CVE-2014-3513",
"cvss": {
"_id": null,
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 7.1,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "CVE-2014-3513",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 1.1,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2014-3513",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2014-3513",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2014-3513"
},
{
"db": "NVD",
"id": "CVE-2014-3513"
}
]
},
"description": {
"_id": null,
"data": "Memory leak in d1_srtp.c in the DTLS SRTP extension in OpenSSL 1.0.1 before 1.0.1j allows remote attackers to cause a denial of service (memory consumption) via a crafted handshake message. OpenSSL is prone to a security-bypass vulnerability. \nSuccessfully exploiting this issue will allow attackers to bypass security restrictions and perform unauthorized actions. This could be\nexploited in a Denial Of Service attack. This issue affects OpenSSL\n1.0.1 server implementations for both SSL/TLS and DTLS regardless of\nwhether SRTP is used or configured. Implementations of OpenSSL that\nhave been compiled with OPENSSL_NO_SRTP defined are not affected. \n\nOpenSSL 1.0.1 users should upgrade to 1.0.1j. \n\nThis issue was reported to OpenSSL on 26th September 2014, based on an original\nissue and patch developed by the LibreSSL project. Further analysis of the issue\nwas performed by the OpenSSL team. \n\nThe fix was developed by the OpenSSL team. \n\n\nSession Ticket Memory Leak (CVE-2014-3567)\n==========================================\n\nSeverity: Medium\n\nWhen an OpenSSL SSL/TLS/DTLS server receives a session ticket the\nintegrity of that ticket is first verified. In the event of a session\nticket integrity check failing, OpenSSL will fail to free memory\ncausing a memory leak. By sending a large number of invalid session\ntickets an attacker could exploit this issue in a Denial Of Service\nattack. \n\nOpenSSL 1.0.1 users should upgrade to 1.0.1j. \nOpenSSL 1.0.0 users should upgrade to 1.0.0o. \nOpenSSL 0.9.8 users should upgrade to 0.9.8zc. \n\nThis issue was reported to OpenSSL on 8th October 2014. \n\nThe fix was developed by Stephen Henson of the OpenSSL core team. \n\n\nSSL 3.0 Fallback protection\n===========================\n\nSeverity: Medium\n\nOpenSSL has added support for TLS_FALLBACK_SCSV to allow applications\nto block the ability for a MITM attacker to force a protocol\ndowngrade. \n\nSome client applications (such as browsers) will reconnect using a\ndowngraded protocol to work around interoperability bugs in older\nservers. This could be exploited by an active man-in-the-middle to\ndowngrade connections to SSL 3.0 even if both sides of the connection\nsupport higher protocols. SSL 3.0 contains a number of weaknesses\nincluding POODLE (CVE-2014-3566). \n\nOpenSSL 1.0.1 users should upgrade to 1.0.1j. \nOpenSSL 1.0.0 users should upgrade to 1.0.0o. \nOpenSSL 0.9.8 users should upgrade to 0.9.8zc. \n\nhttps://tools.ietf.org/html/draft-ietf-tls-downgrade-scsv-00\nhttps://www.openssl.org/~bodo/ssl-poodle.pdf\n\nSupport for TLS_FALLBACK_SCSV was developed by Adam Langley and Bodo Moeller. \n\n\nBuild option no-ssl3 is incomplete (CVE-2014-3568)\n==================================================\n\nSeverity: Low\n\nWhen OpenSSL is configured with \"no-ssl3\" as a build option, servers\ncould accept and complete a SSL 3.0 handshake, and clients could be\nconfigured to send them. \n\nOpenSSL 1.0.1 users should upgrade to 1.0.1j. \nOpenSSL 1.0.0 users should upgrade to 1.0.0o. \nOpenSSL 0.9.8 users should upgrade to 0.9.8zc. \n\nThis issue was reported to OpenSSL by Akamai Technologies on 14th October 2014. \n\nThe fix was developed by Akamai and the OpenSSL team. \n\n\nReferences\n==========\n\nURL for this Security Advisory:\nhttps://www.openssl.org/news/secadv_20141015.txt\n\nNote: the online version of the advisory may be updated with additional\ndetails over time. \n\nFor details of OpenSSL severity classifications please see:\nhttps://www.openssl.org/about/secpolicy.html\n\n. \nHP BladeSystem c-Class Onboard Administrator (OA) 4.30 and earlier. \n\nGo to\nhttp://www.hp.com/go/oa\n\nSelect \"Onboard Administrator Firmware\"\nSelect product name as \"\"HP BLc3000 Onboard Administrator Option\" or \"HP\nBLc7000 Onboard Administrator Option\"\nSelect the operating system from the list of choices\nSelect Firmware version 4.40 for download\nRefer to the HP BladeSystem Onboard Administrator User Guide for steps to\nupdate the Onboard Administrator firmware. \n\n\nHere are the details from the Slackware 14.1 ChangeLog:\n+--------------------------+\npatches/packages/openssl-solibs-1.0.1j-i486-1_slack14.1.txz: Upgraded. \n (* Security fix *)\npatches/packages/openssl-1.0.1j-i486-1_slack14.1.txz: Upgraded. \n For more information, see:\n https://www.openssl.org/news/secadv_20141015.txt\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3513\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3566\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3567\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3568\n (* Security fix *)\n+--------------------------+\n\n\nWhere to find the new packages:\n+-----------------------------+\n\nThanks to the friendly folks at the OSU Open Source Lab\n(http://osuosl.org) for donating FTP and rsync hosting\nto the Slackware project! :-)\n\nAlso see the \"Get Slack\" section on http://slackware.com for\nadditional mirror sites near you. \n\nUpdated packages for Slackware 13.0:\nftp://ftp.slackware.com/pub/slackware/slackware-13.0/patches/packages/openssl-0.9.8zc-i486-1_slack13.0.txz\nftp://ftp.slackware.com/pub/slackware/slackware-13.0/patches/packages/openssl-solibs-0.9.8zc-i486-1_slack13.0.txz\n\nUpdated packages for Slackware x86_64 13.0:\nftp://ftp.slackware.com/pub/slackware/slackware64-13.0/patches/packages/openssl-0.9.8zc-x86_64-1_slack13.0.txz\nftp://ftp.slackware.com/pub/slackware/slackware64-13.0/patches/packages/openssl-solibs-0.9.8zc-x86_64-1_slack13.0.txz\n\nUpdated packages for Slackware 13.1:\nftp://ftp.slackware.com/pub/slackware/slackware-13.1/patches/packages/openssl-0.9.8zc-i486-1_slack13.1.txz\nftp://ftp.slackware.com/pub/slackware/slackware-13.1/patches/packages/openssl-solibs-0.9.8zc-i486-1_slack13.1.txz\n\nUpdated packages for Slackware x86_64 13.1:\nftp://ftp.slackware.com/pub/slackware/slackware64-13.1/patches/packages/openssl-0.9.8zc-x86_64-1_slack13.1.txz\nftp://ftp.slackware.com/pub/slackware/slackware64-13.1/patches/packages/openssl-solibs-0.9.8zc-x86_64-1_slack13.1.txz\n\nUpdated packages for Slackware 13.37:\nftp://ftp.slackware.com/pub/slackware/slackware-13.37/patches/packages/openssl-0.9.8zc-i486-1_slack13.37.txz\nftp://ftp.slackware.com/pub/slackware/slackware-13.37/patches/packages/openssl-solibs-0.9.8zc-i486-1_slack13.37.txz\n\nUpdated packages for Slackware x86_64 13.37:\nftp://ftp.slackware.com/pub/slackware/slackware64-13.37/patches/packages/openssl-0.9.8zc-x86_64-1_slack13.37.txz\nftp://ftp.slackware.com/pub/slackware/slackware64-13.37/patches/packages/openssl-solibs-0.9.8zc-x86_64-1_slack13.37.txz\n\nUpdated packages for Slackware 14.0:\nftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/openssl-1.0.1j-i486-1_slack14.0.txz\nftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/openssl-solibs-1.0.1j-i486-1_slack14.0.txz\n\nUpdated packages for Slackware x86_64 14.0:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/openssl-1.0.1j-x86_64-1_slack14.0.txz\nftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/openssl-solibs-1.0.1j-x86_64-1_slack14.0.txz\n\nUpdated packages for Slackware 14.1:\nftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/openssl-1.0.1j-i486-1_slack14.1.txz\nftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/openssl-solibs-1.0.1j-i486-1_slack14.1.txz\n\nUpdated packages for Slackware x86_64 14.1:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/openssl-1.0.1j-x86_64-1_slack14.1.txz\nftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/openssl-solibs-1.0.1j-x86_64-1_slack14.1.txz\n\nUpdated packages for Slackware -current:\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/a/openssl-solibs-1.0.1j-i486-1.txz\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/openssl-1.0.1j-i486-1.txz\n\nUpdated packages for Slackware x86_64 -current:\nftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/a/openssl-solibs-1.0.1j-x86_64-1.txz\nftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/openssl-1.0.1j-x86_64-1.txz\n\n\nMD5 signatures:\n+-------------+\n\nSlackware 13.0 packages:\n44d336a121b39296f0e6bbeeb283dd2b openssl-0.9.8zc-i486-1_slack13.0.txz\n8342cfb351e59ecf5ea6d8cba66f0040 openssl-solibs-0.9.8zc-i486-1_slack13.0.txz\n\nSlackware x86_64 13.0 packages:\n671f12535bdc10ab24388b713351aca2 openssl-0.9.8zc-x86_64-1_slack13.0.txz\n21e380284cdfab2fd15fffe2e0aed526 openssl-solibs-0.9.8zc-x86_64-1_slack13.0.txz\n\nSlackware 13.1 packages:\n64cb819f1e07522bd5d7ceedd0a9ab50 openssl-0.9.8zc-i486-1_slack13.1.txz\n5fe4e385b2251cfd7e8ae5963ec6cef1 openssl-solibs-0.9.8zc-i486-1_slack13.1.txz\n\nSlackware x86_64 13.1 packages:\n94feb6699d6f2cc7750a6b2e17ccaaa2 openssl-0.9.8zc-x86_64-1_slack13.1.txz\n2c17e4286509c29074ab0168367b851e openssl-solibs-0.9.8zc-x86_64-1_slack13.1.txz\n\nSlackware 13.37 packages:\n4483d91c776c7e23c59246c4e0aa24aa openssl-0.9.8zc-i486-1_slack13.37.txz\nfedd58eb19bc13c9dd88d947827a7370 openssl-solibs-0.9.8zc-i486-1_slack13.37.txz\n\nSlackware x86_64 13.37 packages:\n5d48ac1e9339efc35e304c7d48b2e762 openssl-0.9.8zc-x86_64-1_slack13.37.txz\n6f5e2b576259477c13f12cbed9be8804 openssl-solibs-0.9.8zc-x86_64-1_slack13.37.txz\n\nSlackware 14.0 packages:\n2b678160283bc696565dc8bd8b28c0eb openssl-1.0.1j-i486-1_slack14.0.txz\nf7762615c990713e9e86d4da962f1022 openssl-solibs-1.0.1j-i486-1_slack14.0.txz\n\nSlackware x86_64 14.0 packages:\n41010ca37d49b74e7d7dc3f1c6ddc57e openssl-1.0.1j-x86_64-1_slack14.0.txz\n40dc6f3de217279d6140c1efcc0d45c8 openssl-solibs-1.0.1j-x86_64-1_slack14.0.txz\n\nSlackware 14.1 packages:\n024ecea55e22e47f9fbb4b81a7b72a51 openssl-1.0.1j-i486-1_slack14.1.txz\n0a575668bb41ec4c2160800611f7f627 openssl-solibs-1.0.1j-i486-1_slack14.1.txz\n\nSlackware x86_64 14.1 packages:\nd07fe289f7998a584c2b0d9810a8b9aa openssl-1.0.1j-x86_64-1_slack14.1.txz\n1ffc5d0c02b0c60cefa5cf9189bfc71d openssl-solibs-1.0.1j-x86_64-1_slack14.1.txz\n\nSlackware -current packages:\n53c9f51a79460bbfc5dec5720317cd53 a/openssl-solibs-1.0.1j-i486-1.txz\ncc059aa63494f3b005a886c70bc3f5d6 n/openssl-1.0.1j-i486-1.txz\n\nSlackware x86_64 -current packages:\n500709555e652adcd84b4e02dfab4eeb a/openssl-solibs-1.0.1j-x86_64-1.txz\nc483ca9c450fa90a901ac013276ccc53 n/openssl-1.0.1j-x86_64-1.txz\n\n\nInstallation instructions:\n+------------------------+\n\nUpgrade the packages as root:\n# upgradepkg openssl-1.0.1j-i486-1_slack14.1.txz openssl-solibs-1.0.1j-i486-1_slack14.1.txz\n\n\n+-----+\n\nSlackware Linux Security Team\nhttp://slackware.com/gpg-key\nsecurity@slackware.com\n\n+------------------------------------------------------------------------+\n| To leave the slackware-security mailing list: |\n+------------------------------------------------------------------------+\n| Send an email to majordomo@slackware.com with this text in the body of |\n| the email message: |\n| |\n| unsubscribe slackware-security |\n| |\n| You will get a confirmation message back containing instructions to |\n| complete the process. Please do not reply to this email address. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n\nNote: the current version of the following document is available here:\nhttps://h20564.www2.hp.com/portal/site/hpsc/public/kb/\ndocDisplay?docId=emr_na-c04540692\n\nSUPPORT COMMUNICATION - SECURITY BULLETIN\n\nDocument ID: c04540692\nVersion: 1\n\nHPSBGN03233 rev.1 - HP OneView running OpenSSL, Remote Denial of Service\n(DoS), Unauthorized Access, and Disclosure of Information\n\nNOTICE: The information in this Security Bulletin should be acted upon as\nsoon as possible. \n\nRelease Date: 2015-01-13\nLast Updated: 2015-01-13\n\nPotential Security Impact: Remote Denial of Service (DoS), unauthorized\naccess, disclosure of information\n\nSource: Hewlett-Packard Company, HP Software Security Response Team\n\nVULNERABILITY SUMMARY\nPotential security vulnerabilities have been identified with HP OneView\nrunning OpenSSL and Bash Shell. These vulnerabilities (POODLE and Shellshock)\ncould be exploited remotely to create a Denial of Service (DoS), allow\nunauthorized access, or disclose information. \n\nReferences:\n\nCVE-2014-3513\nCVE-2014-3566\nCVE-2014-3567\nCVE-2014-6271\nCVE-2014-6277\nCVE-2014-6278\nCVE-2014-7169\nCVE-2014-7186\nCVE-2014-7187\nSSRT101739\nSSRT101868\n\nSUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. \nHP OneView versions prior to 1.20\n\nBACKGROUND\n\nCVSS 2.0 Base Metrics\n===========================================================\n Reference Base Vector Base Score\nCVE-2014-3513 (AV:N/AC:M/Au:N/C:N/I:N/A:C) 7.1\nCVE-2014-3566 (AV:N/AC:M/Au:N/C:P/I:N/A:N) 4.3\nCVE-2014-3567 (AV:N/AC:M/Au:N/C:N/I:N/A:C) 7.1\nCVE-2014-6271 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0\nCVE-2014-6277 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0\nCVE-2014-6278 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0\nCVE-2014-7169 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0\nCVE-2014-7186 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0\nCVE-2014-7187 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0\n===========================================================\n Information on CVSS is documented\n in HP Customer Notice: HPSN-2008-002\n\nRESOLUTION\n\nHP has released the following software update to resolve the vulnerabilities\nin HP OneView. \n\nExisting users may upgrade to HP OneView version 1.20 using the Update\nAppliance feature in HP OneView. \n\nHP OneView version 1.20 is available from the following location:\n\nhttps://h20392.www2.hp.com/portal/swdepot/displayProductInfo.do?productNumber\n=Z7550-63180\n\nNote: The upgrade (.bin) or a new install (.ova) is also available:\n\nAn HP Passport login is required. \n\nGo to the HP Software Depot site at http://www.software.hp.com and search for\nHP OneView. \n\nHISTORY\nVersion:1 (rev.1) - 13 January 2015 Initial release\n\nThird Party Security Patches: Third party security patches that are to be\ninstalled on systems running HP software products should be applied in\naccordance with the customer\u0027s patch management policy. \n\nSupport: For issues about implementing the recommendations of this Security\nBulletin, contact normal HP Services support channel. For other issues about\nthe content of this Security Bulletin, send e-mail to security-alert@hp.com. \n\nReport: To report a potential security vulnerability with any HP supported\nproduct, send Email to: security-alert@hp.com\n\nSubscribe: To initiate a subscription to receive future HP Security Bulletin\nalerts via Email:\nhttp://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins\n\nSecurity Bulletin Archive: A list of recently released Security Bulletins is\navailable here:\nhttps://h20564.www2.hp.com/portal/site/hpsc/public/kb/secBullArchive/\n\nSoftware Product Category: The Software Product Category is represented in\nthe title by the two characters following HPSB. \n\n3C = 3COM\n3P = 3rd Party Software\nGN = HP General Software\nHF = HP Hardware and Firmware\nMP = MPE/iX\nMU = Multi-Platform Software\nNS = NonStop Servers\nOV = OpenVMS\nPI = Printing and Imaging\nPV = ProCurve\nST = Storage Software\nTU = Tru64 UNIX\nUX = HP-UX\n\nCopyright 2015 Hewlett-Packard Development Company, L.P. \nHewlett-Packard Company shall not be liable for technical or editorial errors\nor omissions contained herein. The information provided is provided \"as is\"\nwithout warranty of any kind. To the extent permitted by law, neither HP or\nits affiliates, subcontractors or suppliers will be liable for\nincidental,special or consequential damages including downtime cost; lost\nprofits; damages relating to the procurement of substitute products or\nservices; or damages for loss of data, or software restoration. The\ninformation in this document is subject to change without notice. \nHewlett-Packard Company and the names of Hewlett-Packard products referenced\nherein are trademarks of Hewlett-Packard Company in the United States and\nother countries. Other product and company names mentioned herein may be\ntrademarks of their respective owners. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=====================================================================\n Red Hat Security Advisory\n\nSynopsis: Important: openssl security update\nAdvisory ID: RHSA-2014:1692-01\nProduct: Red Hat Storage\nAdvisory URL: https://rhn.redhat.com/errata/RHSA-2014-1692.html\nIssue date: 2014-10-22\nCVE Names: CVE-2014-3513 CVE-2014-3567 \n=====================================================================\n\n1. Summary:\n\nUpdated openssl packages that contain a backported patch to mitigate the\nCVE-2014-3566 issue and fix two security issues are now available for Red\nHat Storage 2.1. \n\nRed Hat Product Security has rated this update as having Important security\nimpact. Common Vulnerability Scoring System (CVSS) base scores, which give\ndetailed severity ratings, are available for each vulnerability from the\nCVE links in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Storage Server 2.1 - x86_64\n\n3. Description:\n\nOpenSSL is a toolkit that implements the Secure Sockets Layer (SSL),\nTransport Layer Security (TLS), and Datagram Transport Layer Security\n(DTLS) protocols, as well as a full-strength, general purpose cryptography\nlibrary. \n\nThis update adds support for the TLS Fallback Signaling Cipher Suite Value\n(TLS_FALLBACK_SCSV), which can be used to prevent protocol downgrade\nattacks against applications which re-connect using a lower SSL/TLS\nprotocol version when the initial connection indicating the highest\nsupported protocol version fails. \n\nThis can prevent a forceful downgrade of the communication to SSL 3.0. \nThe SSL 3.0 protocol was found to be vulnerable to the padding oracle\nattack when using block cipher suites in cipher block chaining (CBC) mode. \nThis issue is identified as CVE-2014-3566, and also known under the alias\nPOODLE. This SSL 3.0 protocol flaw will not be addressed in a future\nupdate; it is recommended that users configure their applications to\nrequire at least TLS protocol version 1.0 for secure communication. \n\nFor additional information about this flaw, see the Knowledgebase article\nat https://access.redhat.com/articles/1232123\n\nA memory leak flaw was found in the way OpenSSL parsed the DTLS Secure\nReal-time Transport Protocol (SRTP) extension data. (CVE-2014-3567)\n\nAll OpenSSL users are advised to upgrade to these updated packages, which\ncontain backported patches to mitigate the CVE-2014-3566 issue and correct\nthe CVE-2014-3513 and CVE-2014-3567 issues. For the update to take effect,\nall services linked to the OpenSSL library (such as httpd and other\nSSL-enabled services) must be restarted or the system rebooted. \n\n4. Solution:\n\nBefore applying this update, make sure all previously released errata\nrelevant to your system have been applied. \n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/articles/11258\n\n5. Package List:\n\nRed Hat Storage Server 2.1:\n\nSource:\nopenssl-1.0.1e-30.el6_6.2.src.rpm\n\nx86_64:\nopenssl-1.0.1e-30.el6_6.2.x86_64.rpm\nopenssl-debuginfo-1.0.1e-30.el6_6.2.x86_64.rpm\nopenssl-devel-1.0.1e-30.el6_6.2.x86_64.rpm\nopenssl-perl-1.0.1e-30.el6_6.2.x86_64.rpm\nopenssl-static-1.0.1e-30.el6_6.2.x86_64.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. References:\n\nhttps://access.redhat.com/security/cve/CVE-2014-3513\nhttps://access.redhat.com/security/cve/CVE-2014-3567\nhttps://access.redhat.com/security/updates/classification/#important\nhttps://access.redhat.com/articles/1232123\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2014 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niD8DBQFUR/NUXlSAg2UNWIIRAlZHAJwPwsoiJDn5RhI6U8eFkIzxyQopkQCePynp\nRpfQCptdJIpd6WXO7pw1vVo=\n=T20t\n-----END PGP SIGNATURE-----\n\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2014-3513"
},
{
"db": "BID",
"id": "70585"
},
{
"db": "VULMON",
"id": "CVE-2014-3513"
},
{
"db": "PACKETSTORM",
"id": "169664"
},
{
"db": "PACKETSTORM",
"id": "131306"
},
{
"db": "PACKETSTORM",
"id": "128704"
},
{
"db": "PACKETSTORM",
"id": "129932"
},
{
"db": "PACKETSTORM",
"id": "132085"
},
{
"db": "PACKETSTORM",
"id": "137292"
},
{
"db": "PACKETSTORM",
"id": "132081"
},
{
"db": "PACKETSTORM",
"id": "128793"
}
],
"trust": 1.98
},
"external_ids": {
"_id": null,
"data": [
{
"db": "NVD",
"id": "CVE-2014-3513",
"trust": 2.2
},
{
"db": "SECUNIA",
"id": "61439",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "61058",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "61207",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "61837",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "62070",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "61298",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "61990",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "61073",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "59627",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "61959",
"trust": 1.1
},
{
"db": "SECTRACK",
"id": "1031052",
"trust": 1.1
},
{
"db": "BID",
"id": "70584",
"trust": 1.1
},
{
"db": "MCAFEE",
"id": "SB10091",
"trust": 1.1
},
{
"db": "BID",
"id": "70585",
"trust": 0.3
},
{
"db": "VULMON",
"id": "CVE-2014-3513",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "169664",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "131306",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "128704",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "129932",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "132085",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "137292",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "132081",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "128793",
"trust": 0.1
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2014-3513"
},
{
"db": "BID",
"id": "70585"
},
{
"db": "PACKETSTORM",
"id": "169664"
},
{
"db": "PACKETSTORM",
"id": "131306"
},
{
"db": "PACKETSTORM",
"id": "128704"
},
{
"db": "PACKETSTORM",
"id": "129932"
},
{
"db": "PACKETSTORM",
"id": "132085"
},
{
"db": "PACKETSTORM",
"id": "137292"
},
{
"db": "PACKETSTORM",
"id": "132081"
},
{
"db": "PACKETSTORM",
"id": "128793"
},
{
"db": "NVD",
"id": "CVE-2014-3513"
}
]
},
"id": "VAR-201410-0371",
"iot": {
"_id": null,
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.395238084
},
"last_update_date": "2026-04-10T22:25:18.596000Z",
"patch": {
"_id": null,
"data": [
{
"title": "The Register",
"trust": 0.2,
"url": "https://www.theregister.co.uk/2014/10/15/openssl_ddos_vulns/"
},
{
"title": "Ubuntu Security Notice: openssl vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-2385-1"
},
{
"title": "Red Hat: CVE-2014-3513",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database\u0026qid=CVE-2014-3513"
},
{
"title": "Debian Security Advisories: DSA-3053-1 openssl -- security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=89bdef3607a7448566a930eca0e94cb3"
},
{
"title": "Amazon Linux AMI: ALAS-2014-427",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami\u0026qid=ALAS-2014-427"
},
{
"title": "Symantec Security Advisories: SA87 : OpenSSL Security Advisory 15-Oct-2014",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=symantec_security_advisories\u0026qid=374cff59719675d8235f907c21b99bfc"
},
{
"title": "Tenable Security Advisories: [R7] OpenSSL \u002720141015\u0027 Advisory Affects Tenable Products",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=tenable_security_advisories\u0026qid=TNS-2014-11"
},
{
"title": "IBM: IBM Security Bulletin: Fabric OS firmware for Brocade 8Gb SAN Switch Module for BladeCenter is affected by vulnerabilities in OpenSSL and OpenSSH",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog\u0026qid=b7f5b1e7edcafce07f28205855d4db49"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2014-3513"
}
]
},
"problemtype_data": {
"_id": null,
"data": [
{
"problemtype": "CWE-20",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2014-3513"
}
]
},
"references": {
"_id": null,
"data": [
{
"trust": 1.6,
"url": "https://www.openssl.org/news/secadv_20141015.txt"
},
{
"trust": 1.4,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686997"
},
{
"trust": 1.2,
"url": "http://rhn.redhat.com/errata/rhsa-2014-1692.html"
},
{
"trust": 1.1,
"url": "http://rhn.redhat.com/errata/rhsa-2014-1652.html"
},
{
"trust": 1.1,
"url": "http://www.debian.org/security/2014/dsa-3053"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00008.html"
},
{
"trust": 1.1,
"url": "http://www.ubuntu.com/usn/usn-2385-1"
},
{
"trust": 1.1,
"url": "http://advisories.mageia.org/mgasa-2014-0416.html"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/59627"
},
{
"trust": 1.1,
"url": "http://aix.software.ibm.com/aix/efixes/security/openssl_advisory11.asc"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/61298"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/61959"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/61439"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-11/msg00001.html"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/61073"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/bid/70584"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/62070"
},
{
"trust": 1.1,
"url": "https://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_openssl6"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1031052"
},
{
"trust": 1.1,
"url": "https://support.f5.com/kb/en-us/solutions/public/15000/700/sol15722.html"
},
{
"trust": 1.1,
"url": "ftp://ftp.netbsd.org/pub/netbsd/security/advisories/netbsd-sa2014-015.txt.asc"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/61207"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/61058"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/61990"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/61837"
},
{
"trust": 1.1,
"url": "http://security.gentoo.org/glsa/glsa-201412-39.xml"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=142495837901899\u0026w=2"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=142624590206005\u0026w=2"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2"
},
{
"trust": 1.1,
"url": "http://www.mandriva.com/security/advisories?name=mdvsa-2015:062"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=142791032306609\u0026w=2"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=142834685803386\u0026w=2"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=142804214608580\u0026w=2"
},
{
"trust": 1.1,
"url": "http://lists.apple.com/archives/security-announce/2015/sep/msg00002.html"
},
{
"trust": 1.1,
"url": "https://support.apple.com/ht205217"
},
{
"trust": 1.1,
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c05150888"
},
{
"trust": 1.1,
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c05158380"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=143290583027876\u0026w=2"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=143290437727362\u0026w=2"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=143290522027658\u0026w=2"
},
{
"trust": 1.1,
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=sb10091"
},
{
"trust": 1.1,
"url": "https://git.openssl.org/gitweb/?p=openssl.git%3ba=commit%3bh=2b0532f3984324ebe1236a63d15893792384328d"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-3567"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-3513"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-3568"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-3566"
},
{
"trust": 0.4,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/"
},
{
"trust": 0.4,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/secbullarchive/"
},
{
"trust": 0.4,
"url": "http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins"
},
{
"trust": 0.3,
"url": "http://www.openssl.org"
},
{
"trust": 0.3,
"url": "https://www-304.ibm.com/support/docview.wss?uid=swg21691210"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/hpsc/doc/public/display?docid=emr_na-c04574073"
},
{
"trust": 0.3,
"url": "http://seclists.org/bugtraq/2015/feb/151"
},
{
"trust": 0.3,
"url": "http://support.citrix.com/article/ctx216642"
},
{
"trust": 0.3,
"url": "https://www.freebsd.org/security/advisories/freebsd-sa-14:23.openssl.asc"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04492722"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/hpsc/doc/public/display?docid=emr_na-c04616259"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/hpsc/doc/public/display?docid=emr_na-c04624296"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c05150888"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c05158380"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04533567 "
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/hpsc/doc/public/display?docid=emr_na-c04533567 "
},
{
"trust": 0.3,
"url": "https://www-304.ibm.com/support/docview.wss?uid=swg21686792"
},
{
"trust": 0.3,
"url": "https://support.asperasoft.com/entries/103000206-security-advisory-cve-2014-3513-cve-2014-3566-poodle-cve-2014-3567-cve-2014-3568"
},
{
"trust": 0.3,
"url": "https://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5097074"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21884030"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21959134"
},
{
"trust": 0.3,
"url": "https://www-304.ibm.com/support/docview.wss?uid=swg21691005"
},
{
"trust": 0.3,
"url": "https://www-304.ibm.com/support/docview.wss?uid=swg21688284"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21697995"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21697165"
},
{
"trust": 0.3,
"url": "https://www-304.ibm.com/support/docview.wss?uid=swg21689482"
},
{
"trust": 0.3,
"url": "https://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5097375"
},
{
"trust": 0.3,
"url": "https://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5098265"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3t1021548"
},
{
"trust": 0.3,
"url": "https://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5097587"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21701452"
},
{
"trust": 0.3,
"url": "https://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5098105"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21693662"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21689347"
},
{
"trust": 0.3,
"url": "https://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5097867"
},
{
"trust": 0.3,
"url": "https://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5098586"
},
{
"trust": 0.3,
"url": "https://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5097807"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21689743"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=nas8n1020593"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21689332"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21691140"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21688762"
},
{
"trust": 0.3,
"url": "http://seclists.org/fulldisclosure/2015/jan/108"
},
{
"trust": 0.3,
"url": "https://downloads.avaya.com/css/p8/documents/101009000"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21699200"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21700489"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21687863"
},
{
"trust": 0.3,
"url": "www-01.ibm.com/support/docview.wss?uid=ssg1s1005003"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-3508"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-3509"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-3511"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2014-3513"
},
{
"trust": 0.2,
"url": "https://h20392.www2.hp.com/portal/swdepot/displayproductinfo.do?productnumber"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-5139"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/20.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://usn.ubuntu.com/2385-1/"
},
{
"trust": 0.1,
"url": "https://www.openssl.org/~bodo/ssl-poodle.pdf"
},
{
"trust": 0.1,
"url": "https://tools.ietf.org/html/draft-ietf-tls-downgrade-scsv-00"
},
{
"trust": 0.1,
"url": "https://www.openssl.org/about/secpolicy.html"
},
{
"trust": 0.1,
"url": "http://www.hp.com/go/oa"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-3513"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-3567"
},
{
"trust": 0.1,
"url": "http://slackware.com"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-3568"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-3566"
},
{
"trust": 0.1,
"url": "http://osuosl.org)"
},
{
"trust": 0.1,
"url": "http://slackware.com/gpg-key"
},
{
"trust": 0.1,
"url": "http://www.software.hp.com"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-7186"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-7169"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-6271"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-6277"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-7187"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-6278"
},
{
"trust": 0.1,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay/?docid=emr_"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-7995"
},
{
"trust": 0.1,
"url": "http://www.hpe.com/support/security_bulletin_archive"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-6750"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-1790"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-8035"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0705"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-1788"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-1792"
},
{
"trust": 0.1,
"url": "http://www.hpe.com/support/subscriber_choice"
},
{
"trust": 0.1,
"url": "http://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c05131085"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-3195"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0799"
},
{
"trust": 0.1,
"url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_n"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-3237"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-1789"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-1791"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-2015"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0728"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-7501"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-2017"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-7547"
},
{
"trust": 0.1,
"url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay/?docid=emr_"
},
{
"trust": 0.1,
"url": "http://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c05111017"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-4969"
},
{
"trust": 0.1,
"url": "http://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c05131044"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-6565"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-0205"
},
{
"trust": 0.1,
"url": "http://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c05130958"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-3194"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-3569"
},
{
"trust": 0.1,
"url": "http://www.hpe.com/info/insightcontrol"
},
{
"trust": 0.1,
"url": "http://h18013.www1.hp.com/products/servers/management/hpsim/download.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.1,
"url": "https://bugzilla.redhat.com/):"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/team/key/"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/articles/11258"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2014-3567"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/team/contact/"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/articles/1232123"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2014-3513"
},
{
"db": "BID",
"id": "70585"
},
{
"db": "PACKETSTORM",
"id": "169664"
},
{
"db": "PACKETSTORM",
"id": "131306"
},
{
"db": "PACKETSTORM",
"id": "128704"
},
{
"db": "PACKETSTORM",
"id": "129932"
},
{
"db": "PACKETSTORM",
"id": "132085"
},
{
"db": "PACKETSTORM",
"id": "137292"
},
{
"db": "PACKETSTORM",
"id": "132081"
},
{
"db": "PACKETSTORM",
"id": "128793"
},
{
"db": "NVD",
"id": "CVE-2014-3513"
}
]
},
"sources": {
"_id": null,
"data": [
{
"db": "VULMON",
"id": "CVE-2014-3513",
"ident": null
},
{
"db": "BID",
"id": "70585",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "169664",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "131306",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "128704",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "129932",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "132085",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "137292",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "132081",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "128793",
"ident": null
},
{
"db": "NVD",
"id": "CVE-2014-3513",
"ident": null
}
]
},
"sources_release_date": {
"_id": null,
"data": [
{
"date": "2014-10-19T00:00:00",
"db": "VULMON",
"id": "CVE-2014-3513",
"ident": null
},
{
"date": "2014-10-15T00:00:00",
"db": "BID",
"id": "70585",
"ident": null
},
{
"date": "2014-10-15T12:12:12",
"db": "PACKETSTORM",
"id": "169664",
"ident": null
},
{
"date": "2015-04-06T19:11:05",
"db": "PACKETSTORM",
"id": "131306",
"ident": null
},
{
"date": "2014-10-17T00:03:05",
"db": "PACKETSTORM",
"id": "128704",
"ident": null
},
{
"date": "2015-01-14T03:51:42",
"db": "PACKETSTORM",
"id": "129932",
"ident": null
},
{
"date": "2015-05-29T23:37:43",
"db": "PACKETSTORM",
"id": "132085",
"ident": null
},
{
"date": "2016-06-02T19:12:12",
"db": "PACKETSTORM",
"id": "137292",
"ident": null
},
{
"date": "2015-05-29T23:37:11",
"db": "PACKETSTORM",
"id": "132081",
"ident": null
},
{
"date": "2014-10-22T18:52:41",
"db": "PACKETSTORM",
"id": "128793",
"ident": null
},
{
"date": "2014-10-19T01:55:13.887000",
"db": "NVD",
"id": "CVE-2014-3513",
"ident": null
}
]
},
"sources_update_date": {
"_id": null,
"data": [
{
"date": "2023-11-07T00:00:00",
"db": "VULMON",
"id": "CVE-2014-3513",
"ident": null
},
{
"date": "2016-09-09T15:00:00",
"db": "BID",
"id": "70585",
"ident": null
},
{
"date": "2025-04-12T10:46:40.837000",
"db": "NVD",
"id": "CVE-2014-3513",
"ident": null
}
]
},
"threat_type": {
"_id": null,
"data": "network",
"sources": [
{
"db": "BID",
"id": "70585"
}
],
"trust": 0.3
},
"title": {
"_id": null,
"data": "OpenSSL \u0027no-ssl3\u0027 Build Option Security Bypass Vulnerability",
"sources": [
{
"db": "BID",
"id": "70585"
}
],
"trust": 0.3
},
"type": {
"_id": null,
"data": "Design Error",
"sources": [
{
"db": "BID",
"id": "70585"
}
],
"trust": 0.3
}
}
VAR-201408-0090
Vulnerability from variot - Updated: 2026-04-10 22:25The OBJ_obj2txt function in crypto/objects/obj_dat.c in OpenSSL 0.9.8 before 0.9.8zb, 1.0.0 before 1.0.0n, and 1.0.1 before 1.0.1i, when pretty printing is used, does not ensure the presence of '\0' characters, which allows context-dependent attackers to obtain sensitive information from process stack memory by reading output from X509_name_oneline, X509_name_print_ex, and unspecified other functions. OpenSSL is prone to an information disclosure vulnerability. An attacker can exploit this issue to gain access to sensitive information that may aid in further attacks. The following versions are vulnerable: OpenSSL 0.9.8 versions prior to 0.9.8zb. OpenSSL 1.0.0 versions prior to 1.0.0n. OpenSSL 1.0.1 versions prior to 1.0.1i. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emr_na-c04424322
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c04424322 Version: 1
HPSBGN03099 rev.1 - HP IceWall SSO Dfw, SSO Agent and MCRP running OpenSSL, Remote Disclosure of Information
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2014-09-01 Last Updated: 2014-09-01
Potential Security Impact: Remote disclosure of information
Source: Hewlett-Packard Company, HP Software Security Response Team
VULNERABILITY SUMMARY A potential security vulnerability has been identified with HP IceWall SSO Dfw, SSO Agent and MCRP running OpenSSL.
HP IceWall SSO Agent Option v8.0, v8.0 2007 Update Release 2, and v10.0 HP IceWall MCRP v2.1, v3.0 HP IceWall SSO Dfw v8.0, v8.0 R1, v8.0 R2, v8.0 R3, and v10.0
BACKGROUND
CVSS 2.0 Base Metrics
Reference Base Vector Base Score CVE-2014-3508 (AV:N/AC:M/Au:N/C:P/I:N/A:N) 4.3 =========================================================== Information on CVSS is documented in HP Customer Notice: HPSN-2008-002
RESOLUTION
HP recommends the following software update options to resolve this vulnerability for HP IceWall SSO Dfw, SSO Agent and MCRP. HP IceWall SSO Agent and MCRP
- OpenSSL patches are available for RHEL:
https://access.redhat.com/security/cve/CVE-2014-3508
- OpenSSL patches are available for HP-UX.
Please refer to HP Security Bulletin HPSBUX03095: https://h20564.www2.h
p.com/portal/site/hpsc/public/kb/docDisplay/?docId=emr_na-c04404655
-
HP IceWall SSO Dfw
Updated OpenSSL is available for the HP IceWall SSO Dfw Bundle: http://www.hp.com/jp/icewall/_patchaccess
HP recommends the following mitigation information to protect against potential risk for the following HP IceWall products.
HP IceWall SSO Dfw and MCRP
If possible, do not use SHOST setting which allows IceWall SSO Dfw or
MCRP to use SSL/TLS for back-end web server connection.
HP IceWall SSO Dfw
If possible, do not use SHOST and set CC_DECODE_FLG to 0 which will
disable certificate decode by HP IceWall SSO Dfw .
Note: The HP IceWall product is only available in Japan.
HISTORY Version:1 (rev.1) - 2 September 2014 Initial release
Third Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy.
Support: For issues about implementing the recommendations of this Security Bulletin, contact normal HP Services support channel. For other issues about the content of this Security Bulletin, send e-mail to security-alert@hp.com.
Report: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com
Subscribe: To initiate a subscription to receive future HP Security Bulletin alerts via Email: http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins
Security Bulletin Archive: A list of recently released Security Bulletins is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/secBullArchive/
Software Product Category: The Software Product Category is represented in the title by the two characters following HPSB.
3C = 3COM 3P = 3rd Party Software GN = HP General Software HF = HP Hardware and Firmware MP = MPE/iX MU = Multi-Platform Software NS = NonStop Servers OV = OpenVMS PI = Printing and Imaging PV = ProCurve ST = Storage Software TU = Tru64 UNIX UX = HP-UX
Copyright 2014 Hewlett-Packard Development Company, L.P. Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. ============================================================================ Ubuntu Security Notice USN-2308-1 August 07, 2014
openssl vulnerabilities
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 14.04 LTS
- Ubuntu 12.04 LTS
- Ubuntu 10.04 LTS
Summary:
Several security issues were fixed in OpenSSL. This issue only affected Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. This issue only affected Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. This issue only affected Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. This issue only affected Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. This issue only affected Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. (CVE-2014-5139)
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 14.04 LTS: libssl1.0.0 1.0.1f-1ubuntu2.5
Ubuntu 12.04 LTS: libssl1.0.0 1.0.1-4ubuntu5.17
Ubuntu 10.04 LTS: libssl0.9.8 0.9.8k-7ubuntu8.20
After a standard system update you need to reboot your computer to make all the necessary changes. These vulnerabilities could be exploited remotely to create a Denial of Service (DoS), allow unauthorized access. The updates are available from https://h20392.www2.hp.com/portal/swdepot/displayP roductInfo.do?productNumber=OPENSSL11I
HP-UX Release HP-UX OpenSSL version
B.11.11 (11i v1) OpenSSL_A.00.09.08zb.001_HP-UX_B.11.11_32_64.depot
B.11.23 (11i v2) OpenSSL_A.00.09.08zb.002_HP-UX_B.11.23_IA-PA.depot
B.11.31 (11i v3) OpenSSL_A.00.09.08zb.003_HP-UX_B.11.31_IA-PA.depot
MANUAL ACTIONS: Yes - Update
Install OpenSSL A.00.09.08zb or subsequent
PRODUCT SPECIFIC INFORMATION
HP-UX Software Assistant: HP-UX Software Assistant is an enhanced application that replaces HP-UX Security Patch Check. It analyzes all Security Bulletins issued by HP and lists recommended actions that may apply to a specific HP-UX system. It can also download patches and create a depot automatically. For more information see: https://www.hp.com/go/swa
The following text is for use by the HP-UX Software Assistant. The HP Matrix Operating Environment v7.2.3 Update kit applicable to HP Matrix Operating Environment 7.2.x installations is available at the following location:
https://h20392.www2.hp.com/portal/swdepot/displayProductInfo.do?productNumber =HPID
NOTE: Please read the readme.txt file before proceeding with the installation. OpenSSL Security Advisory [6 Aug 2014] ========================================
Information leak in pretty printing functions (CVE-2014-3508)
A flaw in OBJ_obj2txt may cause pretty printing functions such as X509_name_oneline, X509_name_print_ex et al. to leak some information from the stack. Applications may be affected if they echo pretty printing output to the attacker. OpenSSL SSL/TLS clients and servers themselves are not affected.
Thanks to Ivan Fratric (Google) for discovering this issue. This issue was reported to OpenSSL on 19th June 2014.
The fix was developed by Emilia Käsper and Stephen Henson of the OpenSSL development team. This can be exploited through a Denial of Service attack.
OpenSSL 1.0.1 SSL/TLS client users should upgrade to 1.0.1i.
Thanks to Joonas Kuorilehto and Riku Hietamäki (Codenomicon) for discovering and researching this issue. This issue was reported to OpenSSL on 2nd July 2014.
The fix was developed by Stephen Henson of the OpenSSL core team.
OpenSSL 1.0.0 SSL/TLS client users should upgrade to 1.0.0n. OpenSSL 1.0.1 SSL/TLS client users should upgrade to 1.0.1i.
Thanks to Gabor Tyukasz (LogMeIn Inc) for discovering and researching this issue. This issue was reported to OpenSSL on 8th July 2014.
The fix was developed by Gabor Tyukasz.
Double Free when processing DTLS packets (CVE-2014-3505)
An attacker can force an error condition which causes openssl to crash whilst processing DTLS packets due to memory being freed twice. This can be exploited through a Denial of Service attack.
Thanks to Adam Langley and Wan-Teh Chang (Google) for discovering and researching this issue. This issue was reported to OpenSSL on 6th June 2014.
The fix was developed by Adam Langley. This can be exploited through a Denial of Service attack.
Thanks to Adam Langley (Google) for discovering and researching this issue. This issue was reported to OpenSSL on 6th June 2014.
The fix was developed by Adam Langley. This can be exploited through a Denial of Service attack.
Thanks to Adam Langley (Google) for discovering and researching this issue. This issue was reported to OpenSSL on 6th June 2014.
The fix was developed by Adam Langley.
OpenSSL DTLS anonymous EC(DH) denial of service (CVE-2014-3510)
OpenSSL DTLS clients enabling anonymous (EC)DH ciphersuites are subject to a denial of service attack. A malicious server can crash the client with a null pointer dereference (read) by specifying an anonymous (EC)DH ciphersuite and sending carefully crafted handshake messages.
OpenSSL 0.9.8 DTLS client users should upgrade to 0.9.8zb OpenSSL 1.0.0 DTLS client users should upgrade to 1.0.0n. OpenSSL 1.0.1 DTLS client users should upgrade to 1.0.1i.
Thanks to Felix Gröbert (Google) for discovering and researching this issue. This issue was reported to OpenSSL on 18th July 2014.
The fix was developed by Emilia Käsper of the OpenSSL development team.
OpenSSL 1.0.1 SSL/TLS server users should upgrade to 1.0.1i.
Thanks to David Benjamin and Adam Langley (Google) for discovering and researching this issue. This issue was reported to OpenSSL on 21st July 2014.
The fix was developed by David Benjamin.
SRP buffer overrun (CVE-2014-3512)
A malicious client or server can send invalid SRP parameters and overrun an internal buffer. Only applications which are explicitly set up for SRP use are affected.
Thanks to Sean Devlin and Watson Ladd (Cryptography Services, NCC Group) for discovering this issue. This issue was reported to OpenSSL on 31st July 2014.
The fix was developed by Stephen Henson of the OpenSSL core team.
References
URL for this Security Advisory: https://www.openssl.org/news/secadv_20140806.txt
Note: the online version of the advisory may be updated with additional details over time. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
===================================================================== Red Hat Security Advisory
Synopsis: Moderate: openssl security update Advisory ID: RHSA-2014:1052-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2014-1052.html Issue date: 2014-08-13 CVE Names: CVE-2014-3505 CVE-2014-3506 CVE-2014-3507 CVE-2014-3508 CVE-2014-3509 CVE-2014-3510 CVE-2014-3511 =====================================================================
- Summary:
Updated openssl packages that fix multiple security issues are now available for Red Hat Enterprise Linux 6 and 7.
Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.
- Relevant releases/architectures:
Red Hat Enterprise Linux Client (v. 7) - x86_64 Red Hat Enterprise Linux Client Optional (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64 Red Hat Enterprise Linux Desktop (v. 6) - i386, x86_64 Red Hat Enterprise Linux Desktop Optional (v. 6) - i386, x86_64 Red Hat Enterprise Linux HPC Node (v. 6) - x86_64 Red Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64 Red Hat Enterprise Linux Server (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server (v. 7) - ppc64, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 7) - ppc64, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation (v. 7) - x86_64 Red Hat Enterprise Linux Workstation Optional (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Optional (v. 7) - x86_64
- Description:
OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL), Transport Layer Security (TLS), and Datagram Transport Layer Security (DTLS) protocols, as well as a full-strength, general purpose cryptography library.
A race condition was found in the way OpenSSL handled ServerHello messages with an included Supported EC Point Format extension. A malicious server could possibly use this flaw to cause a multi-threaded TLS/SSL client using OpenSSL to write into freed memory, causing the client to crash or execute arbitrary code. (CVE-2014-3509)
It was discovered that the OBJ_obj2txt() function could fail to properly NUL-terminate its output. This could possibly cause an application using OpenSSL functions to format fields of X.509 certificates to disclose portions of its memory. (CVE-2014-3508)
A flaw was found in the way OpenSSL handled fragmented handshake packets. A man-in-the-middle attacker could use this flaw to force a TLS/SSL server using OpenSSL to use TLS 1.0, even if both the client and the server supported newer protocol versions. (CVE-2014-3511)
Multiple flaws were discovered in the way OpenSSL handled DTLS packets. A remote attacker could use these flaws to cause a DTLS server or client using OpenSSL to crash or use excessive amounts of memory. (CVE-2014-3505, CVE-2014-3506, CVE-2014-3507)
A NULL pointer dereference flaw was found in the way OpenSSL performed a handshake when using the anonymous Diffie-Hellman (DH) key exchange. A malicious server could cause a DTLS client using OpenSSL to crash if that client had anonymous DH cipher suites enabled. (CVE-2014-3510)
All OpenSSL users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. For the update to take effect, all services linked to the OpenSSL library (such as httpd and other SSL-enabled services) must be restarted or the system rebooted.
- Solution:
Before applying this update, make sure all previously released errata relevant to your system have been applied.
This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/articles/11258
- Bugs fixed (https://bugzilla.redhat.com/):
1127490 - CVE-2014-3508 openssl: information leak in pretty printing functions 1127498 - CVE-2014-3509 openssl: race condition in ssl_parse_serverhello_tlsext 1127499 - CVE-2014-3505 openssl: DTLS packet processing double free 1127500 - CVE-2014-3506 openssl: DTLS memory exhaustion 1127502 - CVE-2014-3507 openssl: DTLS memory leak from zero-length fragments 1127503 - CVE-2014-3510 openssl: DTLS anonymous (EC)DH denial of service 1127504 - CVE-2014-3511 openssl: TLS protocol downgrade attack
- Package List:
Red Hat Enterprise Linux Desktop (v. 6):
Source: openssl-1.0.1e-16.el6_5.15.src.rpm
i386: openssl-1.0.1e-16.el6_5.15.i686.rpm openssl-debuginfo-1.0.1e-16.el6_5.15.i686.rpm
x86_64: openssl-1.0.1e-16.el6_5.15.i686.rpm openssl-1.0.1e-16.el6_5.15.x86_64.rpm openssl-debuginfo-1.0.1e-16.el6_5.15.i686.rpm openssl-debuginfo-1.0.1e-16.el6_5.15.x86_64.rpm
Red Hat Enterprise Linux Desktop Optional (v. 6):
Source: openssl-1.0.1e-16.el6_5.15.src.rpm
i386: openssl-debuginfo-1.0.1e-16.el6_5.15.i686.rpm openssl-devel-1.0.1e-16.el6_5.15.i686.rpm openssl-perl-1.0.1e-16.el6_5.15.i686.rpm openssl-static-1.0.1e-16.el6_5.15.i686.rpm
x86_64: openssl-debuginfo-1.0.1e-16.el6_5.15.i686.rpm openssl-debuginfo-1.0.1e-16.el6_5.15.x86_64.rpm openssl-devel-1.0.1e-16.el6_5.15.i686.rpm openssl-devel-1.0.1e-16.el6_5.15.x86_64.rpm openssl-perl-1.0.1e-16.el6_5.15.x86_64.rpm openssl-static-1.0.1e-16.el6_5.15.x86_64.rpm
Red Hat Enterprise Linux HPC Node (v. 6):
Source: openssl-1.0.1e-16.el6_5.15.src.rpm
x86_64: openssl-1.0.1e-16.el6_5.15.i686.rpm openssl-1.0.1e-16.el6_5.15.x86_64.rpm openssl-debuginfo-1.0.1e-16.el6_5.15.i686.rpm openssl-debuginfo-1.0.1e-16.el6_5.15.x86_64.rpm
Red Hat Enterprise Linux HPC Node Optional (v. 6):
Source: openssl-1.0.1e-16.el6_5.15.src.rpm
x86_64: openssl-debuginfo-1.0.1e-16.el6_5.15.i686.rpm openssl-debuginfo-1.0.1e-16.el6_5.15.x86_64.rpm openssl-devel-1.0.1e-16.el6_5.15.i686.rpm openssl-devel-1.0.1e-16.el6_5.15.x86_64.rpm openssl-perl-1.0.1e-16.el6_5.15.x86_64.rpm openssl-static-1.0.1e-16.el6_5.15.x86_64.rpm
Red Hat Enterprise Linux Server (v. 6):
Source: openssl-1.0.1e-16.el6_5.15.src.rpm
i386: openssl-1.0.1e-16.el6_5.15.i686.rpm openssl-debuginfo-1.0.1e-16.el6_5.15.i686.rpm openssl-devel-1.0.1e-16.el6_5.15.i686.rpm
ppc64: openssl-1.0.1e-16.el6_5.15.ppc.rpm openssl-1.0.1e-16.el6_5.15.ppc64.rpm openssl-debuginfo-1.0.1e-16.el6_5.15.ppc.rpm openssl-debuginfo-1.0.1e-16.el6_5.15.ppc64.rpm openssl-devel-1.0.1e-16.el6_5.15.ppc.rpm openssl-devel-1.0.1e-16.el6_5.15.ppc64.rpm
s390x: openssl-1.0.1e-16.el6_5.15.s390.rpm openssl-1.0.1e-16.el6_5.15.s390x.rpm openssl-debuginfo-1.0.1e-16.el6_5.15.s390.rpm openssl-debuginfo-1.0.1e-16.el6_5.15.s390x.rpm openssl-devel-1.0.1e-16.el6_5.15.s390.rpm openssl-devel-1.0.1e-16.el6_5.15.s390x.rpm
x86_64: openssl-1.0.1e-16.el6_5.15.i686.rpm openssl-1.0.1e-16.el6_5.15.x86_64.rpm openssl-debuginfo-1.0.1e-16.el6_5.15.i686.rpm openssl-debuginfo-1.0.1e-16.el6_5.15.x86_64.rpm openssl-devel-1.0.1e-16.el6_5.15.i686.rpm openssl-devel-1.0.1e-16.el6_5.15.x86_64.rpm
Red Hat Enterprise Linux Server Optional (v. 6):
Source: openssl-1.0.1e-16.el6_5.15.src.rpm
i386: openssl-debuginfo-1.0.1e-16.el6_5.15.i686.rpm openssl-perl-1.0.1e-16.el6_5.15.i686.rpm openssl-static-1.0.1e-16.el6_5.15.i686.rpm
ppc64: openssl-debuginfo-1.0.1e-16.el6_5.15.ppc64.rpm openssl-perl-1.0.1e-16.el6_5.15.ppc64.rpm openssl-static-1.0.1e-16.el6_5.15.ppc64.rpm
s390x: openssl-debuginfo-1.0.1e-16.el6_5.15.s390x.rpm openssl-perl-1.0.1e-16.el6_5.15.s390x.rpm openssl-static-1.0.1e-16.el6_5.15.s390x.rpm
x86_64: openssl-debuginfo-1.0.1e-16.el6_5.15.x86_64.rpm openssl-perl-1.0.1e-16.el6_5.15.x86_64.rpm openssl-static-1.0.1e-16.el6_5.15.x86_64.rpm
Red Hat Enterprise Linux Workstation (v. 6):
Source: openssl-1.0.1e-16.el6_5.15.src.rpm
i386: openssl-1.0.1e-16.el6_5.15.i686.rpm openssl-debuginfo-1.0.1e-16.el6_5.15.i686.rpm openssl-devel-1.0.1e-16.el6_5.15.i686.rpm
x86_64: openssl-1.0.1e-16.el6_5.15.i686.rpm openssl-1.0.1e-16.el6_5.15.x86_64.rpm openssl-debuginfo-1.0.1e-16.el6_5.15.i686.rpm openssl-debuginfo-1.0.1e-16.el6_5.15.x86_64.rpm openssl-devel-1.0.1e-16.el6_5.15.i686.rpm openssl-devel-1.0.1e-16.el6_5.15.x86_64.rpm
Red Hat Enterprise Linux Workstation Optional (v. 6):
Source: openssl-1.0.1e-16.el6_5.15.src.rpm
i386: openssl-debuginfo-1.0.1e-16.el6_5.15.i686.rpm openssl-perl-1.0.1e-16.el6_5.15.i686.rpm openssl-static-1.0.1e-16.el6_5.15.i686.rpm
x86_64: openssl-debuginfo-1.0.1e-16.el6_5.15.x86_64.rpm openssl-perl-1.0.1e-16.el6_5.15.x86_64.rpm openssl-static-1.0.1e-16.el6_5.15.x86_64.rpm
Red Hat Enterprise Linux Client (v. 7):
Source: openssl-1.0.1e-34.el7_0.4.src.rpm
x86_64: openssl-1.0.1e-34.el7_0.4.x86_64.rpm openssl-debuginfo-1.0.1e-34.el7_0.4.i686.rpm openssl-debuginfo-1.0.1e-34.el7_0.4.x86_64.rpm openssl-libs-1.0.1e-34.el7_0.4.i686.rpm openssl-libs-1.0.1e-34.el7_0.4.x86_64.rpm
Red Hat Enterprise Linux Client Optional (v. 7):
x86_64: openssl-debuginfo-1.0.1e-34.el7_0.4.i686.rpm openssl-debuginfo-1.0.1e-34.el7_0.4.x86_64.rpm openssl-devel-1.0.1e-34.el7_0.4.i686.rpm openssl-devel-1.0.1e-34.el7_0.4.x86_64.rpm openssl-perl-1.0.1e-34.el7_0.4.x86_64.rpm openssl-static-1.0.1e-34.el7_0.4.i686.rpm openssl-static-1.0.1e-34.el7_0.4.x86_64.rpm
Red Hat Enterprise Linux ComputeNode (v. 7):
Source: openssl-1.0.1e-34.el7_0.4.src.rpm
x86_64: openssl-1.0.1e-34.el7_0.4.x86_64.rpm openssl-debuginfo-1.0.1e-34.el7_0.4.i686.rpm openssl-debuginfo-1.0.1e-34.el7_0.4.x86_64.rpm openssl-libs-1.0.1e-34.el7_0.4.i686.rpm openssl-libs-1.0.1e-34.el7_0.4.x86_64.rpm
Red Hat Enterprise Linux ComputeNode Optional (v. 7):
x86_64: openssl-debuginfo-1.0.1e-34.el7_0.4.i686.rpm openssl-debuginfo-1.0.1e-34.el7_0.4.x86_64.rpm openssl-devel-1.0.1e-34.el7_0.4.i686.rpm openssl-devel-1.0.1e-34.el7_0.4.x86_64.rpm openssl-perl-1.0.1e-34.el7_0.4.x86_64.rpm openssl-static-1.0.1e-34.el7_0.4.i686.rpm openssl-static-1.0.1e-34.el7_0.4.x86_64.rpm
Red Hat Enterprise Linux Server (v. 7):
Source: openssl-1.0.1e-34.el7_0.4.src.rpm
ppc64: openssl-1.0.1e-34.el7_0.4.ppc64.rpm openssl-debuginfo-1.0.1e-34.el7_0.4.ppc.rpm openssl-debuginfo-1.0.1e-34.el7_0.4.ppc64.rpm openssl-devel-1.0.1e-34.el7_0.4.ppc.rpm openssl-devel-1.0.1e-34.el7_0.4.ppc64.rpm openssl-libs-1.0.1e-34.el7_0.4.ppc.rpm openssl-libs-1.0.1e-34.el7_0.4.ppc64.rpm
s390x: openssl-1.0.1e-34.el7_0.4.s390x.rpm openssl-debuginfo-1.0.1e-34.el7_0.4.s390.rpm openssl-debuginfo-1.0.1e-34.el7_0.4.s390x.rpm openssl-devel-1.0.1e-34.el7_0.4.s390.rpm openssl-devel-1.0.1e-34.el7_0.4.s390x.rpm openssl-libs-1.0.1e-34.el7_0.4.s390.rpm openssl-libs-1.0.1e-34.el7_0.4.s390x.rpm
x86_64: openssl-1.0.1e-34.el7_0.4.x86_64.rpm openssl-debuginfo-1.0.1e-34.el7_0.4.i686.rpm openssl-debuginfo-1.0.1e-34.el7_0.4.x86_64.rpm openssl-devel-1.0.1e-34.el7_0.4.i686.rpm openssl-devel-1.0.1e-34.el7_0.4.x86_64.rpm openssl-libs-1.0.1e-34.el7_0.4.i686.rpm openssl-libs-1.0.1e-34.el7_0.4.x86_64.rpm
Red Hat Enterprise Linux Server Optional (v. 7):
ppc64: openssl-debuginfo-1.0.1e-34.el7_0.4.ppc.rpm openssl-debuginfo-1.0.1e-34.el7_0.4.ppc64.rpm openssl-perl-1.0.1e-34.el7_0.4.ppc64.rpm openssl-static-1.0.1e-34.el7_0.4.ppc.rpm openssl-static-1.0.1e-34.el7_0.4.ppc64.rpm
s390x: openssl-debuginfo-1.0.1e-34.el7_0.4.s390.rpm openssl-debuginfo-1.0.1e-34.el7_0.4.s390x.rpm openssl-perl-1.0.1e-34.el7_0.4.s390x.rpm openssl-static-1.0.1e-34.el7_0.4.s390.rpm openssl-static-1.0.1e-34.el7_0.4.s390x.rpm
x86_64: openssl-debuginfo-1.0.1e-34.el7_0.4.i686.rpm openssl-debuginfo-1.0.1e-34.el7_0.4.x86_64.rpm openssl-perl-1.0.1e-34.el7_0.4.x86_64.rpm openssl-static-1.0.1e-34.el7_0.4.i686.rpm openssl-static-1.0.1e-34.el7_0.4.x86_64.rpm
Red Hat Enterprise Linux Workstation (v. 7):
Source: openssl-1.0.1e-34.el7_0.4.src.rpm
x86_64: openssl-1.0.1e-34.el7_0.4.x86_64.rpm openssl-debuginfo-1.0.1e-34.el7_0.4.i686.rpm openssl-debuginfo-1.0.1e-34.el7_0.4.x86_64.rpm openssl-devel-1.0.1e-34.el7_0.4.i686.rpm openssl-devel-1.0.1e-34.el7_0.4.x86_64.rpm openssl-libs-1.0.1e-34.el7_0.4.i686.rpm openssl-libs-1.0.1e-34.el7_0.4.x86_64.rpm
Red Hat Enterprise Linux Workstation Optional (v. 7):
x86_64: openssl-debuginfo-1.0.1e-34.el7_0.4.i686.rpm openssl-debuginfo-1.0.1e-34.el7_0.4.x86_64.rpm openssl-perl-1.0.1e-34.el7_0.4.x86_64.rpm openssl-static-1.0.1e-34.el7_0.4.i686.rpm openssl-static-1.0.1e-34.el7_0.4.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package
- References:
https://www.redhat.com/security/data/cve/CVE-2014-3505.html https://www.redhat.com/security/data/cve/CVE-2014-3506.html https://www.redhat.com/security/data/cve/CVE-2014-3507.html https://www.redhat.com/security/data/cve/CVE-2014-3508.html https://www.redhat.com/security/data/cve/CVE-2014-3509.html https://www.redhat.com/security/data/cve/CVE-2014-3510.html https://www.redhat.com/security/data/cve/CVE-2014-3511.html https://access.redhat.com/security/updates/classification/#moderate https://www.openssl.org/news/secadv_20140806.txt
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2014 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iD8DBQFT69raXlSAg2UNWIIRAiQAAKCbp6Iou4mHuootBfgs0jm7zP/wWACgt50C pHXxupQnHYYH+zJFOmk5u8o= =DwUW -----END PGP SIGNATURE-----
-- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce
Show details on source website{
"affected_products": {
"_id": null,
"data": [
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "1.0.1f"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "1.0.1"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "1.0.1a"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "1.0.1h"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "1.0.1d"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "1.0.1b"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "1.0.1g"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "1.0.1c"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "1.0.1e"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8u"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8g"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8l"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8o"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8w"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0e"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8k"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0d"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8i"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0k"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8a"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8r"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8t"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8x"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0m"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8m"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8za"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0g"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0b"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8n"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8p"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8j"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0h"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8d"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8c"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0a"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8v"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8b"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8s"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0j"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0l"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8h"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8y"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8e"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0c"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8q"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0f"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0i"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8f"
},
{
"_id": null,
"model": "security network intrusion prevention system gx7412-05",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.1"
},
{
"_id": null,
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.1.1"
},
{
"_id": null,
"model": "aura collaboration environment",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.0"
},
{
"_id": null,
"model": "security network intrusion prevention system gx5108-v2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.2"
},
{
"_id": null,
"model": "upward integration modules for vmware vsphere",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.5"
},
{
"_id": null,
"model": "8.4-release-p12",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "security network intrusion prevention system gx5208-v2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6"
},
{
"_id": null,
"model": "flex system fc3171 8gb san pass-thru",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.3"
},
{
"_id": null,
"model": "security network intrusion prevention system gx4004",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.4"
},
{
"_id": null,
"model": "10.0-beta",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "upward integration modules scvmm add-in",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.3"
},
{
"_id": null,
"model": "-release-p2",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "7.1"
},
{
"_id": null,
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.0"
},
{
"_id": null,
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2.1"
},
{
"_id": null,
"model": "virtual connect 8gb 24-port fc module",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "3.0"
},
{
"_id": null,
"model": "project openssl 0.9.8f",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "system management homepage",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "7.4.1"
},
{
"_id": null,
"model": "alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.0"
},
{
"_id": null,
"model": "tivoli netcool system service monitor fp1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.0"
},
{
"_id": null,
"model": "enterprise linux server",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"_id": null,
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"_id": null,
"model": "9.1-stable",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "project openssl 1.0.0d",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "cloudsystem matrix",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.4"
},
{
"_id": null,
"model": "8.4-release-p15",
"scope": "ne",
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "2.2.8"
},
{
"_id": null,
"model": "project openssl 1.0.1e",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "security network intrusion prevention system gx5008",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.5"
},
{
"_id": null,
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.2"
},
{
"_id": null,
"model": "sterling connect:direct for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1.0.4"
},
{
"_id": null,
"model": "i v5r4",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1"
},
{
"_id": null,
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.3"
},
{
"_id": null,
"model": "insight control",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3"
},
{
"_id": null,
"model": "project openssl 0.9.8u",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0"
},
{
"_id": null,
"model": "security network intrusion prevention system gx5108-v2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.1"
},
{
"_id": null,
"model": "project openssl 1.0.1a",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "7.1"
},
{
"_id": null,
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"_id": null,
"model": "websphere datapower soa appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.016"
},
{
"_id": null,
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"_id": null,
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2.1"
},
{
"_id": null,
"model": "one-x client enablement services sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"_id": null,
"model": "x-series xos",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "9.7"
},
{
"_id": null,
"model": "8.1-stable",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "oncommand unified manager core package",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1"
},
{
"_id": null,
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.5"
},
{
"_id": null,
"model": "9.2-release-p11",
"scope": "ne",
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "project openssl k",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"_id": null,
"model": "security network intrusion prevention system gx3002",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.2"
},
{
"_id": null,
"model": "i v5r3",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1"
},
{
"_id": null,
"model": "proventia network security controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.470"
},
{
"_id": null,
"model": "security network intrusion prevention system gx5008",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.4"
},
{
"_id": null,
"model": "flex system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.2.0.0"
},
{
"_id": null,
"model": "project openssl 1.0.0g",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "enterprise linux workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7"
},
{
"_id": null,
"model": "virtual connect 8gb 24-port fc module",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.0"
},
{
"_id": null,
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"_id": null,
"model": "clustered data ontap antivirus connector",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.3"
},
{
"_id": null,
"model": "tivoli netcool/reporter",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.5"
},
{
"_id": null,
"model": "vios fp-25 sp-02",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.1.4"
},
{
"_id": null,
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "3.5.1"
},
{
"_id": null,
"model": "9.1-release-p1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "8.3-release-p16",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "workcentre spar",
"scope": "ne",
"trust": 0.3,
"vendor": "xerox",
"version": "7530061.121.225.06100"
},
{
"_id": null,
"model": "insight control server provisioning",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "7.5.1"
},
{
"_id": null,
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "7.2"
},
{
"_id": null,
"model": "sametime",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0.0.1"
},
{
"_id": null,
"model": "netscaler t1",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "0"
},
{
"_id": null,
"model": "7.3-stable",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "8.4-release-p9",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.2"
},
{
"_id": null,
"model": "upward integration modules for vmware vsphere",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.1"
},
{
"_id": null,
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.6.2"
},
{
"_id": null,
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "one-x client enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"_id": null,
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.3"
},
{
"_id": null,
"model": "aura communication manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "7.1-releng",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "solaris",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10"
},
{
"_id": null,
"model": "security network intrusion prevention system gx7412",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6"
},
{
"_id": null,
"model": "idatplex dx360 m4 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "79120"
},
{
"_id": null,
"model": "data ontap smi-s agent",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2"
},
{
"_id": null,
"model": "matrix operating environment",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3"
},
{
"_id": null,
"model": "version control agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2"
},
{
"_id": null,
"model": "cacheflow",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "3.2"
},
{
"_id": null,
"model": "sterling connect:direct for hp nonstop",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.5.1"
},
{
"_id": null,
"model": "project openssl 0.9.8w",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.4"
},
{
"_id": null,
"model": "security network intrusion prevention system gv200",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3"
},
{
"_id": null,
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.8"
},
{
"_id": null,
"model": "aura system platform sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "-release-p5",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.0"
},
{
"_id": null,
"model": "jboss web server",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1.0"
},
{
"_id": null,
"model": "scale out network attached storage",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.4.1.0"
},
{
"_id": null,
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.0"
},
{
"_id": null,
"model": "flex system compute node",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x2407863"
},
{
"_id": null,
"model": "flex system fc3171 8gb san switch",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.5.4"
},
{
"_id": null,
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "3.5.1"
},
{
"_id": null,
"model": "flex system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.1.0"
},
{
"_id": null,
"model": "idatplex dx360 m4 water cooled type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "79180"
},
{
"_id": null,
"model": "aura session manager sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"_id": null,
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.1"
},
{
"_id": null,
"model": "system m4",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x35007383"
},
{
"_id": null,
"model": "project openssl 1.0.0m",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.1"
},
{
"_id": null,
"model": "release-p4",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "9.1"
},
{
"_id": null,
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "78450"
},
{
"_id": null,
"model": "tivoli composite application manager for transactions",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0"
},
{
"_id": null,
"model": "business server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "1"
},
{
"_id": null,
"model": "project openssl 1.0.1g",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.0"
},
{
"_id": null,
"model": "tivoli composite application manager for transactions",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.4"
},
{
"_id": null,
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3"
},
{
"_id": null,
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"_id": null,
"model": "project openssl 0.9.8m",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "72250"
},
{
"_id": null,
"model": "10.0-release-p1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "aura experience portal",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.0"
},
{
"_id": null,
"model": "-prerelease",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "7.0"
},
{
"_id": null,
"model": "9.1-rc2",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "project openssl j",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"_id": null,
"model": "clustered data ontap antivirus connector",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.2"
},
{
"_id": null,
"model": "websphere datapower soa appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.0.8"
},
{
"_id": null,
"model": "rational application developer for websphere",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1"
},
{
"_id": null,
"model": "security network intrusion prevention system gx4004",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6"
},
{
"_id": null,
"model": "flex system compute node",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x2207906"
},
{
"_id": null,
"model": "security network intrusion prevention system gv1000",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6"
},
{
"_id": null,
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.1"
},
{
"_id": null,
"model": "websphere datapower soa appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.14"
},
{
"_id": null,
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.9"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.2.4"
},
{
"_id": null,
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "3.5"
},
{
"_id": null,
"model": "command center appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "0"
},
{
"_id": null,
"model": "hp-ux b.11.23 (11i",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "v2)"
},
{
"_id": null,
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.7"
},
{
"_id": null,
"model": "aura application server sip core",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "53002.0"
},
{
"_id": null,
"model": "sterling file gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1"
},
{
"_id": null,
"model": "-release/alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.1"
},
{
"_id": null,
"model": "8.2-stable",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.2.0"
},
{
"_id": null,
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "2.2.1"
},
{
"_id": null,
"model": "meeting exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "aura communication manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"_id": null,
"model": "websphere datapower soa appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.00"
},
{
"_id": null,
"model": "9.2-release-p8",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "ip office application server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "8.0"
},
{
"_id": null,
"model": "netscaler gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "0"
},
{
"_id": null,
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.3.0.3"
},
{
"_id": null,
"model": "linerate",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "2.3.2"
},
{
"_id": null,
"model": "linerate",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "2.4"
},
{
"_id": null,
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"_id": null,
"model": "oncommand unified manager core package",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5"
},
{
"_id": null,
"model": "2-stable",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.2"
},
{
"_id": null,
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "78350"
},
{
"_id": null,
"model": "security network intrusion prevention system gx3002",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.5"
},
{
"_id": null,
"model": "9.1--releng",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "3.2"
},
{
"_id": null,
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.1"
},
{
"_id": null,
"model": "proventia network security controller 1.0.3352m",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "idatplex dx360 m4 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "79130"
},
{
"_id": null,
"model": "6.3-release-p10",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "arx",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "6.0"
},
{
"_id": null,
"model": "tivoli composite application manager for transactions",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.0"
},
{
"_id": null,
"model": "9.3-beta3-p2",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "72200"
},
{
"_id": null,
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "57350"
},
{
"_id": null,
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0"
},
{
"_id": null,
"model": "security network intrusion prevention system gv200",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.5"
},
{
"_id": null,
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2.4"
},
{
"_id": null,
"model": "-release-p20",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.6"
},
{
"_id": null,
"model": "proxysg sgos",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "6.1"
},
{
"_id": null,
"model": "aura messaging",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "workcentre spar",
"scope": "ne",
"trust": 0.3,
"vendor": "xerox",
"version": "7556061.121.225.06100"
},
{
"_id": null,
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "2.1"
},
{
"_id": null,
"model": "security network intrusion prevention system gx5008-v2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3"
},
{
"_id": null,
"model": "image construction and composition tool",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.1.1"
},
{
"_id": null,
"model": "-release-p8",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.3"
},
{
"_id": null,
"model": "security network intrusion prevention system gx5008",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6"
},
{
"_id": null,
"model": "flex system fc5022 16gb san scalable switch 7.2.1c",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "9.0-release-p6",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.2"
},
{
"_id": null,
"model": "-release-p14",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.0"
},
{
"_id": null,
"model": "security network intrusion prevention system gx7800",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3"
},
{
"_id": null,
"model": "security network intrusion prevention system gx7412-10",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.2"
},
{
"_id": null,
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.5.0"
},
{
"_id": null,
"model": "qradar siem mr2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1"
},
{
"_id": null,
"model": "-stablepre2001-07-20",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "3.5.1"
},
{
"_id": null,
"model": "arx",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "6.4"
},
{
"_id": null,
"model": "upward integration modules for microsoft system center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.5.2"
},
{
"_id": null,
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"_id": null,
"model": "cacheflow",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "3.0"
},
{
"_id": null,
"model": "project openssl 0.9.8r",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "security network intrusion prevention system gx3002",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.4"
},
{
"_id": null,
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.5"
},
{
"_id": null,
"model": "workcentre r14-11 spar",
"scope": "ne",
"trust": 0.3,
"vendor": "xerox",
"version": "5855072.060.134.32804"
},
{
"_id": null,
"model": "8.3-stable",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "6.3-release-p11",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "project openssl 0.9.8n",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.14"
},
{
"_id": null,
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "2.0.5"
},
{
"_id": null,
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.2"
},
{
"_id": null,
"model": "virtual connect enterprise manager sdk",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.4"
},
{
"_id": null,
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "3.0"
},
{
"_id": null,
"model": "9.2-rc2",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "icewall sso agent option",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "10"
},
{
"_id": null,
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3"
},
{
"_id": null,
"model": "snapdrive for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0"
},
{
"_id": null,
"model": "security network intrusion prevention system gv200",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.4"
},
{
"_id": null,
"model": "cloudsystem matrix",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2"
},
{
"_id": null,
"model": "system m4",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x33007382"
},
{
"_id": null,
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"_id": null,
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.6"
},
{
"_id": null,
"model": "sametime",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.2.1"
},
{
"_id": null,
"model": "virtual connect 8gb 24-port fc module",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1.0"
},
{
"_id": null,
"model": "7.2-rc2",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "linerate",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "2.2.2"
},
{
"_id": null,
"model": "project openssl 0.9.8y",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "7.0-release-p12",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "arx",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "6.3"
},
{
"_id": null,
"model": "matrix operating environment",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.5"
},
{
"_id": null,
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.1"
},
{
"_id": null,
"model": "9.0-rc3",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "upward integration modules for microsoft system center",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "5.5.3"
},
{
"_id": null,
"model": "project openssl beta4",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0.0"
},
{
"_id": null,
"model": "security network intrusion prevention system gx7412",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.1"
},
{
"_id": null,
"model": "open systems snapvault",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0"
},
{
"_id": null,
"model": "jboss enterprise application platform",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6.3"
},
{
"_id": null,
"model": "meeting exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"_id": null,
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "78300"
},
{
"_id": null,
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.3"
},
{
"_id": null,
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "8.1"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.0.11"
},
{
"_id": null,
"model": "upward integration modules hardware management pack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.5.2"
},
{
"_id": null,
"model": "upward integration modules for microsoft system center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.2"
},
{
"_id": null,
"model": "system type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x3850x638370"
},
{
"_id": null,
"model": "-release-p3",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"_id": null,
"model": "netscaler application delivery controller",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "0"
},
{
"_id": null,
"model": "project openssl 1.0.0l",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.4"
},
{
"_id": null,
"model": "security network intrusion prevention system gx4004-v2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.2"
},
{
"_id": null,
"model": "oncommand unified manager core package",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2"
},
{
"_id": null,
"model": "upward integration modules integrated installer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.5.2"
},
{
"_id": null,
"model": "9.1-release-p12",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"_id": null,
"model": "project openssl beta5",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0.0"
},
{
"_id": null,
"model": "7.1-release-p4",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "flex system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.0.1"
},
{
"_id": null,
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3"
},
{
"_id": null,
"model": "version control agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.3"
},
{
"_id": null,
"model": "websphere datapower soa appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.13"
},
{
"_id": null,
"model": "matrix operating environment",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.2"
},
{
"_id": null,
"model": "insight control server deployment",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.0"
},
{
"_id": null,
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.0"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.3"
},
{
"_id": null,
"model": "linerate",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "2.2.4"
},
{
"_id": null,
"model": "arx",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "6.2"
},
{
"_id": null,
"model": "7.0-stable",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "75300"
},
{
"_id": null,
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.0.3"
},
{
"_id": null,
"model": "project openssl 0.9.8p",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.1"
},
{
"_id": null,
"model": "rc2",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "9.2"
},
{
"_id": null,
"model": "9.0-rc1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "aura messaging",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"_id": null,
"model": "flex system manager node",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7955"
},
{
"_id": null,
"model": "security network intrusion prevention system gx5008-v2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.5"
},
{
"_id": null,
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.2"
},
{
"_id": null,
"model": "linerate",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "2.2"
},
{
"_id": null,
"model": "security network intrusion prevention system gx5208",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.1"
},
{
"_id": null,
"model": "security network intrusion prevention system gx4002",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3"
},
{
"_id": null,
"model": "nextscale nx360 m4 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "54550"
},
{
"_id": null,
"model": "upward integration modules for microsoft system center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.5.1"
},
{
"_id": null,
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"_id": null,
"model": "websphere datapower soa appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.08"
},
{
"_id": null,
"model": "7.2-release-p4",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "-stablepre122300",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.2"
},
{
"_id": null,
"model": "websphere datapower soa appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.015"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.0.13"
},
{
"_id": null,
"model": "security network intrusion prevention system gv1000",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.1"
},
{
"_id": null,
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "3.2x"
},
{
"_id": null,
"model": "7.1-release-p5",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "7.0-release-p8",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "linux ia-64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.2"
},
{
"_id": null,
"model": "8.4-release-p8",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "prerelease",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "9.2"
},
{
"_id": null,
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.1"
},
{
"_id": null,
"model": "linerate",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "2.2.5"
},
{
"_id": null,
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.2.1"
},
{
"_id": null,
"model": "flex system compute node",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x2408738"
},
{
"_id": null,
"model": "insight control",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2"
},
{
"_id": null,
"model": "workcentre r14-11 spar",
"scope": "ne",
"trust": 0.3,
"vendor": "xerox",
"version": "5875072.060.134.32804"
},
{
"_id": null,
"model": "sterling connect:direct for microsoft windows",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.5.01"
},
{
"_id": null,
"model": "snapdrive for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.2"
},
{
"_id": null,
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "75450"
},
{
"_id": null,
"model": "8.1-release-p5",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.3.2"
},
{
"_id": null,
"model": "security network intrusion prevention system gx5008-v2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.4"
},
{
"_id": null,
"model": "security network intrusion prevention system gx7412-05",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.2"
},
{
"_id": null,
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.5"
},
{
"_id": null,
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.0.x"
},
{
"_id": null,
"model": "security analytics platform",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "7.1.3"
},
{
"_id": null,
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"_id": null,
"model": "9.3-rc",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "snapdrive for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1"
},
{
"_id": null,
"model": "enterprise linux workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"_id": null,
"model": "9.3-beta1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "cloudsystem matrix",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.1"
},
{
"_id": null,
"model": "project openssl 0.9.8za",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "data ontap smi-s agent",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1.1"
},
{
"_id": null,
"model": "security network intrusion prevention system gx7412-10",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.5"
},
{
"_id": null,
"model": "8.4-release-p13",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "7.1-stable",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "snapdrive for windows",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2"
},
{
"_id": null,
"model": "project openssl 0.9.8m beta1",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.2"
},
{
"_id": null,
"model": "version control agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.1"
},
{
"_id": null,
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.2"
},
{
"_id": null,
"model": "enterprise linux desktop client",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"_id": null,
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7"
},
{
"_id": null,
"model": "security network intrusion prevention system gx5008",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.1"
},
{
"_id": null,
"model": "aura messaging",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.1"
},
{
"_id": null,
"model": "project openssl 0.9.8q",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "10.0-rc3-p1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "cacheflow",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "3.3"
},
{
"_id": null,
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "2.1.7"
},
{
"_id": null,
"model": "colorqube r14-11 spar",
"scope": "ne",
"trust": 0.3,
"vendor": "xerox",
"version": "9301072.180.134.32804"
},
{
"_id": null,
"model": "systems insight manager",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "7.5.1"
},
{
"_id": null,
"model": "-pre-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "7.1"
},
{
"_id": null,
"model": "aura session manager sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"_id": null,
"model": "aura communication manager utility services sp",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.16.1.0.9.8"
},
{
"_id": null,
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "9.2"
},
{
"_id": null,
"model": "system m4 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x365079150"
},
{
"_id": null,
"model": "iq",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"_id": null,
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.1"
},
{
"_id": null,
"model": "rational application developer for websphere",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.0.1"
},
{
"_id": null,
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "75560"
},
{
"_id": null,
"model": "8.0-release",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "aura presence services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"_id": null,
"model": "websphere datapower soa appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.0.0"
},
{
"_id": null,
"model": "security network intrusion prevention system gx4002",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.5"
},
{
"_id": null,
"model": "flex system fc3171 8gb san switch",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.3"
},
{
"_id": null,
"model": "ssl for openvms",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1.4-453"
},
{
"_id": null,
"model": "enterprise linux load balancer eus 6.5.z",
"scope": null,
"trust": 0.3,
"vendor": "redhat",
"version": null
},
{
"_id": null,
"model": "security network intrusion prevention system gx7412-10",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.4"
},
{
"_id": null,
"model": "9.2-rc2-p2",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.3-stable",
"scope": "ne",
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.3"
},
{
"_id": null,
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "58750"
},
{
"_id": null,
"model": "security network intrusion prevention system gv200",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6"
},
{
"_id": null,
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.5"
},
{
"_id": null,
"model": "aura presence services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.2"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.1"
},
{
"_id": null,
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.5"
},
{
"_id": null,
"model": "ip office server edition",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "9.0"
},
{
"_id": null,
"model": "websphere datapower soa appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.0.6"
},
{
"_id": null,
"model": "scale out network attached storage",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.2.2"
},
{
"_id": null,
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"_id": null,
"model": "9.2-release-p7",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "system m4",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x35507914"
},
{
"_id": null,
"model": "scale out network attached storage",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.4.2.1"
},
{
"_id": null,
"model": "8.3-release-p15",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "websphere datapower soa appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.0.9"
},
{
"_id": null,
"model": "project openssl 1.0.1c",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "proxysg sgos",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "5.5"
},
{
"_id": null,
"model": "9.1-release-p11",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "7.0"
},
{
"_id": null,
"model": "ssl for openvms",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1.4-467"
},
{
"_id": null,
"model": "9.1-release-p16",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "8.3"
},
{
"_id": null,
"model": "-release-p3",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "7.4"
},
{
"_id": null,
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "2.1.5"
},
{
"_id": null,
"model": "7.3-release-p1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "7.2-prerelease",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "aura communication manager utility services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2.4.0.15"
},
{
"_id": null,
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "3.3x"
},
{
"_id": null,
"model": "9.3-rc2-p1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "tssc",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0"
},
{
"_id": null,
"model": "8.3-release-p8",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "security network intrusion prevention system gx4002",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.4"
},
{
"_id": null,
"model": "-stablepre2002-03-07",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.5"
},
{
"_id": null,
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8v"
},
{
"_id": null,
"model": "security network intrusion prevention system gx5108-v2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3"
},
{
"_id": null,
"model": "project openssl 1.0.1f",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "sterling connect:direct for microsoft windows",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.5.00"
},
{
"_id": null,
"model": "oncommand workflow automation",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2"
},
{
"_id": null,
"model": "upward integration modules for vmware vsphere",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.2"
},
{
"_id": null,
"model": "security network intrusion prevention system gx6116",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.2"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.4.1"
},
{
"_id": null,
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.2"
},
{
"_id": null,
"model": "gpfs for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.5.0.11"
},
{
"_id": null,
"model": "system m4 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x357087330"
},
{
"_id": null,
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "1.2"
},
{
"_id": null,
"model": "8.3-release-p11",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "2.1.6.1"
},
{
"_id": null,
"model": "linerate",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "2.2.3"
},
{
"_id": null,
"model": "linerate",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "2.3"
},
{
"_id": null,
"model": "upward integration modules for microsoft system center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.1"
},
{
"_id": null,
"model": "upward integration modules scvmm add-in",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.2"
},
{
"_id": null,
"model": "7.2-stable",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "3.3"
},
{
"_id": null,
"model": "sametime",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0.0.0"
},
{
"_id": null,
"model": "8.3-releng",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "project openssl 0.9.8g",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "9.2-release-p3",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "flex system fc5022 16gb san scalable switch 7.3.0a",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "cms r17",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"_id": null,
"model": "scale out network attached storage",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.2"
},
{
"_id": null,
"model": "flex system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.0.0"
},
{
"_id": null,
"model": "7.3-release",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "sdk for node.js",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.0.7"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "7"
},
{
"_id": null,
"model": "6.4-release-p11",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "oncommand workflow automation",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0"
},
{
"_id": null,
"model": "sterling file gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2"
},
{
"_id": null,
"model": "oncommand unified manager core package 5.2.1p1",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "colorqube",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "89000"
},
{
"_id": null,
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "9.0"
},
{
"_id": null,
"model": "8.4-release-p11",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "-release-p9",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.3"
},
{
"_id": null,
"model": "7.4-release-p12",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "scale out network attached storage",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.4.3.1"
},
{
"_id": null,
"model": "security network intrusion prevention system gx7412-05",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.5"
},
{
"_id": null,
"model": "alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.0"
},
{
"_id": null,
"model": "security network intrusion prevention system gx6116",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.1"
},
{
"_id": null,
"model": "matrix operating environment",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.2"
},
{
"_id": null,
"model": "8.3-release-p14",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "flex system compute node",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x2202585"
},
{
"_id": null,
"model": "insight control",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.4"
},
{
"_id": null,
"model": "-release-p3",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.4"
},
{
"_id": null,
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.7"
},
{
"_id": null,
"model": "10.0-release-p5",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.1-release-p7",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "cloudsystem matrix",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.1"
},
{
"_id": null,
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"_id": null,
"model": "security network intrusion prevention system gx5008-v2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6"
},
{
"_id": null,
"model": "security network intrusion prevention system gx3002",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3"
},
{
"_id": null,
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.1.1"
},
{
"_id": null,
"model": "one-x client enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.2"
},
{
"_id": null,
"model": "proxysg sgos",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "6.5.6.4"
},
{
"_id": null,
"model": "linux lts amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "12.04"
},
{
"_id": null,
"model": "9.1-release-p17",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "project openssl beta2",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0"
},
{
"_id": null,
"model": "security network intrusion prevention system gx7800",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6"
},
{
"_id": null,
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "75250"
},
{
"_id": null,
"model": "security network intrusion prevention system gx5208-v2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.2"
},
{
"_id": null,
"model": "upward integration modules for vmware vsphere",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "3.5.3"
},
{
"_id": null,
"model": "flex system fc3171 8gb san pass-thru",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.2"
},
{
"_id": null,
"model": "open systems snapvault 3.0.1p6",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "snapdrive for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.2"
},
{
"_id": null,
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "2.2"
},
{
"_id": null,
"model": "linux mips",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "workcentre spar",
"scope": "ne",
"trust": 0.3,
"vendor": "xerox",
"version": "7525061.121.225.06100"
},
{
"_id": null,
"model": "scale out network attached storage",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.0.5"
},
{
"_id": null,
"model": "security network intrusion prevention system gx7412-05",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.4"
},
{
"_id": null,
"model": "hp-ux b.11.11",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "security network intrusion prevention system gx5108-v2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.5"
},
{
"_id": null,
"model": "-release-p1",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "7.1"
},
{
"_id": null,
"model": "9.3-beta1-p1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "workcentre r14-11 spar",
"scope": "ne",
"trust": 0.3,
"vendor": "xerox",
"version": "7835072.010.134.32804"
},
{
"_id": null,
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.3"
},
{
"_id": null,
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.4.1"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "14.1"
},
{
"_id": null,
"model": "aura communication manager utility services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2.5.0.15"
},
{
"_id": null,
"model": "security network intrusion prevention system gx5208-v2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.1"
},
{
"_id": null,
"model": "8-stable",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2"
},
{
"_id": null,
"model": "storage provisioning manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.4"
},
{
"_id": null,
"model": "security analytics platform",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "6.6.9"
},
{
"_id": null,
"model": "flex system compute node",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x2227916"
},
{
"_id": null,
"model": "flex system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.0.0"
},
{
"_id": null,
"model": "-release-p6",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.3"
},
{
"_id": null,
"model": "8.4-rc1-p1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "-release-p5",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.1"
},
{
"_id": null,
"model": "qradar risk manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.3"
},
{
"_id": null,
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.5"
},
{
"_id": null,
"model": "flex system fc3171 8gb san pass-thru",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.1"
},
{
"_id": null,
"model": "8.1-release-p1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"_id": null,
"model": "security network intrusion prevention system gx5108-v2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.4"
},
{
"_id": null,
"model": "8.0-stable",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1"
},
{
"_id": null,
"model": "7.1-release-p6",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.1.0"
},
{
"_id": null,
"model": "scale out network attached storage",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.4.3.4"
},
{
"_id": null,
"model": "cloudsystem matrix",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.2"
},
{
"_id": null,
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.0"
},
{
"_id": null,
"model": "-stablepre050201",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.2"
},
{
"_id": null,
"model": "8.4-release-p14",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "-release-p9",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "7.0"
},
{
"_id": null,
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.5.0"
},
{
"_id": null,
"model": "aura system manager sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"_id": null,
"model": "insight control server deployment",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.1"
},
{
"_id": null,
"model": "project openssl 0.9.8l",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.1.1"
},
{
"_id": null,
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "9.2-"
},
{
"_id": null,
"model": "9.1-release-p18",
"scope": "ne",
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "websphere datapower soa appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.1.2"
},
{
"_id": null,
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.2"
},
{
"_id": null,
"model": "flex system fc3171 8gb san pass-thru",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1"
},
{
"_id": null,
"model": "10.0-release-p4",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "flex system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.20"
},
{
"_id": null,
"model": "matrix operating environment",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.4"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.1"
},
{
"_id": null,
"model": "icewall sso dfw r2",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "8.0"
},
{
"_id": null,
"model": "7.3-releng",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "project openssl 1.0.1i",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "project openssl 1.0.0n",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "project openssl h",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"_id": null,
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.3"
},
{
"_id": null,
"model": "aura session manager sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"_id": null,
"model": "i v5r4",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1"
},
{
"_id": null,
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "3.4x"
},
{
"_id": null,
"model": "one-x client enablement services sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"_id": null,
"model": "image construction and composition tool",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.1.3"
},
{
"_id": null,
"model": "security network intrusion prevention system gx4002",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6"
},
{
"_id": null,
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3"
},
{
"_id": null,
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.0.x"
},
{
"_id": null,
"model": "ip office server edition",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "8.1"
},
{
"_id": null,
"model": "project openssl i",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"_id": null,
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.4"
},
{
"_id": null,
"model": "one-x client enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"_id": null,
"model": "7.4-releng",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "websphere datapower soa appliance",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.0.9"
},
{
"_id": null,
"model": "scale out network attached storage",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.4.3.3"
},
{
"_id": null,
"model": "project openssl 1.0.0i",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "2.0"
},
{
"_id": null,
"model": "10.0-release-p6",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "server migration pack",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "7.5.1"
},
{
"_id": null,
"model": "hp-ux b.11.11 (11i",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "v1)"
},
{
"_id": null,
"model": "tivoli netcool system service monitor fp1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.1"
},
{
"_id": null,
"model": "storage provisioning manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.2.2"
},
{
"_id": null,
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.0"
},
{
"_id": null,
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.2"
},
{
"_id": null,
"model": "security network intrusion prevention system gx7412",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.2"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.4.1"
},
{
"_id": null,
"model": "i v5r3",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1"
},
{
"_id": null,
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "10"
},
{
"_id": null,
"model": "hp-ux b.11.23",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.0"
},
{
"_id": null,
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "2.2.7"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2"
},
{
"_id": null,
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "7.3"
},
{
"_id": null,
"model": "scale out network attached storage",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.0.4"
},
{
"_id": null,
"model": "6.4-release-p2",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "flex system compute node",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x8804259"
},
{
"_id": null,
"model": "10.0-release-p2",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "i v5r4",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2"
},
{
"_id": null,
"model": "9.1-release-p15",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "ssl for openvms",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "1.4-493"
},
{
"_id": null,
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.10"
},
{
"_id": null,
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "9.3"
},
{
"_id": null,
"model": "proxysg sgos",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "6.5.4.4"
},
{
"_id": null,
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.3.8.3"
},
{
"_id": null,
"model": "tssc",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.3"
},
{
"_id": null,
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3.1"
},
{
"_id": null,
"model": "7.0-release-p3",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5"
},
{
"_id": null,
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "1.1.5.1"
},
{
"_id": null,
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.4"
},
{
"_id": null,
"model": "iq",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.1.1"
},
{
"_id": null,
"model": "system m4",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x37508752"
},
{
"_id": null,
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "3.5.1"
},
{
"_id": null,
"model": "colorqube r14-11 spar",
"scope": "ne",
"trust": 0.3,
"vendor": "xerox",
"version": "8700072.161.134.32804"
},
{
"_id": null,
"model": "scale out network attached storage",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.2.3"
},
{
"_id": null,
"model": "8.2-release-p1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2.3"
},
{
"_id": null,
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.1"
},
{
"_id": null,
"model": "snapdrive for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.3"
},
{
"_id": null,
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.3.9.3"
},
{
"_id": null,
"model": "x-series xos",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "8.5"
},
{
"_id": null,
"model": "insight control server provisioning",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.5.0"
},
{
"_id": null,
"model": "insight control server provisioning",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.4.0"
},
{
"_id": null,
"model": "proxysg sgos",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "6.4"
},
{
"_id": null,
"model": "security network intrusion prevention system gx5008-v2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.1"
},
{
"_id": null,
"model": "i v5r3",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2"
},
{
"_id": null,
"model": "9.3-prerelease",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "project openssl 1.0.0e",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "security network intrusion prevention system gx5208",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.2"
},
{
"_id": null,
"model": "8.3-release-p6",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "security network intrusion prevention system gx7800",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.1"
},
{
"_id": null,
"model": "project openssl beta1",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0"
},
{
"_id": null,
"model": "icewall sso dfw",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "8.0"
},
{
"_id": null,
"model": "storage provisioning manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.2"
},
{
"_id": null,
"model": "aura communication manager utility services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"_id": null,
"model": "version control agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3"
},
{
"_id": null,
"model": "6.4-release-p4",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "security network intrusion prevention system gx7412-10",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3"
},
{
"_id": null,
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"_id": null,
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"_id": null,
"model": "9.2-releng",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "security network intrusion prevention system gv1000",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.2"
},
{
"_id": null,
"model": "system management homepage",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "7.5.5"
},
{
"_id": null,
"model": "business server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "1x8664"
},
{
"_id": null,
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "3.5"
},
{
"_id": null,
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "3.5x"
},
{
"_id": null,
"model": "8.4-releng",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "x-series xos",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "9.0"
},
{
"_id": null,
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3"
},
{
"_id": null,
"model": "project openssl c",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"_id": null,
"model": "-release-p7",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.8"
},
{
"_id": null,
"model": "-release-p32",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.5"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.0.10"
},
{
"_id": null,
"model": "security network intrusion prevention system gx7412-05",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6"
},
{
"_id": null,
"model": "proxysg sgos",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "6.3"
},
{
"_id": null,
"model": "aura collaboration environment",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"_id": null,
"model": "insight control server deployment",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.1.2"
},
{
"_id": null,
"model": "system m4",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x36307158"
},
{
"_id": null,
"model": "7.0-release",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.1"
},
{
"_id": null,
"model": "workcentre",
"scope": "ne",
"trust": 0.3,
"vendor": "xerox",
"version": "5745061.132.224.35203"
},
{
"_id": null,
"model": "icewall sso agent option",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "8"
},
{
"_id": null,
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8x"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.2"
},
{
"_id": null,
"model": "ip office application server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "9.01"
},
{
"_id": null,
"model": "communication server 1000m",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "storage provisioning manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.3.2"
},
{
"_id": null,
"model": "upward integration modules hardware management pack",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "5.5.3"
},
{
"_id": null,
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "2.2.6"
},
{
"_id": null,
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.4"
},
{
"_id": null,
"model": "icewall sso dfw",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "10.0"
},
{
"_id": null,
"model": "upward integration modules integrated installer",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "5.5.3"
},
{
"_id": null,
"model": "workcentre r14-11 spar",
"scope": "ne",
"trust": 0.3,
"vendor": "xerox",
"version": "7830072.010.134.32804"
},
{
"_id": null,
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.2"
},
{
"_id": null,
"model": "insight control server deployment",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.1"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.3.3"
},
{
"_id": null,
"model": "security network intrusion prevention system gx4004",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.1"
},
{
"_id": null,
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.4"
},
{
"_id": null,
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.3"
},
{
"_id": null,
"model": "project openssl 0.9.8t",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "-release-p20",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"_id": null,
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.1"
},
{
"_id": null,
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"_id": null,
"model": "colorqube",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "93020"
},
{
"_id": null,
"model": "10.0-release-p8",
"scope": "ne",
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "communication server 1000m signaling server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "security network intrusion prevention system gx4004-v2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3"
},
{
"_id": null,
"model": "arx",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "6.1.1"
},
{
"_id": null,
"model": "security network intrusion prevention system gx5108-v2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6"
},
{
"_id": null,
"model": "puredata system for operational analytics",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0"
},
{
"_id": null,
"model": "8.1-release",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "security network intrusion prevention system gx5008",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.2"
},
{
"_id": null,
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.0.6"
},
{
"_id": null,
"model": "bladecenter advanced management module 3.66g",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "aura messaging",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.1"
},
{
"_id": null,
"model": "communication server 1000e",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "8.4-rc2-p1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "58550"
},
{
"_id": null,
"model": "project openssl 1.0.0c",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "colorqube r14-11 spar",
"scope": "ne",
"trust": 0.3,
"vendor": "xerox",
"version": "8900072.161.134.32804"
},
{
"_id": null,
"model": "linerate",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "2.4.1"
},
{
"_id": null,
"model": "9.3-rc2",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "qradar vulnerability manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.3"
},
{
"_id": null,
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "3.1x"
},
{
"_id": null,
"model": "9.3-rc3-p1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.1"
},
{
"_id": null,
"model": "flex system compute node",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x2408737"
},
{
"_id": null,
"model": "9.0--releng",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "data ontap smi-s agent",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1.2"
},
{
"_id": null,
"model": "9.2-rc1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "8.0"
},
{
"_id": null,
"model": "security network intrusion prevention system gx4002",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.1"
},
{
"_id": null,
"model": "scale out network attached storage",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.4.3.2"
},
{
"_id": null,
"model": "7.4-release-p2",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "7.0"
},
{
"_id": null,
"model": "colorqube r14-11 spar",
"scope": "ne",
"trust": 0.3,
"vendor": "xerox",
"version": "9302072.180.134.32804"
},
{
"_id": null,
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.0.x"
},
{
"_id": null,
"model": "websphere datapower soa appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.01"
},
{
"_id": null,
"model": "9.0-releng",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "x-series xos",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "9.5"
},
{
"_id": null,
"model": "security network intrusion prevention system gx7412",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.5"
},
{
"_id": null,
"model": "ip office application server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "9.02"
},
{
"_id": null,
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.6"
},
{
"_id": null,
"model": "cloudsystem matrix",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.3"
},
{
"_id": null,
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2.1"
},
{
"_id": null,
"model": "rc1",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "7.1"
},
{
"_id": null,
"model": "aura experience portal",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.2"
},
{
"_id": null,
"model": "workcentre r14-11 spar",
"scope": "ne",
"trust": 0.3,
"vendor": "xerox",
"version": "3655072.060.134.32804"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6"
},
{
"_id": null,
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.2"
},
{
"_id": null,
"model": "8.4-stable",
"scope": "ne",
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "release -p3",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "8.2-"
},
{
"_id": null,
"model": "8.1-prerelease",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "57550"
},
{
"_id": null,
"model": "linux lts",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "14.04"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.4"
},
{
"_id": null,
"model": "9.3-rc1-p2",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "security network intrusion prevention system gx3002",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6"
},
{
"_id": null,
"model": "tivoli netcool system service monitor fp14",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.0"
},
{
"_id": null,
"model": "security network intrusion prevention system gx7412-05",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3"
},
{
"_id": null,
"model": "project openssl 1.0.0f",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "linux lts i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "12.04"
},
{
"_id": null,
"model": "project openssl d",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"_id": null,
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "2.2x"
},
{
"_id": null,
"model": "tivoli management framework",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1.1"
},
{
"_id": null,
"model": "cloudsystem matrix",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3"
},
{
"_id": null,
"model": "7.4-stable",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "1.0"
},
{
"_id": null,
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.1"
},
{
"_id": null,
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.1"
},
{
"_id": null,
"model": "9.2-stable",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "scale out network attached storage",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.4.2.0"
},
{
"_id": null,
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1"
},
{
"_id": null,
"model": "snapdrive for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2"
},
{
"_id": null,
"model": "security network intrusion prevention system gx5208",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.5"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.0.12"
},
{
"_id": null,
"model": "sterling connect:direct for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"_id": null,
"model": "proxysg sgos",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "6.5"
},
{
"_id": null,
"model": "security network intrusion prevention system gx4004-v2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.5"
},
{
"_id": null,
"model": "project openssl 1.0.0j",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "matrix operating environment",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2"
},
{
"_id": null,
"model": "project openssl 1.0.0b",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.1.1"
},
{
"_id": null,
"model": "security network intrusion prevention system gv1000",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.5"
},
{
"_id": null,
"model": "aura presence services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.10"
},
{
"_id": null,
"model": "linerate",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "2.2.1"
},
{
"_id": null,
"model": "8-releng",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "aura experience portal sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "-prerelease",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.4"
},
{
"_id": null,
"model": "proventia network security controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.1209"
},
{
"_id": null,
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.6"
},
{
"_id": null,
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"_id": null,
"model": "7.3-release-p3",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "ssl for openvms",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1.4-471"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.0"
},
{
"_id": null,
"model": "cacheflow",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "2.2"
},
{
"_id": null,
"model": "8.2-release",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "system m4",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x32502583"
},
{
"_id": null,
"model": "version control agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.2"
},
{
"_id": null,
"model": "9.2-release-p9",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "enterprise linux server aus",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6.5"
},
{
"_id": null,
"model": "scale out network attached storage",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.0.0"
},
{
"_id": null,
"model": "-release-p38",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.3"
},
{
"_id": null,
"model": "security network intrusion prevention system gx5208",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.4"
},
{
"_id": null,
"model": "aura presence services sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"_id": null,
"model": "tssc",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.3.15"
},
{
"_id": null,
"model": "aura system manager sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3.3"
},
{
"_id": null,
"model": "security network intrusion prevention system gx4004-v2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.4"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.1.2"
},
{
"_id": null,
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.0.5"
},
{
"_id": null,
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.1.1"
},
{
"_id": null,
"model": "colorqube",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "93030"
},
{
"_id": null,
"model": "security network intrusion prevention system gv1000",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.4"
},
{
"_id": null,
"model": "aura system manager sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"_id": null,
"model": "hp-ux b.11.31",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "3.4"
},
{
"_id": null,
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.2"
},
{
"_id": null,
"model": "workcentre",
"scope": "ne",
"trust": 0.3,
"vendor": "xerox",
"version": "5755061.132.224.35203"
},
{
"_id": null,
"model": "clustered data ontap antivirus connector",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0"
},
{
"_id": null,
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "2.2.2"
},
{
"_id": null,
"model": "linux s/390",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "communication server 1000m signaling server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.0"
},
{
"_id": null,
"model": "aura experience portal",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "security analytics platform",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "7.1.4"
},
{
"_id": null,
"model": "8.4-beta1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.3"
},
{
"_id": null,
"model": "project openssl 0.9.8zb",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "project openssl beta3",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0"
},
{
"_id": null,
"model": "project openssl f",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.1"
},
{
"_id": null,
"model": "cloudbridge",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "0"
},
{
"_id": null,
"model": "communication server 1000e",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.0"
},
{
"_id": null,
"model": "workcentre r14-11 spar",
"scope": "ne",
"trust": 0.3,
"vendor": "xerox",
"version": "7225072.030.134.32804"
},
{
"_id": null,
"model": "system m4",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x31002582"
},
{
"_id": null,
"model": "snapdrive for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.1"
},
{
"_id": null,
"model": "gpfs for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.5"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.3"
},
{
"_id": null,
"model": "version control repository manager",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "7.5.1"
},
{
"_id": null,
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2.2"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2"
},
{
"_id": null,
"model": "6.0-releng",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "1.1.5"
},
{
"_id": null,
"model": "9.2-release-p5",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "aura session manager sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "2.2.4"
},
{
"_id": null,
"model": "security network intrusion prevention system gx6116",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3"
},
{
"_id": null,
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2"
},
{
"_id": null,
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.0"
},
{
"_id": null,
"model": "upward integration modules for microsoft system center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.5"
},
{
"_id": null,
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "58450"
},
{
"_id": null,
"model": "sterling connect:direct for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1"
},
{
"_id": null,
"model": "10.0-rc2-p1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "project openssl 1.0.1d",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "2.1.6"
},
{
"_id": null,
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.5"
},
{
"_id": null,
"model": "workcentre r14-11 spar",
"scope": "ne",
"trust": 0.3,
"vendor": "xerox",
"version": "5845072.060.134.32804"
},
{
"_id": null,
"model": "8.4-prerelease",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.1.9"
},
{
"_id": null,
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.2"
},
{
"_id": null,
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.2.1"
},
{
"_id": null,
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "2.1x"
},
{
"_id": null,
"model": "9.3-release-p1",
"scope": "ne",
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "data ontap smi-s agent",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.1"
},
{
"_id": null,
"model": "open systems snapvault",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.6"
},
{
"_id": null,
"model": "flex system fc3171 8gb san switch",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.2"
},
{
"_id": null,
"model": "8.4-release-p4",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "flex system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.2.1.0"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.2"
},
{
"_id": null,
"model": "8.1-releng",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "cacheflow",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "2.0"
},
{
"_id": null,
"model": "aura session manager sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"_id": null,
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.5"
},
{
"_id": null,
"model": "tssc",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.3.16"
},
{
"_id": null,
"model": "workcentre",
"scope": "ne",
"trust": 0.3,
"vendor": "xerox",
"version": "5740061.132.224.35203"
},
{
"_id": null,
"model": "-release-p14",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "7.1"
},
{
"_id": null,
"model": "matrix operating environment",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.1"
},
{
"_id": null,
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "57450"
},
{
"_id": null,
"model": "8.1-release-p4",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"_id": null,
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "2.2.5"
},
{
"_id": null,
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "scale out network attached storage",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.1"
},
{
"_id": null,
"model": "aura presence services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.1"
},
{
"_id": null,
"model": "snapdrive for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.1"
},
{
"_id": null,
"model": "centos",
"scope": "eq",
"trust": 0.3,
"vendor": "centos",
"version": "5"
},
{
"_id": null,
"model": "proactive contact",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.0"
},
{
"_id": null,
"model": "security network intrusion prevention system gx3002",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.1"
},
{
"_id": null,
"model": "ip office application server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "8.1"
},
{
"_id": null,
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"_id": null,
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.0"
},
{
"_id": null,
"model": "security network intrusion prevention system gx5208-v2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.1.8"
},
{
"_id": null,
"model": "security network intrusion prevention system gx7412-10",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6"
},
{
"_id": null,
"model": "security network intrusion prevention system gv200",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.1"
},
{
"_id": null,
"model": "enterprise linux server",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7"
},
{
"_id": null,
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "2.1.7.1"
},
{
"_id": null,
"model": "colorqube",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "87000"
},
{
"_id": null,
"model": "flex system fc3171 8gb san switch",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.1"
},
{
"_id": null,
"model": "proventia network security controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.913"
},
{
"_id": null,
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.2"
},
{
"_id": null,
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.5"
},
{
"_id": null,
"model": "9.1-rc1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "beta4",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "7.0"
},
{
"_id": null,
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "2.0.1"
},
{
"_id": null,
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.4"
},
{
"_id": null,
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.2"
},
{
"_id": null,
"model": "system m5 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x310054570"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.0"
},
{
"_id": null,
"model": "insight control server provisioning",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.4.1"
},
{
"_id": null,
"model": "9.0-stable",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "icewall sso agent option update rele",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "8.02007"
},
{
"_id": null,
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.1"
},
{
"_id": null,
"model": "aura session manager sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"_id": null,
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "1.1"
},
{
"_id": null,
"model": "system m4",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x35307160"
},
{
"_id": null,
"model": "security network intrusion prevention system gx6116",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.5"
},
{
"_id": null,
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "-release-p5",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "8.0"
},
{
"_id": null,
"model": "9.2-rc3-p1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "insight control",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "7.5.1"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.3.1"
},
{
"_id": null,
"model": "aura communication manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "14.0"
},
{
"_id": null,
"model": "open systems snapvault",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.6.1"
},
{
"_id": null,
"model": "7.2-release-p1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "1.5"
},
{
"_id": null,
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2.1.0.9"
},
{
"_id": null,
"model": "security network intrusion prevention system gx5208",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6"
},
{
"_id": null,
"model": "sterling connect:direct for hp nonstop",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.5"
},
{
"_id": null,
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.4"
},
{
"_id": null,
"model": "-stablepre050201",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "3.5"
},
{
"_id": null,
"model": "server migration pack",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.5"
},
{
"_id": null,
"model": "security network intrusion prevention system gx4004-v2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6"
},
{
"_id": null,
"model": "flex system fc5022 16gb san scalable switch",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.3.1"
},
{
"_id": null,
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.7"
},
{
"_id": null,
"model": "aura application server sip core",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "53003.0"
},
{
"_id": null,
"model": "security network intrusion prevention system gx5008-v2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.2"
},
{
"_id": null,
"model": "project openssl 1.0.0h",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0"
},
{
"_id": null,
"model": "security network intrusion prevention system gx7800",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.2"
},
{
"_id": null,
"model": "insight control",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.5"
},
{
"_id": null,
"model": "9.2-release-p4",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "security network intrusion prevention system gx6116",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.4"
},
{
"_id": null,
"model": "websphere datapower soa appliance",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.02"
},
{
"_id": null,
"model": "7.3-release-p6",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "aura experience portal",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.1"
},
{
"_id": null,
"model": "flashsystem",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8400"
},
{
"_id": null,
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "36550"
},
{
"_id": null,
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.4"
},
{
"_id": null,
"model": "release p7",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "7.3--"
},
{
"_id": null,
"model": "arx",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "6.1"
},
{
"_id": null,
"model": "aura experience portal sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "icewall sso dfw r3",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "8.0"
},
{
"_id": null,
"model": "5.4-stable",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "sterling b2b integrator",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1"
},
{
"_id": null,
"model": "workcentre spar",
"scope": "ne",
"trust": 0.3,
"vendor": "xerox",
"version": "7535061.121.225.06100"
},
{
"_id": null,
"model": "release-p5",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "9.1"
},
{
"_id": null,
"model": "one-x client enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.1"
},
{
"_id": null,
"model": "9.1-release-p14",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.1-release-p3",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "communication server 1000e signaling server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3"
},
{
"_id": null,
"model": "virtual connect enterprise manager sdk",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "7.4.1"
},
{
"_id": null,
"model": "aura messaging",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"_id": null,
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.8"
},
{
"_id": null,
"model": "-release-p10",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.1"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.3"
},
{
"_id": null,
"model": "version control agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.2"
},
{
"_id": null,
"model": "aura system manager sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"_id": null,
"model": "security network intrusion prevention system gx5208-v2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.5"
},
{
"_id": null,
"model": "system m4 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x357087180"
},
{
"_id": null,
"model": "project openssl 0.9.8o",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "66550"
},
{
"_id": null,
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.0.2"
},
{
"_id": null,
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.0"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "13.1"
},
{
"_id": null,
"model": "project openssl e",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"_id": null,
"model": "project openssl 1.0.1b",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "project openssl 1.0.0k",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "websphere datapower soa appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.0.14"
},
{
"_id": null,
"model": "9.3-beta1-p2",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "x-series xos",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "9.6"
},
{
"_id": null,
"model": "proxysg sgos",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "6.5.6.2"
},
{
"_id": null,
"model": "cms r17ac.g",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"_id": null,
"model": "aura system platform sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"_id": null,
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "78550"
},
{
"_id": null,
"model": "idatplex dx360 m4 water cooled type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "79190"
},
{
"_id": null,
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2.2"
},
{
"_id": null,
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.1"
},
{
"_id": null,
"model": "scale out network attached storage",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.4.3.0"
},
{
"_id": null,
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.4"
},
{
"_id": null,
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "2.2.3"
},
{
"_id": null,
"model": "matrix operating environment",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.1"
},
{
"_id": null,
"model": "sterling connect:direct for microsoft windows",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.0"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "13.0"
},
{
"_id": null,
"model": "security network intrusion prevention system gx7412",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3"
},
{
"_id": null,
"model": "security network intrusion prevention system gx4004",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.2"
},
{
"_id": null,
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "4.2"
},
{
"_id": null,
"model": "aura conferencing",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.0"
},
{
"_id": null,
"model": "system type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x3950x638370"
},
{
"_id": null,
"model": "10.0-rc1-p1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"_id": null,
"model": "sametime",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.2.0"
},
{
"_id": null,
"model": "aura system platform sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"_id": null,
"model": "centos",
"scope": "eq",
"trust": 0.3,
"vendor": "centos",
"version": "6"
},
{
"_id": null,
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.7"
},
{
"_id": null,
"model": "qradar siem",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.3"
},
{
"_id": null,
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.9"
},
{
"_id": null,
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "57400"
},
{
"_id": null,
"model": "websphere mq advanced message security",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "-8.0.0.0"
},
{
"_id": null,
"model": "security network intrusion prevention system gx5208-v2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.4"
},
{
"_id": null,
"model": "10.0-stable",
"scope": "ne",
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "hp-ux b.11.31 (11i",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "v3)"
},
{
"_id": null,
"model": "9.0-release",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "sterling b2b integrator",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2"
},
{
"_id": null,
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2.1"
},
{
"_id": null,
"model": "flex system compute node",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x2408956"
},
{
"_id": null,
"model": "flex system manager node",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8731"
},
{
"_id": null,
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "7.4"
},
{
"_id": null,
"model": "colorqube",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "93010"
},
{
"_id": null,
"model": "websphere datapower soa appliance",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.0.17"
},
{
"_id": null,
"model": "upward integration modules for vmware vsphere",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.5.2"
},
{
"_id": null,
"model": "linerate",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "2.3.1"
},
{
"_id": null,
"model": "aura communication manager utility services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "flex system compute node",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x8807903"
},
{
"_id": null,
"model": "proactive contact",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.1"
},
{
"_id": null,
"model": "icewall mcrp",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1"
},
{
"_id": null,
"model": "-release-p8",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.10"
},
{
"_id": null,
"model": "snapdrive for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1"
},
{
"_id": null,
"model": "tivoli composite application manager for transactions",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.3.0"
},
{
"_id": null,
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.2"
},
{
"_id": null,
"model": "9.2-release-p10",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "snapdrive for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1"
},
{
"_id": null,
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"_id": null,
"model": "8.4-release-p7",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "snapdrive for unix",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3"
},
{
"_id": null,
"model": "enterprise linux hpc node",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"_id": null,
"model": "system m4 hd",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x36305466"
},
{
"_id": null,
"model": "project openssl 0.9.8s",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "-release-p17",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.7"
},
{
"_id": null,
"model": "aura communication manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.1"
},
{
"_id": null,
"model": "7.0-release-p11",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "clustered data ontap antivirus connector",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.1"
},
{
"_id": null,
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.0"
},
{
"_id": null,
"model": "security network intrusion prevention system gx5208",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3"
},
{
"_id": null,
"model": "sterling connect:direct for hp nonstop",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.6"
},
{
"_id": null,
"model": "9.1-release-p10",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "workcentre r14-11 spar",
"scope": "ne",
"trust": 0.3,
"vendor": "xerox",
"version": "7845072.040.134.32804"
},
{
"_id": null,
"model": "qradar risk manager mr2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1"
},
{
"_id": null,
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"_id": null,
"model": "security network intrusion prevention system gx7412-10",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.1"
},
{
"_id": null,
"model": "proxysg sgos",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "6.2"
},
{
"_id": null,
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.1"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.2.5"
},
{
"_id": null,
"model": "security network intrusion prevention system gx4004",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3"
},
{
"_id": null,
"model": "communication server 1000e signaling server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.5"
},
{
"_id": null,
"model": "security network intrusion prevention system gv1000",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3"
},
{
"_id": null,
"model": "aura communication manager utility services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.0.9.8"
},
{
"_id": null,
"model": "rc1",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "9.2"
},
{
"_id": null,
"model": "workcentre spar",
"scope": "ne",
"trust": 0.3,
"vendor": "xerox",
"version": "7545061.121.225.06100"
},
{
"_id": null,
"model": "10.0-release-p7",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "open systems snapvault",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.1"
},
{
"_id": null,
"model": "enterprise linux server",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"_id": null,
"model": "flex system compute node",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x4407917"
},
{
"_id": null,
"model": "flashsystem",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v8400"
},
{
"_id": null,
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.1"
},
{
"_id": null,
"model": "system m4 hd",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x36505460"
},
{
"_id": null,
"model": "system m4 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x357087220"
},
{
"_id": null,
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.1"
},
{
"_id": null,
"model": "aura communication manager utility services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3"
},
{
"_id": null,
"model": "flex system manager node",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8734"
},
{
"_id": null,
"model": "linux ia-32",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "13.37"
},
{
"_id": null,
"model": "netscaler service delivery appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "0"
},
{
"_id": null,
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.10"
},
{
"_id": null,
"model": "-stablepre122300",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "3.5"
},
{
"_id": null,
"model": "matrix operating environment",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "7.5.1"
},
{
"_id": null,
"model": "storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"_id": null,
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "79700"
},
{
"_id": null,
"model": "websphere datapower soa appliance",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.1.5"
},
{
"_id": null,
"model": "proventia network security controller 1.0.3350m",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "ip office application server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "9.0"
},
{
"_id": null,
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"_id": null,
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.4"
},
{
"_id": null,
"model": "9.1-releng",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.3"
},
{
"_id": null,
"model": "iq",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5"
},
{
"_id": null,
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "3.0"
},
{
"_id": null,
"model": "security network intrusion prevention system gx7800",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.5"
},
{
"_id": null,
"model": "workcentre r14-11 spar",
"scope": "ne",
"trust": 0.3,
"vendor": "xerox",
"version": "7970072.200.134.32804"
},
{
"_id": null,
"model": "-prerelease",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.8"
},
{
"_id": null,
"model": "security network intrusion prevention system gx4004-v2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.1"
},
{
"_id": null,
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.6"
},
{
"_id": null,
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "75350"
},
{
"_id": null,
"model": "cloudsystem matrix",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.2"
},
{
"_id": null,
"model": "workcentre r14-11 spar",
"scope": "ne",
"trust": 0.3,
"vendor": "xerox",
"version": "7220072.030.134.32804"
},
{
"_id": null,
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.1.1"
},
{
"_id": null,
"model": "communication server 1000m",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.5"
},
{
"_id": null,
"model": "cms r17ac.h",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3"
},
{
"_id": null,
"model": "insight control server deployment",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.2"
},
{
"_id": null,
"model": "communication server 1000e signaling server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.0"
},
{
"_id": null,
"model": "security network intrusion prevention system gx5008",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3"
},
{
"_id": null,
"model": "aura communication manager utility services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"_id": null,
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "10.0"
},
{
"_id": null,
"model": "colorqube r14-11 spar",
"scope": "ne",
"trust": 0.3,
"vendor": "xerox",
"version": "9303072.180.134.32804"
},
{
"_id": null,
"model": "enterprise linux desktop workstation client",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"_id": null,
"model": "security network intrusion prevention system gx6116",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.3.0"
},
{
"_id": null,
"model": "workcentre",
"scope": "ne",
"trust": 0.3,
"vendor": "xerox",
"version": "5735061.132.224.35203"
},
{
"_id": null,
"model": "flex system fc5022 16gb san scalable switch 7.2.0d5",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "3.1"
},
{
"_id": null,
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.3"
},
{
"_id": null,
"model": "icewall mcrp",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "3.0"
},
{
"_id": null,
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "9.2-rc1-p2",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "8.0-rc1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "iq",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.1"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.1.3"
},
{
"_id": null,
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.2"
},
{
"_id": null,
"model": "security network intrusion prevention system gx7800",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.4"
},
{
"_id": null,
"model": "communication server 1000m signaling server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.5"
},
{
"_id": null,
"model": "enterprise linux hpc node",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7"
},
{
"_id": null,
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "8.2"
},
{
"_id": null,
"model": "8.2-release-p2",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "-prerelease",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.9"
},
{
"_id": null,
"model": "upward integration modules for vmware vsphere",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.5.1"
},
{
"_id": null,
"model": "security network intrusion prevention system gx4004",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.5"
},
{
"_id": null,
"model": "proventia network security controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.1768"
},
{
"_id": null,
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.3"
},
{
"_id": null,
"model": "system m5 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x325054580"
},
{
"_id": null,
"model": "-release-p42",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.4"
},
{
"_id": null,
"model": "workcentre r14-11 spar",
"scope": "ne",
"trust": 0.3,
"vendor": "xerox",
"version": "7855072.040.134.32804"
},
{
"_id": null,
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "8.4"
},
{
"_id": null,
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.4"
},
{
"_id": null,
"model": "storage provisioning manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.3"
},
{
"_id": null,
"model": "communication server 1000e",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.5"
},
{
"_id": null,
"model": "workcentre r14-11 spar",
"scope": "ne",
"trust": 0.3,
"vendor": "xerox",
"version": "6655072.060.134.32804"
},
{
"_id": null,
"model": "ssl for openvms",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1.4-476"
},
{
"_id": null,
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "9.1"
},
{
"_id": null,
"model": "6.4-releng",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "project openssl 1.0.1h",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "project openssl 1.0.0a",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "communication server 1000m",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.0"
},
{
"_id": null,
"model": "6.4-release-p5",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "icewall sso dfw r1",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "8.0"
},
{
"_id": null,
"model": "websphere datapower soa appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.07"
}
],
"sources": [
{
"db": "BID",
"id": "69075"
},
{
"db": "CNNVD",
"id": "CNNVD-201408-132"
},
{
"db": "NVD",
"id": "CVE-2014-3508"
}
]
},
"credits": {
"_id": null,
"data": "HP",
"sources": [
{
"db": "PACKETSTORM",
"id": "130868"
},
{
"db": "PACKETSTORM",
"id": "130815"
},
{
"db": "PACKETSTORM",
"id": "127940"
},
{
"db": "PACKETSTORM",
"id": "128248"
},
{
"db": "PACKETSTORM",
"id": "131014"
},
{
"db": "PACKETSTORM",
"id": "132467"
},
{
"db": "PACKETSTORM",
"id": "132085"
},
{
"db": "PACKETSTORM",
"id": "137292"
},
{
"db": "PACKETSTORM",
"id": "137201"
},
{
"db": "PACKETSTORM",
"id": "128131"
},
{
"db": "PACKETSTORM",
"id": "132081"
}
],
"trust": 1.1
},
"cve": "CVE-2014-3508",
"cvss": {
"_id": null,
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CVE-2014-3508",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.1,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2014-3508",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201408-132",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2014-3508",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2014-3508"
},
{
"db": "CNNVD",
"id": "CNNVD-201408-132"
},
{
"db": "NVD",
"id": "CVE-2014-3508"
}
]
},
"description": {
"_id": null,
"data": "The OBJ_obj2txt function in crypto/objects/obj_dat.c in OpenSSL 0.9.8 before 0.9.8zb, 1.0.0 before 1.0.0n, and 1.0.1 before 1.0.1i, when pretty printing is used, does not ensure the presence of \u0027\\0\u0027 characters, which allows context-dependent attackers to obtain sensitive information from process stack memory by reading output from X509_name_oneline, X509_name_print_ex, and unspecified other functions. OpenSSL is prone to an information disclosure vulnerability. \nAn attacker can exploit this issue to gain access to sensitive information that may aid in further attacks. \nThe following versions are vulnerable:\nOpenSSL 0.9.8 versions prior to 0.9.8zb. \nOpenSSL 1.0.0 versions prior to 1.0.0n. \nOpenSSL 1.0.1 versions prior to 1.0.1i. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\nNote: the current version of the following document is available here:\nhttps://h20564.www2.hp.com/portal/site/hpsc/public/kb/\ndocDisplay?docId=emr_na-c04424322\n\nSUPPORT COMMUNICATION - SECURITY BULLETIN\n\nDocument ID: c04424322\nVersion: 1\n\nHPSBGN03099 rev.1 - HP IceWall SSO Dfw, SSO Agent and MCRP running OpenSSL,\nRemote Disclosure of Information\n\nNOTICE: The information in this Security Bulletin should be acted upon as\nsoon as possible. \n\nRelease Date: 2014-09-01\nLast Updated: 2014-09-01\n\nPotential Security Impact: Remote disclosure of information\n\nSource: Hewlett-Packard Company, HP Software Security Response Team\n\nVULNERABILITY SUMMARY\nA potential security vulnerability has been identified with HP IceWall SSO\nDfw, SSO Agent and MCRP running OpenSSL. \n\nHP IceWall SSO Agent Option v8.0, v8.0 2007 Update Release 2, and v10.0\nHP IceWall MCRP v2.1, v3.0\nHP IceWall SSO Dfw v8.0, v8.0 R1, v8.0 R2, v8.0 R3, and v10.0\n\nBACKGROUND\n\nCVSS 2.0 Base Metrics\n===========================================================\n Reference Base Vector Base Score\nCVE-2014-3508 (AV:N/AC:M/Au:N/C:P/I:N/A:N) 4.3\n===========================================================\n Information on CVSS is documented\n in HP Customer Notice: HPSN-2008-002\n\nRESOLUTION\n\nHP recommends the following software update options to resolve this\nvulnerability for HP IceWall SSO Dfw, SSO Agent and MCRP. HP IceWall SSO Agent and MCRP\n\n - OpenSSL patches are available for RHEL:\nhttps://access.redhat.com/security/cve/CVE-2014-3508\n\n - OpenSSL patches are available for HP-UX. \n\n Please refer to HP Security Bulletin HPSBUX03095: https://h20564.www2.h\np.com/portal/site/hpsc/public/kb/docDisplay/?docId=emr_na-c04404655\n\n 2. HP IceWall SSO Dfw\n\n Updated OpenSSL is available for the HP IceWall SSO Dfw Bundle:\nhttp://www.hp.com/jp/icewall/_patchaccess\n\nHP recommends the following mitigation information to protect against\npotential risk for the following HP IceWall products. \n\n HP IceWall SSO Dfw and MCRP\n\n If possible, do not use SHOST setting which allows IceWall SSO Dfw or\nMCRP to use SSL/TLS for back-end web server connection. \n\n HP IceWall SSO Dfw\n\n If possible, do not use SHOST and set CC_DECODE_FLG to 0 which will\ndisable certificate decode by HP IceWall SSO Dfw . \n\nNote: The HP IceWall product is only available in Japan. \n\nHISTORY\nVersion:1 (rev.1) - 2 September 2014 Initial release\n\nThird Party Security Patches: Third party security patches that are to be\ninstalled on systems running HP software products should be applied in\naccordance with the customer\u0027s patch management policy. \n\nSupport: For issues about implementing the recommendations of this Security\nBulletin, contact normal HP Services support channel. For other issues about\nthe content of this Security Bulletin, send e-mail to security-alert@hp.com. \n\nReport: To report a potential security vulnerability with any HP supported\nproduct, send Email to: security-alert@hp.com\n\nSubscribe: To initiate a subscription to receive future HP Security Bulletin\nalerts via Email:\nhttp://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins\n\nSecurity Bulletin Archive: A list of recently released Security Bulletins is\navailable here:\nhttps://h20564.www2.hp.com/portal/site/hpsc/public/kb/secBullArchive/\n\nSoftware Product Category: The Software Product Category is represented in\nthe title by the two characters following HPSB. \n\n3C = 3COM\n3P = 3rd Party Software\nGN = HP General Software\nHF = HP Hardware and Firmware\nMP = MPE/iX\nMU = Multi-Platform Software\nNS = NonStop Servers\nOV = OpenVMS\nPI = Printing and Imaging\nPV = ProCurve\nST = Storage Software\nTU = Tru64 UNIX\nUX = HP-UX\n\nCopyright 2014 Hewlett-Packard Development Company, L.P. \nHewlett-Packard Company shall not be liable for technical or editorial errors\nor omissions contained herein. The information provided is provided \"as is\"\nwithout warranty of any kind. To the extent permitted by law, neither HP or\nits affiliates, subcontractors or suppliers will be liable for\nincidental,special or consequential damages including downtime cost; lost\nprofits; damages relating to the procurement of substitute products or\nservices; or damages for loss of data, or software restoration. The\ninformation in this document is subject to change without notice. \nHewlett-Packard Company and the names of Hewlett-Packard products referenced\nherein are trademarks of Hewlett-Packard Company in the United States and\nother countries. Other product and company names mentioned herein may be\ntrademarks of their respective owners. ============================================================================\nUbuntu Security Notice USN-2308-1\nAugust 07, 2014\n\nopenssl vulnerabilities\n============================================================================\n\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 14.04 LTS\n- Ubuntu 12.04 LTS\n- Ubuntu 10.04 LTS\n\nSummary:\n\nSeveral security issues were fixed in OpenSSL. This issue\nonly affected Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. This issue\nonly affected Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. This issue only affected Ubuntu 12.04 LTS\nand Ubuntu 14.04 LTS. This issue only affected Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. This issue only affected Ubuntu 12.04 LTS and\nUbuntu 14.04 LTS. (CVE-2014-5139)\n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 14.04 LTS:\n libssl1.0.0 1.0.1f-1ubuntu2.5\n\nUbuntu 12.04 LTS:\n libssl1.0.0 1.0.1-4ubuntu5.17\n\nUbuntu 10.04 LTS:\n libssl0.9.8 0.9.8k-7ubuntu8.20\n\nAfter a standard system update you need to reboot your computer to make\nall the necessary changes. These vulnerabilities could be exploited remotely to create a Denial\nof Service (DoS), allow unauthorized access. The\nupdates are available from https://h20392.www2.hp.com/portal/swdepot/displayP\nroductInfo.do?productNumber=OPENSSL11I\n\nHP-UX Release\n HP-UX OpenSSL version\n\nB.11.11 (11i v1)\n OpenSSL_A.00.09.08zb.001_HP-UX_B.11.11_32_64.depot\n\nB.11.23 (11i v2)\n OpenSSL_A.00.09.08zb.002_HP-UX_B.11.23_IA-PA.depot\n\nB.11.31 (11i v3)\n OpenSSL_A.00.09.08zb.003_HP-UX_B.11.31_IA-PA.depot\n\nMANUAL ACTIONS: Yes - Update\n\nInstall OpenSSL A.00.09.08zb or subsequent\n\nPRODUCT SPECIFIC INFORMATION\n\nHP-UX Software Assistant: HP-UX Software Assistant is an enhanced application\nthat replaces HP-UX Security Patch Check. It analyzes all Security Bulletins\nissued by HP and lists recommended actions that may apply to a specific HP-UX\nsystem. It can also download patches and create a depot automatically. For\nmore information see: https://www.hp.com/go/swa\n\nThe following text is for use by the HP-UX Software Assistant. The HP Matrix\nOperating Environment v7.2.3 Update kit applicable to HP Matrix Operating\nEnvironment 7.2.x installations is available at the following location:\n\nhttps://h20392.www2.hp.com/portal/swdepot/displayProductInfo.do?productNumber\n=HPID\n\nNOTE: Please read the readme.txt file before proceeding with the\ninstallation. OpenSSL Security Advisory [6 Aug 2014]\n========================================\n\nInformation leak in pretty printing functions (CVE-2014-3508)\n=============================================================\n\nA flaw in OBJ_obj2txt may cause pretty printing functions such as\nX509_name_oneline, X509_name_print_ex et al. to leak some information from the\nstack. Applications may be affected if they echo pretty printing output to the\nattacker. OpenSSL SSL/TLS clients and servers themselves are not affected. \n\nThanks to Ivan Fratric (Google) for discovering this issue. This issue\nwas reported to OpenSSL on 19th June 2014. \n\nThe fix was developed by Emilia K\u00e4sper and Stephen Henson of the OpenSSL\ndevelopment team. This can\nbe exploited through a Denial of Service attack. \n\nOpenSSL 1.0.1 SSL/TLS client users should upgrade to 1.0.1i. \n\nThanks to Joonas Kuorilehto and Riku Hietam\u00e4ki (Codenomicon) for discovering and\nresearching this issue. This issue was reported to OpenSSL on 2nd July 2014. \n\nThe fix was developed by Stephen Henson of the OpenSSL core team. \n\nOpenSSL 1.0.0 SSL/TLS client users should upgrade to 1.0.0n. \nOpenSSL 1.0.1 SSL/TLS client users should upgrade to 1.0.1i. \n\nThanks to Gabor Tyukasz (LogMeIn Inc) for discovering and researching this\nissue. This issue was reported to OpenSSL on 8th July 2014. \n\nThe fix was developed by Gabor Tyukasz. \n\n\nDouble Free when processing DTLS packets (CVE-2014-3505)\n========================================================\n\nAn attacker can force an error condition which causes openssl to crash whilst\nprocessing DTLS packets due to memory being freed twice. This can be exploited\nthrough a Denial of Service attack. \n\nThanks to Adam Langley and Wan-Teh Chang (Google) for discovering and\nresearching this issue. This issue was reported to OpenSSL on 6th June\n2014. \n\nThe fix was developed by Adam Langley. This can be exploited through a Denial of\nService attack. \n\nThanks to Adam Langley (Google) for discovering and researching this\nissue. This issue was reported to OpenSSL on 6th June 2014. \n\nThe fix was developed by Adam Langley. This can be exploited through a Denial of Service attack. \n\nThanks to Adam Langley (Google) for discovering and researching this\nissue. This issue was reported to OpenSSL on 6th June 2014. \n\nThe fix was developed by Adam Langley. \n\nOpenSSL DTLS anonymous EC(DH) denial of service (CVE-2014-3510)\n===============================================================\n\nOpenSSL DTLS clients enabling anonymous (EC)DH ciphersuites are subject to a\ndenial of service attack. A malicious server can crash the client with a null\npointer dereference (read) by specifying an anonymous (EC)DH ciphersuite and\nsending carefully crafted handshake messages. \n\nOpenSSL 0.9.8 DTLS client users should upgrade to 0.9.8zb\nOpenSSL 1.0.0 DTLS client users should upgrade to 1.0.0n. \nOpenSSL 1.0.1 DTLS client users should upgrade to 1.0.1i. \n\nThanks to Felix Gr\u00f6bert (Google) for discovering and researching this issue. \nThis issue was reported to OpenSSL on 18th July 2014. \n\nThe fix was developed by Emilia K\u00e4sper of the OpenSSL development team. \n\nOpenSSL 1.0.1 SSL/TLS server users should upgrade to 1.0.1i. \n\nThanks to David Benjamin and Adam Langley (Google) for discovering and\nresearching this issue. This issue was reported to OpenSSL on 21st July 2014. \n\nThe fix was developed by David Benjamin. \n\n\nSRP buffer overrun (CVE-2014-3512)\n==================================\n\nA malicious client or server can send invalid SRP parameters and overrun\nan internal buffer. Only applications which are explicitly set up for SRP\nuse are affected. \n\nThanks to Sean Devlin and Watson Ladd (Cryptography Services, NCC\nGroup) for discovering this issue. This issue was reported to OpenSSL\non 31st July 2014. \n\nThe fix was developed by Stephen Henson of the OpenSSL core team. \n\n\nReferences\n==========\n\nURL for this Security Advisory:\nhttps://www.openssl.org/news/secadv_20140806.txt\n\nNote: the online version of the advisory may be updated with additional\ndetails over time. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=====================================================================\n Red Hat Security Advisory\n\nSynopsis: Moderate: openssl security update\nAdvisory ID: RHSA-2014:1052-01\nProduct: Red Hat Enterprise Linux\nAdvisory URL: https://rhn.redhat.com/errata/RHSA-2014-1052.html\nIssue date: 2014-08-13\nCVE Names: CVE-2014-3505 CVE-2014-3506 CVE-2014-3507 \n CVE-2014-3508 CVE-2014-3509 CVE-2014-3510 \n CVE-2014-3511 \n=====================================================================\n\n1. Summary:\n\nUpdated openssl packages that fix multiple security issues are now\navailable for Red Hat Enterprise Linux 6 and 7. \n\nRed Hat Product Security has rated this update as having Moderate security\nimpact. Common Vulnerability Scoring System (CVSS) base scores, which give\ndetailed severity ratings, are available for each vulnerability from the\nCVE links in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux Client (v. 7) - x86_64\nRed Hat Enterprise Linux Client Optional (v. 7) - x86_64\nRed Hat Enterprise Linux ComputeNode (v. 7) - x86_64\nRed Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64\nRed Hat Enterprise Linux Desktop (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Desktop Optional (v. 6) - i386, x86_64\nRed Hat Enterprise Linux HPC Node (v. 6) - x86_64\nRed Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64\nRed Hat Enterprise Linux Server (v. 6) - i386, ppc64, s390x, x86_64\nRed Hat Enterprise Linux Server (v. 7) - ppc64, s390x, x86_64\nRed Hat Enterprise Linux Server Optional (v. 6) - i386, ppc64, s390x, x86_64\nRed Hat Enterprise Linux Server Optional (v. 7) - ppc64, s390x, x86_64\nRed Hat Enterprise Linux Workstation (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Workstation (v. 7) - x86_64\nRed Hat Enterprise Linux Workstation Optional (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Workstation Optional (v. 7) - x86_64\n\n3. Description:\n\nOpenSSL is a toolkit that implements the Secure Sockets Layer (SSL),\nTransport Layer Security (TLS), and Datagram Transport Layer Security\n(DTLS) protocols, as well as a full-strength, general purpose cryptography\nlibrary. \n\nA race condition was found in the way OpenSSL handled ServerHello messages\nwith an included Supported EC Point Format extension. A malicious server\ncould possibly use this flaw to cause a multi-threaded TLS/SSL client using\nOpenSSL to write into freed memory, causing the client to crash or execute\narbitrary code. (CVE-2014-3509)\n\nIt was discovered that the OBJ_obj2txt() function could fail to properly\nNUL-terminate its output. This could possibly cause an application using\nOpenSSL functions to format fields of X.509 certificates to disclose\nportions of its memory. (CVE-2014-3508)\n\nA flaw was found in the way OpenSSL handled fragmented handshake packets. \nA man-in-the-middle attacker could use this flaw to force a TLS/SSL server\nusing OpenSSL to use TLS 1.0, even if both the client and the server\nsupported newer protocol versions. (CVE-2014-3511)\n\nMultiple flaws were discovered in the way OpenSSL handled DTLS packets. \nA remote attacker could use these flaws to cause a DTLS server or client\nusing OpenSSL to crash or use excessive amounts of memory. (CVE-2014-3505,\nCVE-2014-3506, CVE-2014-3507)\n\nA NULL pointer dereference flaw was found in the way OpenSSL performed a\nhandshake when using the anonymous Diffie-Hellman (DH) key exchange. A\nmalicious server could cause a DTLS client using OpenSSL to crash if that\nclient had anonymous DH cipher suites enabled. (CVE-2014-3510)\n\nAll OpenSSL users are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues. For the update to take\neffect, all services linked to the OpenSSL library (such as httpd and other\nSSL-enabled services) must be restarted or the system rebooted. \n\n4. Solution:\n\nBefore applying this update, make sure all previously released errata\nrelevant to your system have been applied. \n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/articles/11258\n\n5. Bugs fixed (https://bugzilla.redhat.com/):\n\n1127490 - CVE-2014-3508 openssl: information leak in pretty printing functions\n1127498 - CVE-2014-3509 openssl: race condition in ssl_parse_serverhello_tlsext\n1127499 - CVE-2014-3505 openssl: DTLS packet processing double free\n1127500 - CVE-2014-3506 openssl: DTLS memory exhaustion\n1127502 - CVE-2014-3507 openssl: DTLS memory leak from zero-length fragments\n1127503 - CVE-2014-3510 openssl: DTLS anonymous (EC)DH denial of service\n1127504 - CVE-2014-3511 openssl: TLS protocol downgrade attack\n\n6. Package List:\n\nRed Hat Enterprise Linux Desktop (v. 6):\n\nSource:\nopenssl-1.0.1e-16.el6_5.15.src.rpm\n\ni386:\nopenssl-1.0.1e-16.el6_5.15.i686.rpm\nopenssl-debuginfo-1.0.1e-16.el6_5.15.i686.rpm\n\nx86_64:\nopenssl-1.0.1e-16.el6_5.15.i686.rpm\nopenssl-1.0.1e-16.el6_5.15.x86_64.rpm\nopenssl-debuginfo-1.0.1e-16.el6_5.15.i686.rpm\nopenssl-debuginfo-1.0.1e-16.el6_5.15.x86_64.rpm\n\nRed Hat Enterprise Linux Desktop Optional (v. 6):\n\nSource:\nopenssl-1.0.1e-16.el6_5.15.src.rpm\n\ni386:\nopenssl-debuginfo-1.0.1e-16.el6_5.15.i686.rpm\nopenssl-devel-1.0.1e-16.el6_5.15.i686.rpm\nopenssl-perl-1.0.1e-16.el6_5.15.i686.rpm\nopenssl-static-1.0.1e-16.el6_5.15.i686.rpm\n\nx86_64:\nopenssl-debuginfo-1.0.1e-16.el6_5.15.i686.rpm\nopenssl-debuginfo-1.0.1e-16.el6_5.15.x86_64.rpm\nopenssl-devel-1.0.1e-16.el6_5.15.i686.rpm\nopenssl-devel-1.0.1e-16.el6_5.15.x86_64.rpm\nopenssl-perl-1.0.1e-16.el6_5.15.x86_64.rpm\nopenssl-static-1.0.1e-16.el6_5.15.x86_64.rpm\n\nRed Hat Enterprise Linux HPC Node (v. 6):\n\nSource:\nopenssl-1.0.1e-16.el6_5.15.src.rpm\n\nx86_64:\nopenssl-1.0.1e-16.el6_5.15.i686.rpm\nopenssl-1.0.1e-16.el6_5.15.x86_64.rpm\nopenssl-debuginfo-1.0.1e-16.el6_5.15.i686.rpm\nopenssl-debuginfo-1.0.1e-16.el6_5.15.x86_64.rpm\n\nRed Hat Enterprise Linux HPC Node Optional (v. 6):\n\nSource:\nopenssl-1.0.1e-16.el6_5.15.src.rpm\n\nx86_64:\nopenssl-debuginfo-1.0.1e-16.el6_5.15.i686.rpm\nopenssl-debuginfo-1.0.1e-16.el6_5.15.x86_64.rpm\nopenssl-devel-1.0.1e-16.el6_5.15.i686.rpm\nopenssl-devel-1.0.1e-16.el6_5.15.x86_64.rpm\nopenssl-perl-1.0.1e-16.el6_5.15.x86_64.rpm\nopenssl-static-1.0.1e-16.el6_5.15.x86_64.rpm\n\nRed Hat Enterprise Linux Server (v. 6):\n\nSource:\nopenssl-1.0.1e-16.el6_5.15.src.rpm\n\ni386:\nopenssl-1.0.1e-16.el6_5.15.i686.rpm\nopenssl-debuginfo-1.0.1e-16.el6_5.15.i686.rpm\nopenssl-devel-1.0.1e-16.el6_5.15.i686.rpm\n\nppc64:\nopenssl-1.0.1e-16.el6_5.15.ppc.rpm\nopenssl-1.0.1e-16.el6_5.15.ppc64.rpm\nopenssl-debuginfo-1.0.1e-16.el6_5.15.ppc.rpm\nopenssl-debuginfo-1.0.1e-16.el6_5.15.ppc64.rpm\nopenssl-devel-1.0.1e-16.el6_5.15.ppc.rpm\nopenssl-devel-1.0.1e-16.el6_5.15.ppc64.rpm\n\ns390x:\nopenssl-1.0.1e-16.el6_5.15.s390.rpm\nopenssl-1.0.1e-16.el6_5.15.s390x.rpm\nopenssl-debuginfo-1.0.1e-16.el6_5.15.s390.rpm\nopenssl-debuginfo-1.0.1e-16.el6_5.15.s390x.rpm\nopenssl-devel-1.0.1e-16.el6_5.15.s390.rpm\nopenssl-devel-1.0.1e-16.el6_5.15.s390x.rpm\n\nx86_64:\nopenssl-1.0.1e-16.el6_5.15.i686.rpm\nopenssl-1.0.1e-16.el6_5.15.x86_64.rpm\nopenssl-debuginfo-1.0.1e-16.el6_5.15.i686.rpm\nopenssl-debuginfo-1.0.1e-16.el6_5.15.x86_64.rpm\nopenssl-devel-1.0.1e-16.el6_5.15.i686.rpm\nopenssl-devel-1.0.1e-16.el6_5.15.x86_64.rpm\n\nRed Hat Enterprise Linux Server Optional (v. 6):\n\nSource:\nopenssl-1.0.1e-16.el6_5.15.src.rpm\n\ni386:\nopenssl-debuginfo-1.0.1e-16.el6_5.15.i686.rpm\nopenssl-perl-1.0.1e-16.el6_5.15.i686.rpm\nopenssl-static-1.0.1e-16.el6_5.15.i686.rpm\n\nppc64:\nopenssl-debuginfo-1.0.1e-16.el6_5.15.ppc64.rpm\nopenssl-perl-1.0.1e-16.el6_5.15.ppc64.rpm\nopenssl-static-1.0.1e-16.el6_5.15.ppc64.rpm\n\ns390x:\nopenssl-debuginfo-1.0.1e-16.el6_5.15.s390x.rpm\nopenssl-perl-1.0.1e-16.el6_5.15.s390x.rpm\nopenssl-static-1.0.1e-16.el6_5.15.s390x.rpm\n\nx86_64:\nopenssl-debuginfo-1.0.1e-16.el6_5.15.x86_64.rpm\nopenssl-perl-1.0.1e-16.el6_5.15.x86_64.rpm\nopenssl-static-1.0.1e-16.el6_5.15.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation (v. 6):\n\nSource:\nopenssl-1.0.1e-16.el6_5.15.src.rpm\n\ni386:\nopenssl-1.0.1e-16.el6_5.15.i686.rpm\nopenssl-debuginfo-1.0.1e-16.el6_5.15.i686.rpm\nopenssl-devel-1.0.1e-16.el6_5.15.i686.rpm\n\nx86_64:\nopenssl-1.0.1e-16.el6_5.15.i686.rpm\nopenssl-1.0.1e-16.el6_5.15.x86_64.rpm\nopenssl-debuginfo-1.0.1e-16.el6_5.15.i686.rpm\nopenssl-debuginfo-1.0.1e-16.el6_5.15.x86_64.rpm\nopenssl-devel-1.0.1e-16.el6_5.15.i686.rpm\nopenssl-devel-1.0.1e-16.el6_5.15.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation Optional (v. 6):\n\nSource:\nopenssl-1.0.1e-16.el6_5.15.src.rpm\n\ni386:\nopenssl-debuginfo-1.0.1e-16.el6_5.15.i686.rpm\nopenssl-perl-1.0.1e-16.el6_5.15.i686.rpm\nopenssl-static-1.0.1e-16.el6_5.15.i686.rpm\n\nx86_64:\nopenssl-debuginfo-1.0.1e-16.el6_5.15.x86_64.rpm\nopenssl-perl-1.0.1e-16.el6_5.15.x86_64.rpm\nopenssl-static-1.0.1e-16.el6_5.15.x86_64.rpm\n\nRed Hat Enterprise Linux Client (v. 7):\n\nSource:\nopenssl-1.0.1e-34.el7_0.4.src.rpm\n\nx86_64:\nopenssl-1.0.1e-34.el7_0.4.x86_64.rpm\nopenssl-debuginfo-1.0.1e-34.el7_0.4.i686.rpm\nopenssl-debuginfo-1.0.1e-34.el7_0.4.x86_64.rpm\nopenssl-libs-1.0.1e-34.el7_0.4.i686.rpm\nopenssl-libs-1.0.1e-34.el7_0.4.x86_64.rpm\n\nRed Hat Enterprise Linux Client Optional (v. 7):\n\nx86_64:\nopenssl-debuginfo-1.0.1e-34.el7_0.4.i686.rpm\nopenssl-debuginfo-1.0.1e-34.el7_0.4.x86_64.rpm\nopenssl-devel-1.0.1e-34.el7_0.4.i686.rpm\nopenssl-devel-1.0.1e-34.el7_0.4.x86_64.rpm\nopenssl-perl-1.0.1e-34.el7_0.4.x86_64.rpm\nopenssl-static-1.0.1e-34.el7_0.4.i686.rpm\nopenssl-static-1.0.1e-34.el7_0.4.x86_64.rpm\n\nRed Hat Enterprise Linux ComputeNode (v. 7):\n\nSource:\nopenssl-1.0.1e-34.el7_0.4.src.rpm\n\nx86_64:\nopenssl-1.0.1e-34.el7_0.4.x86_64.rpm\nopenssl-debuginfo-1.0.1e-34.el7_0.4.i686.rpm\nopenssl-debuginfo-1.0.1e-34.el7_0.4.x86_64.rpm\nopenssl-libs-1.0.1e-34.el7_0.4.i686.rpm\nopenssl-libs-1.0.1e-34.el7_0.4.x86_64.rpm\n\nRed Hat Enterprise Linux ComputeNode Optional (v. 7):\n\nx86_64:\nopenssl-debuginfo-1.0.1e-34.el7_0.4.i686.rpm\nopenssl-debuginfo-1.0.1e-34.el7_0.4.x86_64.rpm\nopenssl-devel-1.0.1e-34.el7_0.4.i686.rpm\nopenssl-devel-1.0.1e-34.el7_0.4.x86_64.rpm\nopenssl-perl-1.0.1e-34.el7_0.4.x86_64.rpm\nopenssl-static-1.0.1e-34.el7_0.4.i686.rpm\nopenssl-static-1.0.1e-34.el7_0.4.x86_64.rpm\n\nRed Hat Enterprise Linux Server (v. 7):\n\nSource:\nopenssl-1.0.1e-34.el7_0.4.src.rpm\n\nppc64:\nopenssl-1.0.1e-34.el7_0.4.ppc64.rpm\nopenssl-debuginfo-1.0.1e-34.el7_0.4.ppc.rpm\nopenssl-debuginfo-1.0.1e-34.el7_0.4.ppc64.rpm\nopenssl-devel-1.0.1e-34.el7_0.4.ppc.rpm\nopenssl-devel-1.0.1e-34.el7_0.4.ppc64.rpm\nopenssl-libs-1.0.1e-34.el7_0.4.ppc.rpm\nopenssl-libs-1.0.1e-34.el7_0.4.ppc64.rpm\n\ns390x:\nopenssl-1.0.1e-34.el7_0.4.s390x.rpm\nopenssl-debuginfo-1.0.1e-34.el7_0.4.s390.rpm\nopenssl-debuginfo-1.0.1e-34.el7_0.4.s390x.rpm\nopenssl-devel-1.0.1e-34.el7_0.4.s390.rpm\nopenssl-devel-1.0.1e-34.el7_0.4.s390x.rpm\nopenssl-libs-1.0.1e-34.el7_0.4.s390.rpm\nopenssl-libs-1.0.1e-34.el7_0.4.s390x.rpm\n\nx86_64:\nopenssl-1.0.1e-34.el7_0.4.x86_64.rpm\nopenssl-debuginfo-1.0.1e-34.el7_0.4.i686.rpm\nopenssl-debuginfo-1.0.1e-34.el7_0.4.x86_64.rpm\nopenssl-devel-1.0.1e-34.el7_0.4.i686.rpm\nopenssl-devel-1.0.1e-34.el7_0.4.x86_64.rpm\nopenssl-libs-1.0.1e-34.el7_0.4.i686.rpm\nopenssl-libs-1.0.1e-34.el7_0.4.x86_64.rpm\n\nRed Hat Enterprise Linux Server Optional (v. 7):\n\nppc64:\nopenssl-debuginfo-1.0.1e-34.el7_0.4.ppc.rpm\nopenssl-debuginfo-1.0.1e-34.el7_0.4.ppc64.rpm\nopenssl-perl-1.0.1e-34.el7_0.4.ppc64.rpm\nopenssl-static-1.0.1e-34.el7_0.4.ppc.rpm\nopenssl-static-1.0.1e-34.el7_0.4.ppc64.rpm\n\ns390x:\nopenssl-debuginfo-1.0.1e-34.el7_0.4.s390.rpm\nopenssl-debuginfo-1.0.1e-34.el7_0.4.s390x.rpm\nopenssl-perl-1.0.1e-34.el7_0.4.s390x.rpm\nopenssl-static-1.0.1e-34.el7_0.4.s390.rpm\nopenssl-static-1.0.1e-34.el7_0.4.s390x.rpm\n\nx86_64:\nopenssl-debuginfo-1.0.1e-34.el7_0.4.i686.rpm\nopenssl-debuginfo-1.0.1e-34.el7_0.4.x86_64.rpm\nopenssl-perl-1.0.1e-34.el7_0.4.x86_64.rpm\nopenssl-static-1.0.1e-34.el7_0.4.i686.rpm\nopenssl-static-1.0.1e-34.el7_0.4.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation (v. 7):\n\nSource:\nopenssl-1.0.1e-34.el7_0.4.src.rpm\n\nx86_64:\nopenssl-1.0.1e-34.el7_0.4.x86_64.rpm\nopenssl-debuginfo-1.0.1e-34.el7_0.4.i686.rpm\nopenssl-debuginfo-1.0.1e-34.el7_0.4.x86_64.rpm\nopenssl-devel-1.0.1e-34.el7_0.4.i686.rpm\nopenssl-devel-1.0.1e-34.el7_0.4.x86_64.rpm\nopenssl-libs-1.0.1e-34.el7_0.4.i686.rpm\nopenssl-libs-1.0.1e-34.el7_0.4.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation Optional (v. 7):\n\nx86_64:\nopenssl-debuginfo-1.0.1e-34.el7_0.4.i686.rpm\nopenssl-debuginfo-1.0.1e-34.el7_0.4.x86_64.rpm\nopenssl-perl-1.0.1e-34.el7_0.4.x86_64.rpm\nopenssl-static-1.0.1e-34.el7_0.4.i686.rpm\nopenssl-static-1.0.1e-34.el7_0.4.x86_64.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/#package\n\n7. References:\n\nhttps://www.redhat.com/security/data/cve/CVE-2014-3505.html\nhttps://www.redhat.com/security/data/cve/CVE-2014-3506.html\nhttps://www.redhat.com/security/data/cve/CVE-2014-3507.html\nhttps://www.redhat.com/security/data/cve/CVE-2014-3508.html\nhttps://www.redhat.com/security/data/cve/CVE-2014-3509.html\nhttps://www.redhat.com/security/data/cve/CVE-2014-3510.html\nhttps://www.redhat.com/security/data/cve/CVE-2014-3511.html\nhttps://access.redhat.com/security/updates/classification/#moderate\nhttps://www.openssl.org/news/secadv_20140806.txt\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2014 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niD8DBQFT69raXlSAg2UNWIIRAiQAAKCbp6Iou4mHuootBfgs0jm7zP/wWACgt50C\npHXxupQnHYYH+zJFOmk5u8o=\n=DwUW\n-----END PGP SIGNATURE-----\n\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2014-3508"
},
{
"db": "BID",
"id": "69075"
},
{
"db": "PACKETSTORM",
"id": "132081"
},
{
"db": "PACKETSTORM",
"id": "128131"
},
{
"db": "PACKETSTORM",
"id": "137201"
},
{
"db": "PACKETSTORM",
"id": "137292"
},
{
"db": "PACKETSTORM",
"id": "127790"
},
{
"db": "PACKETSTORM",
"id": "132085"
},
{
"db": "PACKETSTORM",
"id": "127869"
},
{
"db": "VULMON",
"id": "CVE-2014-3508"
},
{
"db": "PACKETSTORM",
"id": "132467"
},
{
"db": "PACKETSTORM",
"id": "131014"
},
{
"db": "PACKETSTORM",
"id": "128248"
},
{
"db": "PACKETSTORM",
"id": "127940"
},
{
"db": "PACKETSTORM",
"id": "130815"
},
{
"db": "PACKETSTORM",
"id": "130868"
},
{
"db": "PACKETSTORM",
"id": "169648"
},
{
"db": "PACKETSTORM",
"id": "127861"
}
],
"trust": 2.61
},
"external_ids": {
"_id": null,
"data": [
{
"db": "NVD",
"id": "CVE-2014-3508",
"trust": 3.5
},
{
"db": "BID",
"id": "69075",
"trust": 1.4
},
{
"db": "SECUNIA",
"id": "59700",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "61100",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "60803",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "59710",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "60410",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "61214",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "60917",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "61017",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "59221",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "60921",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "60221",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "60022",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "60824",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "60938",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "59743",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "61250",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "59756",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "61959",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "60861",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "58962",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "61171",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "61775",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "60778",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "60684",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "61184",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "60687",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "61392",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "60493",
"trust": 1.1
},
{
"db": "SECTRACK",
"id": "1030693",
"trust": 1.1
},
{
"db": "TENABLE",
"id": "TNS-2014-06",
"trust": 1.1
},
{
"db": "AUSCERT",
"id": "ESB-2022.0696",
"trust": 0.6
},
{
"db": "LENOVO",
"id": "LEN-24443",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201408-132",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2014-3508",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "169648",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "130868",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "130815",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "127940",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "128248",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "131014",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "132467",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "127861",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "127869",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "132085",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "127790",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "137292",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "137201",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "128131",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "132081",
"trust": 0.1
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2014-3508"
},
{
"db": "BID",
"id": "69075"
},
{
"db": "PACKETSTORM",
"id": "169648"
},
{
"db": "PACKETSTORM",
"id": "130868"
},
{
"db": "PACKETSTORM",
"id": "130815"
},
{
"db": "PACKETSTORM",
"id": "127940"
},
{
"db": "PACKETSTORM",
"id": "128248"
},
{
"db": "PACKETSTORM",
"id": "131014"
},
{
"db": "PACKETSTORM",
"id": "132467"
},
{
"db": "PACKETSTORM",
"id": "127861"
},
{
"db": "PACKETSTORM",
"id": "127869"
},
{
"db": "PACKETSTORM",
"id": "132085"
},
{
"db": "PACKETSTORM",
"id": "127790"
},
{
"db": "PACKETSTORM",
"id": "137292"
},
{
"db": "PACKETSTORM",
"id": "137201"
},
{
"db": "PACKETSTORM",
"id": "128131"
},
{
"db": "PACKETSTORM",
"id": "132081"
},
{
"db": "CNNVD",
"id": "CNNVD-201408-132"
},
{
"db": "NVD",
"id": "CVE-2014-3508"
}
]
},
"id": "VAR-201408-0090",
"iot": {
"_id": null,
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.38333333
},
"last_update_date": "2026-04-10T22:25:17.543000Z",
"patch": {
"_id": null,
"data": [
{
"title": "openssl-0.9.8zb",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=51694"
},
{
"title": "openssl-1.0.1i",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=51696"
},
{
"title": "openssl-1.0.0n",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=51695"
},
{
"title": "Ubuntu Security Notice: openssl vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-2308-1"
},
{
"title": "Debian Security Advisories: DSA-2998-1 openssl -- security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=bfd576c692d8814b2a331baf29ad367c"
},
{
"title": "Amazon Linux AMI: ALAS-2014-391",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami\u0026qid=ALAS-2014-391"
},
{
"title": "Symantec Security Advisories: SA85 : OpenSSL Security Advisory 06-Aug-2014",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=symantec_security_advisories\u0026qid=02a206cf2efb06aecdaf29aeca851b55"
},
{
"title": "Citrix Security Bulletins: Multiple Security Vulnerabilities in Citrix NetScaler Platform IPMI Lights Out Management (LOM) firmware",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=citrix_security_bulletins\u0026qid=eb059834b7f24e2562bcf592b6d0afbc"
},
{
"title": "BinSeeker",
"trust": 0.1,
"url": "https://github.com/buptsseGJ/BinSeeker "
},
{
"title": "oval",
"trust": 0.1,
"url": "https://github.com/jumanjihouse/oval "
},
{
"title": "wormhole",
"trust": 0.1,
"url": "https://github.com/jumanjihouse/wormhole "
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2014-3508"
},
{
"db": "CNNVD",
"id": "CNNVD-201408-132"
}
]
},
"problemtype_data": {
"_id": null,
"data": [
{
"problemtype": "CWE-200",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2014-3508"
}
]
},
"references": {
"_id": null,
"data": [
{
"trust": 1.7,
"url": "https://www.openssl.org/news/secadv_20140806.txt"
},
{
"trust": 1.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-3508"
},
{
"trust": 1.4,
"url": "http://rhn.redhat.com/errata/rhsa-2014-1256.html"
},
{
"trust": 1.4,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686997"
},
{
"trust": 1.4,
"url": "https://support.citrix.com/article/ctx216642"
},
{
"trust": 1.4,
"url": "https://www.freebsd.org/security/advisories/freebsd-sa-14:18.openssl.asc"
},
{
"trust": 1.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-3511"
},
{
"trust": 1.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-3509"
},
{
"trust": 1.1,
"url": "ftp://ftp.netbsd.org/pub/netbsd/security/advisories/netbsd-sa2014-008.txt.asc"
},
{
"trust": 1.1,
"url": "http://aix.software.ibm.com/aix/efixes/security/openssl_advisory10.asc"
},
{
"trust": 1.1,
"url": "http://linux.oracle.com/errata/elsa-2014-1052.html"
},
{
"trust": 1.1,
"url": "http://linux.oracle.com/errata/elsa-2014-1053.html"
},
{
"trust": 1.1,
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-august/136470.html"
},
{
"trust": 1.1,
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-august/136473.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00027.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00011.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-updates/2014-08/msg00036.html"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=140853041709441\u0026w=2"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=140973896703549\u0026w=2"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=141077370928502\u0026w=2"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=142495837901899\u0026w=2"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=142624590206005\u0026w=2"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=142660345230545\u0026w=2"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=142791032306609\u0026w=2"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=143290437727362\u0026w=2"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=143290522027658\u0026w=2"
},
{
"trust": 1.1,
"url": "http://rhn.redhat.com/errata/rhsa-2014-1297.html"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/58962"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/59221"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/59700"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/59710"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/59743"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/59756"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/60022"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/60221"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/60410"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/60493"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/60684"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/60687"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/60778"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/60803"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/60824"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/60861"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/60917"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/60921"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/60938"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/61017"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/61100"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/61171"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/61184"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/61214"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/61250"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/61392"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/61775"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/61959"
},
{
"trust": 1.1,
"url": "http://support.f5.com/kb/en-us/solutions/public/15000/500/sol15571.html"
},
{
"trust": 1.1,
"url": "http://www.debian.org/security/2014/dsa-2998"
},
{
"trust": 1.1,
"url": "http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-372998.htm"
},
{
"trust": 1.1,
"url": "http://www.mandriva.com/security/advisories?name=mdvsa-2014:158"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/bid/69075"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1030693"
},
{
"trust": 1.1,
"url": "http://www.tenable.com/security/tns-2014-06"
},
{
"trust": 1.1,
"url": "http://www-01.ibm.com/support/docview.wss?uid=nas8n1020240"
},
{
"trust": 1.1,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21681752"
},
{
"trust": 1.1,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21682293"
},
{
"trust": 1.1,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21683389"
},
{
"trust": 1.1,
"url": "https://blogs.oracle.com/sunsecurity/entry/cve_2014_3508_information_disclosure"
},
{
"trust": 1.1,
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1127490"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95165"
},
{
"trust": 1.1,
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c05150888"
},
{
"trust": 1.1,
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c05158380"
},
{
"trust": 1.1,
"url": "https://lists.balabit.hu/pipermail/syslog-ng-announce/2014-september/000196.html"
},
{
"trust": 1.0,
"url": "https://git.openssl.org/gitweb/?p=openssl.git%3ba=commit%3bh=0042fb5fd1c9d257d713b15a1f45da05cf5c1c87"
},
{
"trust": 0.9,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/"
},
{
"trust": 0.9,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/secbullarchive/"
},
{
"trust": 0.9,
"url": "http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-5139"
},
{
"trust": 0.7,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-3510"
},
{
"trust": 0.7,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-3505"
},
{
"trust": 0.7,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-3507"
},
{
"trust": 0.7,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-3506"
},
{
"trust": 0.7,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-3567"
},
{
"trust": 0.7,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-3513"
},
{
"trust": 0.7,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-3568"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-3566"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2022.0696"
},
{
"trust": 0.6,
"url": "https://support.lenovo.com/us/en/solutions/len-24443"
},
{
"trust": 0.4,
"url": "https://rhn.redhat.com/errata/rhsa-2014-1052.html"
},
{
"trust": 0.4,
"url": "https://rhn.redhat.com/errata/rhsa-2014-1054.html"
},
{
"trust": 0.4,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay/?docid=emr_"
},
{
"trust": 0.4,
"url": "https://h20392.www2.hp.com/portal/swdepot/displayproductinfo.do?productnumber"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21682663"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3t1021317"
},
{
"trust": 0.3,
"url": "https://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_wan_boot"
},
{
"trust": 0.3,
"url": "http://openssl.org/"
},
{
"trust": 0.3,
"url": "http://www.ibm.com/support/docview.wss?uid=ssg1s1004917"
},
{
"trust": 0.3,
"url": "http://www.ibm.com/support/docview.wss?uid=swg21686583"
},
{
"trust": 0.3,
"url": "https://www-304.ibm.com/support/docview.wss?uid=swg21681752"
},
{
"trust": 0.3,
"url": "http://www.ibm.com/support/docview.wss?uid=ssg1s1004931"
},
{
"trust": 0.3,
"url": "https://www-304.ibm.com/support/docview.wss?uid=ssg1s1004872"
},
{
"trust": 0.3,
"url": "https://www-304.ibm.com/support/docview.wss?uid=swg21691210"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/hpsc/doc/public/display?docid=emr_na-c04574073"
},
{
"trust": 0.3,
"url": "http://seclists.org/bugtraq/2015/mar/84"
},
{
"trust": 0.3,
"url": "http://seclists.org/bugtraq/2015/feb/151"
},
{
"trust": 0.3,
"url": "aix.software.ibm.com/aix/efixes/security/openssl_advisory10.asc"
},
{
"trust": 0.3,
"url": "https://downloads.avaya.com/css/p8/documents/100182969"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04424322"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/hpsc/doc/public/display?docid=emr_na-c04624296"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c05150888"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c05158380"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04426586"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04404655"
},
{
"trust": 0.3,
"url": "https://www-304.ibm.com/support/docview.wss?uid=swg21684570"
},
{
"trust": 0.3,
"url": "https://www.xerox.com/download/security/security-bulletin/2b8d8-513128526dd97/cert_security_mini-_bulletin_xrx15m_for_wc75xx_v1_1.pdf"
},
{
"trust": 0.3,
"url": "https://www.xerox.com/download/security/security-bulletin/2a20e-5105457a515cc/cert_security_mini-_bulletin_xrx15e_for_wc57xx_v1_0.pdf"
},
{
"trust": 0.3,
"url": "https://www.xerox.com/download/security/security-bulletin/2deee-50da9c14daae3/cert_mini_security_bulletin_xrx15a_v1-01.pdf"
},
{
"trust": 0.3,
"url": "https://www.xerox.com/download/security/security-bulletin/2df3c-51055b159fd50/cert_security_mini_bulletin_xrx15f_for_connectkey_1.5_v1-01.pdf"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685467"
},
{
"trust": 0.3,
"url": "https://www-304.ibm.com/support/docview.wss?uid=swg21682293"
},
{
"trust": 0.3,
"url": "https://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5097658"
},
{
"trust": 0.3,
"url": "https://bto.bluecoat.com/security-advisory/sa85"
},
{
"trust": 0.3,
"url": "https://downloads.avaya.com/css/p8/documents/100182784"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21684913"
},
{
"trust": 0.3,
"url": "https://www-304.ibm.com/support/docview.wss?uid=nas8n1020240"
},
{
"trust": 0.3,
"url": "https://www-304.ibm.com/support/docview.wss?uid=swg21691005"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21963783"
},
{
"trust": 0.3,
"url": "https://www-304.ibm.com/support/docview.wss?uid=swg21683389"
},
{
"trust": 0.3,
"url": "https://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5097903"
},
{
"trust": 0.3,
"url": "https://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5098264"
},
{
"trust": 0.3,
"url": "https://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5098252"
},
{
"trust": 0.3,
"url": "https://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5098585"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21689886"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686182"
},
{
"trust": 0.3,
"url": "https://www-304.ibm.com/support/docview.wss?uid=swg21685967"
},
{
"trust": 0.3,
"url": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5096510"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21687099"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685043"
},
{
"trust": 0.3,
"url": "http://support.f5.com/kb/en-us/solutions/public/15000/500/sol15571.html?ref=rss"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1s1007987"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21966557"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-3512"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3555"
},
{
"trust": 0.2,
"url": "https://www.redhat.com/security/data/cve/cve-2014-3509.html"
},
{
"trust": 0.2,
"url": "https://www.redhat.com/security/data/cve/cve-2014-3505.html"
},
{
"trust": 0.2,
"url": "https://www.redhat.com/security/data/cve/cve-2014-3506.html"
},
{
"trust": 0.2,
"url": "https://www.redhat.com/security/data/cve/cve-2014-3508.html"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/articles/11258"
},
{
"trust": 0.2,
"url": "https://www.redhat.com/security/data/cve/cve-2014-3507.html"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/team/contact/"
},
{
"trust": 0.2,
"url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.2,
"url": "https://www.redhat.com/security/data/cve/cve-2014-3511.html"
},
{
"trust": 0.2,
"url": "https://bugzilla.redhat.com/):"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"trust": 0.2,
"url": "https://www.redhat.com/security/data/cve/cve-2014-3510.html"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/team/key/#package"
},
{
"trust": 0.2,
"url": "http://www.hpe.com/support/security_bulletin_archive"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-1790"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0705"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-1788"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-1792"
},
{
"trust": 0.2,
"url": "http://www.hpe.com/support/subscriber_choice"
},
{
"trust": 0.2,
"url": "http://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c05131085"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-3195"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0799"
},
{
"trust": 0.2,
"url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_n"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-1789"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-1791"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-7501"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-2017"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-6565"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-0205"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-3194"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-3569"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/200.html"
},
{
"trust": 0.1,
"url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=0042fb5fd1c9d257d713b15a1f45da05cf5c1c87"
},
{
"trust": 0.1,
"url": "https://www.rapid7.com/db/vulnerabilities/ibm-aix-cve-2014-3508"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://github.com/buptssegj/binseeker"
},
{
"trust": 0.1,
"url": "https://usn.ubuntu.com/2308-1/"
},
{
"trust": 0.1,
"url": "http://tools.cisco.com/security/center/viewalert.x?alertid=35202"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-0195"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-0160"
},
{
"trust": 0.1,
"url": "https://h20392.www2.hp.com/portal/swdepot/displayp"
},
{
"trust": 0.1,
"url": "https://www.hp.com/go/swa"
},
{
"trust": 0.1,
"url": "http://h71000.www7.hp.com/openvms/products/ssl/ssl.html"
},
{
"trust": 0.1,
"url": "http://h20565.www2.hp.com/hpsc/doc/public/display?docid=emr_na-c04486577-1"
},
{
"trust": 0.1,
"url": "https://technet.microsoft.com/library/security/3009008"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/openssl/0.9.8k-7ubuntu8.20"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/openssl/1.0.1-4ubuntu5.17"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/openssl/1.0.1f-1ubuntu2.5"
},
{
"trust": 0.1,
"url": "http://www.ubuntu.com/usn/usn-2308-1"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-7995"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-6750"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-8035"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-3237"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-2015"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0728"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-7547"
},
{
"trust": 0.1,
"url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay/?docid=emr_"
},
{
"trust": 0.1,
"url": "http://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c05111017"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-4969"
},
{
"trust": 0.1,
"url": "http://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c05131044"
},
{
"trust": 0.1,
"url": "http://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c05130958"
},
{
"trust": 0.1,
"url": "http://www.hpe.com/info/insightcontrol"
},
{
"trust": 0.1,
"url": "http://www.hpe.com/info/insightmanagement"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-2019"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-2020"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-2018"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-2022"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-2027"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-2026"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-2021"
},
{
"trust": 0.1,
"url": "https://h20564.www2.h"
},
{
"trust": 0.1,
"url": "http://www.hp.com/jp/icewall/_patchaccess"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2014-3508"
},
{
"trust": 0.1,
"url": "http://h18013.www1.hp.com/products/servers/management/hpsim/download.html"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2014-3508"
},
{
"db": "BID",
"id": "69075"
},
{
"db": "PACKETSTORM",
"id": "169648"
},
{
"db": "PACKETSTORM",
"id": "130868"
},
{
"db": "PACKETSTORM",
"id": "130815"
},
{
"db": "PACKETSTORM",
"id": "127940"
},
{
"db": "PACKETSTORM",
"id": "128248"
},
{
"db": "PACKETSTORM",
"id": "131014"
},
{
"db": "PACKETSTORM",
"id": "132467"
},
{
"db": "PACKETSTORM",
"id": "127861"
},
{
"db": "PACKETSTORM",
"id": "127869"
},
{
"db": "PACKETSTORM",
"id": "132085"
},
{
"db": "PACKETSTORM",
"id": "127790"
},
{
"db": "PACKETSTORM",
"id": "137292"
},
{
"db": "PACKETSTORM",
"id": "137201"
},
{
"db": "PACKETSTORM",
"id": "128131"
},
{
"db": "PACKETSTORM",
"id": "132081"
},
{
"db": "CNNVD",
"id": "CNNVD-201408-132"
},
{
"db": "NVD",
"id": "CVE-2014-3508"
}
]
},
"sources": {
"_id": null,
"data": [
{
"db": "VULMON",
"id": "CVE-2014-3508",
"ident": null
},
{
"db": "BID",
"id": "69075",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "169648",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "130868",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "130815",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "127940",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "128248",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "131014",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "132467",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "127861",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "127869",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "132085",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "127790",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "137292",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "137201",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "128131",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "132081",
"ident": null
},
{
"db": "CNNVD",
"id": "CNNVD-201408-132",
"ident": null
},
{
"db": "NVD",
"id": "CVE-2014-3508",
"ident": null
}
]
},
"sources_release_date": {
"_id": null,
"data": [
{
"date": "2014-08-13T00:00:00",
"db": "VULMON",
"id": "CVE-2014-3508",
"ident": null
},
{
"date": "2014-08-06T00:00:00",
"db": "BID",
"id": "69075",
"ident": null
},
{
"date": "2014-08-06T12:12:12",
"db": "PACKETSTORM",
"id": "169648",
"ident": null
},
{
"date": "2015-03-18T00:44:34",
"db": "PACKETSTORM",
"id": "130868",
"ident": null
},
{
"date": "2015-03-13T17:11:00",
"db": "PACKETSTORM",
"id": "130815",
"ident": null
},
{
"date": "2014-08-20T15:20:13",
"db": "PACKETSTORM",
"id": "127940",
"ident": null
},
{
"date": "2014-09-15T17:53:34",
"db": "PACKETSTORM",
"id": "128248",
"ident": null
},
{
"date": "2015-03-25T00:42:25",
"db": "PACKETSTORM",
"id": "131014",
"ident": null
},
{
"date": "2015-06-29T15:35:42",
"db": "PACKETSTORM",
"id": "132467",
"ident": null
},
{
"date": "2014-08-14T02:24:57",
"db": "PACKETSTORM",
"id": "127861",
"ident": null
},
{
"date": "2014-08-14T22:49:56",
"db": "PACKETSTORM",
"id": "127869",
"ident": null
},
{
"date": "2015-05-29T23:37:43",
"db": "PACKETSTORM",
"id": "132085",
"ident": null
},
{
"date": "2014-08-08T21:44:17",
"db": "PACKETSTORM",
"id": "127790",
"ident": null
},
{
"date": "2016-06-02T19:12:12",
"db": "PACKETSTORM",
"id": "137292",
"ident": null
},
{
"date": "2016-05-26T09:22:00",
"db": "PACKETSTORM",
"id": "137201",
"ident": null
},
{
"date": "2014-09-03T21:23:53",
"db": "PACKETSTORM",
"id": "128131",
"ident": null
},
{
"date": "2015-05-29T23:37:11",
"db": "PACKETSTORM",
"id": "132081",
"ident": null
},
{
"date": "2014-08-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201408-132",
"ident": null
},
{
"date": "2014-08-13T23:55:07.497000",
"db": "NVD",
"id": "CVE-2014-3508",
"ident": null
}
]
},
"sources_update_date": {
"_id": null,
"data": [
{
"date": "2017-11-15T00:00:00",
"db": "VULMON",
"id": "CVE-2014-3508",
"ident": null
},
{
"date": "2016-09-09T15:00:00",
"db": "BID",
"id": "69075",
"ident": null
},
{
"date": "2022-02-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201408-132",
"ident": null
},
{
"date": "2025-04-12T10:46:40.837000",
"db": "NVD",
"id": "CVE-2014-3508",
"ident": null
}
]
},
"threat_type": {
"_id": null,
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "127790"
},
{
"db": "PACKETSTORM",
"id": "137292"
},
{
"db": "CNNVD",
"id": "CNNVD-201408-132"
}
],
"trust": 0.8
},
"title": {
"_id": null,
"data": "OpenSSL Information disclosure vulnerability",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201408-132"
}
],
"trust": 0.6
},
"type": {
"_id": null,
"data": "information disclosure",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201408-132"
}
],
"trust": 0.6
}
}
VAR-200704-0737
Vulnerability from variot - Updated: 2026-04-10 22:24Integer overflow in the bdfReadCharacters function in bdfread.c in (1) X.Org libXfont before 20070403 and (2) freetype 2.3.2 and earlier allows remote authenticated users to execute arbitrary code via crafted BDF fonts, which result in a heap overflow. X.Org and XFree86 of libXfont Used in bdfReadCharacters() In function BDF An integer overflow vulnerability exists due to a flaw in the parsing of fonts. Similar vulnerabilities FreeType Also exists.X Denial of service caused by a crash caused by a malicious user who can connect to the server (DoS) State, or X Server execution authority (root) May execute arbitrary code. FreeType is prone to a local integer-overflow vulnerability because it fails to adequately bounds-check user-supplied input. An attacker can exploit this vulnerability to execute arbitrary code with superuser privileges. Failed exploit attempts will likely cause denial-of-service conditions. This BID has been retired because it is a duplicate of BID 23283. X.Org is an official reference implementation of the X Window System operated by the X.Org Foundation. It is an open source free software. If the specially-made font information specifies more than 1,073,741,824 (2 to the 30th power) unit number in the first line, it may trigger a heap overflow.
Debian 4.0 (stable)
Stable updates are available for alpha, amd64, arm, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc. This request is used to determine what resource IDs are available for use. This function contains two vulnerabilities, both result in memory corruption of either the stack or heap. The ALLOCATE_LOCAL() macro used by this function allocates memory on the stack using alloca() on systems where alloca() is present, or using the heap otherwise. The handler function takes a user provided value, multiplies it, and then passes it to the above macro. (CVE-2007-1003)
iDefense reported two integer overflows in the way X.org handled various font files.
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1003 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1351 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1352 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1667
Updated Packages:
Mandriva Linux 2007.0: d96dcc000a74b02fbff0c3c0a5710767 2007.0/i586/libx11-common-1.0.3-2.2mdv2007.0.i586.rpm 0fbae1a4ac97941ea0f5e95e99fdf568 2007.0/i586/libx11_6-1.0.3-2.2mdv2007.0.i586.rpm 598252d23e15315d7213b09b1e3050ef 2007.0/i586/libx11_6-devel-1.0.3-2.2mdv2007.0.i586.rpm 1ffdc1a629ebded0e48cfc1ead8838b5 2007.0/i586/libx11_6-static-devel-1.0.3-2.2mdv2007.0.i586.rpm a3b70e66b722738df4d50295dd1a2604 2007.0/i586/libxfont1-1.1.0-4.2mdv2007.0.i586.rpm 14a727bef0655ad3385305230c16b6df 2007.0/i586/libxfont1-devel-1.1.0-4.2mdv2007.0.i586.rpm 46a3a943ba47a91cae462289425f1777 2007.0/i586/libxfont1-static-devel-1.1.0-4.2mdv2007.0.i586.rpm 71733a31bfce2d014975e7be5151fe87 2007.0/i586/x11-server-1.1.1-11.3mdv2007.0.i586.rpm b9650f724bcc27c9b02e4591b79a8170 2007.0/i586/x11-server-common-1.1.1-11.3mdv2007.0.i586.rpm 96291cb67e5effea3226d228934ca668 2007.0/i586/x11-server-devel-1.1.1-11.3mdv2007.0.i586.rpm ada36533a54b6abb8d9e05edcbe85a9b 2007.0/i586/x11-server-xati-1.1.1-11.3mdv2007.0.i586.rpm 65b27efd9b19e654917dc507a9fcc85b 2007.0/i586/x11-server-xchips-1.1.1-11.3mdv2007.0.i586.rpm 08be63fced01787c67111c49a37a217b 2007.0/i586/x11-server-xdmx-1.1.1-11.3mdv2007.0.i586.rpm b3808f59c82737c0a920f120e2821fda 2007.0/i586/x11-server-xephyr-1.1.1-11.3mdv2007.0.i586.rpm d11c6a18afe3aed8f1a51bf765bbdf68 2007.0/i586/x11-server-xepson-1.1.1-11.3mdv2007.0.i586.rpm 87e8f828f97229acd5ad881894cd1e13 2007.0/i586/x11-server-xfake-1.1.1-11.3mdv2007.0.i586.rpm f6ffd1174cbf64279a2feb6924f66e42 2007.0/i586/x11-server-xfbdev-1.1.1-11.3mdv2007.0.i586.rpm ab872f9c530a3fcc8397b111dfb43b44 2007.0/i586/x11-server-xgl-0.0.1-0.20060714.10.1mdv2007.0.i586.rpm fcc1678a7855a9bd889f819a29df978e 2007.0/i586/x11-server-xi810-1.1.1-11.3mdv2007.0.i586.rpm 3cf1b4fc5536ed5b54e8aad5b268ff2e 2007.0/i586/x11-server-xmach64-1.1.1-11.3mdv2007.0.i586.rpm 4ca148ffa7d5b363fd8fedfeef1cee71 2007.0/i586/x11-server-xmga-1.1.1-11.3mdv2007.0.i586.rpm dbf20841fd17021879081b4a6c869f3e 2007.0/i586/x11-server-xneomagic-1.1.1-11.3mdv2007.0.i586.rpm afd9701501cbe1b55cd5936456b04fc8 2007.0/i586/x11-server-xnest-1.1.1-11.3mdv2007.0.i586.rpm e91bf46f57be620a10bbbeff792df61b 2007.0/i586/x11-server-xnvidia-1.1.1-11.3mdv2007.0.i586.rpm a471731278537202b3c82792ad4e3368 2007.0/i586/x11-server-xorg-1.1.1-11.3mdv2007.0.i586.rpm 61661f612a200395a9d8a16923876ac8 2007.0/i586/x11-server-xpm2-1.1.1-11.3mdv2007.0.i586.rpm c85b6311efa2b1719ab77e5eb7231160 2007.0/i586/x11-server-xprt-1.1.1-11.3mdv2007.0.i586.rpm 08e47b2ae0c09d5d117e583941535a06 2007.0/i586/x11-server-xr128-1.1.1-11.3mdv2007.0.i586.rpm 1aa8aa6927148ac3d64dc047709f5abf 2007.0/i586/x11-server-xsdl-1.1.1-11.3mdv2007.0.i586.rpm 674a1a4c2fb68d234153033efae15394 2007.0/i586/x11-server-xsmi-1.1.1-11.3mdv2007.0.i586.rpm 77e6c7649a00f81d7538593b99d0678a 2007.0/i586/x11-server-xvesa-1.1.1-11.3mdv2007.0.i586.rpm bd6c55d0ad9e770d5680ae9dbd687a02 2007.0/i586/x11-server-xvfb-1.1.1-11.3mdv2007.0.i586.rpm 9867b8ebc08673dc8cf55a888bc0b22d 2007.0/i586/x11-server-xvia-1.1.1-11.3mdv2007.0.i586.rpm 44e16d3504f636eec6f4d51a5b506d39 2007.0/SRPMS/libx11-1.0.3-2.2mdv2007.0.src.rpm c552e38dc91ffef35ca44c4b5b09d22d 2007.0/SRPMS/libxfont-1.1.0-4.2mdv2007.0.src.rpm 678c7993955955fe45eb7c3a3d8c51c1 2007.0/SRPMS/x11-server-1.1.1-11.3mdv2007.0.src.rpm 18a0b058a4b1d5150139dea9a733e024 2007.0/SRPMS/x11-server-xgl-0.0.1-0.20060714.10.1mdv2007.0.src.rpm
Mandriva Linux 2007.0/X86_64: 19a970386a276dd606b11400cd672c68 2007.0/x86_64/lib64x11_6-1.0.3-2.2mdv2007.0.x86_64.rpm 694178b488cfb01096ade83be1aa0d4c 2007.0/x86_64/lib64x11_6-devel-1.0.3-2.2mdv2007.0.x86_64.rpm 9e666c058971ae71a1644115c2dbc851 2007.0/x86_64/lib64x11_6-static-devel-1.0.3-2.2mdv2007.0.x86_64.rpm ae890ea6d025a00b8d1397fb2a8bee2c 2007.0/x86_64/lib64xfont1-1.1.0-4.2mdv2007.0.x86_64.rpm ae510dc95b877ce304c382da30ee6680 2007.0/x86_64/lib64xfont1-devel-1.1.0-4.2mdv2007.0.x86_64.rpm f4a67a4311146a73ea1ac5d2a094f511 2007.0/x86_64/lib64xfont1-static-devel-1.1.0-4.2mdv2007.0.x86_64.rpm b4186951ec846155eef67caf20a713d0 2007.0/x86_64/libx11-common-1.0.3-2.2mdv2007.0.x86_64.rpm 8e4dc66ec5d759761f8d36dd28194499 2007.0/x86_64/x11-server-1.1.1-11.3mdv2007.0.x86_64.rpm 932015ff2760dd9d155a3d62255fe9d8 2007.0/x86_64/x11-server-common-1.1.1-11.3mdv2007.0.x86_64.rpm 89a0a8d5751a07d2533ba5f6afb39584 2007.0/x86_64/x11-server-devel-1.1.1-11.3mdv2007.0.x86_64.rpm 72fc80b4c4ecbc09a6553375dfb45598 2007.0/x86_64/x11-server-xdmx-1.1.1-11.3mdv2007.0.x86_64.rpm 4020ee2d1bb311b944b7cee828a9591b 2007.0/x86_64/x11-server-xephyr-1.1.1-11.3mdv2007.0.x86_64.rpm ceb7ed60ceabf6beab04fb4f7d5a6b9f 2007.0/x86_64/x11-server-xfake-1.1.1-11.3mdv2007.0.x86_64.rpm 2e283d8183630848bd4bf3c36ec78da2 2007.0/x86_64/x11-server-xfbdev-1.1.1-11.3mdv2007.0.x86_64.rpm 41b186290408566c3af16ad56bff4583 2007.0/x86_64/x11-server-xgl-0.0.1-0.20060714.10.1mdv2007.0.x86_64.rpm f03f5f7b95ee81d36558cc286dbc09cf 2007.0/x86_64/x11-server-xnest-1.1.1-11.3mdv2007.0.x86_64.rpm ded05b44c119989703ec335ef8d7ba77 2007.0/x86_64/x11-server-xorg-1.1.1-11.3mdv2007.0.x86_64.rpm 58a552e341f4ccf59906f9ff32f1e96b 2007.0/x86_64/x11-server-xprt-1.1.1-11.3mdv2007.0.x86_64.rpm 908d1a089250581475bf63d3bd615209 2007.0/x86_64/x11-server-xsdl-1.1.1-11.3mdv2007.0.x86_64.rpm f1b54633237b6f56857f9022f9621b3a 2007.0/x86_64/x11-server-xvfb-1.1.1-11.3mdv2007.0.x86_64.rpm 44e16d3504f636eec6f4d51a5b506d39 2007.0/SRPMS/libx11-1.0.3-2.2mdv2007.0.src.rpm c552e38dc91ffef35ca44c4b5b09d22d 2007.0/SRPMS/libxfont-1.1.0-4.2mdv2007.0.src.rpm 678c7993955955fe45eb7c3a3d8c51c1 2007.0/SRPMS/x11-server-1.1.1-11.3mdv2007.0.src.rpm 18a0b058a4b1d5150139dea9a733e024 2007.0/SRPMS/x11-server-xgl-0.0.1-0.20060714.10.1mdv2007.0.src.rpm
Corporate 3.0: 918c04c922a1613680cbbe9487e96c1f corporate/3.0/i586/X11R6-contrib-4.3-32.13.C30mdk.i586.rpm 89f73d5c80e4c5ff474b115d825b5c09 corporate/3.0/i586/XFree86-100dpi-fonts-4.3-32.13.C30mdk.i586.rpm 4a350003e29da90f9e20cfc490630e44 corporate/3.0/i586/XFree86-4.3-32.13.C30mdk.i586.rpm c1337f1ed5267d530dbf665f50619145 corporate/3.0/i586/XFree86-75dpi-fonts-4.3-32.13.C30mdk.i586.rpm 38c323d2e089e7f1cac411c6156a5025 corporate/3.0/i586/XFree86-Xnest-4.3-32.13.C30mdk.i586.rpm 9b18d33108c7d5aafb3e2d689045e91a corporate/3.0/i586/XFree86-Xvfb-4.3-32.13.C30mdk.i586.rpm 7fc5ac98bb77dc5ed11b52a17ca1ab18 corporate/3.0/i586/XFree86-cyrillic-fonts-4.3-32.13.C30mdk.i586.rpm be5ab8321d77e24e57553c9e537082e6 corporate/3.0/i586/XFree86-doc-4.3-32.13.C30mdk.i586.rpm 19353085c52e811da6d5cc9f173abb4a corporate/3.0/i586/XFree86-glide-module-4.3-32.13.C30mdk.i586.rpm 3373a7e9398a1788ab4bea0f12a9dce2 corporate/3.0/i586/XFree86-server-4.3-32.13.C30mdk.i586.rpm f78239e305badabba3d638b361473436 corporate/3.0/i586/XFree86-xfs-4.3-32.13.C30mdk.i586.rpm 69b594d3b0438be4c25c36abb37e5159 corporate/3.0/i586/libxfree86-4.3-32.13.C30mdk.i586.rpm 9d1c0eb89083a9f62c14d29126a0ce06 corporate/3.0/i586/libxfree86-devel-4.3-32.13.C30mdk.i586.rpm c67bddf7736902533773979e627b8761 corporate/3.0/i586/libxfree86-static-devel-4.3-32.13.C30mdk.i586.rpm 5f194d3c82ab8f214c16f33bd4952107 corporate/3.0/SRPMS/XFree86-4.3-32.13.C30mdk.src.rpm
Corporate 3.0/X86_64: 2bd23a1148e5b379ff0305d9f96032f0 corporate/3.0/x86_64/X11R6-contrib-4.3-32.13.C30mdk.x86_64.rpm dc08cee63f5dcbed1b036c3708a657a1 corporate/3.0/x86_64/XFree86-100dpi-fonts-4.3-32.13.C30mdk.x86_64.rpm 171a7012e64618b79dc8880180093f76 corporate/3.0/x86_64/XFree86-4.3-32.13.C30mdk.x86_64.rpm de12bcbf7f7ebdec9becb1c051162ecf corporate/3.0/x86_64/XFree86-75dpi-fonts-4.3-32.13.C30mdk.x86_64.rpm 7f208dc7263f1558cf3f10e04e1ed5c9 corporate/3.0/x86_64/XFree86-Xnest-4.3-32.13.C30mdk.x86_64.rpm c24a2d0fa210741e5aade751bd8a61df corporate/3.0/x86_64/XFree86-Xvfb-4.3-32.13.C30mdk.x86_64.rpm a89a370a0185521e83c37b8daf60fdd0 corporate/3.0/x86_64/XFree86-cyrillic-fonts-4.3-32.13.C30mdk.x86_64.rpm 840dbd21393e5611d162ccf755792d4f corporate/3.0/x86_64/XFree86-doc-4.3-32.13.C30mdk.x86_64.rpm b9595f9ffe3bc8a1d16522b6a47d5598 corporate/3.0/x86_64/XFree86-server-4.3-32.13.C30mdk.x86_64.rpm 63479edcdcbe976b96582c481b986f5e corporate/3.0/x86_64/XFree86-xfs-4.3-32.13.C30mdk.x86_64.rpm 525e0d97ff88d1905502d405f90d4085 corporate/3.0/x86_64/lib64xfree86-4.3-32.13.C30mdk.x86_64.rpm 66f6f35a1c45d88672bbc2b2ea9c8f2d corporate/3.0/x86_64/lib64xfree86-devel-4.3-32.13.C30mdk.x86_64.rpm 2717e4c7875f4de5e880ad95b595fecd corporate/3.0/x86_64/lib64xfree86-static-devel-4.3-32.13.C30mdk.x86_64.rpm 5f194d3c82ab8f214c16f33bd4952107 corporate/3.0/SRPMS/XFree86-4.3-32.13.C30mdk.src.rpm
Corporate 4.0: e63a99edfa23138af23caa7c9c980d54 corporate/4.0/i586/X11R6-contrib-6.9.0-5.15.20060mlcs4.i586.rpm 9fa37dcac91bc52853239a3b86acbfa8 corporate/4.0/i586/libxorg-x11-6.9.0-5.15.20060mlcs4.i586.rpm b34ee5541e4d8e7f37dcde66a75c6cfb corporate/4.0/i586/libxorg-x11-devel-6.9.0-5.15.20060mlcs4.i586.rpm 71d076aff757c1778782065b3e7de161 corporate/4.0/i586/libxorg-x11-static-devel-6.9.0-5.15.20060mlcs4.i586.rpm 59b2613a3f02781d966b76751a4f432c corporate/4.0/i586/xorg-x11-100dpi-fonts-6.9.0-5.15.20060mlcs4.i586.rpm 111813e2cbdeef71c025de2235199e90 corporate/4.0/i586/xorg-x11-6.9.0-5.15.20060mlcs4.i586.rpm 44b0a56d98313c72b05bfc4b28ff024b corporate/4.0/i586/xorg-x11-75dpi-fonts-6.9.0-5.15.20060mlcs4.i586.rpm 08026da35859225b367ab26e813d57d7 corporate/4.0/i586/xorg-x11-Xdmx-6.9.0-5.15.20060mlcs4.i586.rpm 46f848204211932f59a8ecaf02a3894e corporate/4.0/i586/xorg-x11-Xnest-6.9.0-5.15.20060mlcs4.i586.rpm eb232b39a68609ffb5adc5f472dc5d1d corporate/4.0/i586/xorg-x11-Xprt-6.9.0-5.15.20060mlcs4.i586.rpm 055b63beae6e771a6b948049fed128cf corporate/4.0/i586/xorg-x11-Xvfb-6.9.0-5.15.20060mlcs4.i586.rpm b2438635efdf6ed16508580cc901ecb5 corporate/4.0/i586/xorg-x11-cyrillic-fonts-6.9.0-5.15.20060mlcs4.i586.rpm 91ac90d71030f3bfe0fdb9ddaf2ad816 corporate/4.0/i586/xorg-x11-doc-6.9.0-5.15.20060mlcs4.i586.rpm bf50b7e3fa360f3fd1aa61444526b9b8 corporate/4.0/i586/xorg-x11-glide-module-6.9.0-5.15.20060mlcs4.i586.rpm 372cfc8231f2f2d31760f165ee80d4e6 corporate/4.0/i586/xorg-x11-server-6.9.0-5.15.20060mlcs4.i586.rpm 7a73f4094d5ea7c3020a3b78ea9c9c98 corporate/4.0/i586/xorg-x11-xauth-6.9.0-5.15.20060mlcs4.i586.rpm 61bd1d2dae41148425196597d28460af corporate/4.0/i586/xorg-x11-xfs-6.9.0-5.15.20060mlcs4.i586.rpm 1e8a87194b755917783b1a6856a684a3 corporate/4.0/SRPMS/xorg-x11-6.9.0-5.15.20060mlcs4.src.rpm
Corporate 4.0/X86_64: 32ff784cd7c2401ee6bb9cd2b814159b corporate/4.0/x86_64/X11R6-contrib-6.9.0-5.15.20060mlcs4.x86_64.rpm d2575d1962896839c66e5a6d4f0d243b corporate/4.0/x86_64/lib64xorg-x11-6.9.0-5.15.20060mlcs4.x86_64.rpm 49455f9280c0f2e45cbfe40957644a06 corporate/4.0/x86_64/lib64xorg-x11-devel-6.9.0-5.15.20060mlcs4.x86_64.rpm f57c87d13d3411731b28ac002873887f corporate/4.0/x86_64/lib64xorg-x11-static-devel-6.9.0-5.15.20060mlcs4.x86_64.rpm cec0f84d92610fe7319678d52f85d69d corporate/4.0/x86_64/xorg-x11-100dpi-fonts-6.9.0-5.15.20060mlcs4.x86_64.rpm bbccb6cf65819363d944b72ea5dc0f94 corporate/4.0/x86_64/xorg-x11-6.9.0-5.15.20060mlcs4.x86_64.rpm 6aef383c3f44fc6b66fc3175084b87fc corporate/4.0/x86_64/xorg-x11-75dpi-fonts-6.9.0-5.15.20060mlcs4.x86_64.rpm c036dce014adc7e5a74a181cf9fabdaf corporate/4.0/x86_64/xorg-x11-Xdmx-6.9.0-5.15.20060mlcs4.x86_64.rpm 59d992851f3d52838a9515f9449905d5 corporate/4.0/x86_64/xorg-x11-Xnest-6.9.0-5.15.20060mlcs4.x86_64.rpm 11867453dc758141fb38c33e3812e8e1 corporate/4.0/x86_64/xorg-x11-Xprt-6.9.0-5.15.20060mlcs4.x86_64.rpm a248cd02f7d7864c779491c6a9e696e1 corporate/4.0/x86_64/xorg-x11-Xvfb-6.9.0-5.15.20060mlcs4.x86_64.rpm 6bec3e71d6c044a563bca2733260adb9 corporate/4.0/x86_64/xorg-x11-cyrillic-fonts-6.9.0-5.15.20060mlcs4.x86_64.rpm d2f5b5cebcecefdce3cc1bfb550bf481 corporate/4.0/x86_64/xorg-x11-doc-6.9.0-5.15.20060mlcs4.x86_64.rpm 780c01a55862d4b9ac03286ac787b725 corporate/4.0/x86_64/xorg-x11-glide-module-6.9.0-5.15.20060mlcs4.x86_64.rpm 3ad687a6bb67d02ed23cb6d57ca0ea85 corporate/4.0/x86_64/xorg-x11-server-6.9.0-5.15.20060mlcs4.x86_64.rpm 3f02a8bf7e6e94b4696baa3998712dae corporate/4.0/x86_64/xorg-x11-xauth-6.9.0-5.15.20060mlcs4.x86_64.rpm 5df334cae18035961430532b7fa6a71f corporate/4.0/x86_64/xorg-x11-xfs-6.9.0-5.15.20060mlcs4.x86_64.rpm 1e8a87194b755917783b1a6856a684a3 corporate/4.0/SRPMS/xorg-x11-6.9.0-5.15.20060mlcs4.src.rpm
To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. You can obtain the GPG public key of the Mandriva Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandriva Linux at:
http://www.mandriva.com/security/advisories
If you want to report vulnerabilities, please contact
security_(at)_mandriva.com
Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (GNU/Linux)
iD8DBQFGFAoYmqjQ0CJFipgRAvkHAJwJVFe0mT1yBHKjcTWYIRiSz7YoZQCdF6wt /Czi8NSscvNCkThUftxcIJY= =eRgy -----END PGP SIGNATURE-----
Full-Disclosure - We believe in it. (CVE-2007-1351, CVE-2007-1352)
TightVNC uses some of the same code base as Xorg, and has the same vulnerable code. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Debian Security Advisory DSA 1294-1 security@debian.org http://www.debian.org/security/ Moritz Muehlenhoff May 17th, 2007 http://www.debian.org/security/faq
Package : xfree86 Vulnerability : several Problem-Type : local Debian-specific: no CVE ID : CVE-2007-1003 CVE-2007-1351 CVE-2007-1352 CVE-2007-1667
Several vulnerabilities have been discovered in the X Window System, which may lead to privilege escalation. The Common Vulnerabilities and Exposures project identifies the following problems:
CVE-2007-1003
Sean Larsson discovered an integer overflow in the XC-MISC extension,
which might lead to denial of service or local privilege escalation.
CVE-2007-1351
Greg MacManus discovered an integer overflow in the font handling,
which might lead to denial of service or local privilege escalation.
CVE-2007-1352
Greg MacManus discovered an integer overflow in the font handling,
which might lead to denial of service or local privilege escalation.
This update introduces tighter sanity checking of input passed to
XCreateImage(). To cope with this an updated rdesktop package is
delivered along with this security update. Another application
reported to break is the proprietary Opera browser, which isn't
part of Debian. The vendor has released updated packages, though.
For the old stable distribution (sarge) these problems have been fixed in version 4.3.0.dfsg.1-14sarge4. This update lacks builds for the Sparc architecture, due to problems on the build host. Packages will be released once this problem has been resolved.
The stable distribution (etch) isn't affected by these problems, as the vulnerabilities have already been fixed during the Etch preparation freeze phase.
We recommend that you upgrade your XFree86 packages.
Upgrade Instructions
wget url will fetch the file for you dpkg -i file.deb will install the referenced file.
If you are using the apt-get package manager, use the line for sources.list as given below:
apt-get update will update the internal database apt-get upgrade will install corrected packages
You may use an automated update by adding the resources from the footer to the proper configuration.
Debian GNU/Linux 3.1 alias sarge
Source archives:
http://security.debian.org/pool/updates/main/x/xfree86/xfree86_4.3.0.dfsg.1-14sarge4.dsc
Size/MD5 checksum: 2642 189d0d7d0b7dbbf26755923b438e5e4c
http://security.debian.org/pool/updates/main/x/xfree86/xfree86_4.3.0.dfsg.1-14sarge4.diff.gz
Size/MD5 checksum: 3644476 e3ae500a08998d20996e1b386253e1cc
http://security.debian.org/pool/updates/main/x/xfree86/xfree86_4.3.0.dfsg.1.orig.tar.gz
Size/MD5 checksum: 59123696 8e6990288c8f1a1d1e03f7c36d7185ee
http://security.debian.org/pool/updates/main/r/rdesktop/rdesktop_1.4.0-2sarge1.dsc
Size/MD5 checksum: 623 95239010d328848d69bbcd59df29ee1b
http://security.debian.org/pool/updates/main/r/rdesktop/rdesktop_1.4.0-2sarge1.diff.gz
Size/MD5 checksum: 10664 ac732ace18f41e829a3c38730934fbc4
http://security.debian.org/pool/updates/main/r/rdesktop/rdesktop_1.4.0.orig.tar.gz
Size/MD5 checksum: 202531 542cb9d9b4dd1ecaf3ed4ff753fea7b8
Architecture independent components:
http://security.debian.org/pool/updates/main/x/xfree86/pm-dev_4.3.0.dfsg.1-14sarge4_all.deb
Size/MD5 checksum: 159434 d8aede0aaa9682ba7997447110d31ca5
http://security.debian.org/pool/updates/main/x/xfree86/x-dev_4.3.0.dfsg.1-14sarge4_all.deb
Size/MD5 checksum: 216476 5401b81557f7953a5e476127544a94f6
http://security.debian.org/pool/updates/main/x/xfree86/x-window-system_4.3.0.dfsg.1-14sarge4_all.deb
Size/MD5 checksum: 158730 8f841f4bc6efc65cc48e468163170116
http://security.debian.org/pool/updates/main/x/xfree86/xfonts-100dpi-transcoded_4.3.0.dfsg.1-14sarge4_all.deb
Size/MD5 checksum: 8195040 c3c684a6c8a3a10f280ce25a6523fa50
http://security.debian.org/pool/updates/main/x/xfree86/xfonts-100dpi_4.3.0.dfsg.1-14sarge4_all.deb
Size/MD5 checksum: 4363090 0a9af1fd8109decea7c5e2bc9342a1c7
http://security.debian.org/pool/updates/main/x/xfree86/xfonts-75dpi-transcoded_4.3.0.dfsg.1-14sarge4_all.deb
Size/MD5 checksum: 7073122 b42b7454c680f94cf4d912d6e263c679
http://security.debian.org/pool/updates/main/x/xfree86/xfonts-75dpi_4.3.0.dfsg.1-14sarge4_all.deb
Size/MD5 checksum: 3840910 eba04ef15ba7280352b8731e2705726b
http://security.debian.org/pool/updates/main/x/xfree86/xfonts-base-transcoded_4.3.0.dfsg.1-14sarge4_all.deb
Size/MD5 checksum: 1203680 546bafab0ffec15de52f51983bcf2c07
http://security.debian.org/pool/updates/main/x/xfree86/xfonts-base_4.3.0.dfsg.1-14sarge4_all.deb
Size/MD5 checksum: 5490622 7d4613aadcadb86fc4242363784818ba
http://security.debian.org/pool/updates/main/x/xfree86/xfonts-cyrillic_4.3.0.dfsg.1-14sarge4_all.deb
Size/MD5 checksum: 541216 16dbec56de243edf187e52c650532e91
http://security.debian.org/pool/updates/main/x/xfree86/xfonts-scalable_4.3.0.dfsg.1-14sarge4_all.deb
Size/MD5 checksum: 901006 adf45fe9c5d1d84f912d2a9b789a1b8b
http://security.debian.org/pool/updates/main/x/xfree86/xfree86-common_4.3.0.dfsg.1-14sarge4_all.deb
Size/MD5 checksum: 815600 154c4731c74c14685319ffd2e5535f79
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-dev_4.3.0.dfsg.1-14sarge4_all.deb
Size/MD5 checksum: 158582 5ec2b681939a466c832c7b91a6c71589
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa3-dbg_4.3.0.dfsg.1-14sarge4_all.deb
Size/MD5 checksum: 158596 2a90dc555891313b58b5b0d11e33b8c8
http://security.debian.org/pool/updates/main/x/xfree86/xlibs-data_4.3.0.dfsg.1-14sarge4_all.deb
Size/MD5 checksum: 907066 a82eb5f3920df1c3e4c42c212efb78a7
http://security.debian.org/pool/updates/main/x/xfree86/xlibs-dbg_4.3.0.dfsg.1-14sarge4_all.deb
Size/MD5 checksum: 158648 bed92016a1cedd08e985becce0aadec1
http://security.debian.org/pool/updates/main/x/xfree86/xlibs-dev_4.3.0.dfsg.1-14sarge4_all.deb
Size/MD5 checksum: 158646 e55d85a5a7d6687cbf802575038344d0
http://security.debian.org/pool/updates/main/x/xfree86/xlibs-pic_4.3.0.dfsg.1-14sarge4_all.deb
Size/MD5 checksum: 158554 96ba78abf30b4e2d087f2797625589cc
http://security.debian.org/pool/updates/main/x/xfree86/xlibs_4.3.0.dfsg.1-14sarge4_all.deb
Size/MD5 checksum: 426718 64389fde8c4cb693fef2a5953fb2b109
http://security.debian.org/pool/updates/main/x/xfree86/xspecs_4.3.0.dfsg.1-14sarge4_all.deb
Size/MD5 checksum: 5835466 28f15b50daff3453e208642777c1c311
Alpha architecture:
http://security.debian.org/pool/updates/main/x/xfree86/lbxproxy_4.3.0.dfsg.1-14sarge4_alpha.deb
Size/MD5 checksum: 284996 92f0024fab7a481cd4e34dc024f457aa
http://security.debian.org/pool/updates/main/x/xfree86/libdps-dev_4.3.0.dfsg.1-14sarge4_alpha.deb
Size/MD5 checksum: 441170 70ec1d5a6b3bf7a36863360747e6cdb4
http://security.debian.org/pool/updates/main/x/xfree86/libdps1_4.3.0.dfsg.1-14sarge4_alpha.deb
Size/MD5 checksum: 313428 2b07fef9a8355e4d43947a1a63aff81e
http://security.debian.org/pool/updates/main/x/xfree86/libdps1-dbg_4.3.0.dfsg.1-14sarge4_alpha.deb
Size/MD5 checksum: 822188 fd73dfdda3bc273ce185908a3720c45a
http://security.debian.org/pool/updates/main/x/xfree86/libice-dev_4.3.0.dfsg.1-14sarge4_alpha.deb
Size/MD5 checksum: 230570 9ab3ab85a12236d862e78b0f0f87dea7
http://security.debian.org/pool/updates/main/x/xfree86/libice6_4.3.0.dfsg.1-14sarge4_alpha.deb
Size/MD5 checksum: 209934 e15bfecad9eab9fb197772520d21067a
http://security.debian.org/pool/updates/main/x/xfree86/libice6-dbg_4.3.0.dfsg.1-14sarge4_alpha.deb
Size/MD5 checksum: 295454 33ccdd1fc0dc73ccc66a45c0ae8a290d
http://security.debian.org/pool/updates/main/x/xfree86/libsm-dev_4.3.0.dfsg.1-14sarge4_alpha.deb
Size/MD5 checksum: 184480 3fe3048544b48f0926dbf6f4d163dd0e
http://security.debian.org/pool/updates/main/x/xfree86/libsm6_4.3.0.dfsg.1-14sarge4_alpha.deb
Size/MD5 checksum: 184848 b5c69e554bcdce7e1baecdb8a1cb5c9c
http://security.debian.org/pool/updates/main/x/xfree86/libsm6-dbg_4.3.0.dfsg.1-14sarge4_alpha.deb
Size/MD5 checksum: 209954 49853ed0ce0dc522e9f43d77ed807137
http://security.debian.org/pool/updates/main/x/xfree86/libx11-6_4.3.0.dfsg.1-14sarge4_alpha.deb
Size/MD5 checksum: 816088 94c427b0abe62c425b2bcdf372c792c8
http://security.debian.org/pool/updates/main/x/xfree86/libx11-6-dbg_4.3.0.dfsg.1-14sarge4_alpha.deb
Size/MD5 checksum: 9804934 4623cd96de525311a862c2e1fad78344
http://security.debian.org/pool/updates/main/x/xfree86/libx11-dev_4.3.0.dfsg.1-14sarge4_alpha.deb
Size/MD5 checksum: 1576092 8e18e092949d8bd0f9e5ffb9d7f447e9
http://security.debian.org/pool/updates/main/x/xfree86/libxaw6_4.3.0.dfsg.1-14sarge4_alpha.deb
Size/MD5 checksum: 317732 e2f03ac371b2cbb1a2b84dae43959f3c
http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dbg_4.3.0.dfsg.1-14sarge4_alpha.deb
Size/MD5 checksum: 934034 af848a96c5dabdb756549d66f16f5ad5
http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dev_4.3.0.dfsg.1-14sarge4_alpha.deb
Size/MD5 checksum: 522864 fe5ee0cf23f25f8e625a1428f90e39d2
http://security.debian.org/pool/updates/main/x/xfree86/libxaw7_4.3.0.dfsg.1-14sarge4_alpha.deb
Size/MD5 checksum: 382736 5fb1194cbf510977519c2f99903f3e8d
http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dbg_4.3.0.dfsg.1-14sarge4_alpha.deb
Size/MD5 checksum: 1100610 6dcc0fc3c214c8a37ef8180a8d0f4fd4
http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dev_4.3.0.dfsg.1-14sarge4_alpha.deb
Size/MD5 checksum: 522770 ff4f2ad7f5a1fa456abc16994685c6b6
http://security.debian.org/pool/updates/main/x/xfree86/libxext-dev_4.3.0.dfsg.1-14sarge4_alpha.deb
Size/MD5 checksum: 265026 facae3a81139d2ce5a0bd21cd665e2ca
http://security.debian.org/pool/updates/main/x/xfree86/libxext6_4.3.0.dfsg.1-14sarge4_alpha.deb
Size/MD5 checksum: 196480 7cf0508ef339715f25f1ce5707de2584
http://security.debian.org/pool/updates/main/x/xfree86/libxext6-dbg_4.3.0.dfsg.1-14sarge4_alpha.deb
Size/MD5 checksum: 522270 1c140d44feaf9074fe7209933917d36a
http://security.debian.org/pool/updates/main/x/xfree86/libxft1_4.3.0.dfsg.1-14sarge4_alpha.deb
Size/MD5 checksum: 195706 6b44c3f7c5020cc71d3122fdb43380e9
http://security.debian.org/pool/updates/main/x/xfree86/libxft1-dbg_4.3.0.dfsg.1-14sarge4_alpha.deb
Size/MD5 checksum: 481102 f3cba0d63e52a2af0e63b1b052453089
http://security.debian.org/pool/updates/main/x/xfree86/libxi-dev_4.3.0.dfsg.1-14sarge4_alpha.deb
Size/MD5 checksum: 240792 5025ff049d9f7deb22e11a300094187b
http://security.debian.org/pool/updates/main/x/xfree86/libxi6_4.3.0.dfsg.1-14sarge4_alpha.deb
Size/MD5 checksum: 186222 7c8e6177656e754587aaa42e8083059e
http://security.debian.org/pool/updates/main/x/xfree86/libxi6-dbg_4.3.0.dfsg.1-14sarge4_alpha.deb
Size/MD5 checksum: 1182630 e2738f6b53b5aa55169fc829aa2f3c4a
http://security.debian.org/pool/updates/main/x/xfree86/libxmu-dev_4.3.0.dfsg.1-14sarge4_alpha.deb
Size/MD5 checksum: 244840 76fed36704d9ca23cc4a91c321490b34
http://security.debian.org/pool/updates/main/x/xfree86/libxmu6_4.3.0.dfsg.1-14sarge4_alpha.deb
Size/MD5 checksum: 219782 bb1280080a6db83d8a97510c70dfa588
http://security.debian.org/pool/updates/main/x/xfree86/libxmu6-dbg_4.3.0.dfsg.1-14sarge4_alpha.deb
Size/MD5 checksum: 680140 9e24b96bf063fc9ce13f22fc457a50b9
http://security.debian.org/pool/updates/main/x/xfree86/libxmuu-dev_4.3.0.dfsg.1-14sarge4_alpha.deb
Size/MD5 checksum: 164774 a41d399a9f2d550f1ffc8b1095c4417d
http://security.debian.org/pool/updates/main/x/xfree86/libxmuu1_4.3.0.dfsg.1-14sarge4_alpha.deb
Size/MD5 checksum: 172674 13676ac5abfe9594642adc4c054014ac
http://security.debian.org/pool/updates/main/x/xfree86/libxmuu1-dbg_4.3.0.dfsg.1-14sarge4_alpha.deb
Size/MD5 checksum: 210192 79cdcc5df1939ea1126859397db7fc57
http://security.debian.org/pool/updates/main/x/xfree86/libxp-dev_4.3.0.dfsg.1-14sarge4_alpha.deb
Size/MD5 checksum: 187902 dd499bdc63f54559b3e7978c58067a7c
http://security.debian.org/pool/updates/main/x/xfree86/libxp6_4.3.0.dfsg.1-14sarge4_alpha.deb
Size/MD5 checksum: 182996 ae344d4a81325bb7de8b95ccf977d6cd
http://security.debian.org/pool/updates/main/x/xfree86/libxp6-dbg_4.3.0.dfsg.1-14sarge4_alpha.deb
Size/MD5 checksum: 576046 a1f7ab50d292c9682de56abdc1539e1a
http://security.debian.org/pool/updates/main/x/xfree86/libxpm-dev_4.3.0.dfsg.1-14sarge4_alpha.deb
Size/MD5 checksum: 212166 54359c662494bb8f9798eb530b05c39d
http://security.debian.org/pool/updates/main/x/xfree86/libxpm4_4.3.0.dfsg.1-14sarge4_alpha.deb
Size/MD5 checksum: 204384 89026d497d9ef72ba5c8cedb005ae99a
http://security.debian.org/pool/updates/main/x/xfree86/libxpm4-dbg_4.3.0.dfsg.1-14sarge4_alpha.deb
Size/MD5 checksum: 253810 07d21c94db5f5261077163a7fef92363
http://security.debian.org/pool/updates/main/x/xfree86/libxrandr-dev_4.3.0.dfsg.1-14sarge4_alpha.deb
Size/MD5 checksum: 173260 621062aa574e5a4470cb2d59d58d4364
http://security.debian.org/pool/updates/main/x/xfree86/libxrandr2_4.3.0.dfsg.1-14sarge4_alpha.deb
Size/MD5 checksum: 172984 a53a8fbeb82124fcf1ac73b47246e654
http://security.debian.org/pool/updates/main/x/xfree86/libxrandr2-dbg_4.3.0.dfsg.1-14sarge4_alpha.deb
Size/MD5 checksum: 203096 9fd958db6e8f017b01e9471e56225e67
http://security.debian.org/pool/updates/main/x/xfree86/libxt-dev_4.3.0.dfsg.1-14sarge4_alpha.deb
Size/MD5 checksum: 713138 5ac37e4a6928ae1d6214c1ea683cf532
http://security.debian.org/pool/updates/main/x/xfree86/libxt6_4.3.0.dfsg.1-14sarge4_alpha.deb
Size/MD5 checksum: 361134 4e469b9b10ef878a3a631b58e3b828d7
http://security.debian.org/pool/updates/main/x/xfree86/libxt6-dbg_4.3.0.dfsg.1-14sarge4_alpha.deb
Size/MD5 checksum: 1587114 914c6b4c39ed31c2fbee379e2d0ba25b
http://security.debian.org/pool/updates/main/x/xfree86/libxtrap-dev_4.3.0.dfsg.1-14sarge4_alpha.deb
Size/MD5 checksum: 191798 af942f90192c1b423de6ff15552fe7ac
http://security.debian.org/pool/updates/main/x/xfree86/libxtrap6_4.3.0.dfsg.1-14sarge4_alpha.deb
Size/MD5 checksum: 184318 461e3515c225271484349872db566ecf
http://security.debian.org/pool/updates/main/x/xfree86/libxtrap6-dbg_4.3.0.dfsg.1-14sarge4_alpha.deb
Size/MD5 checksum: 411934 25f0ad51173c5b1a91c657f1218a79ca
http://security.debian.org/pool/updates/main/x/xfree86/libxtst-dev_4.3.0.dfsg.1-14sarge4_alpha.deb
Size/MD5 checksum: 176406 8c0975faeee6e39952cf1a8ae7983ac2
http://security.debian.org/pool/updates/main/x/xfree86/libxtst6_4.3.0.dfsg.1-14sarge4_alpha.deb
Size/MD5 checksum: 177950 991487364f13ea794c44c3aff02a8342
http://security.debian.org/pool/updates/main/x/xfree86/libxtst6-dbg_4.3.0.dfsg.1-14sarge4_alpha.deb
Size/MD5 checksum: 241462 716284f0af443ef15e5a3a2c1753baa2
http://security.debian.org/pool/updates/main/x/xfree86/libxv-dev_4.3.0.dfsg.1-14sarge4_alpha.deb
Size/MD5 checksum: 193636 8eb36dcc7cb99f393fbdc8fa315a0cb9
http://security.debian.org/pool/updates/main/x/xfree86/libxv1_4.3.0.dfsg.1-14sarge4_alpha.deb
Size/MD5 checksum: 174330 9f2e68247409abd7359cccd02ea2ed9a
http://security.debian.org/pool/updates/main/x/xfree86/libxv1-dbg_4.3.0.dfsg.1-14sarge4_alpha.deb
Size/MD5 checksum: 206192 155c096549ecebf30bd0b6de96266cac
http://security.debian.org/pool/updates/main/x/xfree86/proxymngr_4.3.0.dfsg.1-14sarge4_alpha.deb
Size/MD5 checksum: 184952 c60abc527075ecb5c2effb72411506b0
http://security.debian.org/pool/updates/main/x/xfree86/twm_4.3.0.dfsg.1-14sarge4_alpha.deb
Size/MD5 checksum: 289606 9cdbb7e62dc88b2688febd15e62092dc
http://security.debian.org/pool/updates/main/x/xfree86/x-window-system-core_4.3.0.dfsg.1-14sarge4_alpha.deb
Size/MD5 checksum: 158684 ca7c7c54102b761de517ef8c7ff9f76b
http://security.debian.org/pool/updates/main/x/xfree86/x-window-system-dev_4.3.0.dfsg.1-14sarge4_alpha.deb
Size/MD5 checksum: 158738 e9e98a97d36c517bbff6f7451e8da8d0
http://security.debian.org/pool/updates/main/x/xfree86/xbase-clients_4.3.0.dfsg.1-14sarge4_alpha.deb
Size/MD5 checksum: 2376330 27c274f345160933475691031385b692
http://security.debian.org/pool/updates/main/x/xfree86/xdm_4.3.0.dfsg.1-14sarge4_alpha.deb
Size/MD5 checksum: 327180 32ee0206f299daf84c440520238fffdb
http://security.debian.org/pool/updates/main/x/xfree86/xfs_4.3.0.dfsg.1-14sarge4_alpha.deb
Size/MD5 checksum: 600554 6994f0009df1a92aeba7a11a6a72f4e9
http://security.debian.org/pool/updates/main/x/xfree86/xfwp_4.3.0.dfsg.1-14sarge4_alpha.deb
Size/MD5 checksum: 184230 7667cbb1c995ba9e2216d51342e67f06
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-dri_4.3.0.dfsg.1-14sarge4_alpha.deb
Size/MD5 checksum: 4558712 5f077e532f6aef7c0d16f55d37b37a87
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-dri-dbg_4.3.0.dfsg.1-14sarge4_alpha.deb
Size/MD5 checksum: 33948052 58f1da513a5c267c6597efc19466b130
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl_4.3.0.dfsg.1-14sarge4_alpha.deb
Size/MD5 checksum: 351116 5184250018192b80b4d09e24ae0f96fc
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl-dbg_4.3.0.dfsg.1-14sarge4_alpha.deb
Size/MD5 checksum: 1339534 abc46934dea4b20c63e577f6974ca8f7
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl-dev_4.3.0.dfsg.1-14sarge4_alpha.deb
Size/MD5 checksum: 816672 9031709350853f211428feb2802354da
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu_4.3.0.dfsg.1-14sarge4_alpha.deb
Size/MD5 checksum: 393160 6322d814900e1eda70a70e08aded0051
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu-dbg_4.3.0.dfsg.1-14sarge4_alpha.deb
Size/MD5 checksum: 1150632 ce6676e1d7b13f8a28d95ee787e19fd2
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu-dev_4.3.0.dfsg.1-14sarge4_alpha.deb
Size/MD5 checksum: 537396 958d4ec3a45f1bc1effa47a358368472
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa3_4.3.0.dfsg.1-14sarge4_alpha.deb
Size/MD5 checksum: 158482 d5382eb6f50ba085a7cf15e352e85910
http://security.debian.org/pool/updates/main/x/xfree86/xlibosmesa-dev_4.3.0.dfsg.1-14sarge4_alpha.deb
Size/MD5 checksum: 1007052 601156a062591921fa46a3212a868ac8
http://security.debian.org/pool/updates/main/x/xfree86/xlibosmesa4_4.3.0.dfsg.1-14sarge4_alpha.deb
Size/MD5 checksum: 811486 8b324588f46711216a44ece926bdcc2d
http://security.debian.org/pool/updates/main/x/xfree86/xlibosmesa4-dbg_4.3.0.dfsg.1-14sarge4_alpha.deb
Size/MD5 checksum: 4640908 2688e37b3f3ad30257e74afd5ee95310
http://security.debian.org/pool/updates/main/x/xfree86/xlibs-static-dev_4.3.0.dfsg.1-14sarge4_alpha.deb
Size/MD5 checksum: 1114488 77e08891ea808d8869350f8329852d43
http://security.debian.org/pool/updates/main/x/xfree86/xlibs-static-pic_4.3.0.dfsg.1-14sarge4_alpha.deb
Size/MD5 checksum: 490082 8d3580ee576dc319be0ce3681706c9a9
http://security.debian.org/pool/updates/main/x/xfree86/xmh_4.3.0.dfsg.1-14sarge4_alpha.deb
Size/MD5 checksum: 246932 61777c7301c1d3ddc00e8acdc3c0bb2f
http://security.debian.org/pool/updates/main/x/xfree86/xnest_4.3.0.dfsg.1-14sarge4_alpha.deb
Size/MD5 checksum: 2088768 28613cf2d2f1bc5c0c12c22e68e9878c
http://security.debian.org/pool/updates/main/x/xfree86/xserver-common_4.3.0.dfsg.1-14sarge4_alpha.deb
Size/MD5 checksum: 331698 39f4331d0c561f6e5aff79af12be34d7
http://security.debian.org/pool/updates/main/x/xfree86/xserver-xfree86_4.3.0.dfsg.1-14sarge4_alpha.deb
Size/MD5 checksum: 6595862 5cdcc2dd8744fd0cc46d27de86c66665
http://security.debian.org/pool/updates/main/x/xfree86/xserver-xfree86-dbg_4.3.0.dfsg.1-14sarge4_alpha.deb
Size/MD5 checksum: 45036960 2969cb0a57378f06b4519b2cd839478d
http://security.debian.org/pool/updates/main/x/xfree86/xterm_4.3.0.dfsg.1-14sarge4_alpha.deb
Size/MD5 checksum: 550006 eca34c5b462dcce8dd12e7da120d5159
http://security.debian.org/pool/updates/main/x/xfree86/xutils_4.3.0.dfsg.1-14sarge4_alpha.deb
Size/MD5 checksum: 1033800 744333bde498149283ae7d7af7d7f460
http://security.debian.org/pool/updates/main/x/xfree86/xvfb_4.3.0.dfsg.1-14sarge4_alpha.deb
Size/MD5 checksum: 2271050 c10ec9d6fefb6b5d1f6d429024e1e833
http://security.debian.org/pool/updates/main/r/rdesktop/rdesktop_1.4.0-2sarge1_alpha.deb
Size/MD5 checksum: 148190 50852b7df4448215e4d3ec188f9ca24e
AMD64 architecture:
http://security.debian.org/pool/updates/main/x/xfree86/lbxproxy_4.3.0.dfsg.1-14sarge4_amd64.deb
Size/MD5 checksum: 262298 1ce19c8bd9baef60202cd3a97ef520dc
http://security.debian.org/pool/updates/main/x/xfree86/libdps-dev_4.3.0.dfsg.1-14sarge4_amd64.deb
Size/MD5 checksum: 367224 848b9949b6ff456b4543ff3579edba4c
http://security.debian.org/pool/updates/main/x/xfree86/libdps1_4.3.0.dfsg.1-14sarge4_amd64.deb
Size/MD5 checksum: 299272 3491bfc3583d440511b0bd8687d9843f
http://security.debian.org/pool/updates/main/x/xfree86/libdps1-dbg_4.3.0.dfsg.1-14sarge4_amd64.deb
Size/MD5 checksum: 798094 3cda9b3a44c3445a418567f2c19007eb
http://security.debian.org/pool/updates/main/x/xfree86/libice-dev_4.3.0.dfsg.1-14sarge4_amd64.deb
Size/MD5 checksum: 209850 58c642bc21913976fed73c4611e63120
http://security.debian.org/pool/updates/main/x/xfree86/libice6_4.3.0.dfsg.1-14sarge4_amd64.deb
Size/MD5 checksum: 205372 1c7e44bf812e2d336f13103253c45545
http://security.debian.org/pool/updates/main/x/xfree86/libice6-dbg_4.3.0.dfsg.1-14sarge4_amd64.deb
Size/MD5 checksum: 288966 0fd8fdd5b67911693c9ff03f589e3e1d
http://security.debian.org/pool/updates/main/x/xfree86/libsm-dev_4.3.0.dfsg.1-14sarge4_amd64.deb
Size/MD5 checksum: 178436 cdaebc2f0a0bab775d04cd8f603a1b0c
http://security.debian.org/pool/updates/main/x/xfree86/libsm6_4.3.0.dfsg.1-14sarge4_amd64.deb
Size/MD5 checksum: 183446 7fcd4b47cc4e44983b8103e202faebcb
http://security.debian.org/pool/updates/main/x/xfree86/libsm6-dbg_4.3.0.dfsg.1-14sarge4_amd64.deb
Size/MD5 checksum: 207798 37d7f9a57604895952f6cd07712be13a
http://security.debian.org/pool/updates/main/x/xfree86/libx11-6_4.3.0.dfsg.1-14sarge4_amd64.deb
Size/MD5 checksum: 749416 36e10229fd2ed52bfc595c8b708fdb71
http://security.debian.org/pool/updates/main/x/xfree86/libx11-6-dbg_4.3.0.dfsg.1-14sarge4_amd64.deb
Size/MD5 checksum: 9651358 c0b4dd4d11d8ac6ebe249338b3ce1d74
http://security.debian.org/pool/updates/main/x/xfree86/libx11-dev_4.3.0.dfsg.1-14sarge4_amd64.deb
Size/MD5 checksum: 1421668 0f0093d5081ad93c1154d9e4cae3ce2d
http://security.debian.org/pool/updates/main/x/xfree86/libxaw6_4.3.0.dfsg.1-14sarge4_amd64.deb
Size/MD5 checksum: 295162 c0161225e5f92dd930b8c2f582acc80c
http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dbg_4.3.0.dfsg.1-14sarge4_amd64.deb
Size/MD5 checksum: 903762 f48cf6f781708a7eb7b309cd823b2877
http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dev_4.3.0.dfsg.1-14sarge4_amd64.deb
Size/MD5 checksum: 440728 5c9d6a694d0bd09f6be2f32c97eac671
http://security.debian.org/pool/updates/main/x/xfree86/libxaw7_4.3.0.dfsg.1-14sarge4_amd64.deb
Size/MD5 checksum: 350892 67fcc3ec3099427d4767c6e4427a9391
http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dbg_4.3.0.dfsg.1-14sarge4_amd64.deb
Size/MD5 checksum: 1044460 00f7bed4c6bf4bfe2228495826e6f4ed
http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dev_4.3.0.dfsg.1-14sarge4_amd64.deb
Size/MD5 checksum: 440628 701b3a51c651e67b7e2c18e11e30458d
http://security.debian.org/pool/updates/main/x/xfree86/libxext-dev_4.3.0.dfsg.1-14sarge4_amd64.deb
Size/MD5 checksum: 251400 ef31c9173b291ac5d78348a840674f79
http://security.debian.org/pool/updates/main/x/xfree86/libxext6_4.3.0.dfsg.1-14sarge4_amd64.deb
Size/MD5 checksum: 191154 36f3fe9c393cb0ce2dcf5730b0107613
http://security.debian.org/pool/updates/main/x/xfree86/libxext6-dbg_4.3.0.dfsg.1-14sarge4_amd64.deb
Size/MD5 checksum: 512612 3dee7413902951b2a7dd383bae5f0d69
http://security.debian.org/pool/updates/main/x/xfree86/libxft1_4.3.0.dfsg.1-14sarge4_amd64.deb
Size/MD5 checksum: 192936 b64eb7b1d740d0b107215b291184d7cd
http://security.debian.org/pool/updates/main/x/xfree86/libxft1-dbg_4.3.0.dfsg.1-14sarge4_amd64.deb
Size/MD5 checksum: 476486 92c4f49830414e0dc0341a7ab9efee24
http://security.debian.org/pool/updates/main/x/xfree86/libxi-dev_4.3.0.dfsg.1-14sarge4_amd64.deb
Size/MD5 checksum: 233066 4a1a67f6d6bbf17baa360d4fe3d2de6f
http://security.debian.org/pool/updates/main/x/xfree86/libxi6_4.3.0.dfsg.1-14sarge4_amd64.deb
Size/MD5 checksum: 180474 4f4e2522cb226dfa17d5ba9b0d40e926
http://security.debian.org/pool/updates/main/x/xfree86/libxi6-dbg_4.3.0.dfsg.1-14sarge4_amd64.deb
Size/MD5 checksum: 1168298 32785a1d0229c721785082055b4fe145
http://security.debian.org/pool/updates/main/x/xfree86/libxmu-dev_4.3.0.dfsg.1-14sarge4_amd64.deb
Size/MD5 checksum: 226012 7199fab356a9c6381c0a1119bfe52e98
http://security.debian.org/pool/updates/main/x/xfree86/libxmu6_4.3.0.dfsg.1-14sarge4_amd64.deb
Size/MD5 checksum: 212288 6c78ac6ec10145825238b283d4a8ad62
http://security.debian.org/pool/updates/main/x/xfree86/libxmu6-dbg_4.3.0.dfsg.1-14sarge4_amd64.deb
Size/MD5 checksum: 662854 45c8aa47be60747fdebe6c34845b707e
http://security.debian.org/pool/updates/main/x/xfree86/libxmuu-dev_4.3.0.dfsg.1-14sarge4_amd64.deb
Size/MD5 checksum: 163456 85bd979736e1119dbe5c73d420d83013
http://security.debian.org/pool/updates/main/x/xfree86/libxmuu1_4.3.0.dfsg.1-14sarge4_amd64.deb
Size/MD5 checksum: 172100 4f4301a328b952ef0566b8d7c43b1c40
http://security.debian.org/pool/updates/main/x/xfree86/libxmuu1-dbg_4.3.0.dfsg.1-14sarge4_amd64.deb
Size/MD5 checksum: 208938 0ddf06170b98d7f0f0d7dd8932bb1867
http://security.debian.org/pool/updates/main/x/xfree86/libxp-dev_4.3.0.dfsg.1-14sarge4_amd64.deb
Size/MD5 checksum: 181560 4cf60ff4d472ca7ddac86633e4acfeec
http://security.debian.org/pool/updates/main/x/xfree86/libxp6_4.3.0.dfsg.1-14sarge4_amd64.deb
Size/MD5 checksum: 180494 45e08ffa571b1b67b08a0d5c2d75e285
http://security.debian.org/pool/updates/main/x/xfree86/libxp6-dbg_4.3.0.dfsg.1-14sarge4_amd64.deb
Size/MD5 checksum: 569452 3569f24efe2174038b829d5d05f1dc82
http://security.debian.org/pool/updates/main/x/xfree86/libxpm-dev_4.3.0.dfsg.1-14sarge4_amd64.deb
Size/MD5 checksum: 197926 85b5527de1a09c351b03f4018a64b406
http://security.debian.org/pool/updates/main/x/xfree86/libxpm4_4.3.0.dfsg.1-14sarge4_amd64.deb
Size/MD5 checksum: 197300 065147ca72c7a3364f450c8c781fab26
http://security.debian.org/pool/updates/main/x/xfree86/libxpm4-dbg_4.3.0.dfsg.1-14sarge4_amd64.deb
Size/MD5 checksum: 247486 9c213618f78a041491f76de00c2577a7
http://security.debian.org/pool/updates/main/x/xfree86/libxrandr-dev_4.3.0.dfsg.1-14sarge4_amd64.deb
Size/MD5 checksum: 171968 c7e9e49de0cb61453be5ffc2aa94e74d
http://security.debian.org/pool/updates/main/x/xfree86/libxrandr2_4.3.0.dfsg.1-14sarge4_amd64.deb
Size/MD5 checksum: 172104 4ead3bfa45d1ca8957e5e10c1de03653
http://security.debian.org/pool/updates/main/x/xfree86/libxrandr2-dbg_4.3.0.dfsg.1-14sarge4_amd64.deb
Size/MD5 checksum: 201308 bb9e5c557e50a45930b680b8f6468806
http://security.debian.org/pool/updates/main/x/xfree86/libxt-dev_4.3.0.dfsg.1-14sarge4_amd64.deb
Size/MD5 checksum: 644166 a10f0657d008a8f086b07eed9706b041
http://security.debian.org/pool/updates/main/x/xfree86/libxt6_4.3.0.dfsg.1-14sarge4_amd64.deb
Size/MD5 checksum: 346064 7ebef79c15df3c822cfc57ab443ee315
http://security.debian.org/pool/updates/main/x/xfree86/libxt6-dbg_4.3.0.dfsg.1-14sarge4_amd64.deb
Size/MD5 checksum: 1552102 7ba29d766762336706712893e21f8fbf
http://security.debian.org/pool/updates/main/x/xfree86/libxtrap-dev_4.3.0.dfsg.1-14sarge4_amd64.deb
Size/MD5 checksum: 187202 1a1c28f352c671bc5437e52158c058f1
http://security.debian.org/pool/updates/main/x/xfree86/libxtrap6_4.3.0.dfsg.1-14sarge4_amd64.deb
Size/MD5 checksum: 182508 e8edde7b41222fcb15b5c68a148a805b
http://security.debian.org/pool/updates/main/x/xfree86/libxtrap6-dbg_4.3.0.dfsg.1-14sarge4_amd64.deb
Size/MD5 checksum: 413140 e55e37fe1e0224a6d225e88fbafc9607
http://security.debian.org/pool/updates/main/x/xfree86/libxtst-dev_4.3.0.dfsg.1-14sarge4_amd64.deb
Size/MD5 checksum: 171912 e4d12ec69ebb49ad62d987505704f967
http://security.debian.org/pool/updates/main/x/xfree86/libxtst6_4.3.0.dfsg.1-14sarge4_amd64.deb
Size/MD5 checksum: 175416 5c6da5160e9441d30e0869817ef15509
http://security.debian.org/pool/updates/main/x/xfree86/libxtst6-dbg_4.3.0.dfsg.1-14sarge4_amd64.deb
Size/MD5 checksum: 237626 4655e7033b095f39dec9884ae45aa832
http://security.debian.org/pool/updates/main/x/xfree86/libxv-dev_4.3.0.dfsg.1-14sarge4_amd64.deb
Size/MD5 checksum: 191668 b091ea03ff5acbf27f0e0b7a74bdf929
http://security.debian.org/pool/updates/main/x/xfree86/libxv1_4.3.0.dfsg.1-14sarge4_amd64.deb
Size/MD5 checksum: 173528 0350d13430157d5c86819cf928ff29ab
http://security.debian.org/pool/updates/main/x/xfree86/libxv1-dbg_4.3.0.dfsg.1-14sarge4_amd64.deb
Size/MD5 checksum: 204446 f7ebe443d878728a3637ab346c311a63
http://security.debian.org/pool/updates/main/x/xfree86/proxymngr_4.3.0.dfsg.1-14sarge4_amd64.deb
Size/MD5 checksum: 183666 4d2b4de0f1e4a77261b90d25eb770613
http://security.debian.org/pool/updates/main/x/xfree86/twm_4.3.0.dfsg.1-14sarge4_amd64.deb
Size/MD5 checksum: 277370 a8420df28b4d294f7bec2e104cd44279
http://security.debian.org/pool/updates/main/x/xfree86/x-window-system-core_4.3.0.dfsg.1-14sarge4_amd64.deb
Size/MD5 checksum: 158794 f8a1514fdca77984512353d0b5d1f420
http://security.debian.org/pool/updates/main/x/xfree86/x-window-system-dev_4.3.0.dfsg.1-14sarge4_amd64.deb
Size/MD5 checksum: 158848 2a03cd93698571c4a13512ca990a8db2
http://security.debian.org/pool/updates/main/x/xfree86/xbase-clients_4.3.0.dfsg.1-14sarge4_amd64.deb
Size/MD5 checksum: 2083786 97d1d4ebd6a452a2ff83928bedbb31d6
http://security.debian.org/pool/updates/main/x/xfree86/xdm_4.3.0.dfsg.1-14sarge4_amd64.deb
Size/MD5 checksum: 318224 59a6e966e6e49595101e733479eea356
http://security.debian.org/pool/updates/main/x/xfree86/xfs_4.3.0.dfsg.1-14sarge4_amd64.deb
Size/MD5 checksum: 516518 2124d855e582ef5e2012daab5a8a600a
http://security.debian.org/pool/updates/main/x/xfree86/xfwp_4.3.0.dfsg.1-14sarge4_amd64.deb
Size/MD5 checksum: 182408 7ce0f38da0445d6a68b41542f655ac43
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-dri_4.3.0.dfsg.1-14sarge4_amd64.deb
Size/MD5 checksum: 4202892 fdef8312cf8f94710eb818f21f3bd52c
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-dri-dbg_4.3.0.dfsg.1-14sarge4_amd64.deb
Size/MD5 checksum: 38018732 a168452b292cf7ec130e13c2930e6ddf
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl_4.3.0.dfsg.1-14sarge4_amd64.deb
Size/MD5 checksum: 333556 d64d8c6d1bb0e5f979a38b5538f5762c
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl-dbg_4.3.0.dfsg.1-14sarge4_amd64.deb
Size/MD5 checksum: 1316908 f8accdf7495d3f03842f03d4c4f069bd
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl-dev_4.3.0.dfsg.1-14sarge4_amd64.deb
Size/MD5 checksum: 735302 e548bb1b381140f6a5133c491178df6d
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu_4.3.0.dfsg.1-14sarge4_amd64.deb
Size/MD5 checksum: 368324 730509f902394ab4534bc213ee093a71
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu-dbg_4.3.0.dfsg.1-14sarge4_amd64.deb
Size/MD5 checksum: 1122710 7dad7f9fd6f9910d73c9df4ecaa16c6c
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu-dev_4.3.0.dfsg.1-14sarge4_amd64.deb
Size/MD5 checksum: 460486 339cb1301a8dcc4bca57539c4a7d9c24
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa3_4.3.0.dfsg.1-14sarge4_amd64.deb
Size/MD5 checksum: 158598 457cb5b6103df84a88c06f618cfdb9ab
http://security.debian.org/pool/updates/main/x/xfree86/xlibosmesa-dev_4.3.0.dfsg.1-14sarge4_amd64.deb
Size/MD5 checksum: 789176 422bc34409184b39cb3f224954e2a50a
http://security.debian.org/pool/updates/main/x/xfree86/xlibosmesa4_4.3.0.dfsg.1-14sarge4_amd64.deb
Size/MD5 checksum: 686604 393409c039840d0b0757d82f843e3ade
http://security.debian.org/pool/updates/main/x/xfree86/xlibosmesa4-dbg_4.3.0.dfsg.1-14sarge4_amd64.deb
Size/MD5 checksum: 4489970 b8e7dcf3952f41fb2812905ffc561f7d
http://security.debian.org/pool/updates/main/x/xfree86/xlibs-static-dev_4.3.0.dfsg.1-14sarge4_amd64.deb
Size/MD5 checksum: 889632 e0b5d43013c6bc904f40026dd3c06712
http://security.debian.org/pool/updates/main/x/xfree86/xlibs-static-pic_4.3.0.dfsg.1-14sarge4_amd64.deb
Size/MD5 checksum: 400280 4e16b740df809e4ca7a02b971a251d4c
http://security.debian.org/pool/updates/main/x/xfree86/xmh_4.3.0.dfsg.1-14sarge4_amd64.deb
Size/MD5 checksum: 236366 3c314ad0880bcee610a3e37f634b744e
http://security.debian.org/pool/updates/main/x/xfree86/xnest_4.3.0.dfsg.1-14sarge4_amd64.deb
Size/MD5 checksum: 1620482 f703f2c8e36bdf4cc943b3abe563421a
http://security.debian.org/pool/updates/main/x/xfree86/xserver-common_4.3.0.dfsg.1-14sarge4_amd64.deb
Size/MD5 checksum: 337152 a8751e299ee2bc2fe354fd82bc4a01f3
http://security.debian.org/pool/updates/main/x/xfree86/xserver-xfree86_4.3.0.dfsg.1-14sarge4_amd64.deb
Size/MD5 checksum: 5695770 e1de32c84f307dffe6c64100b38525ce
http://security.debian.org/pool/updates/main/x/xfree86/xserver-xfree86-dbg_4.3.0.dfsg.1-14sarge4_amd64.deb
Size/MD5 checksum: 6039138 6e451f23e2b38b6c4f9fe1b9d65a62be
http://security.debian.org/pool/updates/main/x/xfree86/xterm_4.3.0.dfsg.1-14sarge4_amd64.deb
Size/MD5 checksum: 521528 9e2ad4fda8330b388f5efb0cb59c4d5d
http://security.debian.org/pool/updates/main/x/xfree86/xutils_4.3.0.dfsg.1-14sarge4_amd64.deb
Size/MD5 checksum: 962224 0380eefc014116e02bcea08a187d3bb6
http://security.debian.org/pool/updates/main/x/xfree86/xvfb_4.3.0.dfsg.1-14sarge4_amd64.deb
Size/MD5 checksum: 1763954 d099a99b9f35f7c2a92fba27851f1c41
http://security.debian.org/pool/updates/main/r/rdesktop/rdesktop_1.4.0-2sarge1_amd64.deb
Size/MD5 checksum: 103960 e10dc9a0c018be14c3941d097e61a263
ARM architecture:
http://security.debian.org/pool/updates/main/x/xfree86/lbxproxy_4.3.0.dfsg.1-14sarge4_arm.deb
Size/MD5 checksum: 254506 c4bfe2b890b7f1aa92a6ea50c8fda17d
http://security.debian.org/pool/updates/main/x/xfree86/libdps-dev_4.3.0.dfsg.1-14sarge4_arm.deb
Size/MD5 checksum: 353848 d83d9bea399500268bda162ee4d4d7f9
http://security.debian.org/pool/updates/main/x/xfree86/libdps1_4.3.0.dfsg.1-14sarge4_arm.deb
Size/MD5 checksum: 274282 b6b25b1e771e3a003c3ffd2665dfaf7c
http://security.debian.org/pool/updates/main/x/xfree86/libdps1-dbg_4.3.0.dfsg.1-14sarge4_arm.deb
Size/MD5 checksum: 778514 1aaba6276196c2965031048943a106de
http://security.debian.org/pool/updates/main/x/xfree86/libice-dev_4.3.0.dfsg.1-14sarge4_arm.deb
Size/MD5 checksum: 208310 93bed067f155c25a867a36f228b280be
http://security.debian.org/pool/updates/main/x/xfree86/libice6_4.3.0.dfsg.1-14sarge4_arm.deb
Size/MD5 checksum: 200248 b8a08cb43eed69036fa08f885785df01
http://security.debian.org/pool/updates/main/x/xfree86/libice6-dbg_4.3.0.dfsg.1-14sarge4_arm.deb
Size/MD5 checksum: 285400 94e59aa1305da66cd82e7cd736b4eec9
http://security.debian.org/pool/updates/main/x/xfree86/libsm-dev_4.3.0.dfsg.1-14sarge4_arm.deb
Size/MD5 checksum: 177720 fe578cfb4393d969205552b9904f0eb8
http://security.debian.org/pool/updates/main/x/xfree86/libsm6_4.3.0.dfsg.1-14sarge4_arm.deb
Size/MD5 checksum: 180490 45723695fe5e39496c503a4716f47cec
http://security.debian.org/pool/updates/main/x/xfree86/libsm6-dbg_4.3.0.dfsg.1-14sarge4_arm.deb
Size/MD5 checksum: 204986 6b5f5c883b10d0df4e36da876684519b
http://security.debian.org/pool/updates/main/x/xfree86/libx11-6_4.3.0.dfsg.1-14sarge4_arm.deb
Size/MD5 checksum: 708938 c7a004360821b10f119b823925f7b4d0
http://security.debian.org/pool/updates/main/x/xfree86/libx11-6-dbg_4.3.0.dfsg.1-14sarge4_arm.deb
Size/MD5 checksum: 9661608 ad3f42ed447f33881c2a85dfa26c3ed8
http://security.debian.org/pool/updates/main/x/xfree86/libx11-dev_4.3.0.dfsg.1-14sarge4_arm.deb
Size/MD5 checksum: 1411312 8aaa1222ce69df4f196e85fad581bbdb
http://security.debian.org/pool/updates/main/x/xfree86/libxaw6_4.3.0.dfsg.1-14sarge4_arm.deb
Size/MD5 checksum: 283694 8bacc834c0bc7f647db4b730fde8601b
http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dbg_4.3.0.dfsg.1-14sarge4_arm.deb
Size/MD5 checksum: 894954 0e6d96ba308fe7899384736e3028406a
http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dev_4.3.0.dfsg.1-14sarge4_arm.deb
Size/MD5 checksum: 437716 9142fbf29b65c4df6f6cdc31a02609fc
http://security.debian.org/pool/updates/main/x/xfree86/libxaw7_4.3.0.dfsg.1-14sarge4_arm.deb
Size/MD5 checksum: 335288 e375c507a70b653c95f5df809651e349
http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dbg_4.3.0.dfsg.1-14sarge4_arm.deb
Size/MD5 checksum: 1029416 7fd74f1c7842bf34e75ffd4d1748a920
http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dev_4.3.0.dfsg.1-14sarge4_arm.deb
Size/MD5 checksum: 437618 a5fdf7dc60012ab80d091d6b86aa7921
http://security.debian.org/pool/updates/main/x/xfree86/libxext-dev_4.3.0.dfsg.1-14sarge4_arm.deb
Size/MD5 checksum: 254630 654f145f734a4ec8dac276b77b8c5c0e
http://security.debian.org/pool/updates/main/x/xfree86/libxext6_4.3.0.dfsg.1-14sarge4_arm.deb
Size/MD5 checksum: 188842 ca9cbf1890dcd8be553056e006fb9188
http://security.debian.org/pool/updates/main/x/xfree86/libxext6-dbg_4.3.0.dfsg.1-14sarge4_arm.deb
Size/MD5 checksum: 511660 0cbc8f25a45a380fcd7024a3182ca035
http://security.debian.org/pool/updates/main/x/xfree86/libxft1_4.3.0.dfsg.1-14sarge4_arm.deb
Size/MD5 checksum: 189158 28074b2cac5f6d2567a07838adf5ddd9
http://security.debian.org/pool/updates/main/x/xfree86/libxft1-dbg_4.3.0.dfsg.1-14sarge4_arm.deb
Size/MD5 checksum: 471094 6e7bb9a3985f5d78d5923b889c46c82c
http://security.debian.org/pool/updates/main/x/xfree86/libxi-dev_4.3.0.dfsg.1-14sarge4_arm.deb
Size/MD5 checksum: 233430 995db9bfc5b8db3e1af233263d63c237
http://security.debian.org/pool/updates/main/x/xfree86/libxi6_4.3.0.dfsg.1-14sarge4_arm.deb
Size/MD5 checksum: 179462 93ecb7bd10f52380b29ca88a18cd3855
http://security.debian.org/pool/updates/main/x/xfree86/libxi6-dbg_4.3.0.dfsg.1-14sarge4_arm.deb
Size/MD5 checksum: 1172306 6510aa4bc254dc1aaf4a718d6ade928d
http://security.debian.org/pool/updates/main/x/xfree86/libxmu-dev_4.3.0.dfsg.1-14sarge4_arm.deb
Size/MD5 checksum: 223670 a845d16a971ce1cf0bf4a62224a9fbda
http://security.debian.org/pool/updates/main/x/xfree86/libxmu6_4.3.0.dfsg.1-14sarge4_arm.deb
Size/MD5 checksum: 208072 908593679b7fc7e8da53b8c034fcb3c1
http://security.debian.org/pool/updates/main/x/xfree86/libxmu6-dbg_4.3.0.dfsg.1-14sarge4_arm.deb
Size/MD5 checksum: 664842 71c12addab4acafb4564f181cd57eff7
http://security.debian.org/pool/updates/main/x/xfree86/libxmuu-dev_4.3.0.dfsg.1-14sarge4_arm.deb
Size/MD5 checksum: 163218 04f22173f8dbf2330514507150dfda2a
http://security.debian.org/pool/updates/main/x/xfree86/libxmuu1_4.3.0.dfsg.1-14sarge4_arm.deb
Size/MD5 checksum: 171618 fe9c60b4d8ce2b6496bb9d922e54ddfc
http://security.debian.org/pool/updates/main/x/xfree86/libxmuu1-dbg_4.3.0.dfsg.1-14sarge4_arm.deb
Size/MD5 checksum: 208674 83f13a1c2d164a7298878766f2d735c7
http://security.debian.org/pool/updates/main/x/xfree86/libxp-dev_4.3.0.dfsg.1-14sarge4_arm.deb
Size/MD5 checksum: 181310 c95d79bfb7fd207f4d90622d3d8c3071
http://security.debian.org/pool/updates/main/x/xfree86/libxp6_4.3.0.dfsg.1-14sarge4_arm.deb
Size/MD5 checksum: 178266 5001d9e620dd228aadff0f7dab2dd942
http://security.debian.org/pool/updates/main/x/xfree86/libxp6-dbg_4.3.0.dfsg.1-14sarge4_arm.deb
Size/MD5 checksum: 567858 97d087ed756b6c6fcda1a66be9da8095
http://security.debian.org/pool/updates/main/x/xfree86/libxpm-dev_4.3.0.dfsg.1-14sarge4_arm.deb
Size/MD5 checksum: 198280 462db4041e1ca77b658bdd6ca22808d9
http://security.debian.org/pool/updates/main/x/xfree86/libxpm4_4.3.0.dfsg.1-14sarge4_arm.deb
Size/MD5 checksum: 194454 2e989bd9bf07a72a21a313bd7fbf9d46
http://security.debian.org/pool/updates/main/x/xfree86/libxpm4-dbg_4.3.0.dfsg.1-14sarge4_arm.deb
Size/MD5 checksum: 243848 b676a5b4b52aad00cae35996a99293f3
http://security.debian.org/pool/updates/main/x/xfree86/libxrandr-dev_4.3.0.dfsg.1-14sarge4_arm.deb
Size/MD5 checksum: 172170 11b217f5e995f7beb31c047545c33abb
http://security.debian.org/pool/updates/main/x/xfree86/libxrandr2_4.3.0.dfsg.1-14sarge4_arm.deb
Size/MD5 checksum: 171718 7f71e6890619d9415c78dae14019866a
http://security.debian.org/pool/updates/main/x/xfree86/libxrandr2-dbg_4.3.0.dfsg.1-14sarge4_arm.deb
Size/MD5 checksum: 201068 766750858aabd3e4ca693ed92c7da7fd
http://security.debian.org/pool/updates/main/x/xfree86/libxt-dev_4.3.0.dfsg.1-14sarge4_arm.deb
Size/MD5 checksum: 645466 0f2f37d4f76e79aee71893595c289886
http://security.debian.org/pool/updates/main/x/xfree86/libxt6_4.3.0.dfsg.1-14sarge4_arm.deb
Size/MD5 checksum: 327336 aad47d15f3b07d709e3bfca61f90f695
http://security.debian.org/pool/updates/main/x/xfree86/libxt6-dbg_4.3.0.dfsg.1-14sarge4_arm.deb
Size/MD5 checksum: 1539196 220a5d415800dcbc9aa05928b95babea
http://security.debian.org/pool/updates/main/x/xfree86/libxtrap-dev_4.3.0.dfsg.1-14sarge4_arm.deb
Size/MD5 checksum: 185942 8a041e7c63ea5a48eeb87329af17931e
http://security.debian.org/pool/updates/main/x/xfree86/libxtrap6_4.3.0.dfsg.1-14sarge4_arm.deb
Size/MD5 checksum: 179524 490fdd28d4098f64fa080ca98124a150
http://security.debian.org/pool/updates/main/x/xfree86/libxtrap6-dbg_4.3.0.dfsg.1-14sarge4_arm.deb
Size/MD5 checksum: 413616 ed79f35c87fa43b63c5fa5a5bce10aa8
http://security.debian.org/pool/updates/main/x/xfree86/libxtst-dev_4.3.0.dfsg.1-14sarge4_arm.deb
Size/MD5 checksum: 173084 3a3b10c302b21e328d5c77c92a11d53c
http://security.debian.org/pool/updates/main/x/xfree86/libxtst6_4.3.0.dfsg.1-14sarge4_arm.deb
Size/MD5 checksum: 174796 22382068183a2f25fbb2630862fe6c03
http://security.debian.org/pool/updates/main/x/xfree86/libxtst6-dbg_4.3.0.dfsg.1-14sarge4_arm.deb
Size/MD5 checksum: 237432 2f9c7d966572c7c508bf1f4eb951eb18
http://security.debian.org/pool/updates/main/x/xfree86/libxv-dev_4.3.0.dfsg.1-14sarge4_arm.deb
Size/MD5 checksum: 192874 8a02b3523c09a5d20c25e2499c271ed0
http://security.debian.org/pool/updates/main/x/xfree86/libxv1_4.3.0.dfsg.1-14sarge4_arm.deb
Size/MD5 checksum: 172932 58f6c0989bccdf51646f6cc85a7ad3a1
http://security.debian.org/pool/updates/main/x/xfree86/libxv1-dbg_4.3.0.dfsg.1-14sarge4_arm.deb
Size/MD5 checksum: 204124 719091e4ca99073d68a83abc356dbac8
http://security.debian.org/pool/updates/main/x/xfree86/proxymngr_4.3.0.dfsg.1-14sarge4_arm.deb
Size/MD5 checksum: 181896 0281298f86d1734968f570ec266055c8
http://security.debian.org/pool/updates/main/x/xfree86/twm_4.3.0.dfsg.1-14sarge4_arm.deb
Size/MD5 checksum: 274086 32b425d803d2876474d59fd6095c18c9
http://security.debian.org/pool/updates/main/x/xfree86/x-window-system-core_4.3.0.dfsg.1-14sarge4_arm.deb
Size/MD5 checksum: 158788 9340b0647c7e0509f201b6030ba32e50
http://security.debian.org/pool/updates/main/x/xfree86/x-window-system-dev_4.3.0.dfsg.1-14sarge4_arm.deb
Size/MD5 checksum: 158834 c3b39287a06ec827f29ff2961a6e5f1d
http://security.debian.org/pool/updates/main/x/xfree86/xbase-clients_4.3.0.dfsg.1-14sarge4_arm.deb
Size/MD5 checksum: 1940412 a0311cf7769b8009f316dac534be27aa
http://security.debian.org/pool/updates/main/x/xfree86/xdm_4.3.0.dfsg.1-14sarge4_arm.deb
Size/MD5 checksum: 309434 4c18c2e9b31637ffa4638dcd15c5e33c
http://security.debian.org/pool/updates/main/x/xfree86/xfs_4.3.0.dfsg.1-14sarge4_arm.deb
Size/MD5 checksum: 500544 5b1adae68f8062db2b18595d791659ea
http://security.debian.org/pool/updates/main/x/xfree86/xfwp_4.3.0.dfsg.1-14sarge4_arm.deb
Size/MD5 checksum: 181030 02052edad72f025589d2267cf0c778c3
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl_4.3.0.dfsg.1-14sarge4_arm.deb
Size/MD5 checksum: 280888 3e2f8ee82d0cf25240bd591c81fe53d7
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl-dbg_4.3.0.dfsg.1-14sarge4_arm.deb
Size/MD5 checksum: 1191474 c4abbbb972e895d75ee0ced411ba18fd
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl-dev_4.3.0.dfsg.1-14sarge4_arm.deb
Size/MD5 checksum: 725146 fc5318a01d187d4b727c24ace68a241f
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu_4.3.0.dfsg.1-14sarge4_arm.deb
Size/MD5 checksum: 352390 46290e6b3b8fe147aa8d1c2fe1481f36
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu-dbg_4.3.0.dfsg.1-14sarge4_arm.deb
Size/MD5 checksum: 1098268 b79588bea1a524686b627b9eafcdadf2
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu-dev_4.3.0.dfsg.1-14sarge4_arm.deb
Size/MD5 checksum: 459654 1f6ae7b019a5a824ae17df9a80a85b52
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa3_4.3.0.dfsg.1-14sarge4_arm.deb
Size/MD5 checksum: 158588 5467c615528a5d4a9cfe3e76afef1464
http://security.debian.org/pool/updates/main/x/xfree86/xlibs-static-dev_4.3.0.dfsg.1-14sarge4_arm.deb
Size/MD5 checksum: 908824 ec265f126c7d0b2cef91918bee54e051
http://security.debian.org/pool/updates/main/x/xfree86/xlibs-static-pic_4.3.0.dfsg.1-14sarge4_arm.deb
Size/MD5 checksum: 409248 4224dfa3119d8d231192700e5eabfa2d
http://security.debian.org/pool/updates/main/x/xfree86/xmh_4.3.0.dfsg.1-14sarge4_arm.deb
Size/MD5 checksum: 226552 3e82b73d832d529c1a6b7e64ba98dfe5
http://security.debian.org/pool/updates/main/x/xfree86/xnest_4.3.0.dfsg.1-14sarge4_arm.deb
Size/MD5 checksum: 1558376 af2dd08ca667f05a447d7d0ffc8b667b
http://security.debian.org/pool/updates/main/x/xfree86/xserver-common_4.3.0.dfsg.1-14sarge4_arm.deb
Size/MD5 checksum: 336698 0482b56c7f71d5f044692dc3e70b51c2
http://security.debian.org/pool/updates/main/x/xfree86/xserver-xfree86_4.3.0.dfsg.1-14sarge4_arm.deb
Size/MD5 checksum: 5528280 3f47b74fbca3d0793b94d6c02ffbc6f2
http://security.debian.org/pool/updates/main/x/xfree86/xserver-xfree86-dbg_4.3.0.dfsg.1-14sarge4_arm.deb
Size/MD5 checksum: 43853336 8c79f42c0a5affa81581acdf66261171
http://security.debian.org/pool/updates/main/x/xfree86/xterm_4.3.0.dfsg.1-14sarge4_arm.deb
Size/MD5 checksum: 508736 68adff865be90604a977176c9cf2684c
http://security.debian.org/pool/updates/main/x/xfree86/xutils_4.3.0.dfsg.1-14sarge4_arm.deb
Size/MD5 checksum: 906628 cc7ffda09bf14ea886d48f3c9a6710be
http://security.debian.org/pool/updates/main/x/xfree86/xvfb_4.3.0.dfsg.1-14sarge4_arm.deb
Size/MD5 checksum: 1699656 d34c6bb37c3c5f0eb4b5bf822aa36b0f
http://security.debian.org/pool/updates/main/r/rdesktop/rdesktop_1.4.0-2sarge1_arm.deb
Size/MD5 checksum: 106868 7e645dba8d76959991e9c624caf76eeb
HP Precision architecture:
http://security.debian.org/pool/updates/main/x/xfree86/lbxproxy_4.3.0.dfsg.1-14sarge4_hppa.deb
Size/MD5 checksum: 264792 9424d7e1d21fb19a7bf3c31fd59c41a2
http://security.debian.org/pool/updates/main/x/xfree86/libdps-dev_4.3.0.dfsg.1-14sarge4_hppa.deb
Size/MD5 checksum: 372312 c91f48c32b473e0e162b6b1ca0806459
http://security.debian.org/pool/updates/main/x/xfree86/libdps1_4.3.0.dfsg.1-14sarge4_hppa.deb
Size/MD5 checksum: 306544 734eb14d0c2db80d2600986840e6ffa5
http://security.debian.org/pool/updates/main/x/xfree86/libdps1-dbg_4.3.0.dfsg.1-14sarge4_hppa.deb
Size/MD5 checksum: 813736 c84b6a4e597102ba4775f472f9aae439
http://security.debian.org/pool/updates/main/x/xfree86/libice-dev_4.3.0.dfsg.1-14sarge4_hppa.deb
Size/MD5 checksum: 212434 bbcd96bb00f58417f32ea4329953233c
http://security.debian.org/pool/updates/main/x/xfree86/libice6_4.3.0.dfsg.1-14sarge4_hppa.deb
Size/MD5 checksum: 206934 c765a54d65f4f7eff593c622c7a66835
http://security.debian.org/pool/updates/main/x/xfree86/libice6-dbg_4.3.0.dfsg.1-14sarge4_hppa.deb
Size/MD5 checksum: 290350 d6934062e7680076fa5204fb542919c8
http://security.debian.org/pool/updates/main/x/xfree86/libsm-dev_4.3.0.dfsg.1-14sarge4_hppa.deb
Size/MD5 checksum: 178552 2491a6cf3329a1b3e75050c93e422cfe
http://security.debian.org/pool/updates/main/x/xfree86/libsm6_4.3.0.dfsg.1-14sarge4_hppa.deb
Size/MD5 checksum: 183590 b6c26839f416745c82e35497730867c8
http://security.debian.org/pool/updates/main/x/xfree86/libsm6-dbg_4.3.0.dfsg.1-14sarge4_hppa.deb
Size/MD5 checksum: 207650 4de6cde4c6cbede4b5d22666ad941122
http://security.debian.org/pool/updates/main/x/xfree86/libx11-6_4.3.0.dfsg.1-14sarge4_hppa.deb
Size/MD5 checksum: 780302 6c521d1bdf4177266123eeebb59db7e0
http://security.debian.org/pool/updates/main/x/xfree86/libx11-6-dbg_4.3.0.dfsg.1-14sarge4_hppa.deb
Size/MD5 checksum: 9906326 bec9e8186d854168c96292f0cbcc2f30
http://security.debian.org/pool/updates/main/x/xfree86/libx11-dev_4.3.0.dfsg.1-14sarge4_hppa.deb
Size/MD5 checksum: 1443564 6f7cbc5293caba59f7d76eba36ae3b85
http://security.debian.org/pool/updates/main/x/xfree86/libxaw6_4.3.0.dfsg.1-14sarge4_hppa.deb
Size/MD5 checksum: 307060 1f3d61dc3d9552f1671b9850bb8b68ec
http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dbg_4.3.0.dfsg.1-14sarge4_hppa.deb
Size/MD5 checksum: 926814 2df67d8e37eea2f3982099958c7f58d5
http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dev_4.3.0.dfsg.1-14sarge4_hppa.deb
Size/MD5 checksum: 454834 0691f5a5e1241f1dab1896d38b30521e
http://security.debian.org/pool/updates/main/x/xfree86/libxaw7_4.3.0.dfsg.1-14sarge4_hppa.deb
Size/MD5 checksum: 367534 5858d24a08a0ae6a2a5584cd3e24ec34
http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dbg_4.3.0.dfsg.1-14sarge4_hppa.deb
Size/MD5 checksum: 1070688 889919869c53bbb0a4fa32f4f81643a9
http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dev_4.3.0.dfsg.1-14sarge4_hppa.deb
Size/MD5 checksum: 454720 471004c0aac198ea9fc5c38d1fc092eb
http://security.debian.org/pool/updates/main/x/xfree86/libxext-dev_4.3.0.dfsg.1-14sarge4_hppa.deb
Size/MD5 checksum: 253758 b424edc08b899316821c70525795ac44
http://security.debian.org/pool/updates/main/x/xfree86/libxext6_4.3.0.dfsg.1-14sarge4_hppa.deb
Size/MD5 checksum: 194058 2f7cdc4e84eaf340a7d1cbc3399e49bd
http://security.debian.org/pool/updates/main/x/xfree86/libxext6-dbg_4.3.0.dfsg.1-14sarge4_hppa.deb
Size/MD5 checksum: 524662 c41b8e84537da3673e6deb03a6b00ddf
http://security.debian.org/pool/updates/main/x/xfree86/libxft1_4.3.0.dfsg.1-14sarge4_hppa.deb
Size/MD5 checksum: 193438 8fa5c65cfc8e6d0fea7b698d071138f9
http://security.debian.org/pool/updates/main/x/xfree86/libxft1-dbg_4.3.0.dfsg.1-14sarge4_hppa.deb
Size/MD5 checksum: 482956 265fe13bcce21d770a6c6d597954f0ea
http://security.debian.org/pool/updates/main/x/xfree86/libxi-dev_4.3.0.dfsg.1-14sarge4_hppa.deb
Size/MD5 checksum: 233902 fb2f7de98c3f5b1e7430c535e54e7ddf
http://security.debian.org/pool/updates/main/x/xfree86/libxi6_4.3.0.dfsg.1-14sarge4_hppa.deb
Size/MD5 checksum: 182062 6dd46f3db2fa404bb522b135db426d96
http://security.debian.org/pool/updates/main/x/xfree86/libxi6-dbg_4.3.0.dfsg.1-14sarge4_hppa.deb
Size/MD5 checksum: 1202862 16284f5703bf36c82023c3f9d35835c3
http://security.debian.org/pool/updates/main/x/xfree86/libxmu-dev_4.3.0.dfsg.1-14sarge4_hppa.deb
Size/MD5 checksum: 230482 69af864210b495ecdf205cc503ab95a5
http://security.debian.org/pool/updates/main/x/xfree86/libxmu6_4.3.0.dfsg.1-14sarge4_hppa.deb
Size/MD5 checksum: 216180 b9cb762a3288b979cda8cba6469cdb33
http://security.debian.org/pool/updates/main/x/xfree86/libxmu6-dbg_4.3.0.dfsg.1-14sarge4_hppa.deb
Size/MD5 checksum: 684228 cedf92752aa08f4ce65fbfe96d2e3702
http://security.debian.org/pool/updates/main/x/xfree86/libxmuu-dev_4.3.0.dfsg.1-14sarge4_hppa.deb
Size/MD5 checksum: 164026 7f6e983d2bb07ba429c0a224574301b7
http://security.debian.org/pool/updates/main/x/xfree86/libxmuu1_4.3.0.dfsg.1-14sarge4_hppa.deb
Size/MD5 checksum: 172904 983a70b6e4b52541e6bb8b54ecd469bd
http://security.debian.org/pool/updates/main/x/xfree86/libxmuu1-dbg_4.3.0.dfsg.1-14sarge4_hppa.deb
Size/MD5 checksum: 210406 0d9c427d666629366d9d9a69fe498632
http://security.debian.org/pool/updates/main/x/xfree86/libxp-dev_4.3.0.dfsg.1-14sarge4_hppa.deb
Size/MD5 checksum: 182556 5b44f2ffb038758a013d0d86be46f736
http://security.debian.org/pool/updates/main/x/xfree86/libxp6_4.3.0.dfsg.1-14sarge4_hppa.deb
Size/MD5 checksum: 181626 e8d9d3e7ef2d9e4fd32d845df42b436d
http://security.debian.org/pool/updates/main/x/xfree86/libxp6-dbg_4.3.0.dfsg.1-14sarge4_hppa.deb
Size/MD5 checksum: 577962 75302d045e4147243434844eef3ab539
http://security.debian.org/pool/updates/main/x/xfree86/libxpm-dev_4.3.0.dfsg.1-14sarge4_hppa.deb
Size/MD5 checksum: 201518 6d1b92e93e4e3f9e1c180124280e3703
http://security.debian.org/pool/updates/main/x/xfree86/libxpm4_4.3.0.dfsg.1-14sarge4_hppa.deb
Size/MD5 checksum: 201996 db76f8d685d31e642f624dddf865a8d2
http://security.debian.org/pool/updates/main/x/xfree86/libxpm4-dbg_4.3.0.dfsg.1-14sarge4_hppa.deb
Size/MD5 checksum: 250654 256d02fb05d69adbf774cd9db296ce85
http://security.debian.org/pool/updates/main/x/xfree86/libxrandr-dev_4.3.0.dfsg.1-14sarge4_hppa.deb
Size/MD5 checksum: 172394 51fda3af7874e80bda0336b767b8ecfa
http://security.debian.org/pool/updates/main/x/xfree86/libxrandr2_4.3.0.dfsg.1-14sarge4_hppa.deb
Size/MD5 checksum: 172682 819c2b22b4a4d4f4e69e4c571a58683d
http://security.debian.org/pool/updates/main/x/xfree86/libxrandr2-dbg_4.3.0.dfsg.1-14sarge4_hppa.deb
Size/MD5 checksum: 202344 e6d067d3255b9c23fff4fc7f51c2608c
http://security.debian.org/pool/updates/main/x/xfree86/libxt-dev_4.3.0.dfsg.1-14sarge4_hppa.deb
Size/MD5 checksum: 665382 db08734e96056212e56d6f45c72b7b46
http://security.debian.org/pool/updates/main/x/xfree86/libxt6_4.3.0.dfsg.1-14sarge4_hppa.deb
Size/MD5 checksum: 358688 dda0a4e43071aa9fa663fae4acfeada8
http://security.debian.org/pool/updates/main/x/xfree86/libxt6-dbg_4.3.0.dfsg.1-14sarge4_hppa.deb
Size/MD5 checksum: 1569924 db27d054597116e63330d43b060f80e0
http://security.debian.org/pool/updates/main/x/xfree86/libxtrap-dev_4.3.0.dfsg.1-14sarge4_hppa.deb
Size/MD5 checksum: 187684 657c19f170c386aeccfcbe896de0f381
http://security.debian.org/pool/updates/main/x/xfree86/libxtrap6_4.3.0.dfsg.1-14sarge4_hppa.deb
Size/MD5 checksum: 182544 d628379cff2189fa57ca6276585752f4
http://security.debian.org/pool/updates/main/x/xfree86/libxtrap6-dbg_4.3.0.dfsg.1-14sarge4_hppa.deb
Size/MD5 checksum: 410980 e0d6fb0dcceea37d3bfd820392f7bc61
http://security.debian.org/pool/updates/main/x/xfree86/libxtst-dev_4.3.0.dfsg.1-14sarge4_hppa.deb
Size/MD5 checksum: 172844 8d041b5c14691c937dc5d97fff283c7f
http://security.debian.org/pool/updates/main/x/xfree86/libxtst6_4.3.0.dfsg.1-14sarge4_hppa.deb
Size/MD5 checksum: 176412 0f976b467fda140f96bc4d571cd1693d
http://security.debian.org/pool/updates/main/x/xfree86/libxtst6-dbg_4.3.0.dfsg.1-14sarge4_hppa.deb
Size/MD5 checksum: 239352 f6be64ed56faa4dfc2e0fb5e0989b83c
http://security.debian.org/pool/updates/main/x/xfree86/libxv-dev_4.3.0.dfsg.1-14sarge4_hppa.deb
Size/MD5 checksum: 192220 9a02c09b3c16ab073ac3c4bf46b7a212
http://security.debian.org/pool/updates/main/x/xfree86/libxv1_4.3.0.dfsg.1-14sarge4_hppa.deb
Size/MD5 checksum: 174108 cd9a6247282ed00294bab503e4c81dc8
http://security.debian.org/pool/updates/main/x/xfree86/libxv1-dbg_4.3.0.dfsg.1-14sarge4_hppa.deb
Size/MD5 checksum: 205572 57303e5edfc3a91f074cf354b1c4ada4
http://security.debian.org/pool/updates/main/x/xfree86/proxymngr_4.3.0.dfsg.1-14sarge4_hppa.deb
Size/MD5 checksum: 183914 015d754d01788c8d4a1780ea27a1126b
http://security.debian.org/pool/updates/main/x/xfree86/twm_4.3.0.dfsg.1-14sarge4_hppa.deb
Size/MD5 checksum: 279790 6c9e6d652a415222746a6c2a4146249e
http://security.debian.org/pool/updates/main/x/xfree86/x-window-system-core_4.3.0.dfsg.1-14sarge4_hppa.deb
Size/MD5 checksum: 158792 0a19e673ef1b669c9bd3160fb3dc183a
http://security.debian.org/pool/updates/main/x/xfree86/x-window-system-dev_4.3.0.dfsg.1-14sarge4_hppa.deb
Size/MD5 checksum: 158840 a8c4f30320308ba9ef0196b4dc2d60fd
http://security.debian.org/pool/updates/main/x/xfree86/xbase-clients_4.3.0.dfsg.1-14sarge4_hppa.deb
Size/MD5 checksum: 2117262 250a9d60ba2becb670327a9f78315610
http://security.debian.org/pool/updates/main/x/xfree86/xdm_4.3.0.dfsg.1-14sarge4_hppa.deb
Size/MD5 checksum: 317244 508110262fa2e49cf96cf9eb1ab6a0db
http://security.debian.org/pool/updates/main/x/xfree86/xfs_4.3.0.dfsg.1-14sarge4_hppa.deb
Size/MD5 checksum: 546534 892f8c24b7392fc642bf6c2486023ba1
http://security.debian.org/pool/updates/main/x/xfree86/xfwp_4.3.0.dfsg.1-14sarge4_hppa.deb
Size/MD5 checksum: 183002 3a4d3f2e8bb6c62501962d6592d6be10
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl_4.3.0.dfsg.1-14sarge4_hppa.deb
Size/MD5 checksum: 339374 059d5d64e82dc90a540a068b551d7258
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl-dbg_4.3.0.dfsg.1-14sarge4_hppa.deb
Size/MD5 checksum: 1261264 7c28a6385ec39831b777520533085a59
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl-dev_4.3.0.dfsg.1-14sarge4_hppa.deb
Size/MD5 checksum: 773180 d652cf318d2aaf08fb64c74fdc4c64d2
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu_4.3.0.dfsg.1-14sarge4_hppa.deb
Size/MD5 checksum: 403704 cd9201d2131b1ae8bc3cf9096b067c78
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu-dbg_4.3.0.dfsg.1-14sarge4_hppa.deb
Size/MD5 checksum: 1175934 e3d0d49bec1b29acb9aad2cc3d38a378
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu-dev_4.3.0.dfsg.1-14sarge4_hppa.deb
Size/MD5 checksum: 497318 21469a1bb347d03ea83c0130bc4820ec
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa3_4.3.0.dfsg.1-14sarge4_hppa.deb
Size/MD5 checksum: 158592 20258fd573b5a6e0ec0526cd7dbe2a6a
http://security.debian.org/pool/updates/main/x/xfree86/xlibs-static-dev_4.3.0.dfsg.1-14sarge4_hppa.deb
Size/MD5 checksum: 956362 40bf15e3f897bbb8ee8955f25a520189
http://security.debian.org/pool/updates/main/x/xfree86/xlibs-static-pic_4.3.0.dfsg.1-14sarge4_hppa.deb
Size/MD5 checksum: 422808 392e0cc23412a356d67fc07aa51bd4d0
http://security.debian.org/pool/updates/main/x/xfree86/xmh_4.3.0.dfsg.1-14sarge4_hppa.deb
Size/MD5 checksum: 237592 743bf913ab9198295e3c045ecbf70a2b
http://security.debian.org/pool/updates/main/x/xfree86/xnest_4.3.0.dfsg.1-14sarge4_hppa.deb
Size/MD5 checksum: 1803862 7aa09096087a983e7a16fd210e0c6901
http://security.debian.org/pool/updates/main/x/xfree86/xserver-common_4.3.0.dfsg.1-14sarge4_hppa.deb
Size/MD5 checksum: 337492 82807bc3b69b4efe86c0a3aea38b8527
http://security.debian.org/pool/updates/main/x/xfree86/xserver-xfree86_4.3.0.dfsg.1-14sarge4_hppa.deb
Size/MD5 checksum: 4100222 3ffb5b75498897f6a9a3aff0d05003d9
http://security.debian.org/pool/updates/main/x/xfree86/xserver-xfree86-dbg_4.3.0.dfsg.1-14sarge4_hppa.deb
Size/MD5 checksum: 45021232 ad2022b9e1413e5ed610b5307faacc60
http://security.debian.org/pool/updates/main/x/xfree86/xterm_4.3.0.dfsg.1-14sarge4_hppa.deb
Size/MD5 checksum: 530248 979dad322b0b9e1619758cd8d5d72f07
http://security.debian.org/pool/updates/main/x/xfree86/xutils_4.3.0.dfsg.1-14sarge4_hppa.deb
Size/MD5 checksum: 977232 1b525f046ce3fa3d84ff0bbd1c72b0b3
http://security.debian.org/pool/updates/main/x/xfree86/xvfb_4.3.0.dfsg.1-14sarge4_hppa.deb
Size/MD5 checksum: 1969386 ac1a2134a3afc4b680a31526ad220c5e
http://security.debian.org/pool/updates/main/r/rdesktop/rdesktop_1.4.0-2sarge1_hppa.deb
Size/MD5 checksum: 115866 a101d8b69db97092f3e52541be1460fa
Intel IA-32 architecture:
http://security.debian.org/pool/updates/main/x/xfree86/lbxproxy_4.3.0.dfsg.1-14sarge4_i386.deb
Size/MD5 checksum: 250230 3ad753c5bf9399dc00645876680e83be
http://security.debian.org/pool/updates/main/x/xfree86/libdps-dev_4.3.0.dfsg.1-14sarge4_i386.deb
Size/MD5 checksum: 342276 c1f9f7c6dcdd7153898727d128f58068
http://security.debian.org/pool/updates/main/x/xfree86/libdps1_4.3.0.dfsg.1-14sarge4_i386.deb
Size/MD5 checksum: 286150 81f15d2bc7f03b0a881d82565390f380
http://security.debian.org/pool/updates/main/x/xfree86/libdps1-dbg_4.3.0.dfsg.1-14sarge4_i386.deb
Size/MD5 checksum: 782768 c55920ea0f7d13e63d5061775f4943f0
http://security.debian.org/pool/updates/main/x/xfree86/libice-dev_4.3.0.dfsg.1-14sarge4_i386.deb
Size/MD5 checksum: 205356 b56681e15102a887507bf3285732cb67
http://security.debian.org/pool/updates/main/x/xfree86/libice6_4.3.0.dfsg.1-14sarge4_i386.deb
Size/MD5 checksum: 203514 4cd8e50adfffc863b0a3c0010dd5bf39
http://security.debian.org/pool/updates/main/x/xfree86/libice6-dbg_4.3.0.dfsg.1-14sarge4_i386.deb
Size/MD5 checksum: 286264 f2f54740eb60bc96eb7b39817e4fcfae
http://security.debian.org/pool/updates/main/x/xfree86/libsm-dev_4.3.0.dfsg.1-14sarge4_i386.deb
Size/MD5 checksum: 176718 832a20eec2a4c8d198421514f47767c4
http://security.debian.org/pool/updates/main/x/xfree86/libsm6_4.3.0.dfsg.1-14sarge4_i386.deb
Size/MD5 checksum: 181274 4e7a1ce300e1787728ae9c43b49842a9
http://security.debian.org/pool/updates/main/x/xfree86/libsm6-dbg_4.3.0.dfsg.1-14sarge4_i386.deb
Size/MD5 checksum: 205378 7f8ebdef0d31e6169d9cfd6fc2cc44ed
http://security.debian.org/pool/updates/main/x/xfree86/libx11-6_4.3.0.dfsg.1-14sarge4_i386.deb
Size/MD5 checksum: 725158 eb243b4a9e705f824e9b81ea9ce3f92a
http://security.debian.org/pool/updates/main/x/xfree86/libx11-6-dbg_4.3.0.dfsg.1-14sarge4_i386.deb
Size/MD5 checksum: 9600288 94eb5086f3528eecc740a6a5454dfafb
http://security.debian.org/pool/updates/main/x/xfree86/libx11-dev_4.3.0.dfsg.1-14sarge4_i386.deb
Size/MD5 checksum: 1358436 c46f41b1b294751ddd81fa325bf574fb
http://security.debian.org/pool/updates/main/x/xfree86/libxaw6_4.3.0.dfsg.1-14sarge4_i386.deb
Size/MD5 checksum: 285434 3ec944fb16f03ff2191815789b926885
http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dbg_4.3.0.dfsg.1-14sarge4_i386.deb
Size/MD5 checksum: 890614 5ccab68e345e79b9a5f87c24613ef434
http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dev_4.3.0.dfsg.1-14sarge4_i386.deb
Size/MD5 checksum: 414284 8fb663257fc2aec2637fd15e4f95207a
http://security.debian.org/pool/updates/main/x/xfree86/libxaw7_4.3.0.dfsg.1-14sarge4_i386.deb
Size/MD5 checksum: 338666 4ae310f5dd35bb1a5735c6a9937bc29d
http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dbg_4.3.0.dfsg.1-14sarge4_i386.deb
Size/MD5 checksum: 1025578 b67d080e9096b5488a9a67ffbc1b55db
http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dev_4.3.0.dfsg.1-14sarge4_i386.deb
Size/MD5 checksum: 414194 1398106e83b08b50a9c8bd86487858c2
http://security.debian.org/pool/updates/main/x/xfree86/libxext-dev_4.3.0.dfsg.1-14sarge4_i386.deb
Size/MD5 checksum: 246880 eec68ae5de683b31245a248ab7acd995
http://security.debian.org/pool/updates/main/x/xfree86/libxext6_4.3.0.dfsg.1-14sarge4_i386.deb
Size/MD5 checksum: 188456 bb2d50b4439ddb8fa6602c36893a7a70
http://security.debian.org/pool/updates/main/x/xfree86/libxext6-dbg_4.3.0.dfsg.1-14sarge4_i386.deb
Size/MD5 checksum: 507564 bc8514376d15899b530608ee6762e222
http://security.debian.org/pool/updates/main/x/xfree86/libxft1_4.3.0.dfsg.1-14sarge4_i386.deb
Size/MD5 checksum: 190786 de17e522a4a47b3c8594140b1c832042
http://security.debian.org/pool/updates/main/x/xfree86/libxft1-dbg_4.3.0.dfsg.1-14sarge4_i386.deb
Size/MD5 checksum: 469928 86e0dc5f50e01d92505ae4565665c457
http://security.debian.org/pool/updates/main/x/xfree86/libxi-dev_4.3.0.dfsg.1-14sarge4_i386.deb
Size/MD5 checksum: 231136 947c90d63fbb09a0435fa84a73800b18
http://security.debian.org/pool/updates/main/x/xfree86/libxi6_4.3.0.dfsg.1-14sarge4_i386.deb
Size/MD5 checksum: 179574 c040ea78299a4a77cbde6965487be65a
http://security.debian.org/pool/updates/main/x/xfree86/libxi6-dbg_4.3.0.dfsg.1-14sarge4_i386.deb
Size/MD5 checksum: 1166540 eeda20ce5fd4f83c098fda0fdd663e6f
http://security.debian.org/pool/updates/main/x/xfree86/libxmu-dev_4.3.0.dfsg.1-14sarge4_i386.deb
Size/MD5 checksum: 218400 5d475727a2de404128fdc25622d6a5c1
http://security.debian.org/pool/updates/main/x/xfree86/libxmu6_4.3.0.dfsg.1-14sarge4_i386.deb
Size/MD5 checksum: 209834 fa5a4db6f1de17988bdfed4e64d66f66
http://security.debian.org/pool/updates/main/x/xfree86/libxmu6-dbg_4.3.0.dfsg.1-14sarge4_i386.deb
Size/MD5 checksum: 660018 1a98de5deccf0642e85c5bbf44b158ec
http://security.debian.org/pool/updates/main/x/xfree86/libxmuu-dev_4.3.0.dfsg.1-14sarge4_i386.deb
Size/MD5 checksum: 163124 dfe3c393889e2ba0bf421164956903a2
http://security.debian.org/pool/updates/main/x/xfree86/libxmuu1_4.3.0.dfsg.1-14sarge4_i386.deb
Size/MD5 checksum: 171780 0e63f6fb0fc805769aafede4d6be14fa
http://security.debian.org/pool/updates/main/x/xfree86/libxmuu1-dbg_4.3.0.dfsg.1-14sarge4_i386.deb
Size/MD5 checksum: 208498 45c2ec6249fd478854d6b51a8ff64d03
http://security.debian.org/pool/updates/main/x/xfree86/libxp-dev_4.3.0.dfsg.1-14sarge4_i386.deb
Size/MD5 checksum: 179038 196d08ddd654b7095b810bf2704bb668
http://security.debian.org/pool/updates/main/x/xfree86/libxp6_4.3.0.dfsg.1-14sarge4_i386.deb
Size/MD5 checksum: 178710 935bbc6c8815b64fe9fa01cb39564c95
http://security.debian.org/pool/updates/main/x/xfree86/libxp6-dbg_4.3.0.dfsg.1-14sarge4_i386.deb
Size/MD5 checksum: 565340 d93c4e35f9a79c72f11cf5e61e6685fb
http://security.debian.org/pool/updates/main/x/xfree86/libxpm-dev_4.3.0.dfsg.1-14sarge4_i386.deb
Size/MD5 checksum: 193686 1311a58096d095810db6de874403f144
http://security.debian.org/pool/updates/main/x/xfree86/libxpm4_4.3.0.dfsg.1-14sarge4_i386.deb
Size/MD5 checksum: 195898 a8c4f1a3cca264a4de38384909ae0527
http://security.debian.org/pool/updates/main/x/xfree86/libxpm4-dbg_4.3.0.dfsg.1-14sarge4_i386.deb
Size/MD5 checksum: 245344 3bb2b5834a63fa1f6ee7f6f73455b14a
http://security.debian.org/pool/updates/main/x/xfree86/libxrandr-dev_4.3.0.dfsg.1-14sarge4_i386.deb
Size/MD5 checksum: 171098 c7b8b83b09b599b65f41c2fb2df9e5f2
http://security.debian.org/pool/updates/main/x/xfree86/libxrandr2_4.3.0.dfsg.1-14sarge4_i386.deb
Size/MD5 checksum: 171542 9d8ba30823322ea55436910855236d40
http://security.debian.org/pool/updates/main/x/xfree86/libxrandr2-dbg_4.3.0.dfsg.1-14sarge4_i386.deb
Size/MD5 checksum: 200314 db2359a4dd12eff662f17d16eab080e8
http://security.debian.org/pool/updates/main/x/xfree86/libxt-dev_4.3.0.dfsg.1-14sarge4_i386.deb
Size/MD5 checksum: 614302 115e64adc6c74af37bacc0b4e54fadc2
http://security.debian.org/pool/updates/main/x/xfree86/libxt6_4.3.0.dfsg.1-14sarge4_i386.deb
Size/MD5 checksum: 329404 1e75dc920d8fd10a64dc014b05730b06
http://security.debian.org/pool/updates/main/x/xfree86/libxt6-dbg_4.3.0.dfsg.1-14sarge4_i386.deb
Size/MD5 checksum: 1529654 18594c501817e10451893310347ad4e8
http://security.debian.org/pool/updates/main/x/xfree86/libxtrap-dev_4.3.0.dfsg.1-14sarge4_i386.deb
Size/MD5 checksum: 184890 132a6b1b5ab8f182ebeed781e053ebeb
http://security.debian.org/pool/updates/main/x/xfree86/libxtrap6_4.3.0.dfsg.1-14sarge4_i386.deb
Size/MD5 checksum: 180554 6f49732e209e38e6dd779252671b963d
http://security.debian.org/pool/updates/main/x/xfree86/libxtrap6-dbg_4.3.0.dfsg.1-14sarge4_i386.deb
Size/MD5 checksum: 410264 92c96bc12e1fe35ed18d5e863b71691b
http://security.debian.org/pool/updates/main/x/xfree86/libxtst-dev_4.3.0.dfsg.1-14sarge4_i386.deb
Size/MD5 checksum: 169914 24a5fcdc4ebc93491a0f70ea2d5bc26b
http://security.debian.org/pool/updates/main/x/xfree86/libxtst6_4.3.0.dfsg.1-14sarge4_i386.deb
Size/MD5 checksum: 174482 fba1ebdb9743a7973b5d3d5f943b1521
http://security.debian.org/pool/updates/main/x/xfree86/libxtst6-dbg_4.3.0.dfsg.1-14sarge4_i386.deb
Size/MD5 checksum: 236504 0ba491e7dd63b06e116becef32a9dee8
http://security.debian.org/pool/updates/main/x/xfree86/libxv-dev_4.3.0.dfsg.1-14sarge4_i386.deb
Size/MD5 checksum: 190596 81973bd063623df482c4c9feb53bfe1e
http://security.debian.org/pool/updates/main/x/xfree86/libxv1_4.3.0.dfsg.1-14sarge4_i386.deb
Size/MD5 checksum: 172632 b4b5474d58ceb6869be524e7eedcde0c
http://security.debian.org/pool/updates/main/x/xfree86/libxv1-dbg_4.3.0.dfsg.1-14sarge4_i386.deb
Size/MD5 checksum: 203054 50753c3e0fee1e35bd290da7903eff5a
http://security.debian.org/pool/updates/main/x/xfree86/proxymngr_4.3.0.dfsg.1-14sarge4_i386.deb
Size/MD5 checksum: 182762 b8bc97c636c1f886a306063ab2888a41
http://security.debian.org/pool/updates/main/x/xfree86/twm_4.3.0.dfsg.1-14sarge4_i386.deb
Size/MD5 checksum: 265068 d6ab5c744507fd1a9fe6a6828019d559
http://security.debian.org/pool/updates/main/x/xfree86/x-window-system-core_4.3.0.dfsg.1-14sarge4_i386.deb
Size/MD5 checksum: 158806 0c80f911f973bb7337586d624a6c747e
http://security.debian.org/pool/updates/main/x/xfree86/x-window-system-dev_4.3.0.dfsg.1-14sarge4_i386.deb
Size/MD5 checksum: 158856 fc61c5e9ea820e7fd9e3510310245bad
http://security.debian.org/pool/updates/main/x/xfree86/xbase-clients_4.3.0.dfsg.1-14sarge4_i386.deb
Size/MD5 checksum: 1941616 b050f50404e8d7bfd11296e4745fd3e3
http://security.debian.org/pool/updates/main/x/xfree86/xdm_4.3.0.dfsg.1-14sarge4_i386.deb
Size/MD5 checksum: 309596 0f948324ca3602a56a9c6d6d7029b902
http://security.debian.org/pool/updates/main/x/xfree86/xfs_4.3.0.dfsg.1-14sarge4_i386.deb
Size/MD5 checksum: 496946 04c400f07131f1fe396100ecd83847f6
http://security.debian.org/pool/updates/main/x/xfree86/xfwp_4.3.0.dfsg.1-14sarge4_i386.deb
Size/MD5 checksum: 180580 fc2e265ed3497fcf03781f0edb71b8c5
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-dri_4.3.0.dfsg.1-14sarge4_i386.deb
Size/MD5 checksum: 5009168 582136777e3fbd1102fded416f9bf804
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-dri-dbg_4.3.0.dfsg.1-14sarge4_i386.deb
Size/MD5 checksum: 49495214 a9f69894995ccf02de16ff76c8496f77
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl_4.3.0.dfsg.1-14sarge4_i386.deb
Size/MD5 checksum: 283386 183aeab2a61618e245b585344cb1fd63
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl-dbg_4.3.0.dfsg.1-14sarge4_i386.deb
Size/MD5 checksum: 1230896 aac25d99c5ff9aa3f3ca8c7bd78e57fe
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl-dev_4.3.0.dfsg.1-14sarge4_i386.deb
Size/MD5 checksum: 705172 6de19e9b1c942c1c62d165029b0dfcd8
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu_4.3.0.dfsg.1-14sarge4_i386.deb
Size/MD5 checksum: 366064 1c48bae8d4491a4ff4b676736ab175ca
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu-dbg_4.3.0.dfsg.1-14sarge4_i386.deb
Size/MD5 checksum: 1111016 9fc618a5c445ed61ea1099d44730d9a7
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu-dev_4.3.0.dfsg.1-14sarge4_i386.deb
Size/MD5 checksum: 435082 17cc6e82fefac3ff0e0da0099fc261f4
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa3_4.3.0.dfsg.1-14sarge4_i386.deb
Size/MD5 checksum: 158606 9c67005155a274bca06964f26be4da79
http://security.debian.org/pool/updates/main/x/xfree86/xlibosmesa-dev_4.3.0.dfsg.1-14sarge4_i386.deb
Size/MD5 checksum: 790330 984dc8f924bf799cd1a31cde08141708
http://security.debian.org/pool/updates/main/x/xfree86/xlibosmesa4_4.3.0.dfsg.1-14sarge4_i386.deb
Size/MD5 checksum: 662110 2b3d55d989a06edc35fd750b86258318
http://security.debian.org/pool/updates/main/x/xfree86/xlibosmesa4-dbg_4.3.0.dfsg.1-14sarge4_i386.deb
Size/MD5 checksum: 4582490 83d96569620caf3995c115f0182b3b41
http://security.debian.org/pool/updates/main/x/xfree86/xlibs-static-dev_4.3.0.dfsg.1-14sarge4_i386.deb
Size/MD5 checksum: 855012 86b0f0f3c687cce625e825698ba95298
http://security.debian.org/pool/updates/main/x/xfree86/xlibs-static-pic_4.3.0.dfsg.1-14sarge4_i386.deb
Size/MD5 checksum: 384546 a8ec4021a27da614968f11b1f0d84c11
http://security.debian.org/pool/updates/main/x/xfree86/xmh_4.3.0.dfsg.1-14sarge4_i386.deb
Size/MD5 checksum: 226984 e02156abd0bcdde44b2c4ba6027c0978
http://security.debian.org/pool/updates/main/x/xfree86/xnest_4.3.0.dfsg.1-14sarge4_i386.deb
Size/MD5 checksum: 1467016 dc5564cc3943f59450e050d240ac6d19
http://security.debian.org/pool/updates/main/x/xfree86/xserver-common_4.3.0.dfsg.1-14sarge4_i386.deb
Size/MD5 checksum: 336854 591e181619783ff7003be7ed6b20529b
http://security.debian.org/pool/updates/main/x/xfree86/xserver-xfree86_4.3.0.dfsg.1-14sarge4_i386.deb
Size/MD5 checksum: 5744114 4ce1994ca3f0aa2035622d5f730c7245
http://security.debian.org/pool/updates/main/x/xfree86/xserver-xfree86-dbg_4.3.0.dfsg.1-14sarge4_i386.deb
Size/MD5 checksum: 54929832 6ba49cd3398bab6a3b82d2eb7fac1afe
http://security.debian.org/pool/updates/main/x/xfree86/xterm_4.3.0.dfsg.1-14sarge4_i386.deb
Size/MD5 checksum: 509408 3a68d04348d4c4b53640706b960cb227
http://security.debian.org/pool/updates/main/x/xfree86/xutils_4.3.0.dfsg.1-14sarge4_i386.deb
Size/MD5 checksum: 912694 39f690caee0037461c210233ae9ea846
http://security.debian.org/pool/updates/main/x/xfree86/xvfb_4.3.0.dfsg.1-14sarge4_i386.deb
Size/MD5 checksum: 1603624 a09b4b6b58ab30e3b0cff0df9cf3fdf7
http://security.debian.org/pool/updates/main/r/rdesktop/rdesktop_1.4.0-2sarge1_i386.deb
Size/MD5 checksum: 94980 1c57e38030bc1c7311695cef03d2b560
Intel IA-64 architecture:
http://security.debian.org/pool/updates/main/x/xfree86/lbxproxy_4.3.0.dfsg.1-14sarge4_ia64.deb
Size/MD5 checksum: 301856 2536934226628d0349840161c4239311
http://security.debian.org/pool/updates/main/x/xfree86/libdps-dev_4.3.0.dfsg.1-14sarge4_ia64.deb
Size/MD5 checksum: 423574 661cdf850136cc83b7a2f188e53a4e2e
http://security.debian.org/pool/updates/main/x/xfree86/libdps1_4.3.0.dfsg.1-14sarge4_ia64.deb
Size/MD5 checksum: 335342 ecc1597e1221d6752b87b9cbcadddfad
http://security.debian.org/pool/updates/main/x/xfree86/libdps1-dbg_4.3.0.dfsg.1-14sarge4_ia64.deb
Size/MD5 checksum: 836740 1d1f928ad5a6075c7b8d26b479c037b1
http://security.debian.org/pool/updates/main/x/xfree86/libice-dev_4.3.0.dfsg.1-14sarge4_ia64.deb
Size/MD5 checksum: 229996 f96e4a0405bc4e66f93efaffadc4f2e8
http://security.debian.org/pool/updates/main/x/xfree86/libice6_4.3.0.dfsg.1-14sarge4_ia64.deb
Size/MD5 checksum: 220530 5509e9624abaeebfafa2238a8174552a
http://security.debian.org/pool/updates/main/x/xfree86/libice6-dbg_4.3.0.dfsg.1-14sarge4_ia64.deb
Size/MD5 checksum: 307000 ef2bcf7574ba2874133c9c89faacf474
http://security.debian.org/pool/updates/main/x/xfree86/libsm-dev_4.3.0.dfsg.1-14sarge4_ia64.deb
Size/MD5 checksum: 183790 da2e6b761cfb3ef2da02967c0cc45b2f
http://security.debian.org/pool/updates/main/x/xfree86/libsm6_4.3.0.dfsg.1-14sarge4_ia64.deb
Size/MD5 checksum: 187868 e4103966dc75c710d449c193d7b0c172
http://security.debian.org/pool/updates/main/x/xfree86/libsm6-dbg_4.3.0.dfsg.1-14sarge4_ia64.deb
Size/MD5 checksum: 212436 b73882b850d9a14ac2676853b4e1365b
http://security.debian.org/pool/updates/main/x/xfree86/libx11-6_4.3.0.dfsg.1-14sarge4_ia64.deb
Size/MD5 checksum: 906316 a140bde98edf1894e6e35b655e617f5a
http://security.debian.org/pool/updates/main/x/xfree86/libx11-6-dbg_4.3.0.dfsg.1-14sarge4_ia64.deb
Size/MD5 checksum: 9887962 ced2fb3657c9406a8dc3888d0a9c720d
http://security.debian.org/pool/updates/main/x/xfree86/libx11-dev_4.3.0.dfsg.1-14sarge4_ia64.deb
Size/MD5 checksum: 1606148 f68d2172e7981a2922dc4da5460a52f5
http://security.debian.org/pool/updates/main/x/xfree86/libxaw6_4.3.0.dfsg.1-14sarge4_ia64.deb
Size/MD5 checksum: 355430 d8bab5f8af5411b72bd4c99314b836fd
http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dbg_4.3.0.dfsg.1-14sarge4_ia64.deb
Size/MD5 checksum: 971308 98b9821f558fdc43c5b4dec4b50e82de
http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dev_4.3.0.dfsg.1-14sarge4_ia64.deb
Size/MD5 checksum: 545418 0381b705666026787bf62d1b19a1d326
http://security.debian.org/pool/updates/main/x/xfree86/libxaw7_4.3.0.dfsg.1-14sarge4_ia64.deb
Size/MD5 checksum: 437162 b40b327b5b0224d4ea6284af48e0ab20
http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dbg_4.3.0.dfsg.1-14sarge4_ia64.deb
Size/MD5 checksum: 1155500 7487439f9ba76ae05c3037d3db271a97
http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dev_4.3.0.dfsg.1-14sarge4_ia64.deb
Size/MD5 checksum: 545322 899c08785c157f10f657e7acb5ede406
http://security.debian.org/pool/updates/main/x/xfree86/libxext-dev_4.3.0.dfsg.1-14sarge4_ia64.deb
Size/MD5 checksum: 264566 5278642e58fb8cb61ade54ae9ea00125
http://security.debian.org/pool/updates/main/x/xfree86/libxext6_4.3.0.dfsg.1-14sarge4_ia64.deb
Size/MD5 checksum: 201316 aec4b6a598c0d37f9ee2a7c434560ca0
http://security.debian.org/pool/updates/main/x/xfree86/libxext6-dbg_4.3.0.dfsg.1-14sarge4_ia64.deb
Size/MD5 checksum: 525084 ce9b348e4f455a0e236c8abbe88894cd
http://security.debian.org/pool/updates/main/x/xfree86/libxft1_4.3.0.dfsg.1-14sarge4_ia64.deb
Size/MD5 checksum: 200834 9ab987825769ca0885bbefb655793bfc
http://security.debian.org/pool/updates/main/x/xfree86/libxft1-dbg_4.3.0.dfsg.1-14sarge4_ia64.deb
Size/MD5 checksum: 484850 f43c52e902a788f0bc47dad4670dbc13
http://security.debian.org/pool/updates/main/x/xfree86/libxi-dev_4.3.0.dfsg.1-14sarge4_ia64.deb
Size/MD5 checksum: 241416 a6c1ff2791d41b528d34a2a5b7e0cda1
http://security.debian.org/pool/updates/main/x/xfree86/libxi6_4.3.0.dfsg.1-14sarge4_ia64.deb
Size/MD5 checksum: 188316 70ec23e87366fe5d62cc6237a34df58c
http://security.debian.org/pool/updates/main/x/xfree86/libxi6-dbg_4.3.0.dfsg.1-14sarge4_ia64.deb
Size/MD5 checksum: 1184954 478f63c5a4364655aad8b35ff2b58d2d
http://security.debian.org/pool/updates/main/x/xfree86/libxmu-dev_4.3.0.dfsg.1-14sarge4_ia64.deb
Size/MD5 checksum: 247942 0d03221e400cdfa4dfa62437e859af33
http://security.debian.org/pool/updates/main/x/xfree86/libxmu6_4.3.0.dfsg.1-14sarge4_ia64.deb
Size/MD5 checksum: 230070 4e75172f67d529d5b4960586dffb2326
http://security.debian.org/pool/updates/main/x/xfree86/libxmu6-dbg_4.3.0.dfsg.1-14sarge4_ia64.deb
Size/MD5 checksum: 689792 832b63f9f3b4109df89426905c5ddcc9
http://security.debian.org/pool/updates/main/x/xfree86/libxmuu-dev_4.3.0.dfsg.1-14sarge4_ia64.deb
Size/MD5 checksum: 164948 8183cb1e03648f3f6cf19544eef00abc
http://security.debian.org/pool/updates/main/x/xfree86/libxmuu1_4.3.0.dfsg.1-14sarge4_ia64.deb
Size/MD5 checksum: 173644 d194b2aab4f22ed2016a21cfc6cb554b
http://security.debian.org/pool/updates/main/x/xfree86/libxmuu1-dbg_4.3.0.dfsg.1-14sarge4_ia64.deb
Size/MD5 checksum: 210708 cfac0d9056615515ca8baba68d750c5e
http://security.debian.org/pool/updates/main/x/xfree86/libxp-dev_4.3.0.dfsg.1-14sarge4_ia64.deb
Size/MD5 checksum: 186904 14761ff4b77ea55e8d5ea1bf838098b8
http://security.debian.org/pool/updates/main/x/xfree86/libxp6_4.3.0.dfsg.1-14sarge4_ia64.deb
Size/MD5 checksum: 185238 d5f89d9c59ad7bf9a91bdbc7329dcf9b
http://security.debian.org/pool/updates/main/x/xfree86/libxp6-dbg_4.3.0.dfsg.1-14sarge4_ia64.deb
Size/MD5 checksum: 577486 23dcc7933085f8c1ed9ca319bcfb8d5f
http://security.debian.org/pool/updates/main/x/xfree86/libxpm-dev_4.3.0.dfsg.1-14sarge4_ia64.deb
Size/MD5 checksum: 214096 6902cdbbc99c3d21d8e97d3b2d962d0b
http://security.debian.org/pool/updates/main/x/xfree86/libxpm4_4.3.0.dfsg.1-14sarge4_ia64.deb
Size/MD5 checksum: 211598 bb9345c62712925a2a31c681f80d8c78
http://security.debian.org/pool/updates/main/x/xfree86/libxpm4-dbg_4.3.0.dfsg.1-14sarge4_ia64.deb
Size/MD5 checksum: 261608 4ee5e1029fe9ab66213c57546ec099e1
http://security.debian.org/pool/updates/main/x/xfree86/libxrandr-dev_4.3.0.dfsg.1-14sarge4_ia64.deb
Size/MD5 checksum: 174596 7fd5a663614670bce66dcb18686707fd
http://security.debian.org/pool/updates/main/x/xfree86/libxrandr2_4.3.0.dfsg.1-14sarge4_ia64.deb
Size/MD5 checksum: 174482 3ae32e6fa2f05345221cdcf5222a0a76
http://security.debian.org/pool/updates/main/x/xfree86/libxrandr2-dbg_4.3.0.dfsg.1-14sarge4_ia64.deb
Size/MD5 checksum: 204366 83a4a11374d28f11276a812af5a4f189
http://security.debian.org/pool/updates/main/x/xfree86/libxt-dev_4.3.0.dfsg.1-14sarge4_ia64.deb
Size/MD5 checksum: 734512 83da9954a4e88ea281aac8e58cce0417
http://security.debian.org/pool/updates/main/x/xfree86/libxt6_4.3.0.dfsg.1-14sarge4_ia64.deb
Size/MD5 checksum: 410848 fc544e2b161c9c796a97e702064c7814
http://security.debian.org/pool/updates/main/x/xfree86/libxt6-dbg_4.3.0.dfsg.1-14sarge4_ia64.deb
Size/MD5 checksum: 1627622 3ad29ccc7e3aa3ff849cf5226a378662
http://security.debian.org/pool/updates/main/x/xfree86/libxtrap-dev_4.3.0.dfsg.1-14sarge4_ia64.deb
Size/MD5 checksum: 192576 191f6eb877c6220b15d3581748bf080b
http://security.debian.org/pool/updates/main/x/xfree86/libxtrap6_4.3.0.dfsg.1-14sarge4_ia64.deb
Size/MD5 checksum: 186708 4778512f96e02cc2b00f667b7757dd58
http://security.debian.org/pool/updates/main/x/xfree86/libxtrap6-dbg_4.3.0.dfsg.1-14sarge4_ia64.deb
Size/MD5 checksum: 415204 c1d5735cb1197a99a0d4a6e08ed8d2ad
http://security.debian.org/pool/updates/main/x/xfree86/libxtst-dev_4.3.0.dfsg.1-14sarge4_ia64.deb
Size/MD5 checksum: 176850 4276368e65cc7b6d0ced6fee47fd1325
http://security.debian.org/pool/updates/main/x/xfree86/libxtst6_4.3.0.dfsg.1-14sarge4_ia64.deb
Size/MD5 checksum: 180028 535e93c0336b609113938920d2da7b19
http://security.debian.org/pool/updates/main/x/xfree86/libxtst6-dbg_4.3.0.dfsg.1-14sarge4_ia64.deb
Size/MD5 checksum: 242192 7a7a71281b43033019a704565a9fc691
http://security.debian.org/pool/updates/main/x/xfree86/libxv-dev_4.3.0.dfsg.1-14sarge4_ia64.deb
Size/MD5 checksum: 194772 f6fbbe744696aab7c36f1f118bbbdd89
http://security.debian.org/pool/updates/main/x/xfree86/libxv1_4.3.0.dfsg.1-14sarge4_ia64.deb
Size/MD5 checksum: 176284 1c925dce81cd41410c433264025c6159
http://security.debian.org/pool/updates/main/x/xfree86/libxv1-dbg_4.3.0.dfsg.1-14sarge4_ia64.deb
Size/MD5 checksum: 207898 981e0a72852e686ebb94b8bd54f16134
http://security.debian.org/pool/updates/main/x/xfree86/proxymngr_4.3.0.dfsg.1-14sarge4_ia64.deb
Size/MD5 checksum: 188648 08fc0d4fab01781603e9572fd3e839f8
http://security.debian.org/pool/updates/main/x/xfree86/twm_4.3.0.dfsg.1-14sarge4_ia64.deb
Size/MD5 checksum: 312324 a6c63c439a5bb043fe320f4779f8f31b
http://security.debian.org/pool/updates/main/x/xfree86/x-window-system-core_4.3.0.dfsg.1-14sarge4_ia64.deb
Size/MD5 checksum: 158796 49f4feb5a9fe370f6ed39115bf6dae30
http://security.debian.org/pool/updates/main/x/xfree86/x-window-system-dev_4.3.0.dfsg.1-14sarge4_ia64.deb
Size/MD5 checksum: 158844 9fd7480c8f47f27fd6e0bc7bbf847533
http://security.debian.org/pool/updates/main/x/xfree86/xbase-clients_4.3.0.dfsg.1-14sarge4_ia64.deb
Size/MD5 checksum: 2774492 3424d3799ae9b7b08e7a66185aef68f4
http://security.debian.org/pool/updates/main/x/xfree86/xdm_4.3.0.dfsg.1-14sarge4_ia64.deb
Size/MD5 checksum: 347898 8ae26bdac80c228f162b0fd10fe25892
http://security.debian.org/pool/updates/main/x/xfree86/xfs_4.3.0.dfsg.1-14sarge4_ia64.deb
Size/MD5 checksum: 693412 f1a383a2bdbf67626c4389de56597a17
http://security.debian.org/pool/updates/main/x/xfree86/xfwp_4.3.0.dfsg.1-14sarge4_ia64.deb
Size/MD5 checksum: 188856 7c8411b390713431d036b549a80f8d61
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-dri_4.3.0.dfsg.1-14sarge4_ia64.deb
Size/MD5 checksum: 8121752 763ff2b160b0c0712499eae573f40e44
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-dri-dbg_4.3.0.dfsg.1-14sarge4_ia64.deb
Size/MD5 checksum: 51595076 6dd701a0a28aba2219034d6f2214121c
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl_4.3.0.dfsg.1-14sarge4_ia64.deb
Size/MD5 checksum: 349704 baa5b652ac7da0154ee263c3522d04f4
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl-dbg_4.3.0.dfsg.1-14sarge4_ia64.deb
Size/MD5 checksum: 1324528 4854dde9c6fa7cb0dcc6c3862507fb9e
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl-dev_4.3.0.dfsg.1-14sarge4_ia64.deb
Size/MD5 checksum: 797068 1ce3af82028237daea128d7213e89cf2
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu_4.3.0.dfsg.1-14sarge4_ia64.deb
Size/MD5 checksum: 447492 384596efd464eb27da2bea8b426e9061
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu-dbg_4.3.0.dfsg.1-14sarge4_ia64.deb
Size/MD5 checksum: 1200974 a9d2b33b28b815cb01bf96ae96093032
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu-dev_4.3.0.dfsg.1-14sarge4_ia64.deb
Size/MD5 checksum: 553512 bc158ab22c3d8949e0e9486d6518af40
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa3_4.3.0.dfsg.1-14sarge4_ia64.deb
Size/MD5 checksum: 158598 116aa61965b7a3b91b45e317d3e91b75
http://security.debian.org/pool/updates/main/x/xfree86/xlibosmesa-dev_4.3.0.dfsg.1-14sarge4_ia64.deb
Size/MD5 checksum: 1081118 e8b35d16092f656359e9c0bb99b74179
http://security.debian.org/pool/updates/main/x/xfree86/xlibosmesa4_4.3.0.dfsg.1-14sarge4_ia64.deb
Size/MD5 checksum: 946692 c3e728e388711e13d6d2cebd03836e67
http://security.debian.org/pool/updates/main/x/xfree86/xlibosmesa4-dbg_4.3.0.dfsg.1-14sarge4_ia64.deb
Size/MD5 checksum: 4773708 fb080167239394d3ba3ae4a71e737546
http://security.debian.org/pool/updates/main/x/xfree86/xlibs-static-dev_4.3.0.dfsg.1-14sarge4_ia64.deb
Size/MD5 checksum: 1165792 e9456cdb9978268829113f8f687f98ef
http://security.debian.org/pool/updates/main/x/xfree86/xlibs-static-pic_4.3.0.dfsg.1-14sarge4_ia64.deb
Size/MD5 checksum: 494608 cf64329bcaf705b4cef3f52c90a612f1
http://security.debian.org/pool/updates/main/x/xfree86/xmh_4.3.0.dfsg.1-14sarge4_ia64.deb
Size/MD5 checksum: 260258 741427f481d436aa87d90d59b3e92379
http://security.debian.org/pool/updates/main/x/xfree86/xnest_4.3.0.dfsg.1-14sarge4_ia64.deb
Size/MD5 checksum: 2383910 4dd936295dc3a5d630906d9c510813ca
http://security.debian.org/pool/updates/main/x/xfree86/xserver-common_4.3.0.dfsg.1-14sarge4_ia64.deb
Size/MD5 checksum: 338584 d5a558ca2dc8e909834048e78204d3a0
http://security.debian.org/pool/updates/main/x/xfree86/xserver-xfree86_4.3.0.dfsg.1-14sarge4_ia64.deb
Size/MD5 checksum: 8457416 479bbecbef8d2971225628529a160bb4
http://security.debian.org/pool/updates/main/x/xfree86/xserver-xfree86-dbg_4.3.0.dfsg.1-14sarge4_ia64.deb
Size/MD5 checksum: 56511442 b7f8fd181b9a684eeca40bfea3d185de
http://security.debian.org/pool/updates/main/x/xfree86/xterm_4.3.0.dfsg.1-14sarge4_ia64.deb
Size/MD5 checksum: 581860 4ba016a1f2b41d055eaa081ec5b04bc0
http://security.debian.org/pool/updates/main/x/xfree86/xutils_4.3.0.dfsg.1-14sarge4_ia64.deb
Size/MD5 checksum: 1133422 bf77f9281359939cfac6fe550af95f6d
http://security.debian.org/pool/updates/main/x/xfree86/xvfb_4.3.0.dfsg.1-14sarge4_ia64.deb
Size/MD5 checksum: 2610628 6cc3b877c5b52e77dac0e83bd58fa390
http://security.debian.org/pool/updates/main/r/rdesktop/rdesktop_1.4.0-2sarge1_ia64.deb
Size/MD5 checksum: 145704 d959399c76a6f63626a83f75dbed9d82
Motorola 680x0 architecture:
http://security.debian.org/pool/updates/main/x/xfree86/lbxproxy_4.3.0.dfsg.1-14sarge4_m68k.deb
Size/MD5 checksum: 241018 77a07432c45b9378936b86794d2bcab2
http://security.debian.org/pool/updates/main/x/xfree86/libdps-dev_4.3.0.dfsg.1-14sarge4_m68k.deb
Size/MD5 checksum: 331138 64ad4122c8f105a06f56c23d9174cc10
http://security.debian.org/pool/updates/main/x/xfree86/libdps1_4.3.0.dfsg.1-14sarge4_m68k.deb
Size/MD5 checksum: 282230 c554467354b448f9e165955af4e7b4a2
http://security.debian.org/pool/updates/main/x/xfree86/libdps1-dbg_4.3.0.dfsg.1-14sarge4_m68k.deb
Size/MD5 checksum: 785174 dd08487031b3e63b50533df646c0e6af
http://security.debian.org/pool/updates/main/x/xfree86/libice-dev_4.3.0.dfsg.1-14sarge4_m68k.deb
Size/MD5 checksum: 200262 060aa0d9cb7282199ca18305b5c821f4
http://security.debian.org/pool/updates/main/x/xfree86/libice6_4.3.0.dfsg.1-14sarge4_m68k.deb
Size/MD5 checksum: 197746 83836818743f4dd92b30ab3eedcf362b
http://security.debian.org/pool/updates/main/x/xfree86/libice6-dbg_4.3.0.dfsg.1-14sarge4_m68k.deb
Size/MD5 checksum: 281672 1e1caf7322c340167bb95486494c3012
http://security.debian.org/pool/updates/main/x/xfree86/libsm-dev_4.3.0.dfsg.1-14sarge4_m68k.deb
Size/MD5 checksum: 174714 87eddf9c6a897f97952aa91c838eff89
http://security.debian.org/pool/updates/main/x/xfree86/libsm6_4.3.0.dfsg.1-14sarge4_m68k.deb
Size/MD5 checksum: 180594 573276a89f23874cac04d56e205aec69
http://security.debian.org/pool/updates/main/x/xfree86/libsm6-dbg_4.3.0.dfsg.1-14sarge4_m68k.deb
Size/MD5 checksum: 204752 51890686ef5fe0a32afb5f760e19e1af
http://security.debian.org/pool/updates/main/x/xfree86/libx11-6_4.3.0.dfsg.1-14sarge4_m68k.deb
Size/MD5 checksum: 680616 7200fc49162ebda0d53a7ab4a74bbff1
http://security.debian.org/pool/updates/main/x/xfree86/libx11-6-dbg_4.3.0.dfsg.1-14sarge4_m68k.deb
Size/MD5 checksum: 9735198 4c7d703ab09a32257fbb4a7a9ca6ef34
http://security.debian.org/pool/updates/main/x/xfree86/libx11-dev_4.3.0.dfsg.1-14sarge4_m68k.deb
Size/MD5 checksum: 1320712 16c0e121877da9f823914a14d3e5f40b
http://security.debian.org/pool/updates/main/x/xfree86/libxaw6_4.3.0.dfsg.1-14sarge4_m68k.deb
Size/MD5 checksum: 272166 df7b6958c0a1c7017a30f9c7b78ec723
http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dbg_4.3.0.dfsg.1-14sarge4_m68k.deb
Size/MD5 checksum: 885970 0c270453838e035b27714ed71bc9a952
http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dev_4.3.0.dfsg.1-14sarge4_m68k.deb
Size/MD5 checksum: 389520 46a680064a2f9a1e888df2bd7f7aa903
http://security.debian.org/pool/updates/main/x/xfree86/libxaw7_4.3.0.dfsg.1-14sarge4_m68k.deb
Size/MD5 checksum: 319674 7f7e6f24dac1b7e3f4c41bd3f589d281
http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dbg_4.3.0.dfsg.1-14sarge4_m68k.deb
Size/MD5 checksum: 1015288 3253f3dc4f1914004ee0d58e4e1c0f41
http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dev_4.3.0.dfsg.1-14sarge4_m68k.deb
Size/MD5 checksum: 389430 759f32add2082c6df77263c182b8dd05
http://security.debian.org/pool/updates/main/x/xfree86/libxext-dev_4.3.0.dfsg.1-14sarge4_m68k.deb
Size/MD5 checksum: 244390 12f93645d7c7f68716ed544613efeb6a
http://security.debian.org/pool/updates/main/x/xfree86/libxext6_4.3.0.dfsg.1-14sarge4_m68k.deb
Size/MD5 checksum: 186086 e51920992e3a65fc3d6738517e449792
http://security.debian.org/pool/updates/main/x/xfree86/libxext6-dbg_4.3.0.dfsg.1-14sarge4_m68k.deb
Size/MD5 checksum: 513588 dacd493b35a8a37d1b0326ec265f1586
http://security.debian.org/pool/updates/main/x/xfree86/libxft1_4.3.0.dfsg.1-14sarge4_m68k.deb
Size/MD5 checksum: 188836 96ec2b33de1690dc8dc1e4dca8a5de24
http://security.debian.org/pool/updates/main/x/xfree86/libxft1-dbg_4.3.0.dfsg.1-14sarge4_m68k.deb
Size/MD5 checksum: 478026 59ab765625ea9dc6da641a8e5d01d1f1
http://security.debian.org/pool/updates/main/x/xfree86/libxi-dev_4.3.0.dfsg.1-14sarge4_m68k.deb
Size/MD5 checksum: 229372 59d34c9c15853cb410d5ce3d35924d40
http://security.debian.org/pool/updates/main/x/xfree86/libxi6_4.3.0.dfsg.1-14sarge4_m68k.deb
Size/MD5 checksum: 177524 788b51e970927d25728e597d6efda2f2
http://security.debian.org/pool/updates/main/x/xfree86/libxi6-dbg_4.3.0.dfsg.1-14sarge4_m68k.deb
Size/MD5 checksum: 1190632 24752ff589468af8133e0e27661cea93
http://security.debian.org/pool/updates/main/x/xfree86/libxmu-dev_4.3.0.dfsg.1-14sarge4_m68k.deb
Size/MD5 checksum: 213748 ced2278c1ba39a77143cedea80190687
http://security.debian.org/pool/updates/main/x/xfree86/libxmu6_4.3.0.dfsg.1-14sarge4_m68k.deb
Size/MD5 checksum: 206234 4fbbf0148b2cd42a69521255000601e5
http://security.debian.org/pool/updates/main/x/xfree86/libxmu6-dbg_4.3.0.dfsg.1-14sarge4_m68k.deb
Size/MD5 checksum: 666594 e2ab67ea5ba09f7be87f51beab9d5886
http://security.debian.org/pool/updates/main/x/xfree86/libxmuu-dev_4.3.0.dfsg.1-14sarge4_m68k.deb
Size/MD5 checksum: 162740 2da7b2488ea0dbaf0582960cfcbbb782
http://security.debian.org/pool/updates/main/x/xfree86/libxmuu1_4.3.0.dfsg.1-14sarge4_m68k.deb
Size/MD5 checksum: 171686 6fd94e0375a1bbfa758392035ec76c73
http://security.debian.org/pool/updates/main/x/xfree86/libxmuu1-dbg_4.3.0.dfsg.1-14sarge4_m68k.deb
Size/MD5 checksum: 208966 03cc15b63c820c9568275e4fc248afc8
http://security.debian.org/pool/updates/main/x/xfree86/libxp-dev_4.3.0.dfsg.1-14sarge4_m68k.deb
Size/MD5 checksum: 177938 0298a644eec5eb22c96672b1364f8ac4
http://security.debian.org/pool/updates/main/x/xfree86/libxp6_4.3.0.dfsg.1-14sarge4_m68k.deb
Size/MD5 checksum: 177392 221bb28eb3760c47fb26797e692d84ac
http://security.debian.org/pool/updates/main/x/xfree86/libxp6-dbg_4.3.0.dfsg.1-14sarge4_m68k.deb
Size/MD5 checksum: 571934 a2e321f788912dc8f4591fd1dfc50c79
http://security.debian.org/pool/updates/main/x/xfree86/libxpm-dev_4.3.0.dfsg.1-14sarge4_m68k.deb
Size/MD5 checksum: 189722 820323286728158435103af5db8748af
http://security.debian.org/pool/updates/main/x/xfree86/libxpm4_4.3.0.dfsg.1-14sarge4_m68k.deb
Size/MD5 checksum: 191700 7e3e4d432fc65a82689a629af33b6cf9
http://security.debian.org/pool/updates/main/x/xfree86/libxpm4-dbg_4.3.0.dfsg.1-14sarge4_m68k.deb
Size/MD5 checksum: 239296 141d8cbc8f454a44f79c13dcf1152e3c
http://security.debian.org/pool/updates/main/x/xfree86/libxrandr-dev_4.3.0.dfsg.1-14sarge4_m68k.deb
Size/MD5 checksum: 170844 1a5bd0bb22fd2dfded42c17de02bf2cd
http://security.debian.org/pool/updates/main/x/xfree86/libxrandr2_4.3.0.dfsg.1-14sarge4_m68k.deb
Size/MD5 checksum: 171222 3aecb797ff7774a2ab5cbb020b8d7583
http://security.debian.org/pool/updates/main/x/xfree86/libxrandr2-dbg_4.3.0.dfsg.1-14sarge4_m68k.deb
Size/MD5 checksum: 200380 10901ad8dc53221e014db4503f5b1891
http://security.debian.org/pool/updates/main/x/xfree86/libxt-dev_4.3.0.dfsg.1-14sarge4_m68k.deb
Size/MD5 checksum: 597690 1e422ffd7f5c0b308b54d0a5a732ad56
http://security.debian.org/pool/updates/main/x/xfree86/libxt6_4.3.0.dfsg.1-14sarge4_m68k.deb
Size/MD5 checksum: 314590 36483349e4f37219f5ab22061b7c316d
http://security.debian.org/pool/updates/main/x/xfree86/libxt6-dbg_4.3.0.dfsg.1-14sarge4_m68k.deb
Size/MD5 checksum: 1518028 6dd17e0c9f3869be4bde36d09a1f5cbd
http://security.debian.org/pool/updates/main/x/xfree86/libxtrap-dev_4.3.0.dfsg.1-14sarge4_m68k.deb
Size/MD5 checksum: 184100 90bfe448f4c46e7032235e8a41f6bdec
http://security.debian.org/pool/updates/main/x/xfree86/libxtrap6_4.3.0.dfsg.1-14sarge4_m68k.deb
Size/MD5 checksum: 180192 446b94f914b87c2855ab2b6508a001b7
http://security.debian.org/pool/updates/main/x/xfree86/libxtrap6-dbg_4.3.0.dfsg.1-14sarge4_m68k.deb
Size/MD5 checksum: 408988 5a315e50bbe97cf00ab9c286168480a7
http://security.debian.org/pool/updates/main/x/xfree86/libxtst-dev_4.3.0.dfsg.1-14sarge4_m68k.deb
Size/MD5 checksum: 168920 562498f992c6e330578f5545bfb4c183
http://security.debian.org/pool/updates/main/x/xfree86/libxtst6_4.3.0.dfsg.1-14sarge4_m68k.deb
Size/MD5 checksum: 173734 43011296400cc534ad0e2763a6948209
http://security.debian.org/pool/updates/main/x/xfree86/libxtst6-dbg_4.3.0.dfsg.1-14sarge4_m68k.deb
Size/MD5 checksum: 236732 9df9f6739611fb0fb3d13be1604e944f
http://security.debian.org/pool/updates/main/x/xfree86/libxv-dev_4.3.0.dfsg.1-14sarge4_m68k.deb
Size/MD5 checksum: 190134 7d2773cb87e157ca3872a3749f080ee3
http://security.debian.org/pool/updates/main/x/xfree86/libxv1_4.3.0.dfsg.1-14sarge4_m68k.deb
Size/MD5 checksum: 172066 be4d961e36c50d6db22d0dc790527cfc
http://security.debian.org/pool/updates/main/x/xfree86/libxv1-dbg_4.3.0.dfsg.1-14sarge4_m68k.deb
Size/MD5 checksum: 203030 0ae15e99cf268d4607a9ce9f5a0499cd
http://security.debian.org/pool/updates/main/x/xfree86/proxymngr_4.3.0.dfsg.1-14sarge4_m68k.deb
Size/MD5 checksum: 181158 51b4b7ed68aefda9a8c7c4663825bab7
http://security.debian.org/pool/updates/main/x/xfree86/twm_4.3.0.dfsg.1-14sarge4_m68k.deb
Size/MD5 checksum: 256204 6f415eff373b0dd082c3c4cd88f38968
http://security.debian.org/pool/updates/main/x/xfree86/x-window-system-core_4.3.0.dfsg.1-14sarge4_m68k.deb
Size/MD5 checksum: 158800 518d8866e2f0538a14a151e08205455f
http://security.debian.org/pool/updates/main/x/xfree86/x-window-system-dev_4.3.0.dfsg.1-14sarge4_m68k.deb
Size/MD5 checksum: 158848 05fdf197054b6de0a875f55cc623a90f
http://security.debian.org/pool/updates/main/x/xfree86/xbase-clients_4.3.0.dfsg.1-14sarge4_m68k.deb
Size/MD5 checksum: 1770534 a5a3246a865619f16873171292728d4d
http://security.debian.org/pool/updates/main/x/xfree86/xdm_4.3.0.dfsg.1-14sarge4_m68k.deb
Size/MD5 checksum: 304782 8c26e77f964dbabad39172dde2f11b28
http://security.debian.org/pool/updates/main/x/xfree86/xfs_4.3.0.dfsg.1-14sarge4_m68k.deb
Size/MD5 checksum: 448136 9f5a9f1a513fe8b4e0daddb3500689d4
http://security.debian.org/pool/updates/main/x/xfree86/xfwp_4.3.0.dfsg.1-14sarge4_m68k.deb
Size/MD5 checksum: 178986 1909446f56c676490d9ac52676a45e88
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl_4.3.0.dfsg.1-14sarge4_m68k.deb
Size/MD5 checksum: 284944 026317fc993d1fe1dff80f1ac1eb91c5
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl-dbg_4.3.0.dfsg.1-14sarge4_m68k.deb
Size/MD5 checksum: 1197212 8fd8f32f6f3bf0a11401ed7597f39c1c
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl-dev_4.3.0.dfsg.1-14sarge4_m68k.deb
Size/MD5 checksum: 689460 a050bbc3a8b3a9f1789aee998e00c918
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu_4.3.0.dfsg.1-14sarge4_m68k.deb
Size/MD5 checksum: 335758 e8e92c844a61419c47bce1aad77a59d2
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu-dbg_4.3.0.dfsg.1-14sarge4_m68k.deb
Size/MD5 checksum: 1099042 0a495c48978112d48a084651984482a2
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu-dev_4.3.0.dfsg.1-14sarge4_m68k.deb
Size/MD5 checksum: 405664 210e7f001efffbb8aa0cb72a30ecde57
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa3_4.3.0.dfsg.1-14sarge4_m68k.deb
Size/MD5 checksum: 158604 d34dcc01cd3ea7779abb2fb03a07c035
http://security.debian.org/pool/updates/main/x/xfree86/xlibs-static-dev_4.3.0.dfsg.1-14sarge4_m68k.deb
Size/MD5 checksum: 758064 dc880642b8b7e1a8c29101b281d493fd
http://security.debian.org/pool/updates/main/x/xfree86/xlibs-static-pic_4.3.0.dfsg.1-14sarge4_m68k.deb
Size/MD5 checksum: 349048 a155502b312c00034f2ae0ee55a030e4
http://security.debian.org/pool/updates/main/x/xfree86/xmh_4.3.0.dfsg.1-14sarge4_m68k.deb
Size/MD5 checksum: 222330 758c282c2ea0fc9acb71bb81a50de8b1
http://security.debian.org/pool/updates/main/x/xfree86/xnest_4.3.0.dfsg.1-14sarge4_m68k.deb
Size/MD5 checksum: 1240584 4882905dcb51ec7943e1a2af30de7411
http://security.debian.org/pool/updates/main/x/xfree86/xserver-common_4.3.0.dfsg.1-14sarge4_m68k.deb
Size/MD5 checksum: 336750 626286fb3dbfbddac46db00f94247987
http://security.debian.org/pool/updates/main/x/xfree86/xserver-xfree86_4.3.0.dfsg.1-14sarge4_m68k.deb
Size/MD5 checksum: 4544002 e4cc4d1a010460c47e024cbbb3da404e
http://security.debian.org/pool/updates/main/x/xfree86/xserver-xfree86-dbg_4.3.0.dfsg.1-14sarge4_m68k.deb
Size/MD5 checksum: 45450578 159132c8cb652641dfa6a9e0fd0b0983
http://security.debian.org/pool/updates/main/x/xfree86/xterm_4.3.0.dfsg.1-14sarge4_m68k.deb
Size/MD5 checksum: 495068 9d646f6246283c9d9ec6203027418988
http://security.debian.org/pool/updates/main/x/xfree86/xutils_4.3.0.dfsg.1-14sarge4_m68k.deb
Size/MD5 checksum: 873524 2490473ac20b90a37ee823bef1168001
http://security.debian.org/pool/updates/main/x/xfree86/xvfb_4.3.0.dfsg.1-14sarge4_m68k.deb
Size/MD5 checksum: 1350020 fefe13b0d055607cbc25bea8a8700fa1
http://security.debian.org/pool/updates/main/r/rdesktop/rdesktop_1.4.0-2sarge1_m68k.deb
Size/MD5 checksum: 88642 2e821aab336d92fbf4463ec68d549df5
Big endian MIPS architecture:
http://security.debian.org/pool/updates/main/x/xfree86/lbxproxy_4.3.0.dfsg.1-14sarge4_mips.deb
Size/MD5 checksum: 269036 e0d614a89eb3c3f0d76c1c32efb658d1
http://security.debian.org/pool/updates/main/x/xfree86/libdps-dev_4.3.0.dfsg.1-14sarge4_mips.deb
Size/MD5 checksum: 383674 85999be5fb8483b01f78ef55432996d8
http://security.debian.org/pool/updates/main/x/xfree86/libdps1_4.3.0.dfsg.1-14sarge4_mips.deb
Size/MD5 checksum: 283268 960f5f05ae7fda8191e7c3a0470519d0
http://security.debian.org/pool/updates/main/x/xfree86/libdps1-dbg_4.3.0.dfsg.1-14sarge4_mips.deb
Size/MD5 checksum: 794896 15bc703842b5c086c0dc32a365e75ec9
http://security.debian.org/pool/updates/main/x/xfree86/libice-dev_4.3.0.dfsg.1-14sarge4_mips.deb
Size/MD5 checksum: 212428 6e245b0237e014fc807aae8a83765de9
http://security.debian.org/pool/updates/main/x/xfree86/libice6_4.3.0.dfsg.1-14sarge4_mips.deb
Size/MD5 checksum: 200476 7f451738d1c701f31063eca4714a3e82
http://security.debian.org/pool/updates/main/x/xfree86/libice6-dbg_4.3.0.dfsg.1-14sarge4_mips.deb
Size/MD5 checksum: 286068 5abe8c7d0b16a59be535313f4a8e5c41
http://security.debian.org/pool/updates/main/x/xfree86/libsm-dev_4.3.0.dfsg.1-14sarge4_mips.deb
Size/MD5 checksum: 178320 26290f78c879e2f18a917e4a0d594c83
http://security.debian.org/pool/updates/main/x/xfree86/libsm6_4.3.0.dfsg.1-14sarge4_mips.deb
Size/MD5 checksum: 180942 212958ccdb25420a7e8c85efb757419d
http://security.debian.org/pool/updates/main/x/xfree86/libsm6-dbg_4.3.0.dfsg.1-14sarge4_mips.deb
Size/MD5 checksum: 205778 62298420a535e5b9e334be552e02bfce
http://security.debian.org/pool/updates/main/x/xfree86/libx11-6_4.3.0.dfsg.1-14sarge4_mips.deb
Size/MD5 checksum: 741164 dc4a231aa21b24592af81779a3f0e63a
http://security.debian.org/pool/updates/main/x/xfree86/libx11-6-dbg_4.3.0.dfsg.1-14sarge4_mips.deb
Size/MD5 checksum: 9875488 04e5abcf7f591272784c4e8a2de04600
http://security.debian.org/pool/updates/main/x/xfree86/libx11-dev_4.3.0.dfsg.1-14sarge4_mips.deb
Size/MD5 checksum: 1448650 ef0aecd48a18d8c0328f8aed260a8056
http://security.debian.org/pool/updates/main/x/xfree86/libxaw6_4.3.0.dfsg.1-14sarge4_mips.deb
Size/MD5 checksum: 291898 1d19096fdfda44903b79e0e907feafb5
http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dbg_4.3.0.dfsg.1-14sarge4_mips.deb
Size/MD5 checksum: 914694 5cd35836ce90b31192da903fe74b9464
http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dev_4.3.0.dfsg.1-14sarge4_mips.deb
Size/MD5 checksum: 457170 75c30aaae65eac879b12d96746024b50
http://security.debian.org/pool/updates/main/x/xfree86/libxaw7_4.3.0.dfsg.1-14sarge4_mips.deb
Size/MD5 checksum: 345484 61ae086ce3fe377c7ad719ac15bb0e81
http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dbg_4.3.0.dfsg.1-14sarge4_mips.deb
Size/MD5 checksum: 1053840 265f890d3f31f22adfe12929e6927d1a
http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dev_4.3.0.dfsg.1-14sarge4_mips.deb
Size/MD5 checksum: 457082 dcdadb44978e3efd8d4de14b1bb1e779
http://security.debian.org/pool/updates/main/x/xfree86/libxext-dev_4.3.0.dfsg.1-14sarge4_mips.deb
Size/MD5 checksum: 253440 832c6d9c7c66d6f5de7c8e01627413aa
http://security.debian.org/pool/updates/main/x/xfree86/libxext6_4.3.0.dfsg.1-14sarge4_mips.deb
Size/MD5 checksum: 189378 ef74e7e76c3a466cfe4fc965762f618b
http://security.debian.org/pool/updates/main/x/xfree86/libxext6-dbg_4.3.0.dfsg.1-14sarge4_mips.deb
Size/MD5 checksum: 519556 edf155ff90decb7a0faa5632b5a4cf4f
http://security.debian.org/pool/updates/main/x/xfree86/libxft1_4.3.0.dfsg.1-14sarge4_mips.deb
Size/MD5 checksum: 190660 86464457c3e108661887610e5ea83283
http://security.debian.org/pool/updates/main/x/xfree86/libxft1-dbg_4.3.0.dfsg.1-14sarge4_mips.deb
Size/MD5 checksum: 481658 4d02c7e8a59fc882c249abaecc9fb231
http://security.debian.org/pool/updates/main/x/xfree86/libxi-dev_4.3.0.dfsg.1-14sarge4_mips.deb
Size/MD5 checksum: 234346 48396e6b0a99add4cef783ac8a7aa4a2
http://security.debian.org/pool/updates/main/x/xfree86/libxi6_4.3.0.dfsg.1-14sarge4_mips.deb
Size/MD5 checksum: 180312 7065ff48dd57fc4712290485943d1884
http://security.debian.org/pool/updates/main/x/xfree86/libxi6-dbg_4.3.0.dfsg.1-14sarge4_mips.deb
Size/MD5 checksum: 1200778 8891af2a2b97901ba15daa436bc4a8be
http://security.debian.org/pool/updates/main/x/xfree86/libxmu-dev_4.3.0.dfsg.1-14sarge4_mips.deb
Size/MD5 checksum: 229230 b57f350a0b45180482d4773b4d4906df
http://security.debian.org/pool/updates/main/x/xfree86/libxmu6_4.3.0.dfsg.1-14sarge4_mips.deb
Size/MD5 checksum: 210238 f1d4dceb06755ff6eac535ead7b60e48
http://security.debian.org/pool/updates/main/x/xfree86/libxmu6-dbg_4.3.0.dfsg.1-14sarge4_mips.deb
Size/MD5 checksum: 679006 ab2a5d9d9cf347380e6e8f404972b3a7
http://security.debian.org/pool/updates/main/x/xfree86/libxmuu-dev_4.3.0.dfsg.1-14sarge4_mips.deb
Size/MD5 checksum: 163800 0cb95c62798ce539733e1b6d5f4cd10d
http://security.debian.org/pool/updates/main/x/xfree86/libxmuu1_4.3.0.dfsg.1-14sarge4_mips.deb
Size/MD5 checksum: 171894 3dbd7c7abdd64ee3cab8ab578c28a466
http://security.debian.org/pool/updates/main/x/xfree86/libxmuu1-dbg_4.3.0.dfsg.1-14sarge4_mips.deb
Size/MD5 checksum: 209482 61a6a45b5b9408f3bfe16d0ab2677e7d
http://security.debian.org/pool/updates/main/x/xfree86/libxp-dev_4.3.0.dfsg.1-14sarge4_mips.deb
Size/MD5 checksum: 181812 9608b04167f37a788a8363f622038b3c
http://security.debian.org/pool/updates/main/x/xfree86/libxp6_4.3.0.dfsg.1-14sarge4_mips.deb
Size/MD5 checksum: 178568 2643b6b2f300b44e9164920e90bc1e32
http://security.debian.org/pool/updates/main/x/xfree86/libxp6-dbg_4.3.0.dfsg.1-14sarge4_mips.deb
Size/MD5 checksum: 576458 dabd3f68c6c430a417eb265c04f97dc8
http://security.debian.org/pool/updates/main/x/xfree86/libxpm-dev_4.3.0.dfsg.1-14sarge4_mips.deb
Size/MD5 checksum: 201004 53b5143cb8b95dd74f4c8c5394447c9e
http://security.debian.org/pool/updates/main/x/xfree86/libxpm4_4.3.0.dfsg.1-14sarge4_mips.deb
Size/MD5 checksum: 196860 85d7fedaf7f23cfa9f5b852d7c2cf804
http://security.debian.org/pool/updates/main/x/xfree86/libxpm4-dbg_4.3.0.dfsg.1-14sarge4_mips.deb
Size/MD5 checksum: 246082 ac0e1f47165a1449ce01d6fcd99ba377
http://security.debian.org/pool/updates/main/x/xfree86/libxrandr-dev_4.3.0.dfsg.1-14sarge4_mips.deb
Size/MD5 checksum: 172422 51a54bcd72bbfef34fff324215046684
http://security.debian.org/pool/updates/main/x/xfree86/libxrandr2_4.3.0.dfsg.1-14sarge4_mips.deb
Size/MD5 checksum: 171978 098bb8fef374fd9cacf44fb196dd6a08
http://security.debian.org/pool/updates/main/x/xfree86/libxrandr2-dbg_4.3.0.dfsg.1-14sarge4_mips.deb
Size/MD5 checksum: 201692 a0e794a9a0f11782c2a1e2c063c907c6
http://security.debian.org/pool/updates/main/x/xfree86/libxt-dev_4.3.0.dfsg.1-14sarge4_mips.deb
Size/MD5 checksum: 658488 cd7fa7d1d143676db6f5b3c669ca2e90
http://security.debian.org/pool/updates/main/x/xfree86/libxt6_4.3.0.dfsg.1-14sarge4_mips.deb
Size/MD5 checksum: 337488 ec3a5b787c6ae945a8d4701894b6b47f
http://security.debian.org/pool/updates/main/x/xfree86/libxt6-dbg_4.3.0.dfsg.1-14sarge4_mips.deb
Size/MD5 checksum: 1558432 b758c6ae00f6795c2e7612d2b6869427
http://security.debian.org/pool/updates/main/x/xfree86/libxtrap-dev_4.3.0.dfsg.1-14sarge4_mips.deb
Size/MD5 checksum: 188076 b6383e3e11a196f27b0ebfce5a1249e2
http://security.debian.org/pool/updates/main/x/xfree86/libxtrap6_4.3.0.dfsg.1-14sarge4_mips.deb
Size/MD5 checksum: 180856 1b3e3fb923a6fed46dfd8a9a819808bb
http://security.debian.org/pool/updates/main/x/xfree86/libxtrap6-dbg_4.3.0.dfsg.1-14sarge4_mips.deb
Size/MD5 checksum: 411938 8ba6d09b8b594b964de932b10515a848
http://security.debian.org/pool/updates/main/x/xfree86/libxtst-dev_4.3.0.dfsg.1-14sarge4_mips.deb
Size/MD5 checksum: 173122 cbb902e5f1004d524bf428ccbb476af7
http://security.debian.org/pool/updates/main/x/xfree86/libxtst6_4.3.0.dfsg.1-14sarge4_mips.deb
Size/MD5 checksum: 175272 78ef33ef661531a62de80c9e02927a3d
http://security.debian.org/pool/updates/main/x/xfree86/libxtst6-dbg_4.3.0.dfsg.1-14sarge4_mips.deb
Size/MD5 checksum: 238884 15b59465dccda67bd09e4882848efd07
http://security.debian.org/pool/updates/main/x/xfree86/libxv-dev_4.3.0.dfsg.1-14sarge4_mips.deb
Size/MD5 checksum: 191990 068d261c0a9192bc379118779f04e730
http://security.debian.org/pool/updates/main/x/xfree86/libxv1_4.3.0.dfsg.1-14sarge4_mips.deb
Size/MD5 checksum: 172872 081f29507e3b42c5a947425a865d6ab8
http://security.debian.org/pool/updates/main/x/xfree86/libxv1-dbg_4.3.0.dfsg.1-14sarge4_mips.deb
Size/MD5 checksum: 204250 ded6fc6a4c13e4dca7a5fc897b95789e
http://security.debian.org/pool/updates/main/x/xfree86/proxymngr_4.3.0.dfsg.1-14sarge4_mips.deb
Size/MD5 checksum: 183656 769f16754e841d2b3ede831430ee4d1b
http://security.debian.org/pool/updates/main/x/xfree86/twm_4.3.0.dfsg.1-14sarge4_mips.deb
Size/MD5 checksum: 279012 21e6d974d7bba679c7d0d297694eb6fe
http://security.debian.org/pool/updates/main/x/xfree86/x-window-system-core_4.3.0.dfsg.1-14sarge4_mips.deb
Size/MD5 checksum: 158790 8091cd2ef7e411b310f45861e8588d52
http://security.debian.org/pool/updates/main/x/xfree86/x-window-system-dev_4.3.0.dfsg.1-14sarge4_mips.deb
Size/MD5 checksum: 158836 433eb908c505bc4abbf45420e3b82ca3
http://security.debian.org/pool/updates/main/x/xfree86/xbase-clients_4.3.0.dfsg.1-14sarge4_mips.deb
Size/MD5 checksum: 2107564 43918ac8ead8b2af80800041bf871aa8
http://security.debian.org/pool/updates/main/x/xfree86/xdm_4.3.0.dfsg.1-14sarge4_mips.deb
Size/MD5 checksum: 316422 c9f27358a4f5da75df8128109fbb43a5
http://security.debian.org/pool/updates/main/x/xfree86/xfs_4.3.0.dfsg.1-14sarge4_mips.deb
Size/MD5 checksum: 543002 cbd4b467bba106c92b1558ced4bf8fe3
http://security.debian.org/pool/updates/main/x/xfree86/xfwp_4.3.0.dfsg.1-14sarge4_mips.deb
Size/MD5 checksum: 182624 8420f1c990880b012d9323d0a68d3628
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl_4.3.0.dfsg.1-14sarge4_mips.deb
Size/MD5 checksum: 283842 98edafc555cb17b7705e96a739f97594
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl-dbg_4.3.0.dfsg.1-14sarge4_mips.deb
Size/MD5 checksum: 1205152 6ccc49b27787b426e41d30cd7344fff0
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl-dev_4.3.0.dfsg.1-14sarge4_mips.deb
Size/MD5 checksum: 753068 25ce758d961646072a6738b691c16d0f
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu_4.3.0.dfsg.1-14sarge4_mips.deb
Size/MD5 checksum: 373414 5bda413e620bb7c40b30cd131af86938
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu-dbg_4.3.0.dfsg.1-14sarge4_mips.deb
Size/MD5 checksum: 1144212 942d59d8482805825b108365bda78cfb
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu-dev_4.3.0.dfsg.1-14sarge4_mips.deb
Size/MD5 checksum: 497118 379dc047cf057a4fb194eea11c9d3ca2
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa3_4.3.0.dfsg.1-14sarge4_mips.deb
Size/MD5 checksum: 158590 cba4b0c3960a04583aa947eb3ec21aa2
http://security.debian.org/pool/updates/main/x/xfree86/xlibs-static-dev_4.3.0.dfsg.1-14sarge4_mips.deb
Size/MD5 checksum: 933874 1e1331ba64cb1508c4db1df59ddbb9aa
http://security.debian.org/pool/updates/main/x/xfree86/xlibs-static-pic_4.3.0.dfsg.1-14sarge4_mips.deb
Size/MD5 checksum: 406030 e03c389daa5f6be9c72eb63353ce9d72
http://security.debian.org/pool/updates/main/x/xfree86/xmh_4.3.0.dfsg.1-14sarge4_mips.deb
Size/MD5 checksum: 239710 a99463cc6de040a91e2c3485a6ae9b95
http://security.debian.org/pool/updates/main/x/xfree86/xnest_4.3.0.dfsg.1-14sarge4_mips.deb
Size/MD5 checksum: 1737236 4268b1a0b2a4ca64811ce65a3ba07100
http://security.debian.org/pool/updates/main/x/xfree86/xserver-common_4.3.0.dfsg.1-14sarge4_mips.deb
Size/MD5 checksum: 337538 989852b0a430daed12875e29a361622b
http://security.debian.org/pool/updates/main/x/xfree86/xserver-xfree86_4.3.0.dfsg.1-14sarge4_mips.deb
Size/MD5 checksum: 4021462 de4bdda63e45d94a8132c2e94c252449
http://security.debian.org/pool/updates/main/x/xfree86/xserver-xfree86-dbg_4.3.0.dfsg.1-14sarge4_mips.deb
Size/MD5 checksum: 45540760 1f5b16eba5dc648b0ca7246db7a2d7ff
http://security.debian.org/pool/updates/main/x/xfree86/xterm_4.3.0.dfsg.1-14sarge4_mips.deb
Size/MD5 checksum: 530278 1489eff24482171db1e388ca730595a2
http://security.debian.org/pool/updates/main/x/xfree86/xutils_4.3.0.dfsg.1-14sarge4_mips.deb
Size/MD5 checksum: 983238 a32855e77f25c7e9e21aa96ae8a9d2cc
http://security.debian.org/pool/updates/main/x/xfree86/xvfb_4.3.0.dfsg.1-14sarge4_mips.deb
Size/MD5 checksum: 1898580 582876c5ccae25dfd144bff7bbfc2e44
http://security.debian.org/pool/updates/main/r/rdesktop/rdesktop_1.4.0-2sarge1_mips.deb
Size/MD5 checksum: 115348 423b0dcbd2bf60cdcd1dfecf1ca9e85f
Little endian MIPS architecture:
http://security.debian.org/pool/updates/main/x/xfree86/lbxproxy_4.3.0.dfsg.1-14sarge4_mipsel.deb
Size/MD5 checksum: 268714 b457217d19fd8fbc43666f54ee3b422d
http://security.debian.org/pool/updates/main/x/xfree86/libdps-dev_4.3.0.dfsg.1-14sarge4_mipsel.deb
Size/MD5 checksum: 383552 5d7b8a8f054a40610496c7b169a02bca
http://security.debian.org/pool/updates/main/x/xfree86/libdps1_4.3.0.dfsg.1-14sarge4_mipsel.deb
Size/MD5 checksum: 282270 3916d3d6ec212b8cf958aecf7283b697
http://security.debian.org/pool/updates/main/x/xfree86/libdps1-dbg_4.3.0.dfsg.1-14sarge4_mipsel.deb
Size/MD5 checksum: 784426 8f28ec91456ab0aa9c0fb585b27fac4e
http://security.debian.org/pool/updates/main/x/xfree86/libice-dev_4.3.0.dfsg.1-14sarge4_mipsel.deb
Size/MD5 checksum: 212428 28ad717314bacf8db05ae3d9ece564d4
http://security.debian.org/pool/updates/main/x/xfree86/libice6_4.3.0.dfsg.1-14sarge4_mipsel.deb
Size/MD5 checksum: 200466 dd18ec438c8d6db747479b46253b8535
http://security.debian.org/pool/updates/main/x/xfree86/libice6-dbg_4.3.0.dfsg.1-14sarge4_mipsel.deb
Size/MD5 checksum: 285224 025be5d014139ee126025ded5d029419
http://security.debian.org/pool/updates/main/x/xfree86/libsm-dev_4.3.0.dfsg.1-14sarge4_mipsel.deb
Size/MD5 checksum: 178230 185fd834949d9ec6c15e7df2de864d86
http://security.debian.org/pool/updates/main/x/xfree86/libsm6_4.3.0.dfsg.1-14sarge4_mipsel.deb
Size/MD5 checksum: 180626 b7750eedeb125264f01a77756e286d39
http://security.debian.org/pool/updates/main/x/xfree86/libsm6-dbg_4.3.0.dfsg.1-14sarge4_mipsel.deb
Size/MD5 checksum: 205458 7a79ee705eba1fb54f85e5038eb8f848
http://security.debian.org/pool/updates/main/x/xfree86/libx11-6_4.3.0.dfsg.1-14sarge4_mipsel.deb
Size/MD5 checksum: 739610 b6d8d9a3ed6ffc39b11b76fdd5e79f4a
http://security.debian.org/pool/updates/main/x/xfree86/libx11-6-dbg_4.3.0.dfsg.1-14sarge4_mipsel.deb
Size/MD5 checksum: 9700772 302744dbd76e8b44a9d13a47cb612994
http://security.debian.org/pool/updates/main/x/xfree86/libx11-dev_4.3.0.dfsg.1-14sarge4_mipsel.deb
Size/MD5 checksum: 1448742 398ee2c960b1655c3357c45ab4fa1c5b
http://security.debian.org/pool/updates/main/x/xfree86/libxaw6_4.3.0.dfsg.1-14sarge4_mipsel.deb
Size/MD5 checksum: 290434 a76f2678ec211948b0145199eb3a3b21
http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dbg_4.3.0.dfsg.1-14sarge4_mipsel.deb
Size/MD5 checksum: 903856 0ef7e41798e292ab28d306a702e3b7fd
http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dev_4.3.0.dfsg.1-14sarge4_mipsel.deb
Size/MD5 checksum: 457676 5150db19a905714fb4ae3b84c7cf9895
http://security.debian.org/pool/updates/main/x/xfree86/libxaw7_4.3.0.dfsg.1-14sarge4_mipsel.deb
Size/MD5 checksum: 344002 85c98ccc42151375b8cf1ac34adf0d88
http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dbg_4.3.0.dfsg.1-14sarge4_mipsel.deb
Size/MD5 checksum: 1041318 8355f472163d812e23d1a19b228a8871
http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dev_4.3.0.dfsg.1-14sarge4_mipsel.deb
Size/MD5 checksum: 457578 36228c60dfbf7761a288345c41e625de
http://security.debian.org/pool/updates/main/x/xfree86/libxext-dev_4.3.0.dfsg.1-14sarge4_mipsel.deb
Size/MD5 checksum: 253406 7e181529a011d49edb98d848c310ae7c
http://security.debian.org/pool/updates/main/x/xfree86/libxext6_4.3.0.dfsg.1-14sarge4_mipsel.deb
Size/MD5 checksum: 189256 419ac92bdd97a369acb97492a734d582
http://security.debian.org/pool/updates/main/x/xfree86/libxext6-dbg_4.3.0.dfsg.1-14sarge4_mipsel.deb
Size/MD5 checksum: 511450 c7e564de37bf7b6ae446f0a4356834a9
http://security.debian.org/pool/updates/main/x/xfree86/libxft1_4.3.0.dfsg.1-14sarge4_mipsel.deb
Size/MD5 checksum: 190518 82c1bf1e8dce203b3fe4c9f8fb36fa55
http://security.debian.org/pool/updates/main/x/xfree86/libxft1-dbg_4.3.0.dfsg.1-14sarge4_mipsel.deb
Size/MD5 checksum: 474102 3d171945e9beddbd6da2b320bc658277
http://security.debian.org/pool/updates/main/x/xfree86/libxi-dev_4.3.0.dfsg.1-14sarge4_mipsel.deb
Size/MD5 checksum: 234434 38a1c3c1edb0c74305732e47911e7073
http://security.debian.org/pool/updates/main/x/xfree86/libxi6_4.3.0.dfsg.1-14sarge4_mipsel.deb
Size/MD5 checksum: 180340 48a789753e9e584c2f8a611eb00cebf2
http://security.debian.org/pool/updates/main/x/xfree86/libxi6-dbg_4.3.0.dfsg.1-14sarge4_mipsel.deb
Size/MD5 checksum: 1172822 4b9dd118b18567a2b9a6d70eddb2cf3c
http://security.debian.org/pool/updates/main/x/xfree86/libxmu-dev_4.3.0.dfsg.1-14sarge4_mipsel.deb
Size/MD5 checksum: 229446 ef7a8df51a89a84fe1a8e9255407a95e
http://security.debian.org/pool/updates/main/x/xfree86/libxmu6_4.3.0.dfsg.1-14sarge4_mipsel.deb
Size/MD5 checksum: 210292 1baf340db8decbb6797900b34ef01ae9
http://security.debian.org/pool/updates/main/x/xfree86/libxmu6-dbg_4.3.0.dfsg.1-14sarge4_mipsel.deb
Size/MD5 checksum: 667708 80772935e2ff170fe06c8f0591d8ca69
http://security.debian.org/pool/updates/main/x/xfree86/libxmuu-dev_4.3.0.dfsg.1-14sarge4_mipsel.deb
Size/MD5 checksum: 163802 b288b0a03e674709d36f073e2f2aaabb
http://security.debian.org/pool/updates/main/x/xfree86/libxmuu1_4.3.0.dfsg.1-14sarge4_mipsel.deb
Size/MD5 checksum: 171858 03c3e449b387a91482d8b21e558c789b
http://security.debian.org/pool/updates/main/x/xfree86/libxmuu1-dbg_4.3.0.dfsg.1-14sarge4_mipsel.deb
Size/MD5 checksum: 208910 52fc67c2845f34df0217cb67c305647b
http://security.debian.org/pool/updates/main/x/xfree86/libxp-dev_4.3.0.dfsg.1-14sarge4_mipsel.deb
Size/MD5 checksum: 181866 37a8cd44a87026d32acc0df14da75c1c
http://security.debian.org/pool/updates/main/x/xfree86/libxp6_4.3.0.dfsg.1-14sarge4_mipsel.deb
Size/MD5 checksum: 178588 7a195ed2a458db3d80f37e74c7132826
http://security.debian.org/pool/updates/main/x/xfree86/libxp6-dbg_4.3.0.dfsg.1-14sarge4_mipsel.deb
Size/MD5 checksum: 569302 4df5863188eea9c531fb34ba8c914620
http://security.debian.org/pool/updates/main/x/xfree86/libxpm-dev_4.3.0.dfsg.1-14sarge4_mipsel.deb
Size/MD5 checksum: 201112 9b6e9c39d38d1177bef58eb540536657
http://security.debian.org/pool/updates/main/x/xfree86/libxpm4_4.3.0.dfsg.1-14sarge4_mipsel.deb
Size/MD5 checksum: 196894 afcef91937f62b700897557f5b63d4a3
http://security.debian.org/pool/updates/main/x/xfree86/libxpm4-dbg_4.3.0.dfsg.1-14sarge4_mipsel.deb
Size/MD5 checksum: 245904 7f24c0ca154a19aeead58088bd176293
http://security.debian.org/pool/updates/main/x/xfree86/libxrandr-dev_4.3.0.dfsg.1-14sarge4_mipsel.deb
Size/MD5 checksum: 172436 23d27469a84fa956caf3311f66911069
http://security.debian.org/pool/updates/main/x/xfree86/libxrandr2_4.3.0.dfsg.1-14sarge4_mipsel.deb
Size/MD5 checksum: 171948 16d85086518604e7c07479209543ba5f
http://security.debian.org/pool/updates/main/x/xfree86/libxrandr2-dbg_4.3.0.dfsg.1-14sarge4_mipsel.deb
Size/MD5 checksum: 201270 d4743d9d59253608e7fbf3732ad32bc0
http://security.debian.org/pool/updates/main/x/xfree86/libxt-dev_4.3.0.dfsg.1-14sarge4_mipsel.deb
Size/MD5 checksum: 658586 e4247b61d8dbbcc543c2f81ffd2c4f2c
http://security.debian.org/pool/updates/main/x/xfree86/libxt6_4.3.0.dfsg.1-14sarge4_mipsel.deb
Size/MD5 checksum: 337020 f6e748c6108bb629db19d0f0b890d899
http://security.debian.org/pool/updates/main/x/xfree86/libxt6-dbg_4.3.0.dfsg.1-14sarge4_mipsel.deb
Size/MD5 checksum: 1556268 1f22fb32d46cd7fcaa817e767ed63e60
http://security.debian.org/pool/updates/main/x/xfree86/libxtrap-dev_4.3.0.dfsg.1-14sarge4_mipsel.deb
Size/MD5 checksum: 188070 b134b00d3918725f076deb49a8315287
http://security.debian.org/pool/updates/main/x/xfree86/libxtrap6_4.3.0.dfsg.1-14sarge4_mipsel.deb
Size/MD5 checksum: 180752 2ed8865fbf082082b83d692f8b404911
http://security.debian.org/pool/updates/main/x/xfree86/libxtrap6-dbg_4.3.0.dfsg.1-14sarge4_mipsel.deb
Size/MD5 checksum: 409362 c060bc4bb1eefdae68faade8fc4d0e6d
http://security.debian.org/pool/updates/main/x/xfree86/libxtst-dev_4.3.0.dfsg.1-14sarge4_mipsel.deb
Size/MD5 checksum: 173228 c7a08401264d1f621dfd80876984c34d
http://security.debian.org/pool/updates/main/x/xfree86/libxtst6_4.3.0.dfsg.1-14sarge4_mipsel.deb
Size/MD5 checksum: 175314 9224ffb5723a2ee658ca751432781ce3
http://security.debian.org/pool/updates/main/x/xfree86/libxtst6-dbg_4.3.0.dfsg.1-14sarge4_mipsel.deb
Size/MD5 checksum: 238006 2278377f71a0cf0e8214202a7c137b3f
http://security.debian.org/pool/updates/main/x/xfree86/libxv-dev_4.3.0.dfsg.1-14sarge4_mipsel.deb
Size/MD5 checksum: 192078 cdff976f851d9a639d546e17f9eb58e8
http://security.debian.org/pool/updates/main/x/xfree86/libxv1_4.3.0.dfsg.1-14sarge4_mipsel.deb
Size/MD5 checksum: 172872 89a7daed133f163b017cf4769fb72e90
http://security.debian.org/pool/updates/main/x/xfree86/libxv1-dbg_4.3.0.dfsg.1-14sarge4_mipsel.deb
Size/MD5 checksum: 203766 8425bd077cdbf5636ec9fa3a40899b34
http://security.debian.org/pool/updates/main/x/xfree86/proxymngr_4.3.0.dfsg.1-14sarge4_mipsel.deb
Size/MD5 checksum: 183666 b1cf636c37dd8e9fd270cb46bdc1da1d
http://security.debian.org/pool/updates/main/x/xfree86/twm_4.3.0.dfsg.1-14sarge4_mipsel.deb
Size/MD5 checksum: 278418 5729538d364f4f5c8726f788443eb972
http://security.debian.org/pool/updates/main/x/xfree86/x-window-system-core_4.3.0.dfsg.1-14sarge4_mipsel.deb
Size/MD5 checksum: 158788 fb6e373cc9fcf5f7e2ee4e97cb10a4fa
http://security.debian.org/pool/updates/main/x/xfree86/x-window-system-dev_4.3.0.dfsg.1-14sarge4_mipsel.deb
Size/MD5 checksum: 158836 3cce8809849b8dfb61f5ecc67afdf631
http://security.debian.org/pool/updates/main/x/xfree86/xbase-clients_4.3.0.dfsg.1-14sarge4_mipsel.deb
Size/MD5 checksum: 2104034 acbbc4ba7176a4b6827fb183a2285c53
http://security.debian.org/pool/updates/main/x/xfree86/xdm_4.3.0.dfsg.1-14sarge4_mipsel.deb
Size/MD5 checksum: 316226 bd2701e346c38ea1e280e4425fab0dc2
http://security.debian.org/pool/updates/main/x/xfree86/xfs_4.3.0.dfsg.1-14sarge4_mipsel.deb
Size/MD5 checksum: 541750 a16b41e931f59e0c3ab64d0f3fe55591
http://security.debian.org/pool/updates/main/x/xfree86/xfwp_4.3.0.dfsg.1-14sarge4_mipsel.deb
Size/MD5 checksum: 182688 13077c7b948a560332188b139fa2b88f
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl_4.3.0.dfsg.1-14sarge4_mipsel.deb
Size/MD5 checksum: 280024 fb4d9a96e61c132dbc5da3b7784a973d
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl-dbg_4.3.0.dfsg.1-14sarge4_mipsel.deb
Size/MD5 checksum: 1181102 b99aa55dba347f2a4a319fedac46bbb2
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl-dev_4.3.0.dfsg.1-14sarge4_mipsel.deb
Size/MD5 checksum: 740438 be2c7a300dcbc8a5dacd51864f9b5be4
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu_4.3.0.dfsg.1-14sarge4_mipsel.deb
Size/MD5 checksum: 373234 7ea4c99de128c118ee62cb7a2360d47b
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu-dbg_4.3.0.dfsg.1-14sarge4_mipsel.deb
Size/MD5 checksum: 1123652 f0f7eaef8ac9c91960474085f31a354b
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu-dev_4.3.0.dfsg.1-14sarge4_mipsel.deb
Size/MD5 checksum: 498380 d46fc14c3ab96e6116e85720039c8bb8
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa3_4.3.0.dfsg.1-14sarge4_mipsel.deb
Size/MD5 checksum: 158586 01acd9c9a697fda89a8000adc065aa4c
http://security.debian.org/pool/updates/main/x/xfree86/xlibs-static-dev_4.3.0.dfsg.1-14sarge4_mipsel.deb
Size/MD5 checksum: 929694 4dd351958a4ec579a305e18b17dc6b79
http://security.debian.org/pool/updates/main/x/xfree86/xlibs-static-pic_4.3.0.dfsg.1-14sarge4_mipsel.deb
Size/MD5 checksum: 405110 4a7c191e86ad082b1b9a2b16ba52c64c
http://security.debian.org/pool/updates/main/x/xfree86/xmh_4.3.0.dfsg.1-14sarge4_mipsel.deb
Size/MD5 checksum: 239834 3a244ffb3637774c3a07cc33b4d742e9
http://security.debian.org/pool/updates/main/x/xfree86/xnest_4.3.0.dfsg.1-14sarge4_mipsel.deb
Size/MD5 checksum: 1734732 6014914b81a49f5d8210e2beec459785
http://security.debian.org/pool/updates/main/x/xfree86/xserver-common_4.3.0.dfsg.1-14sarge4_mipsel.deb
Size/MD5 checksum: 337532 1b7712671ffa568c1ab87b9a893910cb
http://security.debian.org/pool/updates/main/x/xfree86/xserver-xfree86_4.3.0.dfsg.1-14sarge4_mipsel.deb
Size/MD5 checksum: 4015554 6343b81312dc1b38035e449f291fc788
http://security.debian.org/pool/updates/main/x/xfree86/xserver-xfree86-dbg_4.3.0.dfsg.1-14sarge4_mipsel.deb
Size/MD5 checksum: 44830508 dc93444fc9f4fa33f7525463bb348516
http://security.debian.org/pool/updates/main/x/xfree86/xterm_4.3.0.dfsg.1-14sarge4_mipsel.deb
Size/MD5 checksum: 528816 facf36f32b31a3c47511c50cf46cc5fe
http://security.debian.org/pool/updates/main/x/xfree86/xutils_4.3.0.dfsg.1-14sarge4_mipsel.deb
Size/MD5 checksum: 972000 0b2178929d57a1967d588f928937874c
http://security.debian.org/pool/updates/main/x/xfree86/xvfb_4.3.0.dfsg.1-14sarge4_mipsel.deb
Size/MD5 checksum: 1894746 74c426c412ffec5e16f485d18301ea08
http://security.debian.org/pool/updates/main/r/rdesktop/rdesktop_1.4.0-2sarge1_mipsel.deb
Size/MD5 checksum: 110416 54d82d984ebe9e4b10e69b672c799cea
PowerPC architecture:
http://security.debian.org/pool/updates/main/x/xfree86/lbxproxy_4.3.0.dfsg.1-14sarge4_powerpc.deb
Size/MD5 checksum: 259230 4374f6ebc9200d2174341043c112e109
http://security.debian.org/pool/updates/main/x/xfree86/libdps-dev_4.3.0.dfsg.1-14sarge4_powerpc.deb
Size/MD5 checksum: 363334 160fc4f3333e6b709bba658d2178543e
http://security.debian.org/pool/updates/main/x/xfree86/libdps1_4.3.0.dfsg.1-14sarge4_powerpc.deb
Size/MD5 checksum: 296960 603c9c356c7301bbb3fa9916d1cb0ec7
http://security.debian.org/pool/updates/main/x/xfree86/libdps1-dbg_4.3.0.dfsg.1-14sarge4_powerpc.deb
Size/MD5 checksum: 1134504 cf85fbc14fbbc569c1a7a4ef3eeb4808
http://security.debian.org/pool/updates/main/x/xfree86/libice-dev_4.3.0.dfsg.1-14sarge4_powerpc.deb
Size/MD5 checksum: 209880 219329af51376127e05af35917a68735
http://security.debian.org/pool/updates/main/x/xfree86/libice6_4.3.0.dfsg.1-14sarge4_powerpc.deb
Size/MD5 checksum: 204442 d1be96893430d198b15d594d56243a9f
http://security.debian.org/pool/updates/main/x/xfree86/libice6-dbg_4.3.0.dfsg.1-14sarge4_powerpc.deb
Size/MD5 checksum: 404728 9d57cd3cf2d5b249e0cb57d5b30d95c6
http://security.debian.org/pool/updates/main/x/xfree86/libsm-dev_4.3.0.dfsg.1-14sarge4_powerpc.deb
Size/MD5 checksum: 178144 6cf6e6a63688c7a97e37c9474f3e152b
http://security.debian.org/pool/updates/main/x/xfree86/libsm6_4.3.0.dfsg.1-14sarge4_powerpc.deb
Size/MD5 checksum: 182676 56c556ab6b021879101dd701870f0d65
http://security.debian.org/pool/updates/main/x/xfree86/libsm6-dbg_4.3.0.dfsg.1-14sarge4_powerpc.deb
Size/MD5 checksum: 250214 661e49c5917779fbef900cd019df3247
http://security.debian.org/pool/updates/main/x/xfree86/libx11-6_4.3.0.dfsg.1-14sarge4_powerpc.deb
Size/MD5 checksum: 739352 a3415710c7e7386754bfc8682cfa711d
http://security.debian.org/pool/updates/main/x/xfree86/libx11-6-dbg_4.3.0.dfsg.1-14sarge4_powerpc.deb
Size/MD5 checksum: 15237950 e1fca6c4017a83a43ad693e5752cc807
http://security.debian.org/pool/updates/main/x/xfree86/libx11-dev_4.3.0.dfsg.1-14sarge4_powerpc.deb
Size/MD5 checksum: 1400632 bc1b20f4b7c5d3b77ae0aee63effdf57
http://security.debian.org/pool/updates/main/x/xfree86/libxaw6_4.3.0.dfsg.1-14sarge4_powerpc.deb
Size/MD5 checksum: 288220 a55ad73354c9090fcf0d8a5cfb4799f4
http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dbg_4.3.0.dfsg.1-14sarge4_powerpc.deb
Size/MD5 checksum: 1335508 683a85aa5049f6cc62fe568d5b75aee7
http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dev_4.3.0.dfsg.1-14sarge4_powerpc.deb
Size/MD5 checksum: 441158 7a73bd998d60d98474044473d7e1e4d8
http://security.debian.org/pool/updates/main/x/xfree86/libxaw7_4.3.0.dfsg.1-14sarge4_powerpc.deb
Size/MD5 checksum: 343294 71f1eb94d8436bb899d8de6a32da8aea
http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dbg_4.3.0.dfsg.1-14sarge4_powerpc.deb
Size/MD5 checksum: 1514616 f021b0e71a36cb05f70859140cd708cf
http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dev_4.3.0.dfsg.1-14sarge4_powerpc.deb
Size/MD5 checksum: 441080 aad05e6166ff256afe038261e77efe62
http://security.debian.org/pool/updates/main/x/xfree86/libxext-dev_4.3.0.dfsg.1-14sarge4_powerpc.deb
Size/MD5 checksum: 249610 761be7ee18d488fe34200d0dbbc67dac
http://security.debian.org/pool/updates/main/x/xfree86/libxext6_4.3.0.dfsg.1-14sarge4_powerpc.deb
Size/MD5 checksum: 190510 21e8c664853cf494476e67cb3441b53d
http://security.debian.org/pool/updates/main/x/xfree86/libxext6-dbg_4.3.0.dfsg.1-14sarge4_powerpc.deb
Size/MD5 checksum: 724186 ca04220950d4a6182b19f8780a9dddde
http://security.debian.org/pool/updates/main/x/xfree86/libxft1_4.3.0.dfsg.1-14sarge4_powerpc.deb
Size/MD5 checksum: 192026 d3ddb6afd8406af0243609fd0d7dd8de
http://security.debian.org/pool/updates/main/x/xfree86/libxft1-dbg_4.3.0.dfsg.1-14sarge4_powerpc.deb
Size/MD5 checksum: 692830 1c8776ab048bbdd4a30e383cd1108e52
http://security.debian.org/pool/updates/main/x/xfree86/libxi-dev_4.3.0.dfsg.1-14sarge4_powerpc.deb
Size/MD5 checksum: 232648 62b9b0108d803f709ee26a68542fa3a1
http://security.debian.org/pool/updates/main/x/xfree86/libxi6_4.3.0.dfsg.1-14sarge4_powerpc.deb
Size/MD5 checksum: 181744 6f123ac1a4758926ec51709841b13724
http://security.debian.org/pool/updates/main/x/xfree86/libxi6-dbg_4.3.0.dfsg.1-14sarge4_powerpc.deb
Size/MD5 checksum: 1859126 e043d9aac0b66d62a620655a39ad97ed
http://security.debian.org/pool/updates/main/x/xfree86/libxmu-dev_4.3.0.dfsg.1-14sarge4_powerpc.deb
Size/MD5 checksum: 225148 aea9393faf4b0edaa9103232aa248464
http://security.debian.org/pool/updates/main/x/xfree86/libxmu6_4.3.0.dfsg.1-14sarge4_powerpc.deb
Size/MD5 checksum: 211792 137274f7b5d4883a35d6907f280e38b5
http://security.debian.org/pool/updates/main/x/xfree86/libxmu6-dbg_4.3.0.dfsg.1-14sarge4_powerpc.deb
Size/MD5 checksum: 1007240 a635dc4740a9dfe704cc24877061c81c
http://security.debian.org/pool/updates/main/x/xfree86/libxmuu-dev_4.3.0.dfsg.1-14sarge4_powerpc.deb
Size/MD5 checksum: 163706 b2b7794ed5fe042e0c31fcc0cfb2bfac
http://security.debian.org/pool/updates/main/x/xfree86/libxmuu1_4.3.0.dfsg.1-14sarge4_powerpc.deb
Size/MD5 checksum: 173614 493da0df5065a4da8158cbb17f36b697
http://security.debian.org/pool/updates/main/x/xfree86/libxmuu1-dbg_4.3.0.dfsg.1-14sarge4_powerpc.deb
Size/MD5 checksum: 235184 819d0cc95a1cbfa835a2ed4b7f786165
http://security.debian.org/pool/updates/main/x/xfree86/libxp-dev_4.3.0.dfsg.1-14sarge4_powerpc.deb
Size/MD5 checksum: 180726 45d11fe75c08934e876787f7036f318d
http://security.debian.org/pool/updates/main/x/xfree86/libxp6_4.3.0.dfsg.1-14sarge4_powerpc.deb
Size/MD5 checksum: 180862 a30b2742d24be32833174a4a804ef6fa
http://security.debian.org/pool/updates/main/x/xfree86/libxp6-dbg_4.3.0.dfsg.1-14sarge4_powerpc.deb
Size/MD5 checksum: 832030 585c0fe336d9a51ddb9dc21768227226
http://security.debian.org/pool/updates/main/x/xfree86/libxpm-dev_4.3.0.dfsg.1-14sarge4_powerpc.deb
Size/MD5 checksum: 198874 1294737db5224ab3296bfb9044e8832b
http://security.debian.org/pool/updates/main/x/xfree86/libxpm4_4.3.0.dfsg.1-14sarge4_powerpc.deb
Size/MD5 checksum: 198864 19acebc0a0478a55f99d2bd9f90498a6
http://security.debian.org/pool/updates/main/x/xfree86/libxpm4-dbg_4.3.0.dfsg.1-14sarge4_powerpc.deb
Size/MD5 checksum: 464002 8842b1d84d667d0484b1a421780a63e0
http://security.debian.org/pool/updates/main/x/xfree86/libxrandr-dev_4.3.0.dfsg.1-14sarge4_powerpc.deb
Size/MD5 checksum: 171644 bd6629f9e652228fe66e9b0c391db4a0
http://security.debian.org/pool/updates/main/x/xfree86/libxrandr2_4.3.0.dfsg.1-14sarge4_powerpc.deb
Size/MD5 checksum: 173334 b0095bfe736254c0bc7b5c3909879ac1
http://security.debian.org/pool/updates/main/x/xfree86/libxrandr2-dbg_4.3.0.dfsg.1-14sarge4_powerpc.deb
Size/MD5 checksum: 221334 b1e3179f2ee6d3efe7cc26ed7da5d3b1
http://security.debian.org/pool/updates/main/x/xfree86/libxt-dev_4.3.0.dfsg.1-14sarge4_powerpc.deb
Size/MD5 checksum: 645354 f78947afb933be6a464bad4620abd8b2
http://security.debian.org/pool/updates/main/x/xfree86/libxt6_4.3.0.dfsg.1-14sarge4_powerpc.deb
Size/MD5 checksum: 337340 1462471e8b2e55e967d37cb0dd5dcb7f
http://security.debian.org/pool/updates/main/x/xfree86/libxt6-dbg_4.3.0.dfsg.1-14sarge4_powerpc.deb
Size/MD5 checksum: 2248906 aa39c626a490e7443a4bc380f9773aa2
http://security.debian.org/pool/updates/main/x/xfree86/libxtrap-dev_4.3.0.dfsg.1-14sarge4_powerpc.deb
Size/MD5 checksum: 186706 da779c8c5330d0407be8fdc8bb8173ee
http://security.debian.org/pool/updates/main/x/xfree86/libxtrap6_4.3.0.dfsg.1-14sarge4_powerpc.deb
Size/MD5 checksum: 182192 63d57f316755a6d883cea67ac975f639
http://security.debian.org/pool/updates/main/x/xfree86/libxtrap6-dbg_4.3.0.dfsg.1-14sarge4_powerpc.deb
Size/MD5 checksum: 553672 2582cf21609c1c49f2aa094513e6f4ab
http://security.debian.org/pool/updates/main/x/xfree86/libxtst-dev_4.3.0.dfsg.1-14sarge4_powerpc.deb
Size/MD5 checksum: 171892 040e3f801d40a4ad1bd3a1571ddd5e1a
http://security.debian.org/pool/updates/main/x/xfree86/libxtst6_4.3.0.dfsg.1-14sarge4_powerpc.deb
Size/MD5 checksum: 176836 0e5e5ed5df4b61eb6f24ecffe9211206
http://security.debian.org/pool/updates/main/x/xfree86/libxtst6-dbg_4.3.0.dfsg.1-14sarge4_powerpc.deb
Size/MD5 checksum: 279446 d3a872368f9df7580597389c17d978ae
http://security.debian.org/pool/updates/main/x/xfree86/libxv-dev_4.3.0.dfsg.1-14sarge4_powerpc.deb
Size/MD5 checksum: 191258 80fb2c1ad08d119ba23bcb3fcb16b1c3
http://security.debian.org/pool/updates/main/x/xfree86/libxv1_4.3.0.dfsg.1-14sarge4_powerpc.deb
Size/MD5 checksum: 174466 9be15db49e12d9c9cf4f749fef17e8d2
http://security.debian.org/pool/updates/main/x/xfree86/libxv1-dbg_4.3.0.dfsg.1-14sarge4_powerpc.deb
Size/MD5 checksum: 225114 69f231b8328338e02f8da31394d8d5dc
http://security.debian.org/pool/updates/main/x/xfree86/proxymngr_4.3.0.dfsg.1-14sarge4_powerpc.deb
Size/MD5 checksum: 184286 f7c882400c739e3599e75e321d5e5acb
http://security.debian.org/pool/updates/main/x/xfree86/twm_4.3.0.dfsg.1-14sarge4_powerpc.deb
Size/MD5 checksum: 272710 ab4cc869a57b10cb0950136905b8c48d
http://security.debian.org/pool/updates/main/x/xfree86/x-window-system-core_4.3.0.dfsg.1-14sarge4_powerpc.deb
Size/MD5 checksum: 158788 3133edb2bd3a8df3a82a7807309249b1
http://security.debian.org/pool/updates/main/x/xfree86/x-window-system-dev_4.3.0.dfsg.1-14sarge4_powerpc.deb
Size/MD5 checksum: 158842 f39ce73aad052fc70749989b60d0072a
http://security.debian.org/pool/updates/main/x/xfree86/xbase-clients_4.3.0.dfsg.1-14sarge4_powerpc.deb
Size/MD5 checksum: 2112920 b63086522de7681a0082a78c5b041518
http://security.debian.org/pool/updates/main/x/xfree86/xdm_4.3.0.dfsg.1-14sarge4_powerpc.deb
Size/MD5 checksum: 314958 8e52d4a60a0d1b437b06143a8e7993d1
http://security.debian.org/pool/updates/main/x/xfree86/xfs_4.3.0.dfsg.1-14sarge4_powerpc.deb
Size/MD5 checksum: 508794 28d7b024adde446fb86c6ce2b1f858b4
http://security.debian.org/pool/updates/main/x/xfree86/xfwp_4.3.0.dfsg.1-14sarge4_powerpc.deb
Size/MD5 checksum: 182900 61d45fc72d6d420debb63987b059bdea
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-dri_4.3.0.dfsg.1-14sarge4_powerpc.deb
Size/MD5 checksum: 3083976 db3db557ea4f14e99e6a43e0fb800fa8
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-dri-dbg_4.3.0.dfsg.1-14sarge4_powerpc.deb
Size/MD5 checksum: 42024226 bc9a1a771374a9bb65beedf768629680
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl_4.3.0.dfsg.1-14sarge4_powerpc.deb
Size/MD5 checksum: 295876 9917c43004b8dd006f4b320bc351abcc
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl-dbg_4.3.0.dfsg.1-14sarge4_powerpc.deb
Size/MD5 checksum: 1904654 b5a2262a4e002e36278c656286efd8d6
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl-dev_4.3.0.dfsg.1-14sarge4_powerpc.deb
Size/MD5 checksum: 734058 18a3ef403198404e9c682e7e797a3491
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu_4.3.0.dfsg.1-14sarge4_powerpc.deb
Size/MD5 checksum: 372376 1507f1c52e26c3fdf13edbfdce59f8b6
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu-dbg_4.3.0.dfsg.1-14sarge4_powerpc.deb
Size/MD5 checksum: 1613144 b01d825bab12e0e3c0f72774df57f51f
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu-dev_4.3.0.dfsg.1-14sarge4_powerpc.deb
Size/MD5 checksum: 468614 eb933fd5af24f8771376e3acac3ef193
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa3_4.3.0.dfsg.1-14sarge4_powerpc.deb
Size/MD5 checksum: 158594 8dd4211d7bb00d471443a02fe897b828
http://security.debian.org/pool/updates/main/x/xfree86/xlibosmesa-dev_4.3.0.dfsg.1-14sarge4_powerpc.deb
Size/MD5 checksum: 808074 d72affd1921fb02b1116143642f031f2
http://security.debian.org/pool/updates/main/x/xfree86/xlibosmesa4_4.3.0.dfsg.1-14sarge4_powerpc.deb
Size/MD5 checksum: 690206 e141cc451a8bce56da60b2217234b6a6
http://security.debian.org/pool/updates/main/x/xfree86/xlibosmesa4-dbg_4.3.0.dfsg.1-14sarge4_powerpc.deb
Size/MD5 checksum: 6682418 be6e6132529820193e66e1c55f007dd7
http://security.debian.org/pool/updates/main/x/xfree86/xlibs-static-dev_4.3.0.dfsg.1-14sarge4_powerpc.deb
Size/MD5 checksum: 885710 ffc8c7adaead9e4f332442833065ec76
http://security.debian.org/pool/updates/main/x/xfree86/xlibs-static-pic_4.3.0.dfsg.1-14sarge4_powerpc.deb
Size/MD5 checksum: 390178 ccda487d5599a7a8c15280214bd193ef
http://security.debian.org/pool/updates/main/x/xfree86/xmh_4.3.0.dfsg.1-14sarge4_powerpc.deb
Size/MD5 checksum: 233004 57129736c7e23d01c991f2352001934f
http://security.debian.org/pool/updates/main/x/xfree86/xnest_4.3.0.dfsg.1-14sarge4_powerpc.deb
Size/MD5 checksum: 1583670 2dcbdfc3cf2f7f3f2d59f50dba809362
http://security.debian.org/pool/updates/main/x/xfree86/xserver-common_4.3.0.dfsg.1-14sarge4_powerpc.deb
Size/MD5 checksum: 337044 ead33998a914ae257d59cbb2845038b4
http://security.debian.org/pool/updates/main/x/xfree86/xserver-xfree86_4.3.0.dfsg.1-14sarge4_powerpc.deb
Size/MD5 checksum: 5796628 308e7e0b85001e7a3cbfd74c83bbd980
http://security.debian.org/pool/updates/main/x/xfree86/xserver-xfree86-dbg_4.3.0.dfsg.1-14sarge4_powerpc.deb
Size/MD5 checksum: 46807434 a9fe3ab81b63f9640709771ab32da4ac
http://security.debian.org/pool/updates/main/x/xfree86/xterm_4.3.0.dfsg.1-14sarge4_powerpc.deb
Size/MD5 checksum: 515612 173f57fef319a3fcbf3ff2a7a9ba2e10
http://security.debian.org/pool/updates/main/x/xfree86/xutils_4.3.0.dfsg.1-14sarge4_powerpc.deb
Size/MD5 checksum: 941398 df0360a7806665dcce1725cda3b5250c
http://security.debian.org/pool/updates/main/x/xfree86/xvfb_4.3.0.dfsg.1-14sarge4_powerpc.deb
Size/MD5 checksum: 1729414 6f361ae8c82eab376e14112caf563627
http://security.debian.org/pool/updates/main/r/rdesktop/rdesktop_1.4.0-2sarge1_powerpc.deb
Size/MD5 checksum: 110844 bb75f25a0c723952e22c16528dac52a5
IBM S/390 architecture:
http://security.debian.org/pool/updates/main/x/xfree86/lbxproxy_4.3.0.dfsg.1-14sarge4_s390.deb
Size/MD5 checksum: 261016 b11576dfd58cb0b8610013fd1f77da5a
http://security.debian.org/pool/updates/main/x/xfree86/libdps-dev_4.3.0.dfsg.1-14sarge4_s390.deb
Size/MD5 checksum: 356334 c4c20e75114576c7d9dfea92ac735c9d
http://security.debian.org/pool/updates/main/x/xfree86/libdps1_4.3.0.dfsg.1-14sarge4_s390.deb
Size/MD5 checksum: 299618 ae63dc230ddf8380bb81ac03e84d9f2b
http://security.debian.org/pool/updates/main/x/xfree86/libdps1-dbg_4.3.0.dfsg.1-14sarge4_s390.deb
Size/MD5 checksum: 861914 142fce29993e744b67faf15c5acacd3a
http://security.debian.org/pool/updates/main/x/xfree86/libice-dev_4.3.0.dfsg.1-14sarge4_s390.deb
Size/MD5 checksum: 207434 7016c7027a54d8885db3ce2dc9d72bcf
http://security.debian.org/pool/updates/main/x/xfree86/libice6_4.3.0.dfsg.1-14sarge4_s390.deb
Size/MD5 checksum: 205026 1b44e63a82180d29a5ab16a8c7de5a97
http://security.debian.org/pool/updates/main/x/xfree86/libice6-dbg_4.3.0.dfsg.1-14sarge4_s390.deb
Size/MD5 checksum: 298232 d4cc2f1a791890214175b650173be0a4
http://security.debian.org/pool/updates/main/x/xfree86/libsm-dev_4.3.0.dfsg.1-14sarge4_s390.deb
Size/MD5 checksum: 179704 eb9f7b47856ab858a7aa7e9540e36ec0
http://security.debian.org/pool/updates/main/x/xfree86/libsm6_4.3.0.dfsg.1-14sarge4_s390.deb
Size/MD5 checksum: 183334 86b4707988a2a88b669148b0cc06c5cd
http://security.debian.org/pool/updates/main/x/xfree86/libsm6-dbg_4.3.0.dfsg.1-14sarge4_s390.deb
Size/MD5 checksum: 209198 ae8ba29733696b125f5099d121d1865d
http://security.debian.org/pool/updates/main/x/xfree86/libx11-6_4.3.0.dfsg.1-14sarge4_s390.deb
Size/MD5 checksum: 754942 6c4b60bab9d918a7a67f6cc5972e6d78
http://security.debian.org/pool/updates/main/x/xfree86/libx11-6-dbg_4.3.0.dfsg.1-14sarge4_s390.deb
Size/MD5 checksum: 9935286 0cfd621c48007ab739925b97afe99459
http://security.debian.org/pool/updates/main/x/xfree86/libx11-dev_4.3.0.dfsg.1-14sarge4_s390.deb
Size/MD5 checksum: 1385690 b5ec7f7b5a873a8bc6522ff58b006b5a
http://security.debian.org/pool/updates/main/x/xfree86/libxaw6_4.3.0.dfsg.1-14sarge4_s390.deb
Size/MD5 checksum: 301510 84e66c1848cc1884b260efc6429f557e
http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dbg_4.3.0.dfsg.1-14sarge4_s390.deb
Size/MD5 checksum: 950252 29c6d39aa6989a525debc31d71660cc1
http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dev_4.3.0.dfsg.1-14sarge4_s390.deb
Size/MD5 checksum: 434648 fc65b47658b425de6cb92b308e0318e3
http://security.debian.org/pool/updates/main/x/xfree86/libxaw7_4.3.0.dfsg.1-14sarge4_s390.deb
Size/MD5 checksum: 358550 913c9e37290bc08cb7985d3a5e5360b8
http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dbg_4.3.0.dfsg.1-14sarge4_s390.deb
Size/MD5 checksum: 1105980 cc20687246cf71654c2fea70f969945d
http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dev_4.3.0.dfsg.1-14sarge4_s390.deb
Size/MD5 checksum: 434536 f555cdc669c207a5f2af9f64c4dbf88e
http://security.debian.org/pool/updates/main/x/xfree86/libxext-dev_4.3.0.dfsg.1-14sarge4_s390.deb
Size/MD5 checksum: 249950 e0e278d3653034caa1ad8114de8ce051
http://security.debian.org/pool/updates/main/x/xfree86/libxext6_4.3.0.dfsg.1-14sarge4_s390.deb
Size/MD5 checksum: 191178 9877b23f5a8fe9f632516e6cdab20a40
http://security.debian.org/pool/updates/main/x/xfree86/libxext6-dbg_4.3.0.dfsg.1-14sarge4_s390.deb
Size/MD5 checksum: 526646 e9e92e600aa1328cf692a412dc29d055
http://security.debian.org/pool/updates/main/x/xfree86/libxft1_4.3.0.dfsg.1-14sarge4_s390.deb
Size/MD5 checksum: 193812 47843986f43e46a087562dd1ae3a7c3d
http://security.debian.org/pool/updates/main/x/xfree86/libxft1-dbg_4.3.0.dfsg.1-14sarge4_s390.deb
Size/MD5 checksum: 488660 c36397e3e28c3ed31eb1c270a5b31ed9
http://security.debian.org/pool/updates/main/x/xfree86/libxi-dev_4.3.0.dfsg.1-14sarge4_s390.deb
Size/MD5 checksum: 231170 7343c839b5db38cda03132a2e2f43fb2
http://security.debian.org/pool/updates/main/x/xfree86/libxi6_4.3.0.dfsg.1-14sarge4_s390.deb
Size/MD5 checksum: 180112 d437359c6939bc126aca998a2e0a5670
http://security.debian.org/pool/updates/main/x/xfree86/libxi6-dbg_4.3.0.dfsg.1-14sarge4_s390.deb
Size/MD5 checksum: 1197126 04fef360a0c48ea4cbd22b2275967f32
http://security.debian.org/pool/updates/main/x/xfree86/libxmu-dev_4.3.0.dfsg.1-14sarge4_s390.deb
Size/MD5 checksum: 224326 e755b93bffaf5fb3d8c61633debcf667
http://security.debian.org/pool/updates/main/x/xfree86/libxmu6_4.3.0.dfsg.1-14sarge4_s390.deb
Size/MD5 checksum: 214300 ba38e46a2c08f96758435687abc968ff
http://security.debian.org/pool/updates/main/x/xfree86/libxmu6-dbg_4.3.0.dfsg.1-14sarge4_s390.deb
Size/MD5 checksum: 687194 fcc78e69f3a4bf1b53ae2aaaa0f7b1ef
http://security.debian.org/pool/updates/main/x/xfree86/libxmuu-dev_4.3.0.dfsg.1-14sarge4_s390.deb
Size/MD5 checksum: 164022 6bce2fe8f612b51469353c6a81f31777
http://security.debian.org/pool/updates/main/x/xfree86/libxmuu1_4.3.0.dfsg.1-14sarge4_s390.deb
Size/MD5 checksum: 172374 ed88c7ce6cbe8faa23d640b0c9261973
http://security.debian.org/pool/updates/main/x/xfree86/libxmuu1-dbg_4.3.0.dfsg.1-14sarge4_s390.deb
Size/MD5 checksum: 209892 58a5154d31b1b2d1345354b4ea289f3d
http://security.debian.org/pool/updates/main/x/xfree86/libxp-dev_4.3.0.dfsg.1-14sarge4_s390.deb
Size/MD5 checksum: 180542 cd3659e44b98e761976991ec8aec1d2e
http://security.debian.org/pool/updates/main/x/xfree86/libxp6_4.3.0.dfsg.1-14sarge4_s390.deb
Size/MD5 checksum: 180452 25765404e04171f9db00acbe1e1938e6
http://security.debian.org/pool/updates/main/x/xfree86/libxp6-dbg_4.3.0.dfsg.1-14sarge4_s390.deb
Size/MD5 checksum: 576880 78f5eb71aa6d98d757a8aa36609933e2
http://security.debian.org/pool/updates/main/x/xfree86/libxpm-dev_4.3.0.dfsg.1-14sarge4_s390.deb
Size/MD5 checksum: 197788 63e02d933765075fda0163cd5f7b2123
http://security.debian.org/pool/updates/main/x/xfree86/libxpm4_4.3.0.dfsg.1-14sarge4_s390.deb
Size/MD5 checksum: 198936 05e480a70d1637cf60e4b7d769e377b4
http://security.debian.org/pool/updates/main/x/xfree86/libxpm4-dbg_4.3.0.dfsg.1-14sarge4_s390.deb
Size/MD5 checksum: 257746 1178c8bbf47a3da072a01387e26e4f71
http://security.debian.org/pool/updates/main/x/xfree86/libxrandr-dev_4.3.0.dfsg.1-14sarge4_s390.deb
Size/MD5 checksum: 171692 ae1e7545c18dedb65276509b967c3b6b
http://security.debian.org/pool/updates/main/x/xfree86/libxrandr2_4.3.0.dfsg.1-14sarge4_s390.deb
Size/MD5 checksum: 172282 597d3b175e028585a432a5ea7624f759
http://security.debian.org/pool/updates/main/x/xfree86/libxrandr2-dbg_4.3.0.dfsg.1-14sarge4_s390.deb
Size/MD5 checksum: 202484 00900f13039ad238178deca2edada9a6
http://security.debian.org/pool/updates/main/x/xfree86/libxt-dev_4.3.0.dfsg.1-14sarge4_s390.deb
Size/MD5 checksum: 636288 93c9d7742151efee83b417616042de6f
http://security.debian.org/pool/updates/main/x/xfree86/libxt6_4.3.0.dfsg.1-14sarge4_s390.deb
Size/MD5 checksum: 349560 79cc1771215735324036f28543edd6ad
http://security.debian.org/pool/updates/main/x/xfree86/libxt6-dbg_4.3.0.dfsg.1-14sarge4_s390.deb
Size/MD5 checksum: 1593378 f94fcfc6add222a9bd061ed107d3a982
http://security.debian.org/pool/updates/main/x/xfree86/libxtrap-dev_4.3.0.dfsg.1-14sarge4_s390.deb
Size/MD5 checksum: 187768 50dcdcc21ba681a47770f76e5bbbd16c
http://security.debian.org/pool/updates/main/x/xfree86/libxtrap6_4.3.0.dfsg.1-14sarge4_s390.deb
Size/MD5 checksum: 182564 eb1e3b990359bf9311fbe1b2bf5fdab9
http://security.debian.org/pool/updates/main/x/xfree86/libxtrap6-dbg_4.3.0.dfsg.1-14sarge4_s390.deb
Size/MD5 checksum: 413646 53e01dc86afc8d574656110369553b29
http://security.debian.org/pool/updates/main/x/xfree86/libxtst-dev_4.3.0.dfsg.1-14sarge4_s390.deb
Size/MD5 checksum: 171496 c902c4ef1ae92f8249b1208063582796
http://security.debian.org/pool/updates/main/x/xfree86/libxtst6_4.3.0.dfsg.1-14sarge4_s390.deb
Size/MD5 checksum: 175374 65f2f8042c3ba6d65db970a43bab4569
http://security.debian.org/pool/updates/main/x/xfree86/libxtst6-dbg_4.3.0.dfsg.1-14sarge4_s390.deb
Size/MD5 checksum: 239804 88239fd56881a45d163b45744bfae4b6
http://security.debian.org/pool/updates/main/x/xfree86/libxv-dev_4.3.0.dfsg.1-14sarge4_s390.deb
Size/MD5 checksum: 191184 b0da17e90d1610eca0cb66845558ddbe
http://security.debian.org/pool/updates/main/x/xfree86/libxv1_4.3.0.dfsg.1-14sarge4_s390.deb
Size/MD5 checksum: 173304 a9ee19c5bbba5e3c05d7628a09dc759e
http://security.debian.org/pool/updates/main/x/xfree86/libxv1-dbg_4.3.0.dfsg.1-14sarge4_s390.deb
Size/MD5 checksum: 205894 34a3d56b36366c1622cced5e3d03bfdd
http://security.debian.org/pool/updates/main/x/xfree86/proxymngr_4.3.0.dfsg.1-14sarge4_s390.deb
Size/MD5 checksum: 183436 94608dfa5b08da618b55044e2ff2aa56
http://security.debian.org/pool/updates/main/x/xfree86/twm_4.3.0.dfsg.1-14sarge4_s390.deb
Size/MD5 checksum: 276620 cbe760c213039314b7a8bebda37cbc38
http://security.debian.org/pool/updates/main/x/xfree86/x-window-system-core_4.3.0.dfsg.1-14sarge4_s390.deb
Size/MD5 checksum: 158780 87774e3c0e9a3351f1df7df951920105
http://security.debian.org/pool/updates/main/x/xfree86/x-window-system-dev_4.3.0.dfsg.1-14sarge4_s390.deb
Size/MD5 checksum: 158836 63971433e37d9e530322279eca61a28e
http://security.debian.org/pool/updates/main/x/xfree86/xbase-clients_4.3.0.dfsg.1-14sarge4_s390.deb
Size/MD5 checksum: 1716176 cee79d4795b2c9c83b705ff494a74ea7
http://security.debian.org/pool/updates/main/x/xfree86/xdm_4.3.0.dfsg.1-14sarge4_s390.deb
Size/MD5 checksum: 316906 c5b68def10170acf30c3ead53e5baa14
http://security.debian.org/pool/updates/main/x/xfree86/xfs_4.3.0.dfsg.1-14sarge4_s390.deb
Size/MD5 checksum: 530022 4abc93320924d134665914f0b002ca61
http://security.debian.org/pool/updates/main/x/xfree86/xfwp_4.3.0.dfsg.1-14sarge4_s390.deb
Size/MD5 checksum: 182340 49bc884ea1d6989ecc1c5b8924c597d3
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl_4.3.0.dfsg.1-14sarge4_s390.deb
Size/MD5 checksum: 330914 b78dc9299d93f5c68e13bbba2e5b1171
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl-dbg_4.3.0.dfsg.1-14sarge4_s390.deb
Size/MD5 checksum: 1310732 5d50f31cf6d71e5ae49ebf694089f12d
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl-dev_4.3.0.dfsg.1-14sarge4_s390.deb
Size/MD5 checksum: 730954 4b30d4bd8f54ba04bc79474206d24c20
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu_4.3.0.dfsg.1-14sarge4_s390.deb
Size/MD5 checksum: 368744 1a3fcaa2b38ab320f2cf780ae2fbb756
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu-dbg_4.3.0.dfsg.1-14sarge4_s390.deb
Size/MD5 checksum: 1203426 77382920ec77dcc0fdc2d2111c367466
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu-dev_4.3.0.dfsg.1-14sarge4_s390.deb
Size/MD5 checksum: 438364 a8f9aa44229d2c9d67bfd9e6c53edf14
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa3_4.3.0.dfsg.1-14sarge4_s390.deb
Size/MD5 checksum: 158592 c7351256cd10ca93167a8fa2c420d8ce
http://security.debian.org/pool/updates/main/x/xfree86/xlibs-static-dev_4.3.0.dfsg.1-14sarge4_s390.deb
Size/MD5 checksum: 851034 4b4ed34eacdff567696a351769e91dec
http://security.debian.org/pool/updates/main/x/xfree86/xlibs-static-pic_4.3.0.dfsg.1-14sarge4_s390.deb
Size/MD5 checksum: 354328 66b68028c1ea212b0bcffa74ea31e314
http://security.debian.org/pool/updates/main/x/xfree86/xmh_4.3.0.dfsg.1-14sarge4_s390.deb
Size/MD5 checksum: 235068 1d03c6ed8c54744dfab467051f886891
http://security.debian.org/pool/updates/main/x/xfree86/xnest_4.3.0.dfsg.1-14sarge4_s390.deb
Size/MD5 checksum: 1623514 d2c8a17cc4ea76ce0ea782b5ed2fa6d0
http://security.debian.org/pool/updates/main/x/xfree86/xserver-common_4.3.0.dfsg.1-14sarge4_s390.deb
Size/MD5 checksum: 337220 f0680427e0457e75dbcaa5824fdcfade
http://security.debian.org/pool/updates/main/x/xfree86/xterm_4.3.0.dfsg.1-14sarge4_s390.deb
Size/MD5 checksum: 521820 058676242c82729a321b28c9258f869a
http://security.debian.org/pool/updates/main/x/xfree86/xutils_4.3.0.dfsg.1-14sarge4_s390.deb
Size/MD5 checksum: 806406 b67e9bf1e1f71a3e39871efac1ef04ea
http://security.debian.org/pool/updates/main/x/xfree86/xvfb_4.3.0.dfsg.1-14sarge4_s390.deb
Size/MD5 checksum: 1766784 c5d15916eee193f599fa851ee4efaacb
http://security.debian.org/pool/updates/main/r/rdesktop/rdesktop_1.4.0-2sarge1_s390.deb
Size/MD5 checksum: 112154 a2dfc1a42c434f2903ec9be068e12e30
Sun Sparc architecture:
http://security.debian.org/pool/updates/main/x/xfree86/lbxproxy_4.3.0.dfsg.1-14sarge3_sparc.deb
Size/MD5 checksum: 251120 6a6c6f03b37e811ae195469e72c6e38d
http://security.debian.org/pool/updates/main/x/xfree86/libdps-dev_4.3.0.dfsg.1-14sarge3_sparc.deb
Size/MD5 checksum: 344048 8ba999289d750ba4ee049ed606ce7ebc
http://security.debian.org/pool/updates/main/x/xfree86/libdps1_4.3.0.dfsg.1-14sarge3_sparc.deb
Size/MD5 checksum: 285098 013a125bd422e828d5f7b4b7caf2befe
http://security.debian.org/pool/updates/main/x/xfree86/libdps1-dbg_4.3.0.dfsg.1-14sarge3_sparc.deb
Size/MD5 checksum: 786826 23029fee14ae423f4a01757a7556f40f
http://security.debian.org/pool/updates/main/x/xfree86/libice-dev_4.3.0.dfsg.1-14sarge3_sparc.deb
Size/MD5 checksum: 206034 e5bfb0235acab95832126c426d4daa22
http://security.debian.org/pool/updates/main/x/xfree86/libice6_4.3.0.dfsg.1-14sarge3_sparc.deb
Size/MD5 checksum: 200282 6d51ad473754375427be266be139cf4d
http://security.debian.org/pool/updates/main/x/xfree86/libice6-dbg_4.3.0.dfsg.1-14sarge3_sparc.deb
Size/MD5 checksum: 283484 64378cbd6be7aeb6788f01da7cde5378
http://security.debian.org/pool/updates/main/x/xfree86/libsm-dev_4.3.0.dfsg.1-14sarge3_sparc.deb
Size/MD5 checksum: 176924 90574aacc859e31a6835efde2c649563
http://security.debian.org/pool/updates/main/x/xfree86/libsm6_4.3.0.dfsg.1-14sarge3_sparc.deb
Size/MD5 checksum: 180862 a148c29afba10d5e75403dea33ddea9d
http://security.debian.org/pool/updates/main/x/xfree86/libsm6-dbg_4.3.0.dfsg.1-14sarge3_sparc.deb
Size/MD5 checksum: 204844 6885ec3fcb260cd54c3b10d1a6b80e3e
http://security.debian.org/pool/updates/main/x/xfree86/libx11-6_4.3.0.dfsg.1-14sarge3_sparc.deb
Size/MD5 checksum: 711862 05c681c1d9aa606692192546991dc4c8
http://security.debian.org/pool/updates/main/x/xfree86/libx11-6-dbg_4.3.0.dfsg.1-14sarge3_sparc.deb
Size/MD5 checksum: 9810500 96f9b7f647481a3a8cb07f3e589614b0
http://security.debian.org/pool/updates/main/x/xfree86/libx11-dev_4.3.0.dfsg.1-14sarge3_sparc.deb
Size/MD5 checksum: 1365910 cea371314adc8346bc04d55145bf7132
http://security.debian.org/pool/updates/main/x/xfree86/libxaw6_4.3.0.dfsg.1-14sarge3_sparc.deb
Size/MD5 checksum: 279718 c8759a8f7ba115ae15dad96e66ff3d70
http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dbg_4.3.0.dfsg.1-14sarge3_sparc.deb
Size/MD5 checksum: 892056 f15e34ed247caeeade4397859e8c045e
http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dev_4.3.0.dfsg.1-14sarge3_sparc.deb
Size/MD5 checksum: 417428 ddd304994c35f2b11434cc57678b6200
http://security.debian.org/pool/updates/main/x/xfree86/libxaw7_4.3.0.dfsg.1-14sarge3_sparc.deb
Size/MD5 checksum: 331668 aa8c142b8af774f3fe2b1a9f9afe5336
http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dbg_4.3.0.dfsg.1-14sarge3_sparc.deb
Size/MD5 checksum: 1026356 1e8d84afa56fa5a61685ff0b641774e5
http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dev_4.3.0.dfsg.1-14sarge3_sparc.deb
Size/MD5 checksum: 417338 7ade24d52608d946c225e5c4be803c3d
http://security.debian.org/pool/updates/main/x/xfree86/libxext-dev_4.3.0.dfsg.1-14sarge3_sparc.deb
Size/MD5 checksum: 247482 2d0dc48c46f5c0aaebedfd207699b801
http://security.debian.org/pool/updates/main/x/xfree86/libxext6_4.3.0.dfsg.1-14sarge3_sparc.deb
Size/MD5 checksum: 187792 1d819fcd2fb687bbe116b6727326daac
http://security.debian.org/pool/updates/main/x/xfree86/libxext6-dbg_4.3.0.dfsg.1-14sarge3_sparc.deb
Size/MD5 checksum: 516558 8c7179f7202d40a5f60dfcddd9cced06
http://security.debian.org/pool/updates/main/x/xfree86/libxft1_4.3.0.dfsg.1-14sarge3_sparc.deb
Size/MD5 checksum: 189846 bcc85d36bd7863444a561d6d0d7bc1bf
http://security.debian.org/pool/updates/main/x/xfree86/libxft1-dbg_4.3.0.dfsg.1-14sarge3_sparc.deb
Size/MD5 checksum: 478100 b381fe292a9fcb3aff5f54a3730c82ab
http://security.debian.org/pool/updates/main/x/xfree86/libxi-dev_4.3.0.dfsg.1-14sarge3_sparc.deb
Size/MD5 checksum: 230528 d0e74daf0645f7a4d9e88988b4110f5a
http://security.debian.org/pool/updates/main/x/xfree86/libxi6_4.3.0.dfsg.1-14sarge3_sparc.deb
Size/MD5 checksum: 178522 f797684b630c7b94837dfc064da221aa
http://security.debian.org/pool/updates/main/x/xfree86/libxi6-dbg_4.3.0.dfsg.1-14sarge3_sparc.deb
Size/MD5 checksum: 1198574 a3fc69e423818ceb83036878952064af
http://security.debian.org/pool/updates/main/x/xfree86/libxmu-dev_4.3.0.dfsg.1-14sarge3_sparc.deb
Size/MD5 checksum: 219068 dac8cd1cd25927ab8ba3adb5b3c13d45
http://security.debian.org/pool/updates/main/x/xfree86/libxmu6_4.3.0.dfsg.1-14sarge3_sparc.deb
Size/MD5 checksum: 208188 e99b887c7a5210693174ea0453c4a095
http://security.debian.org/pool/updates/main/x/xfree86/libxmu6-dbg_4.3.0.dfsg.1-14sarge3_sparc.deb
Size/MD5 checksum: 673178 f8a305fff41a8fd3560ba9620d68a0cf
http://security.debian.org/pool/updates/main/x/xfree86/libxmuu-dev_4.3.0.dfsg.1-14sarge3_sparc.deb
Size/MD5 checksum: 163184 1ef9674f59e1d452b3b375e3f6cc6ba4
http://security.debian.org/pool/updates/main/x/xfree86/libxmuu1_4.3.0.dfsg.1-14sarge3_sparc.deb
Size/MD5 checksum: 171726 a42c22e71c8f79ad852b59c8833b5480
http://security.debian.org/pool/updates/main/x/xfree86/libxmuu1-dbg_4.3.0.dfsg.1-14sarge3_sparc.deb
Size/MD5 checksum: 208980 ee24eb25da955b1b835f4acad6029188
http://security.debian.org/pool/updates/main/x/xfree86/libxp-dev_4.3.0.dfsg.1-14sarge3_sparc.deb
Size/MD5 checksum: 178962 fd22df9f1110413451eda040cf3d4215
http://security.debian.org/pool/updates/main/x/xfree86/libxp6_4.3.0.dfsg.1-14sarge3_sparc.deb
Size/MD5 checksum: 177550 05f9333009b40b16a56a655261c4569e
http://security.debian.org/pool/updates/main/x/xfree86/libxp6-dbg_4.3.0.dfsg.1-14sarge3_sparc.deb
Size/MD5 checksum: 573766 fc89bff55941f16ba246471874de95bf
http://security.debian.org/pool/updates/main/x/xfree86/libxpm-dev_4.3.0.dfsg.1-14sarge3_sparc.deb
Size/MD5 checksum: 194160 e16fe3bc639b204b7121cb63fdb45558
http://security.debian.org/pool/updates/main/x/xfree86/libxpm4_4.3.0.dfsg.1-14sarge3_sparc.deb
Size/MD5 checksum: 195154 bc337cf9957de401de6ba90a6222f94d
http://security.debian.org/pool/updates/main/x/xfree86/libxpm4-dbg_4.3.0.dfsg.1-14sarge3_sparc.deb
Size/MD5 checksum: 241360 9918a8f85df0c41a4d3ada958d916644
http://security.debian.org/pool/updates/main/x/xfree86/libxrandr-dev_4.3.0.dfsg.1-14sarge3_sparc.deb
Size/MD5 checksum: 171148 bc8aad869f6c663b43a0aef73dc8019b
http://security.debian.org/pool/updates/main/x/xfree86/libxrandr2_4.3.0.dfsg.1-14sarge3_sparc.deb
Size/MD5 checksum: 171376 0c7a75d8c7993858930cac664d7482a6
http://security.debian.org/pool/updates/main/x/xfree86/libxrandr2-dbg_4.3.0.dfsg.1-14sarge3_sparc.deb
Size/MD5 checksum: 200530 e4349aa63bd0681cf66fb531bda10396
http://security.debian.org/pool/updates/main/x/xfree86/libxt-dev_4.3.0.dfsg.1-14sarge3_sparc.deb
Size/MD5 checksum: 627184 f4b4c4b5834940321c5fd95a2279e12d
http://security.debian.org/pool/updates/main/x/xfree86/libxt6_4.3.0.dfsg.1-14sarge3_sparc.deb
Size/MD5 checksum: 330450 b93c2dfbebc8a8fcc2713e89ecda986c
http://security.debian.org/pool/updates/main/x/xfree86/libxt6-dbg_4.3.0.dfsg.1-14sarge3_sparc.deb
Size/MD5 checksum: 1533278 46825c4c0c5d393de98774b47e719cd0
http://security.debian.org/pool/updates/main/x/xfree86/libxtrap-dev_4.3.0.dfsg.1-14sarge3_sparc.deb
Size/MD5 checksum: 184926 46b30fe844b4c08a24b868d63dd3bd58
http://security.debian.org/pool/updates/main/x/xfree86/libxtrap6_4.3.0.dfsg.1-14sarge3_sparc.deb
Size/MD5 checksum: 179508 1eaf0ae4cf87d5ff00b361e9a1cb6f38
http://security.debian.org/pool/updates/main/x/xfree86/libxtrap6-dbg_4.3.0.dfsg.1-14sarge3_sparc.deb
Size/MD5 checksum: 410236 3564a0b2686f28cfe597c1cf97405627
http://security.debian.org/pool/updates/main/x/xfree86/libxtst-dev_4.3.0.dfsg.1-14sarge3_sparc.deb
Size/MD5 checksum: 170444 ccbcb0f2850701bfc6321c674a8b8ce6
http://security.debian.org/pool/updates/main/x/xfree86/libxtst6_4.3.0.dfsg.1-14sarge3_sparc.deb
Size/MD5 checksum: 174218 e5494fbdb588d2691c253c98d977ce4e
http://security.debian.org/pool/updates/main/x/xfree86/libxtst6-dbg_4.3.0.dfsg.1-14sarge3_sparc.deb
Size/MD5 checksum: 237016 4260166015dd5ecf364af96fca04ecbb
http://security.debian.org/pool/updates/main/x/xfree86/libxv-dev_4.3.0.dfsg.1-14sarge3_sparc.deb
Size/MD5 checksum: 190284 337d228e15acf2a7cf83026ba3b4bd4e
http://security.debian.org/pool/updates/main/x/xfree86/libxv1_4.3.0.dfsg.1-14sarge3_sparc.deb
Size/MD5 checksum: 172002 6e0d484b45388a3f9e0265831750fbf4
http://security.debian.org/pool/updates/main/x/xfree86/libxv1-dbg_4.3.0.dfsg.1-14sarge3_sparc.deb
Size/MD5 checksum: 202836 43787cf76647ccd5cbd7b9197d6b420f
http://security.debian.org/pool/updates/main/x/xfree86/proxymngr_4.3.0.dfsg.1-14sarge3_sparc.deb
Size/MD5 checksum: 181708 027d176b8b89cf2eecef08b3fa4b90be
http://security.debian.org/pool/updates/main/x/xfree86/twm_4.3.0.dfsg.1-14sarge3_sparc.deb
Size/MD5 checksum: 268224 12152b5bab3f6cce61aa19f9e05941ef
http://security.debian.org/pool/updates/main/x/xfree86/x-window-system-core_4.3.0.dfsg.1-14sarge3_sparc.deb
Size/MD5 checksum: 158632 68eda17dfb6d5846a93627748b1ad4cf
http://security.debian.org/pool/updates/main/x/xfree86/x-window-system-dev_4.3.0.dfsg.1-14sarge3_sparc.deb
Size/MD5 checksum: 158686 ec54e69cd4c1c82c623cc53978b22dd7
http://security.debian.org/pool/updates/main/x/xfree86/xbase-clients_4.3.0.dfsg.1-14sarge3_sparc.deb
Size/MD5 checksum: 1934896 77a1064998455a2cc1c384ae8fdcce29
http://security.debian.org/pool/updates/main/x/xfree86/xdm_4.3.0.dfsg.1-14sarge3_sparc.deb
Size/MD5 checksum: 307792 b181b2bdc84e8916e60676c8804d5173
http://security.debian.org/pool/updates/main/x/xfree86/xfs_4.3.0.dfsg.1-14sarge3_sparc.deb
Size/MD5 checksum: 498726 08f1f092d52d0f0faea072db99079d0e
http://security.debian.org/pool/updates/main/x/xfree86/xfwp_4.3.0.dfsg.1-14sarge3_sparc.deb
Size/MD5 checksum: 180478 909f79a3f4a4302fb52cdb4f625de32c
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-dri_4.3.0.dfsg.1-14sarge3_sparc.deb
Size/MD5 checksum: 706072 7bf7c05cbffb036433ec24a9f5006a77
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-dri-dbg_4.3.0.dfsg.1-14sarge3_sparc.deb
Size/MD5 checksum: 5583652 c58b16c2d860523368c0ee4624be4803
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl_4.3.0.dfsg.1-14sarge3_sparc.deb
Size/MD5 checksum: 287114 01850d1ca580b4dfb0608f39306a4b91
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl-dbg_4.3.0.dfsg.1-14sarge3_sparc.deb
Size/MD5 checksum: 1253294 76575b58b1cb40b6c3f060b7c07412c2
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl-dev_4.3.0.dfsg.1-14sarge3_sparc.deb
Size/MD5 checksum: 706766 97f87cc7b482596307e4b95b34c38f2a
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu_4.3.0.dfsg.1-14sarge3_sparc.deb
Size/MD5 checksum: 357804 a38bb604c839d14ec09d2cf74e781e64
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu-dbg_4.3.0.dfsg.1-14sarge3_sparc.deb
Size/MD5 checksum: 1110290 4fc9f2978c422f6771bea6531eaa106f
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu-dev_4.3.0.dfsg.1-14sarge3_sparc.deb
Size/MD5 checksum: 442180 5652768f439246c9e1c5ad68e1335520
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa3_4.3.0.dfsg.1-14sarge3_sparc.deb
Size/MD5 checksum: 158438 8c25fb31872381acd35354f91317c5a4
http://security.debian.org/pool/updates/main/x/xfree86/xlibosmesa-dev_4.3.0.dfsg.1-14sarge3_sparc.deb
Size/MD5 checksum: 823038 85b8ebe6d2e4d633c6dab56666ce2f78
http://security.debian.org/pool/updates/main/x/xfree86/xlibosmesa4_4.3.0.dfsg.1-14sarge3_sparc.deb
Size/MD5 checksum: 695786 0152e635b45f6c6878038ec796dc7cc4
http://security.debian.org/pool/updates/main/x/xfree86/xlibosmesa4-dbg_4.3.0.dfsg.1-14sarge3_sparc.deb
Size/MD5 checksum: 4596090 9318bd03402aff608c7cb1993a50fb90
http://security.debian.org/pool/updates/main/x/xfree86/xlibs-static-dev_4.3.0.dfsg.1-14sarge3_sparc.deb
Size/MD5 checksum: 863010 5d7a9b2b939bebd52b450235569449ac
http://security.debian.org/pool/updates/main/x/xfree86/xlibs-static-pic_4.3.0.dfsg.1-14sarge3_sparc.deb
Size/MD5 checksum: 387526 0db93eab07feae51dc80ec0f785bfd66
http://security.debian.org/pool/updates/main/x/xfree86/xmh_4.3.0.dfsg.1-14sarge3_sparc.deb
Size/MD5 checksum: 226286 bca8e3ba1abc54e535fc51e791ee23fb
http://security.debian.org/pool/updates/main/x/xfree86/xnest_4.3.0.dfsg.1-14sarge3_sparc.deb
Size/MD5 checksum: 1494844 492ef231edac7bf67969b425f325e095
http://security.debian.org/pool/updates/main/x/xfree86/xserver-common_4.3.0.dfsg.1-14sarge3_sparc.deb
Size/MD5 checksum: 336664 e6c981e1ebbba26892ab43b94e195c07
http://security.debian.org/pool/updates/main/x/xfree86/xserver-xfree86_4.3.0.dfsg.1-14sarge3_sparc.deb
Size/MD5 checksum: 5432244 6fb260dc0ce16280a897fb71143a5c16
http://security.debian.org/pool/updates/main/x/xfree86/xserver-xfree86-dbg_4.3.0.dfsg.1-14sarge3_sparc.deb
Size/MD5 checksum: 49725120 2cdd446c60eebcac976c770de31b696f
http://security.debian.org/pool/updates/main/x/xfree86/xterm_4.3.0.dfsg.1-14sarge3_sparc.deb
Size/MD5 checksum: 508648 d2db70e93fa1a20b801869c2146770f9
http://security.debian.org/pool/updates/main/x/xfree86/xutils_4.3.0.dfsg.1-14sarge3_sparc.deb
Size/MD5 checksum: 920670 62b75897a9f1ef8fa41c4877615ea585
http://security.debian.org/pool/updates/main/x/xfree86/xvfb_4.3.0.dfsg.1-14sarge3_sparc.deb
Size/MD5 checksum: 1626640 263daaa71644ff219841c835ca8c5f2b
http://security.debian.org/pool/updates/main/r/rdesktop/rdesktop_1.4.0-2sarge1_sparc.deb
Size/MD5 checksum: 101352 197681c30bb451093563cb9d9d380fcd
These files will probably be moved into the stable distribution on its next update.
For apt-get: deb http://security.debian.org/ stable/updates main For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main Mailing list: debian-security-announce@lists.debian.org Package info: `apt-cache show ' and http://packages.debian.org/ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux)
iD8DBQFGTMcnXm3vHE4uyloRAgwxAJ0ZNbdHNKMDBslDB+PDH+4REkBUIgCgqChe cG20nrUmt0Lbb++Dmcukkyo= =uFfR -----END PGP SIGNATURE-----
Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Show details on source website{
"affected_products": {
"_id": null,
"data": [
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 1.6,
"vendor": "redhat",
"version": "5.0"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 1.6,
"vendor": "redhat",
"version": "4.0"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 1.6,
"vendor": "redhat",
"version": "2.1"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 1.6,
"vendor": "redhat",
"version": "3.0"
},
{
"_id": null,
"model": "libxfont",
"scope": "eq",
"trust": 1.0,
"vendor": "x",
"version": "1.2.2"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "ubuntu",
"version": "6.06_lts"
},
{
"_id": null,
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "4.0"
},
{
"_id": null,
"model": "openbsd",
"scope": "eq",
"trust": 1.0,
"vendor": "openbsd",
"version": "3.9"
},
{
"_id": null,
"model": "mandrake multi network firewall",
"scope": "eq",
"trust": 1.0,
"vendor": "mandrakesoft",
"version": "2.0"
},
{
"_id": null,
"model": "x11r6",
"scope": "eq",
"trust": 1.0,
"vendor": "xfree86",
"version": "4.3.0.1"
},
{
"_id": null,
"model": "linux advanced workstation",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "2.1"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "ubuntu",
"version": "5.10"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "ubuntu",
"version": "6.10"
},
{
"_id": null,
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "3.0"
},
{
"_id": null,
"model": "x11r6",
"scope": "eq",
"trust": 1.0,
"vendor": "xfree86",
"version": "4.3.0"
},
{
"_id": null,
"model": "openbsd",
"scope": "eq",
"trust": 1.0,
"vendor": "openbsd",
"version": "4.0"
},
{
"_id": null,
"model": "x11r6",
"scope": "eq",
"trust": 1.0,
"vendor": "xfree86",
"version": "4.3.0.2"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "rpath",
"version": "1"
},
{
"_id": null,
"model": "freetype",
"scope": "lte",
"trust": 0.8,
"vendor": "freetype",
"version": "2.3.2"
},
{
"_id": null,
"model": "x.org x11",
"scope": "lte",
"trust": 0.8,
"vendor": "x",
"version": "r7.2"
},
{
"_id": null,
"model": "xfree86",
"scope": "lte",
"trust": 0.8,
"vendor": "xfree86",
"version": "4.6.99.20"
},
{
"_id": null,
"model": "mac os x",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "v10.4.11"
},
{
"_id": null,
"model": "mac os x server",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "v10.4.11"
},
{
"_id": null,
"model": "safari",
"scope": "lte",
"trust": 0.8,
"vendor": "apple",
"version": "3 beta update 3.0.3"
},
{
"_id": null,
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "2.0"
},
{
"_id": null,
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "2.1"
},
{
"_id": null,
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "3.0"
},
{
"_id": null,
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "3.0 (x86-64)"
},
{
"_id": null,
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "4.0"
},
{
"_id": null,
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "4.0 (x86-64)"
},
{
"_id": null,
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "10 (sparc)"
},
{
"_id": null,
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "10 (x86)"
},
{
"_id": null,
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "8 (sparc)"
},
{
"_id": null,
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "8 (x86)"
},
{
"_id": null,
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "9 (sparc)"
},
{
"_id": null,
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "9 (x86)"
},
{
"_id": null,
"model": "turbolinux",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "10_f"
},
{
"_id": null,
"model": "turbolinux desktop",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "10"
},
{
"_id": null,
"model": "turbolinux fuji",
"scope": null,
"trust": 0.8,
"vendor": "turbo linux",
"version": null
},
{
"_id": null,
"model": "turbolinux multimedia",
"scope": null,
"trust": 0.8,
"vendor": "turbo linux",
"version": null
},
{
"_id": null,
"model": "turbolinux personal",
"scope": null,
"trust": 0.8,
"vendor": "turbo linux",
"version": null
},
{
"_id": null,
"model": "turbolinux server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "10"
},
{
"_id": null,
"model": "turbolinux server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "10 (x64)"
},
{
"_id": null,
"model": "turbolinux server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "8"
},
{
"_id": null,
"model": "wizpy",
"scope": null,
"trust": 0.8,
"vendor": "turbo linux",
"version": null
},
{
"_id": null,
"model": "home",
"scope": null,
"trust": 0.8,
"vendor": "turbo linux",
"version": null
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "2.1 (as)"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "2.1 (es)"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "2.1 (ws)"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3 (as)"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3 (es)"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3 (ws)"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 (as)"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 (es)"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 (ws)"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5 (server)"
},
{
"_id": null,
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3.0"
},
{
"_id": null,
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4.0"
},
{
"_id": null,
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5.0 (client)"
},
{
"_id": null,
"model": "linux advanced workstation",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "2.1"
},
{
"_id": null,
"model": "rhel desktop workstation",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5 (client)"
},
{
"_id": null,
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2007.1"
},
{
"_id": null,
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2007.1"
}
],
"sources": [
{
"db": "BID",
"id": "23402"
},
{
"db": "CNNVD",
"id": "CNNVD-200704-102"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-000252"
},
{
"db": "NVD",
"id": "CVE-2007-1351"
}
]
},
"configurations": {
"_id": null,
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:freetype:freetype",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:x.org:x.org_x11",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:xfree86_project:xfree86",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:apple:mac_os_x",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:apple:mac_os_x_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:apple:safari",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:misc:miraclelinux_asianux_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:sun:solaris",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:turbolinux:turbolinux",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:turbolinux:turbolinux_desktop",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:turbolinux:turbolinux_fuji",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:turbolinux:turbolinux_multimedia",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:turbolinux:turbolinux_personal",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:turbolinux:turbolinux_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:turbolinux:turbolinux_wizpy",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:turbolinux:turbolinux_home",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:redhat:enterprise_linux",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:redhat:enterprise_linux_desktop",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:redhat:linux_advanced_workstation",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:redhat:rhel_desktop_workstation",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2007-000252"
}
]
},
"credits": {
"_id": null,
"data": "Greg MacManus",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200704-102"
}
],
"trust": 0.6
},
"cve": "CVE-2007-1351",
"cvss": {
"_id": null,
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 8.5,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 6.8,
"id": "CVE-2007-1351",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.9,
"vectorString": "AV:N/AC:M/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 8.5,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 6.8,
"id": "VHN-24713",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:S/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2007-1351",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2007-1351",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-200704-102",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-24713",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2007-1351",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-24713"
},
{
"db": "VULMON",
"id": "CVE-2007-1351"
},
{
"db": "CNNVD",
"id": "CNNVD-200704-102"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-000252"
},
{
"db": "NVD",
"id": "CVE-2007-1351"
}
]
},
"description": {
"_id": null,
"data": "Integer overflow in the bdfReadCharacters function in bdfread.c in (1) X.Org libXfont before 20070403 and (2) freetype 2.3.2 and earlier allows remote authenticated users to execute arbitrary code via crafted BDF fonts, which result in a heap overflow. X.Org and XFree86 of libXfont Used in bdfReadCharacters() In function BDF An integer overflow vulnerability exists due to a flaw in the parsing of fonts. Similar vulnerabilities FreeType Also exists.X Denial of service caused by a crash caused by a malicious user who can connect to the server (DoS) State, or X Server execution authority (root) May execute arbitrary code. FreeType is prone to a local integer-overflow vulnerability because it fails to adequately bounds-check user-supplied input. \nAn attacker can exploit this vulnerability to execute arbitrary code with superuser privileges. Failed exploit attempts will likely cause denial-of-service conditions. \nThis BID has been retired because it is a duplicate of BID 23283. X.Org is an official reference implementation of the X Window System operated by the X.Org Foundation. It is an open source free software. If the specially-made font information specifies more than 1,073,741,824 (2 to the 30th power) unit number in the first line, it may trigger a heap overflow. \n\n\nDebian 4.0 (stable)\n- -------------------\n\nStable updates are available for alpha, amd64, arm, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc. This request is used to determine what resource IDs\n are available for use. This function contains two vulnerabilities,\n both result in memory corruption of either the stack or heap. The\n ALLOCATE_LOCAL() macro used by this function allocates memory on the\n stack using alloca() on systems where alloca() is present, or using\n the heap otherwise. The handler function takes a user provided value,\n multiplies it, and then passes it to the above macro. (CVE-2007-1003)\n \n iDefense reported two integer overflows in the way X.org handled\n various font files. \n _______________________________________________________________________\n\n References:\n \n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1003\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1351\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1352\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1667\n _______________________________________________________________________\n \n Updated Packages:\n \n Mandriva Linux 2007.0:\n d96dcc000a74b02fbff0c3c0a5710767 2007.0/i586/libx11-common-1.0.3-2.2mdv2007.0.i586.rpm\n 0fbae1a4ac97941ea0f5e95e99fdf568 2007.0/i586/libx11_6-1.0.3-2.2mdv2007.0.i586.rpm\n 598252d23e15315d7213b09b1e3050ef 2007.0/i586/libx11_6-devel-1.0.3-2.2mdv2007.0.i586.rpm\n 1ffdc1a629ebded0e48cfc1ead8838b5 2007.0/i586/libx11_6-static-devel-1.0.3-2.2mdv2007.0.i586.rpm\n a3b70e66b722738df4d50295dd1a2604 2007.0/i586/libxfont1-1.1.0-4.2mdv2007.0.i586.rpm\n 14a727bef0655ad3385305230c16b6df 2007.0/i586/libxfont1-devel-1.1.0-4.2mdv2007.0.i586.rpm\n 46a3a943ba47a91cae462289425f1777 2007.0/i586/libxfont1-static-devel-1.1.0-4.2mdv2007.0.i586.rpm\n 71733a31bfce2d014975e7be5151fe87 2007.0/i586/x11-server-1.1.1-11.3mdv2007.0.i586.rpm\n b9650f724bcc27c9b02e4591b79a8170 2007.0/i586/x11-server-common-1.1.1-11.3mdv2007.0.i586.rpm\n 96291cb67e5effea3226d228934ca668 2007.0/i586/x11-server-devel-1.1.1-11.3mdv2007.0.i586.rpm\n ada36533a54b6abb8d9e05edcbe85a9b 2007.0/i586/x11-server-xati-1.1.1-11.3mdv2007.0.i586.rpm\n 65b27efd9b19e654917dc507a9fcc85b 2007.0/i586/x11-server-xchips-1.1.1-11.3mdv2007.0.i586.rpm\n 08be63fced01787c67111c49a37a217b 2007.0/i586/x11-server-xdmx-1.1.1-11.3mdv2007.0.i586.rpm\n b3808f59c82737c0a920f120e2821fda 2007.0/i586/x11-server-xephyr-1.1.1-11.3mdv2007.0.i586.rpm\n d11c6a18afe3aed8f1a51bf765bbdf68 2007.0/i586/x11-server-xepson-1.1.1-11.3mdv2007.0.i586.rpm\n 87e8f828f97229acd5ad881894cd1e13 2007.0/i586/x11-server-xfake-1.1.1-11.3mdv2007.0.i586.rpm\n f6ffd1174cbf64279a2feb6924f66e42 2007.0/i586/x11-server-xfbdev-1.1.1-11.3mdv2007.0.i586.rpm\n ab872f9c530a3fcc8397b111dfb43b44 2007.0/i586/x11-server-xgl-0.0.1-0.20060714.10.1mdv2007.0.i586.rpm\n fcc1678a7855a9bd889f819a29df978e 2007.0/i586/x11-server-xi810-1.1.1-11.3mdv2007.0.i586.rpm\n 3cf1b4fc5536ed5b54e8aad5b268ff2e 2007.0/i586/x11-server-xmach64-1.1.1-11.3mdv2007.0.i586.rpm\n 4ca148ffa7d5b363fd8fedfeef1cee71 2007.0/i586/x11-server-xmga-1.1.1-11.3mdv2007.0.i586.rpm\n dbf20841fd17021879081b4a6c869f3e 2007.0/i586/x11-server-xneomagic-1.1.1-11.3mdv2007.0.i586.rpm\n afd9701501cbe1b55cd5936456b04fc8 2007.0/i586/x11-server-xnest-1.1.1-11.3mdv2007.0.i586.rpm\n e91bf46f57be620a10bbbeff792df61b 2007.0/i586/x11-server-xnvidia-1.1.1-11.3mdv2007.0.i586.rpm\n a471731278537202b3c82792ad4e3368 2007.0/i586/x11-server-xorg-1.1.1-11.3mdv2007.0.i586.rpm\n 61661f612a200395a9d8a16923876ac8 2007.0/i586/x11-server-xpm2-1.1.1-11.3mdv2007.0.i586.rpm\n c85b6311efa2b1719ab77e5eb7231160 2007.0/i586/x11-server-xprt-1.1.1-11.3mdv2007.0.i586.rpm\n 08e47b2ae0c09d5d117e583941535a06 2007.0/i586/x11-server-xr128-1.1.1-11.3mdv2007.0.i586.rpm\n 1aa8aa6927148ac3d64dc047709f5abf 2007.0/i586/x11-server-xsdl-1.1.1-11.3mdv2007.0.i586.rpm\n 674a1a4c2fb68d234153033efae15394 2007.0/i586/x11-server-xsmi-1.1.1-11.3mdv2007.0.i586.rpm\n 77e6c7649a00f81d7538593b99d0678a 2007.0/i586/x11-server-xvesa-1.1.1-11.3mdv2007.0.i586.rpm\n bd6c55d0ad9e770d5680ae9dbd687a02 2007.0/i586/x11-server-xvfb-1.1.1-11.3mdv2007.0.i586.rpm\n 9867b8ebc08673dc8cf55a888bc0b22d 2007.0/i586/x11-server-xvia-1.1.1-11.3mdv2007.0.i586.rpm \n 44e16d3504f636eec6f4d51a5b506d39 2007.0/SRPMS/libx11-1.0.3-2.2mdv2007.0.src.rpm\n c552e38dc91ffef35ca44c4b5b09d22d 2007.0/SRPMS/libxfont-1.1.0-4.2mdv2007.0.src.rpm\n 678c7993955955fe45eb7c3a3d8c51c1 2007.0/SRPMS/x11-server-1.1.1-11.3mdv2007.0.src.rpm\n 18a0b058a4b1d5150139dea9a733e024 2007.0/SRPMS/x11-server-xgl-0.0.1-0.20060714.10.1mdv2007.0.src.rpm\n\n Mandriva Linux 2007.0/X86_64:\n 19a970386a276dd606b11400cd672c68 2007.0/x86_64/lib64x11_6-1.0.3-2.2mdv2007.0.x86_64.rpm\n 694178b488cfb01096ade83be1aa0d4c 2007.0/x86_64/lib64x11_6-devel-1.0.3-2.2mdv2007.0.x86_64.rpm\n 9e666c058971ae71a1644115c2dbc851 2007.0/x86_64/lib64x11_6-static-devel-1.0.3-2.2mdv2007.0.x86_64.rpm\n ae890ea6d025a00b8d1397fb2a8bee2c 2007.0/x86_64/lib64xfont1-1.1.0-4.2mdv2007.0.x86_64.rpm\n ae510dc95b877ce304c382da30ee6680 2007.0/x86_64/lib64xfont1-devel-1.1.0-4.2mdv2007.0.x86_64.rpm\n f4a67a4311146a73ea1ac5d2a094f511 2007.0/x86_64/lib64xfont1-static-devel-1.1.0-4.2mdv2007.0.x86_64.rpm\n b4186951ec846155eef67caf20a713d0 2007.0/x86_64/libx11-common-1.0.3-2.2mdv2007.0.x86_64.rpm\n 8e4dc66ec5d759761f8d36dd28194499 2007.0/x86_64/x11-server-1.1.1-11.3mdv2007.0.x86_64.rpm\n 932015ff2760dd9d155a3d62255fe9d8 2007.0/x86_64/x11-server-common-1.1.1-11.3mdv2007.0.x86_64.rpm\n 89a0a8d5751a07d2533ba5f6afb39584 2007.0/x86_64/x11-server-devel-1.1.1-11.3mdv2007.0.x86_64.rpm\n 72fc80b4c4ecbc09a6553375dfb45598 2007.0/x86_64/x11-server-xdmx-1.1.1-11.3mdv2007.0.x86_64.rpm\n 4020ee2d1bb311b944b7cee828a9591b 2007.0/x86_64/x11-server-xephyr-1.1.1-11.3mdv2007.0.x86_64.rpm\n ceb7ed60ceabf6beab04fb4f7d5a6b9f 2007.0/x86_64/x11-server-xfake-1.1.1-11.3mdv2007.0.x86_64.rpm\n 2e283d8183630848bd4bf3c36ec78da2 2007.0/x86_64/x11-server-xfbdev-1.1.1-11.3mdv2007.0.x86_64.rpm\n 41b186290408566c3af16ad56bff4583 2007.0/x86_64/x11-server-xgl-0.0.1-0.20060714.10.1mdv2007.0.x86_64.rpm\n f03f5f7b95ee81d36558cc286dbc09cf 2007.0/x86_64/x11-server-xnest-1.1.1-11.3mdv2007.0.x86_64.rpm\n ded05b44c119989703ec335ef8d7ba77 2007.0/x86_64/x11-server-xorg-1.1.1-11.3mdv2007.0.x86_64.rpm\n 58a552e341f4ccf59906f9ff32f1e96b 2007.0/x86_64/x11-server-xprt-1.1.1-11.3mdv2007.0.x86_64.rpm\n 908d1a089250581475bf63d3bd615209 2007.0/x86_64/x11-server-xsdl-1.1.1-11.3mdv2007.0.x86_64.rpm\n f1b54633237b6f56857f9022f9621b3a 2007.0/x86_64/x11-server-xvfb-1.1.1-11.3mdv2007.0.x86_64.rpm \n 44e16d3504f636eec6f4d51a5b506d39 2007.0/SRPMS/libx11-1.0.3-2.2mdv2007.0.src.rpm\n c552e38dc91ffef35ca44c4b5b09d22d 2007.0/SRPMS/libxfont-1.1.0-4.2mdv2007.0.src.rpm\n 678c7993955955fe45eb7c3a3d8c51c1 2007.0/SRPMS/x11-server-1.1.1-11.3mdv2007.0.src.rpm\n 18a0b058a4b1d5150139dea9a733e024 2007.0/SRPMS/x11-server-xgl-0.0.1-0.20060714.10.1mdv2007.0.src.rpm\n\n Corporate 3.0:\n 918c04c922a1613680cbbe9487e96c1f corporate/3.0/i586/X11R6-contrib-4.3-32.13.C30mdk.i586.rpm\n 89f73d5c80e4c5ff474b115d825b5c09 corporate/3.0/i586/XFree86-100dpi-fonts-4.3-32.13.C30mdk.i586.rpm\n 4a350003e29da90f9e20cfc490630e44 corporate/3.0/i586/XFree86-4.3-32.13.C30mdk.i586.rpm\n c1337f1ed5267d530dbf665f50619145 corporate/3.0/i586/XFree86-75dpi-fonts-4.3-32.13.C30mdk.i586.rpm\n 38c323d2e089e7f1cac411c6156a5025 corporate/3.0/i586/XFree86-Xnest-4.3-32.13.C30mdk.i586.rpm\n 9b18d33108c7d5aafb3e2d689045e91a corporate/3.0/i586/XFree86-Xvfb-4.3-32.13.C30mdk.i586.rpm\n 7fc5ac98bb77dc5ed11b52a17ca1ab18 corporate/3.0/i586/XFree86-cyrillic-fonts-4.3-32.13.C30mdk.i586.rpm\n be5ab8321d77e24e57553c9e537082e6 corporate/3.0/i586/XFree86-doc-4.3-32.13.C30mdk.i586.rpm\n 19353085c52e811da6d5cc9f173abb4a corporate/3.0/i586/XFree86-glide-module-4.3-32.13.C30mdk.i586.rpm\n 3373a7e9398a1788ab4bea0f12a9dce2 corporate/3.0/i586/XFree86-server-4.3-32.13.C30mdk.i586.rpm\n f78239e305badabba3d638b361473436 corporate/3.0/i586/XFree86-xfs-4.3-32.13.C30mdk.i586.rpm\n 69b594d3b0438be4c25c36abb37e5159 corporate/3.0/i586/libxfree86-4.3-32.13.C30mdk.i586.rpm\n 9d1c0eb89083a9f62c14d29126a0ce06 corporate/3.0/i586/libxfree86-devel-4.3-32.13.C30mdk.i586.rpm\n c67bddf7736902533773979e627b8761 corporate/3.0/i586/libxfree86-static-devel-4.3-32.13.C30mdk.i586.rpm \n 5f194d3c82ab8f214c16f33bd4952107 corporate/3.0/SRPMS/XFree86-4.3-32.13.C30mdk.src.rpm\n\n Corporate 3.0/X86_64:\n 2bd23a1148e5b379ff0305d9f96032f0 corporate/3.0/x86_64/X11R6-contrib-4.3-32.13.C30mdk.x86_64.rpm\n dc08cee63f5dcbed1b036c3708a657a1 corporate/3.0/x86_64/XFree86-100dpi-fonts-4.3-32.13.C30mdk.x86_64.rpm\n 171a7012e64618b79dc8880180093f76 corporate/3.0/x86_64/XFree86-4.3-32.13.C30mdk.x86_64.rpm\n de12bcbf7f7ebdec9becb1c051162ecf corporate/3.0/x86_64/XFree86-75dpi-fonts-4.3-32.13.C30mdk.x86_64.rpm\n 7f208dc7263f1558cf3f10e04e1ed5c9 corporate/3.0/x86_64/XFree86-Xnest-4.3-32.13.C30mdk.x86_64.rpm\n c24a2d0fa210741e5aade751bd8a61df corporate/3.0/x86_64/XFree86-Xvfb-4.3-32.13.C30mdk.x86_64.rpm\n a89a370a0185521e83c37b8daf60fdd0 corporate/3.0/x86_64/XFree86-cyrillic-fonts-4.3-32.13.C30mdk.x86_64.rpm\n 840dbd21393e5611d162ccf755792d4f corporate/3.0/x86_64/XFree86-doc-4.3-32.13.C30mdk.x86_64.rpm\n b9595f9ffe3bc8a1d16522b6a47d5598 corporate/3.0/x86_64/XFree86-server-4.3-32.13.C30mdk.x86_64.rpm\n 63479edcdcbe976b96582c481b986f5e corporate/3.0/x86_64/XFree86-xfs-4.3-32.13.C30mdk.x86_64.rpm\n 525e0d97ff88d1905502d405f90d4085 corporate/3.0/x86_64/lib64xfree86-4.3-32.13.C30mdk.x86_64.rpm\n 66f6f35a1c45d88672bbc2b2ea9c8f2d corporate/3.0/x86_64/lib64xfree86-devel-4.3-32.13.C30mdk.x86_64.rpm\n 2717e4c7875f4de5e880ad95b595fecd corporate/3.0/x86_64/lib64xfree86-static-devel-4.3-32.13.C30mdk.x86_64.rpm \n 5f194d3c82ab8f214c16f33bd4952107 corporate/3.0/SRPMS/XFree86-4.3-32.13.C30mdk.src.rpm\n\n Corporate 4.0:\n e63a99edfa23138af23caa7c9c980d54 corporate/4.0/i586/X11R6-contrib-6.9.0-5.15.20060mlcs4.i586.rpm\n 9fa37dcac91bc52853239a3b86acbfa8 corporate/4.0/i586/libxorg-x11-6.9.0-5.15.20060mlcs4.i586.rpm\n b34ee5541e4d8e7f37dcde66a75c6cfb corporate/4.0/i586/libxorg-x11-devel-6.9.0-5.15.20060mlcs4.i586.rpm\n 71d076aff757c1778782065b3e7de161 corporate/4.0/i586/libxorg-x11-static-devel-6.9.0-5.15.20060mlcs4.i586.rpm\n 59b2613a3f02781d966b76751a4f432c corporate/4.0/i586/xorg-x11-100dpi-fonts-6.9.0-5.15.20060mlcs4.i586.rpm\n 111813e2cbdeef71c025de2235199e90 corporate/4.0/i586/xorg-x11-6.9.0-5.15.20060mlcs4.i586.rpm\n 44b0a56d98313c72b05bfc4b28ff024b corporate/4.0/i586/xorg-x11-75dpi-fonts-6.9.0-5.15.20060mlcs4.i586.rpm\n 08026da35859225b367ab26e813d57d7 corporate/4.0/i586/xorg-x11-Xdmx-6.9.0-5.15.20060mlcs4.i586.rpm\n 46f848204211932f59a8ecaf02a3894e corporate/4.0/i586/xorg-x11-Xnest-6.9.0-5.15.20060mlcs4.i586.rpm\n eb232b39a68609ffb5adc5f472dc5d1d corporate/4.0/i586/xorg-x11-Xprt-6.9.0-5.15.20060mlcs4.i586.rpm\n 055b63beae6e771a6b948049fed128cf corporate/4.0/i586/xorg-x11-Xvfb-6.9.0-5.15.20060mlcs4.i586.rpm\n b2438635efdf6ed16508580cc901ecb5 corporate/4.0/i586/xorg-x11-cyrillic-fonts-6.9.0-5.15.20060mlcs4.i586.rpm\n 91ac90d71030f3bfe0fdb9ddaf2ad816 corporate/4.0/i586/xorg-x11-doc-6.9.0-5.15.20060mlcs4.i586.rpm\n bf50b7e3fa360f3fd1aa61444526b9b8 corporate/4.0/i586/xorg-x11-glide-module-6.9.0-5.15.20060mlcs4.i586.rpm\n 372cfc8231f2f2d31760f165ee80d4e6 corporate/4.0/i586/xorg-x11-server-6.9.0-5.15.20060mlcs4.i586.rpm\n 7a73f4094d5ea7c3020a3b78ea9c9c98 corporate/4.0/i586/xorg-x11-xauth-6.9.0-5.15.20060mlcs4.i586.rpm\n 61bd1d2dae41148425196597d28460af corporate/4.0/i586/xorg-x11-xfs-6.9.0-5.15.20060mlcs4.i586.rpm \n 1e8a87194b755917783b1a6856a684a3 corporate/4.0/SRPMS/xorg-x11-6.9.0-5.15.20060mlcs4.src.rpm\n\n Corporate 4.0/X86_64:\n 32ff784cd7c2401ee6bb9cd2b814159b corporate/4.0/x86_64/X11R6-contrib-6.9.0-5.15.20060mlcs4.x86_64.rpm\n d2575d1962896839c66e5a6d4f0d243b corporate/4.0/x86_64/lib64xorg-x11-6.9.0-5.15.20060mlcs4.x86_64.rpm\n 49455f9280c0f2e45cbfe40957644a06 corporate/4.0/x86_64/lib64xorg-x11-devel-6.9.0-5.15.20060mlcs4.x86_64.rpm\n f57c87d13d3411731b28ac002873887f corporate/4.0/x86_64/lib64xorg-x11-static-devel-6.9.0-5.15.20060mlcs4.x86_64.rpm\n cec0f84d92610fe7319678d52f85d69d corporate/4.0/x86_64/xorg-x11-100dpi-fonts-6.9.0-5.15.20060mlcs4.x86_64.rpm\n bbccb6cf65819363d944b72ea5dc0f94 corporate/4.0/x86_64/xorg-x11-6.9.0-5.15.20060mlcs4.x86_64.rpm\n 6aef383c3f44fc6b66fc3175084b87fc corporate/4.0/x86_64/xorg-x11-75dpi-fonts-6.9.0-5.15.20060mlcs4.x86_64.rpm\n c036dce014adc7e5a74a181cf9fabdaf corporate/4.0/x86_64/xorg-x11-Xdmx-6.9.0-5.15.20060mlcs4.x86_64.rpm\n 59d992851f3d52838a9515f9449905d5 corporate/4.0/x86_64/xorg-x11-Xnest-6.9.0-5.15.20060mlcs4.x86_64.rpm\n 11867453dc758141fb38c33e3812e8e1 corporate/4.0/x86_64/xorg-x11-Xprt-6.9.0-5.15.20060mlcs4.x86_64.rpm\n a248cd02f7d7864c779491c6a9e696e1 corporate/4.0/x86_64/xorg-x11-Xvfb-6.9.0-5.15.20060mlcs4.x86_64.rpm\n 6bec3e71d6c044a563bca2733260adb9 corporate/4.0/x86_64/xorg-x11-cyrillic-fonts-6.9.0-5.15.20060mlcs4.x86_64.rpm\n d2f5b5cebcecefdce3cc1bfb550bf481 corporate/4.0/x86_64/xorg-x11-doc-6.9.0-5.15.20060mlcs4.x86_64.rpm\n 780c01a55862d4b9ac03286ac787b725 corporate/4.0/x86_64/xorg-x11-glide-module-6.9.0-5.15.20060mlcs4.x86_64.rpm\n 3ad687a6bb67d02ed23cb6d57ca0ea85 corporate/4.0/x86_64/xorg-x11-server-6.9.0-5.15.20060mlcs4.x86_64.rpm\n 3f02a8bf7e6e94b4696baa3998712dae corporate/4.0/x86_64/xorg-x11-xauth-6.9.0-5.15.20060mlcs4.x86_64.rpm\n 5df334cae18035961430532b7fa6a71f corporate/4.0/x86_64/xorg-x11-xfs-6.9.0-5.15.20060mlcs4.x86_64.rpm \n 1e8a87194b755917783b1a6856a684a3 corporate/4.0/SRPMS/xorg-x11-6.9.0-5.15.20060mlcs4.src.rpm\n _______________________________________________________________________\n\n To upgrade automatically use MandrivaUpdate or urpmi. The verification\n of md5 checksums and GPG signatures is performed automatically for you. You can obtain the\n GPG public key of the Mandriva Security Team by executing:\n\n gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98\n\n You can view other update advisories for Mandriva Linux at:\n\n http://www.mandriva.com/security/advisories\n\n If you want to report vulnerabilities, please contact\n\n security_(at)_mandriva.com\n _______________________________________________________________________\n\n Type Bits/KeyID Date User ID\n pub 1024D/22458A98 2000-07-10 Mandriva Security Team\n \u003csecurity*mandriva.com\u003e\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.7 (GNU/Linux)\n\niD8DBQFGFAoYmqjQ0CJFipgRAvkHAJwJVFe0mT1yBHKjcTWYIRiSz7YoZQCdF6wt\n/Czi8NSscvNCkThUftxcIJY=\n=eRgy\n-----END PGP SIGNATURE-----\n\n_______________________________________________\nFull-Disclosure - We believe in it. (CVE-2007-1351, CVE-2007-1352)\n \n TightVNC uses some of the same code base as Xorg, and has the same\n vulnerable code. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n- --------------------------------------------------------------------------\nDebian Security Advisory DSA 1294-1 security@debian.org\nhttp://www.debian.org/security/ Moritz Muehlenhoff\nMay 17th, 2007 http://www.debian.org/security/faq\n- --------------------------------------------------------------------------\n\nPackage : xfree86\nVulnerability : several\nProblem-Type : local\nDebian-specific: no\nCVE ID : CVE-2007-1003 CVE-2007-1351 CVE-2007-1352 CVE-2007-1667\n\nSeveral vulnerabilities have been discovered in the X Window System,\nwhich may lead to privilege escalation. The Common Vulnerabilities and\nExposures project identifies the following problems:\n\nCVE-2007-1003\n\n Sean Larsson discovered an integer overflow in the XC-MISC extension,\n which might lead to denial of service or local privilege escalation. \n\nCVE-2007-1351\n\n Greg MacManus discovered an integer overflow in the font handling,\n which might lead to denial of service or local privilege escalation. \n\nCVE-2007-1352\n\n Greg MacManus discovered an integer overflow in the font handling,\n which might lead to denial of service or local privilege escalation. \n This update introduces tighter sanity checking of input passed to\n XCreateImage(). To cope with this an updated rdesktop package is\n delivered along with this security update. Another application\n reported to break is the proprietary Opera browser, which isn\u0027t\n part of Debian. The vendor has released updated packages, though. \n\nFor the old stable distribution (sarge) these problems have been fixed in\nversion 4.3.0.dfsg.1-14sarge4. This update lacks builds for the Sparc\narchitecture, due to problems on the build host. Packages will be released\nonce this problem has been resolved. \n\nThe stable distribution (etch) isn\u0027t affected by these problems, as the\nvulnerabilities have already been fixed during the Etch preparation\nfreeze phase. \n\nWe recommend that you upgrade your XFree86 packages. \n\nUpgrade Instructions\n- --------------------\n\nwget url\n will fetch the file for you\ndpkg -i file.deb\n will install the referenced file. \n\nIf you are using the apt-get package manager, use the line for\nsources.list as given below:\n\napt-get update\n will update the internal database\napt-get upgrade\n will install corrected packages\n\nYou may use an automated update by adding the resources from the\nfooter to the proper configuration. \n\n\nDebian GNU/Linux 3.1 alias sarge\n- --------------------------------\n\n Source archives:\n\n http://security.debian.org/pool/updates/main/x/xfree86/xfree86_4.3.0.dfsg.1-14sarge4.dsc\n Size/MD5 checksum: 2642 189d0d7d0b7dbbf26755923b438e5e4c\n http://security.debian.org/pool/updates/main/x/xfree86/xfree86_4.3.0.dfsg.1-14sarge4.diff.gz\n Size/MD5 checksum: 3644476 e3ae500a08998d20996e1b386253e1cc\n http://security.debian.org/pool/updates/main/x/xfree86/xfree86_4.3.0.dfsg.1.orig.tar.gz\n Size/MD5 checksum: 59123696 8e6990288c8f1a1d1e03f7c36d7185ee\n http://security.debian.org/pool/updates/main/r/rdesktop/rdesktop_1.4.0-2sarge1.dsc\n Size/MD5 checksum: 623 95239010d328848d69bbcd59df29ee1b\n http://security.debian.org/pool/updates/main/r/rdesktop/rdesktop_1.4.0-2sarge1.diff.gz\n Size/MD5 checksum: 10664 ac732ace18f41e829a3c38730934fbc4\n http://security.debian.org/pool/updates/main/r/rdesktop/rdesktop_1.4.0.orig.tar.gz\n Size/MD5 checksum: 202531 542cb9d9b4dd1ecaf3ed4ff753fea7b8\n\n Architecture independent components:\n\n http://security.debian.org/pool/updates/main/x/xfree86/pm-dev_4.3.0.dfsg.1-14sarge4_all.deb\n Size/MD5 checksum: 159434 d8aede0aaa9682ba7997447110d31ca5\n http://security.debian.org/pool/updates/main/x/xfree86/x-dev_4.3.0.dfsg.1-14sarge4_all.deb\n Size/MD5 checksum: 216476 5401b81557f7953a5e476127544a94f6\n http://security.debian.org/pool/updates/main/x/xfree86/x-window-system_4.3.0.dfsg.1-14sarge4_all.deb\n Size/MD5 checksum: 158730 8f841f4bc6efc65cc48e468163170116\n http://security.debian.org/pool/updates/main/x/xfree86/xfonts-100dpi-transcoded_4.3.0.dfsg.1-14sarge4_all.deb\n Size/MD5 checksum: 8195040 c3c684a6c8a3a10f280ce25a6523fa50\n http://security.debian.org/pool/updates/main/x/xfree86/xfonts-100dpi_4.3.0.dfsg.1-14sarge4_all.deb\n Size/MD5 checksum: 4363090 0a9af1fd8109decea7c5e2bc9342a1c7\n http://security.debian.org/pool/updates/main/x/xfree86/xfonts-75dpi-transcoded_4.3.0.dfsg.1-14sarge4_all.deb\n Size/MD5 checksum: 7073122 b42b7454c680f94cf4d912d6e263c679\n http://security.debian.org/pool/updates/main/x/xfree86/xfonts-75dpi_4.3.0.dfsg.1-14sarge4_all.deb\n Size/MD5 checksum: 3840910 eba04ef15ba7280352b8731e2705726b\n http://security.debian.org/pool/updates/main/x/xfree86/xfonts-base-transcoded_4.3.0.dfsg.1-14sarge4_all.deb\n Size/MD5 checksum: 1203680 546bafab0ffec15de52f51983bcf2c07\n http://security.debian.org/pool/updates/main/x/xfree86/xfonts-base_4.3.0.dfsg.1-14sarge4_all.deb\n Size/MD5 checksum: 5490622 7d4613aadcadb86fc4242363784818ba\n http://security.debian.org/pool/updates/main/x/xfree86/xfonts-cyrillic_4.3.0.dfsg.1-14sarge4_all.deb\n Size/MD5 checksum: 541216 16dbec56de243edf187e52c650532e91\n http://security.debian.org/pool/updates/main/x/xfree86/xfonts-scalable_4.3.0.dfsg.1-14sarge4_all.deb\n Size/MD5 checksum: 901006 adf45fe9c5d1d84f912d2a9b789a1b8b\n http://security.debian.org/pool/updates/main/x/xfree86/xfree86-common_4.3.0.dfsg.1-14sarge4_all.deb\n Size/MD5 checksum: 815600 154c4731c74c14685319ffd2e5535f79\n http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-dev_4.3.0.dfsg.1-14sarge4_all.deb\n Size/MD5 checksum: 158582 5ec2b681939a466c832c7b91a6c71589\n http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa3-dbg_4.3.0.dfsg.1-14sarge4_all.deb\n Size/MD5 checksum: 158596 2a90dc555891313b58b5b0d11e33b8c8\n http://security.debian.org/pool/updates/main/x/xfree86/xlibs-data_4.3.0.dfsg.1-14sarge4_all.deb\n Size/MD5 checksum: 907066 a82eb5f3920df1c3e4c42c212efb78a7\n http://security.debian.org/pool/updates/main/x/xfree86/xlibs-dbg_4.3.0.dfsg.1-14sarge4_all.deb\n Size/MD5 checksum: 158648 bed92016a1cedd08e985becce0aadec1\n http://security.debian.org/pool/updates/main/x/xfree86/xlibs-dev_4.3.0.dfsg.1-14sarge4_all.deb\n Size/MD5 checksum: 158646 e55d85a5a7d6687cbf802575038344d0\n http://security.debian.org/pool/updates/main/x/xfree86/xlibs-pic_4.3.0.dfsg.1-14sarge4_all.deb\n Size/MD5 checksum: 158554 96ba78abf30b4e2d087f2797625589cc\n http://security.debian.org/pool/updates/main/x/xfree86/xlibs_4.3.0.dfsg.1-14sarge4_all.deb\n Size/MD5 checksum: 426718 64389fde8c4cb693fef2a5953fb2b109\n http://security.debian.org/pool/updates/main/x/xfree86/xspecs_4.3.0.dfsg.1-14sarge4_all.deb\n Size/MD5 checksum: 5835466 28f15b50daff3453e208642777c1c311\n\n Alpha architecture:\n\n http://security.debian.org/pool/updates/main/x/xfree86/lbxproxy_4.3.0.dfsg.1-14sarge4_alpha.deb\n Size/MD5 checksum: 284996 92f0024fab7a481cd4e34dc024f457aa\n http://security.debian.org/pool/updates/main/x/xfree86/libdps-dev_4.3.0.dfsg.1-14sarge4_alpha.deb\n Size/MD5 checksum: 441170 70ec1d5a6b3bf7a36863360747e6cdb4\n http://security.debian.org/pool/updates/main/x/xfree86/libdps1_4.3.0.dfsg.1-14sarge4_alpha.deb\n Size/MD5 checksum: 313428 2b07fef9a8355e4d43947a1a63aff81e\n http://security.debian.org/pool/updates/main/x/xfree86/libdps1-dbg_4.3.0.dfsg.1-14sarge4_alpha.deb\n Size/MD5 checksum: 822188 fd73dfdda3bc273ce185908a3720c45a\n http://security.debian.org/pool/updates/main/x/xfree86/libice-dev_4.3.0.dfsg.1-14sarge4_alpha.deb\n Size/MD5 checksum: 230570 9ab3ab85a12236d862e78b0f0f87dea7\n http://security.debian.org/pool/updates/main/x/xfree86/libice6_4.3.0.dfsg.1-14sarge4_alpha.deb\n Size/MD5 checksum: 209934 e15bfecad9eab9fb197772520d21067a\n http://security.debian.org/pool/updates/main/x/xfree86/libice6-dbg_4.3.0.dfsg.1-14sarge4_alpha.deb\n Size/MD5 checksum: 295454 33ccdd1fc0dc73ccc66a45c0ae8a290d\n http://security.debian.org/pool/updates/main/x/xfree86/libsm-dev_4.3.0.dfsg.1-14sarge4_alpha.deb\n Size/MD5 checksum: 184480 3fe3048544b48f0926dbf6f4d163dd0e\n http://security.debian.org/pool/updates/main/x/xfree86/libsm6_4.3.0.dfsg.1-14sarge4_alpha.deb\n Size/MD5 checksum: 184848 b5c69e554bcdce7e1baecdb8a1cb5c9c\n http://security.debian.org/pool/updates/main/x/xfree86/libsm6-dbg_4.3.0.dfsg.1-14sarge4_alpha.deb\n Size/MD5 checksum: 209954 49853ed0ce0dc522e9f43d77ed807137\n http://security.debian.org/pool/updates/main/x/xfree86/libx11-6_4.3.0.dfsg.1-14sarge4_alpha.deb\n Size/MD5 checksum: 816088 94c427b0abe62c425b2bcdf372c792c8\n http://security.debian.org/pool/updates/main/x/xfree86/libx11-6-dbg_4.3.0.dfsg.1-14sarge4_alpha.deb\n Size/MD5 checksum: 9804934 4623cd96de525311a862c2e1fad78344\n http://security.debian.org/pool/updates/main/x/xfree86/libx11-dev_4.3.0.dfsg.1-14sarge4_alpha.deb\n Size/MD5 checksum: 1576092 8e18e092949d8bd0f9e5ffb9d7f447e9\n http://security.debian.org/pool/updates/main/x/xfree86/libxaw6_4.3.0.dfsg.1-14sarge4_alpha.deb\n Size/MD5 checksum: 317732 e2f03ac371b2cbb1a2b84dae43959f3c\n http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dbg_4.3.0.dfsg.1-14sarge4_alpha.deb\n Size/MD5 checksum: 934034 af848a96c5dabdb756549d66f16f5ad5\n http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dev_4.3.0.dfsg.1-14sarge4_alpha.deb\n Size/MD5 checksum: 522864 fe5ee0cf23f25f8e625a1428f90e39d2\n http://security.debian.org/pool/updates/main/x/xfree86/libxaw7_4.3.0.dfsg.1-14sarge4_alpha.deb\n Size/MD5 checksum: 382736 5fb1194cbf510977519c2f99903f3e8d\n http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dbg_4.3.0.dfsg.1-14sarge4_alpha.deb\n Size/MD5 checksum: 1100610 6dcc0fc3c214c8a37ef8180a8d0f4fd4\n http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dev_4.3.0.dfsg.1-14sarge4_alpha.deb\n Size/MD5 checksum: 522770 ff4f2ad7f5a1fa456abc16994685c6b6\n http://security.debian.org/pool/updates/main/x/xfree86/libxext-dev_4.3.0.dfsg.1-14sarge4_alpha.deb\n Size/MD5 checksum: 265026 facae3a81139d2ce5a0bd21cd665e2ca\n http://security.debian.org/pool/updates/main/x/xfree86/libxext6_4.3.0.dfsg.1-14sarge4_alpha.deb\n Size/MD5 checksum: 196480 7cf0508ef339715f25f1ce5707de2584\n http://security.debian.org/pool/updates/main/x/xfree86/libxext6-dbg_4.3.0.dfsg.1-14sarge4_alpha.deb\n Size/MD5 checksum: 522270 1c140d44feaf9074fe7209933917d36a\n http://security.debian.org/pool/updates/main/x/xfree86/libxft1_4.3.0.dfsg.1-14sarge4_alpha.deb\n Size/MD5 checksum: 195706 6b44c3f7c5020cc71d3122fdb43380e9\n http://security.debian.org/pool/updates/main/x/xfree86/libxft1-dbg_4.3.0.dfsg.1-14sarge4_alpha.deb\n Size/MD5 checksum: 481102 f3cba0d63e52a2af0e63b1b052453089\n http://security.debian.org/pool/updates/main/x/xfree86/libxi-dev_4.3.0.dfsg.1-14sarge4_alpha.deb\n Size/MD5 checksum: 240792 5025ff049d9f7deb22e11a300094187b\n http://security.debian.org/pool/updates/main/x/xfree86/libxi6_4.3.0.dfsg.1-14sarge4_alpha.deb\n Size/MD5 checksum: 186222 7c8e6177656e754587aaa42e8083059e\n http://security.debian.org/pool/updates/main/x/xfree86/libxi6-dbg_4.3.0.dfsg.1-14sarge4_alpha.deb\n Size/MD5 checksum: 1182630 e2738f6b53b5aa55169fc829aa2f3c4a\n http://security.debian.org/pool/updates/main/x/xfree86/libxmu-dev_4.3.0.dfsg.1-14sarge4_alpha.deb\n Size/MD5 checksum: 244840 76fed36704d9ca23cc4a91c321490b34\n http://security.debian.org/pool/updates/main/x/xfree86/libxmu6_4.3.0.dfsg.1-14sarge4_alpha.deb\n Size/MD5 checksum: 219782 bb1280080a6db83d8a97510c70dfa588\n http://security.debian.org/pool/updates/main/x/xfree86/libxmu6-dbg_4.3.0.dfsg.1-14sarge4_alpha.deb\n Size/MD5 checksum: 680140 9e24b96bf063fc9ce13f22fc457a50b9\n http://security.debian.org/pool/updates/main/x/xfree86/libxmuu-dev_4.3.0.dfsg.1-14sarge4_alpha.deb\n Size/MD5 checksum: 164774 a41d399a9f2d550f1ffc8b1095c4417d\n http://security.debian.org/pool/updates/main/x/xfree86/libxmuu1_4.3.0.dfsg.1-14sarge4_alpha.deb\n Size/MD5 checksum: 172674 13676ac5abfe9594642adc4c054014ac\n http://security.debian.org/pool/updates/main/x/xfree86/libxmuu1-dbg_4.3.0.dfsg.1-14sarge4_alpha.deb\n Size/MD5 checksum: 210192 79cdcc5df1939ea1126859397db7fc57\n http://security.debian.org/pool/updates/main/x/xfree86/libxp-dev_4.3.0.dfsg.1-14sarge4_alpha.deb\n Size/MD5 checksum: 187902 dd499bdc63f54559b3e7978c58067a7c\n http://security.debian.org/pool/updates/main/x/xfree86/libxp6_4.3.0.dfsg.1-14sarge4_alpha.deb\n Size/MD5 checksum: 182996 ae344d4a81325bb7de8b95ccf977d6cd\n http://security.debian.org/pool/updates/main/x/xfree86/libxp6-dbg_4.3.0.dfsg.1-14sarge4_alpha.deb\n Size/MD5 checksum: 576046 a1f7ab50d292c9682de56abdc1539e1a\n http://security.debian.org/pool/updates/main/x/xfree86/libxpm-dev_4.3.0.dfsg.1-14sarge4_alpha.deb\n Size/MD5 checksum: 212166 54359c662494bb8f9798eb530b05c39d\n http://security.debian.org/pool/updates/main/x/xfree86/libxpm4_4.3.0.dfsg.1-14sarge4_alpha.deb\n Size/MD5 checksum: 204384 89026d497d9ef72ba5c8cedb005ae99a\n http://security.debian.org/pool/updates/main/x/xfree86/libxpm4-dbg_4.3.0.dfsg.1-14sarge4_alpha.deb\n Size/MD5 checksum: 253810 07d21c94db5f5261077163a7fef92363\n http://security.debian.org/pool/updates/main/x/xfree86/libxrandr-dev_4.3.0.dfsg.1-14sarge4_alpha.deb\n Size/MD5 checksum: 173260 621062aa574e5a4470cb2d59d58d4364\n http://security.debian.org/pool/updates/main/x/xfree86/libxrandr2_4.3.0.dfsg.1-14sarge4_alpha.deb\n Size/MD5 checksum: 172984 a53a8fbeb82124fcf1ac73b47246e654\n http://security.debian.org/pool/updates/main/x/xfree86/libxrandr2-dbg_4.3.0.dfsg.1-14sarge4_alpha.deb\n Size/MD5 checksum: 203096 9fd958db6e8f017b01e9471e56225e67\n http://security.debian.org/pool/updates/main/x/xfree86/libxt-dev_4.3.0.dfsg.1-14sarge4_alpha.deb\n Size/MD5 checksum: 713138 5ac37e4a6928ae1d6214c1ea683cf532\n http://security.debian.org/pool/updates/main/x/xfree86/libxt6_4.3.0.dfsg.1-14sarge4_alpha.deb\n Size/MD5 checksum: 361134 4e469b9b10ef878a3a631b58e3b828d7\n http://security.debian.org/pool/updates/main/x/xfree86/libxt6-dbg_4.3.0.dfsg.1-14sarge4_alpha.deb\n Size/MD5 checksum: 1587114 914c6b4c39ed31c2fbee379e2d0ba25b\n http://security.debian.org/pool/updates/main/x/xfree86/libxtrap-dev_4.3.0.dfsg.1-14sarge4_alpha.deb\n Size/MD5 checksum: 191798 af942f90192c1b423de6ff15552fe7ac\n http://security.debian.org/pool/updates/main/x/xfree86/libxtrap6_4.3.0.dfsg.1-14sarge4_alpha.deb\n Size/MD5 checksum: 184318 461e3515c225271484349872db566ecf\n http://security.debian.org/pool/updates/main/x/xfree86/libxtrap6-dbg_4.3.0.dfsg.1-14sarge4_alpha.deb\n Size/MD5 checksum: 411934 25f0ad51173c5b1a91c657f1218a79ca\n http://security.debian.org/pool/updates/main/x/xfree86/libxtst-dev_4.3.0.dfsg.1-14sarge4_alpha.deb\n Size/MD5 checksum: 176406 8c0975faeee6e39952cf1a8ae7983ac2\n http://security.debian.org/pool/updates/main/x/xfree86/libxtst6_4.3.0.dfsg.1-14sarge4_alpha.deb\n Size/MD5 checksum: 177950 991487364f13ea794c44c3aff02a8342\n http://security.debian.org/pool/updates/main/x/xfree86/libxtst6-dbg_4.3.0.dfsg.1-14sarge4_alpha.deb\n Size/MD5 checksum: 241462 716284f0af443ef15e5a3a2c1753baa2\n http://security.debian.org/pool/updates/main/x/xfree86/libxv-dev_4.3.0.dfsg.1-14sarge4_alpha.deb\n Size/MD5 checksum: 193636 8eb36dcc7cb99f393fbdc8fa315a0cb9\n http://security.debian.org/pool/updates/main/x/xfree86/libxv1_4.3.0.dfsg.1-14sarge4_alpha.deb\n Size/MD5 checksum: 174330 9f2e68247409abd7359cccd02ea2ed9a\n http://security.debian.org/pool/updates/main/x/xfree86/libxv1-dbg_4.3.0.dfsg.1-14sarge4_alpha.deb\n Size/MD5 checksum: 206192 155c096549ecebf30bd0b6de96266cac\n http://security.debian.org/pool/updates/main/x/xfree86/proxymngr_4.3.0.dfsg.1-14sarge4_alpha.deb\n Size/MD5 checksum: 184952 c60abc527075ecb5c2effb72411506b0\n http://security.debian.org/pool/updates/main/x/xfree86/twm_4.3.0.dfsg.1-14sarge4_alpha.deb\n Size/MD5 checksum: 289606 9cdbb7e62dc88b2688febd15e62092dc\n http://security.debian.org/pool/updates/main/x/xfree86/x-window-system-core_4.3.0.dfsg.1-14sarge4_alpha.deb\n Size/MD5 checksum: 158684 ca7c7c54102b761de517ef8c7ff9f76b\n http://security.debian.org/pool/updates/main/x/xfree86/x-window-system-dev_4.3.0.dfsg.1-14sarge4_alpha.deb\n Size/MD5 checksum: 158738 e9e98a97d36c517bbff6f7451e8da8d0\n http://security.debian.org/pool/updates/main/x/xfree86/xbase-clients_4.3.0.dfsg.1-14sarge4_alpha.deb\n Size/MD5 checksum: 2376330 27c274f345160933475691031385b692\n http://security.debian.org/pool/updates/main/x/xfree86/xdm_4.3.0.dfsg.1-14sarge4_alpha.deb\n Size/MD5 checksum: 327180 32ee0206f299daf84c440520238fffdb\n http://security.debian.org/pool/updates/main/x/xfree86/xfs_4.3.0.dfsg.1-14sarge4_alpha.deb\n Size/MD5 checksum: 600554 6994f0009df1a92aeba7a11a6a72f4e9\n http://security.debian.org/pool/updates/main/x/xfree86/xfwp_4.3.0.dfsg.1-14sarge4_alpha.deb\n Size/MD5 checksum: 184230 7667cbb1c995ba9e2216d51342e67f06\n http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-dri_4.3.0.dfsg.1-14sarge4_alpha.deb\n Size/MD5 checksum: 4558712 5f077e532f6aef7c0d16f55d37b37a87\n http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-dri-dbg_4.3.0.dfsg.1-14sarge4_alpha.deb\n Size/MD5 checksum: 33948052 58f1da513a5c267c6597efc19466b130\n http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl_4.3.0.dfsg.1-14sarge4_alpha.deb\n Size/MD5 checksum: 351116 5184250018192b80b4d09e24ae0f96fc\n http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl-dbg_4.3.0.dfsg.1-14sarge4_alpha.deb\n Size/MD5 checksum: 1339534 abc46934dea4b20c63e577f6974ca8f7\n http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl-dev_4.3.0.dfsg.1-14sarge4_alpha.deb\n Size/MD5 checksum: 816672 9031709350853f211428feb2802354da\n http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu_4.3.0.dfsg.1-14sarge4_alpha.deb\n Size/MD5 checksum: 393160 6322d814900e1eda70a70e08aded0051\n http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu-dbg_4.3.0.dfsg.1-14sarge4_alpha.deb\n Size/MD5 checksum: 1150632 ce6676e1d7b13f8a28d95ee787e19fd2\n http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu-dev_4.3.0.dfsg.1-14sarge4_alpha.deb\n Size/MD5 checksum: 537396 958d4ec3a45f1bc1effa47a358368472\n http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa3_4.3.0.dfsg.1-14sarge4_alpha.deb\n Size/MD5 checksum: 158482 d5382eb6f50ba085a7cf15e352e85910\n http://security.debian.org/pool/updates/main/x/xfree86/xlibosmesa-dev_4.3.0.dfsg.1-14sarge4_alpha.deb\n Size/MD5 checksum: 1007052 601156a062591921fa46a3212a868ac8\n http://security.debian.org/pool/updates/main/x/xfree86/xlibosmesa4_4.3.0.dfsg.1-14sarge4_alpha.deb\n Size/MD5 checksum: 811486 8b324588f46711216a44ece926bdcc2d\n http://security.debian.org/pool/updates/main/x/xfree86/xlibosmesa4-dbg_4.3.0.dfsg.1-14sarge4_alpha.deb\n Size/MD5 checksum: 4640908 2688e37b3f3ad30257e74afd5ee95310\n http://security.debian.org/pool/updates/main/x/xfree86/xlibs-static-dev_4.3.0.dfsg.1-14sarge4_alpha.deb\n Size/MD5 checksum: 1114488 77e08891ea808d8869350f8329852d43\n http://security.debian.org/pool/updates/main/x/xfree86/xlibs-static-pic_4.3.0.dfsg.1-14sarge4_alpha.deb\n Size/MD5 checksum: 490082 8d3580ee576dc319be0ce3681706c9a9\n http://security.debian.org/pool/updates/main/x/xfree86/xmh_4.3.0.dfsg.1-14sarge4_alpha.deb\n Size/MD5 checksum: 246932 61777c7301c1d3ddc00e8acdc3c0bb2f\n http://security.debian.org/pool/updates/main/x/xfree86/xnest_4.3.0.dfsg.1-14sarge4_alpha.deb\n Size/MD5 checksum: 2088768 28613cf2d2f1bc5c0c12c22e68e9878c\n http://security.debian.org/pool/updates/main/x/xfree86/xserver-common_4.3.0.dfsg.1-14sarge4_alpha.deb\n Size/MD5 checksum: 331698 39f4331d0c561f6e5aff79af12be34d7\n http://security.debian.org/pool/updates/main/x/xfree86/xserver-xfree86_4.3.0.dfsg.1-14sarge4_alpha.deb\n Size/MD5 checksum: 6595862 5cdcc2dd8744fd0cc46d27de86c66665\n http://security.debian.org/pool/updates/main/x/xfree86/xserver-xfree86-dbg_4.3.0.dfsg.1-14sarge4_alpha.deb\n Size/MD5 checksum: 45036960 2969cb0a57378f06b4519b2cd839478d\n http://security.debian.org/pool/updates/main/x/xfree86/xterm_4.3.0.dfsg.1-14sarge4_alpha.deb\n Size/MD5 checksum: 550006 eca34c5b462dcce8dd12e7da120d5159\n http://security.debian.org/pool/updates/main/x/xfree86/xutils_4.3.0.dfsg.1-14sarge4_alpha.deb\n Size/MD5 checksum: 1033800 744333bde498149283ae7d7af7d7f460\n http://security.debian.org/pool/updates/main/x/xfree86/xvfb_4.3.0.dfsg.1-14sarge4_alpha.deb\n Size/MD5 checksum: 2271050 c10ec9d6fefb6b5d1f6d429024e1e833\n http://security.debian.org/pool/updates/main/r/rdesktop/rdesktop_1.4.0-2sarge1_alpha.deb\n Size/MD5 checksum: 148190 50852b7df4448215e4d3ec188f9ca24e\n\n AMD64 architecture:\n\n http://security.debian.org/pool/updates/main/x/xfree86/lbxproxy_4.3.0.dfsg.1-14sarge4_amd64.deb\n Size/MD5 checksum: 262298 1ce19c8bd9baef60202cd3a97ef520dc\n http://security.debian.org/pool/updates/main/x/xfree86/libdps-dev_4.3.0.dfsg.1-14sarge4_amd64.deb\n Size/MD5 checksum: 367224 848b9949b6ff456b4543ff3579edba4c\n http://security.debian.org/pool/updates/main/x/xfree86/libdps1_4.3.0.dfsg.1-14sarge4_amd64.deb\n Size/MD5 checksum: 299272 3491bfc3583d440511b0bd8687d9843f\n http://security.debian.org/pool/updates/main/x/xfree86/libdps1-dbg_4.3.0.dfsg.1-14sarge4_amd64.deb\n Size/MD5 checksum: 798094 3cda9b3a44c3445a418567f2c19007eb\n http://security.debian.org/pool/updates/main/x/xfree86/libice-dev_4.3.0.dfsg.1-14sarge4_amd64.deb\n Size/MD5 checksum: 209850 58c642bc21913976fed73c4611e63120\n http://security.debian.org/pool/updates/main/x/xfree86/libice6_4.3.0.dfsg.1-14sarge4_amd64.deb\n Size/MD5 checksum: 205372 1c7e44bf812e2d336f13103253c45545\n http://security.debian.org/pool/updates/main/x/xfree86/libice6-dbg_4.3.0.dfsg.1-14sarge4_amd64.deb\n Size/MD5 checksum: 288966 0fd8fdd5b67911693c9ff03f589e3e1d\n http://security.debian.org/pool/updates/main/x/xfree86/libsm-dev_4.3.0.dfsg.1-14sarge4_amd64.deb\n Size/MD5 checksum: 178436 cdaebc2f0a0bab775d04cd8f603a1b0c\n http://security.debian.org/pool/updates/main/x/xfree86/libsm6_4.3.0.dfsg.1-14sarge4_amd64.deb\n Size/MD5 checksum: 183446 7fcd4b47cc4e44983b8103e202faebcb\n http://security.debian.org/pool/updates/main/x/xfree86/libsm6-dbg_4.3.0.dfsg.1-14sarge4_amd64.deb\n Size/MD5 checksum: 207798 37d7f9a57604895952f6cd07712be13a\n http://security.debian.org/pool/updates/main/x/xfree86/libx11-6_4.3.0.dfsg.1-14sarge4_amd64.deb\n Size/MD5 checksum: 749416 36e10229fd2ed52bfc595c8b708fdb71\n http://security.debian.org/pool/updates/main/x/xfree86/libx11-6-dbg_4.3.0.dfsg.1-14sarge4_amd64.deb\n Size/MD5 checksum: 9651358 c0b4dd4d11d8ac6ebe249338b3ce1d74\n http://security.debian.org/pool/updates/main/x/xfree86/libx11-dev_4.3.0.dfsg.1-14sarge4_amd64.deb\n Size/MD5 checksum: 1421668 0f0093d5081ad93c1154d9e4cae3ce2d\n http://security.debian.org/pool/updates/main/x/xfree86/libxaw6_4.3.0.dfsg.1-14sarge4_amd64.deb\n Size/MD5 checksum: 295162 c0161225e5f92dd930b8c2f582acc80c\n http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dbg_4.3.0.dfsg.1-14sarge4_amd64.deb\n Size/MD5 checksum: 903762 f48cf6f781708a7eb7b309cd823b2877\n http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dev_4.3.0.dfsg.1-14sarge4_amd64.deb\n Size/MD5 checksum: 440728 5c9d6a694d0bd09f6be2f32c97eac671\n http://security.debian.org/pool/updates/main/x/xfree86/libxaw7_4.3.0.dfsg.1-14sarge4_amd64.deb\n Size/MD5 checksum: 350892 67fcc3ec3099427d4767c6e4427a9391\n http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dbg_4.3.0.dfsg.1-14sarge4_amd64.deb\n Size/MD5 checksum: 1044460 00f7bed4c6bf4bfe2228495826e6f4ed\n http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dev_4.3.0.dfsg.1-14sarge4_amd64.deb\n Size/MD5 checksum: 440628 701b3a51c651e67b7e2c18e11e30458d\n http://security.debian.org/pool/updates/main/x/xfree86/libxext-dev_4.3.0.dfsg.1-14sarge4_amd64.deb\n Size/MD5 checksum: 251400 ef31c9173b291ac5d78348a840674f79\n http://security.debian.org/pool/updates/main/x/xfree86/libxext6_4.3.0.dfsg.1-14sarge4_amd64.deb\n Size/MD5 checksum: 191154 36f3fe9c393cb0ce2dcf5730b0107613\n http://security.debian.org/pool/updates/main/x/xfree86/libxext6-dbg_4.3.0.dfsg.1-14sarge4_amd64.deb\n Size/MD5 checksum: 512612 3dee7413902951b2a7dd383bae5f0d69\n http://security.debian.org/pool/updates/main/x/xfree86/libxft1_4.3.0.dfsg.1-14sarge4_amd64.deb\n Size/MD5 checksum: 192936 b64eb7b1d740d0b107215b291184d7cd\n http://security.debian.org/pool/updates/main/x/xfree86/libxft1-dbg_4.3.0.dfsg.1-14sarge4_amd64.deb\n Size/MD5 checksum: 476486 92c4f49830414e0dc0341a7ab9efee24\n http://security.debian.org/pool/updates/main/x/xfree86/libxi-dev_4.3.0.dfsg.1-14sarge4_amd64.deb\n Size/MD5 checksum: 233066 4a1a67f6d6bbf17baa360d4fe3d2de6f\n http://security.debian.org/pool/updates/main/x/xfree86/libxi6_4.3.0.dfsg.1-14sarge4_amd64.deb\n Size/MD5 checksum: 180474 4f4e2522cb226dfa17d5ba9b0d40e926\n http://security.debian.org/pool/updates/main/x/xfree86/libxi6-dbg_4.3.0.dfsg.1-14sarge4_amd64.deb\n Size/MD5 checksum: 1168298 32785a1d0229c721785082055b4fe145\n http://security.debian.org/pool/updates/main/x/xfree86/libxmu-dev_4.3.0.dfsg.1-14sarge4_amd64.deb\n Size/MD5 checksum: 226012 7199fab356a9c6381c0a1119bfe52e98\n http://security.debian.org/pool/updates/main/x/xfree86/libxmu6_4.3.0.dfsg.1-14sarge4_amd64.deb\n Size/MD5 checksum: 212288 6c78ac6ec10145825238b283d4a8ad62\n http://security.debian.org/pool/updates/main/x/xfree86/libxmu6-dbg_4.3.0.dfsg.1-14sarge4_amd64.deb\n Size/MD5 checksum: 662854 45c8aa47be60747fdebe6c34845b707e\n http://security.debian.org/pool/updates/main/x/xfree86/libxmuu-dev_4.3.0.dfsg.1-14sarge4_amd64.deb\n Size/MD5 checksum: 163456 85bd979736e1119dbe5c73d420d83013\n http://security.debian.org/pool/updates/main/x/xfree86/libxmuu1_4.3.0.dfsg.1-14sarge4_amd64.deb\n Size/MD5 checksum: 172100 4f4301a328b952ef0566b8d7c43b1c40\n http://security.debian.org/pool/updates/main/x/xfree86/libxmuu1-dbg_4.3.0.dfsg.1-14sarge4_amd64.deb\n Size/MD5 checksum: 208938 0ddf06170b98d7f0f0d7dd8932bb1867\n http://security.debian.org/pool/updates/main/x/xfree86/libxp-dev_4.3.0.dfsg.1-14sarge4_amd64.deb\n Size/MD5 checksum: 181560 4cf60ff4d472ca7ddac86633e4acfeec\n http://security.debian.org/pool/updates/main/x/xfree86/libxp6_4.3.0.dfsg.1-14sarge4_amd64.deb\n Size/MD5 checksum: 180494 45e08ffa571b1b67b08a0d5c2d75e285\n http://security.debian.org/pool/updates/main/x/xfree86/libxp6-dbg_4.3.0.dfsg.1-14sarge4_amd64.deb\n Size/MD5 checksum: 569452 3569f24efe2174038b829d5d05f1dc82\n http://security.debian.org/pool/updates/main/x/xfree86/libxpm-dev_4.3.0.dfsg.1-14sarge4_amd64.deb\n Size/MD5 checksum: 197926 85b5527de1a09c351b03f4018a64b406\n http://security.debian.org/pool/updates/main/x/xfree86/libxpm4_4.3.0.dfsg.1-14sarge4_amd64.deb\n Size/MD5 checksum: 197300 065147ca72c7a3364f450c8c781fab26\n http://security.debian.org/pool/updates/main/x/xfree86/libxpm4-dbg_4.3.0.dfsg.1-14sarge4_amd64.deb\n Size/MD5 checksum: 247486 9c213618f78a041491f76de00c2577a7\n http://security.debian.org/pool/updates/main/x/xfree86/libxrandr-dev_4.3.0.dfsg.1-14sarge4_amd64.deb\n Size/MD5 checksum: 171968 c7e9e49de0cb61453be5ffc2aa94e74d\n http://security.debian.org/pool/updates/main/x/xfree86/libxrandr2_4.3.0.dfsg.1-14sarge4_amd64.deb\n Size/MD5 checksum: 172104 4ead3bfa45d1ca8957e5e10c1de03653\n http://security.debian.org/pool/updates/main/x/xfree86/libxrandr2-dbg_4.3.0.dfsg.1-14sarge4_amd64.deb\n Size/MD5 checksum: 201308 bb9e5c557e50a45930b680b8f6468806\n http://security.debian.org/pool/updates/main/x/xfree86/libxt-dev_4.3.0.dfsg.1-14sarge4_amd64.deb\n Size/MD5 checksum: 644166 a10f0657d008a8f086b07eed9706b041\n http://security.debian.org/pool/updates/main/x/xfree86/libxt6_4.3.0.dfsg.1-14sarge4_amd64.deb\n Size/MD5 checksum: 346064 7ebef79c15df3c822cfc57ab443ee315\n http://security.debian.org/pool/updates/main/x/xfree86/libxt6-dbg_4.3.0.dfsg.1-14sarge4_amd64.deb\n Size/MD5 checksum: 1552102 7ba29d766762336706712893e21f8fbf\n http://security.debian.org/pool/updates/main/x/xfree86/libxtrap-dev_4.3.0.dfsg.1-14sarge4_amd64.deb\n Size/MD5 checksum: 187202 1a1c28f352c671bc5437e52158c058f1\n http://security.debian.org/pool/updates/main/x/xfree86/libxtrap6_4.3.0.dfsg.1-14sarge4_amd64.deb\n Size/MD5 checksum: 182508 e8edde7b41222fcb15b5c68a148a805b\n http://security.debian.org/pool/updates/main/x/xfree86/libxtrap6-dbg_4.3.0.dfsg.1-14sarge4_amd64.deb\n Size/MD5 checksum: 413140 e55e37fe1e0224a6d225e88fbafc9607\n http://security.debian.org/pool/updates/main/x/xfree86/libxtst-dev_4.3.0.dfsg.1-14sarge4_amd64.deb\n Size/MD5 checksum: 171912 e4d12ec69ebb49ad62d987505704f967\n http://security.debian.org/pool/updates/main/x/xfree86/libxtst6_4.3.0.dfsg.1-14sarge4_amd64.deb\n Size/MD5 checksum: 175416 5c6da5160e9441d30e0869817ef15509\n http://security.debian.org/pool/updates/main/x/xfree86/libxtst6-dbg_4.3.0.dfsg.1-14sarge4_amd64.deb\n Size/MD5 checksum: 237626 4655e7033b095f39dec9884ae45aa832\n http://security.debian.org/pool/updates/main/x/xfree86/libxv-dev_4.3.0.dfsg.1-14sarge4_amd64.deb\n Size/MD5 checksum: 191668 b091ea03ff5acbf27f0e0b7a74bdf929\n http://security.debian.org/pool/updates/main/x/xfree86/libxv1_4.3.0.dfsg.1-14sarge4_amd64.deb\n Size/MD5 checksum: 173528 0350d13430157d5c86819cf928ff29ab\n http://security.debian.org/pool/updates/main/x/xfree86/libxv1-dbg_4.3.0.dfsg.1-14sarge4_amd64.deb\n Size/MD5 checksum: 204446 f7ebe443d878728a3637ab346c311a63\n http://security.debian.org/pool/updates/main/x/xfree86/proxymngr_4.3.0.dfsg.1-14sarge4_amd64.deb\n Size/MD5 checksum: 183666 4d2b4de0f1e4a77261b90d25eb770613\n http://security.debian.org/pool/updates/main/x/xfree86/twm_4.3.0.dfsg.1-14sarge4_amd64.deb\n Size/MD5 checksum: 277370 a8420df28b4d294f7bec2e104cd44279\n http://security.debian.org/pool/updates/main/x/xfree86/x-window-system-core_4.3.0.dfsg.1-14sarge4_amd64.deb\n Size/MD5 checksum: 158794 f8a1514fdca77984512353d0b5d1f420\n http://security.debian.org/pool/updates/main/x/xfree86/x-window-system-dev_4.3.0.dfsg.1-14sarge4_amd64.deb\n Size/MD5 checksum: 158848 2a03cd93698571c4a13512ca990a8db2\n http://security.debian.org/pool/updates/main/x/xfree86/xbase-clients_4.3.0.dfsg.1-14sarge4_amd64.deb\n Size/MD5 checksum: 2083786 97d1d4ebd6a452a2ff83928bedbb31d6\n http://security.debian.org/pool/updates/main/x/xfree86/xdm_4.3.0.dfsg.1-14sarge4_amd64.deb\n Size/MD5 checksum: 318224 59a6e966e6e49595101e733479eea356\n http://security.debian.org/pool/updates/main/x/xfree86/xfs_4.3.0.dfsg.1-14sarge4_amd64.deb\n Size/MD5 checksum: 516518 2124d855e582ef5e2012daab5a8a600a\n http://security.debian.org/pool/updates/main/x/xfree86/xfwp_4.3.0.dfsg.1-14sarge4_amd64.deb\n Size/MD5 checksum: 182408 7ce0f38da0445d6a68b41542f655ac43\n http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-dri_4.3.0.dfsg.1-14sarge4_amd64.deb\n Size/MD5 checksum: 4202892 fdef8312cf8f94710eb818f21f3bd52c\n http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-dri-dbg_4.3.0.dfsg.1-14sarge4_amd64.deb\n Size/MD5 checksum: 38018732 a168452b292cf7ec130e13c2930e6ddf\n http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl_4.3.0.dfsg.1-14sarge4_amd64.deb\n Size/MD5 checksum: 333556 d64d8c6d1bb0e5f979a38b5538f5762c\n http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl-dbg_4.3.0.dfsg.1-14sarge4_amd64.deb\n Size/MD5 checksum: 1316908 f8accdf7495d3f03842f03d4c4f069bd\n http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl-dev_4.3.0.dfsg.1-14sarge4_amd64.deb\n Size/MD5 checksum: 735302 e548bb1b381140f6a5133c491178df6d\n http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu_4.3.0.dfsg.1-14sarge4_amd64.deb\n Size/MD5 checksum: 368324 730509f902394ab4534bc213ee093a71\n http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu-dbg_4.3.0.dfsg.1-14sarge4_amd64.deb\n Size/MD5 checksum: 1122710 7dad7f9fd6f9910d73c9df4ecaa16c6c\n http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu-dev_4.3.0.dfsg.1-14sarge4_amd64.deb\n Size/MD5 checksum: 460486 339cb1301a8dcc4bca57539c4a7d9c24\n http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa3_4.3.0.dfsg.1-14sarge4_amd64.deb\n Size/MD5 checksum: 158598 457cb5b6103df84a88c06f618cfdb9ab\n http://security.debian.org/pool/updates/main/x/xfree86/xlibosmesa-dev_4.3.0.dfsg.1-14sarge4_amd64.deb\n Size/MD5 checksum: 789176 422bc34409184b39cb3f224954e2a50a\n http://security.debian.org/pool/updates/main/x/xfree86/xlibosmesa4_4.3.0.dfsg.1-14sarge4_amd64.deb\n Size/MD5 checksum: 686604 393409c039840d0b0757d82f843e3ade\n http://security.debian.org/pool/updates/main/x/xfree86/xlibosmesa4-dbg_4.3.0.dfsg.1-14sarge4_amd64.deb\n Size/MD5 checksum: 4489970 b8e7dcf3952f41fb2812905ffc561f7d\n http://security.debian.org/pool/updates/main/x/xfree86/xlibs-static-dev_4.3.0.dfsg.1-14sarge4_amd64.deb\n Size/MD5 checksum: 889632 e0b5d43013c6bc904f40026dd3c06712\n http://security.debian.org/pool/updates/main/x/xfree86/xlibs-static-pic_4.3.0.dfsg.1-14sarge4_amd64.deb\n Size/MD5 checksum: 400280 4e16b740df809e4ca7a02b971a251d4c\n http://security.debian.org/pool/updates/main/x/xfree86/xmh_4.3.0.dfsg.1-14sarge4_amd64.deb\n Size/MD5 checksum: 236366 3c314ad0880bcee610a3e37f634b744e\n http://security.debian.org/pool/updates/main/x/xfree86/xnest_4.3.0.dfsg.1-14sarge4_amd64.deb\n Size/MD5 checksum: 1620482 f703f2c8e36bdf4cc943b3abe563421a\n http://security.debian.org/pool/updates/main/x/xfree86/xserver-common_4.3.0.dfsg.1-14sarge4_amd64.deb\n Size/MD5 checksum: 337152 a8751e299ee2bc2fe354fd82bc4a01f3\n http://security.debian.org/pool/updates/main/x/xfree86/xserver-xfree86_4.3.0.dfsg.1-14sarge4_amd64.deb\n Size/MD5 checksum: 5695770 e1de32c84f307dffe6c64100b38525ce\n http://security.debian.org/pool/updates/main/x/xfree86/xserver-xfree86-dbg_4.3.0.dfsg.1-14sarge4_amd64.deb\n Size/MD5 checksum: 6039138 6e451f23e2b38b6c4f9fe1b9d65a62be\n http://security.debian.org/pool/updates/main/x/xfree86/xterm_4.3.0.dfsg.1-14sarge4_amd64.deb\n Size/MD5 checksum: 521528 9e2ad4fda8330b388f5efb0cb59c4d5d\n http://security.debian.org/pool/updates/main/x/xfree86/xutils_4.3.0.dfsg.1-14sarge4_amd64.deb\n Size/MD5 checksum: 962224 0380eefc014116e02bcea08a187d3bb6\n http://security.debian.org/pool/updates/main/x/xfree86/xvfb_4.3.0.dfsg.1-14sarge4_amd64.deb\n Size/MD5 checksum: 1763954 d099a99b9f35f7c2a92fba27851f1c41\n http://security.debian.org/pool/updates/main/r/rdesktop/rdesktop_1.4.0-2sarge1_amd64.deb\n Size/MD5 checksum: 103960 e10dc9a0c018be14c3941d097e61a263\n\n ARM architecture:\n\n http://security.debian.org/pool/updates/main/x/xfree86/lbxproxy_4.3.0.dfsg.1-14sarge4_arm.deb\n Size/MD5 checksum: 254506 c4bfe2b890b7f1aa92a6ea50c8fda17d\n http://security.debian.org/pool/updates/main/x/xfree86/libdps-dev_4.3.0.dfsg.1-14sarge4_arm.deb\n Size/MD5 checksum: 353848 d83d9bea399500268bda162ee4d4d7f9\n http://security.debian.org/pool/updates/main/x/xfree86/libdps1_4.3.0.dfsg.1-14sarge4_arm.deb\n Size/MD5 checksum: 274282 b6b25b1e771e3a003c3ffd2665dfaf7c\n http://security.debian.org/pool/updates/main/x/xfree86/libdps1-dbg_4.3.0.dfsg.1-14sarge4_arm.deb\n Size/MD5 checksum: 778514 1aaba6276196c2965031048943a106de\n http://security.debian.org/pool/updates/main/x/xfree86/libice-dev_4.3.0.dfsg.1-14sarge4_arm.deb\n Size/MD5 checksum: 208310 93bed067f155c25a867a36f228b280be\n http://security.debian.org/pool/updates/main/x/xfree86/libice6_4.3.0.dfsg.1-14sarge4_arm.deb\n Size/MD5 checksum: 200248 b8a08cb43eed69036fa08f885785df01\n http://security.debian.org/pool/updates/main/x/xfree86/libice6-dbg_4.3.0.dfsg.1-14sarge4_arm.deb\n Size/MD5 checksum: 285400 94e59aa1305da66cd82e7cd736b4eec9\n http://security.debian.org/pool/updates/main/x/xfree86/libsm-dev_4.3.0.dfsg.1-14sarge4_arm.deb\n Size/MD5 checksum: 177720 fe578cfb4393d969205552b9904f0eb8\n http://security.debian.org/pool/updates/main/x/xfree86/libsm6_4.3.0.dfsg.1-14sarge4_arm.deb\n Size/MD5 checksum: 180490 45723695fe5e39496c503a4716f47cec\n http://security.debian.org/pool/updates/main/x/xfree86/libsm6-dbg_4.3.0.dfsg.1-14sarge4_arm.deb\n Size/MD5 checksum: 204986 6b5f5c883b10d0df4e36da876684519b\n http://security.debian.org/pool/updates/main/x/xfree86/libx11-6_4.3.0.dfsg.1-14sarge4_arm.deb\n Size/MD5 checksum: 708938 c7a004360821b10f119b823925f7b4d0\n http://security.debian.org/pool/updates/main/x/xfree86/libx11-6-dbg_4.3.0.dfsg.1-14sarge4_arm.deb\n Size/MD5 checksum: 9661608 ad3f42ed447f33881c2a85dfa26c3ed8\n http://security.debian.org/pool/updates/main/x/xfree86/libx11-dev_4.3.0.dfsg.1-14sarge4_arm.deb\n Size/MD5 checksum: 1411312 8aaa1222ce69df4f196e85fad581bbdb\n http://security.debian.org/pool/updates/main/x/xfree86/libxaw6_4.3.0.dfsg.1-14sarge4_arm.deb\n Size/MD5 checksum: 283694 8bacc834c0bc7f647db4b730fde8601b\n http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dbg_4.3.0.dfsg.1-14sarge4_arm.deb\n Size/MD5 checksum: 894954 0e6d96ba308fe7899384736e3028406a\n http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dev_4.3.0.dfsg.1-14sarge4_arm.deb\n Size/MD5 checksum: 437716 9142fbf29b65c4df6f6cdc31a02609fc\n http://security.debian.org/pool/updates/main/x/xfree86/libxaw7_4.3.0.dfsg.1-14sarge4_arm.deb\n Size/MD5 checksum: 335288 e375c507a70b653c95f5df809651e349\n http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dbg_4.3.0.dfsg.1-14sarge4_arm.deb\n Size/MD5 checksum: 1029416 7fd74f1c7842bf34e75ffd4d1748a920\n http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dev_4.3.0.dfsg.1-14sarge4_arm.deb\n Size/MD5 checksum: 437618 a5fdf7dc60012ab80d091d6b86aa7921\n http://security.debian.org/pool/updates/main/x/xfree86/libxext-dev_4.3.0.dfsg.1-14sarge4_arm.deb\n Size/MD5 checksum: 254630 654f145f734a4ec8dac276b77b8c5c0e\n http://security.debian.org/pool/updates/main/x/xfree86/libxext6_4.3.0.dfsg.1-14sarge4_arm.deb\n Size/MD5 checksum: 188842 ca9cbf1890dcd8be553056e006fb9188\n http://security.debian.org/pool/updates/main/x/xfree86/libxext6-dbg_4.3.0.dfsg.1-14sarge4_arm.deb\n Size/MD5 checksum: 511660 0cbc8f25a45a380fcd7024a3182ca035\n http://security.debian.org/pool/updates/main/x/xfree86/libxft1_4.3.0.dfsg.1-14sarge4_arm.deb\n Size/MD5 checksum: 189158 28074b2cac5f6d2567a07838adf5ddd9\n http://security.debian.org/pool/updates/main/x/xfree86/libxft1-dbg_4.3.0.dfsg.1-14sarge4_arm.deb\n Size/MD5 checksum: 471094 6e7bb9a3985f5d78d5923b889c46c82c\n http://security.debian.org/pool/updates/main/x/xfree86/libxi-dev_4.3.0.dfsg.1-14sarge4_arm.deb\n Size/MD5 checksum: 233430 995db9bfc5b8db3e1af233263d63c237\n http://security.debian.org/pool/updates/main/x/xfree86/libxi6_4.3.0.dfsg.1-14sarge4_arm.deb\n Size/MD5 checksum: 179462 93ecb7bd10f52380b29ca88a18cd3855\n http://security.debian.org/pool/updates/main/x/xfree86/libxi6-dbg_4.3.0.dfsg.1-14sarge4_arm.deb\n Size/MD5 checksum: 1172306 6510aa4bc254dc1aaf4a718d6ade928d\n http://security.debian.org/pool/updates/main/x/xfree86/libxmu-dev_4.3.0.dfsg.1-14sarge4_arm.deb\n Size/MD5 checksum: 223670 a845d16a971ce1cf0bf4a62224a9fbda\n http://security.debian.org/pool/updates/main/x/xfree86/libxmu6_4.3.0.dfsg.1-14sarge4_arm.deb\n Size/MD5 checksum: 208072 908593679b7fc7e8da53b8c034fcb3c1\n http://security.debian.org/pool/updates/main/x/xfree86/libxmu6-dbg_4.3.0.dfsg.1-14sarge4_arm.deb\n Size/MD5 checksum: 664842 71c12addab4acafb4564f181cd57eff7\n http://security.debian.org/pool/updates/main/x/xfree86/libxmuu-dev_4.3.0.dfsg.1-14sarge4_arm.deb\n Size/MD5 checksum: 163218 04f22173f8dbf2330514507150dfda2a\n http://security.debian.org/pool/updates/main/x/xfree86/libxmuu1_4.3.0.dfsg.1-14sarge4_arm.deb\n Size/MD5 checksum: 171618 fe9c60b4d8ce2b6496bb9d922e54ddfc\n http://security.debian.org/pool/updates/main/x/xfree86/libxmuu1-dbg_4.3.0.dfsg.1-14sarge4_arm.deb\n Size/MD5 checksum: 208674 83f13a1c2d164a7298878766f2d735c7\n http://security.debian.org/pool/updates/main/x/xfree86/libxp-dev_4.3.0.dfsg.1-14sarge4_arm.deb\n Size/MD5 checksum: 181310 c95d79bfb7fd207f4d90622d3d8c3071\n http://security.debian.org/pool/updates/main/x/xfree86/libxp6_4.3.0.dfsg.1-14sarge4_arm.deb\n Size/MD5 checksum: 178266 5001d9e620dd228aadff0f7dab2dd942\n http://security.debian.org/pool/updates/main/x/xfree86/libxp6-dbg_4.3.0.dfsg.1-14sarge4_arm.deb\n Size/MD5 checksum: 567858 97d087ed756b6c6fcda1a66be9da8095\n http://security.debian.org/pool/updates/main/x/xfree86/libxpm-dev_4.3.0.dfsg.1-14sarge4_arm.deb\n Size/MD5 checksum: 198280 462db4041e1ca77b658bdd6ca22808d9\n http://security.debian.org/pool/updates/main/x/xfree86/libxpm4_4.3.0.dfsg.1-14sarge4_arm.deb\n Size/MD5 checksum: 194454 2e989bd9bf07a72a21a313bd7fbf9d46\n http://security.debian.org/pool/updates/main/x/xfree86/libxpm4-dbg_4.3.0.dfsg.1-14sarge4_arm.deb\n Size/MD5 checksum: 243848 b676a5b4b52aad00cae35996a99293f3\n http://security.debian.org/pool/updates/main/x/xfree86/libxrandr-dev_4.3.0.dfsg.1-14sarge4_arm.deb\n Size/MD5 checksum: 172170 11b217f5e995f7beb31c047545c33abb\n http://security.debian.org/pool/updates/main/x/xfree86/libxrandr2_4.3.0.dfsg.1-14sarge4_arm.deb\n Size/MD5 checksum: 171718 7f71e6890619d9415c78dae14019866a\n http://security.debian.org/pool/updates/main/x/xfree86/libxrandr2-dbg_4.3.0.dfsg.1-14sarge4_arm.deb\n Size/MD5 checksum: 201068 766750858aabd3e4ca693ed92c7da7fd\n http://security.debian.org/pool/updates/main/x/xfree86/libxt-dev_4.3.0.dfsg.1-14sarge4_arm.deb\n Size/MD5 checksum: 645466 0f2f37d4f76e79aee71893595c289886\n http://security.debian.org/pool/updates/main/x/xfree86/libxt6_4.3.0.dfsg.1-14sarge4_arm.deb\n Size/MD5 checksum: 327336 aad47d15f3b07d709e3bfca61f90f695\n http://security.debian.org/pool/updates/main/x/xfree86/libxt6-dbg_4.3.0.dfsg.1-14sarge4_arm.deb\n Size/MD5 checksum: 1539196 220a5d415800dcbc9aa05928b95babea\n http://security.debian.org/pool/updates/main/x/xfree86/libxtrap-dev_4.3.0.dfsg.1-14sarge4_arm.deb\n Size/MD5 checksum: 185942 8a041e7c63ea5a48eeb87329af17931e\n http://security.debian.org/pool/updates/main/x/xfree86/libxtrap6_4.3.0.dfsg.1-14sarge4_arm.deb\n Size/MD5 checksum: 179524 490fdd28d4098f64fa080ca98124a150\n http://security.debian.org/pool/updates/main/x/xfree86/libxtrap6-dbg_4.3.0.dfsg.1-14sarge4_arm.deb\n Size/MD5 checksum: 413616 ed79f35c87fa43b63c5fa5a5bce10aa8\n http://security.debian.org/pool/updates/main/x/xfree86/libxtst-dev_4.3.0.dfsg.1-14sarge4_arm.deb\n Size/MD5 checksum: 173084 3a3b10c302b21e328d5c77c92a11d53c\n http://security.debian.org/pool/updates/main/x/xfree86/libxtst6_4.3.0.dfsg.1-14sarge4_arm.deb\n Size/MD5 checksum: 174796 22382068183a2f25fbb2630862fe6c03\n http://security.debian.org/pool/updates/main/x/xfree86/libxtst6-dbg_4.3.0.dfsg.1-14sarge4_arm.deb\n Size/MD5 checksum: 237432 2f9c7d966572c7c508bf1f4eb951eb18\n http://security.debian.org/pool/updates/main/x/xfree86/libxv-dev_4.3.0.dfsg.1-14sarge4_arm.deb\n Size/MD5 checksum: 192874 8a02b3523c09a5d20c25e2499c271ed0\n http://security.debian.org/pool/updates/main/x/xfree86/libxv1_4.3.0.dfsg.1-14sarge4_arm.deb\n Size/MD5 checksum: 172932 58f6c0989bccdf51646f6cc85a7ad3a1\n http://security.debian.org/pool/updates/main/x/xfree86/libxv1-dbg_4.3.0.dfsg.1-14sarge4_arm.deb\n Size/MD5 checksum: 204124 719091e4ca99073d68a83abc356dbac8\n http://security.debian.org/pool/updates/main/x/xfree86/proxymngr_4.3.0.dfsg.1-14sarge4_arm.deb\n Size/MD5 checksum: 181896 0281298f86d1734968f570ec266055c8\n http://security.debian.org/pool/updates/main/x/xfree86/twm_4.3.0.dfsg.1-14sarge4_arm.deb\n Size/MD5 checksum: 274086 32b425d803d2876474d59fd6095c18c9\n http://security.debian.org/pool/updates/main/x/xfree86/x-window-system-core_4.3.0.dfsg.1-14sarge4_arm.deb\n Size/MD5 checksum: 158788 9340b0647c7e0509f201b6030ba32e50\n http://security.debian.org/pool/updates/main/x/xfree86/x-window-system-dev_4.3.0.dfsg.1-14sarge4_arm.deb\n Size/MD5 checksum: 158834 c3b39287a06ec827f29ff2961a6e5f1d\n http://security.debian.org/pool/updates/main/x/xfree86/xbase-clients_4.3.0.dfsg.1-14sarge4_arm.deb\n Size/MD5 checksum: 1940412 a0311cf7769b8009f316dac534be27aa\n http://security.debian.org/pool/updates/main/x/xfree86/xdm_4.3.0.dfsg.1-14sarge4_arm.deb\n Size/MD5 checksum: 309434 4c18c2e9b31637ffa4638dcd15c5e33c\n http://security.debian.org/pool/updates/main/x/xfree86/xfs_4.3.0.dfsg.1-14sarge4_arm.deb\n Size/MD5 checksum: 500544 5b1adae68f8062db2b18595d791659ea\n http://security.debian.org/pool/updates/main/x/xfree86/xfwp_4.3.0.dfsg.1-14sarge4_arm.deb\n Size/MD5 checksum: 181030 02052edad72f025589d2267cf0c778c3\n http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl_4.3.0.dfsg.1-14sarge4_arm.deb\n Size/MD5 checksum: 280888 3e2f8ee82d0cf25240bd591c81fe53d7\n http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl-dbg_4.3.0.dfsg.1-14sarge4_arm.deb\n Size/MD5 checksum: 1191474 c4abbbb972e895d75ee0ced411ba18fd\n http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl-dev_4.3.0.dfsg.1-14sarge4_arm.deb\n Size/MD5 checksum: 725146 fc5318a01d187d4b727c24ace68a241f\n http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu_4.3.0.dfsg.1-14sarge4_arm.deb\n Size/MD5 checksum: 352390 46290e6b3b8fe147aa8d1c2fe1481f36\n http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu-dbg_4.3.0.dfsg.1-14sarge4_arm.deb\n Size/MD5 checksum: 1098268 b79588bea1a524686b627b9eafcdadf2\n http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu-dev_4.3.0.dfsg.1-14sarge4_arm.deb\n Size/MD5 checksum: 459654 1f6ae7b019a5a824ae17df9a80a85b52\n http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa3_4.3.0.dfsg.1-14sarge4_arm.deb\n Size/MD5 checksum: 158588 5467c615528a5d4a9cfe3e76afef1464\n http://security.debian.org/pool/updates/main/x/xfree86/xlibs-static-dev_4.3.0.dfsg.1-14sarge4_arm.deb\n Size/MD5 checksum: 908824 ec265f126c7d0b2cef91918bee54e051\n http://security.debian.org/pool/updates/main/x/xfree86/xlibs-static-pic_4.3.0.dfsg.1-14sarge4_arm.deb\n Size/MD5 checksum: 409248 4224dfa3119d8d231192700e5eabfa2d\n http://security.debian.org/pool/updates/main/x/xfree86/xmh_4.3.0.dfsg.1-14sarge4_arm.deb\n Size/MD5 checksum: 226552 3e82b73d832d529c1a6b7e64ba98dfe5\n http://security.debian.org/pool/updates/main/x/xfree86/xnest_4.3.0.dfsg.1-14sarge4_arm.deb\n Size/MD5 checksum: 1558376 af2dd08ca667f05a447d7d0ffc8b667b\n http://security.debian.org/pool/updates/main/x/xfree86/xserver-common_4.3.0.dfsg.1-14sarge4_arm.deb\n Size/MD5 checksum: 336698 0482b56c7f71d5f044692dc3e70b51c2\n http://security.debian.org/pool/updates/main/x/xfree86/xserver-xfree86_4.3.0.dfsg.1-14sarge4_arm.deb\n Size/MD5 checksum: 5528280 3f47b74fbca3d0793b94d6c02ffbc6f2\n http://security.debian.org/pool/updates/main/x/xfree86/xserver-xfree86-dbg_4.3.0.dfsg.1-14sarge4_arm.deb\n Size/MD5 checksum: 43853336 8c79f42c0a5affa81581acdf66261171\n http://security.debian.org/pool/updates/main/x/xfree86/xterm_4.3.0.dfsg.1-14sarge4_arm.deb\n Size/MD5 checksum: 508736 68adff865be90604a977176c9cf2684c\n http://security.debian.org/pool/updates/main/x/xfree86/xutils_4.3.0.dfsg.1-14sarge4_arm.deb\n Size/MD5 checksum: 906628 cc7ffda09bf14ea886d48f3c9a6710be\n http://security.debian.org/pool/updates/main/x/xfree86/xvfb_4.3.0.dfsg.1-14sarge4_arm.deb\n Size/MD5 checksum: 1699656 d34c6bb37c3c5f0eb4b5bf822aa36b0f\n http://security.debian.org/pool/updates/main/r/rdesktop/rdesktop_1.4.0-2sarge1_arm.deb\n Size/MD5 checksum: 106868 7e645dba8d76959991e9c624caf76eeb\n\n HP Precision architecture:\n\n http://security.debian.org/pool/updates/main/x/xfree86/lbxproxy_4.3.0.dfsg.1-14sarge4_hppa.deb\n Size/MD5 checksum: 264792 9424d7e1d21fb19a7bf3c31fd59c41a2\n http://security.debian.org/pool/updates/main/x/xfree86/libdps-dev_4.3.0.dfsg.1-14sarge4_hppa.deb\n Size/MD5 checksum: 372312 c91f48c32b473e0e162b6b1ca0806459\n http://security.debian.org/pool/updates/main/x/xfree86/libdps1_4.3.0.dfsg.1-14sarge4_hppa.deb\n Size/MD5 checksum: 306544 734eb14d0c2db80d2600986840e6ffa5\n http://security.debian.org/pool/updates/main/x/xfree86/libdps1-dbg_4.3.0.dfsg.1-14sarge4_hppa.deb\n Size/MD5 checksum: 813736 c84b6a4e597102ba4775f472f9aae439\n http://security.debian.org/pool/updates/main/x/xfree86/libice-dev_4.3.0.dfsg.1-14sarge4_hppa.deb\n Size/MD5 checksum: 212434 bbcd96bb00f58417f32ea4329953233c\n http://security.debian.org/pool/updates/main/x/xfree86/libice6_4.3.0.dfsg.1-14sarge4_hppa.deb\n Size/MD5 checksum: 206934 c765a54d65f4f7eff593c622c7a66835\n http://security.debian.org/pool/updates/main/x/xfree86/libice6-dbg_4.3.0.dfsg.1-14sarge4_hppa.deb\n Size/MD5 checksum: 290350 d6934062e7680076fa5204fb542919c8\n http://security.debian.org/pool/updates/main/x/xfree86/libsm-dev_4.3.0.dfsg.1-14sarge4_hppa.deb\n Size/MD5 checksum: 178552 2491a6cf3329a1b3e75050c93e422cfe\n http://security.debian.org/pool/updates/main/x/xfree86/libsm6_4.3.0.dfsg.1-14sarge4_hppa.deb\n Size/MD5 checksum: 183590 b6c26839f416745c82e35497730867c8\n http://security.debian.org/pool/updates/main/x/xfree86/libsm6-dbg_4.3.0.dfsg.1-14sarge4_hppa.deb\n Size/MD5 checksum: 207650 4de6cde4c6cbede4b5d22666ad941122\n http://security.debian.org/pool/updates/main/x/xfree86/libx11-6_4.3.0.dfsg.1-14sarge4_hppa.deb\n Size/MD5 checksum: 780302 6c521d1bdf4177266123eeebb59db7e0\n http://security.debian.org/pool/updates/main/x/xfree86/libx11-6-dbg_4.3.0.dfsg.1-14sarge4_hppa.deb\n Size/MD5 checksum: 9906326 bec9e8186d854168c96292f0cbcc2f30\n http://security.debian.org/pool/updates/main/x/xfree86/libx11-dev_4.3.0.dfsg.1-14sarge4_hppa.deb\n Size/MD5 checksum: 1443564 6f7cbc5293caba59f7d76eba36ae3b85\n http://security.debian.org/pool/updates/main/x/xfree86/libxaw6_4.3.0.dfsg.1-14sarge4_hppa.deb\n Size/MD5 checksum: 307060 1f3d61dc3d9552f1671b9850bb8b68ec\n http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dbg_4.3.0.dfsg.1-14sarge4_hppa.deb\n Size/MD5 checksum: 926814 2df67d8e37eea2f3982099958c7f58d5\n http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dev_4.3.0.dfsg.1-14sarge4_hppa.deb\n Size/MD5 checksum: 454834 0691f5a5e1241f1dab1896d38b30521e\n http://security.debian.org/pool/updates/main/x/xfree86/libxaw7_4.3.0.dfsg.1-14sarge4_hppa.deb\n Size/MD5 checksum: 367534 5858d24a08a0ae6a2a5584cd3e24ec34\n http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dbg_4.3.0.dfsg.1-14sarge4_hppa.deb\n Size/MD5 checksum: 1070688 889919869c53bbb0a4fa32f4f81643a9\n http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dev_4.3.0.dfsg.1-14sarge4_hppa.deb\n Size/MD5 checksum: 454720 471004c0aac198ea9fc5c38d1fc092eb\n http://security.debian.org/pool/updates/main/x/xfree86/libxext-dev_4.3.0.dfsg.1-14sarge4_hppa.deb\n Size/MD5 checksum: 253758 b424edc08b899316821c70525795ac44\n http://security.debian.org/pool/updates/main/x/xfree86/libxext6_4.3.0.dfsg.1-14sarge4_hppa.deb\n Size/MD5 checksum: 194058 2f7cdc4e84eaf340a7d1cbc3399e49bd\n http://security.debian.org/pool/updates/main/x/xfree86/libxext6-dbg_4.3.0.dfsg.1-14sarge4_hppa.deb\n Size/MD5 checksum: 524662 c41b8e84537da3673e6deb03a6b00ddf\n http://security.debian.org/pool/updates/main/x/xfree86/libxft1_4.3.0.dfsg.1-14sarge4_hppa.deb\n Size/MD5 checksum: 193438 8fa5c65cfc8e6d0fea7b698d071138f9\n http://security.debian.org/pool/updates/main/x/xfree86/libxft1-dbg_4.3.0.dfsg.1-14sarge4_hppa.deb\n Size/MD5 checksum: 482956 265fe13bcce21d770a6c6d597954f0ea\n http://security.debian.org/pool/updates/main/x/xfree86/libxi-dev_4.3.0.dfsg.1-14sarge4_hppa.deb\n Size/MD5 checksum: 233902 fb2f7de98c3f5b1e7430c535e54e7ddf\n http://security.debian.org/pool/updates/main/x/xfree86/libxi6_4.3.0.dfsg.1-14sarge4_hppa.deb\n Size/MD5 checksum: 182062 6dd46f3db2fa404bb522b135db426d96\n http://security.debian.org/pool/updates/main/x/xfree86/libxi6-dbg_4.3.0.dfsg.1-14sarge4_hppa.deb\n Size/MD5 checksum: 1202862 16284f5703bf36c82023c3f9d35835c3\n http://security.debian.org/pool/updates/main/x/xfree86/libxmu-dev_4.3.0.dfsg.1-14sarge4_hppa.deb\n Size/MD5 checksum: 230482 69af864210b495ecdf205cc503ab95a5\n http://security.debian.org/pool/updates/main/x/xfree86/libxmu6_4.3.0.dfsg.1-14sarge4_hppa.deb\n Size/MD5 checksum: 216180 b9cb762a3288b979cda8cba6469cdb33\n http://security.debian.org/pool/updates/main/x/xfree86/libxmu6-dbg_4.3.0.dfsg.1-14sarge4_hppa.deb\n Size/MD5 checksum: 684228 cedf92752aa08f4ce65fbfe96d2e3702\n http://security.debian.org/pool/updates/main/x/xfree86/libxmuu-dev_4.3.0.dfsg.1-14sarge4_hppa.deb\n Size/MD5 checksum: 164026 7f6e983d2bb07ba429c0a224574301b7\n http://security.debian.org/pool/updates/main/x/xfree86/libxmuu1_4.3.0.dfsg.1-14sarge4_hppa.deb\n Size/MD5 checksum: 172904 983a70b6e4b52541e6bb8b54ecd469bd\n http://security.debian.org/pool/updates/main/x/xfree86/libxmuu1-dbg_4.3.0.dfsg.1-14sarge4_hppa.deb\n Size/MD5 checksum: 210406 0d9c427d666629366d9d9a69fe498632\n http://security.debian.org/pool/updates/main/x/xfree86/libxp-dev_4.3.0.dfsg.1-14sarge4_hppa.deb\n Size/MD5 checksum: 182556 5b44f2ffb038758a013d0d86be46f736\n http://security.debian.org/pool/updates/main/x/xfree86/libxp6_4.3.0.dfsg.1-14sarge4_hppa.deb\n Size/MD5 checksum: 181626 e8d9d3e7ef2d9e4fd32d845df42b436d\n http://security.debian.org/pool/updates/main/x/xfree86/libxp6-dbg_4.3.0.dfsg.1-14sarge4_hppa.deb\n Size/MD5 checksum: 577962 75302d045e4147243434844eef3ab539\n http://security.debian.org/pool/updates/main/x/xfree86/libxpm-dev_4.3.0.dfsg.1-14sarge4_hppa.deb\n Size/MD5 checksum: 201518 6d1b92e93e4e3f9e1c180124280e3703\n http://security.debian.org/pool/updates/main/x/xfree86/libxpm4_4.3.0.dfsg.1-14sarge4_hppa.deb\n Size/MD5 checksum: 201996 db76f8d685d31e642f624dddf865a8d2\n http://security.debian.org/pool/updates/main/x/xfree86/libxpm4-dbg_4.3.0.dfsg.1-14sarge4_hppa.deb\n Size/MD5 checksum: 250654 256d02fb05d69adbf774cd9db296ce85\n http://security.debian.org/pool/updates/main/x/xfree86/libxrandr-dev_4.3.0.dfsg.1-14sarge4_hppa.deb\n Size/MD5 checksum: 172394 51fda3af7874e80bda0336b767b8ecfa\n http://security.debian.org/pool/updates/main/x/xfree86/libxrandr2_4.3.0.dfsg.1-14sarge4_hppa.deb\n Size/MD5 checksum: 172682 819c2b22b4a4d4f4e69e4c571a58683d\n http://security.debian.org/pool/updates/main/x/xfree86/libxrandr2-dbg_4.3.0.dfsg.1-14sarge4_hppa.deb\n Size/MD5 checksum: 202344 e6d067d3255b9c23fff4fc7f51c2608c\n http://security.debian.org/pool/updates/main/x/xfree86/libxt-dev_4.3.0.dfsg.1-14sarge4_hppa.deb\n Size/MD5 checksum: 665382 db08734e96056212e56d6f45c72b7b46\n http://security.debian.org/pool/updates/main/x/xfree86/libxt6_4.3.0.dfsg.1-14sarge4_hppa.deb\n Size/MD5 checksum: 358688 dda0a4e43071aa9fa663fae4acfeada8\n http://security.debian.org/pool/updates/main/x/xfree86/libxt6-dbg_4.3.0.dfsg.1-14sarge4_hppa.deb\n Size/MD5 checksum: 1569924 db27d054597116e63330d43b060f80e0\n http://security.debian.org/pool/updates/main/x/xfree86/libxtrap-dev_4.3.0.dfsg.1-14sarge4_hppa.deb\n Size/MD5 checksum: 187684 657c19f170c386aeccfcbe896de0f381\n http://security.debian.org/pool/updates/main/x/xfree86/libxtrap6_4.3.0.dfsg.1-14sarge4_hppa.deb\n Size/MD5 checksum: 182544 d628379cff2189fa57ca6276585752f4\n http://security.debian.org/pool/updates/main/x/xfree86/libxtrap6-dbg_4.3.0.dfsg.1-14sarge4_hppa.deb\n Size/MD5 checksum: 410980 e0d6fb0dcceea37d3bfd820392f7bc61\n http://security.debian.org/pool/updates/main/x/xfree86/libxtst-dev_4.3.0.dfsg.1-14sarge4_hppa.deb\n Size/MD5 checksum: 172844 8d041b5c14691c937dc5d97fff283c7f\n http://security.debian.org/pool/updates/main/x/xfree86/libxtst6_4.3.0.dfsg.1-14sarge4_hppa.deb\n Size/MD5 checksum: 176412 0f976b467fda140f96bc4d571cd1693d\n http://security.debian.org/pool/updates/main/x/xfree86/libxtst6-dbg_4.3.0.dfsg.1-14sarge4_hppa.deb\n Size/MD5 checksum: 239352 f6be64ed56faa4dfc2e0fb5e0989b83c\n http://security.debian.org/pool/updates/main/x/xfree86/libxv-dev_4.3.0.dfsg.1-14sarge4_hppa.deb\n Size/MD5 checksum: 192220 9a02c09b3c16ab073ac3c4bf46b7a212\n http://security.debian.org/pool/updates/main/x/xfree86/libxv1_4.3.0.dfsg.1-14sarge4_hppa.deb\n Size/MD5 checksum: 174108 cd9a6247282ed00294bab503e4c81dc8\n http://security.debian.org/pool/updates/main/x/xfree86/libxv1-dbg_4.3.0.dfsg.1-14sarge4_hppa.deb\n Size/MD5 checksum: 205572 57303e5edfc3a91f074cf354b1c4ada4\n http://security.debian.org/pool/updates/main/x/xfree86/proxymngr_4.3.0.dfsg.1-14sarge4_hppa.deb\n Size/MD5 checksum: 183914 015d754d01788c8d4a1780ea27a1126b\n http://security.debian.org/pool/updates/main/x/xfree86/twm_4.3.0.dfsg.1-14sarge4_hppa.deb\n Size/MD5 checksum: 279790 6c9e6d652a415222746a6c2a4146249e\n http://security.debian.org/pool/updates/main/x/xfree86/x-window-system-core_4.3.0.dfsg.1-14sarge4_hppa.deb\n Size/MD5 checksum: 158792 0a19e673ef1b669c9bd3160fb3dc183a\n http://security.debian.org/pool/updates/main/x/xfree86/x-window-system-dev_4.3.0.dfsg.1-14sarge4_hppa.deb\n Size/MD5 checksum: 158840 a8c4f30320308ba9ef0196b4dc2d60fd\n http://security.debian.org/pool/updates/main/x/xfree86/xbase-clients_4.3.0.dfsg.1-14sarge4_hppa.deb\n Size/MD5 checksum: 2117262 250a9d60ba2becb670327a9f78315610\n http://security.debian.org/pool/updates/main/x/xfree86/xdm_4.3.0.dfsg.1-14sarge4_hppa.deb\n Size/MD5 checksum: 317244 508110262fa2e49cf96cf9eb1ab6a0db\n http://security.debian.org/pool/updates/main/x/xfree86/xfs_4.3.0.dfsg.1-14sarge4_hppa.deb\n Size/MD5 checksum: 546534 892f8c24b7392fc642bf6c2486023ba1\n http://security.debian.org/pool/updates/main/x/xfree86/xfwp_4.3.0.dfsg.1-14sarge4_hppa.deb\n Size/MD5 checksum: 183002 3a4d3f2e8bb6c62501962d6592d6be10\n http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl_4.3.0.dfsg.1-14sarge4_hppa.deb\n Size/MD5 checksum: 339374 059d5d64e82dc90a540a068b551d7258\n http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl-dbg_4.3.0.dfsg.1-14sarge4_hppa.deb\n Size/MD5 checksum: 1261264 7c28a6385ec39831b777520533085a59\n http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl-dev_4.3.0.dfsg.1-14sarge4_hppa.deb\n Size/MD5 checksum: 773180 d652cf318d2aaf08fb64c74fdc4c64d2\n http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu_4.3.0.dfsg.1-14sarge4_hppa.deb\n Size/MD5 checksum: 403704 cd9201d2131b1ae8bc3cf9096b067c78\n http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu-dbg_4.3.0.dfsg.1-14sarge4_hppa.deb\n Size/MD5 checksum: 1175934 e3d0d49bec1b29acb9aad2cc3d38a378\n http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu-dev_4.3.0.dfsg.1-14sarge4_hppa.deb\n Size/MD5 checksum: 497318 21469a1bb347d03ea83c0130bc4820ec\n http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa3_4.3.0.dfsg.1-14sarge4_hppa.deb\n Size/MD5 checksum: 158592 20258fd573b5a6e0ec0526cd7dbe2a6a\n http://security.debian.org/pool/updates/main/x/xfree86/xlibs-static-dev_4.3.0.dfsg.1-14sarge4_hppa.deb\n Size/MD5 checksum: 956362 40bf15e3f897bbb8ee8955f25a520189\n http://security.debian.org/pool/updates/main/x/xfree86/xlibs-static-pic_4.3.0.dfsg.1-14sarge4_hppa.deb\n Size/MD5 checksum: 422808 392e0cc23412a356d67fc07aa51bd4d0\n http://security.debian.org/pool/updates/main/x/xfree86/xmh_4.3.0.dfsg.1-14sarge4_hppa.deb\n Size/MD5 checksum: 237592 743bf913ab9198295e3c045ecbf70a2b\n http://security.debian.org/pool/updates/main/x/xfree86/xnest_4.3.0.dfsg.1-14sarge4_hppa.deb\n Size/MD5 checksum: 1803862 7aa09096087a983e7a16fd210e0c6901\n http://security.debian.org/pool/updates/main/x/xfree86/xserver-common_4.3.0.dfsg.1-14sarge4_hppa.deb\n Size/MD5 checksum: 337492 82807bc3b69b4efe86c0a3aea38b8527\n http://security.debian.org/pool/updates/main/x/xfree86/xserver-xfree86_4.3.0.dfsg.1-14sarge4_hppa.deb\n Size/MD5 checksum: 4100222 3ffb5b75498897f6a9a3aff0d05003d9\n http://security.debian.org/pool/updates/main/x/xfree86/xserver-xfree86-dbg_4.3.0.dfsg.1-14sarge4_hppa.deb\n Size/MD5 checksum: 45021232 ad2022b9e1413e5ed610b5307faacc60\n http://security.debian.org/pool/updates/main/x/xfree86/xterm_4.3.0.dfsg.1-14sarge4_hppa.deb\n Size/MD5 checksum: 530248 979dad322b0b9e1619758cd8d5d72f07\n http://security.debian.org/pool/updates/main/x/xfree86/xutils_4.3.0.dfsg.1-14sarge4_hppa.deb\n Size/MD5 checksum: 977232 1b525f046ce3fa3d84ff0bbd1c72b0b3\n http://security.debian.org/pool/updates/main/x/xfree86/xvfb_4.3.0.dfsg.1-14sarge4_hppa.deb\n Size/MD5 checksum: 1969386 ac1a2134a3afc4b680a31526ad220c5e\n http://security.debian.org/pool/updates/main/r/rdesktop/rdesktop_1.4.0-2sarge1_hppa.deb\n Size/MD5 checksum: 115866 a101d8b69db97092f3e52541be1460fa\n\n Intel IA-32 architecture:\n\n http://security.debian.org/pool/updates/main/x/xfree86/lbxproxy_4.3.0.dfsg.1-14sarge4_i386.deb\n Size/MD5 checksum: 250230 3ad753c5bf9399dc00645876680e83be\n http://security.debian.org/pool/updates/main/x/xfree86/libdps-dev_4.3.0.dfsg.1-14sarge4_i386.deb\n Size/MD5 checksum: 342276 c1f9f7c6dcdd7153898727d128f58068\n http://security.debian.org/pool/updates/main/x/xfree86/libdps1_4.3.0.dfsg.1-14sarge4_i386.deb\n Size/MD5 checksum: 286150 81f15d2bc7f03b0a881d82565390f380\n http://security.debian.org/pool/updates/main/x/xfree86/libdps1-dbg_4.3.0.dfsg.1-14sarge4_i386.deb\n Size/MD5 checksum: 782768 c55920ea0f7d13e63d5061775f4943f0\n http://security.debian.org/pool/updates/main/x/xfree86/libice-dev_4.3.0.dfsg.1-14sarge4_i386.deb\n Size/MD5 checksum: 205356 b56681e15102a887507bf3285732cb67\n http://security.debian.org/pool/updates/main/x/xfree86/libice6_4.3.0.dfsg.1-14sarge4_i386.deb\n Size/MD5 checksum: 203514 4cd8e50adfffc863b0a3c0010dd5bf39\n http://security.debian.org/pool/updates/main/x/xfree86/libice6-dbg_4.3.0.dfsg.1-14sarge4_i386.deb\n Size/MD5 checksum: 286264 f2f54740eb60bc96eb7b39817e4fcfae\n http://security.debian.org/pool/updates/main/x/xfree86/libsm-dev_4.3.0.dfsg.1-14sarge4_i386.deb\n Size/MD5 checksum: 176718 832a20eec2a4c8d198421514f47767c4\n http://security.debian.org/pool/updates/main/x/xfree86/libsm6_4.3.0.dfsg.1-14sarge4_i386.deb\n Size/MD5 checksum: 181274 4e7a1ce300e1787728ae9c43b49842a9\n http://security.debian.org/pool/updates/main/x/xfree86/libsm6-dbg_4.3.0.dfsg.1-14sarge4_i386.deb\n Size/MD5 checksum: 205378 7f8ebdef0d31e6169d9cfd6fc2cc44ed\n http://security.debian.org/pool/updates/main/x/xfree86/libx11-6_4.3.0.dfsg.1-14sarge4_i386.deb\n Size/MD5 checksum: 725158 eb243b4a9e705f824e9b81ea9ce3f92a\n http://security.debian.org/pool/updates/main/x/xfree86/libx11-6-dbg_4.3.0.dfsg.1-14sarge4_i386.deb\n Size/MD5 checksum: 9600288 94eb5086f3528eecc740a6a5454dfafb\n http://security.debian.org/pool/updates/main/x/xfree86/libx11-dev_4.3.0.dfsg.1-14sarge4_i386.deb\n Size/MD5 checksum: 1358436 c46f41b1b294751ddd81fa325bf574fb\n http://security.debian.org/pool/updates/main/x/xfree86/libxaw6_4.3.0.dfsg.1-14sarge4_i386.deb\n Size/MD5 checksum: 285434 3ec944fb16f03ff2191815789b926885\n http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dbg_4.3.0.dfsg.1-14sarge4_i386.deb\n Size/MD5 checksum: 890614 5ccab68e345e79b9a5f87c24613ef434\n http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dev_4.3.0.dfsg.1-14sarge4_i386.deb\n Size/MD5 checksum: 414284 8fb663257fc2aec2637fd15e4f95207a\n http://security.debian.org/pool/updates/main/x/xfree86/libxaw7_4.3.0.dfsg.1-14sarge4_i386.deb\n Size/MD5 checksum: 338666 4ae310f5dd35bb1a5735c6a9937bc29d\n http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dbg_4.3.0.dfsg.1-14sarge4_i386.deb\n Size/MD5 checksum: 1025578 b67d080e9096b5488a9a67ffbc1b55db\n http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dev_4.3.0.dfsg.1-14sarge4_i386.deb\n Size/MD5 checksum: 414194 1398106e83b08b50a9c8bd86487858c2\n http://security.debian.org/pool/updates/main/x/xfree86/libxext-dev_4.3.0.dfsg.1-14sarge4_i386.deb\n Size/MD5 checksum: 246880 eec68ae5de683b31245a248ab7acd995\n http://security.debian.org/pool/updates/main/x/xfree86/libxext6_4.3.0.dfsg.1-14sarge4_i386.deb\n Size/MD5 checksum: 188456 bb2d50b4439ddb8fa6602c36893a7a70\n http://security.debian.org/pool/updates/main/x/xfree86/libxext6-dbg_4.3.0.dfsg.1-14sarge4_i386.deb\n Size/MD5 checksum: 507564 bc8514376d15899b530608ee6762e222\n http://security.debian.org/pool/updates/main/x/xfree86/libxft1_4.3.0.dfsg.1-14sarge4_i386.deb\n Size/MD5 checksum: 190786 de17e522a4a47b3c8594140b1c832042\n http://security.debian.org/pool/updates/main/x/xfree86/libxft1-dbg_4.3.0.dfsg.1-14sarge4_i386.deb\n Size/MD5 checksum: 469928 86e0dc5f50e01d92505ae4565665c457\n http://security.debian.org/pool/updates/main/x/xfree86/libxi-dev_4.3.0.dfsg.1-14sarge4_i386.deb\n Size/MD5 checksum: 231136 947c90d63fbb09a0435fa84a73800b18\n http://security.debian.org/pool/updates/main/x/xfree86/libxi6_4.3.0.dfsg.1-14sarge4_i386.deb\n Size/MD5 checksum: 179574 c040ea78299a4a77cbde6965487be65a\n http://security.debian.org/pool/updates/main/x/xfree86/libxi6-dbg_4.3.0.dfsg.1-14sarge4_i386.deb\n Size/MD5 checksum: 1166540 eeda20ce5fd4f83c098fda0fdd663e6f\n http://security.debian.org/pool/updates/main/x/xfree86/libxmu-dev_4.3.0.dfsg.1-14sarge4_i386.deb\n Size/MD5 checksum: 218400 5d475727a2de404128fdc25622d6a5c1\n http://security.debian.org/pool/updates/main/x/xfree86/libxmu6_4.3.0.dfsg.1-14sarge4_i386.deb\n Size/MD5 checksum: 209834 fa5a4db6f1de17988bdfed4e64d66f66\n http://security.debian.org/pool/updates/main/x/xfree86/libxmu6-dbg_4.3.0.dfsg.1-14sarge4_i386.deb\n Size/MD5 checksum: 660018 1a98de5deccf0642e85c5bbf44b158ec\n http://security.debian.org/pool/updates/main/x/xfree86/libxmuu-dev_4.3.0.dfsg.1-14sarge4_i386.deb\n Size/MD5 checksum: 163124 dfe3c393889e2ba0bf421164956903a2\n http://security.debian.org/pool/updates/main/x/xfree86/libxmuu1_4.3.0.dfsg.1-14sarge4_i386.deb\n Size/MD5 checksum: 171780 0e63f6fb0fc805769aafede4d6be14fa\n http://security.debian.org/pool/updates/main/x/xfree86/libxmuu1-dbg_4.3.0.dfsg.1-14sarge4_i386.deb\n Size/MD5 checksum: 208498 45c2ec6249fd478854d6b51a8ff64d03\n http://security.debian.org/pool/updates/main/x/xfree86/libxp-dev_4.3.0.dfsg.1-14sarge4_i386.deb\n Size/MD5 checksum: 179038 196d08ddd654b7095b810bf2704bb668\n http://security.debian.org/pool/updates/main/x/xfree86/libxp6_4.3.0.dfsg.1-14sarge4_i386.deb\n Size/MD5 checksum: 178710 935bbc6c8815b64fe9fa01cb39564c95\n http://security.debian.org/pool/updates/main/x/xfree86/libxp6-dbg_4.3.0.dfsg.1-14sarge4_i386.deb\n Size/MD5 checksum: 565340 d93c4e35f9a79c72f11cf5e61e6685fb\n http://security.debian.org/pool/updates/main/x/xfree86/libxpm-dev_4.3.0.dfsg.1-14sarge4_i386.deb\n Size/MD5 checksum: 193686 1311a58096d095810db6de874403f144\n http://security.debian.org/pool/updates/main/x/xfree86/libxpm4_4.3.0.dfsg.1-14sarge4_i386.deb\n Size/MD5 checksum: 195898 a8c4f1a3cca264a4de38384909ae0527\n http://security.debian.org/pool/updates/main/x/xfree86/libxpm4-dbg_4.3.0.dfsg.1-14sarge4_i386.deb\n Size/MD5 checksum: 245344 3bb2b5834a63fa1f6ee7f6f73455b14a\n http://security.debian.org/pool/updates/main/x/xfree86/libxrandr-dev_4.3.0.dfsg.1-14sarge4_i386.deb\n Size/MD5 checksum: 171098 c7b8b83b09b599b65f41c2fb2df9e5f2\n http://security.debian.org/pool/updates/main/x/xfree86/libxrandr2_4.3.0.dfsg.1-14sarge4_i386.deb\n Size/MD5 checksum: 171542 9d8ba30823322ea55436910855236d40\n http://security.debian.org/pool/updates/main/x/xfree86/libxrandr2-dbg_4.3.0.dfsg.1-14sarge4_i386.deb\n Size/MD5 checksum: 200314 db2359a4dd12eff662f17d16eab080e8\n http://security.debian.org/pool/updates/main/x/xfree86/libxt-dev_4.3.0.dfsg.1-14sarge4_i386.deb\n Size/MD5 checksum: 614302 115e64adc6c74af37bacc0b4e54fadc2\n http://security.debian.org/pool/updates/main/x/xfree86/libxt6_4.3.0.dfsg.1-14sarge4_i386.deb\n Size/MD5 checksum: 329404 1e75dc920d8fd10a64dc014b05730b06\n http://security.debian.org/pool/updates/main/x/xfree86/libxt6-dbg_4.3.0.dfsg.1-14sarge4_i386.deb\n Size/MD5 checksum: 1529654 18594c501817e10451893310347ad4e8\n http://security.debian.org/pool/updates/main/x/xfree86/libxtrap-dev_4.3.0.dfsg.1-14sarge4_i386.deb\n Size/MD5 checksum: 184890 132a6b1b5ab8f182ebeed781e053ebeb\n http://security.debian.org/pool/updates/main/x/xfree86/libxtrap6_4.3.0.dfsg.1-14sarge4_i386.deb\n Size/MD5 checksum: 180554 6f49732e209e38e6dd779252671b963d\n http://security.debian.org/pool/updates/main/x/xfree86/libxtrap6-dbg_4.3.0.dfsg.1-14sarge4_i386.deb\n Size/MD5 checksum: 410264 92c96bc12e1fe35ed18d5e863b71691b\n http://security.debian.org/pool/updates/main/x/xfree86/libxtst-dev_4.3.0.dfsg.1-14sarge4_i386.deb\n Size/MD5 checksum: 169914 24a5fcdc4ebc93491a0f70ea2d5bc26b\n http://security.debian.org/pool/updates/main/x/xfree86/libxtst6_4.3.0.dfsg.1-14sarge4_i386.deb\n Size/MD5 checksum: 174482 fba1ebdb9743a7973b5d3d5f943b1521\n http://security.debian.org/pool/updates/main/x/xfree86/libxtst6-dbg_4.3.0.dfsg.1-14sarge4_i386.deb\n Size/MD5 checksum: 236504 0ba491e7dd63b06e116becef32a9dee8\n http://security.debian.org/pool/updates/main/x/xfree86/libxv-dev_4.3.0.dfsg.1-14sarge4_i386.deb\n Size/MD5 checksum: 190596 81973bd063623df482c4c9feb53bfe1e\n http://security.debian.org/pool/updates/main/x/xfree86/libxv1_4.3.0.dfsg.1-14sarge4_i386.deb\n Size/MD5 checksum: 172632 b4b5474d58ceb6869be524e7eedcde0c\n http://security.debian.org/pool/updates/main/x/xfree86/libxv1-dbg_4.3.0.dfsg.1-14sarge4_i386.deb\n Size/MD5 checksum: 203054 50753c3e0fee1e35bd290da7903eff5a\n http://security.debian.org/pool/updates/main/x/xfree86/proxymngr_4.3.0.dfsg.1-14sarge4_i386.deb\n Size/MD5 checksum: 182762 b8bc97c636c1f886a306063ab2888a41\n http://security.debian.org/pool/updates/main/x/xfree86/twm_4.3.0.dfsg.1-14sarge4_i386.deb\n Size/MD5 checksum: 265068 d6ab5c744507fd1a9fe6a6828019d559\n http://security.debian.org/pool/updates/main/x/xfree86/x-window-system-core_4.3.0.dfsg.1-14sarge4_i386.deb\n Size/MD5 checksum: 158806 0c80f911f973bb7337586d624a6c747e\n http://security.debian.org/pool/updates/main/x/xfree86/x-window-system-dev_4.3.0.dfsg.1-14sarge4_i386.deb\n Size/MD5 checksum: 158856 fc61c5e9ea820e7fd9e3510310245bad\n http://security.debian.org/pool/updates/main/x/xfree86/xbase-clients_4.3.0.dfsg.1-14sarge4_i386.deb\n Size/MD5 checksum: 1941616 b050f50404e8d7bfd11296e4745fd3e3\n http://security.debian.org/pool/updates/main/x/xfree86/xdm_4.3.0.dfsg.1-14sarge4_i386.deb\n Size/MD5 checksum: 309596 0f948324ca3602a56a9c6d6d7029b902\n http://security.debian.org/pool/updates/main/x/xfree86/xfs_4.3.0.dfsg.1-14sarge4_i386.deb\n Size/MD5 checksum: 496946 04c400f07131f1fe396100ecd83847f6\n http://security.debian.org/pool/updates/main/x/xfree86/xfwp_4.3.0.dfsg.1-14sarge4_i386.deb\n Size/MD5 checksum: 180580 fc2e265ed3497fcf03781f0edb71b8c5\n http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-dri_4.3.0.dfsg.1-14sarge4_i386.deb\n Size/MD5 checksum: 5009168 582136777e3fbd1102fded416f9bf804\n http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-dri-dbg_4.3.0.dfsg.1-14sarge4_i386.deb\n Size/MD5 checksum: 49495214 a9f69894995ccf02de16ff76c8496f77\n http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl_4.3.0.dfsg.1-14sarge4_i386.deb\n Size/MD5 checksum: 283386 183aeab2a61618e245b585344cb1fd63\n http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl-dbg_4.3.0.dfsg.1-14sarge4_i386.deb\n Size/MD5 checksum: 1230896 aac25d99c5ff9aa3f3ca8c7bd78e57fe\n http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl-dev_4.3.0.dfsg.1-14sarge4_i386.deb\n Size/MD5 checksum: 705172 6de19e9b1c942c1c62d165029b0dfcd8\n http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu_4.3.0.dfsg.1-14sarge4_i386.deb\n Size/MD5 checksum: 366064 1c48bae8d4491a4ff4b676736ab175ca\n http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu-dbg_4.3.0.dfsg.1-14sarge4_i386.deb\n Size/MD5 checksum: 1111016 9fc618a5c445ed61ea1099d44730d9a7\n http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu-dev_4.3.0.dfsg.1-14sarge4_i386.deb\n Size/MD5 checksum: 435082 17cc6e82fefac3ff0e0da0099fc261f4\n http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa3_4.3.0.dfsg.1-14sarge4_i386.deb\n Size/MD5 checksum: 158606 9c67005155a274bca06964f26be4da79\n http://security.debian.org/pool/updates/main/x/xfree86/xlibosmesa-dev_4.3.0.dfsg.1-14sarge4_i386.deb\n Size/MD5 checksum: 790330 984dc8f924bf799cd1a31cde08141708\n http://security.debian.org/pool/updates/main/x/xfree86/xlibosmesa4_4.3.0.dfsg.1-14sarge4_i386.deb\n Size/MD5 checksum: 662110 2b3d55d989a06edc35fd750b86258318\n http://security.debian.org/pool/updates/main/x/xfree86/xlibosmesa4-dbg_4.3.0.dfsg.1-14sarge4_i386.deb\n Size/MD5 checksum: 4582490 83d96569620caf3995c115f0182b3b41\n http://security.debian.org/pool/updates/main/x/xfree86/xlibs-static-dev_4.3.0.dfsg.1-14sarge4_i386.deb\n Size/MD5 checksum: 855012 86b0f0f3c687cce625e825698ba95298\n http://security.debian.org/pool/updates/main/x/xfree86/xlibs-static-pic_4.3.0.dfsg.1-14sarge4_i386.deb\n Size/MD5 checksum: 384546 a8ec4021a27da614968f11b1f0d84c11\n http://security.debian.org/pool/updates/main/x/xfree86/xmh_4.3.0.dfsg.1-14sarge4_i386.deb\n Size/MD5 checksum: 226984 e02156abd0bcdde44b2c4ba6027c0978\n http://security.debian.org/pool/updates/main/x/xfree86/xnest_4.3.0.dfsg.1-14sarge4_i386.deb\n Size/MD5 checksum: 1467016 dc5564cc3943f59450e050d240ac6d19\n http://security.debian.org/pool/updates/main/x/xfree86/xserver-common_4.3.0.dfsg.1-14sarge4_i386.deb\n Size/MD5 checksum: 336854 591e181619783ff7003be7ed6b20529b\n http://security.debian.org/pool/updates/main/x/xfree86/xserver-xfree86_4.3.0.dfsg.1-14sarge4_i386.deb\n Size/MD5 checksum: 5744114 4ce1994ca3f0aa2035622d5f730c7245\n http://security.debian.org/pool/updates/main/x/xfree86/xserver-xfree86-dbg_4.3.0.dfsg.1-14sarge4_i386.deb\n Size/MD5 checksum: 54929832 6ba49cd3398bab6a3b82d2eb7fac1afe\n http://security.debian.org/pool/updates/main/x/xfree86/xterm_4.3.0.dfsg.1-14sarge4_i386.deb\n Size/MD5 checksum: 509408 3a68d04348d4c4b53640706b960cb227\n http://security.debian.org/pool/updates/main/x/xfree86/xutils_4.3.0.dfsg.1-14sarge4_i386.deb\n Size/MD5 checksum: 912694 39f690caee0037461c210233ae9ea846\n http://security.debian.org/pool/updates/main/x/xfree86/xvfb_4.3.0.dfsg.1-14sarge4_i386.deb\n Size/MD5 checksum: 1603624 a09b4b6b58ab30e3b0cff0df9cf3fdf7\n http://security.debian.org/pool/updates/main/r/rdesktop/rdesktop_1.4.0-2sarge1_i386.deb\n Size/MD5 checksum: 94980 1c57e38030bc1c7311695cef03d2b560\n\n Intel IA-64 architecture:\n\n http://security.debian.org/pool/updates/main/x/xfree86/lbxproxy_4.3.0.dfsg.1-14sarge4_ia64.deb\n Size/MD5 checksum: 301856 2536934226628d0349840161c4239311\n http://security.debian.org/pool/updates/main/x/xfree86/libdps-dev_4.3.0.dfsg.1-14sarge4_ia64.deb\n Size/MD5 checksum: 423574 661cdf850136cc83b7a2f188e53a4e2e\n http://security.debian.org/pool/updates/main/x/xfree86/libdps1_4.3.0.dfsg.1-14sarge4_ia64.deb\n Size/MD5 checksum: 335342 ecc1597e1221d6752b87b9cbcadddfad\n http://security.debian.org/pool/updates/main/x/xfree86/libdps1-dbg_4.3.0.dfsg.1-14sarge4_ia64.deb\n Size/MD5 checksum: 836740 1d1f928ad5a6075c7b8d26b479c037b1\n http://security.debian.org/pool/updates/main/x/xfree86/libice-dev_4.3.0.dfsg.1-14sarge4_ia64.deb\n Size/MD5 checksum: 229996 f96e4a0405bc4e66f93efaffadc4f2e8\n http://security.debian.org/pool/updates/main/x/xfree86/libice6_4.3.0.dfsg.1-14sarge4_ia64.deb\n Size/MD5 checksum: 220530 5509e9624abaeebfafa2238a8174552a\n http://security.debian.org/pool/updates/main/x/xfree86/libice6-dbg_4.3.0.dfsg.1-14sarge4_ia64.deb\n Size/MD5 checksum: 307000 ef2bcf7574ba2874133c9c89faacf474\n http://security.debian.org/pool/updates/main/x/xfree86/libsm-dev_4.3.0.dfsg.1-14sarge4_ia64.deb\n Size/MD5 checksum: 183790 da2e6b761cfb3ef2da02967c0cc45b2f\n http://security.debian.org/pool/updates/main/x/xfree86/libsm6_4.3.0.dfsg.1-14sarge4_ia64.deb\n Size/MD5 checksum: 187868 e4103966dc75c710d449c193d7b0c172\n http://security.debian.org/pool/updates/main/x/xfree86/libsm6-dbg_4.3.0.dfsg.1-14sarge4_ia64.deb\n Size/MD5 checksum: 212436 b73882b850d9a14ac2676853b4e1365b\n http://security.debian.org/pool/updates/main/x/xfree86/libx11-6_4.3.0.dfsg.1-14sarge4_ia64.deb\n Size/MD5 checksum: 906316 a140bde98edf1894e6e35b655e617f5a\n http://security.debian.org/pool/updates/main/x/xfree86/libx11-6-dbg_4.3.0.dfsg.1-14sarge4_ia64.deb\n Size/MD5 checksum: 9887962 ced2fb3657c9406a8dc3888d0a9c720d\n http://security.debian.org/pool/updates/main/x/xfree86/libx11-dev_4.3.0.dfsg.1-14sarge4_ia64.deb\n Size/MD5 checksum: 1606148 f68d2172e7981a2922dc4da5460a52f5\n http://security.debian.org/pool/updates/main/x/xfree86/libxaw6_4.3.0.dfsg.1-14sarge4_ia64.deb\n Size/MD5 checksum: 355430 d8bab5f8af5411b72bd4c99314b836fd\n http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dbg_4.3.0.dfsg.1-14sarge4_ia64.deb\n Size/MD5 checksum: 971308 98b9821f558fdc43c5b4dec4b50e82de\n http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dev_4.3.0.dfsg.1-14sarge4_ia64.deb\n Size/MD5 checksum: 545418 0381b705666026787bf62d1b19a1d326\n http://security.debian.org/pool/updates/main/x/xfree86/libxaw7_4.3.0.dfsg.1-14sarge4_ia64.deb\n Size/MD5 checksum: 437162 b40b327b5b0224d4ea6284af48e0ab20\n http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dbg_4.3.0.dfsg.1-14sarge4_ia64.deb\n Size/MD5 checksum: 1155500 7487439f9ba76ae05c3037d3db271a97\n http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dev_4.3.0.dfsg.1-14sarge4_ia64.deb\n Size/MD5 checksum: 545322 899c08785c157f10f657e7acb5ede406\n http://security.debian.org/pool/updates/main/x/xfree86/libxext-dev_4.3.0.dfsg.1-14sarge4_ia64.deb\n Size/MD5 checksum: 264566 5278642e58fb8cb61ade54ae9ea00125\n http://security.debian.org/pool/updates/main/x/xfree86/libxext6_4.3.0.dfsg.1-14sarge4_ia64.deb\n Size/MD5 checksum: 201316 aec4b6a598c0d37f9ee2a7c434560ca0\n http://security.debian.org/pool/updates/main/x/xfree86/libxext6-dbg_4.3.0.dfsg.1-14sarge4_ia64.deb\n Size/MD5 checksum: 525084 ce9b348e4f455a0e236c8abbe88894cd\n http://security.debian.org/pool/updates/main/x/xfree86/libxft1_4.3.0.dfsg.1-14sarge4_ia64.deb\n Size/MD5 checksum: 200834 9ab987825769ca0885bbefb655793bfc\n http://security.debian.org/pool/updates/main/x/xfree86/libxft1-dbg_4.3.0.dfsg.1-14sarge4_ia64.deb\n Size/MD5 checksum: 484850 f43c52e902a788f0bc47dad4670dbc13\n http://security.debian.org/pool/updates/main/x/xfree86/libxi-dev_4.3.0.dfsg.1-14sarge4_ia64.deb\n Size/MD5 checksum: 241416 a6c1ff2791d41b528d34a2a5b7e0cda1\n http://security.debian.org/pool/updates/main/x/xfree86/libxi6_4.3.0.dfsg.1-14sarge4_ia64.deb\n Size/MD5 checksum: 188316 70ec23e87366fe5d62cc6237a34df58c\n http://security.debian.org/pool/updates/main/x/xfree86/libxi6-dbg_4.3.0.dfsg.1-14sarge4_ia64.deb\n Size/MD5 checksum: 1184954 478f63c5a4364655aad8b35ff2b58d2d\n http://security.debian.org/pool/updates/main/x/xfree86/libxmu-dev_4.3.0.dfsg.1-14sarge4_ia64.deb\n Size/MD5 checksum: 247942 0d03221e400cdfa4dfa62437e859af33\n http://security.debian.org/pool/updates/main/x/xfree86/libxmu6_4.3.0.dfsg.1-14sarge4_ia64.deb\n Size/MD5 checksum: 230070 4e75172f67d529d5b4960586dffb2326\n http://security.debian.org/pool/updates/main/x/xfree86/libxmu6-dbg_4.3.0.dfsg.1-14sarge4_ia64.deb\n Size/MD5 checksum: 689792 832b63f9f3b4109df89426905c5ddcc9\n http://security.debian.org/pool/updates/main/x/xfree86/libxmuu-dev_4.3.0.dfsg.1-14sarge4_ia64.deb\n Size/MD5 checksum: 164948 8183cb1e03648f3f6cf19544eef00abc\n http://security.debian.org/pool/updates/main/x/xfree86/libxmuu1_4.3.0.dfsg.1-14sarge4_ia64.deb\n Size/MD5 checksum: 173644 d194b2aab4f22ed2016a21cfc6cb554b\n http://security.debian.org/pool/updates/main/x/xfree86/libxmuu1-dbg_4.3.0.dfsg.1-14sarge4_ia64.deb\n Size/MD5 checksum: 210708 cfac0d9056615515ca8baba68d750c5e\n http://security.debian.org/pool/updates/main/x/xfree86/libxp-dev_4.3.0.dfsg.1-14sarge4_ia64.deb\n Size/MD5 checksum: 186904 14761ff4b77ea55e8d5ea1bf838098b8\n http://security.debian.org/pool/updates/main/x/xfree86/libxp6_4.3.0.dfsg.1-14sarge4_ia64.deb\n Size/MD5 checksum: 185238 d5f89d9c59ad7bf9a91bdbc7329dcf9b\n http://security.debian.org/pool/updates/main/x/xfree86/libxp6-dbg_4.3.0.dfsg.1-14sarge4_ia64.deb\n Size/MD5 checksum: 577486 23dcc7933085f8c1ed9ca319bcfb8d5f\n http://security.debian.org/pool/updates/main/x/xfree86/libxpm-dev_4.3.0.dfsg.1-14sarge4_ia64.deb\n Size/MD5 checksum: 214096 6902cdbbc99c3d21d8e97d3b2d962d0b\n http://security.debian.org/pool/updates/main/x/xfree86/libxpm4_4.3.0.dfsg.1-14sarge4_ia64.deb\n Size/MD5 checksum: 211598 bb9345c62712925a2a31c681f80d8c78\n http://security.debian.org/pool/updates/main/x/xfree86/libxpm4-dbg_4.3.0.dfsg.1-14sarge4_ia64.deb\n Size/MD5 checksum: 261608 4ee5e1029fe9ab66213c57546ec099e1\n http://security.debian.org/pool/updates/main/x/xfree86/libxrandr-dev_4.3.0.dfsg.1-14sarge4_ia64.deb\n Size/MD5 checksum: 174596 7fd5a663614670bce66dcb18686707fd\n http://security.debian.org/pool/updates/main/x/xfree86/libxrandr2_4.3.0.dfsg.1-14sarge4_ia64.deb\n Size/MD5 checksum: 174482 3ae32e6fa2f05345221cdcf5222a0a76\n http://security.debian.org/pool/updates/main/x/xfree86/libxrandr2-dbg_4.3.0.dfsg.1-14sarge4_ia64.deb\n Size/MD5 checksum: 204366 83a4a11374d28f11276a812af5a4f189\n http://security.debian.org/pool/updates/main/x/xfree86/libxt-dev_4.3.0.dfsg.1-14sarge4_ia64.deb\n Size/MD5 checksum: 734512 83da9954a4e88ea281aac8e58cce0417\n http://security.debian.org/pool/updates/main/x/xfree86/libxt6_4.3.0.dfsg.1-14sarge4_ia64.deb\n Size/MD5 checksum: 410848 fc544e2b161c9c796a97e702064c7814\n http://security.debian.org/pool/updates/main/x/xfree86/libxt6-dbg_4.3.0.dfsg.1-14sarge4_ia64.deb\n Size/MD5 checksum: 1627622 3ad29ccc7e3aa3ff849cf5226a378662\n http://security.debian.org/pool/updates/main/x/xfree86/libxtrap-dev_4.3.0.dfsg.1-14sarge4_ia64.deb\n Size/MD5 checksum: 192576 191f6eb877c6220b15d3581748bf080b\n http://security.debian.org/pool/updates/main/x/xfree86/libxtrap6_4.3.0.dfsg.1-14sarge4_ia64.deb\n Size/MD5 checksum: 186708 4778512f96e02cc2b00f667b7757dd58\n http://security.debian.org/pool/updates/main/x/xfree86/libxtrap6-dbg_4.3.0.dfsg.1-14sarge4_ia64.deb\n Size/MD5 checksum: 415204 c1d5735cb1197a99a0d4a6e08ed8d2ad\n http://security.debian.org/pool/updates/main/x/xfree86/libxtst-dev_4.3.0.dfsg.1-14sarge4_ia64.deb\n Size/MD5 checksum: 176850 4276368e65cc7b6d0ced6fee47fd1325\n http://security.debian.org/pool/updates/main/x/xfree86/libxtst6_4.3.0.dfsg.1-14sarge4_ia64.deb\n Size/MD5 checksum: 180028 535e93c0336b609113938920d2da7b19\n http://security.debian.org/pool/updates/main/x/xfree86/libxtst6-dbg_4.3.0.dfsg.1-14sarge4_ia64.deb\n Size/MD5 checksum: 242192 7a7a71281b43033019a704565a9fc691\n http://security.debian.org/pool/updates/main/x/xfree86/libxv-dev_4.3.0.dfsg.1-14sarge4_ia64.deb\n Size/MD5 checksum: 194772 f6fbbe744696aab7c36f1f118bbbdd89\n http://security.debian.org/pool/updates/main/x/xfree86/libxv1_4.3.0.dfsg.1-14sarge4_ia64.deb\n Size/MD5 checksum: 176284 1c925dce81cd41410c433264025c6159\n http://security.debian.org/pool/updates/main/x/xfree86/libxv1-dbg_4.3.0.dfsg.1-14sarge4_ia64.deb\n Size/MD5 checksum: 207898 981e0a72852e686ebb94b8bd54f16134\n http://security.debian.org/pool/updates/main/x/xfree86/proxymngr_4.3.0.dfsg.1-14sarge4_ia64.deb\n Size/MD5 checksum: 188648 08fc0d4fab01781603e9572fd3e839f8\n http://security.debian.org/pool/updates/main/x/xfree86/twm_4.3.0.dfsg.1-14sarge4_ia64.deb\n Size/MD5 checksum: 312324 a6c63c439a5bb043fe320f4779f8f31b\n http://security.debian.org/pool/updates/main/x/xfree86/x-window-system-core_4.3.0.dfsg.1-14sarge4_ia64.deb\n Size/MD5 checksum: 158796 49f4feb5a9fe370f6ed39115bf6dae30\n http://security.debian.org/pool/updates/main/x/xfree86/x-window-system-dev_4.3.0.dfsg.1-14sarge4_ia64.deb\n Size/MD5 checksum: 158844 9fd7480c8f47f27fd6e0bc7bbf847533\n http://security.debian.org/pool/updates/main/x/xfree86/xbase-clients_4.3.0.dfsg.1-14sarge4_ia64.deb\n Size/MD5 checksum: 2774492 3424d3799ae9b7b08e7a66185aef68f4\n http://security.debian.org/pool/updates/main/x/xfree86/xdm_4.3.0.dfsg.1-14sarge4_ia64.deb\n Size/MD5 checksum: 347898 8ae26bdac80c228f162b0fd10fe25892\n http://security.debian.org/pool/updates/main/x/xfree86/xfs_4.3.0.dfsg.1-14sarge4_ia64.deb\n Size/MD5 checksum: 693412 f1a383a2bdbf67626c4389de56597a17\n http://security.debian.org/pool/updates/main/x/xfree86/xfwp_4.3.0.dfsg.1-14sarge4_ia64.deb\n Size/MD5 checksum: 188856 7c8411b390713431d036b549a80f8d61\n http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-dri_4.3.0.dfsg.1-14sarge4_ia64.deb\n Size/MD5 checksum: 8121752 763ff2b160b0c0712499eae573f40e44\n http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-dri-dbg_4.3.0.dfsg.1-14sarge4_ia64.deb\n Size/MD5 checksum: 51595076 6dd701a0a28aba2219034d6f2214121c\n http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl_4.3.0.dfsg.1-14sarge4_ia64.deb\n Size/MD5 checksum: 349704 baa5b652ac7da0154ee263c3522d04f4\n http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl-dbg_4.3.0.dfsg.1-14sarge4_ia64.deb\n Size/MD5 checksum: 1324528 4854dde9c6fa7cb0dcc6c3862507fb9e\n http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl-dev_4.3.0.dfsg.1-14sarge4_ia64.deb\n Size/MD5 checksum: 797068 1ce3af82028237daea128d7213e89cf2\n http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu_4.3.0.dfsg.1-14sarge4_ia64.deb\n Size/MD5 checksum: 447492 384596efd464eb27da2bea8b426e9061\n http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu-dbg_4.3.0.dfsg.1-14sarge4_ia64.deb\n Size/MD5 checksum: 1200974 a9d2b33b28b815cb01bf96ae96093032\n http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu-dev_4.3.0.dfsg.1-14sarge4_ia64.deb\n Size/MD5 checksum: 553512 bc158ab22c3d8949e0e9486d6518af40\n http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa3_4.3.0.dfsg.1-14sarge4_ia64.deb\n Size/MD5 checksum: 158598 116aa61965b7a3b91b45e317d3e91b75\n http://security.debian.org/pool/updates/main/x/xfree86/xlibosmesa-dev_4.3.0.dfsg.1-14sarge4_ia64.deb\n Size/MD5 checksum: 1081118 e8b35d16092f656359e9c0bb99b74179\n http://security.debian.org/pool/updates/main/x/xfree86/xlibosmesa4_4.3.0.dfsg.1-14sarge4_ia64.deb\n Size/MD5 checksum: 946692 c3e728e388711e13d6d2cebd03836e67\n http://security.debian.org/pool/updates/main/x/xfree86/xlibosmesa4-dbg_4.3.0.dfsg.1-14sarge4_ia64.deb\n Size/MD5 checksum: 4773708 fb080167239394d3ba3ae4a71e737546\n http://security.debian.org/pool/updates/main/x/xfree86/xlibs-static-dev_4.3.0.dfsg.1-14sarge4_ia64.deb\n Size/MD5 checksum: 1165792 e9456cdb9978268829113f8f687f98ef\n http://security.debian.org/pool/updates/main/x/xfree86/xlibs-static-pic_4.3.0.dfsg.1-14sarge4_ia64.deb\n Size/MD5 checksum: 494608 cf64329bcaf705b4cef3f52c90a612f1\n http://security.debian.org/pool/updates/main/x/xfree86/xmh_4.3.0.dfsg.1-14sarge4_ia64.deb\n Size/MD5 checksum: 260258 741427f481d436aa87d90d59b3e92379\n http://security.debian.org/pool/updates/main/x/xfree86/xnest_4.3.0.dfsg.1-14sarge4_ia64.deb\n Size/MD5 checksum: 2383910 4dd936295dc3a5d630906d9c510813ca\n http://security.debian.org/pool/updates/main/x/xfree86/xserver-common_4.3.0.dfsg.1-14sarge4_ia64.deb\n Size/MD5 checksum: 338584 d5a558ca2dc8e909834048e78204d3a0\n http://security.debian.org/pool/updates/main/x/xfree86/xserver-xfree86_4.3.0.dfsg.1-14sarge4_ia64.deb\n Size/MD5 checksum: 8457416 479bbecbef8d2971225628529a160bb4\n http://security.debian.org/pool/updates/main/x/xfree86/xserver-xfree86-dbg_4.3.0.dfsg.1-14sarge4_ia64.deb\n Size/MD5 checksum: 56511442 b7f8fd181b9a684eeca40bfea3d185de\n http://security.debian.org/pool/updates/main/x/xfree86/xterm_4.3.0.dfsg.1-14sarge4_ia64.deb\n Size/MD5 checksum: 581860 4ba016a1f2b41d055eaa081ec5b04bc0\n http://security.debian.org/pool/updates/main/x/xfree86/xutils_4.3.0.dfsg.1-14sarge4_ia64.deb\n Size/MD5 checksum: 1133422 bf77f9281359939cfac6fe550af95f6d\n http://security.debian.org/pool/updates/main/x/xfree86/xvfb_4.3.0.dfsg.1-14sarge4_ia64.deb\n Size/MD5 checksum: 2610628 6cc3b877c5b52e77dac0e83bd58fa390\n http://security.debian.org/pool/updates/main/r/rdesktop/rdesktop_1.4.0-2sarge1_ia64.deb\n Size/MD5 checksum: 145704 d959399c76a6f63626a83f75dbed9d82\n\n Motorola 680x0 architecture:\n\n http://security.debian.org/pool/updates/main/x/xfree86/lbxproxy_4.3.0.dfsg.1-14sarge4_m68k.deb\n Size/MD5 checksum: 241018 77a07432c45b9378936b86794d2bcab2\n http://security.debian.org/pool/updates/main/x/xfree86/libdps-dev_4.3.0.dfsg.1-14sarge4_m68k.deb\n Size/MD5 checksum: 331138 64ad4122c8f105a06f56c23d9174cc10\n http://security.debian.org/pool/updates/main/x/xfree86/libdps1_4.3.0.dfsg.1-14sarge4_m68k.deb\n Size/MD5 checksum: 282230 c554467354b448f9e165955af4e7b4a2\n http://security.debian.org/pool/updates/main/x/xfree86/libdps1-dbg_4.3.0.dfsg.1-14sarge4_m68k.deb\n Size/MD5 checksum: 785174 dd08487031b3e63b50533df646c0e6af\n http://security.debian.org/pool/updates/main/x/xfree86/libice-dev_4.3.0.dfsg.1-14sarge4_m68k.deb\n Size/MD5 checksum: 200262 060aa0d9cb7282199ca18305b5c821f4\n http://security.debian.org/pool/updates/main/x/xfree86/libice6_4.3.0.dfsg.1-14sarge4_m68k.deb\n Size/MD5 checksum: 197746 83836818743f4dd92b30ab3eedcf362b\n http://security.debian.org/pool/updates/main/x/xfree86/libice6-dbg_4.3.0.dfsg.1-14sarge4_m68k.deb\n Size/MD5 checksum: 281672 1e1caf7322c340167bb95486494c3012\n http://security.debian.org/pool/updates/main/x/xfree86/libsm-dev_4.3.0.dfsg.1-14sarge4_m68k.deb\n Size/MD5 checksum: 174714 87eddf9c6a897f97952aa91c838eff89\n http://security.debian.org/pool/updates/main/x/xfree86/libsm6_4.3.0.dfsg.1-14sarge4_m68k.deb\n Size/MD5 checksum: 180594 573276a89f23874cac04d56e205aec69\n http://security.debian.org/pool/updates/main/x/xfree86/libsm6-dbg_4.3.0.dfsg.1-14sarge4_m68k.deb\n Size/MD5 checksum: 204752 51890686ef5fe0a32afb5f760e19e1af\n http://security.debian.org/pool/updates/main/x/xfree86/libx11-6_4.3.0.dfsg.1-14sarge4_m68k.deb\n Size/MD5 checksum: 680616 7200fc49162ebda0d53a7ab4a74bbff1\n http://security.debian.org/pool/updates/main/x/xfree86/libx11-6-dbg_4.3.0.dfsg.1-14sarge4_m68k.deb\n Size/MD5 checksum: 9735198 4c7d703ab09a32257fbb4a7a9ca6ef34\n http://security.debian.org/pool/updates/main/x/xfree86/libx11-dev_4.3.0.dfsg.1-14sarge4_m68k.deb\n Size/MD5 checksum: 1320712 16c0e121877da9f823914a14d3e5f40b\n http://security.debian.org/pool/updates/main/x/xfree86/libxaw6_4.3.0.dfsg.1-14sarge4_m68k.deb\n Size/MD5 checksum: 272166 df7b6958c0a1c7017a30f9c7b78ec723\n http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dbg_4.3.0.dfsg.1-14sarge4_m68k.deb\n Size/MD5 checksum: 885970 0c270453838e035b27714ed71bc9a952\n http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dev_4.3.0.dfsg.1-14sarge4_m68k.deb\n Size/MD5 checksum: 389520 46a680064a2f9a1e888df2bd7f7aa903\n http://security.debian.org/pool/updates/main/x/xfree86/libxaw7_4.3.0.dfsg.1-14sarge4_m68k.deb\n Size/MD5 checksum: 319674 7f7e6f24dac1b7e3f4c41bd3f589d281\n http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dbg_4.3.0.dfsg.1-14sarge4_m68k.deb\n Size/MD5 checksum: 1015288 3253f3dc4f1914004ee0d58e4e1c0f41\n http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dev_4.3.0.dfsg.1-14sarge4_m68k.deb\n Size/MD5 checksum: 389430 759f32add2082c6df77263c182b8dd05\n http://security.debian.org/pool/updates/main/x/xfree86/libxext-dev_4.3.0.dfsg.1-14sarge4_m68k.deb\n Size/MD5 checksum: 244390 12f93645d7c7f68716ed544613efeb6a\n http://security.debian.org/pool/updates/main/x/xfree86/libxext6_4.3.0.dfsg.1-14sarge4_m68k.deb\n Size/MD5 checksum: 186086 e51920992e3a65fc3d6738517e449792\n http://security.debian.org/pool/updates/main/x/xfree86/libxext6-dbg_4.3.0.dfsg.1-14sarge4_m68k.deb\n Size/MD5 checksum: 513588 dacd493b35a8a37d1b0326ec265f1586\n http://security.debian.org/pool/updates/main/x/xfree86/libxft1_4.3.0.dfsg.1-14sarge4_m68k.deb\n Size/MD5 checksum: 188836 96ec2b33de1690dc8dc1e4dca8a5de24\n http://security.debian.org/pool/updates/main/x/xfree86/libxft1-dbg_4.3.0.dfsg.1-14sarge4_m68k.deb\n Size/MD5 checksum: 478026 59ab765625ea9dc6da641a8e5d01d1f1\n http://security.debian.org/pool/updates/main/x/xfree86/libxi-dev_4.3.0.dfsg.1-14sarge4_m68k.deb\n Size/MD5 checksum: 229372 59d34c9c15853cb410d5ce3d35924d40\n http://security.debian.org/pool/updates/main/x/xfree86/libxi6_4.3.0.dfsg.1-14sarge4_m68k.deb\n Size/MD5 checksum: 177524 788b51e970927d25728e597d6efda2f2\n http://security.debian.org/pool/updates/main/x/xfree86/libxi6-dbg_4.3.0.dfsg.1-14sarge4_m68k.deb\n Size/MD5 checksum: 1190632 24752ff589468af8133e0e27661cea93\n http://security.debian.org/pool/updates/main/x/xfree86/libxmu-dev_4.3.0.dfsg.1-14sarge4_m68k.deb\n Size/MD5 checksum: 213748 ced2278c1ba39a77143cedea80190687\n http://security.debian.org/pool/updates/main/x/xfree86/libxmu6_4.3.0.dfsg.1-14sarge4_m68k.deb\n Size/MD5 checksum: 206234 4fbbf0148b2cd42a69521255000601e5\n http://security.debian.org/pool/updates/main/x/xfree86/libxmu6-dbg_4.3.0.dfsg.1-14sarge4_m68k.deb\n Size/MD5 checksum: 666594 e2ab67ea5ba09f7be87f51beab9d5886\n http://security.debian.org/pool/updates/main/x/xfree86/libxmuu-dev_4.3.0.dfsg.1-14sarge4_m68k.deb\n Size/MD5 checksum: 162740 2da7b2488ea0dbaf0582960cfcbbb782\n http://security.debian.org/pool/updates/main/x/xfree86/libxmuu1_4.3.0.dfsg.1-14sarge4_m68k.deb\n Size/MD5 checksum: 171686 6fd94e0375a1bbfa758392035ec76c73\n http://security.debian.org/pool/updates/main/x/xfree86/libxmuu1-dbg_4.3.0.dfsg.1-14sarge4_m68k.deb\n Size/MD5 checksum: 208966 03cc15b63c820c9568275e4fc248afc8\n http://security.debian.org/pool/updates/main/x/xfree86/libxp-dev_4.3.0.dfsg.1-14sarge4_m68k.deb\n Size/MD5 checksum: 177938 0298a644eec5eb22c96672b1364f8ac4\n http://security.debian.org/pool/updates/main/x/xfree86/libxp6_4.3.0.dfsg.1-14sarge4_m68k.deb\n Size/MD5 checksum: 177392 221bb28eb3760c47fb26797e692d84ac\n http://security.debian.org/pool/updates/main/x/xfree86/libxp6-dbg_4.3.0.dfsg.1-14sarge4_m68k.deb\n Size/MD5 checksum: 571934 a2e321f788912dc8f4591fd1dfc50c79\n http://security.debian.org/pool/updates/main/x/xfree86/libxpm-dev_4.3.0.dfsg.1-14sarge4_m68k.deb\n Size/MD5 checksum: 189722 820323286728158435103af5db8748af\n http://security.debian.org/pool/updates/main/x/xfree86/libxpm4_4.3.0.dfsg.1-14sarge4_m68k.deb\n Size/MD5 checksum: 191700 7e3e4d432fc65a82689a629af33b6cf9\n http://security.debian.org/pool/updates/main/x/xfree86/libxpm4-dbg_4.3.0.dfsg.1-14sarge4_m68k.deb\n Size/MD5 checksum: 239296 141d8cbc8f454a44f79c13dcf1152e3c\n http://security.debian.org/pool/updates/main/x/xfree86/libxrandr-dev_4.3.0.dfsg.1-14sarge4_m68k.deb\n Size/MD5 checksum: 170844 1a5bd0bb22fd2dfded42c17de02bf2cd\n http://security.debian.org/pool/updates/main/x/xfree86/libxrandr2_4.3.0.dfsg.1-14sarge4_m68k.deb\n Size/MD5 checksum: 171222 3aecb797ff7774a2ab5cbb020b8d7583\n http://security.debian.org/pool/updates/main/x/xfree86/libxrandr2-dbg_4.3.0.dfsg.1-14sarge4_m68k.deb\n Size/MD5 checksum: 200380 10901ad8dc53221e014db4503f5b1891\n http://security.debian.org/pool/updates/main/x/xfree86/libxt-dev_4.3.0.dfsg.1-14sarge4_m68k.deb\n Size/MD5 checksum: 597690 1e422ffd7f5c0b308b54d0a5a732ad56\n http://security.debian.org/pool/updates/main/x/xfree86/libxt6_4.3.0.dfsg.1-14sarge4_m68k.deb\n Size/MD5 checksum: 314590 36483349e4f37219f5ab22061b7c316d\n http://security.debian.org/pool/updates/main/x/xfree86/libxt6-dbg_4.3.0.dfsg.1-14sarge4_m68k.deb\n Size/MD5 checksum: 1518028 6dd17e0c9f3869be4bde36d09a1f5cbd\n http://security.debian.org/pool/updates/main/x/xfree86/libxtrap-dev_4.3.0.dfsg.1-14sarge4_m68k.deb\n Size/MD5 checksum: 184100 90bfe448f4c46e7032235e8a41f6bdec\n http://security.debian.org/pool/updates/main/x/xfree86/libxtrap6_4.3.0.dfsg.1-14sarge4_m68k.deb\n Size/MD5 checksum: 180192 446b94f914b87c2855ab2b6508a001b7\n http://security.debian.org/pool/updates/main/x/xfree86/libxtrap6-dbg_4.3.0.dfsg.1-14sarge4_m68k.deb\n Size/MD5 checksum: 408988 5a315e50bbe97cf00ab9c286168480a7\n http://security.debian.org/pool/updates/main/x/xfree86/libxtst-dev_4.3.0.dfsg.1-14sarge4_m68k.deb\n Size/MD5 checksum: 168920 562498f992c6e330578f5545bfb4c183\n http://security.debian.org/pool/updates/main/x/xfree86/libxtst6_4.3.0.dfsg.1-14sarge4_m68k.deb\n Size/MD5 checksum: 173734 43011296400cc534ad0e2763a6948209\n http://security.debian.org/pool/updates/main/x/xfree86/libxtst6-dbg_4.3.0.dfsg.1-14sarge4_m68k.deb\n Size/MD5 checksum: 236732 9df9f6739611fb0fb3d13be1604e944f\n http://security.debian.org/pool/updates/main/x/xfree86/libxv-dev_4.3.0.dfsg.1-14sarge4_m68k.deb\n Size/MD5 checksum: 190134 7d2773cb87e157ca3872a3749f080ee3\n http://security.debian.org/pool/updates/main/x/xfree86/libxv1_4.3.0.dfsg.1-14sarge4_m68k.deb\n Size/MD5 checksum: 172066 be4d961e36c50d6db22d0dc790527cfc\n http://security.debian.org/pool/updates/main/x/xfree86/libxv1-dbg_4.3.0.dfsg.1-14sarge4_m68k.deb\n Size/MD5 checksum: 203030 0ae15e99cf268d4607a9ce9f5a0499cd\n http://security.debian.org/pool/updates/main/x/xfree86/proxymngr_4.3.0.dfsg.1-14sarge4_m68k.deb\n Size/MD5 checksum: 181158 51b4b7ed68aefda9a8c7c4663825bab7\n http://security.debian.org/pool/updates/main/x/xfree86/twm_4.3.0.dfsg.1-14sarge4_m68k.deb\n Size/MD5 checksum: 256204 6f415eff373b0dd082c3c4cd88f38968\n http://security.debian.org/pool/updates/main/x/xfree86/x-window-system-core_4.3.0.dfsg.1-14sarge4_m68k.deb\n Size/MD5 checksum: 158800 518d8866e2f0538a14a151e08205455f\n http://security.debian.org/pool/updates/main/x/xfree86/x-window-system-dev_4.3.0.dfsg.1-14sarge4_m68k.deb\n Size/MD5 checksum: 158848 05fdf197054b6de0a875f55cc623a90f\n http://security.debian.org/pool/updates/main/x/xfree86/xbase-clients_4.3.0.dfsg.1-14sarge4_m68k.deb\n Size/MD5 checksum: 1770534 a5a3246a865619f16873171292728d4d\n http://security.debian.org/pool/updates/main/x/xfree86/xdm_4.3.0.dfsg.1-14sarge4_m68k.deb\n Size/MD5 checksum: 304782 8c26e77f964dbabad39172dde2f11b28\n http://security.debian.org/pool/updates/main/x/xfree86/xfs_4.3.0.dfsg.1-14sarge4_m68k.deb\n Size/MD5 checksum: 448136 9f5a9f1a513fe8b4e0daddb3500689d4\n http://security.debian.org/pool/updates/main/x/xfree86/xfwp_4.3.0.dfsg.1-14sarge4_m68k.deb\n Size/MD5 checksum: 178986 1909446f56c676490d9ac52676a45e88\n http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl_4.3.0.dfsg.1-14sarge4_m68k.deb\n Size/MD5 checksum: 284944 026317fc993d1fe1dff80f1ac1eb91c5\n http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl-dbg_4.3.0.dfsg.1-14sarge4_m68k.deb\n Size/MD5 checksum: 1197212 8fd8f32f6f3bf0a11401ed7597f39c1c\n http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl-dev_4.3.0.dfsg.1-14sarge4_m68k.deb\n Size/MD5 checksum: 689460 a050bbc3a8b3a9f1789aee998e00c918\n http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu_4.3.0.dfsg.1-14sarge4_m68k.deb\n Size/MD5 checksum: 335758 e8e92c844a61419c47bce1aad77a59d2\n http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu-dbg_4.3.0.dfsg.1-14sarge4_m68k.deb\n Size/MD5 checksum: 1099042 0a495c48978112d48a084651984482a2\n http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu-dev_4.3.0.dfsg.1-14sarge4_m68k.deb\n Size/MD5 checksum: 405664 210e7f001efffbb8aa0cb72a30ecde57\n http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa3_4.3.0.dfsg.1-14sarge4_m68k.deb\n Size/MD5 checksum: 158604 d34dcc01cd3ea7779abb2fb03a07c035\n http://security.debian.org/pool/updates/main/x/xfree86/xlibs-static-dev_4.3.0.dfsg.1-14sarge4_m68k.deb\n Size/MD5 checksum: 758064 dc880642b8b7e1a8c29101b281d493fd\n http://security.debian.org/pool/updates/main/x/xfree86/xlibs-static-pic_4.3.0.dfsg.1-14sarge4_m68k.deb\n Size/MD5 checksum: 349048 a155502b312c00034f2ae0ee55a030e4\n http://security.debian.org/pool/updates/main/x/xfree86/xmh_4.3.0.dfsg.1-14sarge4_m68k.deb\n Size/MD5 checksum: 222330 758c282c2ea0fc9acb71bb81a50de8b1\n http://security.debian.org/pool/updates/main/x/xfree86/xnest_4.3.0.dfsg.1-14sarge4_m68k.deb\n Size/MD5 checksum: 1240584 4882905dcb51ec7943e1a2af30de7411\n http://security.debian.org/pool/updates/main/x/xfree86/xserver-common_4.3.0.dfsg.1-14sarge4_m68k.deb\n Size/MD5 checksum: 336750 626286fb3dbfbddac46db00f94247987\n http://security.debian.org/pool/updates/main/x/xfree86/xserver-xfree86_4.3.0.dfsg.1-14sarge4_m68k.deb\n Size/MD5 checksum: 4544002 e4cc4d1a010460c47e024cbbb3da404e\n http://security.debian.org/pool/updates/main/x/xfree86/xserver-xfree86-dbg_4.3.0.dfsg.1-14sarge4_m68k.deb\n Size/MD5 checksum: 45450578 159132c8cb652641dfa6a9e0fd0b0983\n http://security.debian.org/pool/updates/main/x/xfree86/xterm_4.3.0.dfsg.1-14sarge4_m68k.deb\n Size/MD5 checksum: 495068 9d646f6246283c9d9ec6203027418988\n http://security.debian.org/pool/updates/main/x/xfree86/xutils_4.3.0.dfsg.1-14sarge4_m68k.deb\n Size/MD5 checksum: 873524 2490473ac20b90a37ee823bef1168001\n http://security.debian.org/pool/updates/main/x/xfree86/xvfb_4.3.0.dfsg.1-14sarge4_m68k.deb\n Size/MD5 checksum: 1350020 fefe13b0d055607cbc25bea8a8700fa1\n http://security.debian.org/pool/updates/main/r/rdesktop/rdesktop_1.4.0-2sarge1_m68k.deb\n Size/MD5 checksum: 88642 2e821aab336d92fbf4463ec68d549df5\n\n Big endian MIPS architecture:\n\n http://security.debian.org/pool/updates/main/x/xfree86/lbxproxy_4.3.0.dfsg.1-14sarge4_mips.deb\n Size/MD5 checksum: 269036 e0d614a89eb3c3f0d76c1c32efb658d1\n http://security.debian.org/pool/updates/main/x/xfree86/libdps-dev_4.3.0.dfsg.1-14sarge4_mips.deb\n Size/MD5 checksum: 383674 85999be5fb8483b01f78ef55432996d8\n http://security.debian.org/pool/updates/main/x/xfree86/libdps1_4.3.0.dfsg.1-14sarge4_mips.deb\n Size/MD5 checksum: 283268 960f5f05ae7fda8191e7c3a0470519d0\n http://security.debian.org/pool/updates/main/x/xfree86/libdps1-dbg_4.3.0.dfsg.1-14sarge4_mips.deb\n Size/MD5 checksum: 794896 15bc703842b5c086c0dc32a365e75ec9\n http://security.debian.org/pool/updates/main/x/xfree86/libice-dev_4.3.0.dfsg.1-14sarge4_mips.deb\n Size/MD5 checksum: 212428 6e245b0237e014fc807aae8a83765de9\n http://security.debian.org/pool/updates/main/x/xfree86/libice6_4.3.0.dfsg.1-14sarge4_mips.deb\n Size/MD5 checksum: 200476 7f451738d1c701f31063eca4714a3e82\n http://security.debian.org/pool/updates/main/x/xfree86/libice6-dbg_4.3.0.dfsg.1-14sarge4_mips.deb\n Size/MD5 checksum: 286068 5abe8c7d0b16a59be535313f4a8e5c41\n http://security.debian.org/pool/updates/main/x/xfree86/libsm-dev_4.3.0.dfsg.1-14sarge4_mips.deb\n Size/MD5 checksum: 178320 26290f78c879e2f18a917e4a0d594c83\n http://security.debian.org/pool/updates/main/x/xfree86/libsm6_4.3.0.dfsg.1-14sarge4_mips.deb\n Size/MD5 checksum: 180942 212958ccdb25420a7e8c85efb757419d\n http://security.debian.org/pool/updates/main/x/xfree86/libsm6-dbg_4.3.0.dfsg.1-14sarge4_mips.deb\n Size/MD5 checksum: 205778 62298420a535e5b9e334be552e02bfce\n http://security.debian.org/pool/updates/main/x/xfree86/libx11-6_4.3.0.dfsg.1-14sarge4_mips.deb\n Size/MD5 checksum: 741164 dc4a231aa21b24592af81779a3f0e63a\n http://security.debian.org/pool/updates/main/x/xfree86/libx11-6-dbg_4.3.0.dfsg.1-14sarge4_mips.deb\n Size/MD5 checksum: 9875488 04e5abcf7f591272784c4e8a2de04600\n http://security.debian.org/pool/updates/main/x/xfree86/libx11-dev_4.3.0.dfsg.1-14sarge4_mips.deb\n Size/MD5 checksum: 1448650 ef0aecd48a18d8c0328f8aed260a8056\n http://security.debian.org/pool/updates/main/x/xfree86/libxaw6_4.3.0.dfsg.1-14sarge4_mips.deb\n Size/MD5 checksum: 291898 1d19096fdfda44903b79e0e907feafb5\n http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dbg_4.3.0.dfsg.1-14sarge4_mips.deb\n Size/MD5 checksum: 914694 5cd35836ce90b31192da903fe74b9464\n http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dev_4.3.0.dfsg.1-14sarge4_mips.deb\n Size/MD5 checksum: 457170 75c30aaae65eac879b12d96746024b50\n http://security.debian.org/pool/updates/main/x/xfree86/libxaw7_4.3.0.dfsg.1-14sarge4_mips.deb\n Size/MD5 checksum: 345484 61ae086ce3fe377c7ad719ac15bb0e81\n http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dbg_4.3.0.dfsg.1-14sarge4_mips.deb\n Size/MD5 checksum: 1053840 265f890d3f31f22adfe12929e6927d1a\n http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dev_4.3.0.dfsg.1-14sarge4_mips.deb\n Size/MD5 checksum: 457082 dcdadb44978e3efd8d4de14b1bb1e779\n http://security.debian.org/pool/updates/main/x/xfree86/libxext-dev_4.3.0.dfsg.1-14sarge4_mips.deb\n Size/MD5 checksum: 253440 832c6d9c7c66d6f5de7c8e01627413aa\n http://security.debian.org/pool/updates/main/x/xfree86/libxext6_4.3.0.dfsg.1-14sarge4_mips.deb\n Size/MD5 checksum: 189378 ef74e7e76c3a466cfe4fc965762f618b\n http://security.debian.org/pool/updates/main/x/xfree86/libxext6-dbg_4.3.0.dfsg.1-14sarge4_mips.deb\n Size/MD5 checksum: 519556 edf155ff90decb7a0faa5632b5a4cf4f\n http://security.debian.org/pool/updates/main/x/xfree86/libxft1_4.3.0.dfsg.1-14sarge4_mips.deb\n Size/MD5 checksum: 190660 86464457c3e108661887610e5ea83283\n http://security.debian.org/pool/updates/main/x/xfree86/libxft1-dbg_4.3.0.dfsg.1-14sarge4_mips.deb\n Size/MD5 checksum: 481658 4d02c7e8a59fc882c249abaecc9fb231\n http://security.debian.org/pool/updates/main/x/xfree86/libxi-dev_4.3.0.dfsg.1-14sarge4_mips.deb\n Size/MD5 checksum: 234346 48396e6b0a99add4cef783ac8a7aa4a2\n http://security.debian.org/pool/updates/main/x/xfree86/libxi6_4.3.0.dfsg.1-14sarge4_mips.deb\n Size/MD5 checksum: 180312 7065ff48dd57fc4712290485943d1884\n http://security.debian.org/pool/updates/main/x/xfree86/libxi6-dbg_4.3.0.dfsg.1-14sarge4_mips.deb\n Size/MD5 checksum: 1200778 8891af2a2b97901ba15daa436bc4a8be\n http://security.debian.org/pool/updates/main/x/xfree86/libxmu-dev_4.3.0.dfsg.1-14sarge4_mips.deb\n Size/MD5 checksum: 229230 b57f350a0b45180482d4773b4d4906df\n http://security.debian.org/pool/updates/main/x/xfree86/libxmu6_4.3.0.dfsg.1-14sarge4_mips.deb\n Size/MD5 checksum: 210238 f1d4dceb06755ff6eac535ead7b60e48\n http://security.debian.org/pool/updates/main/x/xfree86/libxmu6-dbg_4.3.0.dfsg.1-14sarge4_mips.deb\n Size/MD5 checksum: 679006 ab2a5d9d9cf347380e6e8f404972b3a7\n http://security.debian.org/pool/updates/main/x/xfree86/libxmuu-dev_4.3.0.dfsg.1-14sarge4_mips.deb\n Size/MD5 checksum: 163800 0cb95c62798ce539733e1b6d5f4cd10d\n http://security.debian.org/pool/updates/main/x/xfree86/libxmuu1_4.3.0.dfsg.1-14sarge4_mips.deb\n Size/MD5 checksum: 171894 3dbd7c7abdd64ee3cab8ab578c28a466\n http://security.debian.org/pool/updates/main/x/xfree86/libxmuu1-dbg_4.3.0.dfsg.1-14sarge4_mips.deb\n Size/MD5 checksum: 209482 61a6a45b5b9408f3bfe16d0ab2677e7d\n http://security.debian.org/pool/updates/main/x/xfree86/libxp-dev_4.3.0.dfsg.1-14sarge4_mips.deb\n Size/MD5 checksum: 181812 9608b04167f37a788a8363f622038b3c\n http://security.debian.org/pool/updates/main/x/xfree86/libxp6_4.3.0.dfsg.1-14sarge4_mips.deb\n Size/MD5 checksum: 178568 2643b6b2f300b44e9164920e90bc1e32\n http://security.debian.org/pool/updates/main/x/xfree86/libxp6-dbg_4.3.0.dfsg.1-14sarge4_mips.deb\n Size/MD5 checksum: 576458 dabd3f68c6c430a417eb265c04f97dc8\n http://security.debian.org/pool/updates/main/x/xfree86/libxpm-dev_4.3.0.dfsg.1-14sarge4_mips.deb\n Size/MD5 checksum: 201004 53b5143cb8b95dd74f4c8c5394447c9e\n http://security.debian.org/pool/updates/main/x/xfree86/libxpm4_4.3.0.dfsg.1-14sarge4_mips.deb\n Size/MD5 checksum: 196860 85d7fedaf7f23cfa9f5b852d7c2cf804\n http://security.debian.org/pool/updates/main/x/xfree86/libxpm4-dbg_4.3.0.dfsg.1-14sarge4_mips.deb\n Size/MD5 checksum: 246082 ac0e1f47165a1449ce01d6fcd99ba377\n http://security.debian.org/pool/updates/main/x/xfree86/libxrandr-dev_4.3.0.dfsg.1-14sarge4_mips.deb\n Size/MD5 checksum: 172422 51a54bcd72bbfef34fff324215046684\n http://security.debian.org/pool/updates/main/x/xfree86/libxrandr2_4.3.0.dfsg.1-14sarge4_mips.deb\n Size/MD5 checksum: 171978 098bb8fef374fd9cacf44fb196dd6a08\n http://security.debian.org/pool/updates/main/x/xfree86/libxrandr2-dbg_4.3.0.dfsg.1-14sarge4_mips.deb\n Size/MD5 checksum: 201692 a0e794a9a0f11782c2a1e2c063c907c6\n http://security.debian.org/pool/updates/main/x/xfree86/libxt-dev_4.3.0.dfsg.1-14sarge4_mips.deb\n Size/MD5 checksum: 658488 cd7fa7d1d143676db6f5b3c669ca2e90\n http://security.debian.org/pool/updates/main/x/xfree86/libxt6_4.3.0.dfsg.1-14sarge4_mips.deb\n Size/MD5 checksum: 337488 ec3a5b787c6ae945a8d4701894b6b47f\n http://security.debian.org/pool/updates/main/x/xfree86/libxt6-dbg_4.3.0.dfsg.1-14sarge4_mips.deb\n Size/MD5 checksum: 1558432 b758c6ae00f6795c2e7612d2b6869427\n http://security.debian.org/pool/updates/main/x/xfree86/libxtrap-dev_4.3.0.dfsg.1-14sarge4_mips.deb\n Size/MD5 checksum: 188076 b6383e3e11a196f27b0ebfce5a1249e2\n http://security.debian.org/pool/updates/main/x/xfree86/libxtrap6_4.3.0.dfsg.1-14sarge4_mips.deb\n Size/MD5 checksum: 180856 1b3e3fb923a6fed46dfd8a9a819808bb\n http://security.debian.org/pool/updates/main/x/xfree86/libxtrap6-dbg_4.3.0.dfsg.1-14sarge4_mips.deb\n Size/MD5 checksum: 411938 8ba6d09b8b594b964de932b10515a848\n http://security.debian.org/pool/updates/main/x/xfree86/libxtst-dev_4.3.0.dfsg.1-14sarge4_mips.deb\n Size/MD5 checksum: 173122 cbb902e5f1004d524bf428ccbb476af7\n http://security.debian.org/pool/updates/main/x/xfree86/libxtst6_4.3.0.dfsg.1-14sarge4_mips.deb\n Size/MD5 checksum: 175272 78ef33ef661531a62de80c9e02927a3d\n http://security.debian.org/pool/updates/main/x/xfree86/libxtst6-dbg_4.3.0.dfsg.1-14sarge4_mips.deb\n Size/MD5 checksum: 238884 15b59465dccda67bd09e4882848efd07\n http://security.debian.org/pool/updates/main/x/xfree86/libxv-dev_4.3.0.dfsg.1-14sarge4_mips.deb\n Size/MD5 checksum: 191990 068d261c0a9192bc379118779f04e730\n http://security.debian.org/pool/updates/main/x/xfree86/libxv1_4.3.0.dfsg.1-14sarge4_mips.deb\n Size/MD5 checksum: 172872 081f29507e3b42c5a947425a865d6ab8\n http://security.debian.org/pool/updates/main/x/xfree86/libxv1-dbg_4.3.0.dfsg.1-14sarge4_mips.deb\n Size/MD5 checksum: 204250 ded6fc6a4c13e4dca7a5fc897b95789e\n http://security.debian.org/pool/updates/main/x/xfree86/proxymngr_4.3.0.dfsg.1-14sarge4_mips.deb\n Size/MD5 checksum: 183656 769f16754e841d2b3ede831430ee4d1b\n http://security.debian.org/pool/updates/main/x/xfree86/twm_4.3.0.dfsg.1-14sarge4_mips.deb\n Size/MD5 checksum: 279012 21e6d974d7bba679c7d0d297694eb6fe\n http://security.debian.org/pool/updates/main/x/xfree86/x-window-system-core_4.3.0.dfsg.1-14sarge4_mips.deb\n Size/MD5 checksum: 158790 8091cd2ef7e411b310f45861e8588d52\n http://security.debian.org/pool/updates/main/x/xfree86/x-window-system-dev_4.3.0.dfsg.1-14sarge4_mips.deb\n Size/MD5 checksum: 158836 433eb908c505bc4abbf45420e3b82ca3\n http://security.debian.org/pool/updates/main/x/xfree86/xbase-clients_4.3.0.dfsg.1-14sarge4_mips.deb\n Size/MD5 checksum: 2107564 43918ac8ead8b2af80800041bf871aa8\n http://security.debian.org/pool/updates/main/x/xfree86/xdm_4.3.0.dfsg.1-14sarge4_mips.deb\n Size/MD5 checksum: 316422 c9f27358a4f5da75df8128109fbb43a5\n http://security.debian.org/pool/updates/main/x/xfree86/xfs_4.3.0.dfsg.1-14sarge4_mips.deb\n Size/MD5 checksum: 543002 cbd4b467bba106c92b1558ced4bf8fe3\n http://security.debian.org/pool/updates/main/x/xfree86/xfwp_4.3.0.dfsg.1-14sarge4_mips.deb\n Size/MD5 checksum: 182624 8420f1c990880b012d9323d0a68d3628\n http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl_4.3.0.dfsg.1-14sarge4_mips.deb\n Size/MD5 checksum: 283842 98edafc555cb17b7705e96a739f97594\n http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl-dbg_4.3.0.dfsg.1-14sarge4_mips.deb\n Size/MD5 checksum: 1205152 6ccc49b27787b426e41d30cd7344fff0\n http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl-dev_4.3.0.dfsg.1-14sarge4_mips.deb\n Size/MD5 checksum: 753068 25ce758d961646072a6738b691c16d0f\n http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu_4.3.0.dfsg.1-14sarge4_mips.deb\n Size/MD5 checksum: 373414 5bda413e620bb7c40b30cd131af86938\n http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu-dbg_4.3.0.dfsg.1-14sarge4_mips.deb\n Size/MD5 checksum: 1144212 942d59d8482805825b108365bda78cfb\n http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu-dev_4.3.0.dfsg.1-14sarge4_mips.deb\n Size/MD5 checksum: 497118 379dc047cf057a4fb194eea11c9d3ca2\n http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa3_4.3.0.dfsg.1-14sarge4_mips.deb\n Size/MD5 checksum: 158590 cba4b0c3960a04583aa947eb3ec21aa2\n http://security.debian.org/pool/updates/main/x/xfree86/xlibs-static-dev_4.3.0.dfsg.1-14sarge4_mips.deb\n Size/MD5 checksum: 933874 1e1331ba64cb1508c4db1df59ddbb9aa\n http://security.debian.org/pool/updates/main/x/xfree86/xlibs-static-pic_4.3.0.dfsg.1-14sarge4_mips.deb\n Size/MD5 checksum: 406030 e03c389daa5f6be9c72eb63353ce9d72\n http://security.debian.org/pool/updates/main/x/xfree86/xmh_4.3.0.dfsg.1-14sarge4_mips.deb\n Size/MD5 checksum: 239710 a99463cc6de040a91e2c3485a6ae9b95\n http://security.debian.org/pool/updates/main/x/xfree86/xnest_4.3.0.dfsg.1-14sarge4_mips.deb\n Size/MD5 checksum: 1737236 4268b1a0b2a4ca64811ce65a3ba07100\n http://security.debian.org/pool/updates/main/x/xfree86/xserver-common_4.3.0.dfsg.1-14sarge4_mips.deb\n Size/MD5 checksum: 337538 989852b0a430daed12875e29a361622b\n http://security.debian.org/pool/updates/main/x/xfree86/xserver-xfree86_4.3.0.dfsg.1-14sarge4_mips.deb\n Size/MD5 checksum: 4021462 de4bdda63e45d94a8132c2e94c252449\n http://security.debian.org/pool/updates/main/x/xfree86/xserver-xfree86-dbg_4.3.0.dfsg.1-14sarge4_mips.deb\n Size/MD5 checksum: 45540760 1f5b16eba5dc648b0ca7246db7a2d7ff\n http://security.debian.org/pool/updates/main/x/xfree86/xterm_4.3.0.dfsg.1-14sarge4_mips.deb\n Size/MD5 checksum: 530278 1489eff24482171db1e388ca730595a2\n http://security.debian.org/pool/updates/main/x/xfree86/xutils_4.3.0.dfsg.1-14sarge4_mips.deb\n Size/MD5 checksum: 983238 a32855e77f25c7e9e21aa96ae8a9d2cc\n http://security.debian.org/pool/updates/main/x/xfree86/xvfb_4.3.0.dfsg.1-14sarge4_mips.deb\n Size/MD5 checksum: 1898580 582876c5ccae25dfd144bff7bbfc2e44\n http://security.debian.org/pool/updates/main/r/rdesktop/rdesktop_1.4.0-2sarge1_mips.deb\n Size/MD5 checksum: 115348 423b0dcbd2bf60cdcd1dfecf1ca9e85f\n\n Little endian MIPS architecture:\n\n http://security.debian.org/pool/updates/main/x/xfree86/lbxproxy_4.3.0.dfsg.1-14sarge4_mipsel.deb\n Size/MD5 checksum: 268714 b457217d19fd8fbc43666f54ee3b422d\n http://security.debian.org/pool/updates/main/x/xfree86/libdps-dev_4.3.0.dfsg.1-14sarge4_mipsel.deb\n Size/MD5 checksum: 383552 5d7b8a8f054a40610496c7b169a02bca\n http://security.debian.org/pool/updates/main/x/xfree86/libdps1_4.3.0.dfsg.1-14sarge4_mipsel.deb\n Size/MD5 checksum: 282270 3916d3d6ec212b8cf958aecf7283b697\n http://security.debian.org/pool/updates/main/x/xfree86/libdps1-dbg_4.3.0.dfsg.1-14sarge4_mipsel.deb\n Size/MD5 checksum: 784426 8f28ec91456ab0aa9c0fb585b27fac4e\n http://security.debian.org/pool/updates/main/x/xfree86/libice-dev_4.3.0.dfsg.1-14sarge4_mipsel.deb\n Size/MD5 checksum: 212428 28ad717314bacf8db05ae3d9ece564d4\n http://security.debian.org/pool/updates/main/x/xfree86/libice6_4.3.0.dfsg.1-14sarge4_mipsel.deb\n Size/MD5 checksum: 200466 dd18ec438c8d6db747479b46253b8535\n http://security.debian.org/pool/updates/main/x/xfree86/libice6-dbg_4.3.0.dfsg.1-14sarge4_mipsel.deb\n Size/MD5 checksum: 285224 025be5d014139ee126025ded5d029419\n http://security.debian.org/pool/updates/main/x/xfree86/libsm-dev_4.3.0.dfsg.1-14sarge4_mipsel.deb\n Size/MD5 checksum: 178230 185fd834949d9ec6c15e7df2de864d86\n http://security.debian.org/pool/updates/main/x/xfree86/libsm6_4.3.0.dfsg.1-14sarge4_mipsel.deb\n Size/MD5 checksum: 180626 b7750eedeb125264f01a77756e286d39\n http://security.debian.org/pool/updates/main/x/xfree86/libsm6-dbg_4.3.0.dfsg.1-14sarge4_mipsel.deb\n Size/MD5 checksum: 205458 7a79ee705eba1fb54f85e5038eb8f848\n http://security.debian.org/pool/updates/main/x/xfree86/libx11-6_4.3.0.dfsg.1-14sarge4_mipsel.deb\n Size/MD5 checksum: 739610 b6d8d9a3ed6ffc39b11b76fdd5e79f4a\n http://security.debian.org/pool/updates/main/x/xfree86/libx11-6-dbg_4.3.0.dfsg.1-14sarge4_mipsel.deb\n Size/MD5 checksum: 9700772 302744dbd76e8b44a9d13a47cb612994\n http://security.debian.org/pool/updates/main/x/xfree86/libx11-dev_4.3.0.dfsg.1-14sarge4_mipsel.deb\n Size/MD5 checksum: 1448742 398ee2c960b1655c3357c45ab4fa1c5b\n http://security.debian.org/pool/updates/main/x/xfree86/libxaw6_4.3.0.dfsg.1-14sarge4_mipsel.deb\n Size/MD5 checksum: 290434 a76f2678ec211948b0145199eb3a3b21\n http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dbg_4.3.0.dfsg.1-14sarge4_mipsel.deb\n Size/MD5 checksum: 903856 0ef7e41798e292ab28d306a702e3b7fd\n http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dev_4.3.0.dfsg.1-14sarge4_mipsel.deb\n Size/MD5 checksum: 457676 5150db19a905714fb4ae3b84c7cf9895\n http://security.debian.org/pool/updates/main/x/xfree86/libxaw7_4.3.0.dfsg.1-14sarge4_mipsel.deb\n Size/MD5 checksum: 344002 85c98ccc42151375b8cf1ac34adf0d88\n http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dbg_4.3.0.dfsg.1-14sarge4_mipsel.deb\n Size/MD5 checksum: 1041318 8355f472163d812e23d1a19b228a8871\n http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dev_4.3.0.dfsg.1-14sarge4_mipsel.deb\n Size/MD5 checksum: 457578 36228c60dfbf7761a288345c41e625de\n http://security.debian.org/pool/updates/main/x/xfree86/libxext-dev_4.3.0.dfsg.1-14sarge4_mipsel.deb\n Size/MD5 checksum: 253406 7e181529a011d49edb98d848c310ae7c\n http://security.debian.org/pool/updates/main/x/xfree86/libxext6_4.3.0.dfsg.1-14sarge4_mipsel.deb\n Size/MD5 checksum: 189256 419ac92bdd97a369acb97492a734d582\n http://security.debian.org/pool/updates/main/x/xfree86/libxext6-dbg_4.3.0.dfsg.1-14sarge4_mipsel.deb\n Size/MD5 checksum: 511450 c7e564de37bf7b6ae446f0a4356834a9\n http://security.debian.org/pool/updates/main/x/xfree86/libxft1_4.3.0.dfsg.1-14sarge4_mipsel.deb\n Size/MD5 checksum: 190518 82c1bf1e8dce203b3fe4c9f8fb36fa55\n http://security.debian.org/pool/updates/main/x/xfree86/libxft1-dbg_4.3.0.dfsg.1-14sarge4_mipsel.deb\n Size/MD5 checksum: 474102 3d171945e9beddbd6da2b320bc658277\n http://security.debian.org/pool/updates/main/x/xfree86/libxi-dev_4.3.0.dfsg.1-14sarge4_mipsel.deb\n Size/MD5 checksum: 234434 38a1c3c1edb0c74305732e47911e7073\n http://security.debian.org/pool/updates/main/x/xfree86/libxi6_4.3.0.dfsg.1-14sarge4_mipsel.deb\n Size/MD5 checksum: 180340 48a789753e9e584c2f8a611eb00cebf2\n http://security.debian.org/pool/updates/main/x/xfree86/libxi6-dbg_4.3.0.dfsg.1-14sarge4_mipsel.deb\n Size/MD5 checksum: 1172822 4b9dd118b18567a2b9a6d70eddb2cf3c\n http://security.debian.org/pool/updates/main/x/xfree86/libxmu-dev_4.3.0.dfsg.1-14sarge4_mipsel.deb\n Size/MD5 checksum: 229446 ef7a8df51a89a84fe1a8e9255407a95e\n http://security.debian.org/pool/updates/main/x/xfree86/libxmu6_4.3.0.dfsg.1-14sarge4_mipsel.deb\n Size/MD5 checksum: 210292 1baf340db8decbb6797900b34ef01ae9\n http://security.debian.org/pool/updates/main/x/xfree86/libxmu6-dbg_4.3.0.dfsg.1-14sarge4_mipsel.deb\n Size/MD5 checksum: 667708 80772935e2ff170fe06c8f0591d8ca69\n http://security.debian.org/pool/updates/main/x/xfree86/libxmuu-dev_4.3.0.dfsg.1-14sarge4_mipsel.deb\n Size/MD5 checksum: 163802 b288b0a03e674709d36f073e2f2aaabb\n http://security.debian.org/pool/updates/main/x/xfree86/libxmuu1_4.3.0.dfsg.1-14sarge4_mipsel.deb\n Size/MD5 checksum: 171858 03c3e449b387a91482d8b21e558c789b\n http://security.debian.org/pool/updates/main/x/xfree86/libxmuu1-dbg_4.3.0.dfsg.1-14sarge4_mipsel.deb\n Size/MD5 checksum: 208910 52fc67c2845f34df0217cb67c305647b\n http://security.debian.org/pool/updates/main/x/xfree86/libxp-dev_4.3.0.dfsg.1-14sarge4_mipsel.deb\n Size/MD5 checksum: 181866 37a8cd44a87026d32acc0df14da75c1c\n http://security.debian.org/pool/updates/main/x/xfree86/libxp6_4.3.0.dfsg.1-14sarge4_mipsel.deb\n Size/MD5 checksum: 178588 7a195ed2a458db3d80f37e74c7132826\n http://security.debian.org/pool/updates/main/x/xfree86/libxp6-dbg_4.3.0.dfsg.1-14sarge4_mipsel.deb\n Size/MD5 checksum: 569302 4df5863188eea9c531fb34ba8c914620\n http://security.debian.org/pool/updates/main/x/xfree86/libxpm-dev_4.3.0.dfsg.1-14sarge4_mipsel.deb\n Size/MD5 checksum: 201112 9b6e9c39d38d1177bef58eb540536657\n http://security.debian.org/pool/updates/main/x/xfree86/libxpm4_4.3.0.dfsg.1-14sarge4_mipsel.deb\n Size/MD5 checksum: 196894 afcef91937f62b700897557f5b63d4a3\n http://security.debian.org/pool/updates/main/x/xfree86/libxpm4-dbg_4.3.0.dfsg.1-14sarge4_mipsel.deb\n Size/MD5 checksum: 245904 7f24c0ca154a19aeead58088bd176293\n http://security.debian.org/pool/updates/main/x/xfree86/libxrandr-dev_4.3.0.dfsg.1-14sarge4_mipsel.deb\n Size/MD5 checksum: 172436 23d27469a84fa956caf3311f66911069\n http://security.debian.org/pool/updates/main/x/xfree86/libxrandr2_4.3.0.dfsg.1-14sarge4_mipsel.deb\n Size/MD5 checksum: 171948 16d85086518604e7c07479209543ba5f\n http://security.debian.org/pool/updates/main/x/xfree86/libxrandr2-dbg_4.3.0.dfsg.1-14sarge4_mipsel.deb\n Size/MD5 checksum: 201270 d4743d9d59253608e7fbf3732ad32bc0\n http://security.debian.org/pool/updates/main/x/xfree86/libxt-dev_4.3.0.dfsg.1-14sarge4_mipsel.deb\n Size/MD5 checksum: 658586 e4247b61d8dbbcc543c2f81ffd2c4f2c\n http://security.debian.org/pool/updates/main/x/xfree86/libxt6_4.3.0.dfsg.1-14sarge4_mipsel.deb\n Size/MD5 checksum: 337020 f6e748c6108bb629db19d0f0b890d899\n http://security.debian.org/pool/updates/main/x/xfree86/libxt6-dbg_4.3.0.dfsg.1-14sarge4_mipsel.deb\n Size/MD5 checksum: 1556268 1f22fb32d46cd7fcaa817e767ed63e60\n http://security.debian.org/pool/updates/main/x/xfree86/libxtrap-dev_4.3.0.dfsg.1-14sarge4_mipsel.deb\n Size/MD5 checksum: 188070 b134b00d3918725f076deb49a8315287\n http://security.debian.org/pool/updates/main/x/xfree86/libxtrap6_4.3.0.dfsg.1-14sarge4_mipsel.deb\n Size/MD5 checksum: 180752 2ed8865fbf082082b83d692f8b404911\n http://security.debian.org/pool/updates/main/x/xfree86/libxtrap6-dbg_4.3.0.dfsg.1-14sarge4_mipsel.deb\n Size/MD5 checksum: 409362 c060bc4bb1eefdae68faade8fc4d0e6d\n http://security.debian.org/pool/updates/main/x/xfree86/libxtst-dev_4.3.0.dfsg.1-14sarge4_mipsel.deb\n Size/MD5 checksum: 173228 c7a08401264d1f621dfd80876984c34d\n http://security.debian.org/pool/updates/main/x/xfree86/libxtst6_4.3.0.dfsg.1-14sarge4_mipsel.deb\n Size/MD5 checksum: 175314 9224ffb5723a2ee658ca751432781ce3\n http://security.debian.org/pool/updates/main/x/xfree86/libxtst6-dbg_4.3.0.dfsg.1-14sarge4_mipsel.deb\n Size/MD5 checksum: 238006 2278377f71a0cf0e8214202a7c137b3f\n http://security.debian.org/pool/updates/main/x/xfree86/libxv-dev_4.3.0.dfsg.1-14sarge4_mipsel.deb\n Size/MD5 checksum: 192078 cdff976f851d9a639d546e17f9eb58e8\n http://security.debian.org/pool/updates/main/x/xfree86/libxv1_4.3.0.dfsg.1-14sarge4_mipsel.deb\n Size/MD5 checksum: 172872 89a7daed133f163b017cf4769fb72e90\n http://security.debian.org/pool/updates/main/x/xfree86/libxv1-dbg_4.3.0.dfsg.1-14sarge4_mipsel.deb\n Size/MD5 checksum: 203766 8425bd077cdbf5636ec9fa3a40899b34\n http://security.debian.org/pool/updates/main/x/xfree86/proxymngr_4.3.0.dfsg.1-14sarge4_mipsel.deb\n Size/MD5 checksum: 183666 b1cf636c37dd8e9fd270cb46bdc1da1d\n http://security.debian.org/pool/updates/main/x/xfree86/twm_4.3.0.dfsg.1-14sarge4_mipsel.deb\n Size/MD5 checksum: 278418 5729538d364f4f5c8726f788443eb972\n http://security.debian.org/pool/updates/main/x/xfree86/x-window-system-core_4.3.0.dfsg.1-14sarge4_mipsel.deb\n Size/MD5 checksum: 158788 fb6e373cc9fcf5f7e2ee4e97cb10a4fa\n http://security.debian.org/pool/updates/main/x/xfree86/x-window-system-dev_4.3.0.dfsg.1-14sarge4_mipsel.deb\n Size/MD5 checksum: 158836 3cce8809849b8dfb61f5ecc67afdf631\n http://security.debian.org/pool/updates/main/x/xfree86/xbase-clients_4.3.0.dfsg.1-14sarge4_mipsel.deb\n Size/MD5 checksum: 2104034 acbbc4ba7176a4b6827fb183a2285c53\n http://security.debian.org/pool/updates/main/x/xfree86/xdm_4.3.0.dfsg.1-14sarge4_mipsel.deb\n Size/MD5 checksum: 316226 bd2701e346c38ea1e280e4425fab0dc2\n http://security.debian.org/pool/updates/main/x/xfree86/xfs_4.3.0.dfsg.1-14sarge4_mipsel.deb\n Size/MD5 checksum: 541750 a16b41e931f59e0c3ab64d0f3fe55591\n http://security.debian.org/pool/updates/main/x/xfree86/xfwp_4.3.0.dfsg.1-14sarge4_mipsel.deb\n Size/MD5 checksum: 182688 13077c7b948a560332188b139fa2b88f\n http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl_4.3.0.dfsg.1-14sarge4_mipsel.deb\n Size/MD5 checksum: 280024 fb4d9a96e61c132dbc5da3b7784a973d\n http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl-dbg_4.3.0.dfsg.1-14sarge4_mipsel.deb\n Size/MD5 checksum: 1181102 b99aa55dba347f2a4a319fedac46bbb2\n http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl-dev_4.3.0.dfsg.1-14sarge4_mipsel.deb\n Size/MD5 checksum: 740438 be2c7a300dcbc8a5dacd51864f9b5be4\n http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu_4.3.0.dfsg.1-14sarge4_mipsel.deb\n Size/MD5 checksum: 373234 7ea4c99de128c118ee62cb7a2360d47b\n http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu-dbg_4.3.0.dfsg.1-14sarge4_mipsel.deb\n Size/MD5 checksum: 1123652 f0f7eaef8ac9c91960474085f31a354b\n http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu-dev_4.3.0.dfsg.1-14sarge4_mipsel.deb\n Size/MD5 checksum: 498380 d46fc14c3ab96e6116e85720039c8bb8\n http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa3_4.3.0.dfsg.1-14sarge4_mipsel.deb\n Size/MD5 checksum: 158586 01acd9c9a697fda89a8000adc065aa4c\n http://security.debian.org/pool/updates/main/x/xfree86/xlibs-static-dev_4.3.0.dfsg.1-14sarge4_mipsel.deb\n Size/MD5 checksum: 929694 4dd351958a4ec579a305e18b17dc6b79\n http://security.debian.org/pool/updates/main/x/xfree86/xlibs-static-pic_4.3.0.dfsg.1-14sarge4_mipsel.deb\n Size/MD5 checksum: 405110 4a7c191e86ad082b1b9a2b16ba52c64c\n http://security.debian.org/pool/updates/main/x/xfree86/xmh_4.3.0.dfsg.1-14sarge4_mipsel.deb\n Size/MD5 checksum: 239834 3a244ffb3637774c3a07cc33b4d742e9\n http://security.debian.org/pool/updates/main/x/xfree86/xnest_4.3.0.dfsg.1-14sarge4_mipsel.deb\n Size/MD5 checksum: 1734732 6014914b81a49f5d8210e2beec459785\n http://security.debian.org/pool/updates/main/x/xfree86/xserver-common_4.3.0.dfsg.1-14sarge4_mipsel.deb\n Size/MD5 checksum: 337532 1b7712671ffa568c1ab87b9a893910cb\n http://security.debian.org/pool/updates/main/x/xfree86/xserver-xfree86_4.3.0.dfsg.1-14sarge4_mipsel.deb\n Size/MD5 checksum: 4015554 6343b81312dc1b38035e449f291fc788\n http://security.debian.org/pool/updates/main/x/xfree86/xserver-xfree86-dbg_4.3.0.dfsg.1-14sarge4_mipsel.deb\n Size/MD5 checksum: 44830508 dc93444fc9f4fa33f7525463bb348516\n http://security.debian.org/pool/updates/main/x/xfree86/xterm_4.3.0.dfsg.1-14sarge4_mipsel.deb\n Size/MD5 checksum: 528816 facf36f32b31a3c47511c50cf46cc5fe\n http://security.debian.org/pool/updates/main/x/xfree86/xutils_4.3.0.dfsg.1-14sarge4_mipsel.deb\n Size/MD5 checksum: 972000 0b2178929d57a1967d588f928937874c\n http://security.debian.org/pool/updates/main/x/xfree86/xvfb_4.3.0.dfsg.1-14sarge4_mipsel.deb\n Size/MD5 checksum: 1894746 74c426c412ffec5e16f485d18301ea08\n http://security.debian.org/pool/updates/main/r/rdesktop/rdesktop_1.4.0-2sarge1_mipsel.deb\n Size/MD5 checksum: 110416 54d82d984ebe9e4b10e69b672c799cea\n\n PowerPC architecture:\n\n http://security.debian.org/pool/updates/main/x/xfree86/lbxproxy_4.3.0.dfsg.1-14sarge4_powerpc.deb\n Size/MD5 checksum: 259230 4374f6ebc9200d2174341043c112e109\n http://security.debian.org/pool/updates/main/x/xfree86/libdps-dev_4.3.0.dfsg.1-14sarge4_powerpc.deb\n Size/MD5 checksum: 363334 160fc4f3333e6b709bba658d2178543e\n http://security.debian.org/pool/updates/main/x/xfree86/libdps1_4.3.0.dfsg.1-14sarge4_powerpc.deb\n Size/MD5 checksum: 296960 603c9c356c7301bbb3fa9916d1cb0ec7\n http://security.debian.org/pool/updates/main/x/xfree86/libdps1-dbg_4.3.0.dfsg.1-14sarge4_powerpc.deb\n Size/MD5 checksum: 1134504 cf85fbc14fbbc569c1a7a4ef3eeb4808\n http://security.debian.org/pool/updates/main/x/xfree86/libice-dev_4.3.0.dfsg.1-14sarge4_powerpc.deb\n Size/MD5 checksum: 209880 219329af51376127e05af35917a68735\n http://security.debian.org/pool/updates/main/x/xfree86/libice6_4.3.0.dfsg.1-14sarge4_powerpc.deb\n Size/MD5 checksum: 204442 d1be96893430d198b15d594d56243a9f\n http://security.debian.org/pool/updates/main/x/xfree86/libice6-dbg_4.3.0.dfsg.1-14sarge4_powerpc.deb\n Size/MD5 checksum: 404728 9d57cd3cf2d5b249e0cb57d5b30d95c6\n http://security.debian.org/pool/updates/main/x/xfree86/libsm-dev_4.3.0.dfsg.1-14sarge4_powerpc.deb\n Size/MD5 checksum: 178144 6cf6e6a63688c7a97e37c9474f3e152b\n http://security.debian.org/pool/updates/main/x/xfree86/libsm6_4.3.0.dfsg.1-14sarge4_powerpc.deb\n Size/MD5 checksum: 182676 56c556ab6b021879101dd701870f0d65\n http://security.debian.org/pool/updates/main/x/xfree86/libsm6-dbg_4.3.0.dfsg.1-14sarge4_powerpc.deb\n Size/MD5 checksum: 250214 661e49c5917779fbef900cd019df3247\n http://security.debian.org/pool/updates/main/x/xfree86/libx11-6_4.3.0.dfsg.1-14sarge4_powerpc.deb\n Size/MD5 checksum: 739352 a3415710c7e7386754bfc8682cfa711d\n http://security.debian.org/pool/updates/main/x/xfree86/libx11-6-dbg_4.3.0.dfsg.1-14sarge4_powerpc.deb\n Size/MD5 checksum: 15237950 e1fca6c4017a83a43ad693e5752cc807\n http://security.debian.org/pool/updates/main/x/xfree86/libx11-dev_4.3.0.dfsg.1-14sarge4_powerpc.deb\n Size/MD5 checksum: 1400632 bc1b20f4b7c5d3b77ae0aee63effdf57\n http://security.debian.org/pool/updates/main/x/xfree86/libxaw6_4.3.0.dfsg.1-14sarge4_powerpc.deb\n Size/MD5 checksum: 288220 a55ad73354c9090fcf0d8a5cfb4799f4\n http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dbg_4.3.0.dfsg.1-14sarge4_powerpc.deb\n Size/MD5 checksum: 1335508 683a85aa5049f6cc62fe568d5b75aee7\n http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dev_4.3.0.dfsg.1-14sarge4_powerpc.deb\n Size/MD5 checksum: 441158 7a73bd998d60d98474044473d7e1e4d8\n http://security.debian.org/pool/updates/main/x/xfree86/libxaw7_4.3.0.dfsg.1-14sarge4_powerpc.deb\n Size/MD5 checksum: 343294 71f1eb94d8436bb899d8de6a32da8aea\n http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dbg_4.3.0.dfsg.1-14sarge4_powerpc.deb\n Size/MD5 checksum: 1514616 f021b0e71a36cb05f70859140cd708cf\n http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dev_4.3.0.dfsg.1-14sarge4_powerpc.deb\n Size/MD5 checksum: 441080 aad05e6166ff256afe038261e77efe62\n http://security.debian.org/pool/updates/main/x/xfree86/libxext-dev_4.3.0.dfsg.1-14sarge4_powerpc.deb\n Size/MD5 checksum: 249610 761be7ee18d488fe34200d0dbbc67dac\n http://security.debian.org/pool/updates/main/x/xfree86/libxext6_4.3.0.dfsg.1-14sarge4_powerpc.deb\n Size/MD5 checksum: 190510 21e8c664853cf494476e67cb3441b53d\n http://security.debian.org/pool/updates/main/x/xfree86/libxext6-dbg_4.3.0.dfsg.1-14sarge4_powerpc.deb\n Size/MD5 checksum: 724186 ca04220950d4a6182b19f8780a9dddde\n http://security.debian.org/pool/updates/main/x/xfree86/libxft1_4.3.0.dfsg.1-14sarge4_powerpc.deb\n Size/MD5 checksum: 192026 d3ddb6afd8406af0243609fd0d7dd8de\n http://security.debian.org/pool/updates/main/x/xfree86/libxft1-dbg_4.3.0.dfsg.1-14sarge4_powerpc.deb\n Size/MD5 checksum: 692830 1c8776ab048bbdd4a30e383cd1108e52\n http://security.debian.org/pool/updates/main/x/xfree86/libxi-dev_4.3.0.dfsg.1-14sarge4_powerpc.deb\n Size/MD5 checksum: 232648 62b9b0108d803f709ee26a68542fa3a1\n http://security.debian.org/pool/updates/main/x/xfree86/libxi6_4.3.0.dfsg.1-14sarge4_powerpc.deb\n Size/MD5 checksum: 181744 6f123ac1a4758926ec51709841b13724\n http://security.debian.org/pool/updates/main/x/xfree86/libxi6-dbg_4.3.0.dfsg.1-14sarge4_powerpc.deb\n Size/MD5 checksum: 1859126 e043d9aac0b66d62a620655a39ad97ed\n http://security.debian.org/pool/updates/main/x/xfree86/libxmu-dev_4.3.0.dfsg.1-14sarge4_powerpc.deb\n Size/MD5 checksum: 225148 aea9393faf4b0edaa9103232aa248464\n http://security.debian.org/pool/updates/main/x/xfree86/libxmu6_4.3.0.dfsg.1-14sarge4_powerpc.deb\n Size/MD5 checksum: 211792 137274f7b5d4883a35d6907f280e38b5\n http://security.debian.org/pool/updates/main/x/xfree86/libxmu6-dbg_4.3.0.dfsg.1-14sarge4_powerpc.deb\n Size/MD5 checksum: 1007240 a635dc4740a9dfe704cc24877061c81c\n http://security.debian.org/pool/updates/main/x/xfree86/libxmuu-dev_4.3.0.dfsg.1-14sarge4_powerpc.deb\n Size/MD5 checksum: 163706 b2b7794ed5fe042e0c31fcc0cfb2bfac\n http://security.debian.org/pool/updates/main/x/xfree86/libxmuu1_4.3.0.dfsg.1-14sarge4_powerpc.deb\n Size/MD5 checksum: 173614 493da0df5065a4da8158cbb17f36b697\n http://security.debian.org/pool/updates/main/x/xfree86/libxmuu1-dbg_4.3.0.dfsg.1-14sarge4_powerpc.deb\n Size/MD5 checksum: 235184 819d0cc95a1cbfa835a2ed4b7f786165\n http://security.debian.org/pool/updates/main/x/xfree86/libxp-dev_4.3.0.dfsg.1-14sarge4_powerpc.deb\n Size/MD5 checksum: 180726 45d11fe75c08934e876787f7036f318d\n http://security.debian.org/pool/updates/main/x/xfree86/libxp6_4.3.0.dfsg.1-14sarge4_powerpc.deb\n Size/MD5 checksum: 180862 a30b2742d24be32833174a4a804ef6fa\n http://security.debian.org/pool/updates/main/x/xfree86/libxp6-dbg_4.3.0.dfsg.1-14sarge4_powerpc.deb\n Size/MD5 checksum: 832030 585c0fe336d9a51ddb9dc21768227226\n http://security.debian.org/pool/updates/main/x/xfree86/libxpm-dev_4.3.0.dfsg.1-14sarge4_powerpc.deb\n Size/MD5 checksum: 198874 1294737db5224ab3296bfb9044e8832b\n http://security.debian.org/pool/updates/main/x/xfree86/libxpm4_4.3.0.dfsg.1-14sarge4_powerpc.deb\n Size/MD5 checksum: 198864 19acebc0a0478a55f99d2bd9f90498a6\n http://security.debian.org/pool/updates/main/x/xfree86/libxpm4-dbg_4.3.0.dfsg.1-14sarge4_powerpc.deb\n Size/MD5 checksum: 464002 8842b1d84d667d0484b1a421780a63e0\n http://security.debian.org/pool/updates/main/x/xfree86/libxrandr-dev_4.3.0.dfsg.1-14sarge4_powerpc.deb\n Size/MD5 checksum: 171644 bd6629f9e652228fe66e9b0c391db4a0\n http://security.debian.org/pool/updates/main/x/xfree86/libxrandr2_4.3.0.dfsg.1-14sarge4_powerpc.deb\n Size/MD5 checksum: 173334 b0095bfe736254c0bc7b5c3909879ac1\n http://security.debian.org/pool/updates/main/x/xfree86/libxrandr2-dbg_4.3.0.dfsg.1-14sarge4_powerpc.deb\n Size/MD5 checksum: 221334 b1e3179f2ee6d3efe7cc26ed7da5d3b1\n http://security.debian.org/pool/updates/main/x/xfree86/libxt-dev_4.3.0.dfsg.1-14sarge4_powerpc.deb\n Size/MD5 checksum: 645354 f78947afb933be6a464bad4620abd8b2\n http://security.debian.org/pool/updates/main/x/xfree86/libxt6_4.3.0.dfsg.1-14sarge4_powerpc.deb\n Size/MD5 checksum: 337340 1462471e8b2e55e967d37cb0dd5dcb7f\n http://security.debian.org/pool/updates/main/x/xfree86/libxt6-dbg_4.3.0.dfsg.1-14sarge4_powerpc.deb\n Size/MD5 checksum: 2248906 aa39c626a490e7443a4bc380f9773aa2\n http://security.debian.org/pool/updates/main/x/xfree86/libxtrap-dev_4.3.0.dfsg.1-14sarge4_powerpc.deb\n Size/MD5 checksum: 186706 da779c8c5330d0407be8fdc8bb8173ee\n http://security.debian.org/pool/updates/main/x/xfree86/libxtrap6_4.3.0.dfsg.1-14sarge4_powerpc.deb\n Size/MD5 checksum: 182192 63d57f316755a6d883cea67ac975f639\n http://security.debian.org/pool/updates/main/x/xfree86/libxtrap6-dbg_4.3.0.dfsg.1-14sarge4_powerpc.deb\n Size/MD5 checksum: 553672 2582cf21609c1c49f2aa094513e6f4ab\n http://security.debian.org/pool/updates/main/x/xfree86/libxtst-dev_4.3.0.dfsg.1-14sarge4_powerpc.deb\n Size/MD5 checksum: 171892 040e3f801d40a4ad1bd3a1571ddd5e1a\n http://security.debian.org/pool/updates/main/x/xfree86/libxtst6_4.3.0.dfsg.1-14sarge4_powerpc.deb\n Size/MD5 checksum: 176836 0e5e5ed5df4b61eb6f24ecffe9211206\n http://security.debian.org/pool/updates/main/x/xfree86/libxtst6-dbg_4.3.0.dfsg.1-14sarge4_powerpc.deb\n Size/MD5 checksum: 279446 d3a872368f9df7580597389c17d978ae\n http://security.debian.org/pool/updates/main/x/xfree86/libxv-dev_4.3.0.dfsg.1-14sarge4_powerpc.deb\n Size/MD5 checksum: 191258 80fb2c1ad08d119ba23bcb3fcb16b1c3\n http://security.debian.org/pool/updates/main/x/xfree86/libxv1_4.3.0.dfsg.1-14sarge4_powerpc.deb\n Size/MD5 checksum: 174466 9be15db49e12d9c9cf4f749fef17e8d2\n http://security.debian.org/pool/updates/main/x/xfree86/libxv1-dbg_4.3.0.dfsg.1-14sarge4_powerpc.deb\n Size/MD5 checksum: 225114 69f231b8328338e02f8da31394d8d5dc\n http://security.debian.org/pool/updates/main/x/xfree86/proxymngr_4.3.0.dfsg.1-14sarge4_powerpc.deb\n Size/MD5 checksum: 184286 f7c882400c739e3599e75e321d5e5acb\n http://security.debian.org/pool/updates/main/x/xfree86/twm_4.3.0.dfsg.1-14sarge4_powerpc.deb\n Size/MD5 checksum: 272710 ab4cc869a57b10cb0950136905b8c48d\n http://security.debian.org/pool/updates/main/x/xfree86/x-window-system-core_4.3.0.dfsg.1-14sarge4_powerpc.deb\n Size/MD5 checksum: 158788 3133edb2bd3a8df3a82a7807309249b1\n http://security.debian.org/pool/updates/main/x/xfree86/x-window-system-dev_4.3.0.dfsg.1-14sarge4_powerpc.deb\n Size/MD5 checksum: 158842 f39ce73aad052fc70749989b60d0072a\n http://security.debian.org/pool/updates/main/x/xfree86/xbase-clients_4.3.0.dfsg.1-14sarge4_powerpc.deb\n Size/MD5 checksum: 2112920 b63086522de7681a0082a78c5b041518\n http://security.debian.org/pool/updates/main/x/xfree86/xdm_4.3.0.dfsg.1-14sarge4_powerpc.deb\n Size/MD5 checksum: 314958 8e52d4a60a0d1b437b06143a8e7993d1\n http://security.debian.org/pool/updates/main/x/xfree86/xfs_4.3.0.dfsg.1-14sarge4_powerpc.deb\n Size/MD5 checksum: 508794 28d7b024adde446fb86c6ce2b1f858b4\n http://security.debian.org/pool/updates/main/x/xfree86/xfwp_4.3.0.dfsg.1-14sarge4_powerpc.deb\n Size/MD5 checksum: 182900 61d45fc72d6d420debb63987b059bdea\n http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-dri_4.3.0.dfsg.1-14sarge4_powerpc.deb\n Size/MD5 checksum: 3083976 db3db557ea4f14e99e6a43e0fb800fa8\n http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-dri-dbg_4.3.0.dfsg.1-14sarge4_powerpc.deb\n Size/MD5 checksum: 42024226 bc9a1a771374a9bb65beedf768629680\n http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl_4.3.0.dfsg.1-14sarge4_powerpc.deb\n Size/MD5 checksum: 295876 9917c43004b8dd006f4b320bc351abcc\n http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl-dbg_4.3.0.dfsg.1-14sarge4_powerpc.deb\n Size/MD5 checksum: 1904654 b5a2262a4e002e36278c656286efd8d6\n http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl-dev_4.3.0.dfsg.1-14sarge4_powerpc.deb\n Size/MD5 checksum: 734058 18a3ef403198404e9c682e7e797a3491\n http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu_4.3.0.dfsg.1-14sarge4_powerpc.deb\n Size/MD5 checksum: 372376 1507f1c52e26c3fdf13edbfdce59f8b6\n http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu-dbg_4.3.0.dfsg.1-14sarge4_powerpc.deb\n Size/MD5 checksum: 1613144 b01d825bab12e0e3c0f72774df57f51f\n http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu-dev_4.3.0.dfsg.1-14sarge4_powerpc.deb\n Size/MD5 checksum: 468614 eb933fd5af24f8771376e3acac3ef193\n http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa3_4.3.0.dfsg.1-14sarge4_powerpc.deb\n Size/MD5 checksum: 158594 8dd4211d7bb00d471443a02fe897b828\n http://security.debian.org/pool/updates/main/x/xfree86/xlibosmesa-dev_4.3.0.dfsg.1-14sarge4_powerpc.deb\n Size/MD5 checksum: 808074 d72affd1921fb02b1116143642f031f2\n http://security.debian.org/pool/updates/main/x/xfree86/xlibosmesa4_4.3.0.dfsg.1-14sarge4_powerpc.deb\n Size/MD5 checksum: 690206 e141cc451a8bce56da60b2217234b6a6\n http://security.debian.org/pool/updates/main/x/xfree86/xlibosmesa4-dbg_4.3.0.dfsg.1-14sarge4_powerpc.deb\n Size/MD5 checksum: 6682418 be6e6132529820193e66e1c55f007dd7\n http://security.debian.org/pool/updates/main/x/xfree86/xlibs-static-dev_4.3.0.dfsg.1-14sarge4_powerpc.deb\n Size/MD5 checksum: 885710 ffc8c7adaead9e4f332442833065ec76\n http://security.debian.org/pool/updates/main/x/xfree86/xlibs-static-pic_4.3.0.dfsg.1-14sarge4_powerpc.deb\n Size/MD5 checksum: 390178 ccda487d5599a7a8c15280214bd193ef\n http://security.debian.org/pool/updates/main/x/xfree86/xmh_4.3.0.dfsg.1-14sarge4_powerpc.deb\n Size/MD5 checksum: 233004 57129736c7e23d01c991f2352001934f\n http://security.debian.org/pool/updates/main/x/xfree86/xnest_4.3.0.dfsg.1-14sarge4_powerpc.deb\n Size/MD5 checksum: 1583670 2dcbdfc3cf2f7f3f2d59f50dba809362\n http://security.debian.org/pool/updates/main/x/xfree86/xserver-common_4.3.0.dfsg.1-14sarge4_powerpc.deb\n Size/MD5 checksum: 337044 ead33998a914ae257d59cbb2845038b4\n http://security.debian.org/pool/updates/main/x/xfree86/xserver-xfree86_4.3.0.dfsg.1-14sarge4_powerpc.deb\n Size/MD5 checksum: 5796628 308e7e0b85001e7a3cbfd74c83bbd980\n http://security.debian.org/pool/updates/main/x/xfree86/xserver-xfree86-dbg_4.3.0.dfsg.1-14sarge4_powerpc.deb\n Size/MD5 checksum: 46807434 a9fe3ab81b63f9640709771ab32da4ac\n http://security.debian.org/pool/updates/main/x/xfree86/xterm_4.3.0.dfsg.1-14sarge4_powerpc.deb\n Size/MD5 checksum: 515612 173f57fef319a3fcbf3ff2a7a9ba2e10\n http://security.debian.org/pool/updates/main/x/xfree86/xutils_4.3.0.dfsg.1-14sarge4_powerpc.deb\n Size/MD5 checksum: 941398 df0360a7806665dcce1725cda3b5250c\n http://security.debian.org/pool/updates/main/x/xfree86/xvfb_4.3.0.dfsg.1-14sarge4_powerpc.deb\n Size/MD5 checksum: 1729414 6f361ae8c82eab376e14112caf563627\n http://security.debian.org/pool/updates/main/r/rdesktop/rdesktop_1.4.0-2sarge1_powerpc.deb\n Size/MD5 checksum: 110844 bb75f25a0c723952e22c16528dac52a5\n\n IBM S/390 architecture:\n\n http://security.debian.org/pool/updates/main/x/xfree86/lbxproxy_4.3.0.dfsg.1-14sarge4_s390.deb\n Size/MD5 checksum: 261016 b11576dfd58cb0b8610013fd1f77da5a\n http://security.debian.org/pool/updates/main/x/xfree86/libdps-dev_4.3.0.dfsg.1-14sarge4_s390.deb\n Size/MD5 checksum: 356334 c4c20e75114576c7d9dfea92ac735c9d\n http://security.debian.org/pool/updates/main/x/xfree86/libdps1_4.3.0.dfsg.1-14sarge4_s390.deb\n Size/MD5 checksum: 299618 ae63dc230ddf8380bb81ac03e84d9f2b\n http://security.debian.org/pool/updates/main/x/xfree86/libdps1-dbg_4.3.0.dfsg.1-14sarge4_s390.deb\n Size/MD5 checksum: 861914 142fce29993e744b67faf15c5acacd3a\n http://security.debian.org/pool/updates/main/x/xfree86/libice-dev_4.3.0.dfsg.1-14sarge4_s390.deb\n Size/MD5 checksum: 207434 7016c7027a54d8885db3ce2dc9d72bcf\n http://security.debian.org/pool/updates/main/x/xfree86/libice6_4.3.0.dfsg.1-14sarge4_s390.deb\n Size/MD5 checksum: 205026 1b44e63a82180d29a5ab16a8c7de5a97\n http://security.debian.org/pool/updates/main/x/xfree86/libice6-dbg_4.3.0.dfsg.1-14sarge4_s390.deb\n Size/MD5 checksum: 298232 d4cc2f1a791890214175b650173be0a4\n http://security.debian.org/pool/updates/main/x/xfree86/libsm-dev_4.3.0.dfsg.1-14sarge4_s390.deb\n Size/MD5 checksum: 179704 eb9f7b47856ab858a7aa7e9540e36ec0\n http://security.debian.org/pool/updates/main/x/xfree86/libsm6_4.3.0.dfsg.1-14sarge4_s390.deb\n Size/MD5 checksum: 183334 86b4707988a2a88b669148b0cc06c5cd\n http://security.debian.org/pool/updates/main/x/xfree86/libsm6-dbg_4.3.0.dfsg.1-14sarge4_s390.deb\n Size/MD5 checksum: 209198 ae8ba29733696b125f5099d121d1865d\n http://security.debian.org/pool/updates/main/x/xfree86/libx11-6_4.3.0.dfsg.1-14sarge4_s390.deb\n Size/MD5 checksum: 754942 6c4b60bab9d918a7a67f6cc5972e6d78\n http://security.debian.org/pool/updates/main/x/xfree86/libx11-6-dbg_4.3.0.dfsg.1-14sarge4_s390.deb\n Size/MD5 checksum: 9935286 0cfd621c48007ab739925b97afe99459\n http://security.debian.org/pool/updates/main/x/xfree86/libx11-dev_4.3.0.dfsg.1-14sarge4_s390.deb\n Size/MD5 checksum: 1385690 b5ec7f7b5a873a8bc6522ff58b006b5a\n http://security.debian.org/pool/updates/main/x/xfree86/libxaw6_4.3.0.dfsg.1-14sarge4_s390.deb\n Size/MD5 checksum: 301510 84e66c1848cc1884b260efc6429f557e\n http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dbg_4.3.0.dfsg.1-14sarge4_s390.deb\n Size/MD5 checksum: 950252 29c6d39aa6989a525debc31d71660cc1\n http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dev_4.3.0.dfsg.1-14sarge4_s390.deb\n Size/MD5 checksum: 434648 fc65b47658b425de6cb92b308e0318e3\n http://security.debian.org/pool/updates/main/x/xfree86/libxaw7_4.3.0.dfsg.1-14sarge4_s390.deb\n Size/MD5 checksum: 358550 913c9e37290bc08cb7985d3a5e5360b8\n http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dbg_4.3.0.dfsg.1-14sarge4_s390.deb\n Size/MD5 checksum: 1105980 cc20687246cf71654c2fea70f969945d\n http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dev_4.3.0.dfsg.1-14sarge4_s390.deb\n Size/MD5 checksum: 434536 f555cdc669c207a5f2af9f64c4dbf88e\n http://security.debian.org/pool/updates/main/x/xfree86/libxext-dev_4.3.0.dfsg.1-14sarge4_s390.deb\n Size/MD5 checksum: 249950 e0e278d3653034caa1ad8114de8ce051\n http://security.debian.org/pool/updates/main/x/xfree86/libxext6_4.3.0.dfsg.1-14sarge4_s390.deb\n Size/MD5 checksum: 191178 9877b23f5a8fe9f632516e6cdab20a40\n http://security.debian.org/pool/updates/main/x/xfree86/libxext6-dbg_4.3.0.dfsg.1-14sarge4_s390.deb\n Size/MD5 checksum: 526646 e9e92e600aa1328cf692a412dc29d055\n http://security.debian.org/pool/updates/main/x/xfree86/libxft1_4.3.0.dfsg.1-14sarge4_s390.deb\n Size/MD5 checksum: 193812 47843986f43e46a087562dd1ae3a7c3d\n http://security.debian.org/pool/updates/main/x/xfree86/libxft1-dbg_4.3.0.dfsg.1-14sarge4_s390.deb\n Size/MD5 checksum: 488660 c36397e3e28c3ed31eb1c270a5b31ed9\n http://security.debian.org/pool/updates/main/x/xfree86/libxi-dev_4.3.0.dfsg.1-14sarge4_s390.deb\n Size/MD5 checksum: 231170 7343c839b5db38cda03132a2e2f43fb2\n http://security.debian.org/pool/updates/main/x/xfree86/libxi6_4.3.0.dfsg.1-14sarge4_s390.deb\n Size/MD5 checksum: 180112 d437359c6939bc126aca998a2e0a5670\n http://security.debian.org/pool/updates/main/x/xfree86/libxi6-dbg_4.3.0.dfsg.1-14sarge4_s390.deb\n Size/MD5 checksum: 1197126 04fef360a0c48ea4cbd22b2275967f32\n http://security.debian.org/pool/updates/main/x/xfree86/libxmu-dev_4.3.0.dfsg.1-14sarge4_s390.deb\n Size/MD5 checksum: 224326 e755b93bffaf5fb3d8c61633debcf667\n http://security.debian.org/pool/updates/main/x/xfree86/libxmu6_4.3.0.dfsg.1-14sarge4_s390.deb\n Size/MD5 checksum: 214300 ba38e46a2c08f96758435687abc968ff\n http://security.debian.org/pool/updates/main/x/xfree86/libxmu6-dbg_4.3.0.dfsg.1-14sarge4_s390.deb\n Size/MD5 checksum: 687194 fcc78e69f3a4bf1b53ae2aaaa0f7b1ef\n http://security.debian.org/pool/updates/main/x/xfree86/libxmuu-dev_4.3.0.dfsg.1-14sarge4_s390.deb\n Size/MD5 checksum: 164022 6bce2fe8f612b51469353c6a81f31777\n http://security.debian.org/pool/updates/main/x/xfree86/libxmuu1_4.3.0.dfsg.1-14sarge4_s390.deb\n Size/MD5 checksum: 172374 ed88c7ce6cbe8faa23d640b0c9261973\n http://security.debian.org/pool/updates/main/x/xfree86/libxmuu1-dbg_4.3.0.dfsg.1-14sarge4_s390.deb\n Size/MD5 checksum: 209892 58a5154d31b1b2d1345354b4ea289f3d\n http://security.debian.org/pool/updates/main/x/xfree86/libxp-dev_4.3.0.dfsg.1-14sarge4_s390.deb\n Size/MD5 checksum: 180542 cd3659e44b98e761976991ec8aec1d2e\n http://security.debian.org/pool/updates/main/x/xfree86/libxp6_4.3.0.dfsg.1-14sarge4_s390.deb\n Size/MD5 checksum: 180452 25765404e04171f9db00acbe1e1938e6\n http://security.debian.org/pool/updates/main/x/xfree86/libxp6-dbg_4.3.0.dfsg.1-14sarge4_s390.deb\n Size/MD5 checksum: 576880 78f5eb71aa6d98d757a8aa36609933e2\n http://security.debian.org/pool/updates/main/x/xfree86/libxpm-dev_4.3.0.dfsg.1-14sarge4_s390.deb\n Size/MD5 checksum: 197788 63e02d933765075fda0163cd5f7b2123\n http://security.debian.org/pool/updates/main/x/xfree86/libxpm4_4.3.0.dfsg.1-14sarge4_s390.deb\n Size/MD5 checksum: 198936 05e480a70d1637cf60e4b7d769e377b4\n http://security.debian.org/pool/updates/main/x/xfree86/libxpm4-dbg_4.3.0.dfsg.1-14sarge4_s390.deb\n Size/MD5 checksum: 257746 1178c8bbf47a3da072a01387e26e4f71\n http://security.debian.org/pool/updates/main/x/xfree86/libxrandr-dev_4.3.0.dfsg.1-14sarge4_s390.deb\n Size/MD5 checksum: 171692 ae1e7545c18dedb65276509b967c3b6b\n http://security.debian.org/pool/updates/main/x/xfree86/libxrandr2_4.3.0.dfsg.1-14sarge4_s390.deb\n Size/MD5 checksum: 172282 597d3b175e028585a432a5ea7624f759\n http://security.debian.org/pool/updates/main/x/xfree86/libxrandr2-dbg_4.3.0.dfsg.1-14sarge4_s390.deb\n Size/MD5 checksum: 202484 00900f13039ad238178deca2edada9a6\n http://security.debian.org/pool/updates/main/x/xfree86/libxt-dev_4.3.0.dfsg.1-14sarge4_s390.deb\n Size/MD5 checksum: 636288 93c9d7742151efee83b417616042de6f\n http://security.debian.org/pool/updates/main/x/xfree86/libxt6_4.3.0.dfsg.1-14sarge4_s390.deb\n Size/MD5 checksum: 349560 79cc1771215735324036f28543edd6ad\n http://security.debian.org/pool/updates/main/x/xfree86/libxt6-dbg_4.3.0.dfsg.1-14sarge4_s390.deb\n Size/MD5 checksum: 1593378 f94fcfc6add222a9bd061ed107d3a982\n http://security.debian.org/pool/updates/main/x/xfree86/libxtrap-dev_4.3.0.dfsg.1-14sarge4_s390.deb\n Size/MD5 checksum: 187768 50dcdcc21ba681a47770f76e5bbbd16c\n http://security.debian.org/pool/updates/main/x/xfree86/libxtrap6_4.3.0.dfsg.1-14sarge4_s390.deb\n Size/MD5 checksum: 182564 eb1e3b990359bf9311fbe1b2bf5fdab9\n http://security.debian.org/pool/updates/main/x/xfree86/libxtrap6-dbg_4.3.0.dfsg.1-14sarge4_s390.deb\n Size/MD5 checksum: 413646 53e01dc86afc8d574656110369553b29\n http://security.debian.org/pool/updates/main/x/xfree86/libxtst-dev_4.3.0.dfsg.1-14sarge4_s390.deb\n Size/MD5 checksum: 171496 c902c4ef1ae92f8249b1208063582796\n http://security.debian.org/pool/updates/main/x/xfree86/libxtst6_4.3.0.dfsg.1-14sarge4_s390.deb\n Size/MD5 checksum: 175374 65f2f8042c3ba6d65db970a43bab4569\n http://security.debian.org/pool/updates/main/x/xfree86/libxtst6-dbg_4.3.0.dfsg.1-14sarge4_s390.deb\n Size/MD5 checksum: 239804 88239fd56881a45d163b45744bfae4b6\n http://security.debian.org/pool/updates/main/x/xfree86/libxv-dev_4.3.0.dfsg.1-14sarge4_s390.deb\n Size/MD5 checksum: 191184 b0da17e90d1610eca0cb66845558ddbe\n http://security.debian.org/pool/updates/main/x/xfree86/libxv1_4.3.0.dfsg.1-14sarge4_s390.deb\n Size/MD5 checksum: 173304 a9ee19c5bbba5e3c05d7628a09dc759e\n http://security.debian.org/pool/updates/main/x/xfree86/libxv1-dbg_4.3.0.dfsg.1-14sarge4_s390.deb\n Size/MD5 checksum: 205894 34a3d56b36366c1622cced5e3d03bfdd\n http://security.debian.org/pool/updates/main/x/xfree86/proxymngr_4.3.0.dfsg.1-14sarge4_s390.deb\n Size/MD5 checksum: 183436 94608dfa5b08da618b55044e2ff2aa56\n http://security.debian.org/pool/updates/main/x/xfree86/twm_4.3.0.dfsg.1-14sarge4_s390.deb\n Size/MD5 checksum: 276620 cbe760c213039314b7a8bebda37cbc38\n http://security.debian.org/pool/updates/main/x/xfree86/x-window-system-core_4.3.0.dfsg.1-14sarge4_s390.deb\n Size/MD5 checksum: 158780 87774e3c0e9a3351f1df7df951920105\n http://security.debian.org/pool/updates/main/x/xfree86/x-window-system-dev_4.3.0.dfsg.1-14sarge4_s390.deb\n Size/MD5 checksum: 158836 63971433e37d9e530322279eca61a28e\n http://security.debian.org/pool/updates/main/x/xfree86/xbase-clients_4.3.0.dfsg.1-14sarge4_s390.deb\n Size/MD5 checksum: 1716176 cee79d4795b2c9c83b705ff494a74ea7\n http://security.debian.org/pool/updates/main/x/xfree86/xdm_4.3.0.dfsg.1-14sarge4_s390.deb\n Size/MD5 checksum: 316906 c5b68def10170acf30c3ead53e5baa14\n http://security.debian.org/pool/updates/main/x/xfree86/xfs_4.3.0.dfsg.1-14sarge4_s390.deb\n Size/MD5 checksum: 530022 4abc93320924d134665914f0b002ca61\n http://security.debian.org/pool/updates/main/x/xfree86/xfwp_4.3.0.dfsg.1-14sarge4_s390.deb\n Size/MD5 checksum: 182340 49bc884ea1d6989ecc1c5b8924c597d3\n http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl_4.3.0.dfsg.1-14sarge4_s390.deb\n Size/MD5 checksum: 330914 b78dc9299d93f5c68e13bbba2e5b1171\n http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl-dbg_4.3.0.dfsg.1-14sarge4_s390.deb\n Size/MD5 checksum: 1310732 5d50f31cf6d71e5ae49ebf694089f12d\n http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl-dev_4.3.0.dfsg.1-14sarge4_s390.deb\n Size/MD5 checksum: 730954 4b30d4bd8f54ba04bc79474206d24c20\n http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu_4.3.0.dfsg.1-14sarge4_s390.deb\n Size/MD5 checksum: 368744 1a3fcaa2b38ab320f2cf780ae2fbb756\n http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu-dbg_4.3.0.dfsg.1-14sarge4_s390.deb\n Size/MD5 checksum: 1203426 77382920ec77dcc0fdc2d2111c367466\n http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu-dev_4.3.0.dfsg.1-14sarge4_s390.deb\n Size/MD5 checksum: 438364 a8f9aa44229d2c9d67bfd9e6c53edf14\n http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa3_4.3.0.dfsg.1-14sarge4_s390.deb\n Size/MD5 checksum: 158592 c7351256cd10ca93167a8fa2c420d8ce\n http://security.debian.org/pool/updates/main/x/xfree86/xlibs-static-dev_4.3.0.dfsg.1-14sarge4_s390.deb\n Size/MD5 checksum: 851034 4b4ed34eacdff567696a351769e91dec\n http://security.debian.org/pool/updates/main/x/xfree86/xlibs-static-pic_4.3.0.dfsg.1-14sarge4_s390.deb\n Size/MD5 checksum: 354328 66b68028c1ea212b0bcffa74ea31e314\n http://security.debian.org/pool/updates/main/x/xfree86/xmh_4.3.0.dfsg.1-14sarge4_s390.deb\n Size/MD5 checksum: 235068 1d03c6ed8c54744dfab467051f886891\n http://security.debian.org/pool/updates/main/x/xfree86/xnest_4.3.0.dfsg.1-14sarge4_s390.deb\n Size/MD5 checksum: 1623514 d2c8a17cc4ea76ce0ea782b5ed2fa6d0\n http://security.debian.org/pool/updates/main/x/xfree86/xserver-common_4.3.0.dfsg.1-14sarge4_s390.deb\n Size/MD5 checksum: 337220 f0680427e0457e75dbcaa5824fdcfade\n http://security.debian.org/pool/updates/main/x/xfree86/xterm_4.3.0.dfsg.1-14sarge4_s390.deb\n Size/MD5 checksum: 521820 058676242c82729a321b28c9258f869a\n http://security.debian.org/pool/updates/main/x/xfree86/xutils_4.3.0.dfsg.1-14sarge4_s390.deb\n Size/MD5 checksum: 806406 b67e9bf1e1f71a3e39871efac1ef04ea\n http://security.debian.org/pool/updates/main/x/xfree86/xvfb_4.3.0.dfsg.1-14sarge4_s390.deb\n Size/MD5 checksum: 1766784 c5d15916eee193f599fa851ee4efaacb\n http://security.debian.org/pool/updates/main/r/rdesktop/rdesktop_1.4.0-2sarge1_s390.deb\n Size/MD5 checksum: 112154 a2dfc1a42c434f2903ec9be068e12e30\n\n Sun Sparc architecture:\n\n http://security.debian.org/pool/updates/main/x/xfree86/lbxproxy_4.3.0.dfsg.1-14sarge3_sparc.deb\n Size/MD5 checksum: 251120 6a6c6f03b37e811ae195469e72c6e38d\n http://security.debian.org/pool/updates/main/x/xfree86/libdps-dev_4.3.0.dfsg.1-14sarge3_sparc.deb\n Size/MD5 checksum: 344048 8ba999289d750ba4ee049ed606ce7ebc\n http://security.debian.org/pool/updates/main/x/xfree86/libdps1_4.3.0.dfsg.1-14sarge3_sparc.deb\n Size/MD5 checksum: 285098 013a125bd422e828d5f7b4b7caf2befe\n http://security.debian.org/pool/updates/main/x/xfree86/libdps1-dbg_4.3.0.dfsg.1-14sarge3_sparc.deb\n Size/MD5 checksum: 786826 23029fee14ae423f4a01757a7556f40f\n http://security.debian.org/pool/updates/main/x/xfree86/libice-dev_4.3.0.dfsg.1-14sarge3_sparc.deb\n Size/MD5 checksum: 206034 e5bfb0235acab95832126c426d4daa22\n http://security.debian.org/pool/updates/main/x/xfree86/libice6_4.3.0.dfsg.1-14sarge3_sparc.deb\n Size/MD5 checksum: 200282 6d51ad473754375427be266be139cf4d\n http://security.debian.org/pool/updates/main/x/xfree86/libice6-dbg_4.3.0.dfsg.1-14sarge3_sparc.deb\n Size/MD5 checksum: 283484 64378cbd6be7aeb6788f01da7cde5378\n http://security.debian.org/pool/updates/main/x/xfree86/libsm-dev_4.3.0.dfsg.1-14sarge3_sparc.deb\n Size/MD5 checksum: 176924 90574aacc859e31a6835efde2c649563\n http://security.debian.org/pool/updates/main/x/xfree86/libsm6_4.3.0.dfsg.1-14sarge3_sparc.deb\n Size/MD5 checksum: 180862 a148c29afba10d5e75403dea33ddea9d\n http://security.debian.org/pool/updates/main/x/xfree86/libsm6-dbg_4.3.0.dfsg.1-14sarge3_sparc.deb\n Size/MD5 checksum: 204844 6885ec3fcb260cd54c3b10d1a6b80e3e\n http://security.debian.org/pool/updates/main/x/xfree86/libx11-6_4.3.0.dfsg.1-14sarge3_sparc.deb\n Size/MD5 checksum: 711862 05c681c1d9aa606692192546991dc4c8\n http://security.debian.org/pool/updates/main/x/xfree86/libx11-6-dbg_4.3.0.dfsg.1-14sarge3_sparc.deb\n Size/MD5 checksum: 9810500 96f9b7f647481a3a8cb07f3e589614b0\n http://security.debian.org/pool/updates/main/x/xfree86/libx11-dev_4.3.0.dfsg.1-14sarge3_sparc.deb\n Size/MD5 checksum: 1365910 cea371314adc8346bc04d55145bf7132\n http://security.debian.org/pool/updates/main/x/xfree86/libxaw6_4.3.0.dfsg.1-14sarge3_sparc.deb\n Size/MD5 checksum: 279718 c8759a8f7ba115ae15dad96e66ff3d70\n http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dbg_4.3.0.dfsg.1-14sarge3_sparc.deb\n Size/MD5 checksum: 892056 f15e34ed247caeeade4397859e8c045e\n http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dev_4.3.0.dfsg.1-14sarge3_sparc.deb\n Size/MD5 checksum: 417428 ddd304994c35f2b11434cc57678b6200\n http://security.debian.org/pool/updates/main/x/xfree86/libxaw7_4.3.0.dfsg.1-14sarge3_sparc.deb\n Size/MD5 checksum: 331668 aa8c142b8af774f3fe2b1a9f9afe5336\n http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dbg_4.3.0.dfsg.1-14sarge3_sparc.deb\n Size/MD5 checksum: 1026356 1e8d84afa56fa5a61685ff0b641774e5\n http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dev_4.3.0.dfsg.1-14sarge3_sparc.deb\n Size/MD5 checksum: 417338 7ade24d52608d946c225e5c4be803c3d\n http://security.debian.org/pool/updates/main/x/xfree86/libxext-dev_4.3.0.dfsg.1-14sarge3_sparc.deb\n Size/MD5 checksum: 247482 2d0dc48c46f5c0aaebedfd207699b801\n http://security.debian.org/pool/updates/main/x/xfree86/libxext6_4.3.0.dfsg.1-14sarge3_sparc.deb\n Size/MD5 checksum: 187792 1d819fcd2fb687bbe116b6727326daac\n http://security.debian.org/pool/updates/main/x/xfree86/libxext6-dbg_4.3.0.dfsg.1-14sarge3_sparc.deb\n Size/MD5 checksum: 516558 8c7179f7202d40a5f60dfcddd9cced06\n http://security.debian.org/pool/updates/main/x/xfree86/libxft1_4.3.0.dfsg.1-14sarge3_sparc.deb\n Size/MD5 checksum: 189846 bcc85d36bd7863444a561d6d0d7bc1bf\n http://security.debian.org/pool/updates/main/x/xfree86/libxft1-dbg_4.3.0.dfsg.1-14sarge3_sparc.deb\n Size/MD5 checksum: 478100 b381fe292a9fcb3aff5f54a3730c82ab\n http://security.debian.org/pool/updates/main/x/xfree86/libxi-dev_4.3.0.dfsg.1-14sarge3_sparc.deb\n Size/MD5 checksum: 230528 d0e74daf0645f7a4d9e88988b4110f5a\n http://security.debian.org/pool/updates/main/x/xfree86/libxi6_4.3.0.dfsg.1-14sarge3_sparc.deb\n Size/MD5 checksum: 178522 f797684b630c7b94837dfc064da221aa\n http://security.debian.org/pool/updates/main/x/xfree86/libxi6-dbg_4.3.0.dfsg.1-14sarge3_sparc.deb\n Size/MD5 checksum: 1198574 a3fc69e423818ceb83036878952064af\n http://security.debian.org/pool/updates/main/x/xfree86/libxmu-dev_4.3.0.dfsg.1-14sarge3_sparc.deb\n Size/MD5 checksum: 219068 dac8cd1cd25927ab8ba3adb5b3c13d45\n http://security.debian.org/pool/updates/main/x/xfree86/libxmu6_4.3.0.dfsg.1-14sarge3_sparc.deb\n Size/MD5 checksum: 208188 e99b887c7a5210693174ea0453c4a095\n http://security.debian.org/pool/updates/main/x/xfree86/libxmu6-dbg_4.3.0.dfsg.1-14sarge3_sparc.deb\n Size/MD5 checksum: 673178 f8a305fff41a8fd3560ba9620d68a0cf\n http://security.debian.org/pool/updates/main/x/xfree86/libxmuu-dev_4.3.0.dfsg.1-14sarge3_sparc.deb\n Size/MD5 checksum: 163184 1ef9674f59e1d452b3b375e3f6cc6ba4\n http://security.debian.org/pool/updates/main/x/xfree86/libxmuu1_4.3.0.dfsg.1-14sarge3_sparc.deb\n Size/MD5 checksum: 171726 a42c22e71c8f79ad852b59c8833b5480\n http://security.debian.org/pool/updates/main/x/xfree86/libxmuu1-dbg_4.3.0.dfsg.1-14sarge3_sparc.deb\n Size/MD5 checksum: 208980 ee24eb25da955b1b835f4acad6029188\n http://security.debian.org/pool/updates/main/x/xfree86/libxp-dev_4.3.0.dfsg.1-14sarge3_sparc.deb\n Size/MD5 checksum: 178962 fd22df9f1110413451eda040cf3d4215\n http://security.debian.org/pool/updates/main/x/xfree86/libxp6_4.3.0.dfsg.1-14sarge3_sparc.deb\n Size/MD5 checksum: 177550 05f9333009b40b16a56a655261c4569e\n http://security.debian.org/pool/updates/main/x/xfree86/libxp6-dbg_4.3.0.dfsg.1-14sarge3_sparc.deb\n Size/MD5 checksum: 573766 fc89bff55941f16ba246471874de95bf\n http://security.debian.org/pool/updates/main/x/xfree86/libxpm-dev_4.3.0.dfsg.1-14sarge3_sparc.deb\n Size/MD5 checksum: 194160 e16fe3bc639b204b7121cb63fdb45558\n http://security.debian.org/pool/updates/main/x/xfree86/libxpm4_4.3.0.dfsg.1-14sarge3_sparc.deb\n Size/MD5 checksum: 195154 bc337cf9957de401de6ba90a6222f94d\n http://security.debian.org/pool/updates/main/x/xfree86/libxpm4-dbg_4.3.0.dfsg.1-14sarge3_sparc.deb\n Size/MD5 checksum: 241360 9918a8f85df0c41a4d3ada958d916644\n http://security.debian.org/pool/updates/main/x/xfree86/libxrandr-dev_4.3.0.dfsg.1-14sarge3_sparc.deb\n Size/MD5 checksum: 171148 bc8aad869f6c663b43a0aef73dc8019b\n http://security.debian.org/pool/updates/main/x/xfree86/libxrandr2_4.3.0.dfsg.1-14sarge3_sparc.deb\n Size/MD5 checksum: 171376 0c7a75d8c7993858930cac664d7482a6\n http://security.debian.org/pool/updates/main/x/xfree86/libxrandr2-dbg_4.3.0.dfsg.1-14sarge3_sparc.deb\n Size/MD5 checksum: 200530 e4349aa63bd0681cf66fb531bda10396\n http://security.debian.org/pool/updates/main/x/xfree86/libxt-dev_4.3.0.dfsg.1-14sarge3_sparc.deb\n Size/MD5 checksum: 627184 f4b4c4b5834940321c5fd95a2279e12d\n http://security.debian.org/pool/updates/main/x/xfree86/libxt6_4.3.0.dfsg.1-14sarge3_sparc.deb\n Size/MD5 checksum: 330450 b93c2dfbebc8a8fcc2713e89ecda986c\n http://security.debian.org/pool/updates/main/x/xfree86/libxt6-dbg_4.3.0.dfsg.1-14sarge3_sparc.deb\n Size/MD5 checksum: 1533278 46825c4c0c5d393de98774b47e719cd0\n http://security.debian.org/pool/updates/main/x/xfree86/libxtrap-dev_4.3.0.dfsg.1-14sarge3_sparc.deb\n Size/MD5 checksum: 184926 46b30fe844b4c08a24b868d63dd3bd58\n http://security.debian.org/pool/updates/main/x/xfree86/libxtrap6_4.3.0.dfsg.1-14sarge3_sparc.deb\n Size/MD5 checksum: 179508 1eaf0ae4cf87d5ff00b361e9a1cb6f38\n http://security.debian.org/pool/updates/main/x/xfree86/libxtrap6-dbg_4.3.0.dfsg.1-14sarge3_sparc.deb\n Size/MD5 checksum: 410236 3564a0b2686f28cfe597c1cf97405627\n http://security.debian.org/pool/updates/main/x/xfree86/libxtst-dev_4.3.0.dfsg.1-14sarge3_sparc.deb\n Size/MD5 checksum: 170444 ccbcb0f2850701bfc6321c674a8b8ce6\n http://security.debian.org/pool/updates/main/x/xfree86/libxtst6_4.3.0.dfsg.1-14sarge3_sparc.deb\n Size/MD5 checksum: 174218 e5494fbdb588d2691c253c98d977ce4e\n http://security.debian.org/pool/updates/main/x/xfree86/libxtst6-dbg_4.3.0.dfsg.1-14sarge3_sparc.deb\n Size/MD5 checksum: 237016 4260166015dd5ecf364af96fca04ecbb\n http://security.debian.org/pool/updates/main/x/xfree86/libxv-dev_4.3.0.dfsg.1-14sarge3_sparc.deb\n Size/MD5 checksum: 190284 337d228e15acf2a7cf83026ba3b4bd4e\n http://security.debian.org/pool/updates/main/x/xfree86/libxv1_4.3.0.dfsg.1-14sarge3_sparc.deb\n Size/MD5 checksum: 172002 6e0d484b45388a3f9e0265831750fbf4\n http://security.debian.org/pool/updates/main/x/xfree86/libxv1-dbg_4.3.0.dfsg.1-14sarge3_sparc.deb\n Size/MD5 checksum: 202836 43787cf76647ccd5cbd7b9197d6b420f\n http://security.debian.org/pool/updates/main/x/xfree86/proxymngr_4.3.0.dfsg.1-14sarge3_sparc.deb\n Size/MD5 checksum: 181708 027d176b8b89cf2eecef08b3fa4b90be\n http://security.debian.org/pool/updates/main/x/xfree86/twm_4.3.0.dfsg.1-14sarge3_sparc.deb\n Size/MD5 checksum: 268224 12152b5bab3f6cce61aa19f9e05941ef\n http://security.debian.org/pool/updates/main/x/xfree86/x-window-system-core_4.3.0.dfsg.1-14sarge3_sparc.deb\n Size/MD5 checksum: 158632 68eda17dfb6d5846a93627748b1ad4cf\n http://security.debian.org/pool/updates/main/x/xfree86/x-window-system-dev_4.3.0.dfsg.1-14sarge3_sparc.deb\n Size/MD5 checksum: 158686 ec54e69cd4c1c82c623cc53978b22dd7\n http://security.debian.org/pool/updates/main/x/xfree86/xbase-clients_4.3.0.dfsg.1-14sarge3_sparc.deb\n Size/MD5 checksum: 1934896 77a1064998455a2cc1c384ae8fdcce29\n http://security.debian.org/pool/updates/main/x/xfree86/xdm_4.3.0.dfsg.1-14sarge3_sparc.deb\n Size/MD5 checksum: 307792 b181b2bdc84e8916e60676c8804d5173\n http://security.debian.org/pool/updates/main/x/xfree86/xfs_4.3.0.dfsg.1-14sarge3_sparc.deb\n Size/MD5 checksum: 498726 08f1f092d52d0f0faea072db99079d0e\n http://security.debian.org/pool/updates/main/x/xfree86/xfwp_4.3.0.dfsg.1-14sarge3_sparc.deb\n Size/MD5 checksum: 180478 909f79a3f4a4302fb52cdb4f625de32c\n http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-dri_4.3.0.dfsg.1-14sarge3_sparc.deb\n Size/MD5 checksum: 706072 7bf7c05cbffb036433ec24a9f5006a77\n http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-dri-dbg_4.3.0.dfsg.1-14sarge3_sparc.deb\n Size/MD5 checksum: 5583652 c58b16c2d860523368c0ee4624be4803\n http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl_4.3.0.dfsg.1-14sarge3_sparc.deb\n Size/MD5 checksum: 287114 01850d1ca580b4dfb0608f39306a4b91\n http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl-dbg_4.3.0.dfsg.1-14sarge3_sparc.deb\n Size/MD5 checksum: 1253294 76575b58b1cb40b6c3f060b7c07412c2\n http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl-dev_4.3.0.dfsg.1-14sarge3_sparc.deb\n Size/MD5 checksum: 706766 97f87cc7b482596307e4b95b34c38f2a\n http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu_4.3.0.dfsg.1-14sarge3_sparc.deb\n Size/MD5 checksum: 357804 a38bb604c839d14ec09d2cf74e781e64\n http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu-dbg_4.3.0.dfsg.1-14sarge3_sparc.deb\n Size/MD5 checksum: 1110290 4fc9f2978c422f6771bea6531eaa106f\n http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu-dev_4.3.0.dfsg.1-14sarge3_sparc.deb\n Size/MD5 checksum: 442180 5652768f439246c9e1c5ad68e1335520\n http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa3_4.3.0.dfsg.1-14sarge3_sparc.deb\n Size/MD5 checksum: 158438 8c25fb31872381acd35354f91317c5a4\n http://security.debian.org/pool/updates/main/x/xfree86/xlibosmesa-dev_4.3.0.dfsg.1-14sarge3_sparc.deb\n Size/MD5 checksum: 823038 85b8ebe6d2e4d633c6dab56666ce2f78\n http://security.debian.org/pool/updates/main/x/xfree86/xlibosmesa4_4.3.0.dfsg.1-14sarge3_sparc.deb\n Size/MD5 checksum: 695786 0152e635b45f6c6878038ec796dc7cc4\n http://security.debian.org/pool/updates/main/x/xfree86/xlibosmesa4-dbg_4.3.0.dfsg.1-14sarge3_sparc.deb\n Size/MD5 checksum: 4596090 9318bd03402aff608c7cb1993a50fb90\n http://security.debian.org/pool/updates/main/x/xfree86/xlibs-static-dev_4.3.0.dfsg.1-14sarge3_sparc.deb\n Size/MD5 checksum: 863010 5d7a9b2b939bebd52b450235569449ac\n http://security.debian.org/pool/updates/main/x/xfree86/xlibs-static-pic_4.3.0.dfsg.1-14sarge3_sparc.deb\n Size/MD5 checksum: 387526 0db93eab07feae51dc80ec0f785bfd66\n http://security.debian.org/pool/updates/main/x/xfree86/xmh_4.3.0.dfsg.1-14sarge3_sparc.deb\n Size/MD5 checksum: 226286 bca8e3ba1abc54e535fc51e791ee23fb\n http://security.debian.org/pool/updates/main/x/xfree86/xnest_4.3.0.dfsg.1-14sarge3_sparc.deb\n Size/MD5 checksum: 1494844 492ef231edac7bf67969b425f325e095\n http://security.debian.org/pool/updates/main/x/xfree86/xserver-common_4.3.0.dfsg.1-14sarge3_sparc.deb\n Size/MD5 checksum: 336664 e6c981e1ebbba26892ab43b94e195c07\n http://security.debian.org/pool/updates/main/x/xfree86/xserver-xfree86_4.3.0.dfsg.1-14sarge3_sparc.deb\n Size/MD5 checksum: 5432244 6fb260dc0ce16280a897fb71143a5c16\n http://security.debian.org/pool/updates/main/x/xfree86/xserver-xfree86-dbg_4.3.0.dfsg.1-14sarge3_sparc.deb\n Size/MD5 checksum: 49725120 2cdd446c60eebcac976c770de31b696f\n http://security.debian.org/pool/updates/main/x/xfree86/xterm_4.3.0.dfsg.1-14sarge3_sparc.deb\n Size/MD5 checksum: 508648 d2db70e93fa1a20b801869c2146770f9\n http://security.debian.org/pool/updates/main/x/xfree86/xutils_4.3.0.dfsg.1-14sarge3_sparc.deb\n Size/MD5 checksum: 920670 62b75897a9f1ef8fa41c4877615ea585\n http://security.debian.org/pool/updates/main/x/xfree86/xvfb_4.3.0.dfsg.1-14sarge3_sparc.deb\n Size/MD5 checksum: 1626640 263daaa71644ff219841c835ca8c5f2b\n http://security.debian.org/pool/updates/main/r/rdesktop/rdesktop_1.4.0-2sarge1_sparc.deb\n Size/MD5 checksum: 101352 197681c30bb451093563cb9d9d380fcd\n\n These files will probably be moved into the stable distribution on\n its next update. \n\n- ---------------------------------------------------------------------------------\nFor apt-get: deb http://security.debian.org/ stable/updates main\nFor dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main\nMailing list: debian-security-announce@lists.debian.org\nPackage info: `apt-cache show \u003cpkg\u003e\u0027 and http://packages.debian.org/\u003cpkg\u003e\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.6 (GNU/Linux)\n\niD8DBQFGTMcnXm3vHE4uyloRAgwxAJ0ZNbdHNKMDBslDB+PDH+4REkBUIgCgqChe\ncG20nrUmt0Lbb++Dmcukkyo=\n=uFfR\n-----END PGP SIGNATURE-----\n\n\n\n\n\n_______________________________________________\nFull-Disclosure - We believe in it. \nCharter: http://lists.grok.org.uk/full-disclosure-charter.html\nHosted and sponsored by Secunia - http://secunia.com/\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2007-1351"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-000252"
},
{
"db": "BID",
"id": "23402"
},
{
"db": "VULHUB",
"id": "VHN-24713"
},
{
"db": "VULMON",
"id": "CVE-2007-1351"
},
{
"db": "PACKETSTORM",
"id": "62369"
},
{
"db": "PACKETSTORM",
"id": "55838"
},
{
"db": "PACKETSTORM",
"id": "55671"
},
{
"db": "PACKETSTORM",
"id": "55673"
},
{
"db": "PACKETSTORM",
"id": "55672"
},
{
"db": "PACKETSTORM",
"id": "56851"
}
],
"trust": 2.61
},
"exploit_availability": {
"_id": null,
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-24713",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-24713"
}
]
},
"external_ids": {
"_id": null,
"data": [
{
"db": "NVD",
"id": "CVE-2007-1351",
"trust": 3.5
},
{
"db": "SECUNIA",
"id": "24741",
"trust": 2.6
},
{
"db": "BID",
"id": "23283",
"trust": 2.6
},
{
"db": "SECTRACK",
"id": "1017857",
"trust": 2.5
},
{
"db": "BID",
"id": "23402",
"trust": 2.1
},
{
"db": "SECUNIA",
"id": "24996",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "24768",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "24791",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "24921",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "25004",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "24758",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "24772",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "24745",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "24770",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "24776",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "24885",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "25006",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "24765",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "24889",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "24756",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "24771",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "33937",
"trust": 1.8
},
{
"db": "BID",
"id": "23300",
"trust": 1.8
},
{
"db": "VUPEN",
"id": "ADV-2007-1264",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2007-1548",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2007-1217",
"trust": 1.7
},
{
"db": "XF",
"id": "33417",
"trust": 1.4
},
{
"db": "SECUNIA",
"id": "25195",
"trust": 1.2
},
{
"db": "SECUNIA",
"id": "30161",
"trust": 1.2
},
{
"db": "SECUNIA",
"id": "25495",
"trust": 1.2
},
{
"db": "SECUNIA",
"id": "25096",
"trust": 1.2
},
{
"db": "SECUNIA",
"id": "25305",
"trust": 1.2
},
{
"db": "SECUNIA",
"id": "25216",
"trust": 1.2
},
{
"db": "SECUNIA",
"id": "28333",
"trust": 1.2
},
{
"db": "JVNDB",
"id": "JVNDB-2007-000252",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-200704-102",
"trust": 0.7
},
{
"db": "BUGTRAQ",
"id": "20070405 FLEA-2007-0009-1: XORG-X11 FREETYPE",
"trust": 0.6
},
{
"db": "BUGTRAQ",
"id": "20070404 RPSA-2007-0065-1 FREETYPE XORG-X11 XORG-X11-FONTS XORG-X11-TOOLS XORG-X11-XFS",
"trust": 0.6
},
{
"db": "TRUSTIX",
"id": "2007-0013",
"trust": 0.6
},
{
"db": "SUSE",
"id": "SUSE-SR:2007:006",
"trust": 0.6
},
{
"db": "SUSE",
"id": "SUSE-SA:2007:027",
"trust": 0.6
},
{
"db": "OPENBSD",
"id": "[3.9] 021: SECURITY FIX: APRIL 4, 2007",
"trust": 0.6
},
{
"db": "OPENBSD",
"id": "[4.0] 011: SECURITY FIX: APRIL 4, 2007",
"trust": 0.6
},
{
"db": "GENTOO",
"id": "GLSA-200705-02",
"trust": 0.6
},
{
"db": "GENTOO",
"id": "GLSA-200705-10",
"trust": 0.6
},
{
"db": "SLACKWARE",
"id": "SSA:2007-109-01",
"trust": 0.6
},
{
"db": "MLIST",
"id": "[XORG-ANN",
"trust": 0.6
},
{
"db": "REDHAT",
"id": "RHSA-2007:0125",
"trust": 0.6
},
{
"db": "REDHAT",
"id": "RHSA-2007:0132",
"trust": 0.6
},
{
"db": "REDHAT",
"id": "RHSA-2007:0150",
"trust": 0.6
},
{
"db": "REDHAT",
"id": "RHSA-2007:0126",
"trust": 0.6
},
{
"db": "UBUNTU",
"id": "USN-448-1",
"trust": 0.6
},
{
"db": "SUNALERT",
"id": "102886",
"trust": 0.6
},
{
"db": "IDEFENSE",
"id": "20070403 MULTIPLE VENDOR X SERVER BDF FONT PARSING INTEGER OVERFLOW VULNERABILITY",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "55673",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "55838",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "62369",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "56410",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "55598",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-24713",
"trust": 0.1
},
{
"db": "VUPEN",
"id": "2007/1264",
"trust": 0.1
},
{
"db": "VUPEN",
"id": "2007/1217",
"trust": 0.1
},
{
"db": "VUPEN",
"id": "2007/1548",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2007-1351",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "55671",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "55672",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "56851",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-24713"
},
{
"db": "VULMON",
"id": "CVE-2007-1351"
},
{
"db": "BID",
"id": "23402"
},
{
"db": "PACKETSTORM",
"id": "62369"
},
{
"db": "PACKETSTORM",
"id": "55838"
},
{
"db": "PACKETSTORM",
"id": "55671"
},
{
"db": "PACKETSTORM",
"id": "55673"
},
{
"db": "PACKETSTORM",
"id": "55672"
},
{
"db": "PACKETSTORM",
"id": "56851"
},
{
"db": "CNNVD",
"id": "CNNVD-200704-102"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-000252"
},
{
"db": "NVD",
"id": "CVE-2007-1351"
}
]
},
"id": "VAR-200704-0737",
"iot": {
"_id": null,
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-24713"
}
],
"trust": 0.01
},
"last_update_date": "2026-04-10T22:24:43.941000Z",
"patch": {
"_id": null,
"data": [
{
"title": "TA25078",
"trust": 0.8,
"url": "http://support.apple.com/kb/TA25078?viewlocale=en_US"
},
{
"title": "HT3438",
"trust": 0.8,
"url": "http://support.apple.com/kb/HT3438"
},
{
"title": "HT3438",
"trust": 0.8,
"url": "http://support.apple.com/kb/HT3438?viewlocale=ja_JP"
},
{
"title": "TA25078",
"trust": 0.8,
"url": "http://support.apple.com/kb/TA25078?viewlocale=ja_JP"
},
{
"title": "xorg-x11 (V4.0)",
"trust": 0.8,
"url": "http://www.miraclelinux.com/support/update/list.php?errata_id=998"
},
{
"title": "freetype (V3.0/V4.0)",
"trust": 0.8,
"url": "http://www.miraclelinux.com/support/update/list.php?errata_id=1004"
},
{
"title": "XFree86 (V3.0)",
"trust": 0.8,
"url": "http://www.miraclelinux.com/support/update/list.php?errata_id=1005"
},
{
"title": "XFree86 (V2.x)",
"trust": 0.8,
"url": "http://www.miraclelinux.com/support/update/list.php?errata_id=980"
},
{
"title": "RHSA-2007:0126",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/RHSA-2007-0126.html"
},
{
"title": "RHSA-2007:0132",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/RHSA-2007-0132.html"
},
{
"title": "RHSA-2007:0150",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/RHSA-2007-0150.html"
},
{
"title": "RHSA-2007:0125",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/RHSA-2007-0125.html"
},
{
"title": "102886",
"trust": 0.8,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102886-1"
},
{
"title": "102886",
"trust": 0.8,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102886-3"
},
{
"title": "FreeType 2.3.3",
"trust": 0.8,
"url": "http://sourceforge.net/project/shownotes.php?group_id=3157\u0026release_id=498954"
},
{
"title": "TLSA-2007-26",
"trust": 0.8,
"url": "http://www.turbolinux.com/security/2007/TLSA-2007-26.txt"
},
{
"title": "various integer overflow vulnerabilites in xserver, libX11 and libXfont",
"trust": 0.8,
"url": "http://lists.freedesktop.org/archives/xorg-announce/2007-April/000286.html"
},
{
"title": "XFree86 4.6.99.21 (7 April 2007)",
"trust": 0.8,
"url": "ftp://ftp.xfree86.org/pub/XFree86/develsnaps/changelog-4.6.99.21.txt"
},
{
"title": "RHSA-2007:0150",
"trust": 0.8,
"url": "http://www.jp.redhat.com/support/errata/RHSA/RHSA-2007-0150J.html"
},
{
"title": "RHSA-2007:0126",
"trust": 0.8,
"url": "http://www.jp.redhat.com/support/errata/RHSA/RHSA-2007-0126J.html"
},
{
"title": "RHSA-2007:0125",
"trust": 0.8,
"url": "http://www.jp.redhat.com/support/errata/RHSA/RHSA-2007-0125J.html"
},
{
"title": "RHSA-2007:0132",
"trust": 0.8,
"url": "http://www.jp.redhat.com/support/errata/RHSA/RHSA-2007-0132J.html"
},
{
"title": "TLSA-2007-26",
"trust": 0.8,
"url": "http://www.turbolinux.co.jp/security/2007/TLSA-2007-26j.txt"
},
{
"title": "Debian CVElist Bug Report Logs: CVE-2007-1351 bdf font overflows",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs\u0026qid=68f0e9026ab7dd9497e5994c8d2f5f54"
},
{
"title": "Debian Security Advisories: DSA-1454-1 freetype -- integer overflow",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=beceb2ff64340c384ed8cd47e0308911"
},
{
"title": "Ubuntu Security Notice: freetype, libxfont, xorg, xorg-server vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-448-1"
},
{
"title": "Debian Security Advisories: DSA-1294-1 xfree86 -- several vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=be53ababa489c9b6bdb9d0399332f169"
},
{
"title": "VMware Security Advisories: Updated Service Console packages (XFree86, UP and SMP kernels, Kerberos libraries) resolve security issues.",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=vmware_security_advisories\u0026qid=583d15c673c91b6620d123d9baa3e726"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2007-1351"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-000252"
}
]
},
"problemtype_data": {
"_id": null,
"data": [
{
"problemtype": "CWE-189",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-24713"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-000252"
},
{
"db": "NVD",
"id": "CVE-2007-1351"
}
]
},
"references": {
"_id": null,
"data": [
{
"trust": 2.6,
"url": "http://www.securityfocus.com/bid/23283"
},
{
"trust": 2.6,
"url": "http://www.securitytracker.com/id?1017857"
},
{
"trust": 1.8,
"url": "http://www.securityfocus.com/bid/23300"
},
{
"trust": 1.8,
"url": "http://www.securityfocus.com/bid/23402"
},
{
"trust": 1.8,
"url": "http://sourceforge.net/project/shownotes.php?release_id=498954"
},
{
"trust": 1.8,
"url": "http://support.apple.com/kb/ht3438"
},
{
"trust": 1.8,
"url": "https://issues.rpath.com/browse/rpl-1213"
},
{
"trust": 1.8,
"url": "http://security.gentoo.org/glsa/glsa-200705-02.xml"
},
{
"trust": 1.8,
"url": "http://security.gentoo.org/glsa/glsa-200705-10.xml"
},
{
"trust": 1.8,
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=501"
},
{
"trust": 1.8,
"url": "http://www.openbsd.org/errata39.html#021_xorg"
},
{
"trust": 1.8,
"url": "http://www.openbsd.org/errata40.html#011_xorg"
},
{
"trust": 1.8,
"url": "http://rhn.redhat.com/errata/rhsa-2007-0125.html"
},
{
"trust": 1.8,
"url": "http://www.redhat.com/support/errata/rhsa-2007-0126.html"
},
{
"trust": 1.8,
"url": "http://www.redhat.com/support/errata/rhsa-2007-0132.html"
},
{
"trust": 1.8,
"url": "http://www.redhat.com/support/errata/rhsa-2007-0150.html"
},
{
"trust": 1.8,
"url": "http://secunia.com/advisories/24741"
},
{
"trust": 1.8,
"url": "http://secunia.com/advisories/24745"
},
{
"trust": 1.8,
"url": "http://secunia.com/advisories/24756"
},
{
"trust": 1.8,
"url": "http://secunia.com/advisories/24758"
},
{
"trust": 1.8,
"url": "http://secunia.com/advisories/24765"
},
{
"trust": 1.8,
"url": "http://secunia.com/advisories/24768"
},
{
"trust": 1.8,
"url": "http://secunia.com/advisories/24770"
},
{
"trust": 1.8,
"url": "http://secunia.com/advisories/24771"
},
{
"trust": 1.8,
"url": "http://secunia.com/advisories/24772"
},
{
"trust": 1.8,
"url": "http://secunia.com/advisories/24776"
},
{
"trust": 1.8,
"url": "http://secunia.com/advisories/24791"
},
{
"trust": 1.8,
"url": "http://secunia.com/advisories/24885"
},
{
"trust": 1.8,
"url": "http://secunia.com/advisories/24889"
},
{
"trust": 1.8,
"url": "http://secunia.com/advisories/24921"
},
{
"trust": 1.8,
"url": "http://secunia.com/advisories/24996"
},
{
"trust": 1.8,
"url": "http://secunia.com/advisories/25004"
},
{
"trust": 1.8,
"url": "http://secunia.com/advisories/25006"
},
{
"trust": 1.8,
"url": "http://secunia.com/advisories/33937"
},
{
"trust": 1.8,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102886-1"
},
{
"trust": 1.8,
"url": "http://www.novell.com/linux/security/advisories/2007_27_x.html"
},
{
"trust": 1.8,
"url": "http://www.novell.com/linux/security/advisories/2007_6_sr.html"
},
{
"trust": 1.8,
"url": "http://www.trustix.org/errata/2007/0013/"
},
{
"trust": 1.8,
"url": "http://www.ubuntu.com/usn/usn-448-1"
},
{
"trust": 1.7,
"url": "http://sourceforge.net/project/shownotes.php?group_id=3157\u0026release_id=498954"
},
{
"trust": 1.7,
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2007\u0026m=slackware-security.626733"
},
{
"trust": 1.4,
"url": "http://xforce.iss.net/xforce/xfdb/33417"
},
{
"trust": 1.4,
"url": "http://www.frsirt.com/english/advisories/2007/1217"
},
{
"trust": 1.2,
"url": "http://lists.apple.com/archives/security-announce/2007/nov/msg00003.html"
},
{
"trust": 1.2,
"url": "http://lists.apple.com/archives/security-announce/2009/feb/msg00000.html"
},
{
"trust": 1.2,
"url": "http://www.securityfocus.com/archive/1/464686/100/0/threaded"
},
{
"trust": 1.2,
"url": "http://www.securityfocus.com/archive/1/464816/100/0/threaded"
},
{
"trust": 1.2,
"url": "http://issues.foresightlinux.org/browse/fl-223"
},
{
"trust": 1.2,
"url": "http://support.avaya.com/elmodocs2/security/asa-2007-178.htm"
},
{
"trust": 1.2,
"url": "http://support.avaya.com/elmodocs2/security/asa-2007-193.htm"
},
{
"trust": 1.2,
"url": "http://www.debian.org/security/2007/dsa-1294"
},
{
"trust": 1.2,
"url": "http://www.debian.org/security/2008/dsa-1454"
},
{
"trust": 1.2,
"url": "http://www.gentoo.org/security/en/glsa/glsa-200805-07.xml"
},
{
"trust": 1.2,
"url": "http://www.mandriva.com/security/advisories?name=mdksa-2007:079"
},
{
"trust": 1.2,
"url": "http://www.mandriva.com/security/advisories?name=mdksa-2007:080"
},
{
"trust": 1.2,
"url": "http://www.mandriva.com/security/advisories?name=mdksa-2007:081"
},
{
"trust": 1.2,
"url": "http://lists.freedesktop.org/archives/xorg-announce/2007-april/000286.html"
},
{
"trust": 1.2,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a11266"
},
{
"trust": 1.2,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a1810"
},
{
"trust": 1.2,
"url": "http://secunia.com/advisories/25096"
},
{
"trust": 1.2,
"url": "http://secunia.com/advisories/25195"
},
{
"trust": 1.2,
"url": "http://secunia.com/advisories/25216"
},
{
"trust": 1.2,
"url": "http://secunia.com/advisories/25305"
},
{
"trust": 1.2,
"url": "http://secunia.com/advisories/25495"
},
{
"trust": 1.2,
"url": "http://secunia.com/advisories/28333"
},
{
"trust": 1.2,
"url": "http://secunia.com/advisories/30161"
},
{
"trust": 1.2,
"url": "http://www.vupen.com/english/advisories/2007/1217"
},
{
"trust": 1.2,
"url": "http://www.vupen.com/english/advisories/2007/1264"
},
{
"trust": 1.2,
"url": "http://www.vupen.com/english/advisories/2007/1548"
},
{
"trust": 1.2,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33417"
},
{
"trust": 1.2,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-1351"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2007-1351"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/24741/"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-1351"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/archive/1/archive/1/464816/100/0/threaded"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/archive/1/archive/1/464686/100/0/threaded"
},
{
"trust": 0.6,
"url": "http://www.frsirt.com/english/advisories/2007/1548"
},
{
"trust": 0.6,
"url": "http://www.frsirt.com/english/advisories/2007/1264"
},
{
"trust": 0.5,
"url": "http://secunia.com/"
},
{
"trust": 0.5,
"url": "http://lists.grok.org.uk/full-disclosure-charter.html"
},
{
"trust": 0.4,
"url": "http://www.mandriva.com/security/"
},
{
"trust": 0.4,
"url": "http://www.mandriva.com/security/advisories"
},
{
"trust": 0.3,
"url": "http://www.freetype.org/"
},
{
"trust": 0.3,
"url": "/archive/1/465255"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-1352"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-1003"
},
{
"trust": 0.2,
"url": "http://www.debian.org/security/faq"
},
{
"trust": 0.2,
"url": "http://packages.debian.org/\u003cpkg\u003e"
},
{
"trust": 0.2,
"url": "http://security.debian.org/"
},
{
"trust": 0.2,
"url": "http://www.debian.org/security/"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-1667"
},
{
"trust": 0.2,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-1352"
},
{
"trust": 0.2,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-1003"
},
{
"trust": 0.1,
"url": "http://sourceforge.net/project/shownotes.php?group_id=3157\u0026amp;release_id=498954"
},
{
"trust": 0.1,
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026amp;y=2007\u0026amp;m=slackware-security.626733"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/189.html"
},
{
"trust": 0.1,
"url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=426771"
},
{
"trust": 0.1,
"url": "https://www.debian.org/security/./dsa-1454"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://usn.ubuntu.com/448-1/"
},
{
"trust": 0.1,
"url": "http://tools.cisco.com/security/center/viewalert.x?alertid=13014"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/f/freetype/freetype2-demos_2.2.1-5+etch2_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-dev_2.2.1-5+etch2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-dev_2.2.1-5+etch2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/f/freetype/freetype2-demos_2.2.1-5+etch2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-udeb_2.2.1-5+etch2_sparc.udeb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-dev_2.2.1-5+etch2_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/f/freetype/libfreetype6_2.2.1-5+etch2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/f/freetype/freetype_2.2.1-5+etch2.dsc"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/f/freetype/freetype_2.2.1.orig.tar.gz"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-udeb_2.2.1-5+etch2_arm.udeb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-dev_2.2.1-5+etch2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/f/freetype/libfreetype6_2.2.1-5+etch2_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/f/freetype/libfreetype6_2.2.1-5+etch2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/f/freetype/libfreetype6_2.2.1-5+etch2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/f/freetype/freetype2-demos_2.2.1-5+etch2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-udeb_2.2.1-5+etch2_i386.udeb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-dev_2.2.1-5+etch2_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-udeb_2.2.1-5+etch2_mipsel.udeb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/f/freetype/libfreetype6_2.2.1-5+etch2_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/f/freetype/libfreetype6_2.2.1-5+etch2_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/f/freetype/libfreetype6_2.2.1-5+etch2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/f/freetype/freetype2-demos_2.2.1-5+etch2_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-udeb_2.2.1-5+etch2_amd64.udeb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-dev_2.2.1-5+etch2_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-udeb_2.2.1-5+etch2_s390.udeb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-udeb_2.2.1-5+etch2_ia64.udeb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-udeb_2.2.1-5+etch2_hppa.udeb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/f/freetype/freetype2-demos_2.2.1-5+etch2_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-dev_2.2.1-5+etch2_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-udeb_2.2.1-5+etch2_mips.udeb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-dev_2.2.1-5+etch2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/f/freetype/libfreetype6_2.2.1-5+etch2_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/f/freetype/freetype2-demos_2.2.1-5+etch2_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/f/freetype/libfreetype6_2.2.1-5+etch2_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/f/freetype/libfreetype6_2.2.1-5+etch2_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-dev_2.2.1-5+etch2_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/f/freetype/libfreetype6_2.2.1-5+etch2_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/f/freetype/freetype2-demos_2.2.1-5+etch2_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-dev_2.2.1-5+etch2_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/f/freetype/freetype2-demos_2.2.1-5+etch2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/f/freetype/freetype2-demos_2.2.1-5+etch2_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-udeb_2.2.1-5+etch2_powerpc.udeb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-dev_2.2.1-5+etch2_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/f/freetype/freetype2-demos_2.2.1-5+etch2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/f/freetype/freetype2-demos_2.2.1-5+etch2_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/f/freetype/freetype_2.2.1-5+etch2.diff.gz"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-udeb_2.2.1-5+etch2_alpha.udeb"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-1667"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxp6_4.3.0.dfsg.1-14sarge4_m68k.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxrandr2_4.3.0.dfsg.1-14sarge3_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxpm4_4.3.0.dfsg.1-14sarge4_m68k.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xfs_4.3.0.dfsg.1-14sarge4_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libx11-dev_4.3.0.dfsg.1-14sarge4_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa3_4.3.0.dfsg.1-14sarge4_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/r/rdesktop/rdesktop_1.4.0-2sarge1_m68k.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libsm6_4.3.0.dfsg.1-14sarge4_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxtrap6_4.3.0.dfsg.1-14sarge4_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxv1_4.3.0.dfsg.1-14sarge4_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibs-dbg_4.3.0.dfsg.1-14sarge4_all.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libsm6_4.3.0.dfsg.1-14sarge4_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu_4.3.0.dfsg.1-14sarge4_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libice-dev_4.3.0.dfsg.1-14sarge4_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxft1_4.3.0.dfsg.1-14sarge4_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/x-window-system-core_4.3.0.dfsg.1-14sarge4_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xvfb_4.3.0.dfsg.1-14sarge4_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dbg_4.3.0.dfsg.1-14sarge4_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libdps1-dbg_4.3.0.dfsg.1-14sarge4_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibs-static-pic_4.3.0.dfsg.1-14sarge4_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xserver-xfree86_4.3.0.dfsg.1-14sarge4_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dev_4.3.0.dfsg.1-14sarge4_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxext6-dbg_4.3.0.dfsg.1-14sarge4_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxpm4-dbg_4.3.0.dfsg.1-14sarge4_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxaw6_4.3.0.dfsg.1-14sarge4_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xfonts-scalable_4.3.0.dfsg.1-14sarge4_all.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxt6_4.3.0.dfsg.1-14sarge4_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxv-dev_4.3.0.dfsg.1-14sarge4_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl-dbg_4.3.0.dfsg.1-14sarge4_m68k.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/x-window-system-core_4.3.0.dfsg.1-14sarge4_m68k.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu_4.3.0.dfsg.1-14sarge4_m68k.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libdps-dev_4.3.0.dfsg.1-14sarge4_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libsm6_4.3.0.dfsg.1-14sarge4_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxmuu1_4.3.0.dfsg.1-14sarge4_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxpm4-dbg_4.3.0.dfsg.1-14sarge4_m68k.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/proxymngr_4.3.0.dfsg.1-14sarge4_m68k.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa3-dbg_4.3.0.dfsg.1-14sarge4_all.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxmuu1-dbg_4.3.0.dfsg.1-14sarge4_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxp6-dbg_4.3.0.dfsg.1-14sarge4_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libx11-6_4.3.0.dfsg.1-14sarge4_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dbg_4.3.0.dfsg.1-14sarge4_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxtrap-dev_4.3.0.dfsg.1-14sarge4_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libsm6-dbg_4.3.0.dfsg.1-14sarge4_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu-dbg_4.3.0.dfsg.1-14sarge4_m68k.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxaw7_4.3.0.dfsg.1-14sarge4_m68k.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxrandr-dev_4.3.0.dfsg.1-14sarge4_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl-dbg_4.3.0.dfsg.1-14sarge4_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl-dbg_4.3.0.dfsg.1-14sarge4_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxi6-dbg_4.3.0.dfsg.1-14sarge4_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxt-dev_4.3.0.dfsg.1-14sarge4_m68k.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxt-dev_4.3.0.dfsg.1-14sarge3_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxmuu1-dbg_4.3.0.dfsg.1-14sarge4_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl-dbg_4.3.0.dfsg.1-14sarge4_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxext-dev_4.3.0.dfsg.1-14sarge4_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxi6-dbg_4.3.0.dfsg.1-14sarge4_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxt6-dbg_4.3.0.dfsg.1-14sarge4_m68k.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/x-window-system-dev_4.3.0.dfsg.1-14sarge4_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libx11-6_4.3.0.dfsg.1-14sarge4_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xserver-common_4.3.0.dfsg.1-14sarge4_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxrandr2_4.3.0.dfsg.1-14sarge4_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dev_4.3.0.dfsg.1-14sarge4_m68k.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dbg_4.3.0.dfsg.1-14sarge4_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxv-dev_4.3.0.dfsg.1-14sarge4_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibosmesa4-dbg_4.3.0.dfsg.1-14sarge4_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xfonts-cyrillic_4.3.0.dfsg.1-14sarge4_all.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libsm-dev_4.3.0.dfsg.1-14sarge4_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxrandr2_4.3.0.dfsg.1-14sarge4_m68k.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu-dev_4.3.0.dfsg.1-14sarge3_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/proxymngr_4.3.0.dfsg.1-14sarge4_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libice6-dbg_4.3.0.dfsg.1-14sarge4_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxp6-dbg_4.3.0.dfsg.1-14sarge3_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxtrap6-dbg_4.3.0.dfsg.1-14sarge4_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl-dbg_4.3.0.dfsg.1-14sarge4_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/r/rdesktop/rdesktop_1.4.0-2sarge1_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu_4.3.0.dfsg.1-14sarge4_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libsm6-dbg_4.3.0.dfsg.1-14sarge4_m68k.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xdm_4.3.0.dfsg.1-14sarge4_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxmu6_4.3.0.dfsg.1-14sarge4_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxpm4-dbg_4.3.0.dfsg.1-14sarge4_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxrandr2_4.3.0.dfsg.1-14sarge4_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibs-static-dev_4.3.0.dfsg.1-14sarge4_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xvfb_4.3.0.dfsg.1-14sarge4_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxtst6-dbg_4.3.0.dfsg.1-14sarge4_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libsm-dev_4.3.0.dfsg.1-14sarge4_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxtrap-dev_4.3.0.dfsg.1-14sarge4_m68k.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xbase-clients_4.3.0.dfsg.1-14sarge3_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/x-window-system-dev_4.3.0.dfsg.1-14sarge4_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxp-dev_4.3.0.dfsg.1-14sarge4_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libx11-dev_4.3.0.dfsg.1-14sarge4_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/r/rdesktop/rdesktop_1.4.0-2sarge1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu-dbg_4.3.0.dfsg.1-14sarge4_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libsm-dev_4.3.0.dfsg.1-14sarge4_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxext6-dbg_4.3.0.dfsg.1-14sarge4_m68k.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xserver-xfree86-dbg_4.3.0.dfsg.1-14sarge4_m68k.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xfwp_4.3.0.dfsg.1-14sarge4_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/twm_4.3.0.dfsg.1-14sarge4_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxft1_4.3.0.dfsg.1-14sarge4_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxext-dev_4.3.0.dfsg.1-14sarge4_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libice-dev_4.3.0.dfsg.1-14sarge4_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/lbxproxy_4.3.0.dfsg.1-14sarge4_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xnest_4.3.0.dfsg.1-14sarge4_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxt6_4.3.0.dfsg.1-14sarge4_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dbg_4.3.0.dfsg.1-14sarge4_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibs-static-pic_4.3.0.dfsg.1-14sarge4_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/r/rdesktop/rdesktop_1.4.0-2sarge1.dsc"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-dri_4.3.0.dfsg.1-14sarge4_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libsm6-dbg_4.3.0.dfsg.1-14sarge4_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxtst6-dbg_4.3.0.dfsg.1-14sarge4_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libice-dev_4.3.0.dfsg.1-14sarge4_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/r/rdesktop/rdesktop_1.4.0-2sarge1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl-dev_4.3.0.dfsg.1-14sarge4_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxpm4-dbg_4.3.0.dfsg.1-14sarge4_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dev_4.3.0.dfsg.1-14sarge4_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxmuu1_4.3.0.dfsg.1-14sarge4_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxi6-dbg_4.3.0.dfsg.1-14sarge4_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxt6_4.3.0.dfsg.1-14sarge4_m68k.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/lbxproxy_4.3.0.dfsg.1-14sarge4_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxrandr2-dbg_4.3.0.dfsg.1-14sarge4_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libice-dev_4.3.0.dfsg.1-14sarge4_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxmuu1-dbg_4.3.0.dfsg.1-14sarge4_m68k.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xbase-clients_4.3.0.dfsg.1-14sarge4_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxi-dev_4.3.0.dfsg.1-14sarge4_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxt-dev_4.3.0.dfsg.1-14sarge4_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-dri-dbg_4.3.0.dfsg.1-14sarge4_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu-dbg_4.3.0.dfsg.1-14sarge4_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libx11-dev_4.3.0.dfsg.1-14sarge4_m68k.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxp6-dbg_4.3.0.dfsg.1-14sarge4_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxmu-dev_4.3.0.dfsg.1-14sarge4_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxt6-dbg_4.3.0.dfsg.1-14sarge4_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibosmesa-dev_4.3.0.dfsg.1-14sarge4_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibosmesa4-dbg_4.3.0.dfsg.1-14sarge3_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libice6_4.3.0.dfsg.1-14sarge4_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxv1-dbg_4.3.0.dfsg.1-14sarge4_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xfwp_4.3.0.dfsg.1-14sarge4_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxi-dev_4.3.0.dfsg.1-14sarge4_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/x-window-system-core_4.3.0.dfsg.1-14sarge4_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xterm_4.3.0.dfsg.1-14sarge4_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libsm-dev_4.3.0.dfsg.1-14sarge3_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xserver-xfree86-dbg_4.3.0.dfsg.1-14sarge4_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibs-static-dev_4.3.0.dfsg.1-14sarge4_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xdm_4.3.0.dfsg.1-14sarge4_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xfonts-100dpi_4.3.0.dfsg.1-14sarge4_all.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dev_4.3.0.dfsg.1-14sarge4_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxtrap6_4.3.0.dfsg.1-14sarge4_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxft1_4.3.0.dfsg.1-14sarge4_m68k.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxtst-dev_4.3.0.dfsg.1-14sarge4_m68k.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dev_4.3.0.dfsg.1-14sarge4_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xvfb_4.3.0.dfsg.1-14sarge4_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libdps1_4.3.0.dfsg.1-14sarge4_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibosmesa4_4.3.0.dfsg.1-14sarge3_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxmu6-dbg_4.3.0.dfsg.1-14sarge4_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibs-static-pic_4.3.0.dfsg.1-14sarge3_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xfs_4.3.0.dfsg.1-14sarge4_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxt6-dbg_4.3.0.dfsg.1-14sarge4_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu_4.3.0.dfsg.1-14sarge4_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxv-dev_4.3.0.dfsg.1-14sarge4_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibs-static-pic_4.3.0.dfsg.1-14sarge4_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxext6_4.3.0.dfsg.1-14sarge4_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu-dev_4.3.0.dfsg.1-14sarge4_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxtst6_4.3.0.dfsg.1-14sarge4_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl_4.3.0.dfsg.1-14sarge4_m68k.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libice6-dbg_4.3.0.dfsg.1-14sarge4_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxaw7_4.3.0.dfsg.1-14sarge4_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/r/rdesktop/rdesktop_1.4.0-2sarge1.diff.gz"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/proxymngr_4.3.0.dfsg.1-14sarge4_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu-dev_4.3.0.dfsg.1-14sarge4_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa3_4.3.0.dfsg.1-14sarge4_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libdps1-dbg_4.3.0.dfsg.1-14sarge4_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xterm_4.3.0.dfsg.1-14sarge4_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxpm4_4.3.0.dfsg.1-14sarge4_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxtrap-dev_4.3.0.dfsg.1-14sarge4_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xnest_4.3.0.dfsg.1-14sarge4_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxp6_4.3.0.dfsg.1-14sarge4_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dbg_4.3.0.dfsg.1-14sarge3_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xserver-common_4.3.0.dfsg.1-14sarge4_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/proxymngr_4.3.0.dfsg.1-14sarge4_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxv1-dbg_4.3.0.dfsg.1-14sarge4_m68k.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xutils_4.3.0.dfsg.1-14sarge4_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxpm4_4.3.0.dfsg.1-14sarge4_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxt6-dbg_4.3.0.dfsg.1-14sarge4_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxtst6_4.3.0.dfsg.1-14sarge4_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xutils_4.3.0.dfsg.1-14sarge4_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dev_4.3.0.dfsg.1-14sarge4_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxtst6-dbg_4.3.0.dfsg.1-14sarge4_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxext6_4.3.0.dfsg.1-14sarge4_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxp-dev_4.3.0.dfsg.1-14sarge4_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xterm_4.3.0.dfsg.1-14sarge4_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxmu-dev_4.3.0.dfsg.1-14sarge4_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xfonts-base_4.3.0.dfsg.1-14sarge4_all.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxp6-dbg_4.3.0.dfsg.1-14sarge4_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxrandr2_4.3.0.dfsg.1-14sarge4_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/x-window-system-dev_4.3.0.dfsg.1-14sarge4_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxmuu-dev_4.3.0.dfsg.1-14sarge4_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibosmesa-dev_4.3.0.dfsg.1-14sarge4_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxtrap-dev_4.3.0.dfsg.1-14sarge4_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxp6_4.3.0.dfsg.1-14sarge4_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu-dev_4.3.0.dfsg.1-14sarge4_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxext6_4.3.0.dfsg.1-14sarge4_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxrandr-dev_4.3.0.dfsg.1-14sarge4_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxtrap6_4.3.0.dfsg.1-14sarge3_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xfwp_4.3.0.dfsg.1-14sarge3_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa3_4.3.0.dfsg.1-14sarge4_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibs-data_4.3.0.dfsg.1-14sarge4_all.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libice6-dbg_4.3.0.dfsg.1-14sarge4_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxmuu-dev_4.3.0.dfsg.1-14sarge4_m68k.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/x-window-system-dev_4.3.0.dfsg.1-14sarge4_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/x-window-system-core_4.3.0.dfsg.1-14sarge4_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu_4.3.0.dfsg.1-14sarge4_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu-dbg_4.3.0.dfsg.1-14sarge3_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xfonts-75dpi-transcoded_4.3.0.dfsg.1-14sarge4_all.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-dri_4.3.0.dfsg.1-14sarge4_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu_4.3.0.dfsg.1-14sarge4_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/r/rdesktop/rdesktop_1.4.0-2sarge1_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxtst6_4.3.0.dfsg.1-14sarge4_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xbase-clients_4.3.0.dfsg.1-14sarge4_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxv1-dbg_4.3.0.dfsg.1-14sarge4_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibs-static-dev_4.3.0.dfsg.1-14sarge4_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxext6-dbg_4.3.0.dfsg.1-14sarge4_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl_4.3.0.dfsg.1-14sarge4_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxext-dev_4.3.0.dfsg.1-14sarge4_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl-dbg_4.3.0.dfsg.1-14sarge4_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxi6-dbg_4.3.0.dfsg.1-14sarge4_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxext6-dbg_4.3.0.dfsg.1-14sarge3_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxmu6_4.3.0.dfsg.1-14sarge4_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxext6-dbg_4.3.0.dfsg.1-14sarge4_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/x-window-system_4.3.0.dfsg.1-14sarge4_all.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/lbxproxy_4.3.0.dfsg.1-14sarge4_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libx11-dev_4.3.0.dfsg.1-14sarge4_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xfwp_4.3.0.dfsg.1-14sarge4_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibosmesa4_4.3.0.dfsg.1-14sarge4_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/pm-dev_4.3.0.dfsg.1-14sarge4_all.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxtrap6_4.3.0.dfsg.1-14sarge4_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xserver-xfree86_4.3.0.dfsg.1-14sarge4_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xvfb_4.3.0.dfsg.1-14sarge4_m68k.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibs-static-pic_4.3.0.dfsg.1-14sarge4_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxrandr-dev_4.3.0.dfsg.1-14sarge4_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxext6_4.3.0.dfsg.1-14sarge3_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/twm_4.3.0.dfsg.1-14sarge4_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxt-dev_4.3.0.dfsg.1-14sarge4_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxft1-dbg_4.3.0.dfsg.1-14sarge4_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxtrap6-dbg_4.3.0.dfsg.1-14sarge4_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxrandr-dev_4.3.0.dfsg.1-14sarge4_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl-dbg_4.3.0.dfsg.1-14sarge4_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxext6-dbg_4.3.0.dfsg.1-14sarge4_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxmuu1_4.3.0.dfsg.1-14sarge4_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxaw6_4.3.0.dfsg.1-14sarge4_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibs-static-dev_4.3.0.dfsg.1-14sarge4_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dbg_4.3.0.dfsg.1-14sarge4_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxft1_4.3.0.dfsg.1-14sarge4_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxtrap6-dbg_4.3.0.dfsg.1-14sarge4_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libice6-dbg_4.3.0.dfsg.1-14sarge4_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl-dbg_4.3.0.dfsg.1-14sarge4_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libsm-dev_4.3.0.dfsg.1-14sarge4_m68k.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xbase-clients_4.3.0.dfsg.1-14sarge4_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libice6_4.3.0.dfsg.1-14sarge3_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxp6_4.3.0.dfsg.1-14sarge3_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/lbxproxy_4.3.0.dfsg.1-14sarge4_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxpm4-dbg_4.3.0.dfsg.1-14sarge4_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxi6_4.3.0.dfsg.1-14sarge4_m68k.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libsm6-dbg_4.3.0.dfsg.1-14sarge4_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dev_4.3.0.dfsg.1-14sarge4_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxrandr2_4.3.0.dfsg.1-14sarge4_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libx11-6-dbg_4.3.0.dfsg.1-14sarge4_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dbg_4.3.0.dfsg.1-14sarge4_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxrandr2-dbg_4.3.0.dfsg.1-14sarge4_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xterm_4.3.0.dfsg.1-14sarge4_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xterm_4.3.0.dfsg.1-14sarge4_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libx11-dev_4.3.0.dfsg.1-14sarge4_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxext6-dbg_4.3.0.dfsg.1-14sarge4_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxrandr2-dbg_4.3.0.dfsg.1-14sarge4_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxi-dev_4.3.0.dfsg.1-14sarge4_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxtrap6-dbg_4.3.0.dfsg.1-14sarge4_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxft1-dbg_4.3.0.dfsg.1-14sarge4_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu-dbg_4.3.0.dfsg.1-14sarge4_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxp-dev_4.3.0.dfsg.1-14sarge4_m68k.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa3_4.3.0.dfsg.1-14sarge4_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xserver-common_4.3.0.dfsg.1-14sarge4_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibosmesa4-dbg_4.3.0.dfsg.1-14sarge4_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxrandr2-dbg_4.3.0.dfsg.1-14sarge4_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libsm6_4.3.0.dfsg.1-14sarge3_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxext-dev_4.3.0.dfsg.1-14sarge3_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxaw6_4.3.0.dfsg.1-14sarge4_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libsm6-dbg_4.3.0.dfsg.1-14sarge4_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xserver-xfree86_4.3.0.dfsg.1-14sarge4_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibosmesa4_4.3.0.dfsg.1-14sarge4_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libdps-dev_4.3.0.dfsg.1-14sarge4_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xnest_4.3.0.dfsg.1-14sarge4_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xserver-xfree86-dbg_4.3.0.dfsg.1-14sarge4_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xvfb_4.3.0.dfsg.1-14sarge4_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dbg_4.3.0.dfsg.1-14sarge4_m68k.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libdps1_4.3.0.dfsg.1-14sarge4_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxi6_4.3.0.dfsg.1-14sarge4_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxpm4_4.3.0.dfsg.1-14sarge4_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xfwp_4.3.0.dfsg.1-14sarge4_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxmuu1-dbg_4.3.0.dfsg.1-14sarge4_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxp6_4.3.0.dfsg.1-14sarge4_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xserver-common_4.3.0.dfsg.1-14sarge4_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libx11-6-dbg_4.3.0.dfsg.1-14sarge4_m68k.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibs-static-dev_4.3.0.dfsg.1-14sarge4_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dbg_4.3.0.dfsg.1-14sarge4_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxv1_4.3.0.dfsg.1-14sarge4_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libx11-6_4.3.0.dfsg.1-14sarge4_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/twm_4.3.0.dfsg.1-14sarge4_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxi6_4.3.0.dfsg.1-14sarge4_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibs-static-dev_4.3.0.dfsg.1-14sarge4_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxtst-dev_4.3.0.dfsg.1-14sarge4_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xfwp_4.3.0.dfsg.1-14sarge4_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/x-window-system-core_4.3.0.dfsg.1-14sarge4_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dbg_4.3.0.dfsg.1-14sarge4_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xdm_4.3.0.dfsg.1-14sarge4_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/x-window-system-core_4.3.0.dfsg.1-14sarge4_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu_4.3.0.dfsg.1-14sarge4_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxmuu-dev_4.3.0.dfsg.1-14sarge4_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxv1-dbg_4.3.0.dfsg.1-14sarge4_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxaw7_4.3.0.dfsg.1-14sarge4_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xmh_4.3.0.dfsg.1-14sarge4_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxpm-dev_4.3.0.dfsg.1-14sarge4_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/proxymngr_4.3.0.dfsg.1-14sarge4_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libice-dev_4.3.0.dfsg.1-14sarge4_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxft1-dbg_4.3.0.dfsg.1-14sarge3_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libice-dev_4.3.0.dfsg.1-14sarge4_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libice6-dbg_4.3.0.dfsg.1-14sarge4_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/x-window-system-core_4.3.0.dfsg.1-14sarge3_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libsm6_4.3.0.dfsg.1-14sarge4_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxv-dev_4.3.0.dfsg.1-14sarge4_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibs-static-dev_4.3.0.dfsg.1-14sarge4_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxmu6-dbg_4.3.0.dfsg.1-14sarge4_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xutils_4.3.0.dfsg.1-14sarge4_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxmu-dev_4.3.0.dfsg.1-14sarge4_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibs-static-pic_4.3.0.dfsg.1-14sarge4_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxtst6_4.3.0.dfsg.1-14sarge4_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxtst6-dbg_4.3.0.dfsg.1-14sarge4_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxpm4_4.3.0.dfsg.1-14sarge4_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dev_4.3.0.dfsg.1-14sarge4_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xfs_4.3.0.dfsg.1-14sarge4_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxv1-dbg_4.3.0.dfsg.1-14sarge4_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libice6-dbg_4.3.0.dfsg.1-14sarge4_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libdps1_4.3.0.dfsg.1-14sarge4_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxt6-dbg_4.3.0.dfsg.1-14sarge4_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxtrap6-dbg_4.3.0.dfsg.1-14sarge4_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxpm4_4.3.0.dfsg.1-14sarge4_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxmu-dev_4.3.0.dfsg.1-14sarge4_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xserver-common_4.3.0.dfsg.1-14sarge4_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libice-dev_4.3.0.dfsg.1-14sarge4_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xnest_4.3.0.dfsg.1-14sarge4_m68k.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxtrap6-dbg_4.3.0.dfsg.1-14sarge4_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxi-dev_4.3.0.dfsg.1-14sarge3_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxmuu1_4.3.0.dfsg.1-14sarge4_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxpm-dev_4.3.0.dfsg.1-14sarge4_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxt-dev_4.3.0.dfsg.1-14sarge4_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xbase-clients_4.3.0.dfsg.1-14sarge4_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xdm_4.3.0.dfsg.1-14sarge3_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxp-dev_4.3.0.dfsg.1-14sarge4_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xfonts-100dpi-transcoded_4.3.0.dfsg.1-14sarge4_all.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibosmesa4-dbg_4.3.0.dfsg.1-14sarge4_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxp6_4.3.0.dfsg.1-14sarge4_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxi6_4.3.0.dfsg.1-14sarge4_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxp6-dbg_4.3.0.dfsg.1-14sarge4_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libsm-dev_4.3.0.dfsg.1-14sarge4_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xmh_4.3.0.dfsg.1-14sarge3_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxft1-dbg_4.3.0.dfsg.1-14sarge4_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl-dev_4.3.0.dfsg.1-14sarge4_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libsm6-dbg_4.3.0.dfsg.1-14sarge4_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/x-window-system-dev_4.3.0.dfsg.1-14sarge4_m68k.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dbg_4.3.0.dfsg.1-14sarge4_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dev_4.3.0.dfsg.1-14sarge4_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/x-window-system-dev_4.3.0.dfsg.1-14sarge3_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dbg_4.3.0.dfsg.1-14sarge4_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxmu6-dbg_4.3.0.dfsg.1-14sarge4_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxaw7_4.3.0.dfsg.1-14sarge4_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxmuu1_4.3.0.dfsg.1-14sarge4_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibosmesa4-dbg_4.3.0.dfsg.1-14sarge4_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xutils_4.3.0.dfsg.1-14sarge4_m68k.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxp6_4.3.0.dfsg.1-14sarge4_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxmu6-dbg_4.3.0.dfsg.1-14sarge4_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl_4.3.0.dfsg.1-14sarge4_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-dri-dbg_4.3.0.dfsg.1-14sarge4_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxtst-dev_4.3.0.dfsg.1-14sarge4_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/proxymngr_4.3.0.dfsg.1-14sarge4_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl-dev_4.3.0.dfsg.1-14sarge4_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/twm_4.3.0.dfsg.1-14sarge4_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxt-dev_4.3.0.dfsg.1-14sarge4_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxt6-dbg_4.3.0.dfsg.1-14sarge4_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xmh_4.3.0.dfsg.1-14sarge4_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/x-window-system-dev_4.3.0.dfsg.1-14sarge4_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxi6_4.3.0.dfsg.1-14sarge4_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xfs_4.3.0.dfsg.1-14sarge4_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libdps-dev_4.3.0.dfsg.1-14sarge4_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxaw6_4.3.0.dfsg.1-14sarge4_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libx11-6_4.3.0.dfsg.1-14sarge4_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxmu6_4.3.0.dfsg.1-14sarge4_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxt6_4.3.0.dfsg.1-14sarge4_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxi6-dbg_4.3.0.dfsg.1-14sarge4_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxpm4-dbg_4.3.0.dfsg.1-14sarge4_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxft1-dbg_4.3.0.dfsg.1-14sarge4_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libx11-6-dbg_4.3.0.dfsg.1-14sarge4_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxtst6_4.3.0.dfsg.1-14sarge4_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xfs_4.3.0.dfsg.1-14sarge4_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu-dev_4.3.0.dfsg.1-14sarge4_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libsm6-dbg_4.3.0.dfsg.1-14sarge4_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibs-static-dev_4.3.0.dfsg.1-14sarge4_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxi6_4.3.0.dfsg.1-14sarge4_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xnest_4.3.0.dfsg.1-14sarge4_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxv1-dbg_4.3.0.dfsg.1-14sarge4_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libx11-6_4.3.0.dfsg.1-14sarge4_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/r/rdesktop/rdesktop_1.4.0-2sarge1_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libdps1_4.3.0.dfsg.1-14sarge4_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu-dbg_4.3.0.dfsg.1-14sarge4_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxtst-dev_4.3.0.dfsg.1-14sarge4_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxi6_4.3.0.dfsg.1-14sarge4_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/twm_4.3.0.dfsg.1-14sarge4_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxext6-dbg_4.3.0.dfsg.1-14sarge4_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxext6_4.3.0.dfsg.1-14sarge4_m68k.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu-dev_4.3.0.dfsg.1-14sarge4_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xutils_4.3.0.dfsg.1-14sarge4_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libx11-6-dbg_4.3.0.dfsg.1-14sarge3_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xserver-common_4.3.0.dfsg.1-14sarge4_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xfree86_4.3.0.dfsg.1-14sarge4.diff.gz"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxv1_4.3.0.dfsg.1-14sarge4_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxtst6_4.3.0.dfsg.1-14sarge4_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libx11-6-dbg_4.3.0.dfsg.1-14sarge4_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxtrap6-dbg_4.3.0.dfsg.1-14sarge4_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libdps1-dbg_4.3.0.dfsg.1-14sarge4_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxmuu1_4.3.0.dfsg.1-14sarge4_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxmuu1-dbg_4.3.0.dfsg.1-14sarge3_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxp6_4.3.0.dfsg.1-14sarge4_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/lbxproxy_4.3.0.dfsg.1-14sarge3_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libsm6_4.3.0.dfsg.1-14sarge4_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxt6-dbg_4.3.0.dfsg.1-14sarge4_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxtst-dev_4.3.0.dfsg.1-14sarge4_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxi6_4.3.0.dfsg.1-14sarge4_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libdps1-dbg_4.3.0.dfsg.1-14sarge4_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxi6-dbg_4.3.0.dfsg.1-14sarge4_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxext-dev_4.3.0.dfsg.1-14sarge4_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxp-dev_4.3.0.dfsg.1-14sarge4_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xutils_4.3.0.dfsg.1-14sarge4_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xmh_4.3.0.dfsg.1-14sarge4_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxp-dev_4.3.0.dfsg.1-14sarge4_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxi-dev_4.3.0.dfsg.1-14sarge4_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xutils_4.3.0.dfsg.1-14sarge3_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libdps-dev_4.3.0.dfsg.1-14sarge4_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libx11-6-dbg_4.3.0.dfsg.1-14sarge4_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xnest_4.3.0.dfsg.1-14sarge4_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxmu-dev_4.3.0.dfsg.1-14sarge4_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl_4.3.0.dfsg.1-14sarge4_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xdm_4.3.0.dfsg.1-14sarge4_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xfonts-75dpi_4.3.0.dfsg.1-14sarge4_all.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libx11-6_4.3.0.dfsg.1-14sarge4_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxmuu1_4.3.0.dfsg.1-14sarge4_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxrandr-dev_4.3.0.dfsg.1-14sarge3_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxmuu1-dbg_4.3.0.dfsg.1-14sarge4_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libsm-dev_4.3.0.dfsg.1-14sarge4_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xserver-xfree86-dbg_4.3.0.dfsg.1-14sarge4_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xterm_4.3.0.dfsg.1-14sarge4_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxtst-dev_4.3.0.dfsg.1-14sarge4_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxmuu-dev_4.3.0.dfsg.1-14sarge4_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibs-static-dev_4.3.0.dfsg.1-14sarge4_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xserver-xfree86_4.3.0.dfsg.1-14sarge4_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-dri_4.3.0.dfsg.1-14sarge3_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxft1_4.3.0.dfsg.1-14sarge4_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxtst6_4.3.0.dfsg.1-14sarge4_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxt6_4.3.0.dfsg.1-14sarge4_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxaw6_4.3.0.dfsg.1-14sarge4_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxp-dev_4.3.0.dfsg.1-14sarge4_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxv-dev_4.3.0.dfsg.1-14sarge4_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libx11-dev_4.3.0.dfsg.1-14sarge4_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xfwp_4.3.0.dfsg.1-14sarge4_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xdm_4.3.0.dfsg.1-14sarge4_m68k.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xmh_4.3.0.dfsg.1-14sarge4_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libx11-dev_4.3.0.dfsg.1-14sarge3_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibs_4.3.0.dfsg.1-14sarge4_all.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxp6-dbg_4.3.0.dfsg.1-14sarge4_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxmu6_4.3.0.dfsg.1-14sarge4_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxt6-dbg_4.3.0.dfsg.1-14sarge4_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xfonts-base-transcoded_4.3.0.dfsg.1-14sarge4_all.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libdps1-dbg_4.3.0.dfsg.1-14sarge4_m68k.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/lbxproxy_4.3.0.dfsg.1-14sarge4_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxpm4-dbg_4.3.0.dfsg.1-14sarge4_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libice6_4.3.0.dfsg.1-14sarge4_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxmuu1_4.3.0.dfsg.1-14sarge4_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxrandr-dev_4.3.0.dfsg.1-14sarge4_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libice-dev_4.3.0.dfsg.1-14sarge3_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu_4.3.0.dfsg.1-14sarge3_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxt6-dbg_4.3.0.dfsg.1-14sarge4_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/twm_4.3.0.dfsg.1-14sarge4_m68k.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxp6-dbg_4.3.0.dfsg.1-14sarge4_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxtst-dev_4.3.0.dfsg.1-14sarge4_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxrandr2_4.3.0.dfsg.1-14sarge4_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxmu-dev_4.3.0.dfsg.1-14sarge4_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxi6-dbg_4.3.0.dfsg.1-14sarge4_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxext-dev_4.3.0.dfsg.1-14sarge4_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxpm4-dbg_4.3.0.dfsg.1-14sarge3_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/r/rdesktop/rdesktop_1.4.0-2sarge1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xserver-xfree86-dbg_4.3.0.dfsg.1-14sarge4_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxtrap6_4.3.0.dfsg.1-14sarge4_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dbg_4.3.0.dfsg.1-14sarge4_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxft1-dbg_4.3.0.dfsg.1-14sarge4_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libice-dev_4.3.0.dfsg.1-14sarge4_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxmuu1-dbg_4.3.0.dfsg.1-14sarge4_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/x-window-system-core_4.3.0.dfsg.1-14sarge4_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxext6_4.3.0.dfsg.1-14sarge4_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxpm4_4.3.0.dfsg.1-14sarge4_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxtst-dev_4.3.0.dfsg.1-14sarge4_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxpm4-dbg_4.3.0.dfsg.1-14sarge4_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxpm-dev_4.3.0.dfsg.1-14sarge4_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dev_4.3.0.dfsg.1-14sarge4_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu-dbg_4.3.0.dfsg.1-14sarge4_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxv1_4.3.0.dfsg.1-14sarge4_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dbg_4.3.0.dfsg.1-14sarge4_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xserver-xfree86-dbg_4.3.0.dfsg.1-14sarge4_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/x-dev_4.3.0.dfsg.1-14sarge4_all.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxv1_4.3.0.dfsg.1-14sarge3_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-dri_4.3.0.dfsg.1-14sarge4_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxrandr2-dbg_4.3.0.dfsg.1-14sarge4_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxmu6_4.3.0.dfsg.1-14sarge4_m68k.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxext6_4.3.0.dfsg.1-14sarge4_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxrandr-dev_4.3.0.dfsg.1-14sarge4_m68k.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/r/rdesktop/rdesktop_1.4.0-2sarge1_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxv-dev_4.3.0.dfsg.1-14sarge4_m68k.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/x-window-system-dev_4.3.0.dfsg.1-14sarge4_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu-dbg_4.3.0.dfsg.1-14sarge4_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libice6_4.3.0.dfsg.1-14sarge4_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxext-dev_4.3.0.dfsg.1-14sarge4_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxrandr2-dbg_4.3.0.dfsg.1-14sarge4_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxv-dev_4.3.0.dfsg.1-14sarge4_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xnest_4.3.0.dfsg.1-14sarge4_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxmu6-dbg_4.3.0.dfsg.1-14sarge3_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libdps-dev_4.3.0.dfsg.1-14sarge3_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libice6_4.3.0.dfsg.1-14sarge4_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/twm_4.3.0.dfsg.1-14sarge4_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxaw7_4.3.0.dfsg.1-14sarge4_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxt-dev_4.3.0.dfsg.1-14sarge4_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxaw6_4.3.0.dfsg.1-14sarge4_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xbase-clients_4.3.0.dfsg.1-14sarge4_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxtst6-dbg_4.3.0.dfsg.1-14sarge4_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libdps-dev_4.3.0.dfsg.1-14sarge4_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu_4.3.0.dfsg.1-14sarge4_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libdps1-dbg_4.3.0.dfsg.1-14sarge4_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxmu-dev_4.3.0.dfsg.1-14sarge4_m68k.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xdm_4.3.0.dfsg.1-14sarge4_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dbg_4.3.0.dfsg.1-14sarge4_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libx11-6-dbg_4.3.0.dfsg.1-14sarge4_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxtrap6-dbg_4.3.0.dfsg.1-14sarge4_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxtst-dev_4.3.0.dfsg.1-14sarge3_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxmuu-dev_4.3.0.dfsg.1-14sarge4_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dev_4.3.0.dfsg.1-14sarge4_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libsm6-dbg_4.3.0.dfsg.1-14sarge4_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxt6_4.3.0.dfsg.1-14sarge4_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxtrap-dev_4.3.0.dfsg.1-14sarge4_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxv1_4.3.0.dfsg.1-14sarge4_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxt6_4.3.0.dfsg.1-14sarge4_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xfwp_4.3.0.dfsg.1-14sarge4_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libdps1-dbg_4.3.0.dfsg.1-14sarge3_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxrandr2_4.3.0.dfsg.1-14sarge4_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libdps-dev_4.3.0.dfsg.1-14sarge4_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxmu6_4.3.0.dfsg.1-14sarge4_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxmuu-dev_4.3.0.dfsg.1-14sarge4_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxext6-dbg_4.3.0.dfsg.1-14sarge4_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa3_4.3.0.dfsg.1-14sarge4_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xserver-common_4.3.0.dfsg.1-14sarge3_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxp-dev_4.3.0.dfsg.1-14sarge4_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxmu6-dbg_4.3.0.dfsg.1-14sarge4_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxext6_4.3.0.dfsg.1-14sarge4_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxt6_4.3.0.dfsg.1-14sarge4_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxv1_4.3.0.dfsg.1-14sarge4_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libsm6-dbg_4.3.0.dfsg.1-14sarge4_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu-dev_4.3.0.dfsg.1-14sarge4_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxtrap6-dbg_4.3.0.dfsg.1-14sarge3_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu-dev_4.3.0.dfsg.1-14sarge4_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxp6-dbg_4.3.0.dfsg.1-14sarge4_m68k.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xutils_4.3.0.dfsg.1-14sarge4_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libice6-dbg_4.3.0.dfsg.1-14sarge4_m68k.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxi6-dbg_4.3.0.dfsg.1-14sarge4_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxi6-dbg_4.3.0.dfsg.1-14sarge4_m68k.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxft1-dbg_4.3.0.dfsg.1-14sarge4_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxi-dev_4.3.0.dfsg.1-14sarge4_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxpm-dev_4.3.0.dfsg.1-14sarge4_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/proxymngr_4.3.0.dfsg.1-14sarge4_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xfree86_4.3.0.dfsg.1.orig.tar.gz"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa3_4.3.0.dfsg.1-14sarge4_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxrandr-dev_4.3.0.dfsg.1-14sarge4_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dev_4.3.0.dfsg.1-14sarge3_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxp6_4.3.0.dfsg.1-14sarge4_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libsm-dev_4.3.0.dfsg.1-14sarge4_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxft1_4.3.0.dfsg.1-14sarge4_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xterm_4.3.0.dfsg.1-14sarge3_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxext-dev_4.3.0.dfsg.1-14sarge4_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxmuu-dev_4.3.0.dfsg.1-14sarge4_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibs-static-pic_4.3.0.dfsg.1-14sarge4_m68k.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xvfb_4.3.0.dfsg.1-14sarge4_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibosmesa4-dbg_4.3.0.dfsg.1-14sarge4_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libx11-6-dbg_4.3.0.dfsg.1-14sarge4_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xvfb_4.3.0.dfsg.1-14sarge4_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxrandr2_4.3.0.dfsg.1-14sarge4_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/x-window-system-dev_4.3.0.dfsg.1-14sarge4_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxmuu-dev_4.3.0.dfsg.1-14sarge4_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxtst6-dbg_4.3.0.dfsg.1-14sarge4_m68k.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xmh_4.3.0.dfsg.1-14sarge4_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xmh_4.3.0.dfsg.1-14sarge4_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu_4.3.0.dfsg.1-14sarge4_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxft1-dbg_4.3.0.dfsg.1-14sarge4_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libx11-dev_4.3.0.dfsg.1-14sarge4_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxv-dev_4.3.0.dfsg.1-14sarge4_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxv1-dbg_4.3.0.dfsg.1-14sarge4_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xfs_4.3.0.dfsg.1-14sarge4_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibs-static-pic_4.3.0.dfsg.1-14sarge4_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xserver-xfree86-dbg_4.3.0.dfsg.1-14sarge4_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xmh_4.3.0.dfsg.1-14sarge4_m68k.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxpm-dev_4.3.0.dfsg.1-14sarge4_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libdps1_4.3.0.dfsg.1-14sarge4_m68k.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxtrap-dev_4.3.0.dfsg.1-14sarge4_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libice-dev_4.3.0.dfsg.1-14sarge4_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxtst6-dbg_4.3.0.dfsg.1-14sarge3_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-dri_4.3.0.dfsg.1-14sarge4_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/lbxproxy_4.3.0.dfsg.1-14sarge4_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxaw7_4.3.0.dfsg.1-14sarge4_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxmu6_4.3.0.dfsg.1-14sarge4_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa3_4.3.0.dfsg.1-14sarge4_m68k.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxpm4_4.3.0.dfsg.1-14sarge3_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xserver-xfree86-dbg_4.3.0.dfsg.1-14sarge4_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibs-static-pic_4.3.0.dfsg.1-14sarge4_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxmuu1-dbg_4.3.0.dfsg.1-14sarge4_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl_4.3.0.dfsg.1-14sarge4_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxi6_4.3.0.dfsg.1-14sarge4_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxt6-dbg_4.3.0.dfsg.1-14sarge4_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dev_4.3.0.dfsg.1-14sarge4_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxi6-dbg_4.3.0.dfsg.1-14sarge4_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxaw6_4.3.0.dfsg.1-14sarge3_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxtrap-dev_4.3.0.dfsg.1-14sarge4_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxmu6_4.3.0.dfsg.1-14sarge4_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl-dbg_4.3.0.dfsg.1-14sarge4_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxtst6_4.3.0.dfsg.1-14sarge4_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu-dev_4.3.0.dfsg.1-14sarge4_m68k.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libsm6_4.3.0.dfsg.1-14sarge4_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dev_4.3.0.dfsg.1-14sarge4_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxtrap6_4.3.0.dfsg.1-14sarge4_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libice6-dbg_4.3.0.dfsg.1-14sarge4_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xserver-xfree86-dbg_4.3.0.dfsg.1-14sarge4_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxrandr2-dbg_4.3.0.dfsg.1-14sarge4_m68k.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libsm6-dbg_4.3.0.dfsg.1-14sarge3_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxtrap-dev_4.3.0.dfsg.1-14sarge4_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibs-static-pic_4.3.0.dfsg.1-14sarge4_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxp6-dbg_4.3.0.dfsg.1-14sarge4_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxmuu1_4.3.0.dfsg.1-14sarge4_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libx11-dev_4.3.0.dfsg.1-14sarge4_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/r/rdesktop/rdesktop_1.4.0.orig.tar.gz"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxrandr-dev_4.3.0.dfsg.1-14sarge4_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dev_4.3.0.dfsg.1-14sarge4_m68k.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xfs_4.3.0.dfsg.1-14sarge4_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libice6_4.3.0.dfsg.1-14sarge4_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxpm-dev_4.3.0.dfsg.1-14sarge4_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/proxymngr_4.3.0.dfsg.1-14sarge4_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibosmesa4_4.3.0.dfsg.1-14sarge4_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xfs_4.3.0.dfsg.1-14sarge4_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxpm-dev_4.3.0.dfsg.1-14sarge4_m68k.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxaw6_4.3.0.dfsg.1-14sarge4_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dbg_4.3.0.dfsg.1-14sarge3_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dev_4.3.0.dfsg.1-14sarge4_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libice6_4.3.0.dfsg.1-14sarge4_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/twm_4.3.0.dfsg.1-14sarge4_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libdps-dev_4.3.0.dfsg.1-14sarge4_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxrandr2_4.3.0.dfsg.1-14sarge4_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibs-static-dev_4.3.0.dfsg.1-14sarge4_m68k.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxpm4-dbg_4.3.0.dfsg.1-14sarge4_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxext-dev_4.3.0.dfsg.1-14sarge4_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxft1_4.3.0.dfsg.1-14sarge4_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dbg_4.3.0.dfsg.1-14sarge4_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libsm6_4.3.0.dfsg.1-14sarge4_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libdps1_4.3.0.dfsg.1-14sarge3_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxrandr2_4.3.0.dfsg.1-14sarge4_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xmh_4.3.0.dfsg.1-14sarge4_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxv1_4.3.0.dfsg.1-14sarge4_m68k.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxt-dev_4.3.0.dfsg.1-14sarge4_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxtrap6_4.3.0.dfsg.1-14sarge4_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxtrap6_4.3.0.dfsg.1-14sarge4_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxp6-dbg_4.3.0.dfsg.1-14sarge4_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxp-dev_4.3.0.dfsg.1-14sarge4_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/proxymngr_4.3.0.dfsg.1-14sarge4_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxft1_4.3.0.dfsg.1-14sarge3_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xbase-clients_4.3.0.dfsg.1-14sarge4_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/proxymngr_4.3.0.dfsg.1-14sarge4_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xbase-clients_4.3.0.dfsg.1-14sarge4_m68k.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libx11-dev_4.3.0.dfsg.1-14sarge4_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxaw7_4.3.0.dfsg.1-14sarge4_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xserver-xfree86_4.3.0.dfsg.1-14sarge3_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxt-dev_4.3.0.dfsg.1-14sarge4_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xfwp_4.3.0.dfsg.1-14sarge4_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libdps1_4.3.0.dfsg.1-14sarge4_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa3_4.3.0.dfsg.1-14sarge4_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxi-dev_4.3.0.dfsg.1-14sarge4_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxv1-dbg_4.3.0.dfsg.1-14sarge4_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xserver-xfree86_4.3.0.dfsg.1-14sarge4_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xfs_4.3.0.dfsg.1-14sarge4_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxtst6_4.3.0.dfsg.1-14sarge3_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxt6_4.3.0.dfsg.1-14sarge4_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxv1-dbg_4.3.0.dfsg.1-14sarge4_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xmh_4.3.0.dfsg.1-14sarge4_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibs-static-pic_4.3.0.dfsg.1-14sarge4_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/lbxproxy_4.3.0.dfsg.1-14sarge4_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxft1-dbg_4.3.0.dfsg.1-14sarge4_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dev_4.3.0.dfsg.1-14sarge4_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-dri_4.3.0.dfsg.1-14sarge4_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dev_4.3.0.dfsg.1-14sarge4_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libx11-6_4.3.0.dfsg.1-14sarge4_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/x-window-system-core_4.3.0.dfsg.1-14sarge4_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxmu6-dbg_4.3.0.dfsg.1-14sarge4_m68k.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libsm-dev_4.3.0.dfsg.1-14sarge4_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libsm6-dbg_4.3.0.dfsg.1-14sarge4_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xterm_4.3.0.dfsg.1-14sarge4_m68k.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libx11-6-dbg_4.3.0.dfsg.1-14sarge4_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxv1-dbg_4.3.0.dfsg.1-14sarge4_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libx11-6-dbg_4.3.0.dfsg.1-14sarge4_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/twm_4.3.0.dfsg.1-14sarge3_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxrandr-dev_4.3.0.dfsg.1-14sarge4_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl-dbg_4.3.0.dfsg.1-14sarge4_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xserver-xfree86_4.3.0.dfsg.1-14sarge4_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xvfb_4.3.0.dfsg.1-14sarge4_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libdps1-dbg_4.3.0.dfsg.1-14sarge4_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xnest_4.3.0.dfsg.1-14sarge4_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxaw7_4.3.0.dfsg.1-14sarge4_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxpm-dev_4.3.0.dfsg.1-14sarge4_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxmuu1-dbg_4.3.0.dfsg.1-14sarge4_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxv1_4.3.0.dfsg.1-14sarge4_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxaw6_4.3.0.dfsg.1-14sarge4_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/r/rdesktop/rdesktop_1.4.0-2sarge1_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu-dev_4.3.0.dfsg.1-14sarge4_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/lbxproxy_4.3.0.dfsg.1-14sarge4_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libice6_4.3.0.dfsg.1-14sarge4_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxtst6-dbg_4.3.0.dfsg.1-14sarge4_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxrandr2-dbg_4.3.0.dfsg.1-14sarge3_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xdm_4.3.0.dfsg.1-14sarge4_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxpm4_4.3.0.dfsg.1-14sarge4_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxaw6_4.3.0.dfsg.1-14sarge4_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xterm_4.3.0.dfsg.1-14sarge4_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/lbxproxy_4.3.0.dfsg.1-14sarge4_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-dev_4.3.0.dfsg.1-14sarge4_all.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xfwp_4.3.0.dfsg.1-14sarge4_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxmu-dev_4.3.0.dfsg.1-14sarge4_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libsm6_4.3.0.dfsg.1-14sarge4_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxaw6_4.3.0.dfsg.1-14sarge4_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxft1_4.3.0.dfsg.1-14sarge4_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxmu6-dbg_4.3.0.dfsg.1-14sarge4_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl-dev_4.3.0.dfsg.1-14sarge4_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxp-dev_4.3.0.dfsg.1-14sarge4_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libsm6-dbg_4.3.0.dfsg.1-14sarge4_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dbg_4.3.0.dfsg.1-14sarge4_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xutils_4.3.0.dfsg.1-14sarge4_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu-dbg_4.3.0.dfsg.1-14sarge4_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-dri-dbg_4.3.0.dfsg.1-14sarge4_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dev_4.3.0.dfsg.1-14sarge4_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libsm6_4.3.0.dfsg.1-14sarge4_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxmuu1-dbg_4.3.0.dfsg.1-14sarge4_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxmu-dev_4.3.0.dfsg.1-14sarge3_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xvfb_4.3.0.dfsg.1-14sarge3_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/twm_4.3.0.dfsg.1-14sarge4_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxext6_4.3.0.dfsg.1-14sarge4_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxrandr2-dbg_4.3.0.dfsg.1-14sarge4_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxext6-dbg_4.3.0.dfsg.1-14sarge4_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxtrap6-dbg_4.3.0.dfsg.1-14sarge4_m68k.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xserver-xfree86_4.3.0.dfsg.1-14sarge4_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxpm4-dbg_4.3.0.dfsg.1-14sarge4_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libx11-6_4.3.0.dfsg.1-14sarge4_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxpm4_4.3.0.dfsg.1-14sarge4_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxv1-dbg_4.3.0.dfsg.1-14sarge4_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxft1-dbg_4.3.0.dfsg.1-14sarge4_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xnest_4.3.0.dfsg.1-14sarge4_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libdps-dev_4.3.0.dfsg.1-14sarge4_m68k.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dbg_4.3.0.dfsg.1-14sarge4_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxmu-dev_4.3.0.dfsg.1-14sarge4_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl-dev_4.3.0.dfsg.1-14sarge3_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libdps1-dbg_4.3.0.dfsg.1-14sarge4_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxaw6_4.3.0.dfsg.1-14sarge4_m68k.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libdps1-dbg_4.3.0.dfsg.1-14sarge4_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibs-static-dev_4.3.0.dfsg.1-14sarge3_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibosmesa4_4.3.0.dfsg.1-14sarge4_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxtst6-dbg_4.3.0.dfsg.1-14sarge4_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxi-dev_4.3.0.dfsg.1-14sarge4_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl_4.3.0.dfsg.1-14sarge4_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxv-dev_4.3.0.dfsg.1-14sarge4_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libdps1_4.3.0.dfsg.1-14sarge4_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxtrap6_4.3.0.dfsg.1-14sarge4_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/lbxproxy_4.3.0.dfsg.1-14sarge4_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxtst6_4.3.0.dfsg.1-14sarge4_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libsm6_4.3.0.dfsg.1-14sarge4_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxv1_4.3.0.dfsg.1-14sarge4_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxft1_4.3.0.dfsg.1-14sarge4_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxrandr2-dbg_4.3.0.dfsg.1-14sarge4_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xserver-xfree86-dbg_4.3.0.dfsg.1-14sarge4_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl_4.3.0.dfsg.1-14sarge3_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libice6-dbg_4.3.0.dfsg.1-14sarge4_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxt6-dbg_4.3.0.dfsg.1-14sarge4_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libx11-6_4.3.0.dfsg.1-14sarge4_m68k.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/x-window-system-dev_4.3.0.dfsg.1-14sarge4_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl-dev_4.3.0.dfsg.1-14sarge4_m68k.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu-dbg_4.3.0.dfsg.1-14sarge4_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/x-window-system-dev_4.3.0.dfsg.1-14sarge4_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxt6_4.3.0.dfsg.1-14sarge3_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxpm4_4.3.0.dfsg.1-14sarge4_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xvfb_4.3.0.dfsg.1-14sarge4_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxmuu-dev_4.3.0.dfsg.1-14sarge4_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxtst-dev_4.3.0.dfsg.1-14sarge4_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu_4.3.0.dfsg.1-14sarge4_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxmuu1-dbg_4.3.0.dfsg.1-14sarge4_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxmuu-dev_4.3.0.dfsg.1-14sarge4_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxtrap-dev_4.3.0.dfsg.1-14sarge3_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxpm-dev_4.3.0.dfsg.1-14sarge4_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dbg_4.3.0.dfsg.1-14sarge4_m68k.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxext6_4.3.0.dfsg.1-14sarge4_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libdps-dev_4.3.0.dfsg.1-14sarge4_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxtst6-dbg_4.3.0.dfsg.1-14sarge4_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxp-dev_4.3.0.dfsg.1-14sarge3_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxtrap6-dbg_4.3.0.dfsg.1-14sarge4_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libx11-dev_4.3.0.dfsg.1-14sarge4_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxrandr2-dbg_4.3.0.dfsg.1-14sarge4_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dbg_4.3.0.dfsg.1-14sarge4_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxft1-dbg_4.3.0.dfsg.1-14sarge4_m68k.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xfs_4.3.0.dfsg.1-14sarge4_m68k.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/twm_4.3.0.dfsg.1-14sarge4_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu_4.3.0.dfsg.1-14sarge4_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/x-window-system-core_4.3.0.dfsg.1-14sarge4_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libsm-dev_4.3.0.dfsg.1-14sarge4_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibs-dev_4.3.0.dfsg.1-14sarge4_all.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxtst6_4.3.0.dfsg.1-14sarge4_m68k.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/r/rdesktop/rdesktop_1.4.0-2sarge1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libice6_4.3.0.dfsg.1-14sarge4_m68k.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxaw7_4.3.0.dfsg.1-14sarge3_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa3_4.3.0.dfsg.1-14sarge3_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libdps1_4.3.0.dfsg.1-14sarge4_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxv1_4.3.0.dfsg.1-14sarge4_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xdm_4.3.0.dfsg.1-14sarge4_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libice6_4.3.0.dfsg.1-14sarge4_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl_4.3.0.dfsg.1-14sarge4_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libdps-dev_4.3.0.dfsg.1-14sarge4_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibs-static-pic_4.3.0.dfsg.1-14sarge4_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxpm4_4.3.0.dfsg.1-14sarge4_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxtrap6_4.3.0.dfsg.1-14sarge4_m68k.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxp6-dbg_4.3.0.dfsg.1-14sarge4_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxaw7_4.3.0.dfsg.1-14sarge4_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/twm_4.3.0.dfsg.1-14sarge4_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxv-dev_4.3.0.dfsg.1-14sarge4_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libdps1-dbg_4.3.0.dfsg.1-14sarge4_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libx11-6_4.3.0.dfsg.1-14sarge4_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxt6_4.3.0.dfsg.1-14sarge4_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxi-dev_4.3.0.dfsg.1-14sarge4_m68k.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxi-dev_4.3.0.dfsg.1-14sarge4_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu-dbg_4.3.0.dfsg.1-14sarge4_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxrandr-dev_4.3.0.dfsg.1-14sarge4_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl-dev_4.3.0.dfsg.1-14sarge4_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xdm_4.3.0.dfsg.1-14sarge4_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xfwp_4.3.0.dfsg.1-14sarge4_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/x-window-system-dev_4.3.0.dfsg.1-14sarge4_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxt-dev_4.3.0.dfsg.1-14sarge4_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xfwp_4.3.0.dfsg.1-14sarge4_m68k.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxtst-dev_4.3.0.dfsg.1-14sarge4_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxt6_4.3.0.dfsg.1-14sarge4_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxmu6-dbg_4.3.0.dfsg.1-14sarge4_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxp6_4.3.0.dfsg.1-14sarge4_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libice-dev_4.3.0.dfsg.1-14sarge4_m68k.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xbase-clients_4.3.0.dfsg.1-14sarge4_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxp6_4.3.0.dfsg.1-14sarge4_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl-dev_4.3.0.dfsg.1-14sarge4_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libice-dev_4.3.0.dfsg.1-14sarge4_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libice6-dbg_4.3.0.dfsg.1-14sarge4_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxtrap-dev_4.3.0.dfsg.1-14sarge4_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibs-pic_4.3.0.dfsg.1-14sarge4_all.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xterm_4.3.0.dfsg.1-14sarge4_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xfree86_4.3.0.dfsg.1-14sarge4.dsc"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xnest_4.3.0.dfsg.1-14sarge4_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xserver-xfree86_4.3.0.dfsg.1-14sarge4_m68k.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxp6-dbg_4.3.0.dfsg.1-14sarge4_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibosmesa-dev_4.3.0.dfsg.1-14sarge4_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxt-dev_4.3.0.dfsg.1-14sarge4_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xfs_4.3.0.dfsg.1-14sarge3_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xserver-common_4.3.0.dfsg.1-14sarge4_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xnest_4.3.0.dfsg.1-14sarge3_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxmu-dev_4.3.0.dfsg.1-14sarge4_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxv-dev_4.3.0.dfsg.1-14sarge3_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxmuu1_4.3.0.dfsg.1-14sarge3_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dbg_4.3.0.dfsg.1-14sarge4_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libdps1_4.3.0.dfsg.1-14sarge4_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dev_4.3.0.dfsg.1-14sarge4_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libdps1-dbg_4.3.0.dfsg.1-14sarge4_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libdps1_4.3.0.dfsg.1-14sarge4_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxtrap6-dbg_4.3.0.dfsg.1-14sarge4_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xfree86-common_4.3.0.dfsg.1-14sarge4_all.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxi-dev_4.3.0.dfsg.1-14sarge4_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl_4.3.0.dfsg.1-14sarge4_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xvfb_4.3.0.dfsg.1-14sarge4_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxft1_4.3.0.dfsg.1-14sarge4_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxt-dev_4.3.0.dfsg.1-14sarge4_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxtst6-dbg_4.3.0.dfsg.1-14sarge4_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxtst-dev_4.3.0.dfsg.1-14sarge4_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/proxymngr_4.3.0.dfsg.1-14sarge3_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxrandr-dev_4.3.0.dfsg.1-14sarge4_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libsm6_4.3.0.dfsg.1-14sarge4_m68k.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxext6_4.3.0.dfsg.1-14sarge4_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu-dev_4.3.0.dfsg.1-14sarge4_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxext6-dbg_4.3.0.dfsg.1-14sarge4_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxext6_4.3.0.dfsg.1-14sarge4_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxp6_4.3.0.dfsg.1-14sarge4_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxtrap6_4.3.0.dfsg.1-14sarge4_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxi6_4.3.0.dfsg.1-14sarge4_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xdm_4.3.0.dfsg.1-14sarge4_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxpm-dev_4.3.0.dfsg.1-14sarge3_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xbase-clients_4.3.0.dfsg.1-14sarge4_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dev_4.3.0.dfsg.1-14sarge4_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-dri-dbg_4.3.0.dfsg.1-14sarge4_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibosmesa-dev_4.3.0.dfsg.1-14sarge4_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl-dbg_4.3.0.dfsg.1-14sarge3_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxi6_4.3.0.dfsg.1-14sarge3_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu-dbg_4.3.0.dfsg.1-14sarge4_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libx11-6-dbg_4.3.0.dfsg.1-14sarge4_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxft1_4.3.0.dfsg.1-14sarge4_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libice6_4.3.0.dfsg.1-14sarge4_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/x-window-system-core_4.3.0.dfsg.1-14sarge4_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xspecs_4.3.0.dfsg.1-14sarge4_all.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl_4.3.0.dfsg.1-14sarge4_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-dri-dbg_4.3.0.dfsg.1-14sarge3_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxi-dev_4.3.0.dfsg.1-14sarge4_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibs-static-dev_4.3.0.dfsg.1-14sarge4_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxaw7_4.3.0.dfsg.1-14sarge4_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxtst6-dbg_4.3.0.dfsg.1-14sarge4_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxmuu1-dbg_4.3.0.dfsg.1-14sarge4_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xutils_4.3.0.dfsg.1-14sarge4_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libx11-6-dbg_4.3.0.dfsg.1-14sarge4_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl-dev_4.3.0.dfsg.1-14sarge4_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xutils_4.3.0.dfsg.1-14sarge4_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibosmesa-dev_4.3.0.dfsg.1-14sarge4_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibosmesa-dev_4.3.0.dfsg.1-14sarge3_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xfs_4.3.0.dfsg.1-14sarge4_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xterm_4.3.0.dfsg.1-14sarge4_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxmu6-dbg_4.3.0.dfsg.1-14sarge4_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libx11-6_4.3.0.dfsg.1-14sarge4_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxmu6-dbg_4.3.0.dfsg.1-14sarge4_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dev_4.3.0.dfsg.1-14sarge4_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa3_4.3.0.dfsg.1-14sarge4_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu-dev_4.3.0.dfsg.1-14sarge4_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-dri-dbg_4.3.0.dfsg.1-14sarge4_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxtrap-dev_4.3.0.dfsg.1-14sarge4_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxmu6_4.3.0.dfsg.1-14sarge4_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xbase-clients_4.3.0.dfsg.1-14sarge4_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/r/rdesktop/rdesktop_1.4.0-2sarge1_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxmuu1_4.3.0.dfsg.1-14sarge4_m68k.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xserver-common_4.3.0.dfsg.1-14sarge4_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/r/rdesktop/rdesktop_1.4.0-2sarge1_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl-dbg_4.3.0.dfsg.1-14sarge4_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libsm-dev_4.3.0.dfsg.1-14sarge4_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libdps1_4.3.0.dfsg.1-14sarge4_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxv1-dbg_4.3.0.dfsg.1-14sarge3_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibosmesa4_4.3.0.dfsg.1-14sarge4_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl_4.3.0.dfsg.1-14sarge4_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxtrap-dev_4.3.0.dfsg.1-14sarge4_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xnest_4.3.0.dfsg.1-14sarge4_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxmu6-dbg_4.3.0.dfsg.1-14sarge4_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxt6-dbg_4.3.0.dfsg.1-14sarge3_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xutils_4.3.0.dfsg.1-14sarge4_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxrandr2_4.3.0.dfsg.1-14sarge4_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xserver-common_4.3.0.dfsg.1-14sarge4_m68k.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xserver-xfree86_4.3.0.dfsg.1-14sarge4_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxmuu-dev_4.3.0.dfsg.1-14sarge4_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxi6-dbg_4.3.0.dfsg.1-14sarge3_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl_4.3.0.dfsg.1-14sarge4_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxv1_4.3.0.dfsg.1-14sarge4_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxmu6_4.3.0.dfsg.1-14sarge4_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/lbxproxy_4.3.0.dfsg.1-14sarge4_m68k.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/proxymngr_4.3.0.dfsg.1-14sarge4_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xserver-xfree86_4.3.0.dfsg.1-14sarge4_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libx11-dev_4.3.0.dfsg.1-14sarge4_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libice6_4.3.0.dfsg.1-14sarge4_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxmu-dev_4.3.0.dfsg.1-14sarge4_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxmu6_4.3.0.dfsg.1-14sarge3_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa3_4.3.0.dfsg.1-14sarge4_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxext6-dbg_4.3.0.dfsg.1-14sarge4_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xterm_4.3.0.dfsg.1-14sarge4_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libdps-dev_4.3.0.dfsg.1-14sarge4_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xmh_4.3.0.dfsg.1-14sarge4_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxaw7_4.3.0.dfsg.1-14sarge4_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dbg_4.3.0.dfsg.1-14sarge4_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xdm_4.3.0.dfsg.1-14sarge4_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl-dev_4.3.0.dfsg.1-14sarge4_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dev_4.3.0.dfsg.1-14sarge4_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxpm4-dbg_4.3.0.dfsg.1-14sarge4_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxext-dev_4.3.0.dfsg.1-14sarge4_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxi6-dbg_4.3.0.dfsg.1-14sarge4_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libsm-dev_4.3.0.dfsg.1-14sarge4_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa3_4.3.0.dfsg.1-14sarge4_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxtrap6_4.3.0.dfsg.1-14sarge4_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxp-dev_4.3.0.dfsg.1-14sarge4_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxi6_4.3.0.dfsg.1-14sarge4_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxext-dev_4.3.0.dfsg.1-14sarge4_m68k.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxmu6_4.3.0.dfsg.1-14sarge4_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxmuu-dev_4.3.0.dfsg.1-14sarge3_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xvfb_4.3.0.dfsg.1-14sarge4_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxft1-dbg_4.3.0.dfsg.1-14sarge4_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxtst6_4.3.0.dfsg.1-14sarge4_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libice6-dbg_4.3.0.dfsg.1-14sarge4_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libx11-6_4.3.0.dfsg.1-14sarge3_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/x-window-system-core_4.3.0.dfsg.1-14sarge4_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxpm-dev_4.3.0.dfsg.1-14sarge4_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xmh_4.3.0.dfsg.1-14sarge4_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxext-dev_4.3.0.dfsg.1-14sarge4_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxv-dev_4.3.0.dfsg.1-14sarge4_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xserver-common_4.3.0.dfsg.1-14sarge4_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xserver-xfree86-dbg_4.3.0.dfsg.1-14sarge3_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dev_4.3.0.dfsg.1-14sarge3_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl-dev_4.3.0.dfsg.1-14sarge4_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xbase-clients_4.3.0.dfsg.1-14sarge4_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libice6-dbg_4.3.0.dfsg.1-14sarge3_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxrandr2-dbg_4.3.0.dfsg.1-14sarge4_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dbg_4.3.0.dfsg.1-14sarge4_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxmuu1_4.3.0.dfsg.1-14sarge4_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/libxpm-dev_4.3.0.dfsg.1-14sarge4_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xserver-common_4.3.0.dfsg.1-14sarge4_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl-dev_4.3.0.dfsg.1-14sarge4_arm.deb"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-24713"
},
{
"db": "VULMON",
"id": "CVE-2007-1351"
},
{
"db": "BID",
"id": "23402"
},
{
"db": "PACKETSTORM",
"id": "62369"
},
{
"db": "PACKETSTORM",
"id": "55838"
},
{
"db": "PACKETSTORM",
"id": "55671"
},
{
"db": "PACKETSTORM",
"id": "55673"
},
{
"db": "PACKETSTORM",
"id": "55672"
},
{
"db": "PACKETSTORM",
"id": "56851"
},
{
"db": "CNNVD",
"id": "CNNVD-200704-102"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-000252"
},
{
"db": "NVD",
"id": "CVE-2007-1351"
}
]
},
"sources": {
"_id": null,
"data": [
{
"db": "VULHUB",
"id": "VHN-24713",
"ident": null
},
{
"db": "VULMON",
"id": "CVE-2007-1351",
"ident": null
},
{
"db": "BID",
"id": "23402",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "62369",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "55838",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "55671",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "55673",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "55672",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "56851",
"ident": null
},
{
"db": "CNNVD",
"id": "CNNVD-200704-102",
"ident": null
},
{
"db": "JVNDB",
"id": "JVNDB-2007-000252",
"ident": null
},
{
"db": "NVD",
"id": "CVE-2007-1351",
"ident": null
}
]
},
"sources_release_date": {
"_id": null,
"data": [
{
"date": "2007-04-06T00:00:00",
"db": "VULHUB",
"id": "VHN-24713",
"ident": null
},
{
"date": "2007-04-06T00:00:00",
"db": "VULMON",
"id": "CVE-2007-1351",
"ident": null
},
{
"date": "2007-04-10T00:00:00",
"db": "BID",
"id": "23402",
"ident": null
},
{
"date": "2008-01-07T19:39:25",
"db": "PACKETSTORM",
"id": "62369",
"ident": null
},
{
"date": "2007-04-11T04:53:11",
"db": "PACKETSTORM",
"id": "55838",
"ident": null
},
{
"date": "2007-04-05T06:46:54",
"db": "PACKETSTORM",
"id": "55671",
"ident": null
},
{
"date": "2007-04-05T06:50:57",
"db": "PACKETSTORM",
"id": "55673",
"ident": null
},
{
"date": "2007-04-05T06:50:16",
"db": "PACKETSTORM",
"id": "55672",
"ident": null
},
{
"date": "2007-05-21T03:53:03",
"db": "PACKETSTORM",
"id": "56851",
"ident": null
},
{
"date": "2007-04-05T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200704-102",
"ident": null
},
{
"date": "2007-05-09T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2007-000252",
"ident": null
},
{
"date": "2007-04-06T01:19:00",
"db": "NVD",
"id": "CVE-2007-1351",
"ident": null
}
]
},
"sources_update_date": {
"_id": null,
"data": [
{
"date": "2018-10-16T00:00:00",
"db": "VULHUB",
"id": "VHN-24713",
"ident": null
},
{
"date": "2018-10-16T00:00:00",
"db": "VULMON",
"id": "CVE-2007-1351",
"ident": null
},
{
"date": "2007-05-10T15:49:00",
"db": "BID",
"id": "23402",
"ident": null
},
{
"date": "2009-08-19T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200704-102",
"ident": null
},
{
"date": "2009-03-12T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2007-000252",
"ident": null
},
{
"date": "2025-04-09T00:30:58.490000",
"db": "NVD",
"id": "CVE-2007-1351",
"ident": null
}
]
},
"threat_type": {
"_id": null,
"data": "local",
"sources": [
{
"db": "BID",
"id": "23402"
},
{
"db": "PACKETSTORM",
"id": "55838"
},
{
"db": "PACKETSTORM",
"id": "55673"
},
{
"db": "PACKETSTORM",
"id": "55672"
}
],
"trust": 0.6
},
"title": {
"_id": null,
"data": "X.Org and XFree86 of libfont Integer overflow vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2007-000252"
}
],
"trust": 0.8
},
"type": {
"_id": null,
"data": "digital error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200704-102"
}
],
"trust": 0.6
}
}
VAR-201506-0266
Vulnerability from variot - Updated: 2026-04-10 22:24Algorithmic complexity vulnerability in the multipart_buffer_headers function in main/rfc1867.c in PHP before 5.4.41, 5.5.x before 5.5.25, and 5.6.x before 5.6.9 allows remote attackers to cause a denial of service (CPU consumption) via crafted form data that triggers an improper order-of-growth outcome. PHP is prone to a remote denial-of-service vulnerability. Successful exploitation of the issue will cause excessive CPU resource consumption, resulting in a denial-of-service condition. PHP (PHP: Hypertext Preprocessor, PHP: Hypertext Preprocessor) is an open source general-purpose computer scripting language jointly maintained by the PHP Group and the open source community. The language is mainly used for Web development and supports a variety of databases and operating systems. An algorithmic complexity vulnerability exists in the 'multipart_buffer_headers' function in PHP's main/rfc1867.c file. The following versions are affected: PHP prior to 5.4.41, 5.5.x prior to 5.5.25, and 5.6.x prior to 5.6.9. 6) - i386, x86_64
- (CVE-2014-9709)
A double free flaw was found in zend_ts_hash_graceful_destroy() function in the PHP ZTS module. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
===================================================================== Red Hat Security Advisory
Synopsis: Important: php security and bug fix update Advisory ID: RHSA-2015:1135-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2015-1135.html Issue date: 2015-06-23 CVE Names: CVE-2014-8142 CVE-2014-9652 CVE-2014-9705 CVE-2014-9709 CVE-2015-0231 CVE-2015-0232 CVE-2015-0273 CVE-2015-2301 CVE-2015-2348 CVE-2015-2783 CVE-2015-2787 CVE-2015-3307 CVE-2015-3329 CVE-2015-3330 CVE-2015-3411 CVE-2015-3412 CVE-2015-4021 CVE-2015-4022 CVE-2015-4024 CVE-2015-4025 CVE-2015-4026 CVE-2015-4147 CVE-2015-4148 CVE-2015-4598 CVE-2015-4599 CVE-2015-4600 CVE-2015-4601 CVE-2015-4602 CVE-2015-4603 CVE-2015-4604 CVE-2015-4605 =====================================================================
- Summary:
Updated php packages that fix multiple security issues and several bugs are now available for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.
- Relevant releases/architectures:
Red Hat Enterprise Linux Client Optional (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64 Red Hat Enterprise Linux Server (v. 7) - ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 7) - ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 7) - x86_64 Red Hat Enterprise Linux Workstation Optional (v. 7) - x86_64
- Description:
PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server.
A flaw was found in the way the PHP module for the Apache httpd web server handled pipelined requests. A remote attacker could use this flaw to trigger the execution of a PHP script in a deinitialized interpreter, causing it to crash or, possibly, execute arbitrary code. (CVE-2015-3330)
A flaw was found in the way PHP parsed multipart HTTP POST requests. A specially crafted request could cause PHP to use an excessive amount of CPU time. (CVE-2015-4024)
An uninitialized pointer use flaw was found in PHP's Exif extension. A specially crafted JPEG or TIFF file could cause a PHP application using the exif_read_data() function to crash or, possibly, execute arbitrary code with the privileges of the user running that PHP application. (CVE-2015-0232)
An integer overflow flaw leading to a heap-based buffer overflow was found in the way PHP's FTP extension parsed file listing FTP server responses. A malicious FTP server could use this flaw to cause a PHP application to crash or, possibly, execute arbitrary code. (CVE-2015-4022)
Multiple flaws were discovered in the way PHP performed object unserialization. Specially crafted input processed by the unserialize() function could cause a PHP application to crash or, possibly, execute arbitrary code. (CVE-2014-8142, CVE-2015-0231, CVE-2015-0273, CVE-2015-2787, CVE-2015-4147, CVE-2015-4148, CVE-2015-4599, CVE-2015-4600, CVE-2015-4601, CVE-2015-4602, CVE-2015-4603)
It was found that certain PHP functions did not properly handle file names containing a NULL character. A remote attacker could possibly use this flaw to make a PHP script access unexpected files and bypass intended file system access restrictions. (CVE-2015-2348, CVE-2015-4025, CVE-2015-4026, CVE-2015-3411, CVE-2015-3412, CVE-2015-4598)
Multiple flaws were found in the way the way PHP's Phar extension parsed Phar archives. A specially crafted archive could cause PHP to crash or, possibly, execute arbitrary code when opened. (CVE-2015-2301, CVE-2015-2783, CVE-2015-3307, CVE-2015-3329, CVE-2015-4021)
Multiple flaws were found in PHP's File Information (fileinfo) extension. A remote attacker could cause a PHP application to crash if it used fileinfo to identify type of attacker supplied files. (CVE-2014-9652, CVE-2015-4604, CVE-2015-4605)
A heap buffer overflow flaw was found in the enchant_broker_request_dict() function of PHP's enchant extension. An attacker able to make a PHP application enchant dictionaries could possibly cause it to crash. (CVE-2014-9705)
A buffer over-read flaw was found in the GD library used by the PHP gd extension. A specially crafted GIF file could cause a PHP application using the imagecreatefromgif() function to crash. (CVE-2014-9709)
This update also fixes the following bugs:
-
The libgmp library in some cases terminated unexpectedly with a segmentation fault when being used with other libraries that use the GMP memory management. With this update, PHP no longer changes libgmp memory allocators, which prevents the described crash from occurring. (BZ#1212305)
-
When using the Open Database Connectivity (ODBC) API, the PHP process in some cases terminated unexpectedly with a segmentation fault. The underlying code has been adjusted to prevent this crash. (BZ#1212299)
-
Previously, running PHP on a big-endian system sometimes led to memory corruption in the fileinfo module. This update adjusts the behavior of the PHP pointer so that it can be freed without causing memory corruption. (BZ#1212298)
All php users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. After installing the updated packages, the httpd daemon must be restarted for the update to take effect.
- Solution:
Before applying this update, make sure all previously released errata relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
- Bugs fixed (https://bugzilla.redhat.com/):
1175718 - CVE-2014-8142 php: use after free vulnerability in unserialize() 1185397 - CVE-2015-0231 php: use after free vulnerability in unserialize() (incomplete fix of CVE-2014-8142) 1185472 - CVE-2015-0232 php: Free called on unitialized pointer in exif.c 1188599 - CVE-2014-9652 file: out of bounds read in mconvert() 1188639 - CVE-2014-9709 gd: buffer read overflow in gd_gif_in.c 1194730 - CVE-2015-0273 php: use after free vulnerability in unserialize() with DateTimeZone 1194737 - CVE-2014-9705 php: heap buffer overflow in enchant_broker_request_dict() 1194747 - CVE-2015-2301 php: use after free in phar_object.c 1204868 - CVE-2015-4147 php: SoapClient's __call() type confusion through unserialize() 1207676 - CVE-2015-2787 php: use-after-free vulnerability in the process_nested_data function in ext/standard/var_unserializer.re 1207682 - CVE-2015-2348 php: move_uploaded_file() NUL byte injection in file name 1213394 - CVE-2015-3330 php: pipelined request executed in deinitialized interpreter under httpd 2.4 1213407 - CVE-2015-3411 php: missing null byte checks for paths in various PHP extensions 1213442 - CVE-2015-4604 CVE-2015-4605 php: denial of service when processing a crafted file with Fileinfo 1213446 - CVE-2015-2783 php: buffer over-read in Phar metadata parsing 1213449 - CVE-2015-3329 php: buffer overflow in phar_set_inode() 1222485 - CVE-2015-4024 php: multipart/form-data request paring CPU usage DoS 1222538 - CVE-2015-4599 CVE-2015-4600 CVE-2015-4601 php: type confusion issue in unserialize() with various SOAP methods 1223408 - CVE-2015-4025 php: CVE-2006-7243 regressions in 5.4+ 1223412 - CVE-2015-4022 php: integer overflow leading to heap overflow when reading FTP file listing 1223422 - CVE-2015-4026 php: pcntl_exec() accepts paths with NUL character 1223425 - CVE-2015-4021 php: memory corruption in phar_parse_tarfile caused by empty entry file name 1223441 - CVE-2015-3307 php: invalid pointer free() in phar_tar_process_metadata() 1226916 - CVE-2015-4148 php: SoapClient's do_soap_call() type confusion after unserialize() 1232823 - CVE-2015-3412 php: missing null byte checks for paths in various PHP extensions 1232897 - CVE-2015-4598 php: missing null byte checks for paths in DOM and GD extensions 1232918 - CVE-2015-4603 php: exception::getTraceAsString type confusion issue after unserialize 1232923 - CVE-2015-4602 php: Incomplete Class unserialization type confusion
- Package List:
Red Hat Enterprise Linux Client Optional (v. 7):
Source: php-5.4.16-36.el7_1.src.rpm
x86_64: php-5.4.16-36.el7_1.x86_64.rpm php-bcmath-5.4.16-36.el7_1.x86_64.rpm php-cli-5.4.16-36.el7_1.x86_64.rpm php-common-5.4.16-36.el7_1.x86_64.rpm php-dba-5.4.16-36.el7_1.x86_64.rpm php-debuginfo-5.4.16-36.el7_1.x86_64.rpm php-devel-5.4.16-36.el7_1.x86_64.rpm php-embedded-5.4.16-36.el7_1.x86_64.rpm php-enchant-5.4.16-36.el7_1.x86_64.rpm php-fpm-5.4.16-36.el7_1.x86_64.rpm php-gd-5.4.16-36.el7_1.x86_64.rpm php-intl-5.4.16-36.el7_1.x86_64.rpm php-ldap-5.4.16-36.el7_1.x86_64.rpm php-mbstring-5.4.16-36.el7_1.x86_64.rpm php-mysql-5.4.16-36.el7_1.x86_64.rpm php-mysqlnd-5.4.16-36.el7_1.x86_64.rpm php-odbc-5.4.16-36.el7_1.x86_64.rpm php-pdo-5.4.16-36.el7_1.x86_64.rpm php-pgsql-5.4.16-36.el7_1.x86_64.rpm php-process-5.4.16-36.el7_1.x86_64.rpm php-pspell-5.4.16-36.el7_1.x86_64.rpm php-recode-5.4.16-36.el7_1.x86_64.rpm php-snmp-5.4.16-36.el7_1.x86_64.rpm php-soap-5.4.16-36.el7_1.x86_64.rpm php-xml-5.4.16-36.el7_1.x86_64.rpm php-xmlrpc-5.4.16-36.el7_1.x86_64.rpm
Red Hat Enterprise Linux ComputeNode Optional (v. 7):
Source: php-5.4.16-36.el7_1.src.rpm
x86_64: php-5.4.16-36.el7_1.x86_64.rpm php-bcmath-5.4.16-36.el7_1.x86_64.rpm php-cli-5.4.16-36.el7_1.x86_64.rpm php-common-5.4.16-36.el7_1.x86_64.rpm php-dba-5.4.16-36.el7_1.x86_64.rpm php-debuginfo-5.4.16-36.el7_1.x86_64.rpm php-devel-5.4.16-36.el7_1.x86_64.rpm php-embedded-5.4.16-36.el7_1.x86_64.rpm php-enchant-5.4.16-36.el7_1.x86_64.rpm php-fpm-5.4.16-36.el7_1.x86_64.rpm php-gd-5.4.16-36.el7_1.x86_64.rpm php-intl-5.4.16-36.el7_1.x86_64.rpm php-ldap-5.4.16-36.el7_1.x86_64.rpm php-mbstring-5.4.16-36.el7_1.x86_64.rpm php-mysql-5.4.16-36.el7_1.x86_64.rpm php-mysqlnd-5.4.16-36.el7_1.x86_64.rpm php-odbc-5.4.16-36.el7_1.x86_64.rpm php-pdo-5.4.16-36.el7_1.x86_64.rpm php-pgsql-5.4.16-36.el7_1.x86_64.rpm php-process-5.4.16-36.el7_1.x86_64.rpm php-pspell-5.4.16-36.el7_1.x86_64.rpm php-recode-5.4.16-36.el7_1.x86_64.rpm php-snmp-5.4.16-36.el7_1.x86_64.rpm php-soap-5.4.16-36.el7_1.x86_64.rpm php-xml-5.4.16-36.el7_1.x86_64.rpm php-xmlrpc-5.4.16-36.el7_1.x86_64.rpm
Red Hat Enterprise Linux Server (v. 7):
Source: php-5.4.16-36.el7_1.src.rpm
ppc64: php-5.4.16-36.el7_1.ppc64.rpm php-cli-5.4.16-36.el7_1.ppc64.rpm php-common-5.4.16-36.el7_1.ppc64.rpm php-debuginfo-5.4.16-36.el7_1.ppc64.rpm php-gd-5.4.16-36.el7_1.ppc64.rpm php-ldap-5.4.16-36.el7_1.ppc64.rpm php-mysql-5.4.16-36.el7_1.ppc64.rpm php-odbc-5.4.16-36.el7_1.ppc64.rpm php-pdo-5.4.16-36.el7_1.ppc64.rpm php-pgsql-5.4.16-36.el7_1.ppc64.rpm php-process-5.4.16-36.el7_1.ppc64.rpm php-recode-5.4.16-36.el7_1.ppc64.rpm php-soap-5.4.16-36.el7_1.ppc64.rpm php-xml-5.4.16-36.el7_1.ppc64.rpm php-xmlrpc-5.4.16-36.el7_1.ppc64.rpm
s390x: php-5.4.16-36.el7_1.s390x.rpm php-cli-5.4.16-36.el7_1.s390x.rpm php-common-5.4.16-36.el7_1.s390x.rpm php-debuginfo-5.4.16-36.el7_1.s390x.rpm php-gd-5.4.16-36.el7_1.s390x.rpm php-ldap-5.4.16-36.el7_1.s390x.rpm php-mysql-5.4.16-36.el7_1.s390x.rpm php-odbc-5.4.16-36.el7_1.s390x.rpm php-pdo-5.4.16-36.el7_1.s390x.rpm php-pgsql-5.4.16-36.el7_1.s390x.rpm php-process-5.4.16-36.el7_1.s390x.rpm php-recode-5.4.16-36.el7_1.s390x.rpm php-soap-5.4.16-36.el7_1.s390x.rpm php-xml-5.4.16-36.el7_1.s390x.rpm php-xmlrpc-5.4.16-36.el7_1.s390x.rpm
x86_64: php-5.4.16-36.el7_1.x86_64.rpm php-cli-5.4.16-36.el7_1.x86_64.rpm php-common-5.4.16-36.el7_1.x86_64.rpm php-debuginfo-5.4.16-36.el7_1.x86_64.rpm php-gd-5.4.16-36.el7_1.x86_64.rpm php-ldap-5.4.16-36.el7_1.x86_64.rpm php-mysql-5.4.16-36.el7_1.x86_64.rpm php-odbc-5.4.16-36.el7_1.x86_64.rpm php-pdo-5.4.16-36.el7_1.x86_64.rpm php-pgsql-5.4.16-36.el7_1.x86_64.rpm php-process-5.4.16-36.el7_1.x86_64.rpm php-recode-5.4.16-36.el7_1.x86_64.rpm php-soap-5.4.16-36.el7_1.x86_64.rpm php-xml-5.4.16-36.el7_1.x86_64.rpm php-xmlrpc-5.4.16-36.el7_1.x86_64.rpm
Red Hat Enterprise Linux Server (v. 7):
Source: php-5.4.16-36.ael7b_1.src.rpm
ppc64le: php-5.4.16-36.ael7b_1.ppc64le.rpm php-cli-5.4.16-36.ael7b_1.ppc64le.rpm php-common-5.4.16-36.ael7b_1.ppc64le.rpm php-debuginfo-5.4.16-36.ael7b_1.ppc64le.rpm php-gd-5.4.16-36.ael7b_1.ppc64le.rpm php-ldap-5.4.16-36.ael7b_1.ppc64le.rpm php-mysql-5.4.16-36.ael7b_1.ppc64le.rpm php-odbc-5.4.16-36.ael7b_1.ppc64le.rpm php-pdo-5.4.16-36.ael7b_1.ppc64le.rpm php-pgsql-5.4.16-36.ael7b_1.ppc64le.rpm php-process-5.4.16-36.ael7b_1.ppc64le.rpm php-recode-5.4.16-36.ael7b_1.ppc64le.rpm php-soap-5.4.16-36.ael7b_1.ppc64le.rpm php-xml-5.4.16-36.ael7b_1.ppc64le.rpm php-xmlrpc-5.4.16-36.ael7b_1.ppc64le.rpm
Red Hat Enterprise Linux Server Optional (v. 7):
ppc64: php-bcmath-5.4.16-36.el7_1.ppc64.rpm php-dba-5.4.16-36.el7_1.ppc64.rpm php-debuginfo-5.4.16-36.el7_1.ppc64.rpm php-devel-5.4.16-36.el7_1.ppc64.rpm php-embedded-5.4.16-36.el7_1.ppc64.rpm php-enchant-5.4.16-36.el7_1.ppc64.rpm php-fpm-5.4.16-36.el7_1.ppc64.rpm php-intl-5.4.16-36.el7_1.ppc64.rpm php-mbstring-5.4.16-36.el7_1.ppc64.rpm php-mysqlnd-5.4.16-36.el7_1.ppc64.rpm php-pspell-5.4.16-36.el7_1.ppc64.rpm php-snmp-5.4.16-36.el7_1.ppc64.rpm
s390x: php-bcmath-5.4.16-36.el7_1.s390x.rpm php-dba-5.4.16-36.el7_1.s390x.rpm php-debuginfo-5.4.16-36.el7_1.s390x.rpm php-devel-5.4.16-36.el7_1.s390x.rpm php-embedded-5.4.16-36.el7_1.s390x.rpm php-enchant-5.4.16-36.el7_1.s390x.rpm php-fpm-5.4.16-36.el7_1.s390x.rpm php-intl-5.4.16-36.el7_1.s390x.rpm php-mbstring-5.4.16-36.el7_1.s390x.rpm php-mysqlnd-5.4.16-36.el7_1.s390x.rpm php-pspell-5.4.16-36.el7_1.s390x.rpm php-snmp-5.4.16-36.el7_1.s390x.rpm
x86_64: php-bcmath-5.4.16-36.el7_1.x86_64.rpm php-dba-5.4.16-36.el7_1.x86_64.rpm php-debuginfo-5.4.16-36.el7_1.x86_64.rpm php-devel-5.4.16-36.el7_1.x86_64.rpm php-embedded-5.4.16-36.el7_1.x86_64.rpm php-enchant-5.4.16-36.el7_1.x86_64.rpm php-fpm-5.4.16-36.el7_1.x86_64.rpm php-intl-5.4.16-36.el7_1.x86_64.rpm php-mbstring-5.4.16-36.el7_1.x86_64.rpm php-mysqlnd-5.4.16-36.el7_1.x86_64.rpm php-pspell-5.4.16-36.el7_1.x86_64.rpm php-snmp-5.4.16-36.el7_1.x86_64.rpm
Red Hat Enterprise Linux Server Optional (v. 7):
ppc64le: php-bcmath-5.4.16-36.ael7b_1.ppc64le.rpm php-dba-5.4.16-36.ael7b_1.ppc64le.rpm php-debuginfo-5.4.16-36.ael7b_1.ppc64le.rpm php-devel-5.4.16-36.ael7b_1.ppc64le.rpm php-embedded-5.4.16-36.ael7b_1.ppc64le.rpm php-enchant-5.4.16-36.ael7b_1.ppc64le.rpm php-fpm-5.4.16-36.ael7b_1.ppc64le.rpm php-intl-5.4.16-36.ael7b_1.ppc64le.rpm php-mbstring-5.4.16-36.ael7b_1.ppc64le.rpm php-mysqlnd-5.4.16-36.ael7b_1.ppc64le.rpm php-pspell-5.4.16-36.ael7b_1.ppc64le.rpm php-snmp-5.4.16-36.ael7b_1.ppc64le.rpm
Red Hat Enterprise Linux Workstation (v. 7):
Source: php-5.4.16-36.el7_1.src.rpm
x86_64: php-5.4.16-36.el7_1.x86_64.rpm php-cli-5.4.16-36.el7_1.x86_64.rpm php-common-5.4.16-36.el7_1.x86_64.rpm php-debuginfo-5.4.16-36.el7_1.x86_64.rpm php-gd-5.4.16-36.el7_1.x86_64.rpm php-ldap-5.4.16-36.el7_1.x86_64.rpm php-mysql-5.4.16-36.el7_1.x86_64.rpm php-odbc-5.4.16-36.el7_1.x86_64.rpm php-pdo-5.4.16-36.el7_1.x86_64.rpm php-pgsql-5.4.16-36.el7_1.x86_64.rpm php-process-5.4.16-36.el7_1.x86_64.rpm php-recode-5.4.16-36.el7_1.x86_64.rpm php-soap-5.4.16-36.el7_1.x86_64.rpm php-xml-5.4.16-36.el7_1.x86_64.rpm php-xmlrpc-5.4.16-36.el7_1.x86_64.rpm
Red Hat Enterprise Linux Workstation Optional (v. 7):
x86_64: php-bcmath-5.4.16-36.el7_1.x86_64.rpm php-dba-5.4.16-36.el7_1.x86_64.rpm php-debuginfo-5.4.16-36.el7_1.x86_64.rpm php-devel-5.4.16-36.el7_1.x86_64.rpm php-embedded-5.4.16-36.el7_1.x86_64.rpm php-enchant-5.4.16-36.el7_1.x86_64.rpm php-fpm-5.4.16-36.el7_1.x86_64.rpm php-intl-5.4.16-36.el7_1.x86_64.rpm php-mbstring-5.4.16-36.el7_1.x86_64.rpm php-mysqlnd-5.4.16-36.el7_1.x86_64.rpm php-pspell-5.4.16-36.el7_1.x86_64.rpm php-snmp-5.4.16-36.el7_1.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/
- References:
https://access.redhat.com/security/cve/CVE-2014-8142 https://access.redhat.com/security/cve/CVE-2014-9652 https://access.redhat.com/security/cve/CVE-2014-9705 https://access.redhat.com/security/cve/CVE-2014-9709 https://access.redhat.com/security/cve/CVE-2015-0231 https://access.redhat.com/security/cve/CVE-2015-0232 https://access.redhat.com/security/cve/CVE-2015-0273 https://access.redhat.com/security/cve/CVE-2015-2301 https://access.redhat.com/security/cve/CVE-2015-2348 https://access.redhat.com/security/cve/CVE-2015-2783 https://access.redhat.com/security/cve/CVE-2015-2787 https://access.redhat.com/security/cve/CVE-2015-3307 https://access.redhat.com/security/cve/CVE-2015-3329 https://access.redhat.com/security/cve/CVE-2015-3330 https://access.redhat.com/security/cve/CVE-2015-3411 https://access.redhat.com/security/cve/CVE-2015-3412 https://access.redhat.com/security/cve/CVE-2015-4021 https://access.redhat.com/security/cve/CVE-2015-4022 https://access.redhat.com/security/cve/CVE-2015-4024 https://access.redhat.com/security/cve/CVE-2015-4025 https://access.redhat.com/security/cve/CVE-2015-4026 https://access.redhat.com/security/cve/CVE-2015-4147 https://access.redhat.com/security/cve/CVE-2015-4148 https://access.redhat.com/security/cve/CVE-2015-4598 https://access.redhat.com/security/cve/CVE-2015-4599 https://access.redhat.com/security/cve/CVE-2015-4600 https://access.redhat.com/security/cve/CVE-2015-4601 https://access.redhat.com/security/cve/CVE-2015-4602 https://access.redhat.com/security/cve/CVE-2015-4603 https://access.redhat.com/security/cve/CVE-2015-4604 https://access.redhat.com/security/cve/CVE-2015-4605 https://access.redhat.com/security/updates/classification/#important
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2015 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iD8DBQFViR1aXlSAg2UNWIIRAuxPAJ42GLQVzvzc9kje0VjDv8NZWcPv6QCbBL+O dtqycPWs+07GhjmZ6NNx5Bg= =FREZ -----END PGP SIGNATURE-----
-- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce . ============================================================================ Ubuntu Security Notice USN-2658-1 July 06, 2015
php5 vulnerabilities
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 15.04
- Ubuntu 14.10
- Ubuntu 14.04 LTS
- Ubuntu 12.04 LTS
Summary:
Several security issues were fixed in PHP.
Software Description: - php5: HTML-embedded scripting language interpreter
Details:
Neal Poole and Tomas Hoger discovered that PHP incorrectly handled NULL bytes in file paths. (CVE-2015-3411, CVE-2015-3412, CVE-2015-4025, CVE-2015-4026, CVE-2015-4598)
Emmanuel Law discovered that the PHP phar extension incorrectly handled filenames starting with a NULL byte. (CVE-2015-4021)
Max Spelsberg discovered that PHP incorrectly handled the LIST command when connecting to remote FTP servers. (CVE-2015-4022, CVE-2015-4643)
Shusheng Liu discovered that PHP incorrectly handled certain malformed form data. (CVE-2015-4024)
Andrea Palazzo discovered that the PHP Soap client incorrectly validated data types. (CVE-2015-4147)
Andrea Palazzo discovered that the PHP Soap client incorrectly validated that the uri property is a string. A remote attacker could possibly use these issues to obtain sensitive information or cause a denial of service. This issue only affected Ubuntu 15.04. (CVE-2015-4644)
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 15.04: libapache2-mod-php5 5.6.4+dfsg-4ubuntu6.2 php5-cgi 5.6.4+dfsg-4ubuntu6.2 php5-cli 5.6.4+dfsg-4ubuntu6.2 php5-fpm 5.6.4+dfsg-4ubuntu6.2
Ubuntu 14.10: libapache2-mod-php5 5.5.12+dfsg-2ubuntu4.6 php5-cgi 5.5.12+dfsg-2ubuntu4.6 php5-cli 5.5.12+dfsg-2ubuntu4.6 php5-fpm 5.5.12+dfsg-2ubuntu4.6
Ubuntu 14.04 LTS: libapache2-mod-php5 5.5.9+dfsg-1ubuntu4.11 php5-cgi 5.5.9+dfsg-1ubuntu4.11 php5-cli 5.5.9+dfsg-1ubuntu4.11 php5-fpm 5.5.9+dfsg-1ubuntu4.11
Ubuntu 12.04 LTS: libapache2-mod-php5 5.3.10-1ubuntu3.19 php5-cgi 5.3.10-1ubuntu3.19 php5-cli 5.3.10-1ubuntu3.19 php5-fpm 5.3.10-1ubuntu3.19
In general, a standard system update will make all the necessary changes.
Here are the details from the Slackware 14.1 ChangeLog: +--------------------------+ patches/packages/php-5.4.41-i486-1_slack14.1.txz: Upgraded. This update fixes some bugs and security issues. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-7243 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2325 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2326 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4021 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4022 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4024 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4025 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4026 ( Security fix ) +--------------------------+
Where to find the new packages: +-----------------------------+
Thanks to the friendly folks at the OSU Open Source Lab (http://osuosl.org) for donating FTP and rsync hosting to the Slackware project! :-)
Also see the "Get Slack" section on http://slackware.com for additional mirror sites near you.
Updated package for Slackware 14.0: ftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/php-5.4.41-i486-1_slack14.0.txz
Updated package for Slackware x86_64 14.0: ftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/php-5.4.41-x86_64-1_slack14.0.txz
Updated package for Slackware 14.1: ftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/php-5.4.41-i486-1_slack14.1.txz
Updated package for Slackware x86_64 14.1: ftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/php-5.4.41-x86_64-1_slack14.1.txz
Updated package for Slackware -current: ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/php-5.6.9-i586-1.txz
Updated package for Slackware x86_64 -current: ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/php-5.6.9-x86_64-1.txz
MD5 signatures: +-------------+
Slackware 14.0 package: 5e8d107dba11f8c87693edfdc32f56b7 php-5.4.41-i486-1_slack14.0.txz
Slackware x86_64 14.0 package: 24d6895fe6b0e9c88b04ceaccc35383d php-5.4.41-x86_64-1_slack14.0.txz
Slackware 14.1 package: 52011eec3a256a365789562b63e8ba84 php-5.4.41-i486-1_slack14.1.txz
Slackware x86_64 14.1 package: 82b75af6253121cab6cc84dd714f554c php-5.4.41-x86_64-1_slack14.1.txz
Slackware -current package: e1c64f133f44b0abac21e0846e39d3c8 n/php-5.6.9-i586-1.txz
Slackware x86_64 -current package: ae51c99af34a4bd8721e7140c38a8c1a n/php-5.6.9-x86_64-1.txz
Installation instructions: +------------------------+
Upgrade the package as root:
upgradepkg php-5.4.41-i486-1_slack14.1.txz
Then, restart Apache httpd:
/etc/rc.d/rc.httpd stop
/etc/rc.d/rc.httpd start
+-----+
Slackware Linux Security Team http://slackware.com/gpg-key security@slackware.com
+------------------------------------------------------------------------+ | To leave the slackware-security mailing list: | +------------------------------------------------------------------------+ | Send an email to majordomo@slackware.com with this text in the body of | | the email message: | | | | unsubscribe slackware-security | | | | You will get a confirmation message back containing instructions to | | complete the process. Please do not reply to this email address.
CVE-2015-4024
Denial of service when processing multipart/form-data requests.
CVE-2015-4022
Integer overflow in the ftp_genlist() function may result in
denial of service or potentially the execution of arbitrary code.
For the oldstable distribution (wheezy), these problems have been fixed in version 5.4.41-0+deb7u1.
For the stable distribution (jessie), these problems have been fixed in version 5.6.9+dfsg-0+deb8u1.
For the testing distribution (stretch), these problems have been fixed in version 5.6.9+dfsg-1.
For the unstable distribution (sid), these problems have been fixed in version 5.6.9+dfsg-1.
We recommend that you upgrade your php5 packages
Show details on source website{
"affected_products": {
"_id": null,
"data": [
{
"_id": null,
"model": "enterprise linux server",
"scope": "eq",
"trust": 1.6,
"vendor": "redhat",
"version": "7.0"
},
{
"_id": null,
"model": "enterprise linux workstation",
"scope": "eq",
"trust": 1.6,
"vendor": "redhat",
"version": "7.0"
},
{
"_id": null,
"model": "enterprise linux server eus",
"scope": "eq",
"trust": 1.6,
"vendor": "redhat",
"version": "7.1"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 1.3,
"vendor": "oracle",
"version": "6"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 1.3,
"vendor": "oracle",
"version": "7"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 1.3,
"vendor": "php",
"version": "5.6.8"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 1.3,
"vendor": "php",
"version": "5.5.4"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 1.3,
"vendor": "php",
"version": "5.5.19"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 1.3,
"vendor": "php",
"version": "5.5.13"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 1.3,
"vendor": "php",
"version": "5.6.5"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 1.3,
"vendor": "php",
"version": "5.5.8"
},
{
"_id": null,
"model": "solaris",
"scope": "eq",
"trust": 1.3,
"vendor": "oracle",
"version": "11.2"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 1.3,
"vendor": "php",
"version": "5.5.21"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 1.3,
"vendor": "php",
"version": "5.6.4"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 1.3,
"vendor": "php",
"version": "5.5.24"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 1.3,
"vendor": "php",
"version": "5.6.2"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 1.3,
"vendor": "php",
"version": "5.5.11"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 1.3,
"vendor": "php",
"version": "5.5.18"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 1.3,
"vendor": "php",
"version": "5.5.12"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 1.3,
"vendor": "php",
"version": "5.5.9"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 1.3,
"vendor": "php",
"version": "5.5.2"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 1.3,
"vendor": "php",
"version": "5.6.7"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 1.3,
"vendor": "php",
"version": "5.5.23"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 1.3,
"vendor": "php",
"version": "5.6.6"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 1.3,
"vendor": "php",
"version": "5.5.14"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 1.3,
"vendor": "php",
"version": "5.5.7"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 1.3,
"vendor": "php",
"version": "5.5.10"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 1.3,
"vendor": "php",
"version": "5.5.20"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 1.3,
"vendor": "php",
"version": "5.6.3"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 1.3,
"vendor": "php",
"version": "5.5.1"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 1.3,
"vendor": "php",
"version": "5.5.22"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 1.3,
"vendor": "php",
"version": "5.5.3"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 1.3,
"vendor": "php",
"version": "5.5.5"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 1.3,
"vendor": "php",
"version": "5.4.39"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 1.3,
"vendor": "php",
"version": "5.5.6"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.0"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "6.0"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 1.0,
"vendor": "php",
"version": "5.5.0"
},
{
"_id": null,
"model": "enterprise linux hpc node",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.0"
},
{
"_id": null,
"model": "php",
"scope": "lte",
"trust": 1.0,
"vendor": "php",
"version": "5.4.40"
},
{
"_id": null,
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.0"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 1.0,
"vendor": "php",
"version": "5.6.0"
},
{
"_id": null,
"model": "enterprise linux hpc node eus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.1"
},
{
"_id": null,
"model": "mac os x",
"scope": "lte",
"trust": 1.0,
"vendor": "apple",
"version": "10.10.4"
},
{
"_id": null,
"model": "system management homepage",
"scope": "lte",
"trust": 1.0,
"vendor": "hp",
"version": "7.5.3.1"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "14.0"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 0.3,
"vendor": "php",
"version": "5.4.5"
},
{
"_id": null,
"model": "enterprise linux hpc node optional",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 0.3,
"vendor": "php",
"version": "5.4.14"
},
{
"_id": null,
"model": "mac os",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "x10.10.5"
},
{
"_id": null,
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "tealeaf customer experience",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 0.3,
"vendor": "php",
"version": "5.4.28"
},
{
"_id": null,
"model": "linux ia-64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.2"
},
{
"_id": null,
"model": "enterprise linux server",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 0.3,
"vendor": "php",
"version": "5.6.1"
},
{
"_id": null,
"model": "enterprise linux server optional",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 0.3,
"vendor": "php",
"version": "5.4.19"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.10"
},
{
"_id": null,
"model": "enterprise linux server",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 0.3,
"vendor": "php",
"version": "5.4.15"
},
{
"_id": null,
"model": "alienvault",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.14"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 0.3,
"vendor": "php",
"version": "5.4.11"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.10.3"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 0.3,
"vendor": "php",
"version": "5.4.6"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 0.3,
"vendor": "php",
"version": "5.4.13"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 0.3,
"vendor": "php",
"version": "5.4.35"
},
{
"_id": null,
"model": "tealeaf customer experience",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.8"
},
{
"_id": null,
"model": "enterprise linux workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 0.3,
"vendor": "php",
"version": "5.4.30"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 0.3,
"vendor": "php",
"version": "5.4.40"
},
{
"_id": null,
"model": "alienvault",
"scope": "ne",
"trust": 0.3,
"vendor": "alienvault",
"version": "5.2"
},
{
"_id": null,
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7"
},
{
"_id": null,
"model": "enterprise linux workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 0.3,
"vendor": "php",
"version": "5.6"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.10.1"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 0.3,
"vendor": "php",
"version": "5.4.33"
},
{
"_id": null,
"model": "tealeaf customer experience",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0.1"
},
{
"_id": null,
"model": "alienvault",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "5.1"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 0.3,
"vendor": "php",
"version": "5.4.17"
},
{
"_id": null,
"model": "enterprise linux workstation optional",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 0.3,
"vendor": "php",
"version": "5.4.8"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 0.3,
"vendor": "php",
"version": "5.4.7"
},
{
"_id": null,
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 0.3,
"vendor": "php",
"version": "5.4.32"
},
{
"_id": null,
"model": "tealeaf customer experience 9.0.0a",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.9.5"
},
{
"_id": null,
"model": "linux x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "14.1"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 0.3,
"vendor": "php",
"version": "5.4.34"
},
{
"_id": null,
"model": "alienvault",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.15"
},
{
"_id": null,
"model": "linux -current",
"scope": null,
"trust": 0.3,
"vendor": "slackware",
"version": null
},
{
"_id": null,
"model": "tealeaf customer experience",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0.2"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 0.3,
"vendor": "php",
"version": "5.4.26"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 0.3,
"vendor": "php",
"version": "5.4.3"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 0.3,
"vendor": "php",
"version": "5.4.4"
},
{
"_id": null,
"model": "solaris",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "11.3"
},
{
"_id": null,
"model": "php",
"scope": "ne",
"trust": 0.3,
"vendor": "php",
"version": "5.4.41"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 0.3,
"vendor": "php",
"version": "5.4.2"
},
{
"_id": null,
"model": "centos",
"scope": "eq",
"trust": 0.3,
"vendor": "centos",
"version": "6"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 0.3,
"vendor": "php",
"version": "5.4.16"
},
{
"_id": null,
"model": "tealeaf customer experience",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.7"
},
{
"_id": null,
"model": "alienvault",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.15.1"
},
{
"_id": null,
"model": "alienvault",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.15.2"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 0.3,
"vendor": "php",
"version": "5.5.15"
},
{
"_id": null,
"model": "enterprise linux desktop optional",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.10.4"
},
{
"_id": null,
"model": "linux lts",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "14.04"
},
{
"_id": null,
"model": "php",
"scope": "ne",
"trust": 0.3,
"vendor": "php",
"version": "5.5.25"
},
{
"_id": null,
"model": "linux lts i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "12.04"
},
{
"_id": null,
"model": "enterprise linux hpc node",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"_id": null,
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 0.3,
"vendor": "php",
"version": "5.4.37"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.10.2"
},
{
"_id": null,
"model": "alienvault",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.13"
},
{
"_id": null,
"model": "linux lts amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "12.04"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 0.3,
"vendor": "php",
"version": "5.4.36"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 0.3,
"vendor": "php",
"version": "5.4.38"
},
{
"_id": null,
"model": "linux ia-32",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "linux mips",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "14.10"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 0.3,
"vendor": "php",
"version": "5.4.9"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 0.3,
"vendor": "php",
"version": "5.4.27"
},
{
"_id": null,
"model": "alienvault",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.12"
},
{
"_id": null,
"model": "php",
"scope": "ne",
"trust": 0.3,
"vendor": "php",
"version": "5.6.9"
},
{
"_id": null,
"model": "alienvault",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "5.0.4"
},
{
"_id": null,
"model": "alienvault",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.12.1"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 0.3,
"vendor": "php",
"version": "5.4.29"
},
{
"_id": null,
"model": "tealeaf customer experience 9.0.1a",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "flex system chassis management module 2pet",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "14.1"
},
{
"_id": null,
"model": "tealeaf customer experience",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.6"
},
{
"_id": null,
"model": "alienvault",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "5.0"
},
{
"_id": null,
"model": "linux s/390",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "linux x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "14.0"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 0.3,
"vendor": "php",
"version": "5.4.20"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 0.3,
"vendor": "php",
"version": "5.4.10"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 0.3,
"vendor": "php",
"version": "5.4.1"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 0.3,
"vendor": "php",
"version": "5.4.12"
},
{
"_id": null,
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 0.3,
"vendor": "php",
"version": "5.5.16"
},
{
"_id": null,
"model": "flex system chassis management module 2pet14c-2.5.5c",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 0.3,
"vendor": "php",
"version": "5.4.18"
},
{
"_id": null,
"model": "enterprise linux hpc node",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 0.3,
"vendor": "php",
"version": "5.4.22"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 0.3,
"vendor": "php",
"version": "5.4.31"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 0.3,
"vendor": "php",
"version": "5.5.17"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 0.3,
"vendor": "php",
"version": "5.4.24"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 0.3,
"vendor": "php",
"version": "5.4.25"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 0.3,
"vendor": "php",
"version": "5.5"
},
{
"_id": null,
"model": "tealeaf customer experience",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 0.3,
"vendor": "php",
"version": "5.4.23"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "15.04"
},
{
"_id": null,
"model": "linux x86 64 -current",
"scope": null,
"trust": 0.3,
"vendor": "slackware",
"version": null
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 0.3,
"vendor": "php",
"version": "5.4.21"
}
],
"sources": [
{
"db": "BID",
"id": "74903"
},
{
"db": "CNNVD",
"id": "CNNVD-201506-131"
},
{
"db": "NVD",
"id": "CVE-2015-4024"
}
]
},
"credits": {
"_id": null,
"data": "Red Hat",
"sources": [
{
"db": "PACKETSTORM",
"id": "132440"
},
{
"db": "PACKETSTORM",
"id": "132618"
},
{
"db": "PACKETSTORM",
"id": "132406"
},
{
"db": "PACKETSTORM",
"id": "132619"
},
{
"db": "PACKETSTORM",
"id": "132442"
}
],
"trust": 0.5
},
"cve": "CVE-2015-4024",
"cvss": {
"_id": null,
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CVE-2015-4024",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.1,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "VHN-81985",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2015-4024",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201506-131",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-81985",
"trust": 0.1,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2015-4024",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-81985"
},
{
"db": "VULMON",
"id": "CVE-2015-4024"
},
{
"db": "CNNVD",
"id": "CNNVD-201506-131"
},
{
"db": "NVD",
"id": "CVE-2015-4024"
}
]
},
"description": {
"_id": null,
"data": "Algorithmic complexity vulnerability in the multipart_buffer_headers function in main/rfc1867.c in PHP before 5.4.41, 5.5.x before 5.5.25, and 5.6.x before 5.6.9 allows remote attackers to cause a denial of service (CPU consumption) via crafted form data that triggers an improper order-of-growth outcome. PHP is prone to a remote denial-of-service vulnerability. \nSuccessful exploitation of the issue will cause excessive CPU resource consumption, resulting in a denial-of-service condition. PHP (PHP: Hypertext Preprocessor, PHP: Hypertext Preprocessor) is an open source general-purpose computer scripting language jointly maintained by the PHP Group and the open source community. The language is mainly used for Web development and supports a variety of databases and operating systems. An algorithmic complexity vulnerability exists in the \u0027multipart_buffer_headers\u0027 function in PHP\u0027s main/rfc1867.c file. The following versions are affected: PHP prior to 5.4.41, 5.5.x prior to 5.5.25, and 5.6.x prior to 5.6.9. 6) - i386, x86_64\n\n3. (CVE-2014-9709)\n\nA double free flaw was found in zend_ts_hash_graceful_destroy() function in\nthe PHP ZTS module. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=====================================================================\n Red Hat Security Advisory\n\nSynopsis: Important: php security and bug fix update\nAdvisory ID: RHSA-2015:1135-01\nProduct: Red Hat Enterprise Linux\nAdvisory URL: https://rhn.redhat.com/errata/RHSA-2015-1135.html\nIssue date: 2015-06-23\nCVE Names: CVE-2014-8142 CVE-2014-9652 CVE-2014-9705 \n CVE-2014-9709 CVE-2015-0231 CVE-2015-0232 \n CVE-2015-0273 CVE-2015-2301 CVE-2015-2348 \n CVE-2015-2783 CVE-2015-2787 CVE-2015-3307 \n CVE-2015-3329 CVE-2015-3330 CVE-2015-3411 \n CVE-2015-3412 CVE-2015-4021 CVE-2015-4022 \n CVE-2015-4024 CVE-2015-4025 CVE-2015-4026 \n CVE-2015-4147 CVE-2015-4148 CVE-2015-4598 \n CVE-2015-4599 CVE-2015-4600 CVE-2015-4601 \n CVE-2015-4602 CVE-2015-4603 CVE-2015-4604 \n CVE-2015-4605 \n=====================================================================\n\n1. Summary:\n\nUpdated php packages that fix multiple security issues and several bugs\nare now available for Red Hat Enterprise Linux 7. \n\nRed Hat Product Security has rated this update as having Important security\nimpact. Common Vulnerability Scoring System (CVSS) base scores, which give\ndetailed severity ratings, are available for each vulnerability from the\nCVE links in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux Client Optional (v. 7) - x86_64\nRed Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64\nRed Hat Enterprise Linux Server (v. 7) - ppc64, ppc64le, s390x, x86_64\nRed Hat Enterprise Linux Server Optional (v. 7) - ppc64, ppc64le, s390x, x86_64\nRed Hat Enterprise Linux Workstation (v. 7) - x86_64\nRed Hat Enterprise Linux Workstation Optional (v. 7) - x86_64\n\n3. Description:\n\nPHP is an HTML-embedded scripting language commonly used with the Apache\nHTTP Server. \n\nA flaw was found in the way the PHP module for the Apache httpd web server\nhandled pipelined requests. A remote attacker could use this flaw to\ntrigger the execution of a PHP script in a deinitialized interpreter,\ncausing it to crash or, possibly, execute arbitrary code. (CVE-2015-3330)\n\nA flaw was found in the way PHP parsed multipart HTTP POST requests. A\nspecially crafted request could cause PHP to use an excessive amount of CPU\ntime. (CVE-2015-4024)\n\nAn uninitialized pointer use flaw was found in PHP\u0027s Exif extension. A\nspecially crafted JPEG or TIFF file could cause a PHP application using the\nexif_read_data() function to crash or, possibly, execute arbitrary code\nwith the privileges of the user running that PHP application. \n(CVE-2015-0232)\n\nAn integer overflow flaw leading to a heap-based buffer overflow was found\nin the way PHP\u0027s FTP extension parsed file listing FTP server responses. A\nmalicious FTP server could use this flaw to cause a PHP application to\ncrash or, possibly, execute arbitrary code. (CVE-2015-4022)\n\nMultiple flaws were discovered in the way PHP performed object\nunserialization. Specially crafted input processed by the unserialize()\nfunction could cause a PHP application to crash or, possibly, execute\narbitrary code. (CVE-2014-8142, CVE-2015-0231, CVE-2015-0273,\nCVE-2015-2787, CVE-2015-4147, CVE-2015-4148, CVE-2015-4599, CVE-2015-4600,\nCVE-2015-4601, CVE-2015-4602, CVE-2015-4603)\n\nIt was found that certain PHP functions did not properly handle file names\ncontaining a NULL character. A remote attacker could possibly use this flaw\nto make a PHP script access unexpected files and bypass intended file\nsystem access restrictions. (CVE-2015-2348, CVE-2015-4025, CVE-2015-4026,\nCVE-2015-3411, CVE-2015-3412, CVE-2015-4598)\n\nMultiple flaws were found in the way the way PHP\u0027s Phar extension parsed\nPhar archives. A specially crafted archive could cause PHP to crash or,\npossibly, execute arbitrary code when opened. (CVE-2015-2301,\nCVE-2015-2783, CVE-2015-3307, CVE-2015-3329, CVE-2015-4021)\n\nMultiple flaws were found in PHP\u0027s File Information (fileinfo) extension. \nA remote attacker could cause a PHP application to crash if it used\nfileinfo to identify type of attacker supplied files. (CVE-2014-9652,\nCVE-2015-4604, CVE-2015-4605)\n\nA heap buffer overflow flaw was found in the enchant_broker_request_dict()\nfunction of PHP\u0027s enchant extension. An attacker able to make a PHP\napplication enchant dictionaries could possibly cause it to crash. \n(CVE-2014-9705)\n\nA buffer over-read flaw was found in the GD library used by the PHP gd\nextension. A specially crafted GIF file could cause a PHP application using\nthe imagecreatefromgif() function to crash. (CVE-2014-9709)\n\nThis update also fixes the following bugs:\n\n* The libgmp library in some cases terminated unexpectedly with a\nsegmentation fault when being used with other libraries that use the GMP\nmemory management. With this update, PHP no longer changes libgmp memory\nallocators, which prevents the described crash from occurring. (BZ#1212305)\n\n* When using the Open Database Connectivity (ODBC) API, the PHP process\nin some cases terminated unexpectedly with a segmentation fault. The\nunderlying code has been adjusted to prevent this crash. (BZ#1212299)\n\n* Previously, running PHP on a big-endian system sometimes led to memory\ncorruption in the fileinfo module. This update adjusts the behavior of\nthe PHP pointer so that it can be freed without causing memory corruption. \n(BZ#1212298)\n\nAll php users are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues. After installing the\nupdated packages, the httpd daemon must be restarted for the update to\ntake effect. \n\n4. Solution:\n\nBefore applying this update, make sure all previously released errata\nrelevant to your system have been applied. \n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258\n\n5. Bugs fixed (https://bugzilla.redhat.com/):\n\n1175718 - CVE-2014-8142 php: use after free vulnerability in unserialize()\n1185397 - CVE-2015-0231 php: use after free vulnerability in unserialize() (incomplete fix of CVE-2014-8142)\n1185472 - CVE-2015-0232 php: Free called on unitialized pointer in exif.c\n1188599 - CVE-2014-9652 file: out of bounds read in mconvert()\n1188639 - CVE-2014-9709 gd: buffer read overflow in gd_gif_in.c\n1194730 - CVE-2015-0273 php: use after free vulnerability in unserialize() with DateTimeZone\n1194737 - CVE-2014-9705 php: heap buffer overflow in enchant_broker_request_dict()\n1194747 - CVE-2015-2301 php: use after free in phar_object.c\n1204868 - CVE-2015-4147 php: SoapClient\u0027s __call() type confusion through unserialize()\n1207676 - CVE-2015-2787 php: use-after-free vulnerability in the process_nested_data function in ext/standard/var_unserializer.re\n1207682 - CVE-2015-2348 php: move_uploaded_file() NUL byte injection in file name\n1213394 - CVE-2015-3330 php: pipelined request executed in deinitialized interpreter under httpd 2.4\n1213407 - CVE-2015-3411 php: missing null byte checks for paths in various PHP extensions\n1213442 - CVE-2015-4604 CVE-2015-4605 php: denial of service when processing a crafted file with Fileinfo\n1213446 - CVE-2015-2783 php: buffer over-read in Phar metadata parsing\n1213449 - CVE-2015-3329 php: buffer overflow in phar_set_inode()\n1222485 - CVE-2015-4024 php: multipart/form-data request paring CPU usage DoS\n1222538 - CVE-2015-4599 CVE-2015-4600 CVE-2015-4601 php: type confusion issue in unserialize() with various SOAP methods\n1223408 - CVE-2015-4025 php: CVE-2006-7243 regressions in 5.4+\n1223412 - CVE-2015-4022 php: integer overflow leading to heap overflow when reading FTP file listing\n1223422 - CVE-2015-4026 php: pcntl_exec() accepts paths with NUL character\n1223425 - CVE-2015-4021 php: memory corruption in phar_parse_tarfile caused by empty entry file name\n1223441 - CVE-2015-3307 php: invalid pointer free() in phar_tar_process_metadata()\n1226916 - CVE-2015-4148 php: SoapClient\u0027s do_soap_call() type confusion after unserialize()\n1232823 - CVE-2015-3412 php: missing null byte checks for paths in various PHP extensions\n1232897 - CVE-2015-4598 php: missing null byte checks for paths in DOM and GD extensions\n1232918 - CVE-2015-4603 php: exception::getTraceAsString type confusion issue after unserialize\n1232923 - CVE-2015-4602 php: Incomplete Class unserialization type confusion\n\n6. Package List:\n\nRed Hat Enterprise Linux Client Optional (v. 7):\n\nSource:\nphp-5.4.16-36.el7_1.src.rpm\n\nx86_64:\nphp-5.4.16-36.el7_1.x86_64.rpm\nphp-bcmath-5.4.16-36.el7_1.x86_64.rpm\nphp-cli-5.4.16-36.el7_1.x86_64.rpm\nphp-common-5.4.16-36.el7_1.x86_64.rpm\nphp-dba-5.4.16-36.el7_1.x86_64.rpm\nphp-debuginfo-5.4.16-36.el7_1.x86_64.rpm\nphp-devel-5.4.16-36.el7_1.x86_64.rpm\nphp-embedded-5.4.16-36.el7_1.x86_64.rpm\nphp-enchant-5.4.16-36.el7_1.x86_64.rpm\nphp-fpm-5.4.16-36.el7_1.x86_64.rpm\nphp-gd-5.4.16-36.el7_1.x86_64.rpm\nphp-intl-5.4.16-36.el7_1.x86_64.rpm\nphp-ldap-5.4.16-36.el7_1.x86_64.rpm\nphp-mbstring-5.4.16-36.el7_1.x86_64.rpm\nphp-mysql-5.4.16-36.el7_1.x86_64.rpm\nphp-mysqlnd-5.4.16-36.el7_1.x86_64.rpm\nphp-odbc-5.4.16-36.el7_1.x86_64.rpm\nphp-pdo-5.4.16-36.el7_1.x86_64.rpm\nphp-pgsql-5.4.16-36.el7_1.x86_64.rpm\nphp-process-5.4.16-36.el7_1.x86_64.rpm\nphp-pspell-5.4.16-36.el7_1.x86_64.rpm\nphp-recode-5.4.16-36.el7_1.x86_64.rpm\nphp-snmp-5.4.16-36.el7_1.x86_64.rpm\nphp-soap-5.4.16-36.el7_1.x86_64.rpm\nphp-xml-5.4.16-36.el7_1.x86_64.rpm\nphp-xmlrpc-5.4.16-36.el7_1.x86_64.rpm\n\nRed Hat Enterprise Linux ComputeNode Optional (v. 7):\n\nSource:\nphp-5.4.16-36.el7_1.src.rpm\n\nx86_64:\nphp-5.4.16-36.el7_1.x86_64.rpm\nphp-bcmath-5.4.16-36.el7_1.x86_64.rpm\nphp-cli-5.4.16-36.el7_1.x86_64.rpm\nphp-common-5.4.16-36.el7_1.x86_64.rpm\nphp-dba-5.4.16-36.el7_1.x86_64.rpm\nphp-debuginfo-5.4.16-36.el7_1.x86_64.rpm\nphp-devel-5.4.16-36.el7_1.x86_64.rpm\nphp-embedded-5.4.16-36.el7_1.x86_64.rpm\nphp-enchant-5.4.16-36.el7_1.x86_64.rpm\nphp-fpm-5.4.16-36.el7_1.x86_64.rpm\nphp-gd-5.4.16-36.el7_1.x86_64.rpm\nphp-intl-5.4.16-36.el7_1.x86_64.rpm\nphp-ldap-5.4.16-36.el7_1.x86_64.rpm\nphp-mbstring-5.4.16-36.el7_1.x86_64.rpm\nphp-mysql-5.4.16-36.el7_1.x86_64.rpm\nphp-mysqlnd-5.4.16-36.el7_1.x86_64.rpm\nphp-odbc-5.4.16-36.el7_1.x86_64.rpm\nphp-pdo-5.4.16-36.el7_1.x86_64.rpm\nphp-pgsql-5.4.16-36.el7_1.x86_64.rpm\nphp-process-5.4.16-36.el7_1.x86_64.rpm\nphp-pspell-5.4.16-36.el7_1.x86_64.rpm\nphp-recode-5.4.16-36.el7_1.x86_64.rpm\nphp-snmp-5.4.16-36.el7_1.x86_64.rpm\nphp-soap-5.4.16-36.el7_1.x86_64.rpm\nphp-xml-5.4.16-36.el7_1.x86_64.rpm\nphp-xmlrpc-5.4.16-36.el7_1.x86_64.rpm\n\nRed Hat Enterprise Linux Server (v. 7):\n\nSource:\nphp-5.4.16-36.el7_1.src.rpm\n\nppc64:\nphp-5.4.16-36.el7_1.ppc64.rpm\nphp-cli-5.4.16-36.el7_1.ppc64.rpm\nphp-common-5.4.16-36.el7_1.ppc64.rpm\nphp-debuginfo-5.4.16-36.el7_1.ppc64.rpm\nphp-gd-5.4.16-36.el7_1.ppc64.rpm\nphp-ldap-5.4.16-36.el7_1.ppc64.rpm\nphp-mysql-5.4.16-36.el7_1.ppc64.rpm\nphp-odbc-5.4.16-36.el7_1.ppc64.rpm\nphp-pdo-5.4.16-36.el7_1.ppc64.rpm\nphp-pgsql-5.4.16-36.el7_1.ppc64.rpm\nphp-process-5.4.16-36.el7_1.ppc64.rpm\nphp-recode-5.4.16-36.el7_1.ppc64.rpm\nphp-soap-5.4.16-36.el7_1.ppc64.rpm\nphp-xml-5.4.16-36.el7_1.ppc64.rpm\nphp-xmlrpc-5.4.16-36.el7_1.ppc64.rpm\n\ns390x:\nphp-5.4.16-36.el7_1.s390x.rpm\nphp-cli-5.4.16-36.el7_1.s390x.rpm\nphp-common-5.4.16-36.el7_1.s390x.rpm\nphp-debuginfo-5.4.16-36.el7_1.s390x.rpm\nphp-gd-5.4.16-36.el7_1.s390x.rpm\nphp-ldap-5.4.16-36.el7_1.s390x.rpm\nphp-mysql-5.4.16-36.el7_1.s390x.rpm\nphp-odbc-5.4.16-36.el7_1.s390x.rpm\nphp-pdo-5.4.16-36.el7_1.s390x.rpm\nphp-pgsql-5.4.16-36.el7_1.s390x.rpm\nphp-process-5.4.16-36.el7_1.s390x.rpm\nphp-recode-5.4.16-36.el7_1.s390x.rpm\nphp-soap-5.4.16-36.el7_1.s390x.rpm\nphp-xml-5.4.16-36.el7_1.s390x.rpm\nphp-xmlrpc-5.4.16-36.el7_1.s390x.rpm\n\nx86_64:\nphp-5.4.16-36.el7_1.x86_64.rpm\nphp-cli-5.4.16-36.el7_1.x86_64.rpm\nphp-common-5.4.16-36.el7_1.x86_64.rpm\nphp-debuginfo-5.4.16-36.el7_1.x86_64.rpm\nphp-gd-5.4.16-36.el7_1.x86_64.rpm\nphp-ldap-5.4.16-36.el7_1.x86_64.rpm\nphp-mysql-5.4.16-36.el7_1.x86_64.rpm\nphp-odbc-5.4.16-36.el7_1.x86_64.rpm\nphp-pdo-5.4.16-36.el7_1.x86_64.rpm\nphp-pgsql-5.4.16-36.el7_1.x86_64.rpm\nphp-process-5.4.16-36.el7_1.x86_64.rpm\nphp-recode-5.4.16-36.el7_1.x86_64.rpm\nphp-soap-5.4.16-36.el7_1.x86_64.rpm\nphp-xml-5.4.16-36.el7_1.x86_64.rpm\nphp-xmlrpc-5.4.16-36.el7_1.x86_64.rpm\n\nRed Hat Enterprise Linux Server (v. 7):\n\nSource:\nphp-5.4.16-36.ael7b_1.src.rpm\n\nppc64le:\nphp-5.4.16-36.ael7b_1.ppc64le.rpm\nphp-cli-5.4.16-36.ael7b_1.ppc64le.rpm\nphp-common-5.4.16-36.ael7b_1.ppc64le.rpm\nphp-debuginfo-5.4.16-36.ael7b_1.ppc64le.rpm\nphp-gd-5.4.16-36.ael7b_1.ppc64le.rpm\nphp-ldap-5.4.16-36.ael7b_1.ppc64le.rpm\nphp-mysql-5.4.16-36.ael7b_1.ppc64le.rpm\nphp-odbc-5.4.16-36.ael7b_1.ppc64le.rpm\nphp-pdo-5.4.16-36.ael7b_1.ppc64le.rpm\nphp-pgsql-5.4.16-36.ael7b_1.ppc64le.rpm\nphp-process-5.4.16-36.ael7b_1.ppc64le.rpm\nphp-recode-5.4.16-36.ael7b_1.ppc64le.rpm\nphp-soap-5.4.16-36.ael7b_1.ppc64le.rpm\nphp-xml-5.4.16-36.ael7b_1.ppc64le.rpm\nphp-xmlrpc-5.4.16-36.ael7b_1.ppc64le.rpm\n\nRed Hat Enterprise Linux Server Optional (v. 7):\n\nppc64:\nphp-bcmath-5.4.16-36.el7_1.ppc64.rpm\nphp-dba-5.4.16-36.el7_1.ppc64.rpm\nphp-debuginfo-5.4.16-36.el7_1.ppc64.rpm\nphp-devel-5.4.16-36.el7_1.ppc64.rpm\nphp-embedded-5.4.16-36.el7_1.ppc64.rpm\nphp-enchant-5.4.16-36.el7_1.ppc64.rpm\nphp-fpm-5.4.16-36.el7_1.ppc64.rpm\nphp-intl-5.4.16-36.el7_1.ppc64.rpm\nphp-mbstring-5.4.16-36.el7_1.ppc64.rpm\nphp-mysqlnd-5.4.16-36.el7_1.ppc64.rpm\nphp-pspell-5.4.16-36.el7_1.ppc64.rpm\nphp-snmp-5.4.16-36.el7_1.ppc64.rpm\n\ns390x:\nphp-bcmath-5.4.16-36.el7_1.s390x.rpm\nphp-dba-5.4.16-36.el7_1.s390x.rpm\nphp-debuginfo-5.4.16-36.el7_1.s390x.rpm\nphp-devel-5.4.16-36.el7_1.s390x.rpm\nphp-embedded-5.4.16-36.el7_1.s390x.rpm\nphp-enchant-5.4.16-36.el7_1.s390x.rpm\nphp-fpm-5.4.16-36.el7_1.s390x.rpm\nphp-intl-5.4.16-36.el7_1.s390x.rpm\nphp-mbstring-5.4.16-36.el7_1.s390x.rpm\nphp-mysqlnd-5.4.16-36.el7_1.s390x.rpm\nphp-pspell-5.4.16-36.el7_1.s390x.rpm\nphp-snmp-5.4.16-36.el7_1.s390x.rpm\n\nx86_64:\nphp-bcmath-5.4.16-36.el7_1.x86_64.rpm\nphp-dba-5.4.16-36.el7_1.x86_64.rpm\nphp-debuginfo-5.4.16-36.el7_1.x86_64.rpm\nphp-devel-5.4.16-36.el7_1.x86_64.rpm\nphp-embedded-5.4.16-36.el7_1.x86_64.rpm\nphp-enchant-5.4.16-36.el7_1.x86_64.rpm\nphp-fpm-5.4.16-36.el7_1.x86_64.rpm\nphp-intl-5.4.16-36.el7_1.x86_64.rpm\nphp-mbstring-5.4.16-36.el7_1.x86_64.rpm\nphp-mysqlnd-5.4.16-36.el7_1.x86_64.rpm\nphp-pspell-5.4.16-36.el7_1.x86_64.rpm\nphp-snmp-5.4.16-36.el7_1.x86_64.rpm\n\nRed Hat Enterprise Linux Server Optional (v. 7):\n\nppc64le:\nphp-bcmath-5.4.16-36.ael7b_1.ppc64le.rpm\nphp-dba-5.4.16-36.ael7b_1.ppc64le.rpm\nphp-debuginfo-5.4.16-36.ael7b_1.ppc64le.rpm\nphp-devel-5.4.16-36.ael7b_1.ppc64le.rpm\nphp-embedded-5.4.16-36.ael7b_1.ppc64le.rpm\nphp-enchant-5.4.16-36.ael7b_1.ppc64le.rpm\nphp-fpm-5.4.16-36.ael7b_1.ppc64le.rpm\nphp-intl-5.4.16-36.ael7b_1.ppc64le.rpm\nphp-mbstring-5.4.16-36.ael7b_1.ppc64le.rpm\nphp-mysqlnd-5.4.16-36.ael7b_1.ppc64le.rpm\nphp-pspell-5.4.16-36.ael7b_1.ppc64le.rpm\nphp-snmp-5.4.16-36.ael7b_1.ppc64le.rpm\n\nRed Hat Enterprise Linux Workstation (v. 7):\n\nSource:\nphp-5.4.16-36.el7_1.src.rpm\n\nx86_64:\nphp-5.4.16-36.el7_1.x86_64.rpm\nphp-cli-5.4.16-36.el7_1.x86_64.rpm\nphp-common-5.4.16-36.el7_1.x86_64.rpm\nphp-debuginfo-5.4.16-36.el7_1.x86_64.rpm\nphp-gd-5.4.16-36.el7_1.x86_64.rpm\nphp-ldap-5.4.16-36.el7_1.x86_64.rpm\nphp-mysql-5.4.16-36.el7_1.x86_64.rpm\nphp-odbc-5.4.16-36.el7_1.x86_64.rpm\nphp-pdo-5.4.16-36.el7_1.x86_64.rpm\nphp-pgsql-5.4.16-36.el7_1.x86_64.rpm\nphp-process-5.4.16-36.el7_1.x86_64.rpm\nphp-recode-5.4.16-36.el7_1.x86_64.rpm\nphp-soap-5.4.16-36.el7_1.x86_64.rpm\nphp-xml-5.4.16-36.el7_1.x86_64.rpm\nphp-xmlrpc-5.4.16-36.el7_1.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation Optional (v. 7):\n\nx86_64:\nphp-bcmath-5.4.16-36.el7_1.x86_64.rpm\nphp-dba-5.4.16-36.el7_1.x86_64.rpm\nphp-debuginfo-5.4.16-36.el7_1.x86_64.rpm\nphp-devel-5.4.16-36.el7_1.x86_64.rpm\nphp-embedded-5.4.16-36.el7_1.x86_64.rpm\nphp-enchant-5.4.16-36.el7_1.x86_64.rpm\nphp-fpm-5.4.16-36.el7_1.x86_64.rpm\nphp-intl-5.4.16-36.el7_1.x86_64.rpm\nphp-mbstring-5.4.16-36.el7_1.x86_64.rpm\nphp-mysqlnd-5.4.16-36.el7_1.x86_64.rpm\nphp-pspell-5.4.16-36.el7_1.x86_64.rpm\nphp-snmp-5.4.16-36.el7_1.x86_64.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. References:\n\nhttps://access.redhat.com/security/cve/CVE-2014-8142\nhttps://access.redhat.com/security/cve/CVE-2014-9652\nhttps://access.redhat.com/security/cve/CVE-2014-9705\nhttps://access.redhat.com/security/cve/CVE-2014-9709\nhttps://access.redhat.com/security/cve/CVE-2015-0231\nhttps://access.redhat.com/security/cve/CVE-2015-0232\nhttps://access.redhat.com/security/cve/CVE-2015-0273\nhttps://access.redhat.com/security/cve/CVE-2015-2301\nhttps://access.redhat.com/security/cve/CVE-2015-2348\nhttps://access.redhat.com/security/cve/CVE-2015-2783\nhttps://access.redhat.com/security/cve/CVE-2015-2787\nhttps://access.redhat.com/security/cve/CVE-2015-3307\nhttps://access.redhat.com/security/cve/CVE-2015-3329\nhttps://access.redhat.com/security/cve/CVE-2015-3330\nhttps://access.redhat.com/security/cve/CVE-2015-3411\nhttps://access.redhat.com/security/cve/CVE-2015-3412\nhttps://access.redhat.com/security/cve/CVE-2015-4021\nhttps://access.redhat.com/security/cve/CVE-2015-4022\nhttps://access.redhat.com/security/cve/CVE-2015-4024\nhttps://access.redhat.com/security/cve/CVE-2015-4025\nhttps://access.redhat.com/security/cve/CVE-2015-4026\nhttps://access.redhat.com/security/cve/CVE-2015-4147\nhttps://access.redhat.com/security/cve/CVE-2015-4148\nhttps://access.redhat.com/security/cve/CVE-2015-4598\nhttps://access.redhat.com/security/cve/CVE-2015-4599\nhttps://access.redhat.com/security/cve/CVE-2015-4600\nhttps://access.redhat.com/security/cve/CVE-2015-4601\nhttps://access.redhat.com/security/cve/CVE-2015-4602\nhttps://access.redhat.com/security/cve/CVE-2015-4603\nhttps://access.redhat.com/security/cve/CVE-2015-4604\nhttps://access.redhat.com/security/cve/CVE-2015-4605\nhttps://access.redhat.com/security/updates/classification/#important\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2015 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niD8DBQFViR1aXlSAg2UNWIIRAuxPAJ42GLQVzvzc9kje0VjDv8NZWcPv6QCbBL+O\ndtqycPWs+07GhjmZ6NNx5Bg=\n=FREZ\n-----END PGP SIGNATURE-----\n\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n. ============================================================================\nUbuntu Security Notice USN-2658-1\nJuly 06, 2015\n\nphp5 vulnerabilities\n============================================================================\n\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 15.04\n- Ubuntu 14.10\n- Ubuntu 14.04 LTS\n- Ubuntu 12.04 LTS\n\nSummary:\n\nSeveral security issues were fixed in PHP. \n\nSoftware Description:\n- php5: HTML-embedded scripting language interpreter\n\nDetails:\n\nNeal Poole and Tomas Hoger discovered that PHP incorrectly handled NULL\nbytes in file paths. (CVE-2015-3411, CVE-2015-3412, CVE-2015-4025, CVE-2015-4026,\nCVE-2015-4598)\n\nEmmanuel Law discovered that the PHP phar extension incorrectly handled\nfilenames starting with a NULL byte. (CVE-2015-4021)\n\nMax Spelsberg discovered that PHP incorrectly handled the LIST command\nwhen connecting to remote FTP servers. (CVE-2015-4022,\nCVE-2015-4643)\n\nShusheng Liu discovered that PHP incorrectly handled certain malformed form\ndata. (CVE-2015-4024)\n\nAndrea Palazzo discovered that the PHP Soap client incorrectly validated\ndata types. (CVE-2015-4147)\n\nAndrea Palazzo discovered that the PHP Soap client incorrectly validated\nthat the uri property is a string. A remote attacker could possibly use these issues to\nobtain sensitive information or cause a denial of service. This issue only affected Ubuntu\n15.04. (CVE-2015-4644)\n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 15.04:\n libapache2-mod-php5 5.6.4+dfsg-4ubuntu6.2\n php5-cgi 5.6.4+dfsg-4ubuntu6.2\n php5-cli 5.6.4+dfsg-4ubuntu6.2\n php5-fpm 5.6.4+dfsg-4ubuntu6.2\n\nUbuntu 14.10:\n libapache2-mod-php5 5.5.12+dfsg-2ubuntu4.6\n php5-cgi 5.5.12+dfsg-2ubuntu4.6\n php5-cli 5.5.12+dfsg-2ubuntu4.6\n php5-fpm 5.5.12+dfsg-2ubuntu4.6\n\nUbuntu 14.04 LTS:\n libapache2-mod-php5 5.5.9+dfsg-1ubuntu4.11\n php5-cgi 5.5.9+dfsg-1ubuntu4.11\n php5-cli 5.5.9+dfsg-1ubuntu4.11\n php5-fpm 5.5.9+dfsg-1ubuntu4.11\n\nUbuntu 12.04 LTS:\n libapache2-mod-php5 5.3.10-1ubuntu3.19\n php5-cgi 5.3.10-1ubuntu3.19\n php5-cli 5.3.10-1ubuntu3.19\n php5-fpm 5.3.10-1ubuntu3.19\n\nIn general, a standard system update will make all the necessary changes. \n\n\nHere are the details from the Slackware 14.1 ChangeLog:\n+--------------------------+\npatches/packages/php-5.4.41-i486-1_slack14.1.txz: Upgraded. \n This update fixes some bugs and security issues. \n For more information, see:\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-7243\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2325\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2326\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4021\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4022\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4024\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4025\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4026\n (* Security fix *)\n+--------------------------+\n\n\nWhere to find the new packages:\n+-----------------------------+\n\nThanks to the friendly folks at the OSU Open Source Lab\n(http://osuosl.org) for donating FTP and rsync hosting\nto the Slackware project! :-)\n\nAlso see the \"Get Slack\" section on http://slackware.com for\nadditional mirror sites near you. \n\nUpdated package for Slackware 14.0:\nftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/php-5.4.41-i486-1_slack14.0.txz\n\nUpdated package for Slackware x86_64 14.0:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/php-5.4.41-x86_64-1_slack14.0.txz\n\nUpdated package for Slackware 14.1:\nftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/php-5.4.41-i486-1_slack14.1.txz\n\nUpdated package for Slackware x86_64 14.1:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/php-5.4.41-x86_64-1_slack14.1.txz\n\nUpdated package for Slackware -current:\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/php-5.6.9-i586-1.txz\n\nUpdated package for Slackware x86_64 -current:\nftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/php-5.6.9-x86_64-1.txz\n\n\nMD5 signatures:\n+-------------+\n\nSlackware 14.0 package:\n5e8d107dba11f8c87693edfdc32f56b7 php-5.4.41-i486-1_slack14.0.txz\n\nSlackware x86_64 14.0 package:\n24d6895fe6b0e9c88b04ceaccc35383d php-5.4.41-x86_64-1_slack14.0.txz\n\nSlackware 14.1 package:\n52011eec3a256a365789562b63e8ba84 php-5.4.41-i486-1_slack14.1.txz\n\nSlackware x86_64 14.1 package:\n82b75af6253121cab6cc84dd714f554c php-5.4.41-x86_64-1_slack14.1.txz\n\nSlackware -current package:\ne1c64f133f44b0abac21e0846e39d3c8 n/php-5.6.9-i586-1.txz\n\nSlackware x86_64 -current package:\nae51c99af34a4bd8721e7140c38a8c1a n/php-5.6.9-x86_64-1.txz\n\n\nInstallation instructions:\n+------------------------+\n\nUpgrade the package as root:\n# upgradepkg php-5.4.41-i486-1_slack14.1.txz\n\nThen, restart Apache httpd:\n# /etc/rc.d/rc.httpd stop\n# /etc/rc.d/rc.httpd start\n\n\n+-----+\n\nSlackware Linux Security Team\nhttp://slackware.com/gpg-key\nsecurity@slackware.com\n\n+------------------------------------------------------------------------+\n| To leave the slackware-security mailing list: |\n+------------------------------------------------------------------------+\n| Send an email to majordomo@slackware.com with this text in the body of |\n| the email message: |\n| |\n| unsubscribe slackware-security |\n| |\n| You will get a confirmation message back containing instructions to |\n| complete the process. Please do not reply to this email address. \n\nCVE-2015-4024\n\n Denial of service when processing multipart/form-data requests. \n\nCVE-2015-4022\n\n Integer overflow in the ftp_genlist() function may result in\n denial of service or potentially the execution of arbitrary code. \n\nFor the oldstable distribution (wheezy), these problems have been fixed\nin version 5.4.41-0+deb7u1. \n\nFor the stable distribution (jessie), these problems have been fixed in\nversion 5.6.9+dfsg-0+deb8u1. \n\nFor the testing distribution (stretch), these problems have been fixed\nin version 5.6.9+dfsg-1. \n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 5.6.9+dfsg-1. \n\nWe recommend that you upgrade your php5 packages",
"sources": [
{
"db": "NVD",
"id": "CVE-2015-4024"
},
{
"db": "BID",
"id": "74903"
},
{
"db": "VULHUB",
"id": "VHN-81985"
},
{
"db": "VULMON",
"id": "CVE-2015-4024"
},
{
"db": "PACKETSTORM",
"id": "132440"
},
{
"db": "PACKETSTORM",
"id": "132618"
},
{
"db": "PACKETSTORM",
"id": "132406"
},
{
"db": "PACKETSTORM",
"id": "132619"
},
{
"db": "PACKETSTORM",
"id": "132531"
},
{
"db": "PACKETSTORM",
"id": "132442"
},
{
"db": "PACKETSTORM",
"id": "132284"
},
{
"db": "PACKETSTORM",
"id": "132198"
}
],
"trust": 2.07
},
"external_ids": {
"_id": null,
"data": [
{
"db": "NVD",
"id": "CVE-2015-4024",
"trust": 2.9
},
{
"db": "BID",
"id": "74903",
"trust": 2.1
},
{
"db": "SECTRACK",
"id": "1032432",
"trust": 1.8
},
{
"db": "CNNVD",
"id": "CNNVD-201506-131",
"trust": 0.7
},
{
"db": "SEEBUG",
"id": "SSVID-89209",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-81985",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2015-4024",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "132440",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "132618",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "132406",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "132619",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "132531",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "132442",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "132284",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "132198",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-81985"
},
{
"db": "VULMON",
"id": "CVE-2015-4024"
},
{
"db": "BID",
"id": "74903"
},
{
"db": "PACKETSTORM",
"id": "132440"
},
{
"db": "PACKETSTORM",
"id": "132618"
},
{
"db": "PACKETSTORM",
"id": "132406"
},
{
"db": "PACKETSTORM",
"id": "132619"
},
{
"db": "PACKETSTORM",
"id": "132531"
},
{
"db": "PACKETSTORM",
"id": "132442"
},
{
"db": "PACKETSTORM",
"id": "132284"
},
{
"db": "PACKETSTORM",
"id": "132198"
},
{
"db": "CNNVD",
"id": "CNNVD-201506-131"
},
{
"db": "NVD",
"id": "CVE-2015-4024"
}
]
},
"id": "VAR-201506-0266",
"iot": {
"_id": null,
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-81985"
}
],
"trust": 0.01
},
"last_update_date": "2026-04-10T22:24:42.782000Z",
"patch": {
"_id": null,
"data": [
{
"title": "Debian Security Advisories: DSA-3280-1 php5 -- security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=46f85ac4e3abfa7a18e115fb47892db6"
},
{
"title": "Amazon Linux AMI: ALAS-2015-535",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami\u0026qid=ALAS-2015-535"
},
{
"title": "Amazon Linux AMI: ALAS-2015-534",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami\u0026qid=ALAS-2015-534"
},
{
"title": "Tenable Security Advisories: [R4] SecurityCenter 5.0.0.1 Affected by Third-party Library",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=tenable_security_advisories\u0026qid=TNS-2015-06"
},
{
"title": "Amazon Linux AMI: ALAS-2015-536",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami\u0026qid=ALAS-2015-536"
},
{
"title": "Ubuntu Security Notice: php5 vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-2658-1"
},
{
"title": "Oracle Solaris Third Party Bulletins: Oracle Solaris Third Party Bulletin - July 2015",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_solaris_third_party_bulletins\u0026qid=8b701aba68029ec36b631a8e26157a22"
},
{
"title": "Apple: OS X Yosemite v10.10.5 and Security Update 2015-006",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=apple_security_advisories\u0026qid=9834d0d73bf28fb80d3390930bafd906"
},
{
"title": "Oracle Solaris Third Party Bulletins: Oracle Solaris Third Party Bulletin - July 2017",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_solaris_third_party_bulletins\u0026qid=a22ad41e97bbfc5abb0bb927bf43089c"
},
{
"title": "Oracle Linux Bulletins: Oracle Linux Bulletin - January 2016",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_linux_bulletins\u0026qid=8ad80411af3e936eb2998df70506cc71"
},
{
"title": "php-load-test",
"trust": 0.1,
"url": "https://github.com/typcn/php-load-test "
},
{
"title": "phpbug69364-test",
"trust": 0.1,
"url": "https://github.com/qqq232575/phpbug69364-test "
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2015-4024"
}
]
},
"problemtype_data": {
"_id": null,
"data": [
{
"problemtype": "CWE-399",
"trust": 1.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-81985"
},
{
"db": "NVD",
"id": "CVE-2015-4024"
}
]
},
"references": {
"_id": null,
"data": [
{
"trust": 2.4,
"url": "http://www.securityfocus.com/bid/74903"
},
{
"trust": 2.4,
"url": "http://www.debian.org/security/2015/dsa-3280"
},
{
"trust": 2.2,
"url": "http://rhn.redhat.com/errata/rhsa-2015-1135.html"
},
{
"trust": 2.1,
"url": "http://php.net/changelog-5.php"
},
{
"trust": 2.1,
"url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html"
},
{
"trust": 2.1,
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html"
},
{
"trust": 2.1,
"url": "https://bugs.php.net/bug.php?id=69364"
},
{
"trust": 1.9,
"url": "http://rhn.redhat.com/errata/rhsa-2015-1186.html"
},
{
"trust": 1.9,
"url": "http://rhn.redhat.com/errata/rhsa-2015-1187.html"
},
{
"trust": 1.9,
"url": "http://rhn.redhat.com/errata/rhsa-2015-1218.html"
},
{
"trust": 1.9,
"url": "http://rhn.redhat.com/errata/rhsa-2015-1219.html"
},
{
"trust": 1.8,
"url": "http://lists.apple.com/archives/security-announce/2015/aug/msg00001.html"
},
{
"trust": 1.8,
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c05045763"
},
{
"trust": 1.8,
"url": "https://support.apple.com/kb/ht205031"
},
{
"trust": 1.8,
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-may/158616.html"
},
{
"trust": 1.8,
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-may/159031.html"
},
{
"trust": 1.8,
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-may/158915.html"
},
{
"trust": 1.8,
"url": "http://www.securitytracker.com/id/1032432"
},
{
"trust": 1.8,
"url": "http://lists.opensuse.org/opensuse-updates/2015-06/msg00002.html"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-4021"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-4024"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-4026"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-4022"
},
{
"trust": 0.7,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-4025"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-4598"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-3411"
},
{
"trust": 0.5,
"url": "https://access.redhat.com/security/cve/cve-2015-4024"
},
{
"trust": 0.5,
"url": "https://access.redhat.com/security/cve/cve-2015-4021"
},
{
"trust": 0.5,
"url": "https://access.redhat.com/security/cve/cve-2015-4022"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-3412"
},
{
"trust": 0.5,
"url": "https://access.redhat.com/articles/11258"
},
{
"trust": 0.5,
"url": "https://access.redhat.com/security/team/contact/"
},
{
"trust": 0.5,
"url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.5,
"url": "https://access.redhat.com/security/cve/cve-2015-4026"
},
{
"trust": 0.5,
"url": "https://bugzilla.redhat.com/):"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-4602"
},
{
"trust": 0.5,
"url": "https://access.redhat.com/security/cve/cve-2015-4598"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-3329"
},
{
"trust": 0.5,
"url": "https://access.redhat.com/security/team/key/"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-2783"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/cve/cve-2015-4603"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/cve/cve-2015-3307"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/cve/cve-2015-3411"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/cve/cve-2015-2783"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/cve/cve-2015-4602"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-3307"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/cve/cve-2015-3412"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/cve/cve-2015-3329"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-4603"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/cve/cve-2015-4025"
},
{
"trust": 0.3,
"url": "http://www.php.net"
},
{
"trust": 0.3,
"url": "http://prod.lists.apple.com/archives/security-announce/2015/aug/msg00001.html"
},
{
"trust": 0.3,
"url": "http://git.php.net/?p=php-src.git;a=commitdiff;h=4605d536d23b00813d11cc906bb48d39bdcf5f25"
},
{
"trust": 0.3,
"url": "https://www.oracle.com/technetwork/topics/security/bulletinjul2017-3814622.html"
},
{
"trust": 0.3,
"url": "https://www.alienvault.com/forums/discussion/6075/security-advisory-alienvault-v5-2-addresses-55-vulnerabilities"
},
{
"trust": 0.3,
"url": "https://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5099196"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21972384"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-4605"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-3330"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2015-4604"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2015-3330"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-4604"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2015-4605"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-4148"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-4601"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-4600"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-4147"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-4599"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2015-4600"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2015-4147"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2015-4148"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-9705"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-0232"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2015-0232"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2015-0273"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2014-9705"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-2301"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2015-4599"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-2787"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2015-2787"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2015-4601"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-9709"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-0273"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2015-2301"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2014-9709"
},
{
"trust": 0.2,
"url": "http://www.debian.org/security/"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/399.html"
},
{
"trust": 0.1,
"url": "https://github.com/typcn/php-load-test"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "http://tools.cisco.com/security/center/viewalert.x?alertid=39138"
},
{
"trust": 0.1,
"url": "https://usn.ubuntu.com/2658-1/"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2014-9425"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-9425"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-8142"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-0231"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-2348"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2015-2348"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2014-8142"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-9652"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2014-9652"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2015-0231"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/php5/5.6.4+dfsg-4ubuntu6.2"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-4644"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/php5/5.5.9+dfsg-1ubuntu4.11"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/php5/5.5.12+dfsg-2ubuntu4.6"
},
{
"trust": 0.1,
"url": "http://www.ubuntu.com/usn/usn-2658-1"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-4643"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/php5/5.3.10-1ubuntu3.19"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-2325"
},
{
"trust": 0.1,
"url": "http://slackware.com"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-4025"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-4026"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-4021"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-4024"
},
{
"trust": 0.1,
"url": "http://slackware.com/gpg-key"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-2326"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-4022"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-2325"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-7243"
},
{
"trust": 0.1,
"url": "http://osuosl.org)"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-7243"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-2326"
},
{
"trust": 0.1,
"url": "http://www.debian.org/security/faq"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-81985"
},
{
"db": "VULMON",
"id": "CVE-2015-4024"
},
{
"db": "BID",
"id": "74903"
},
{
"db": "PACKETSTORM",
"id": "132440"
},
{
"db": "PACKETSTORM",
"id": "132618"
},
{
"db": "PACKETSTORM",
"id": "132406"
},
{
"db": "PACKETSTORM",
"id": "132619"
},
{
"db": "PACKETSTORM",
"id": "132531"
},
{
"db": "PACKETSTORM",
"id": "132442"
},
{
"db": "PACKETSTORM",
"id": "132284"
},
{
"db": "PACKETSTORM",
"id": "132198"
},
{
"db": "CNNVD",
"id": "CNNVD-201506-131"
},
{
"db": "NVD",
"id": "CVE-2015-4024"
}
]
},
"sources": {
"_id": null,
"data": [
{
"db": "VULHUB",
"id": "VHN-81985",
"ident": null
},
{
"db": "VULMON",
"id": "CVE-2015-4024",
"ident": null
},
{
"db": "BID",
"id": "74903",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "132440",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "132618",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "132406",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "132619",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "132531",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "132442",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "132284",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "132198",
"ident": null
},
{
"db": "CNNVD",
"id": "CNNVD-201506-131",
"ident": null
},
{
"db": "NVD",
"id": "CVE-2015-4024",
"ident": null
}
]
},
"sources_release_date": {
"_id": null,
"data": [
{
"date": "2015-06-09T00:00:00",
"db": "VULHUB",
"id": "VHN-81985",
"ident": null
},
{
"date": "2015-06-09T00:00:00",
"db": "VULMON",
"id": "CVE-2015-4024",
"ident": null
},
{
"date": "2015-05-14T00:00:00",
"db": "BID",
"id": "74903",
"ident": null
},
{
"date": "2015-06-25T14:18:12",
"db": "PACKETSTORM",
"id": "132440",
"ident": null
},
{
"date": "2015-07-09T23:16:17",
"db": "PACKETSTORM",
"id": "132618",
"ident": null
},
{
"date": "2015-06-23T14:07:16",
"db": "PACKETSTORM",
"id": "132406",
"ident": null
},
{
"date": "2015-07-09T23:16:26",
"db": "PACKETSTORM",
"id": "132619",
"ident": null
},
{
"date": "2015-07-07T00:23:34",
"db": "PACKETSTORM",
"id": "132531",
"ident": null
},
{
"date": "2015-06-25T14:18:25",
"db": "PACKETSTORM",
"id": "132442",
"ident": null
},
{
"date": "2015-06-12T13:17:49",
"db": "PACKETSTORM",
"id": "132284",
"ident": null
},
{
"date": "2015-06-10T01:21:58",
"db": "PACKETSTORM",
"id": "132198",
"ident": null
},
{
"date": "2015-06-10T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201506-131",
"ident": null
},
{
"date": "2015-06-09T18:59:06.770000",
"db": "NVD",
"id": "CVE-2015-4024",
"ident": null
}
]
},
"sources_update_date": {
"_id": null,
"data": [
{
"date": "2019-12-27T00:00:00",
"db": "VULHUB",
"id": "VHN-81985",
"ident": null
},
{
"date": "2019-12-27T00:00:00",
"db": "VULMON",
"id": "CVE-2015-4024",
"ident": null
},
{
"date": "2017-07-21T13:07:00",
"db": "BID",
"id": "74903",
"ident": null
},
{
"date": "2019-12-30T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201506-131",
"ident": null
},
{
"date": "2025-04-12T10:46:40.837000",
"db": "NVD",
"id": "CVE-2015-4024",
"ident": null
}
]
},
"threat_type": {
"_id": null,
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "132440"
},
{
"db": "PACKETSTORM",
"id": "132406"
},
{
"db": "PACKETSTORM",
"id": "132531"
},
{
"db": "PACKETSTORM",
"id": "132442"
},
{
"db": "CNNVD",
"id": "CNNVD-201506-131"
}
],
"trust": 1.0
},
"title": {
"_id": null,
"data": "PHP \u2018 multipart_buffer_headers \u0027Function Resource Management Error Vulnerability",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201506-131"
}
],
"trust": 0.6
},
"type": {
"_id": null,
"data": "resource management error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201506-131"
}
],
"trust": 0.6
}
}