Porada dotycząca bezpieczeństwa Debiana

DSA-443-1 xfree86 -- kilka naruszeń bezpieczeństwa

Data Zgłoszenia:

19.02.2004

Narażone Pakiety:

Podatny:

Tak

Odnośniki do baz danych na temat bezpieczeństwa:

Baza danych Bugtraq (SecurityFocus): Nr BugTraq 9636, Nr BugTraq 9652, Nr BugTraq 9655, Nr BugTraq 9701.
W słowniku CVE Mitre-a CVE-2003-0690, CVE-2004-0083, CVE-2004-0084, CVE-2004-0106, CVE-2004-0093, CVE-2004-0094.

Więcej informacji:

Odkryto kilka naruszeń bezpieczeństwa w XFree86. Poprawki przedstawiono poniżej wraz z opisem z projektu Common Vulnerabilities and Exposures (CVE):

CAN-2004-0083:
Przepełnienie bufora w ReadFontAlias z dirfile.c XFree86 wersji 4.1.0 do 4.3.0 pozwala lokalnym użytkownikom i atakującym z zewnątrz na wykonanie własnego kodu poprzez plik aliasów czcionek (font.alias) z długim tokenem. Jest to inne naruszenie bezpieczeństwa niż CAN-2004-0084.
CAN-2004-0084:
Przepełnienie bufora w funkcji ReadFontAlias w XFree86 wersji 4.1.0 do 4.3.0, w którym użycie funkcji CopyISOLatin1Lowered pozwala lokalnie i zdalnie autoryzowanym użytkownikom na wykonanie własnego kodu poprzez sfałszowany wpis w pliku aliasów czcionek (font.alias). Jest to inne naruszenie bezpieczeństwa niż CAN-2004-0083.
CAN-2004-0106:
Rozmaite usterki w obsłudze plików czcionek w XFree86.
CAN-2003-0690:
xdm nie sprawdza czy powiodło się wywołanie funkcji pam_setcred, co może umożliwić atakującym przejęcie uprawnień konta root poprzez wyzwolenie błędów w modułach PAM jak wykazano w pewnych konfiguracjach MIT modułu pam_krb5.
CAN-2004-0093, CAN-2004-0094:
Możliwe są ataki typu odmowa usługi na serwer Xów przez klientów używających dodatków GLX i Direct Rendering Infrastructure z powodu niesprawdzonych danych klienta (indeksy poza granicą tablicy [CAN-2004-0093] i błędy typu integer signedness [CAN-2004-0094]).

Wykorzystanie błędów opisanych w CAN-2004-0083, CAN-2004-0084, CAN-2004-0106, CAN-2004-0093 oraz CAN-2004-0094 wymaga połączenia do serwera Xów. W domyślnym ustawieniu, menedżery ekranowe Debiana uruchamiają serwer Xów w konfiguracji akceptującej tylko lokalne połączenia, ale jeśli konfiguracja zostanie zmieniona umożliwiając zewnętrzne połączenia lub serwery Xów są uruchamiane w inny sposób, wtedy możliwe jest zdalne wykorzystanie tych błędów. Ponieważ serwer Xów działa zazwyczaj z przywilejami roota, błędy te mogą potencjalnie zostać wykorzystane do przejęcia uprawnień konta root.

Brak jest na razie doniesień o atakach dla CAN-2003-0690.

W stabilnej dystrybucji (woody) powyższe problemy zostały wyeliminowane w wersji 4.1.0-16woody3.

W dystrybucji niestabilnej (sid) powyższe problemy zostały wyeliminowane w wersji 4.3.0-2.

Zalecamy aktualizację pakietu xfree86.

Naprawiony w:

Debian GNU/Linux 3.0 (woody)

Źródło:: http://security.debian.org/pool/updates/main/x/xfree86/xfree86_4.1.0-16woody3.dsc; http://security.debian.org/pool/updates/main/x/xfree86/xfree86_4.1.0-16woody3.diff.gz; http://security.debian.org/pool/updates/main/x/xfree86/xfree86_4.1.0.orig.tar.gz
Element niezależny od architektury:: http://security.debian.org/pool/updates/main/x/xfree86/x-window-system_4.1.0-16woody3_all.deb; http://security.debian.org/pool/updates/main/x/xfree86/xfonts-100dpi-transcoded_4.1.0-16woody3_all.deb; http://security.debian.org/pool/updates/main/x/xfree86/xfonts-100dpi_4.1.0-16woody3_all.deb; http://security.debian.org/pool/updates/main/x/xfree86/xfonts-75dpi-transcoded_4.1.0-16woody3_all.deb; http://security.debian.org/pool/updates/main/x/xfree86/xfonts-75dpi_4.1.0-16woody3_all.deb; http://security.debian.org/pool/updates/main/x/xfree86/xfonts-base-transcoded_4.1.0-16woody3_all.deb; http://security.debian.org/pool/updates/main/x/xfree86/xfonts-base_4.1.0-16woody3_all.deb; http://security.debian.org/pool/updates/main/x/xfree86/xfonts-cyrillic_4.1.0-16woody3_all.deb; http://security.debian.org/pool/updates/main/x/xfree86/xfonts-pex_4.1.0-16woody3_all.deb; http://security.debian.org/pool/updates/main/x/xfree86/xfonts-scalable_4.1.0-16woody3_all.deb; http://security.debian.org/pool/updates/main/x/xfree86/xfree86-common_4.1.0-16woody3_all.deb; http://security.debian.org/pool/updates/main/x/xfree86/xlib6g-dev_4.1.0-16woody3_all.deb; http://security.debian.org/pool/updates/main/x/xfree86/xlib6g_4.1.0-16woody3_all.deb; http://security.debian.org/pool/updates/main/x/xfree86/xspecs_4.1.0-16woody3_all.deb
Alpha:: http://security.debian.org/pool/updates/main/x/xfree86/lbxproxy_4.1.0-16woody3_alpha.deb; http://security.debian.org/pool/updates/main/x/xfree86/libdps-dev_4.1.0-16woody3_alpha.deb; http://security.debian.org/pool/updates/main/x/xfree86/libdps1_4.1.0-16woody3_alpha.deb; http://security.debian.org/pool/updates/main/x/xfree86/libdps1-dbg_4.1.0-16woody3_alpha.deb; http://security.debian.org/pool/updates/main/x/xfree86/libxaw6_4.1.0-16woody3_alpha.deb; http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dbg_4.1.0-16woody3_alpha.deb; http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dev_4.1.0-16woody3_alpha.deb; http://security.debian.org/pool/updates/main/x/xfree86/libxaw7_4.1.0-16woody3_alpha.deb; http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dbg_4.1.0-16woody3_alpha.deb; http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dev_4.1.0-16woody3_alpha.deb; http://security.debian.org/pool/updates/main/x/xfree86/proxymngr_4.1.0-16woody3_alpha.deb; http://security.debian.org/pool/updates/main/x/xfree86/twm_4.1.0-16woody3_alpha.deb; http://security.debian.org/pool/updates/main/x/xfree86/x-window-system-core_4.1.0-16woody3_alpha.deb; http://security.debian.org/pool/updates/main/x/xfree86/xbase-clients_4.1.0-16woody3_alpha.deb; http://security.debian.org/pool/updates/main/x/xfree86/xdm_4.1.0-16woody3_alpha.deb; http://security.debian.org/pool/updates/main/x/xfree86/xfs_4.1.0-16woody3_alpha.deb; http://security.debian.org/pool/updates/main/x/xfree86/xfwp_4.1.0-16woody3_alpha.deb; http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-dev_4.1.0-16woody3_alpha.deb; http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa3_4.1.0-16woody3_alpha.deb; http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa3-dbg_4.1.0-16woody3_alpha.deb; http://security.debian.org/pool/updates/main/x/xfree86/xlibosmesa-dev_4.1.0-16woody3_alpha.deb; http://security.debian.org/pool/updates/main/x/xfree86/xlibosmesa3_4.1.0-16woody3_alpha.deb; http://security.debian.org/pool/updates/main/x/xfree86/xlibosmesa3-dbg_4.1.0-16woody3_alpha.deb; http://security.debian.org/pool/updates/main/x/xfree86/xlibs_4.1.0-16woody3_alpha.deb; http://security.debian.org/pool/updates/main/x/xfree86/xlibs-dbg_4.1.0-16woody3_alpha.deb; http://security.debian.org/pool/updates/main/x/xfree86/xlibs-dev_4.1.0-16woody3_alpha.deb; http://security.debian.org/pool/updates/main/x/xfree86/xlibs-pic_4.1.0-16woody3_alpha.deb; http://security.debian.org/pool/updates/main/x/xfree86/xmh_4.1.0-16woody3_alpha.deb; http://security.debian.org/pool/updates/main/x/xfree86/xnest_4.1.0-16woody3_alpha.deb; http://security.debian.org/pool/updates/main/x/xfree86/xprt_4.1.0-16woody3_alpha.deb; http://security.debian.org/pool/updates/main/x/xfree86/xserver-common_4.1.0-16woody3_alpha.deb; http://security.debian.org/pool/updates/main/x/xfree86/xserver-xfree86_4.1.0-16woody3_alpha.deb; http://security.debian.org/pool/updates/main/x/xfree86/xterm_4.1.0-16woody3_alpha.deb; http://security.debian.org/pool/updates/main/x/xfree86/xutils_4.1.0-16woody3_alpha.deb; http://security.debian.org/pool/updates/main/x/xfree86/xvfb_4.1.0-16woody3_alpha.deb
ARM:: http://security.debian.org/pool/updates/main/x/xfree86/lbxproxy_4.1.0-16woody3_arm.deb; http://security.debian.org/pool/updates/main/x/xfree86/libdps-dev_4.1.0-16woody3_arm.deb; http://security.debian.org/pool/updates/main/x/xfree86/libdps1_4.1.0-16woody3_arm.deb; http://security.debian.org/pool/updates/main/x/xfree86/libdps1-dbg_4.1.0-16woody3_arm.deb; http://security.debian.org/pool/updates/main/x/xfree86/libxaw6_4.1.0-16woody3_arm.deb; http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dbg_4.1.0-16woody3_arm.deb; http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dev_4.1.0-16woody3_arm.deb; http://security.debian.org/pool/updates/main/x/xfree86/libxaw7_4.1.0-16woody3_arm.deb; http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dbg_4.1.0-16woody3_arm.deb; http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dev_4.1.0-16woody3_arm.deb; http://security.debian.org/pool/updates/main/x/xfree86/proxymngr_4.1.0-16woody3_arm.deb; http://security.debian.org/pool/updates/main/x/xfree86/twm_4.1.0-16woody3_arm.deb; http://security.debian.org/pool/updates/main/x/xfree86/x-window-system-core_4.1.0-16woody3_arm.deb; http://security.debian.org/pool/updates/main/x/xfree86/xbase-clients_4.1.0-16woody3_arm.deb; http://security.debian.org/pool/updates/main/x/xfree86/xdm_4.1.0-16woody3_arm.deb; http://security.debian.org/pool/updates/main/x/xfree86/xfs_4.1.0-16woody3_arm.deb; http://security.debian.org/pool/updates/main/x/xfree86/xfwp_4.1.0-16woody3_arm.deb; http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-dev_4.1.0-16woody3_arm.deb; http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa3_4.1.0-16woody3_arm.deb; http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa3-dbg_4.1.0-16woody3_arm.deb; http://security.debian.org/pool/updates/main/x/xfree86/xlibs_4.1.0-16woody3_arm.deb; http://security.debian.org/pool/updates/main/x/xfree86/xlibs-dbg_4.1.0-16woody3_arm.deb; http://security.debian.org/pool/updates/main/x/xfree86/xlibs-dev_4.1.0-16woody3_arm.deb; http://security.debian.org/pool/updates/main/x/xfree86/xlibs-pic_4.1.0-16woody3_arm.deb; http://security.debian.org/pool/updates/main/x/xfree86/xmh_4.1.0-16woody3_arm.deb; http://security.debian.org/pool/updates/main/x/xfree86/xnest_4.1.0-16woody3_arm.deb; http://security.debian.org/pool/updates/main/x/xfree86/xprt_4.1.0-16woody3_arm.deb; http://security.debian.org/pool/updates/main/x/xfree86/xserver-common_4.1.0-16woody3_arm.deb; http://security.debian.org/pool/updates/main/x/xfree86/xserver-xfree86_4.1.0-16woody3_arm.deb; http://security.debian.org/pool/updates/main/x/xfree86/xterm_4.1.0-16woody3_arm.deb; http://security.debian.org/pool/updates/main/x/xfree86/xutils_4.1.0-16woody3_arm.deb; http://security.debian.org/pool/updates/main/x/xfree86/xvfb_4.1.0-16woody3_arm.deb
Intel IA-32:: http://security.debian.org/pool/updates/main/x/xfree86/lbxproxy_4.1.0-16woody3_i386.deb; http://security.debian.org/pool/updates/main/x/xfree86/libdps-dev_4.1.0-16woody3_i386.deb; http://security.debian.org/pool/updates/main/x/xfree86/libdps1_4.1.0-16woody3_i386.deb; http://security.debian.org/pool/updates/main/x/xfree86/libdps1-dbg_4.1.0-16woody3_i386.deb; http://security.debian.org/pool/updates/main/x/xfree86/libxaw6_4.1.0-16woody3_i386.deb; http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dbg_4.1.0-16woody3_i386.deb; http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dev_4.1.0-16woody3_i386.deb; http://security.debian.org/pool/updates/main/x/xfree86/libxaw7_4.1.0-16woody3_i386.deb; http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dbg_4.1.0-16woody3_i386.deb; http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dev_4.1.0-16woody3_i386.deb; http://security.debian.org/pool/updates/main/x/xfree86/proxymngr_4.1.0-16woody3_i386.deb; http://security.debian.org/pool/updates/main/x/xfree86/twm_4.1.0-16woody3_i386.deb; http://security.debian.org/pool/updates/main/x/xfree86/x-window-system-core_4.1.0-16woody3_i386.deb; http://security.debian.org/pool/updates/main/x/xfree86/xbase-clients_4.1.0-16woody3_i386.deb; http://security.debian.org/pool/updates/main/x/xfree86/xdm_4.1.0-16woody3_i386.deb; http://security.debian.org/pool/updates/main/x/xfree86/xfs_4.1.0-16woody3_i386.deb; http://security.debian.org/pool/updates/main/x/xfree86/xfwp_4.1.0-16woody3_i386.deb; http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-dev_4.1.0-16woody3_i386.deb; http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa3_4.1.0-16woody3_i386.deb; http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa3-dbg_4.1.0-16woody3_i386.deb; http://security.debian.org/pool/updates/main/x/xfree86/xlibosmesa-dev_4.1.0-16woody3_i386.deb; http://security.debian.org/pool/updates/main/x/xfree86/xlibosmesa3_4.1.0-16woody3_i386.deb; http://security.debian.org/pool/updates/main/x/xfree86/xlibosmesa3-dbg_4.1.0-16woody3_i386.deb; http://security.debian.org/pool/updates/main/x/xfree86/xlibs_4.1.0-16woody3_i386.deb; http://security.debian.org/pool/updates/main/x/xfree86/xlibs-dbg_4.1.0-16woody3_i386.deb; http://security.debian.org/pool/updates/main/x/xfree86/xlibs-dev_4.1.0-16woody3_i386.deb; http://security.debian.org/pool/updates/main/x/xfree86/xlibs-pic_4.1.0-16woody3_i386.deb; http://security.debian.org/pool/updates/main/x/xfree86/xmh_4.1.0-16woody3_i386.deb; http://security.debian.org/pool/updates/main/x/xfree86/xnest_4.1.0-16woody3_i386.deb; http://security.debian.org/pool/updates/main/x/xfree86/xprt_4.1.0-16woody3_i386.deb; http://security.debian.org/pool/updates/main/x/xfree86/xserver-common_4.1.0-16woody3_i386.deb; http://security.debian.org/pool/updates/main/x/xfree86/xserver-xfree86_4.1.0-16woody3_i386.deb; http://security.debian.org/pool/updates/main/x/xfree86/xterm_4.1.0-16woody3_i386.deb; http://security.debian.org/pool/updates/main/x/xfree86/xutils_4.1.0-16woody3_i386.deb; http://security.debian.org/pool/updates/main/x/xfree86/xvfb_4.1.0-16woody3_i386.deb
Intel IA-64:: http://security.debian.org/pool/updates/main/x/xfree86/lbxproxy_4.1.0-16woody3_ia64.deb; http://security.debian.org/pool/updates/main/x/xfree86/libdps-dev_4.1.0-16woody3_ia64.deb; http://security.debian.org/pool/updates/main/x/xfree86/libdps1_4.1.0-16woody3_ia64.deb; http://security.debian.org/pool/updates/main/x/xfree86/libdps1-dbg_4.1.0-16woody3_ia64.deb; http://security.debian.org/pool/updates/main/x/xfree86/libxaw6_4.1.0-16woody3_ia64.deb; http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dbg_4.1.0-16woody3_ia64.deb; http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dev_4.1.0-16woody3_ia64.deb; http://security.debian.org/pool/updates/main/x/xfree86/libxaw7_4.1.0-16woody3_ia64.deb; http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dbg_4.1.0-16woody3_ia64.deb; http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dev_4.1.0-16woody3_ia64.deb; http://security.debian.org/pool/updates/main/x/xfree86/proxymngr_4.1.0-16woody3_ia64.deb; http://security.debian.org/pool/updates/main/x/xfree86/twm_4.1.0-16woody3_ia64.deb; http://security.debian.org/pool/updates/main/x/xfree86/x-window-system-core_4.1.0-16woody3_ia64.deb; http://security.debian.org/pool/updates/main/x/xfree86/xbase-clients_4.1.0-16woody3_ia64.deb; http://security.debian.org/pool/updates/main/x/xfree86/xdm_4.1.0-16woody3_ia64.deb; http://security.debian.org/pool/updates/main/x/xfree86/xfs_4.1.0-16woody3_ia64.deb; http://security.debian.org/pool/updates/main/x/xfree86/xfwp_4.1.0-16woody3_ia64.deb; http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-dev_4.1.0-16woody3_ia64.deb; http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa3_4.1.0-16woody3_ia64.deb; http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa3-dbg_4.1.0-16woody3_ia64.deb; http://security.debian.org/pool/updates/main/x/xfree86/xlibosmesa-dev_4.1.0-16woody3_ia64.deb; http://security.debian.org/pool/updates/main/x/xfree86/xlibosmesa3_4.1.0-16woody3_ia64.deb; http://security.debian.org/pool/updates/main/x/xfree86/xlibosmesa3-dbg_4.1.0-16woody3_ia64.deb; http://security.debian.org/pool/updates/main/x/xfree86/xlibs_4.1.0-16woody3_ia64.deb; http://security.debian.org/pool/updates/main/x/xfree86/xlibs-dbg_4.1.0-16woody3_ia64.deb; http://security.debian.org/pool/updates/main/x/xfree86/xlibs-dev_4.1.0-16woody3_ia64.deb; http://security.debian.org/pool/updates/main/x/xfree86/xlibs-pic_4.1.0-16woody3_ia64.deb; http://security.debian.org/pool/updates/main/x/xfree86/xmh_4.1.0-16woody3_ia64.deb; http://security.debian.org/pool/updates/main/x/xfree86/xnest_4.1.0-16woody3_ia64.deb; http://security.debian.org/pool/updates/main/x/xfree86/xprt_4.1.0-16woody3_ia64.deb; http://security.debian.org/pool/updates/main/x/xfree86/xserver-common_4.1.0-16woody3_ia64.deb; http://security.debian.org/pool/updates/main/x/xfree86/xserver-xfree86_4.1.0-16woody3_ia64.deb; http://security.debian.org/pool/updates/main/x/xfree86/xterm_4.1.0-16woody3_ia64.deb; http://security.debian.org/pool/updates/main/x/xfree86/xutils_4.1.0-16woody3_ia64.deb; http://security.debian.org/pool/updates/main/x/xfree86/xvfb_4.1.0-16woody3_ia64.deb
HPPA:: http://security.debian.org/pool/updates/main/x/xfree86/lbxproxy_4.1.0-16woody3_hppa.deb; http://security.debian.org/pool/updates/main/x/xfree86/libdps-dev_4.1.0-16woody3_hppa.deb; http://security.debian.org/pool/updates/main/x/xfree86/libdps1_4.1.0-16woody3_hppa.deb; http://security.debian.org/pool/updates/main/x/xfree86/libdps1-dbg_4.1.0-16woody3_hppa.deb; http://security.debian.org/pool/updates/main/x/xfree86/libxaw6_4.1.0-16woody3_hppa.deb; http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dbg_4.1.0-16woody3_hppa.deb; http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dev_4.1.0-16woody3_hppa.deb; http://security.debian.org/pool/updates/main/x/xfree86/libxaw7_4.1.0-16woody3_hppa.deb; http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dbg_4.1.0-16woody3_hppa.deb; http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dev_4.1.0-16woody3_hppa.deb; http://security.debian.org/pool/updates/main/x/xfree86/proxymngr_4.1.0-16woody3_hppa.deb; http://security.debian.org/pool/updates/main/x/xfree86/twm_4.1.0-16woody3_hppa.deb; http://security.debian.org/pool/updates/main/x/xfree86/x-window-system-core_4.1.0-16woody3_hppa.deb; http://security.debian.org/pool/updates/main/x/xfree86/xbase-clients_4.1.0-16woody3_hppa.deb; http://security.debian.org/pool/updates/main/x/xfree86/xdm_4.1.0-16woody3_hppa.deb; http://security.debian.org/pool/updates/main/x/xfree86/xfs_4.1.0-16woody3_hppa.deb; http://security.debian.org/pool/updates/main/x/xfree86/xfwp_4.1.0-16woody3_hppa.deb; http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-dev_4.1.0-16woody3_hppa.deb; http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa3_4.1.0-16woody3_hppa.deb; http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa3-dbg_4.1.0-16woody3_hppa.deb; http://security.debian.org/pool/updates/main/x/xfree86/xlibs_4.1.0-16woody3_hppa.deb; http://security.debian.org/pool/updates/main/x/xfree86/xlibs-dbg_4.1.0-16woody3_hppa.deb; http://security.debian.org/pool/updates/main/x/xfree86/xlibs-dev_4.1.0-16woody3_hppa.deb; http://security.debian.org/pool/updates/main/x/xfree86/xlibs-pic_4.1.0-16woody3_hppa.deb; http://security.debian.org/pool/updates/main/x/xfree86/xmh_4.1.0-16woody3_hppa.deb; http://security.debian.org/pool/updates/main/x/xfree86/xnest_4.1.0-16woody3_hppa.deb; http://security.debian.org/pool/updates/main/x/xfree86/xprt_4.1.0-16woody3_hppa.deb; http://security.debian.org/pool/updates/main/x/xfree86/xserver-common_4.1.0-16woody3_hppa.deb; http://security.debian.org/pool/updates/main/x/xfree86/xserver-xfree86_4.1.0-16woody3_hppa.deb; http://security.debian.org/pool/updates/main/x/xfree86/xterm_4.1.0-16woody3_hppa.deb; http://security.debian.org/pool/updates/main/x/xfree86/xutils_4.1.0-16woody3_hppa.deb; http://security.debian.org/pool/updates/main/x/xfree86/xvfb_4.1.0-16woody3_hppa.deb
Motorola 680x0:: http://security.debian.org/pool/updates/main/x/xfree86/lbxproxy_4.1.0-16woody3_m68k.deb; http://security.debian.org/pool/updates/main/x/xfree86/libdps-dev_4.1.0-16woody3_m68k.deb; http://security.debian.org/pool/updates/main/x/xfree86/libdps1_4.1.0-16woody3_m68k.deb; http://security.debian.org/pool/updates/main/x/xfree86/libdps1-dbg_4.1.0-16woody3_m68k.deb; http://security.debian.org/pool/updates/main/x/xfree86/libxaw6_4.1.0-16woody3_m68k.deb; http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dbg_4.1.0-16woody3_m68k.deb; http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dev_4.1.0-16woody3_m68k.deb; http://security.debian.org/pool/updates/main/x/xfree86/libxaw7_4.1.0-16woody3_m68k.deb; http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dbg_4.1.0-16woody3_m68k.deb; http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dev_4.1.0-16woody3_m68k.deb; http://security.debian.org/pool/updates/main/x/xfree86/proxymngr_4.1.0-16woody3_m68k.deb; http://security.debian.org/pool/updates/main/x/xfree86/twm_4.1.0-16woody3_m68k.deb; http://security.debian.org/pool/updates/main/x/xfree86/x-window-system-core_4.1.0-16woody3_m68k.deb; http://security.debian.org/pool/updates/main/x/xfree86/xbase-clients_4.1.0-16woody3_m68k.deb; http://security.debian.org/pool/updates/main/x/xfree86/xdm_4.1.0-16woody3_m68k.deb; http://security.debian.org/pool/updates/main/x/xfree86/xfs_4.1.0-16woody3_m68k.deb; http://security.debian.org/pool/updates/main/x/xfree86/xfwp_4.1.0-16woody3_m68k.deb; http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-dev_4.1.0-16woody3_m68k.deb; http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa3_4.1.0-16woody3_m68k.deb; http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa3-dbg_4.1.0-16woody3_m68k.deb; http://security.debian.org/pool/updates/main/x/xfree86/xlibs_4.1.0-16woody3_m68k.deb; http://security.debian.org/pool/updates/main/x/xfree86/xlibs-dbg_4.1.0-16woody3_m68k.deb; http://security.debian.org/pool/updates/main/x/xfree86/xlibs-dev_4.1.0-16woody3_m68k.deb; http://security.debian.org/pool/updates/main/x/xfree86/xlibs-pic_4.1.0-16woody3_m68k.deb; http://security.debian.org/pool/updates/main/x/xfree86/xmh_4.1.0-16woody3_m68k.deb; http://security.debian.org/pool/updates/main/x/xfree86/xnest_4.1.0-16woody3_m68k.deb; http://security.debian.org/pool/updates/main/x/xfree86/xprt_4.1.0-16woody3_m68k.deb; http://security.debian.org/pool/updates/main/x/xfree86/xserver-common_4.1.0-16woody3_m68k.deb; http://security.debian.org/pool/updates/main/x/xfree86/xserver-xfree86_4.1.0-16woody3_m68k.deb; http://security.debian.org/pool/updates/main/x/xfree86/xterm_4.1.0-16woody3_m68k.deb; http://security.debian.org/pool/updates/main/x/xfree86/xutils_4.1.0-16woody3_m68k.deb; http://security.debian.org/pool/updates/main/x/xfree86/xvfb_4.1.0-16woody3_m68k.deb
Big endian MIPS:: http://security.debian.org/pool/updates/main/x/xfree86/lbxproxy_4.1.0-16woody2_mips.deb; http://security.debian.org/pool/updates/main/x/xfree86/libdps-dev_4.1.0-16woody2_mips.deb; http://security.debian.org/pool/updates/main/x/xfree86/libdps1_4.1.0-16woody2_mips.deb; http://security.debian.org/pool/updates/main/x/xfree86/libdps1-dbg_4.1.0-16woody2_mips.deb; http://security.debian.org/pool/updates/main/x/xfree86/libxaw6_4.1.0-16woody2_mips.deb; http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dbg_4.1.0-16woody2_mips.deb; http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dev_4.1.0-16woody2_mips.deb; http://security.debian.org/pool/updates/main/x/xfree86/libxaw7_4.1.0-16woody2_mips.deb; http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dbg_4.1.0-16woody2_mips.deb; http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dev_4.1.0-16woody2_mips.deb; http://security.debian.org/pool/updates/main/x/xfree86/proxymngr_4.1.0-16woody2_mips.deb; http://security.debian.org/pool/updates/main/x/xfree86/twm_4.1.0-16woody2_mips.deb; http://security.debian.org/pool/updates/main/x/xfree86/x-window-system-core_4.1.0-16woody2_mips.deb; http://security.debian.org/pool/updates/main/x/xfree86/xbase-clients_4.1.0-16woody2_mips.deb; http://security.debian.org/pool/updates/main/x/xfree86/xdm_4.1.0-16woody2_mips.deb; http://security.debian.org/pool/updates/main/x/xfree86/xfs_4.1.0-16woody2_mips.deb; http://security.debian.org/pool/updates/main/x/xfree86/xfwp_4.1.0-16woody2_mips.deb; http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-dev_4.1.0-16woody2_mips.deb; http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa3_4.1.0-16woody2_mips.deb; http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa3-dbg_4.1.0-16woody2_mips.deb; http://security.debian.org/pool/updates/main/x/xfree86/xlibs_4.1.0-16woody2_mips.deb; http://security.debian.org/pool/updates/main/x/xfree86/xlibs-dbg_4.1.0-16woody2_mips.deb; http://security.debian.org/pool/updates/main/x/xfree86/xlibs-dev_4.1.0-16woody2_mips.deb; http://security.debian.org/pool/updates/main/x/xfree86/xlibs-pic_4.1.0-16woody2_mips.deb; http://security.debian.org/pool/updates/main/x/xfree86/xmh_4.1.0-16woody2_mips.deb; http://security.debian.org/pool/updates/main/x/xfree86/xnest_4.1.0-16woody2_mips.deb; http://security.debian.org/pool/updates/main/x/xfree86/xprt_4.1.0-16woody2_mips.deb; http://security.debian.org/pool/updates/main/x/xfree86/xserver-common_4.1.0-16woody2_mips.deb; http://security.debian.org/pool/updates/main/x/xfree86/xserver-xfree86_4.1.0-16woody2_mips.deb; http://security.debian.org/pool/updates/main/x/xfree86/xterm_4.1.0-16woody2_mips.deb; http://security.debian.org/pool/updates/main/x/xfree86/xutils_4.1.0-16woody2_mips.deb; http://security.debian.org/pool/updates/main/x/xfree86/xvfb_4.1.0-16woody2_mips.deb
Little endian MIPS:: http://security.debian.org/pool/updates/main/x/xfree86/lbxproxy_4.1.0-16woody2_mipsel.deb; http://security.debian.org/pool/updates/main/x/xfree86/libdps-dev_4.1.0-16woody2_mipsel.deb; http://security.debian.org/pool/updates/main/x/xfree86/libdps1_4.1.0-16woody2_mipsel.deb; http://security.debian.org/pool/updates/main/x/xfree86/libdps1-dbg_4.1.0-16woody2_mipsel.deb; http://security.debian.org/pool/updates/main/x/xfree86/libxaw6_4.1.0-16woody2_mipsel.deb; http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dbg_4.1.0-16woody2_mipsel.deb; http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dev_4.1.0-16woody2_mipsel.deb; http://security.debian.org/pool/updates/main/x/xfree86/libxaw7_4.1.0-16woody2_mipsel.deb; http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dbg_4.1.0-16woody2_mipsel.deb; http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dev_4.1.0-16woody2_mipsel.deb; http://security.debian.org/pool/updates/main/x/xfree86/proxymngr_4.1.0-16woody2_mipsel.deb; http://security.debian.org/pool/updates/main/x/xfree86/twm_4.1.0-16woody2_mipsel.deb; http://security.debian.org/pool/updates/main/x/xfree86/x-window-system-core_4.1.0-16woody2_mipsel.deb; http://security.debian.org/pool/updates/main/x/xfree86/xbase-clients_4.1.0-16woody2_mipsel.deb; http://security.debian.org/pool/updates/main/x/xfree86/xdm_4.1.0-16woody2_mipsel.deb; http://security.debian.org/pool/updates/main/x/xfree86/xfs_4.1.0-16woody2_mipsel.deb; http://security.debian.org/pool/updates/main/x/xfree86/xfwp_4.1.0-16woody2_mipsel.deb; http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-dev_4.1.0-16woody2_mipsel.deb; http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa3_4.1.0-16woody2_mipsel.deb; http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa3-dbg_4.1.0-16woody2_mipsel.deb; http://security.debian.org/pool/updates/main/x/xfree86/xlibs_4.1.0-16woody2_mipsel.deb; http://security.debian.org/pool/updates/main/x/xfree86/xlibs-dbg_4.1.0-16woody2_mipsel.deb; http://security.debian.org/pool/updates/main/x/xfree86/xlibs-dev_4.1.0-16woody2_mipsel.deb; http://security.debian.org/pool/updates/main/x/xfree86/xlibs-pic_4.1.0-16woody2_mipsel.deb; http://security.debian.org/pool/updates/main/x/xfree86/xmh_4.1.0-16woody2_mipsel.deb; http://security.debian.org/pool/updates/main/x/xfree86/xnest_4.1.0-16woody2_mipsel.deb; http://security.debian.org/pool/updates/main/x/xfree86/xprt_4.1.0-16woody2_mipsel.deb; http://security.debian.org/pool/updates/main/x/xfree86/xserver-common_4.1.0-16woody2_mipsel.deb; http://security.debian.org/pool/updates/main/x/xfree86/xserver-xfree86_4.1.0-16woody2_mipsel.deb; http://security.debian.org/pool/updates/main/x/xfree86/xterm_4.1.0-16woody2_mipsel.deb; http://security.debian.org/pool/updates/main/x/xfree86/xutils_4.1.0-16woody2_mipsel.deb; http://security.debian.org/pool/updates/main/x/xfree86/xvfb_4.1.0-16woody2_mipsel.deb
PowerPC:: http://security.debian.org/pool/updates/main/x/xfree86/lbxproxy_4.1.0-16woody3_powerpc.deb; http://security.debian.org/pool/updates/main/x/xfree86/libdps-dev_4.1.0-16woody3_powerpc.deb; http://security.debian.org/pool/updates/main/x/xfree86/libdps1_4.1.0-16woody3_powerpc.deb; http://security.debian.org/pool/updates/main/x/xfree86/libdps1-dbg_4.1.0-16woody3_powerpc.deb; http://security.debian.org/pool/updates/main/x/xfree86/libxaw6_4.1.0-16woody3_powerpc.deb; http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dbg_4.1.0-16woody3_powerpc.deb; http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dev_4.1.0-16woody3_powerpc.deb; http://security.debian.org/pool/updates/main/x/xfree86/libxaw7_4.1.0-16woody3_powerpc.deb; http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dbg_4.1.0-16woody3_powerpc.deb; http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dev_4.1.0-16woody3_powerpc.deb; http://security.debian.org/pool/updates/main/x/xfree86/proxymngr_4.1.0-16woody3_powerpc.deb; http://security.debian.org/pool/updates/main/x/xfree86/twm_4.1.0-16woody3_powerpc.deb; http://security.debian.org/pool/updates/main/x/xfree86/x-window-system-core_4.1.0-16woody3_powerpc.deb; http://security.debian.org/pool/updates/main/x/xfree86/xbase-clients_4.1.0-16woody3_powerpc.deb; http://security.debian.org/pool/updates/main/x/xfree86/xdm_4.1.0-16woody3_powerpc.deb; http://security.debian.org/pool/updates/main/x/xfree86/xfs_4.1.0-16woody3_powerpc.deb; http://security.debian.org/pool/updates/main/x/xfree86/xfwp_4.1.0-16woody3_powerpc.deb; http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-dev_4.1.0-16woody3_powerpc.deb; http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa3_4.1.0-16woody3_powerpc.deb; http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa3-dbg_4.1.0-16woody3_powerpc.deb; http://security.debian.org/pool/updates/main/x/xfree86/xlibosmesa-dev_4.1.0-16woody3_powerpc.deb; http://security.debian.org/pool/updates/main/x/xfree86/xlibosmesa3_4.1.0-16woody3_powerpc.deb; http://security.debian.org/pool/updates/main/x/xfree86/xlibosmesa3-dbg_4.1.0-16woody3_powerpc.deb; http://security.debian.org/pool/updates/main/x/xfree86/xlibs_4.1.0-16woody3_powerpc.deb; http://security.debian.org/pool/updates/main/x/xfree86/xlibs-dbg_4.1.0-16woody3_powerpc.deb; http://security.debian.org/pool/updates/main/x/xfree86/xlibs-dev_4.1.0-16woody3_powerpc.deb; http://security.debian.org/pool/updates/main/x/xfree86/xlibs-pic_4.1.0-16woody3_powerpc.deb; http://security.debian.org/pool/updates/main/x/xfree86/xmh_4.1.0-16woody3_powerpc.deb; http://security.debian.org/pool/updates/main/x/xfree86/xnest_4.1.0-16woody3_powerpc.deb; http://security.debian.org/pool/updates/main/x/xfree86/xprt_4.1.0-16woody3_powerpc.deb; http://security.debian.org/pool/updates/main/x/xfree86/xserver-common_4.1.0-16woody3_powerpc.deb; http://security.debian.org/pool/updates/main/x/xfree86/xserver-xfree86_4.1.0-16woody3_powerpc.deb; http://security.debian.org/pool/updates/main/x/xfree86/xterm_4.1.0-16woody3_powerpc.deb; http://security.debian.org/pool/updates/main/x/xfree86/xutils_4.1.0-16woody3_powerpc.deb; http://security.debian.org/pool/updates/main/x/xfree86/xvfb_4.1.0-16woody3_powerpc.deb
IBM S/390:: http://security.debian.org/pool/updates/main/x/xfree86/lbxproxy_4.1.0-16woody3_s390.deb; http://security.debian.org/pool/updates/main/x/xfree86/libdps-dev_4.1.0-16woody3_s390.deb; http://security.debian.org/pool/updates/main/x/xfree86/libdps1_4.1.0-16woody3_s390.deb; http://security.debian.org/pool/updates/main/x/xfree86/libdps1-dbg_4.1.0-16woody3_s390.deb; http://security.debian.org/pool/updates/main/x/xfree86/libxaw6_4.1.0-16woody3_s390.deb; http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dbg_4.1.0-16woody3_s390.deb; http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dev_4.1.0-16woody3_s390.deb; http://security.debian.org/pool/updates/main/x/xfree86/libxaw7_4.1.0-16woody3_s390.deb; http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dbg_4.1.0-16woody3_s390.deb; http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dev_4.1.0-16woody3_s390.deb; http://security.debian.org/pool/updates/main/x/xfree86/proxymngr_4.1.0-16woody3_s390.deb; http://security.debian.org/pool/updates/main/x/xfree86/twm_4.1.0-16woody3_s390.deb; http://security.debian.org/pool/updates/main/x/xfree86/x-window-system-core_4.1.0-16woody3_s390.deb; http://security.debian.org/pool/updates/main/x/xfree86/xbase-clients_4.1.0-16woody3_s390.deb; http://security.debian.org/pool/updates/main/x/xfree86/xdm_4.1.0-16woody3_s390.deb; http://security.debian.org/pool/updates/main/x/xfree86/xfs_4.1.0-16woody3_s390.deb; http://security.debian.org/pool/updates/main/x/xfree86/xfwp_4.1.0-16woody3_s390.deb; http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-dev_4.1.0-16woody3_s390.deb; http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa3_4.1.0-16woody3_s390.deb; http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa3-dbg_4.1.0-16woody3_s390.deb; http://security.debian.org/pool/updates/main/x/xfree86/xlibs_4.1.0-16woody3_s390.deb; http://security.debian.org/pool/updates/main/x/xfree86/xlibs-dbg_4.1.0-16woody3_s390.deb; http://security.debian.org/pool/updates/main/x/xfree86/xlibs-dev_4.1.0-16woody3_s390.deb; http://security.debian.org/pool/updates/main/x/xfree86/xlibs-pic_4.1.0-16woody3_s390.deb; http://security.debian.org/pool/updates/main/x/xfree86/xmh_4.1.0-16woody3_s390.deb; http://security.debian.org/pool/updates/main/x/xfree86/xnest_4.1.0-16woody3_s390.deb; http://security.debian.org/pool/updates/main/x/xfree86/xprt_4.1.0-16woody3_s390.deb; http://security.debian.org/pool/updates/main/x/xfree86/xserver-common_4.1.0-16woody3_s390.deb; http://security.debian.org/pool/updates/main/x/xfree86/xterm_4.1.0-16woody3_s390.deb; http://security.debian.org/pool/updates/main/x/xfree86/xutils_4.1.0-16woody3_s390.deb; http://security.debian.org/pool/updates/main/x/xfree86/xvfb_4.1.0-16woody3_s390.deb
Sun Sparc:: http://security.debian.org/pool/updates/main/x/xfree86/lbxproxy_4.1.0-16woody3_sparc.deb; http://security.debian.org/pool/updates/main/x/xfree86/libdps-dev_4.1.0-16woody3_sparc.deb; http://security.debian.org/pool/updates/main/x/xfree86/libdps1_4.1.0-16woody3_sparc.deb; http://security.debian.org/pool/updates/main/x/xfree86/libdps1-dbg_4.1.0-16woody3_sparc.deb; http://security.debian.org/pool/updates/main/x/xfree86/libxaw6_4.1.0-16woody3_sparc.deb; http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dbg_4.1.0-16woody3_sparc.deb; http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dev_4.1.0-16woody3_sparc.deb; http://security.debian.org/pool/updates/main/x/xfree86/libxaw7_4.1.0-16woody3_sparc.deb; http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dbg_4.1.0-16woody3_sparc.deb; http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dev_4.1.0-16woody3_sparc.deb; http://security.debian.org/pool/updates/main/x/xfree86/proxymngr_4.1.0-16woody3_sparc.deb; http://security.debian.org/pool/updates/main/x/xfree86/twm_4.1.0-16woody3_sparc.deb; http://security.debian.org/pool/updates/main/x/xfree86/x-window-system-core_4.1.0-16woody3_sparc.deb; http://security.debian.org/pool/updates/main/x/xfree86/xbase-clients_4.1.0-16woody3_sparc.deb; http://security.debian.org/pool/updates/main/x/xfree86/xdm_4.1.0-16woody3_sparc.deb; http://security.debian.org/pool/updates/main/x/xfree86/xfs_4.1.0-16woody3_sparc.deb; http://security.debian.org/pool/updates/main/x/xfree86/xfwp_4.1.0-16woody3_sparc.deb; http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-dev_4.1.0-16woody3_sparc.deb; http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa3_4.1.0-16woody3_sparc.deb; http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa3-dbg_4.1.0-16woody3_sparc.deb; http://security.debian.org/pool/updates/main/x/xfree86/xlibosmesa-dev_4.1.0-16woody3_sparc.deb; http://security.debian.org/pool/updates/main/x/xfree86/xlibosmesa3_4.1.0-16woody3_sparc.deb; http://security.debian.org/pool/updates/main/x/xfree86/xlibosmesa3-dbg_4.1.0-16woody3_sparc.deb; http://security.debian.org/pool/updates/main/x/xfree86/xlibs_4.1.0-16woody3_sparc.deb; http://security.debian.org/pool/updates/main/x/xfree86/xlibs-dbg_4.1.0-16woody3_sparc.deb; http://security.debian.org/pool/updates/main/x/xfree86/xlibs-dev_4.1.0-16woody3_sparc.deb; http://security.debian.org/pool/updates/main/x/xfree86/xlibs-pic_4.1.0-16woody3_sparc.deb; http://security.debian.org/pool/updates/main/x/xfree86/xmh_4.1.0-16woody3_sparc.deb; http://security.debian.org/pool/updates/main/x/xfree86/xnest_4.1.0-16woody3_sparc.deb; http://security.debian.org/pool/updates/main/x/xfree86/xprt_4.1.0-16woody3_sparc.deb; http://security.debian.org/pool/updates/main/x/xfree86/xserver-common_4.1.0-16woody3_sparc.deb; http://security.debian.org/pool/updates/main/x/xfree86/xserver-xfree86_4.1.0-16woody3_sparc.deb; http://security.debian.org/pool/updates/main/x/xfree86/xterm_4.1.0-16woody3_sparc.deb; http://security.debian.org/pool/updates/main/x/xfree86/xutils_4.1.0-16woody3_sparc.deb; http://security.debian.org/pool/updates/main/x/xfree86/xvfb_4.1.0-16woody3_sparc.deb

Sumy kontrolne MD5 wymienionych plików dostępne są w oryginalnej poradzie.