Säkerhetsbulletin från Debian

DSA-030-2 xfree86 -- buffertspill, osäker temporärfilshantering, överbelastningsattack

Rapporterat den:
2001-02-12
Berörda paket:
xfree86
Sårbara:
Ja
Referenser i säkerhetsdatabaser:
I Bugtraq-databasen (hos SecurityFocus): BugTraq-id 1430, BugTraq-id 2925, BugTraq-id 2924.
Ytterligare information:
Chris Evans, Joseph S. Myers, Michal Zalewski, Alan Cox, med flera har upptäckte ett antal problem i flera delar av exempelimplementationen av X Window System (vilken XFree86 bygger på). Trots att det inte är känt att någon i verkligheten skulle ha utnyttjat något av dessa problem är det ändå rekommenderat att du uppgraderar dina XFree86-paket omedelbart.

Denna bulletin gäller endast för XFree86 3.3.6, eftersom det är den version som släpptes med Debian GNU/Linux 2.2 ("potato"); Debianpaket av XFree86 4.0 har inte släppts som en del av en Debianutgåva.

Det är många personer som är ansvariga för att ha rättat dessa problem, bland andra Aaron Campbell, Paulo Cesar Pereira de Andrade, Keith Packard, David Dawes, Matthieu Herrb, Trevor Johnson, Colin Phipps och Branden Robinson.

  • X-servern är sårbar för en överbelastningsattack under förhandling av XC-SECURITY-protokollet.
  • X-klienter baserade på Xlib (vilket är de allra flesta) är sårbara för potentiella buffertspill i funktionerna _XReply() och _XAsyncReply() om de ansluter till en X-server som är kodad för att med avsikt lägga felaktiga data i sina X-protokollsvar. OBS: Denna attack är bara effektiv mot X-klienter som kör med förhöjd behörighet (setuid- eller setgid-program), och ger bara potentiell tillgång till de förhöjda behörigheterna. Till exempel så är den mest vanliga X-klienten med setuid xterm. På många Unixsystem är xterm setuid root; i Debian 2.2 är xterm bara setgid utmp, vilket betyder att ett effektivt utnyttjande av detta problem är begränsat till att förstöra lastlog-, utmp- och wtmp-filerna -- och ger ej allmän rootbehörighet. Notera även att angriparen måste ha tillräckliga privilegier för att starta en X-klient och framgångsrikt ansluta mot X-servern.
  • Det finns ett buffertspill (ej stackbaserat) i xdm:s XDMCP-kod.
  • Det finns ett en-bytesspill i Xtrans.c
  • Xtranssock.c är även sårbart för buffertspillproblem.
  • Det finns ett buffertspill i flaggan -xkbmap till X-servern.
  • MultiSrc-elementet i grafikelementbibliotektet Athena hanterar temporära filer på ett osäkert sätt.
  • Imake-programmet hanterar temporära filer på ett osäkert sätt när det exekverar install-regler.
  • ICE-biblioteket är sårbart för buffertspillsattacker.
  • Xauth-programmet hanterar temporära filer osäkert.
  • XauLock()-funktionen i Xau-biblioteket hanterar temporära filer osäkert.
  • Gccmakedep- och makedepend-programmen hanterar temporära filer osäkert.

Alla problemen ovan löses av denna säkerhetsuppdatering.

Det finns flera andra XFree86-säkerhetsproblem som ofta diskuteras i samband med ovanstående, för vilka ett uppdaterat Debian 2.2-system INTE är sårbart:

  • Det finns fyra olika problem i Xlib:s XOpenDisplay()-funktion i vilket en illasinnat kodad X-server kunde orsaka en överbelastningsattack eller ett buffertspill. Som tidigare är denna attack endast effektiv mot X-klienter som körs med förhöjd behörighet, och angriparen måste redan ha tillräcklig behörighet för att starta en sådan X-klient och sedan framgångsrikt ansluta till X-servern. Debian 2.2 och 2.2r1 är bara sårbara för ett av dessa problem, eftersom vi applicerade patchar mot XFree86 3.3.6 för att rätta de tre andra. Ytterligare en patch som applicerades i Debian 2.2r2 rättade den fjärde.
  • AsciiSrc-elementet i grafikelementbiblioteket Athena hanterar temporära filer på ett osäkert sätt. Debian 2.2r2 är inte sårbart för detta eftersom vi applicerade en patch för att rätta det.
  • Imake-programmet använder mktemp() istället för mkstemp(). Detta problem finns inte i XFree86 3.3.6, och därför påverkas ingen utgåva av Debian 2.2.

Dessa problem har rättats i version 3.3.6-11potato32 och vi rekommenderar att du uppgraderar dina X-paket omedelbart.

Rättat i:

Debian 2.2 (potato)

Källkod:
http://security.debian.org/dists/stable/updates/main/source/xfree86-1_3.3.6-11potato32.diff.gz
http://security.debian.org/dists/stable/updates/main/source/xfree86-1_3.3.6-11potato32.dsc
http://security.debian.org/dists/stable/updates/main/source/xfree86-1_3.3.6.orig.tar.gz
Arkitekturoberoende komponent:
http://security.debian.org/dists/stable/updates/main/binary-all/rstart_3.3.6-11potato32_all.deb
http://security.debian.org/dists/stable/updates/main/binary-all/xbase_3.3.6-11potato32_all.deb
http://security.debian.org/dists/stable/updates/main/binary-all/xfree86-common_3.3.6-11potato32_all.deb
alpha:
http://security.debian.org/dists/stable/updates/main/binary-alpha/rstartd_3.3.6-11potato32_alpha.deb
http://security.debian.org/dists/stable/updates/main/binary-alpha/twm_3.3.6-11potato32_alpha.deb
http://security.debian.org/dists/stable/updates/main/binary-alpha/xbase-clients_3.3.6-11potato32_alpha.deb
http://security.debian.org/dists/stable/updates/main/binary-alpha/xdm_3.3.6-11potato32_alpha.deb
http://security.debian.org/dists/stable/updates/main/binary-alpha/xext_3.3.6-11potato32_alpha.deb
http://security.debian.org/dists/stable/updates/main/binary-alpha/xf86setup_3.3.6-11potato32_alpha.deb
http://security.debian.org/dists/stable/updates/main/binary-alpha/xlib6g-dev_3.3.6-11potato32_alpha.deb
http://security.debian.org/dists/stable/updates/main/binary-alpha/xlib6g-static_3.3.6-11potato32_alpha.deb
http://security.debian.org/dists/stable/updates/main/binary-alpha/xlib6g_3.3.6-11potato32_alpha.deb
http://security.debian.org/dists/stable/updates/main/binary-alpha/xmh_3.3.6-11potato32_alpha.deb
http://security.debian.org/dists/stable/updates/main/binary-alpha/xnest_3.3.6-11potato32_alpha.deb
http://security.debian.org/dists/stable/updates/main/binary-alpha/xproxy_3.3.6-11potato32_alpha.deb
http://security.debian.org/dists/stable/updates/main/binary-alpha/xprt_3.3.6-11potato32_alpha.deb
http://security.debian.org/dists/stable/updates/main/binary-alpha/xserver-3dlabs_3.3.6-11potato32_alpha.deb
http://security.debian.org/dists/stable/updates/main/binary-alpha/xserver-common_3.3.6-11potato32_alpha.deb
http://security.debian.org/dists/stable/updates/main/binary-alpha/xserver-fbdev_3.3.6-11potato32_alpha.deb
http://security.debian.org/dists/stable/updates/main/binary-alpha/xserver-i128_3.3.6-11potato32_alpha.deb
http://security.debian.org/dists/stable/updates/main/binary-alpha/xserver-mach64_3.3.6-11potato32_alpa.deb
http://security.debian.org/dists/stable/updates/main/binary-alpha/xserver-mono_3.3.6-11potato32_alpha.deb
http://security.debian.org/dists/stable/updates/main/binary-alpha/xserver-p9000_3.3.6-11potato32_alpha.deb
http://security.debian.org/dists/stable/updates/main/binary-alpha/xserver-s3_3.3.6-11potato32_alpha.deb
http://security.debian.org/dists/stable/updates/main/binary-alpha/xserver-s3v_3.3.6-11potato32_alpha.deb
http://security.debian.org/dists/stable/updates/main/binary-alpha/xserver-svga_3.3.6-11potato32_alpha.deb
http://security.debian.org/dists/stable/updates/main/binary-alpha/xserver-tga_3.3.6-11potato32_alpha.deb
http://security.debian.org/dists/stable/updates/main/binary-alpha/xserver-vga16_3.3.6-11potato32_alpha.deb
http://security.debian.org/dists/stable/updates/main/binary-alpha/xsm_3.3.6-11potato32_alpha.deb
http://security.debian.org/dists/stable/updates/main/binary-alpha/xterm_3.3.6-11potato32_alpha.deb
http://security.debian.org/dists/stable/updates/main/binary-alpha/xvfb_3.3.6-11potato32_alpha.deb
arm:
http://security.debian.org/dists/stable/updates/main/binary-arm/rstartd_3.3.6-11potato32_arm.deb
http://security.debian.org/dists/stable/updates/main/binary-arm/twm_3.3.6-11potato32_arm.deb
http://security.debian.org/dists/stable/updates/main/binary-arm/xbase-clients_3.3.6-11potato32_arm.deb
http://security.debian.org/dists/stable/updates/main/binary-arm/xdm_3.3.6-11potato32_arm.deb
http://security.debian.org/dists/stable/updates/main/binary-arm/xext_3.3.6-11potato32_arm.deb
http://security.debian.org/dists/stable/updates/main/binary-arm/xf86setup_3.3.6-11potato32_arm.deb
http://security.debian.org/dists/stable/updates/main/binary-arm/xlib6g-dev_3.3.6-11potato32_arm.deb
http://security.debian.org/dists/stable/updates/main/binary-arm/xlib6g-static_3.3.6-11potato32_arm.deb
http://security.debian.org/dists/stable/updates/main/binary-arm/xlib6g_3.3.6-11potato32_arm.deb
http://security.debian.org/dists/stable/updates/main/binary-arm/xmh_3.3.6-11potato32_arm.deb
http://security.debian.org/dists/stable/updates/main/binary-arm/xnest_3.3.6-11potato32_arm.deb
http://security.debian.org/dists/stable/updates/main/binary-arm/xproxy_3.3.6-11potato32_arm.deb
http://security.debian.org/dists/stable/updates/main/binary-arm/xprt_3.3.6-11potato32_arm.deb
http://security.debian.org/dists/stable/updates/main/binary-arm/xserver-3dlabs_3.3.6-11potato32_arm.deb
http://security.debian.org/dists/stable/updates/main/binary-arm/xserver-common_3.3.6-11potato32_arm.deb
http://security.debian.org/dists/stable/updates/main/binary-arm/xserver-fbdev_3.3.6-11potato32_arm.deb
http://security.debian.org/dists/stable/updates/main/binary-arm/xserver-i128_3.3.6-11potato32_arm.deb
http://security.debian.org/dists/stable/updates/main/binary-arm/xserver-mach64_3.3.6-11potato32_alpa.deb
http://security.debian.org/dists/stable/updates/main/binary-arm/xserver-mono_3.3.6-11potato32_arm.deb
http://security.debian.org/dists/stable/updates/main/binary-arm/xserver-p9000_3.3.6-11potato32_arm.deb
http://security.debian.org/dists/stable/updates/main/binary-arm/xserver-s3_3.3.6-11potato32_arm.deb
http://security.debian.org/dists/stable/updates/main/binary-arm/xserver-s3v_3.3.6-11potato32_arm.deb
http://security.debian.org/dists/stable/updates/main/binary-arm/xserver-svga_3.3.6-11potato32_arm.deb
http://security.debian.org/dists/stable/updates/main/binary-arm/xserver-tga_3.3.6-11potato32_arm.deb
http://security.debian.org/dists/stable/updates/main/binary-arm/xserver-vga16_3.3.6-11potato32_arm.deb
http://security.debian.org/dists/stable/updates/main/binary-arm/xsm_3.3.6-11potato32_arm.deb
http://security.debian.org/dists/stable/updates/main/binary-arm/xterm_3.3.6-11potato32_arm.deb
http://security.debian.org/dists/stable/updates/main/binary-arm/xvfb_3.3.6-11potato32_arm.deb
i386:
http://security.debian.org/dists/stable/updates/main/binary-i386/rstartd_3.3.6-11potato32_i386.deb
http://security.debian.org/dists/stable/updates/main/binary-i386/twm_3.3.6-11potato32_i386.deb
http://security.debian.org/dists/stable/updates/main/binary-i386/xbase-clients_3.3.6-11potato32_i386.deb
http://security.debian.org/dists/stable/updates/main/binary-i386/xdm_3.3.6-11potato32_i386.deb
http://security.debian.org/dists/stable/updates/main/binary-i386/xext_3.3.6-11potato32_i386.deb
http://security.debian.org/dists/stable/updates/main/binary-i386/xf86setup_3.3.6-11potato32_i386.deb
http://security.debian.org/dists/stable/updates/main/binary-i386/xlib6g-dev_3.3.6-11potato32_i386.deb
http://security.debian.org/dists/stable/updates/main/binary-i386/xlib6g-static_3.3.6-11potato32_i386.deb
http://security.debian.org/dists/stable/updates/main/binary-i386/xlib6g_3.3.6-11potato32_i386.deb
http://security.debian.org/dists/stable/updates/main/binary-i386/xmh_3.3.6-11potato32_i386.deb
http://security.debian.org/dists/stable/updates/main/binary-i386/xnest_3.3.6-11potato32_i386.deb
http://security.debian.org/dists/stable/updates/main/binary-i386/xproxy_3.3.6-11potato32_i386.deb
http://security.debian.org/dists/stable/updates/main/binary-i386/xprt_3.3.6-11potato32_i386.deb
http://security.debian.org/dists/stable/updates/main/binary-i386/xserver-3dlabs_3.3.6-11potato32_i386.deb
http://security.debian.org/dists/stable/updates/main/binary-i386/xserver-common_3.3.6-11potato32_i386.deb
http://security.debian.org/dists/stable/updates/main/binary-i386/xserver-fbdev_3.3.6-11potato32_i386.deb
http://security.debian.org/dists/stable/updates/main/binary-i386/xserver-i128_3.3.6-11potato32_i386.deb
http://security.debian.org/dists/stable/updates/main/binary-i386/xserver-mach64_3.3.6-11potato32_alpa.deb
http://security.debian.org/dists/stable/updates/main/binary-i386/xserver-mono_3.3.6-11potato32_i386.deb
http://security.debian.org/dists/stable/updates/main/binary-i386/xserver-p9000_3.3.6-11potato32_i386.deb
http://security.debian.org/dists/stable/updates/main/binary-i386/xserver-s3_3.3.6-11potato32_i386.deb
http://security.debian.org/dists/stable/updates/main/binary-i386/xserver-s3v_3.3.6-11potato32_i386.deb
http://security.debian.org/dists/stable/updates/main/binary-i386/xserver-svga_3.3.6-11potato32_i386.deb
http://security.debian.org/dists/stable/updates/main/binary-i386/xserver-tga_3.3.6-11potato32_i386.deb
http://security.debian.org/dists/stable/updates/main/binary-i386/xserver-vga16_3.3.6-11potato32_i386.deb
http://security.debian.org/dists/stable/updates/main/binary-i386/xsm_3.3.6-11potato32_i386.deb
http://security.debian.org/dists/stable/updates/main/binary-i386/xterm_3.3.6-11potato32_i386.deb
http://security.debian.org/dists/stable/updates/main/binary-i386/xvfb_3.3.6-11potato32_i386.deb
m68k:
http://security.debian.org/dists/stable/updates/main/binary-m68k/rstartd_3.3.6-11potato32_m68k.deb
http://security.debian.org/dists/stable/updates/main/binary-m68k/twm_3.3.6-11potato32_m68k.deb
http://security.debian.org/dists/stable/updates/main/binary-m68k/xbase-clients_3.3.6-11potato32_m68k.deb
http://security.debian.org/dists/stable/updates/main/binary-m68k/xdm_3.3.6-11potato32_m68k.deb
http://security.debian.org/dists/stable/updates/main/binary-m68k/xext_3.3.6-11potato32_m68k.deb
http://security.debian.org/dists/stable/updates/main/binary-m68k/xf86setup_3.3.6-11potato32_m68k.deb
http://security.debian.org/dists/stable/updates/main/binary-m68k/xlib6g-dev_3.3.6-11potato32_m68k.deb
http://security.debian.org/dists/stable/updates/main/binary-m68k/xlib6g-static_3.3.6-11potato32_m68k.deb
http://security.debian.org/dists/stable/updates/main/binary-m68k/xlib6g_3.3.6-11potato32_m68k.deb
http://security.debian.org/dists/stable/updates/main/binary-m68k/xmh_3.3.6-11potato32_m68k.deb
http://security.debian.org/dists/stable/updates/main/binary-m68k/xnest_3.3.6-11potato32_m68k.deb
http://security.debian.org/dists/stable/updates/main/binary-m68k/xproxy_3.3.6-11potato32_m68k.deb
http://security.debian.org/dists/stable/updates/main/binary-m68k/xprt_3.3.6-11potato32_m68k.deb
http://security.debian.org/dists/stable/updates/main/binary-m68k/xserver-3dlabs_3.3.6-11potato32_m68k.deb
http://security.debian.org/dists/stable/updates/main/binary-m68k/xserver-common_3.3.6-11potato32_m68k.deb
http://security.debian.org/dists/stable/updates/main/binary-m68k/xserver-fbdev_3.3.6-11potato32_m68k.deb
http://security.debian.org/dists/stable/updates/main/binary-m68k/xserver-i128_3.3.6-11potato32_m68k.deb
http://security.debian.org/dists/stable/updates/main/binary-m68k/xserver-mach64_3.3.6-11potato32_alpa.deb
http://security.debian.org/dists/stable/updates/main/binary-m68k/xserver-mono_3.3.6-11potato32_m68k.deb
http://security.debian.org/dists/stable/updates/main/binary-m68k/xserver-p9000_3.3.6-11potato32_m68k.deb
http://security.debian.org/dists/stable/updates/main/binary-m68k/xserver-s3_3.3.6-11potato32_m68k.deb
http://security.debian.org/dists/stable/updates/main/binary-m68k/xserver-s3v_3.3.6-11potato32_m68k.deb
http://security.debian.org/dists/stable/updates/main/binary-m68k/xserver-svga_3.3.6-11potato32_m68k.deb
http://security.debian.org/dists/stable/updates/main/binary-m68k/xserver-tga_3.3.6-11potato32_m68k.deb
http://security.debian.org/dists/stable/updates/main/binary-m68k/xserver-vga16_3.3.6-11potato32_m68k.deb
http://security.debian.org/dists/stable/updates/main/binary-m68k/xsm_3.3.6-11potato32_m68k.deb
http://security.debian.org/dists/stable/updates/main/binary-m68k/xterm_3.3.6-11potato32_m68k.deb
http://security.debian.org/dists/stable/updates/main/binary-m68k/xvfb_3.3.6-11potato32_m68k.deb
powerpc:
http://security.debian.org/dists/stable/updates/main/binary-powerpc/rstartd_3.3.6-11potato32_powerpc.deb
http://security.debian.org/dists/stable/updates/main/binary-powerpc/twm_3.3.6-11potato32_powerpc.deb
http://security.debian.org/dists/stable/updates/main/binary-powerpc/xbase-clients_3.3.6-11potato32_powerpc.deb
http://security.debian.org/dists/stable/updates/main/binary-powerpc/xdm_3.3.6-11potato32_powerpc.deb
http://security.debian.org/dists/stable/updates/main/binary-powerpc/xext_3.3.6-11potato32_powerpc.deb
http://security.debian.org/dists/stable/updates/main/binary-powerpc/xf86setup_3.3.6-11potato32_powerpc.deb
http://security.debian.org/dists/stable/updates/main/binary-powerpc/xlib6g-dev_3.3.6-11potato32_powerpc.deb
http://security.debian.org/dists/stable/updates/main/binary-powerpc/xlib6g-static_3.3.6-11potato32_powerpc.deb
http://security.debian.org/dists/stable/updates/main/binary-powerpc/xlib6g_3.3.6-11potato32_powerpc.deb
http://security.debian.org/dists/stable/updates/main/binary-powerpc/xmh_3.3.6-11potato32_powerpc.deb
http://security.debian.org/dists/stable/updates/main/binary-powerpc/xnest_3.3.6-11potato32_powerpc.deb
http://security.debian.org/dists/stable/updates/main/binary-powerpc/xproxy_3.3.6-11potato32_powerpc.deb
http://security.debian.org/dists/stable/updates/main/binary-powerpc/xprt_3.3.6-11potato32_powerpc.deb
http://security.debian.org/dists/stable/updates/main/binary-powerpc/xserver-3dlabs_3.3.6-11potato32_powerpc.deb
http://security.debian.org/dists/stable/updates/main/binary-powerpc/xserver-common_3.3.6-11potato32_powerpc.deb
http://security.debian.org/dists/stable/updates/main/binary-powerpc/xserver-fbdev_3.3.6-11potato32_powerpc.deb
http://security.debian.org/dists/stable/updates/main/binary-powerpc/xserver-i128_3.3.6-11potato32_powerpc.deb
http://security.debian.org/dists/stable/updates/main/binary-powerpc/xserver-mach64_3.3.6-11potato32_alpa.deb
http://security.debian.org/dists/stable/updates/main/binary-powerpc/xserver-mono_3.3.6-11potato32_powerpc.deb
http://security.debian.org/dists/stable/updates/main/binary-powerpc/xserver-p9000_3.3.6-11potato32_powerpc.deb
http://security.debian.org/dists/stable/updates/main/binary-powerpc/xserver-s3_3.3.6-11potato32_powerpc.deb
http://security.debian.org/dists/stable/updates/main/binary-powerpc/xserver-s3v_3.3.6-11potato32_powerpc.deb
http://security.debian.org/dists/stable/updates/main/binary-powerpc/xserver-svga_3.3.6-11potato32_powerpc.deb
http://security.debian.org/dists/stable/updates/main/binary-powerpc/xserver-tga_3.3.6-11potato32_powerpc.deb
http://security.debian.org/dists/stable/updates/main/binary-powerpc/xserver-vga16_3.3.6-11potato32_powerpc.deb
http://security.debian.org/dists/stable/updates/main/binary-powerpc/xsm_3.3.6-11potato32_powerpc.deb
http://security.debian.org/dists/stable/updates/main/binary-powerpc/xterm_3.3.6-11potato32_powerpc.deb
http://security.debian.org/dists/stable/updates/main/binary-powerpc/xvfb_3.3.6-11potato32_powerpc.deb
sparc:
http://security.debian.org/dists/stable/updates/main/binary-sparc/rstartd_3.3.6-11potato32_sparc.deb
http://security.debian.org/dists/stable/updates/main/binary-sparc/twm_3.3.6-11potato32_sparc.deb
http://security.debian.org/dists/stable/updates/main/binary-sparc/xbase-clients_3.3.6-11potato32_sparc.deb
http://security.debian.org/dists/stable/updates/main/binary-sparc/xdm_3.3.6-11potato32_sparc.deb
http://security.debian.org/dists/stable/updates/main/binary-sparc/xext_3.3.6-11potato32_sparc.deb
http://security.debian.org/dists/stable/updates/main/binary-sparc/xf86setup_3.3.6-11potato32_sparc.deb
http://security.debian.org/dists/stable/updates/main/binary-sparc/xlib6g-dev_3.3.6-11potato32_sparc.deb
http://security.debian.org/dists/stable/updates/main/binary-sparc/xlib6g-static_3.3.6-11potato32_sparc.deb
http://security.debian.org/dists/stable/updates/main/binary-sparc/xlib6g_3.3.6-11potato32_sparc.deb
http://security.debian.org/dists/stable/updates/main/binary-sparc/xmh_3.3.6-11potato32_sparc.deb
http://security.debian.org/dists/stable/updates/main/binary-sparc/xnest_3.3.6-11potato32_sparc.deb
http://security.debian.org/dists/stable/updates/main/binary-sparc/xproxy_3.3.6-11potato32_sparc.deb
http://security.debian.org/dists/stable/updates/main/binary-sparc/xprt_3.3.6-11potato32_sparc.deb
http://security.debian.org/dists/stable/updates/main/binary-sparc/xserver-3dlabs_3.3.6-11potato32_sparc.deb
http://security.debian.org/dists/stable/updates/main/binary-sparc/xserver-common_3.3.6-11potato32_sparc.deb
http://security.debian.org/dists/stable/updates/main/binary-sparc/xserver-fbdev_3.3.6-11potato32_sparc.deb
http://security.debian.org/dists/stable/updates/main/binary-sparc/xserver-i128_3.3.6-11potato32_sparc.deb
http://security.debian.org/dists/stable/updates/main/binary-sparc/xserver-mach64_3.3.6-11potato32_alpa.deb
http://security.debian.org/dists/stable/updates/main/binary-sparc/xserver-mono_3.3.6-11potato32_sparc.deb
http://security.debian.org/dists/stable/updates/main/binary-sparc/xserver-p9000_3.3.6-11potato32_sparc.deb
http://security.debian.org/dists/stable/updates/main/binary-sparc/xserver-s3_3.3.6-11potato32_sparc.deb
http://security.debian.org/dists/stable/updates/main/binary-sparc/xserver-s3v_3.3.6-11potato32_sparc.deb
http://security.debian.org/dists/stable/updates/main/binary-sparc/xserver-svga_3.3.6-11potato32_sparc.deb
http://security.debian.org/dists/stable/updates/main/binary-sparc/xserver-tga_3.3.6-11potato32_sparc.deb
http://security.debian.org/dists/stable/updates/main/binary-sparc/xserver-vga16_3.3.6-11potato32_sparc.deb
http://security.debian.org/dists/stable/updates/main/binary-sparc/xsm_3.3.6-11potato32_sparc.deb
http://security.debian.org/dists/stable/updates/main/binary-sparc/xterm_3.3.6-11potato32_sparc.deb
http://security.debian.org/dists/stable/updates/main/binary-sparc/xvfb_3.3.6-11potato32_sparc.deb