Debians sikkerhedsbulletin

DSA-1413-1 mysql -- flere sårbarheder

Rapporteret den:

26. nov 2007

Berørte pakker:

mysql-dfsg
mysql-dfsg-5.0
mysql-dfsg-4.1

Sårbar:

Referencer i sikkerhedsdatabaser:

I Debians fejlsporingssystem: Fejl 426353, Fejl 424778, Fejl 424778, Fejl 451235.
I Mitres CVE-ordbog: CVE-2007-2583, CVE-2007-2691, CVE-2007-2692.

Yderligere oplysninger:

Flere sårbarheder er fundet i MySQL-databasepakker, spændende fra uautoriserede databaseændringer til fjernudløste servernedbrud. Projektet Common Vulnerabilities and Exposures har fundet frem tilfølgende problemer:

CVE-2007-2583
Funktionen in_decimal::set i item_cmpfunc.cc i MySQL før version 5.0.40 gjorde det muligt at forårsage et kontaktafhængigt lammelsesangreb (denial of service) gennem en fabrikeret IF-statement, der medfører en division med nul-fejl og en NULL-pointerdereference. (Påvirket kildekodeversion 5.0.32.)
CVE-2007-2691
MySQL kræver ikke DROP-rettigheden ved RENAME TABLE-statements, hvilket gjorde det muligt for fjernautentificerede brugere at omdøbe vilkårlige tabeller. (Alle understøttede versioner er påvirket.)
CVE-2007-2692
Funktionen mysql_change_db genetablerer ikke THD::db_access-rettigheder, når den vender tilbage fra gemte SQL SECURITY INVOKER-rutiner, hvilket gjordet muligt for fjernautentificerede brugere at opnå rettigheder. (Påvirket kildekodeversion 5.0.32.)
CVE-2007-3780
Man kunne få MySQL til at lade en char med fortegn løbe over, under autentificering. Fjernangribere kunne anvende særligt fremstillede autenficiceringsforespørgsler til at forårsage lammelsesangreb. (Opstrøms kildekodeversioner 4.1.11a og 5.0.32 er påvirkede.)
CVE-2007-3782
Phil Anderton opdagede at MySQL ikke på korrekt vis kontrollerede rettigheder, når eksterne tabeller blev tilgået. Det havde til følge at autentificerede brugere kunne udnytte sårbarheden til at opnå UPDATE-rettigheder til eksterne tabeller. (Påvirket kildekodeversion 5.0.32.)
CVE-2007-5925
Funktionen convert_search_mode_to_innobase i ha_innodb.cc i InnoDB-maskinen i MySQL 5.1.23-BK og tidligere, gjorde det muligt for fjernautentificerede brugere at forårsage lammelsesangreb (databasenedbrud) gennem en særligt fremstillet CONTAINS-handling på en indekseret kolonne, hvilket udløste en assertion-fejl. (Påvirket kildekodeversion 5.0.32.)

I den gamle stabile distribution (sarge), er disse problemer rettet i version 4.0.24-10sarge3 af mysql-dfsg og version 4.1.11a-4sarge8 af mysql-dfsg-4.1.

I den stabile distribution (etch), er disse problemer rettet i version 5.0.32-7etch3 af mysql-dfsg-5.0-pakkerne.

Vi anbefaler at du opgraderer dine mysql-pakker.

Rettet i:

Debian GNU/Linux 4.0 (etch)

Kildekode:: http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-dfsg-5.0_5.0.32-7etch3.diff.gz; http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-dfsg-5.0_5.0.32.orig.tar.gz; http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-dfsg-5.0_5.0.32-7etch3.dsc
Arkitekturuafhængig komponent:: http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-common_5.0.32-7etch3_all.deb; http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-server_5.0.32-7etch3_all.deb; http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-client_5.0.32-7etch3_all.deb
Alpha:: http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-server-5.0_5.0.32-7etch3_alpha.deb; http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-client-5.0_5.0.32-7etch3_alpha.deb; http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/libmysqlclient15off_5.0.32-7etch3_alpha.deb; http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-server-4.1_5.0.32-7etch3_alpha.deb; http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/libmysqlclient15-dev_5.0.32-7etch3_alpha.deb
AMD64:: http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/libmysqlclient15off_5.0.32-7etch3_amd64.deb; http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-server-5.0_5.0.32-7etch3_amd64.deb; http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/libmysqlclient15-dev_5.0.32-7etch3_amd64.deb; http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-client-5.0_5.0.32-7etch3_amd64.deb; http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-server-4.1_5.0.32-7etch3_amd64.deb
HP Precision:: http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/libmysqlclient15off_5.0.32-7etch3_hppa.deb; http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-client-5.0_5.0.32-7etch3_hppa.deb; http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/libmysqlclient15-dev_5.0.32-7etch3_hppa.deb; http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-server-5.0_5.0.32-7etch3_hppa.deb; http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-server-4.1_5.0.32-7etch3_hppa.deb
Intel IA-32:: http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-client-5.0_5.0.32-7etch3_i386.deb; http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/libmysqlclient15-dev_5.0.32-7etch3_i386.deb; http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/libmysqlclient15off_5.0.32-7etch3_i386.deb; http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-server-5.0_5.0.32-7etch3_i386.deb; http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-server-4.1_5.0.32-7etch3_i386.deb
Intel IA-64:: http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-server-5.0_5.0.32-7etch3_ia64.deb; http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/libmysqlclient15-dev_5.0.32-7etch3_ia64.deb; http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/libmysqlclient15off_5.0.32-7etch3_ia64.deb; http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-server-4.1_5.0.32-7etch3_ia64.deb; http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-client-5.0_5.0.32-7etch3_ia64.deb
Big-endian MIPS:: http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-client-5.0_5.0.32-7etch3_mips.deb; http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-server-5.0_5.0.32-7etch3_mips.deb; http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/libmysqlclient15off_5.0.32-7etch3_mips.deb; http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-server-4.1_5.0.32-7etch3_mips.deb; http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/libmysqlclient15-dev_5.0.32-7etch3_mips.deb
Little-endian MIPS:: http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/libmysqlclient15off_5.0.32-7etch3_mipsel.deb; http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/libmysqlclient15-dev_5.0.32-7etch3_mipsel.deb; http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-server-4.1_5.0.32-7etch3_mipsel.deb; http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-server-5.0_5.0.32-7etch3_mipsel.deb; http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-client-5.0_5.0.32-7etch3_mipsel.deb
PowerPC:: http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-server-5.0_5.0.32-7etch3_powerpc.deb; http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-server-4.1_5.0.32-7etch3_powerpc.deb; http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/libmysqlclient15-dev_5.0.32-7etch3_powerpc.deb; http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-client-5.0_5.0.32-7etch3_powerpc.deb; http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/libmysqlclient15off_5.0.32-7etch3_powerpc.deb
IBM S/390:: http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-client-5.0_5.0.32-7etch3_s390.deb; http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-server-5.0_5.0.32-7etch3_s390.deb; http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/libmysqlclient15-dev_5.0.32-7etch3_s390.deb; http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/libmysqlclient15off_5.0.32-7etch3_s390.deb; http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-server-4.1_5.0.32-7etch3_s390.deb

Debian GNU/Linux 3.1 (sarge)

Kildekode:: http://security.debian.org/pool/updates/main/m/mysql-dfsg/mysql-dfsg_4.0.24-10sarge3.dsc; http://security.debian.org/pool/updates/main/m/mysql-dfsg/mysql-dfsg_4.0.24.orig.tar.gz; http://security.debian.org/pool/updates/main/m/mysql-dfsg/mysql-dfsg_4.0.24-10sarge3.diff.gz; http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-dfsg-4.1_4.1.11a-4sarge8.dsc; http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-dfsg-4.1_4.1.11a.orig.tar.gz; http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-dfsg-4.1_4.1.11a-4sarge8.diff.gz
Arkitekturuafhængig komponent:: http://security.debian.org/pool/updates/main/m/mysql-dfsg/mysql-common_4.0.24-10sarge3_all.deb; http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-common-4.1_4.1.11a-4sarge8_all.deb
Alpha:: http://security.debian.org/pool/updates/main/m/mysql-dfsg/mysql-client_4.0.24-10sarge3_alpha.deb; http://security.debian.org/pool/updates/main/m/mysql-dfsg/mysql-server_4.0.24-10sarge3_alpha.deb; http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-server-4.1_4.1.11a-4sarge8_alpha.deb; http://security.debian.org/pool/updates/main/m/mysql-dfsg/libmysqlclient12-dev_4.0.24-10sarge3_alpha.deb; http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-client-4.1_4.1.11a-4sarge8_alpha.deb; http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/libmysqlclient14_4.1.11a-4sarge8_alpha.deb; http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/libmysqlclient14-dev_4.1.11a-4sarge8_alpha.deb; http://security.debian.org/pool/updates/main/m/mysql-dfsg/libmysqlclient12_4.0.24-10sarge3_alpha.deb
AMD64:: http://security.debian.org/pool/updates/main/m/mysql-dfsg/mysql-server_4.0.24-10sarge3_amd64.deb; http://security.debian.org/pool/updates/main/m/mysql-dfsg/libmysqlclient12-dev_4.0.24-10sarge3_amd64.deb; http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/libmysqlclient14-dev_4.1.11a-4sarge8_amd64.deb; http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-client-4.1_4.1.11a-4sarge8_amd64.deb; http://security.debian.org/pool/updates/main/m/mysql-dfsg/libmysqlclient12_4.0.24-10sarge3_amd64.deb; http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/libmysqlclient14_4.1.11a-4sarge8_amd64.deb; http://security.debian.org/pool/updates/main/m/mysql-dfsg/mysql-client_4.0.24-10sarge3_amd64.deb; http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-server-4.1_4.1.11a-4sarge8_amd64.deb
HP Precision:: http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-server-4.1_4.1.11a-4sarge8_hppa.deb; http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/libmysqlclient14_4.1.11a-4sarge8_hppa.deb; http://security.debian.org/pool/updates/main/m/mysql-dfsg/libmysqlclient12-dev_4.0.24-10sarge3_hppa.deb; http://security.debian.org/pool/updates/main/m/mysql-dfsg/libmysqlclient12_4.0.24-10sarge3_hppa.deb; http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-client-4.1_4.1.11a-4sarge8_hppa.deb; http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/libmysqlclient14-dev_4.1.11a-4sarge8_hppa.deb; http://security.debian.org/pool/updates/main/m/mysql-dfsg/mysql-client_4.0.24-10sarge3_hppa.deb; http://security.debian.org/pool/updates/main/m/mysql-dfsg/mysql-server_4.0.24-10sarge3_hppa.deb
Intel IA-32:: http://security.debian.org/pool/updates/main/m/mysql-dfsg/libmysqlclient12_4.0.24-10sarge3_i386.deb; http://security.debian.org/pool/updates/main/m/mysql-dfsg/mysql-server_4.0.24-10sarge3_i386.deb; http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/libmysqlclient14-dev_4.1.11a-4sarge8_i386.deb; http://security.debian.org/pool/updates/main/m/mysql-dfsg/mysql-client_4.0.24-10sarge3_i386.deb; http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/libmysqlclient14_4.1.11a-4sarge8_i386.deb; http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-client-4.1_4.1.11a-4sarge8_i386.deb; http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-server-4.1_4.1.11a-4sarge8_i386.deb; http://security.debian.org/pool/updates/main/m/mysql-dfsg/libmysqlclient12-dev_4.0.24-10sarge3_i386.deb
Intel IA-64:: http://security.debian.org/pool/updates/main/m/mysql-dfsg/libmysqlclient12-dev_4.0.24-10sarge3_ia64.deb; http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-server-4.1_4.1.11a-4sarge8_ia64.deb; http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/libmysqlclient14_4.1.11a-4sarge8_ia64.deb; http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/libmysqlclient14-dev_4.1.11a-4sarge8_ia64.deb; http://security.debian.org/pool/updates/main/m/mysql-dfsg/libmysqlclient12_4.0.24-10sarge3_ia64.deb; http://security.debian.org/pool/updates/main/m/mysql-dfsg/mysql-server_4.0.24-10sarge3_ia64.deb; http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-client-4.1_4.1.11a-4sarge8_ia64.deb; http://security.debian.org/pool/updates/main/m/mysql-dfsg/mysql-client_4.0.24-10sarge3_ia64.deb
Motorola 680x0:: http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-server-4.1_4.1.11a-4sarge8_m68k.deb; http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/libmysqlclient14_4.1.11a-4sarge8_m68k.deb; http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/libmysqlclient14-dev_4.1.11a-4sarge8_m68k.deb; http://security.debian.org/pool/updates/main/m/mysql-dfsg/libmysqlclient12-dev_4.0.24-10sarge3_m68k.deb; http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-client-4.1_4.1.11a-4sarge8_m68k.deb; http://security.debian.org/pool/updates/main/m/mysql-dfsg/libmysqlclient12_4.0.24-10sarge3_m68k.deb; http://security.debian.org/pool/updates/main/m/mysql-dfsg/mysql-client_4.0.24-10sarge3_m68k.deb; http://security.debian.org/pool/updates/main/m/mysql-dfsg/mysql-server_4.0.24-10sarge3_m68k.deb
Big-endian MIPS:: http://security.debian.org/pool/updates/main/m/mysql-dfsg/libmysqlclient12-dev_4.0.24-10sarge3_mips.deb; http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/libmysqlclient14-dev_4.1.11a-4sarge8_mips.deb; http://security.debian.org/pool/updates/main/m/mysql-dfsg/mysql-server_4.0.24-10sarge3_mips.deb; http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/libmysqlclient14_4.1.11a-4sarge8_mips.deb; http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-server-4.1_4.1.11a-4sarge8_mips.deb; http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-client-4.1_4.1.11a-4sarge8_mips.deb; http://security.debian.org/pool/updates/main/m/mysql-dfsg/mysql-client_4.0.24-10sarge3_mips.deb; http://security.debian.org/pool/updates/main/m/mysql-dfsg/libmysqlclient12_4.0.24-10sarge3_mips.deb
Little-endian MIPS:: http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-client-4.1_4.1.11a-4sarge8_mipsel.deb; http://security.debian.org/pool/updates/main/m/mysql-dfsg/mysql-server_4.0.24-10sarge3_mipsel.deb; http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/libmysqlclient14-dev_4.1.11a-4sarge8_mipsel.deb; http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/libmysqlclient14_4.1.11a-4sarge8_mipsel.deb; http://security.debian.org/pool/updates/main/m/mysql-dfsg/mysql-client_4.0.24-10sarge3_mipsel.deb; http://security.debian.org/pool/updates/main/m/mysql-dfsg/libmysqlclient12-dev_4.0.24-10sarge3_mipsel.deb; http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-server-4.1_4.1.11a-4sarge8_mipsel.deb; http://security.debian.org/pool/updates/main/m/mysql-dfsg/libmysqlclient12_4.0.24-10sarge3_mipsel.deb
PowerPC:: http://security.debian.org/pool/updates/main/m/mysql-dfsg/mysql-server_4.0.24-10sarge3_powerpc.deb; http://security.debian.org/pool/updates/main/m/mysql-dfsg/mysql-client_4.0.24-10sarge3_powerpc.deb; http://security.debian.org/pool/updates/main/m/mysql-dfsg/libmysqlclient12-dev_4.0.24-10sarge3_powerpc.deb; http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-client-4.1_4.1.11a-4sarge8_powerpc.deb; http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-server-4.1_4.1.11a-4sarge8_powerpc.deb; http://security.debian.org/pool/updates/main/m/mysql-dfsg/libmysqlclient12_4.0.24-10sarge3_powerpc.deb; http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/libmysqlclient14-dev_4.1.11a-4sarge8_powerpc.deb; http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/libmysqlclient14_4.1.11a-4sarge8_powerpc.deb
IBM S/390:: http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-server-4.1_4.1.11a-4sarge8_s390.deb; http://security.debian.org/pool/updates/main/m/mysql-dfsg/mysql-client_4.0.24-10sarge3_s390.deb; http://security.debian.org/pool/updates/main/m/mysql-dfsg/libmysqlclient12-dev_4.0.24-10sarge3_s390.deb; http://security.debian.org/pool/updates/main/m/mysql-dfsg/mysql-server_4.0.24-10sarge3_s390.deb; http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/libmysqlclient14-dev_4.1.11a-4sarge8_s390.deb; http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/libmysqlclient14_4.1.11a-4sarge8_s390.deb; http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-client-4.1_4.1.11a-4sarge8_s390.deb; http://security.debian.org/pool/updates/main/m/mysql-dfsg/libmysqlclient12_4.0.24-10sarge3_s390.deb
Sun Sparc:: http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/libmysqlclient14_4.1.11a-4sarge8_sparc.deb; http://security.debian.org/pool/updates/main/m/mysql-dfsg/mysql-client_4.0.24-10sarge3_sparc.deb; http://security.debian.org/pool/updates/main/m/mysql-dfsg/libmysqlclient12_4.0.24-10sarge3_sparc.deb; http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-server-4.1_4.1.11a-4sarge8_sparc.deb; http://security.debian.org/pool/updates/main/m/mysql-dfsg/libmysqlclient12-dev_4.0.24-10sarge3_sparc.deb; http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-client-4.1_4.1.11a-4sarge8_sparc.deb; http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/libmysqlclient14-dev_4.1.11a-4sarge8_sparc.deb; http://security.debian.org/pool/updates/main/m/mysql-dfsg/mysql-server_4.0.24-10sarge3_sparc.deb

MD5-kontrolsummer for de listede filer findes i den originale sikkerhedsbulletin.