Debians sikkerhedsbulletin
DSA-1807-1 cyrus-sasl2, cyrus-sasl2-heimdal -- bufferoverløb
- Rapporteret den:
- 1. jun 2009
- Berørte pakker:
- cyrus-sasl2, cyrus-sasl2-heimdal
- Sårbar:
- Ja
- Referencer i sikkerhedsdatabaser:
- I Debians fejlsporingssystem: Fejl 528749.
I Mitres CVE-ordbog: CVE-2009-0688.
CERTs noter om sårbarheder, bulletiner og hændelser: VU#238019. - Yderligere oplysninger:
-
James Ralston opdagede at funktionen sasl_encode64() i cyrus-sasl2, et frit tilgængeligt bibliotek som implementerer Simple Authentication and Security Layer, var ramt af en manglende null-terminering i visse situationer. Det forårsagede flere bufferoverløb i situationer hvor cyrus-sasl2 selv krævede at strengen var null-termineret, hvilket kunne føre til lammelsesangreb (denial of service) eller udførelse af vilkårlig kode.
Vigtig bemærkning (citat fra US-CERT): Mens denne rettelse retter aktuelt sårbar kode, kan det medføre at ikke-sårbar eksisterende kode holder op med at virke. Her er en funktion-prototype fra include/saslutil.h til forklaring:
/* base64 encode * in -- inputdata * inlen -- inputdatalængde * out -- outputbuffer (vil være NUL-termineret) * outmax -- maks.størrelse på outputbuffer * result: * outlen -- henter aktuel længde på outputbuffer (valgfri) * * Returnerer SASL_OK ved succes, SASL_BUFOVER hvis resultatet ikke passer */ LIBSASL_API int sasl_encode64(const char *in, unsigned inlen, char *out, unsigned outmax, unsigned *outlen);
Forestil dig en situation, hvor den kaldende kode er skrevet på en sådan måde, at den på forhånd beregner den nøjagtige størrelse krævet til base64-indkapsling, dernæst allokerer en buffer på præcis den størrelse, leverer en pointer til bufferen til sasl_encode64() som *out. Så længe koden ikke forventer at bufferen er NUL-termineret (ikke kalder strenghåndteringsfunktioenr så som strlen()), vil den fungere og vil ikke være sårbar.
Når rettelsen er taget i brug, vil den samme kode holde op med at fungere, fordi sasl_encode64() vil begynde at returnere SASL_BUFOVER.
I den gamle stabile distribution (etch), er dette problem rettet i version 2.1.22.dfsg1-8+etch1 af cyrus-sasl2.
I den stabile distribution (lenny), er dette problem rettet i version 2.1.22.dfsg1-23+lenny1 af cyrus-sasl2 og cyrus-sasl2-heimdal.
I distributionen testing (squeeze), vil dette problem snart blive rettet.
I den ustabile distribution (sid), er dette problem rettet i version 2.1.23.dfsg1-1 af cyrus-sasl2 og cyrus-sasl2-heimdal.
Vi anbefaler at du opgraderer dine cyrus-sasl2/cyrus-sasl2-heimdal-pakker.
- Rettet i:
-
Debian GNU/Linux 5.0 (lenny)
- Kildekode:
- http://security.debian.org/pool/updates/main/c/cyrus-sasl2-heimdal/cyrus-sasl2-heimdal_2.1.22.dfsg1-23+lenny1.dsc
- http://security.debian.org/pool/updates/main/c/cyrus-sasl2/cyrus-sasl2_2.1.22.dfsg1-23+lenny1.diff.gz
- http://security.debian.org/pool/updates/main/c/cyrus-sasl2/cyrus-sasl2_2.1.22.dfsg1-23+lenny1.dsc
- http://security.debian.org/pool/updates/main/c/cyrus-sasl2/cyrus-sasl2_2.1.22.dfsg1.orig.tar.gz
- http://security.debian.org/pool/updates/main/c/cyrus-sasl2-heimdal/cyrus-sasl2-heimdal_2.1.22.dfsg1.orig.tar.gz
- http://security.debian.org/pool/updates/main/c/cyrus-sasl2-heimdal/cyrus-sasl2-heimdal_2.1.22.dfsg1-23+lenny1.diff.gz
- http://security.debian.org/pool/updates/main/c/cyrus-sasl2/cyrus-sasl2_2.1.22.dfsg1-23+lenny1.diff.gz
- Arkitekturuafhængig komponent:
- http://security.debian.org/pool/updates/main/c/cyrus-sasl2/cyrus-sasl2-doc_2.1.22.dfsg1-23+lenny1_all.deb
- Alpha:
- http://security.debian.org/pool/updates/main/c/cyrus-sasl2/libsasl2-modules-otp_2.1.22.dfsg1-23+lenny1_alpha.deb
- http://security.debian.org/pool/updates/main/c/cyrus-sasl2/cyrus-sasl2-dbg_2.1.22.dfsg1-23+lenny1_alpha.deb
- http://security.debian.org/pool/updates/main/c/cyrus-sasl2/libsasl2-2_2.1.22.dfsg1-23+lenny1_alpha.deb
- http://security.debian.org/pool/updates/main/c/cyrus-sasl2-heimdal/libsasl2-modules-gssapi-heimdal_2.1.22.dfsg1-23+lenny1_alpha.deb
- http://security.debian.org/pool/updates/main/c/cyrus-sasl2/libsasl2-modules_2.1.22.dfsg1-23+lenny1_alpha.deb
- http://security.debian.org/pool/updates/main/c/cyrus-sasl2/libsasl2-modules-sql_2.1.22.dfsg1-23+lenny1_alpha.deb
- http://security.debian.org/pool/updates/main/c/cyrus-sasl2/libsasl2-modules-ldap_2.1.22.dfsg1-23+lenny1_alpha.deb
- http://security.debian.org/pool/updates/main/c/cyrus-sasl2/sasl2-bin_2.1.22.dfsg1-23+lenny1_alpha.deb
- http://security.debian.org/pool/updates/main/c/cyrus-sasl2/libsasl2-modules-gssapi-mit_2.1.22.dfsg1-23+lenny1_alpha.deb
- http://security.debian.org/pool/updates/main/c/cyrus-sasl2/libsasl2-dev_2.1.22.dfsg1-23+lenny1_alpha.deb
- http://security.debian.org/pool/updates/main/c/cyrus-sasl2-heimdal/cyrus-sasl2-heimdal-dbg_2.1.22.dfsg1-23+lenny1_alpha.deb
- http://security.debian.org/pool/updates/main/c/cyrus-sasl2/cyrus-sasl2-dbg_2.1.22.dfsg1-23+lenny1_alpha.deb
- AMD64:
- http://security.debian.org/pool/updates/main/c/cyrus-sasl2/libsasl2-modules-otp_2.1.22.dfsg1-23+lenny1_amd64.deb
- http://security.debian.org/pool/updates/main/c/cyrus-sasl2/libsasl2-2_2.1.22.dfsg1-23+lenny1_amd64.deb
- http://security.debian.org/pool/updates/main/c/cyrus-sasl2/libsasl2-modules-gssapi-mit_2.1.22.dfsg1-23+lenny1_amd64.deb
- http://security.debian.org/pool/updates/main/c/cyrus-sasl2-heimdal/cyrus-sasl2-heimdal-dbg_2.1.22.dfsg1-23+lenny1_amd64.deb
- http://security.debian.org/pool/updates/main/c/cyrus-sasl2-heimdal/libsasl2-modules-gssapi-heimdal_2.1.22.dfsg1-23+lenny1_amd64.deb
- http://security.debian.org/pool/updates/main/c/cyrus-sasl2/libsasl2-modules-ldap_2.1.22.dfsg1-23+lenny1_amd64.deb
- http://security.debian.org/pool/updates/main/c/cyrus-sasl2/libsasl2-dev_2.1.22.dfsg1-23+lenny1_amd64.deb
- http://security.debian.org/pool/updates/main/c/cyrus-sasl2/cyrus-sasl2-dbg_2.1.22.dfsg1-23+lenny1_amd64.deb
- http://security.debian.org/pool/updates/main/c/cyrus-sasl2/sasl2-bin_2.1.22.dfsg1-23+lenny1_amd64.deb
- http://security.debian.org/pool/updates/main/c/cyrus-sasl2/libsasl2-modules_2.1.22.dfsg1-23+lenny1_amd64.deb
- http://security.debian.org/pool/updates/main/c/cyrus-sasl2/libsasl2-modules-sql_2.1.22.dfsg1-23+lenny1_amd64.deb
- http://security.debian.org/pool/updates/main/c/cyrus-sasl2/libsasl2-2_2.1.22.dfsg1-23+lenny1_amd64.deb
- ARM:
- http://security.debian.org/pool/updates/main/c/cyrus-sasl2/libsasl2-modules-sql_2.1.22.dfsg1-23+lenny1_arm.deb
- http://security.debian.org/pool/updates/main/c/cyrus-sasl2/libsasl2-dev_2.1.22.dfsg1-23+lenny1_arm.deb
- http://security.debian.org/pool/updates/main/c/cyrus-sasl2/libsasl2-2_2.1.22.dfsg1-23+lenny1_arm.deb
- http://security.debian.org/pool/updates/main/c/cyrus-sasl2/cyrus-sasl2-dbg_2.1.22.dfsg1-23+lenny1_arm.deb
- http://security.debian.org/pool/updates/main/c/cyrus-sasl2-heimdal/libsasl2-modules-gssapi-heimdal_2.1.22.dfsg1-23+lenny1_arm.deb
- http://security.debian.org/pool/updates/main/c/cyrus-sasl2-heimdal/cyrus-sasl2-heimdal-dbg_2.1.22.dfsg1-23+lenny1_arm.deb
- http://security.debian.org/pool/updates/main/c/cyrus-sasl2/libsasl2-modules-otp_2.1.22.dfsg1-23+lenny1_arm.deb
- http://security.debian.org/pool/updates/main/c/cyrus-sasl2/libsasl2-modules-gssapi-mit_2.1.22.dfsg1-23+lenny1_arm.deb
- http://security.debian.org/pool/updates/main/c/cyrus-sasl2/sasl2-bin_2.1.22.dfsg1-23+lenny1_arm.deb
- http://security.debian.org/pool/updates/main/c/cyrus-sasl2/libsasl2-modules_2.1.22.dfsg1-23+lenny1_arm.deb
- http://security.debian.org/pool/updates/main/c/cyrus-sasl2/libsasl2-modules-ldap_2.1.22.dfsg1-23+lenny1_arm.deb
- http://security.debian.org/pool/updates/main/c/cyrus-sasl2/libsasl2-dev_2.1.22.dfsg1-23+lenny1_arm.deb
- ARM EABI:
- http://security.debian.org/pool/updates/main/c/cyrus-sasl2/libsasl2-modules-ldap_2.1.22.dfsg1-23+lenny1_armel.deb
- http://security.debian.org/pool/updates/main/c/cyrus-sasl2-heimdal/cyrus-sasl2-heimdal-dbg_2.1.22.dfsg1-23+lenny1_armel.deb
- http://security.debian.org/pool/updates/main/c/cyrus-sasl2/cyrus-sasl2-dbg_2.1.22.dfsg1-23+lenny1_armel.deb
- http://security.debian.org/pool/updates/main/c/cyrus-sasl2/libsasl2-modules-otp_2.1.22.dfsg1-23+lenny1_armel.deb
- http://security.debian.org/pool/updates/main/c/cyrus-sasl2/sasl2-bin_2.1.22.dfsg1-23+lenny1_armel.deb
- http://security.debian.org/pool/updates/main/c/cyrus-sasl2/libsasl2-modules-sql_2.1.22.dfsg1-23+lenny1_armel.deb
- http://security.debian.org/pool/updates/main/c/cyrus-sasl2/libsasl2-modules-gssapi-mit_2.1.22.dfsg1-23+lenny1_armel.deb
- http://security.debian.org/pool/updates/main/c/cyrus-sasl2/libsasl2-dev_2.1.22.dfsg1-23+lenny1_armel.deb
- http://security.debian.org/pool/updates/main/c/cyrus-sasl2/libsasl2-2_2.1.22.dfsg1-23+lenny1_armel.deb
- http://security.debian.org/pool/updates/main/c/cyrus-sasl2/libsasl2-modules_2.1.22.dfsg1-23+lenny1_armel.deb
- http://security.debian.org/pool/updates/main/c/cyrus-sasl2-heimdal/libsasl2-modules-gssapi-heimdal_2.1.22.dfsg1-23+lenny1_armel.deb
- http://security.debian.org/pool/updates/main/c/cyrus-sasl2-heimdal/cyrus-sasl2-heimdal-dbg_2.1.22.dfsg1-23+lenny1_armel.deb
- HP Precision:
- http://security.debian.org/pool/updates/main/c/cyrus-sasl2/libsasl2-modules-otp_2.1.22.dfsg1-23+lenny1_hppa.deb
- http://security.debian.org/pool/updates/main/c/cyrus-sasl2/libsasl2-modules-gssapi-mit_2.1.22.dfsg1-23+lenny1_hppa.deb
- http://security.debian.org/pool/updates/main/c/cyrus-sasl2/sasl2-bin_2.1.22.dfsg1-23+lenny1_hppa.deb
- http://security.debian.org/pool/updates/main/c/cyrus-sasl2/libsasl2-modules-sql_2.1.22.dfsg1-23+lenny1_hppa.deb
- http://security.debian.org/pool/updates/main/c/cyrus-sasl2/libsasl2-modules_2.1.22.dfsg1-23+lenny1_hppa.deb
- http://security.debian.org/pool/updates/main/c/cyrus-sasl2/libsasl2-dev_2.1.22.dfsg1-23+lenny1_hppa.deb
- http://security.debian.org/pool/updates/main/c/cyrus-sasl2/libsasl2-modules-ldap_2.1.22.dfsg1-23+lenny1_hppa.deb
- http://security.debian.org/pool/updates/main/c/cyrus-sasl2-heimdal/libsasl2-modules-gssapi-heimdal_2.1.22.dfsg1-23+lenny1_hppa.deb
- http://security.debian.org/pool/updates/main/c/cyrus-sasl2-heimdal/cyrus-sasl2-heimdal-dbg_2.1.22.dfsg1-23+lenny1_hppa.deb
- http://security.debian.org/pool/updates/main/c/cyrus-sasl2/cyrus-sasl2-dbg_2.1.22.dfsg1-23+lenny1_hppa.deb
- http://security.debian.org/pool/updates/main/c/cyrus-sasl2/libsasl2-2_2.1.22.dfsg1-23+lenny1_hppa.deb
- http://security.debian.org/pool/updates/main/c/cyrus-sasl2/libsasl2-modules-gssapi-mit_2.1.22.dfsg1-23+lenny1_hppa.deb
- Intel IA-32:
- http://security.debian.org/pool/updates/main/c/cyrus-sasl2/libsasl2-modules-ldap_2.1.22.dfsg1-23+lenny1_i386.deb
- http://security.debian.org/pool/updates/main/c/cyrus-sasl2/libsasl2-dev_2.1.22.dfsg1-23+lenny1_i386.deb
- http://security.debian.org/pool/updates/main/c/cyrus-sasl2-heimdal/libsasl2-modules-gssapi-heimdal_2.1.22.dfsg1-23+lenny1_i386.deb
- http://security.debian.org/pool/updates/main/c/cyrus-sasl2-heimdal/cyrus-sasl2-heimdal-dbg_2.1.22.dfsg1-23+lenny1_i386.deb
- http://security.debian.org/pool/updates/main/c/cyrus-sasl2/libsasl2-modules_2.1.22.dfsg1-23+lenny1_i386.deb
- http://security.debian.org/pool/updates/main/c/cyrus-sasl2/cyrus-sasl2-dbg_2.1.22.dfsg1-23+lenny1_i386.deb
- http://security.debian.org/pool/updates/main/c/cyrus-sasl2/libsasl2-modules-otp_2.1.22.dfsg1-23+lenny1_i386.deb
- http://security.debian.org/pool/updates/main/c/cyrus-sasl2/libsasl2-modules-sql_2.1.22.dfsg1-23+lenny1_i386.deb
- http://security.debian.org/pool/updates/main/c/cyrus-sasl2/libsasl2-2_2.1.22.dfsg1-23+lenny1_i386.deb
- http://security.debian.org/pool/updates/main/c/cyrus-sasl2/sasl2-bin_2.1.22.dfsg1-23+lenny1_i386.deb
- http://security.debian.org/pool/updates/main/c/cyrus-sasl2/libsasl2-modules-gssapi-mit_2.1.22.dfsg1-23+lenny1_i386.deb
- http://security.debian.org/pool/updates/main/c/cyrus-sasl2/libsasl2-dev_2.1.22.dfsg1-23+lenny1_i386.deb
- Intel IA-64:
- http://security.debian.org/pool/updates/main/c/cyrus-sasl2-heimdal/cyrus-sasl2-heimdal-dbg_2.1.22.dfsg1-23+lenny1_ia64.deb
- http://security.debian.org/pool/updates/main/c/cyrus-sasl2/libsasl2-modules-otp_2.1.22.dfsg1-23+lenny1_ia64.deb
- http://security.debian.org/pool/updates/main/c/cyrus-sasl2/libsasl2-modules-ldap_2.1.22.dfsg1-23+lenny1_ia64.deb
- http://security.debian.org/pool/updates/main/c/cyrus-sasl2/libsasl2-dev_2.1.22.dfsg1-23+lenny1_ia64.deb
- http://security.debian.org/pool/updates/main/c/cyrus-sasl2/libsasl2-modules-gssapi-mit_2.1.22.dfsg1-23+lenny1_ia64.deb
- http://security.debian.org/pool/updates/main/c/cyrus-sasl2/libsasl2-2_2.1.22.dfsg1-23+lenny1_ia64.deb
- http://security.debian.org/pool/updates/main/c/cyrus-sasl2/sasl2-bin_2.1.22.dfsg1-23+lenny1_ia64.deb
- http://security.debian.org/pool/updates/main/c/cyrus-sasl2/libsasl2-modules_2.1.22.dfsg1-23+lenny1_ia64.deb
- http://security.debian.org/pool/updates/main/c/cyrus-sasl2/cyrus-sasl2-dbg_2.1.22.dfsg1-23+lenny1_ia64.deb
- http://security.debian.org/pool/updates/main/c/cyrus-sasl2/libsasl2-modules-sql_2.1.22.dfsg1-23+lenny1_ia64.deb
- http://security.debian.org/pool/updates/main/c/cyrus-sasl2-heimdal/libsasl2-modules-gssapi-heimdal_2.1.22.dfsg1-23+lenny1_ia64.deb
- http://security.debian.org/pool/updates/main/c/cyrus-sasl2/libsasl2-modules-otp_2.1.22.dfsg1-23+lenny1_ia64.deb
- Big-endian MIPS:
- http://security.debian.org/pool/updates/main/c/cyrus-sasl2/libsasl2-2_2.1.22.dfsg1-23+lenny1_mips.deb
- http://security.debian.org/pool/updates/main/c/cyrus-sasl2/libsasl2-modules_2.1.22.dfsg1-23+lenny1_mips.deb
- http://security.debian.org/pool/updates/main/c/cyrus-sasl2-heimdal/cyrus-sasl2-heimdal-dbg_2.1.22.dfsg1-23+lenny1_mips.deb
- http://security.debian.org/pool/updates/main/c/cyrus-sasl2-heimdal/libsasl2-modules-gssapi-heimdal_2.1.22.dfsg1-23+lenny1_mips.deb
- http://security.debian.org/pool/updates/main/c/cyrus-sasl2/libsasl2-modules-ldap_2.1.22.dfsg1-23+lenny1_mips.deb
- http://security.debian.org/pool/updates/main/c/cyrus-sasl2/libsasl2-modules-otp_2.1.22.dfsg1-23+lenny1_mips.deb
- http://security.debian.org/pool/updates/main/c/cyrus-sasl2/libsasl2-modules-gssapi-mit_2.1.22.dfsg1-23+lenny1_mips.deb
- http://security.debian.org/pool/updates/main/c/cyrus-sasl2/sasl2-bin_2.1.22.dfsg1-23+lenny1_mips.deb
- http://security.debian.org/pool/updates/main/c/cyrus-sasl2/cyrus-sasl2-dbg_2.1.22.dfsg1-23+lenny1_mips.deb
- http://security.debian.org/pool/updates/main/c/cyrus-sasl2/libsasl2-dev_2.1.22.dfsg1-23+lenny1_mips.deb
- http://security.debian.org/pool/updates/main/c/cyrus-sasl2/libsasl2-modules-sql_2.1.22.dfsg1-23+lenny1_mips.deb
- http://security.debian.org/pool/updates/main/c/cyrus-sasl2/libsasl2-modules_2.1.22.dfsg1-23+lenny1_mips.deb
- Little-endian MIPS:
- http://security.debian.org/pool/updates/main/c/cyrus-sasl2/cyrus-sasl2-dbg_2.1.22.dfsg1-23+lenny1_mipsel.deb
- http://security.debian.org/pool/updates/main/c/cyrus-sasl2/libsasl2-modules-sql_2.1.22.dfsg1-23+lenny1_mipsel.deb
- http://security.debian.org/pool/updates/main/c/cyrus-sasl2-heimdal/cyrus-sasl2-heimdal-dbg_2.1.22.dfsg1-23+lenny1_mipsel.deb
- http://security.debian.org/pool/updates/main/c/cyrus-sasl2-heimdal/libsasl2-modules-gssapi-heimdal_2.1.22.dfsg1-23+lenny1_mipsel.deb
- http://security.debian.org/pool/updates/main/c/cyrus-sasl2/libsasl2-modules-otp_2.1.22.dfsg1-23+lenny1_mipsel.deb
- http://security.debian.org/pool/updates/main/c/cyrus-sasl2/libsasl2-2_2.1.22.dfsg1-23+lenny1_mipsel.deb
- http://security.debian.org/pool/updates/main/c/cyrus-sasl2/libsasl2-modules-gssapi-mit_2.1.22.dfsg1-23+lenny1_mipsel.deb
- http://security.debian.org/pool/updates/main/c/cyrus-sasl2/libsasl2-modules_2.1.22.dfsg1-23+lenny1_mipsel.deb
- http://security.debian.org/pool/updates/main/c/cyrus-sasl2/libsasl2-modules-ldap_2.1.22.dfsg1-23+lenny1_mipsel.deb
- http://security.debian.org/pool/updates/main/c/cyrus-sasl2/libsasl2-dev_2.1.22.dfsg1-23+lenny1_mipsel.deb
- http://security.debian.org/pool/updates/main/c/cyrus-sasl2/sasl2-bin_2.1.22.dfsg1-23+lenny1_mipsel.deb
- http://security.debian.org/pool/updates/main/c/cyrus-sasl2/libsasl2-modules-sql_2.1.22.dfsg1-23+lenny1_mipsel.deb
- PowerPC:
- http://security.debian.org/pool/updates/main/c/cyrus-sasl2/libsasl2-2_2.1.22.dfsg1-23+lenny1_powerpc.deb
- http://security.debian.org/pool/updates/main/c/cyrus-sasl2-heimdal/cyrus-sasl2-heimdal-dbg_2.1.22.dfsg1-23+lenny1_powerpc.deb
- http://security.debian.org/pool/updates/main/c/cyrus-sasl2-heimdal/libsasl2-modules-gssapi-heimdal_2.1.22.dfsg1-23+lenny1_powerpc.deb
- http://security.debian.org/pool/updates/main/c/cyrus-sasl2/cyrus-sasl2-dbg_2.1.22.dfsg1-23+lenny1_powerpc.deb
- http://security.debian.org/pool/updates/main/c/cyrus-sasl2/libsasl2-modules-sql_2.1.22.dfsg1-23+lenny1_powerpc.deb
- http://security.debian.org/pool/updates/main/c/cyrus-sasl2/libsasl2-modules_2.1.22.dfsg1-23+lenny1_powerpc.deb
- http://security.debian.org/pool/updates/main/c/cyrus-sasl2/sasl2-bin_2.1.22.dfsg1-23+lenny1_powerpc.deb
- http://security.debian.org/pool/updates/main/c/cyrus-sasl2/libsasl2-modules-gssapi-mit_2.1.22.dfsg1-23+lenny1_powerpc.deb
- http://security.debian.org/pool/updates/main/c/cyrus-sasl2/libsasl2-dev_2.1.22.dfsg1-23+lenny1_powerpc.deb
- http://security.debian.org/pool/updates/main/c/cyrus-sasl2/libsasl2-modules-ldap_2.1.22.dfsg1-23+lenny1_powerpc.deb
- http://security.debian.org/pool/updates/main/c/cyrus-sasl2/libsasl2-modules-otp_2.1.22.dfsg1-23+lenny1_powerpc.deb
- http://security.debian.org/pool/updates/main/c/cyrus-sasl2-heimdal/cyrus-sasl2-heimdal-dbg_2.1.22.dfsg1-23+lenny1_powerpc.deb
- IBM S/390:
- http://security.debian.org/pool/updates/main/c/cyrus-sasl2-heimdal/libsasl2-modules-gssapi-heimdal_2.1.22.dfsg1-23+lenny1_s390.deb
- http://security.debian.org/pool/updates/main/c/cyrus-sasl2/cyrus-sasl2-dbg_2.1.22.dfsg1-23+lenny1_s390.deb
- http://security.debian.org/pool/updates/main/c/cyrus-sasl2/libsasl2-2_2.1.22.dfsg1-23+lenny1_s390.deb
- http://security.debian.org/pool/updates/main/c/cyrus-sasl2-heimdal/cyrus-sasl2-heimdal-dbg_2.1.22.dfsg1-23+lenny1_s390.deb
- http://security.debian.org/pool/updates/main/c/cyrus-sasl2/libsasl2-modules-otp_2.1.22.dfsg1-23+lenny1_s390.deb
- http://security.debian.org/pool/updates/main/c/cyrus-sasl2/libsasl2-modules-sql_2.1.22.dfsg1-23+lenny1_s390.deb
- http://security.debian.org/pool/updates/main/c/cyrus-sasl2/libsasl2-modules_2.1.22.dfsg1-23+lenny1_s390.deb
- http://security.debian.org/pool/updates/main/c/cyrus-sasl2/libsasl2-modules-gssapi-mit_2.1.22.dfsg1-23+lenny1_s390.deb
- http://security.debian.org/pool/updates/main/c/cyrus-sasl2/sasl2-bin_2.1.22.dfsg1-23+lenny1_s390.deb
- http://security.debian.org/pool/updates/main/c/cyrus-sasl2/libsasl2-modules-ldap_2.1.22.dfsg1-23+lenny1_s390.deb
- http://security.debian.org/pool/updates/main/c/cyrus-sasl2/libsasl2-dev_2.1.22.dfsg1-23+lenny1_s390.deb
- http://security.debian.org/pool/updates/main/c/cyrus-sasl2/cyrus-sasl2-dbg_2.1.22.dfsg1-23+lenny1_s390.deb
- Sun Sparc:
- http://security.debian.org/pool/updates/main/c/cyrus-sasl2/sasl2-bin_2.1.22.dfsg1-23+lenny1_sparc.deb
- http://security.debian.org/pool/updates/main/c/cyrus-sasl2/libsasl2-modules_2.1.22.dfsg1-23+lenny1_sparc.deb
- http://security.debian.org/pool/updates/main/c/cyrus-sasl2/libsasl2-2_2.1.22.dfsg1-23+lenny1_sparc.deb
- http://security.debian.org/pool/updates/main/c/cyrus-sasl2/libsasl2-modules-sql_2.1.22.dfsg1-23+lenny1_sparc.deb
- http://security.debian.org/pool/updates/main/c/cyrus-sasl2/libsasl2-modules-gssapi-mit_2.1.22.dfsg1-23+lenny1_sparc.deb
- http://security.debian.org/pool/updates/main/c/cyrus-sasl2/libsasl2-dev_2.1.22.dfsg1-23+lenny1_sparc.deb
- http://security.debian.org/pool/updates/main/c/cyrus-sasl2/libsasl2-modules-ldap_2.1.22.dfsg1-23+lenny1_sparc.deb
- http://security.debian.org/pool/updates/main/c/cyrus-sasl2-heimdal/libsasl2-modules-gssapi-heimdal_2.1.22.dfsg1-23+lenny1_sparc.deb
- http://security.debian.org/pool/updates/main/c/cyrus-sasl2-heimdal/cyrus-sasl2-heimdal-dbg_2.1.22.dfsg1-23+lenny1_sparc.deb
- http://security.debian.org/pool/updates/main/c/cyrus-sasl2/cyrus-sasl2-dbg_2.1.22.dfsg1-23+lenny1_sparc.deb
- http://security.debian.org/pool/updates/main/c/cyrus-sasl2/libsasl2-modules-otp_2.1.22.dfsg1-23+lenny1_sparc.deb
- http://security.debian.org/pool/updates/main/c/cyrus-sasl2/libsasl2-modules_2.1.22.dfsg1-23+lenny1_sparc.deb
MD5-kontrolsummer for de listede filer findes i den originale sikkerhedsbulletin.