Debians sikkerhedsbulletin

DSA-757-1 krb5 -- bufferoverløb, dobbelt frigivelse af hukommelse

Rapporteret den:

17. jul 2005

Berørte pakker:

Sårbar:

Referencer i sikkerhedsdatabaser:

I Mitres CVE-ordbog: CVE-2005-1689, CVE-2005-1174, CVE-2005-1175.
CERTs noter om sårbarheder, bulletiner og hændelser: VU#259798, VU#885830, VU#623332.

Yderligere oplysninger:

Daniel Wachdorf har rapporteret to problemer i MIT krb5-distributionen der anvendes til netværksautentificering. Først er der KDC-programmer i pakken krb5-kdc, der kan ødelægge heap'en ved at forsøge at frigive hukommelse, der allerede er blevet frigivet ved modtagelse af visse TCP-forbindelser. Denne sårbarhed kunne medføre et nedbrud i KDC, hvilket kunne føre til et lammelsesangreb (denial of service) [CAN-2005-1174]. Dernæst kunne visse sjældne tilfælde med forespørgsler af denne type føre til et bufferoverløb og udførelse af fjerntliggende kode [CAN-2005-1175].

Desuden har Magnus Hagander rapporteret om et andet problem, hvor funktionen krb5_recvauth i visse situationer kunne frigive allerede frigivet hukommelse, hvilket potentielt kunne føre til udførelse af fjerntliggende kode [CAN-2005-1689].

Alle disse sårbarheder anses for vanskellige at udnytte, og ingen udnyttelser er endnu blevet opdaget.

I den gamle stabile distribution (woody), er disse problemer rettet i version 1.2.4-5woody10. Bemærk at woodys KDC ikke har TCP-understøttelse og ikke er sårbar over for CAN-2005-1174.

I den stabile distribution (sarge), er disse problemer rettet i version 1.3.6-2sarge2.

I den ustabile distribution (sid), er disse problemer rettet i version 1.3.6-4.

Vi anbefaler at du opgraderer din krb5-pakke.

Rettet i:

Debian GNU/Linux 3.0 (woody)

Kildekode:: http://security.debian.org/pool/updates/main/k/krb5/krb5_1.2.4-5woody10.diff.gz; http://security.debian.org/pool/updates/main/k/krb5/krb5_1.2.4.orig.tar.gz; http://security.debian.org/pool/updates/main/k/krb5/krb5_1.2.4-5woody10.dsc
Arkitekturuafhængig komponent:: http://security.debian.org/pool/updates/main/k/krb5/krb5-doc_1.2.4-5woody10_all.deb
Alpha:: http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.2.4-5woody10_alpha.deb; http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.2.4-5woody10_alpha.deb; http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.2.4-5woody10_alpha.deb; http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.2.4-5woody10_alpha.deb; http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.2.4-5woody10_alpha.deb; http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.2.4-5woody10_alpha.deb; http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.2.4-5woody10_alpha.deb; http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.2.4-5woody10_alpha.deb; http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.2.4-5woody10_alpha.deb; http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.2.4-5woody10_alpha.deb
ARM:: http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.2.4-5woody10_arm.deb; http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.2.4-5woody10_arm.deb; http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.2.4-5woody10_arm.deb; http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.2.4-5woody10_arm.deb; http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.2.4-5woody10_arm.deb; http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.2.4-5woody10_arm.deb; http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.2.4-5woody10_arm.deb; http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.2.4-5woody10_arm.deb; http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.2.4-5woody10_arm.deb; http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.2.4-5woody10_arm.deb
HP Precision:: http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.2.4-5woody10_hppa.deb; http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.2.4-5woody10_hppa.deb; http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.2.4-5woody10_hppa.deb; http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.2.4-5woody10_hppa.deb; http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.2.4-5woody10_hppa.deb; http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.2.4-5woody10_hppa.deb; http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.2.4-5woody10_hppa.deb; http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.2.4-5woody10_hppa.deb; http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.2.4-5woody10_hppa.deb; http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.2.4-5woody10_hppa.deb
Intel IA-32:: http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.2.4-5woody10_i386.deb; http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.2.4-5woody10_i386.deb; http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.2.4-5woody10_i386.deb; http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.2.4-5woody10_i386.deb; http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.2.4-5woody10_i386.deb; http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.2.4-5woody10_i386.deb; http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.2.4-5woody10_i386.deb; http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.2.4-5woody10_i386.deb; http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.2.4-5woody10_i386.deb; http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.2.4-5woody10_i386.deb
Intel IA-64:: http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.2.4-5woody10_ia64.deb; http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.2.4-5woody10_ia64.deb; http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.2.4-5woody10_ia64.deb; http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.2.4-5woody10_ia64.deb; http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.2.4-5woody10_ia64.deb; http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.2.4-5woody10_ia64.deb; http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.2.4-5woody10_ia64.deb; http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.2.4-5woody10_ia64.deb; http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.2.4-5woody10_ia64.deb; http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.2.4-5woody10_ia64.deb
Motorola 680x0:: http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.2.4-5woody10_m68k.deb; http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.2.4-5woody10_m68k.deb; http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.2.4-5woody10_m68k.deb; http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.2.4-5woody10_m68k.deb; http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.2.4-5woody10_m68k.deb; http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.2.4-5woody10_m68k.deb; http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.2.4-5woody10_m68k.deb; http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.2.4-5woody10_m68k.deb; http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.2.4-5woody10_m68k.deb; http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.2.4-5woody10_m68k.deb
Big-endian MIPS:: http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.2.4-5woody10_mips.deb; http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.2.4-5woody10_mips.deb; http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.2.4-5woody10_mips.deb; http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.2.4-5woody10_mips.deb; http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.2.4-5woody10_mips.deb; http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.2.4-5woody10_mips.deb; http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.2.4-5woody10_mips.deb; http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.2.4-5woody10_mips.deb; http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.2.4-5woody10_mips.deb; http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.2.4-5woody10_mips.deb
Little-endian MIPS:: http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.2.4-5woody10_mipsel.deb; http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.2.4-5woody10_mipsel.deb; http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.2.4-5woody10_mipsel.deb; http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.2.4-5woody10_mipsel.deb; http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.2.4-5woody10_mipsel.deb; http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.2.4-5woody10_mipsel.deb; http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.2.4-5woody10_mipsel.deb; http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.2.4-5woody10_mipsel.deb; http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.2.4-5woody10_mipsel.deb; http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.2.4-5woody10_mipsel.deb
PowerPC:: http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.2.4-5woody10_powerpc.deb; http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.2.4-5woody10_powerpc.deb; http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.2.4-5woody10_powerpc.deb; http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.2.4-5woody10_powerpc.deb; http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.2.4-5woody10_powerpc.deb; http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.2.4-5woody10_powerpc.deb; http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.2.4-5woody10_powerpc.deb; http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.2.4-5woody10_powerpc.deb; http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.2.4-5woody10_powerpc.deb; http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.2.4-5woody10_powerpc.deb
IBM S/390:: http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.2.4-5woody10_s390.deb; http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.2.4-5woody10_s390.deb; http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.2.4-5woody10_s390.deb; http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.2.4-5woody10_s390.deb; http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.2.4-5woody10_s390.deb; http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.2.4-5woody10_s390.deb; http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.2.4-5woody10_s390.deb; http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.2.4-5woody10_s390.deb; http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.2.4-5woody10_s390.deb; http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.2.4-5woody10_s390.deb
Sun Sparc:: http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.2.4-5woody10_sparc.deb; http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.2.4-5woody10_sparc.deb; http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.2.4-5woody10_sparc.deb; http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.2.4-5woody10_sparc.deb; http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.2.4-5woody10_sparc.deb; http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.2.4-5woody10_sparc.deb; http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.2.4-5woody10_sparc.deb; http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.2.4-5woody10_sparc.deb; http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.2.4-5woody10_sparc.deb; http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.2.4-5woody10_sparc.deb

Debian GNU/Linux 3.1 (sarge)

Kildekode:: http://security.debian.org/pool/updates/main/k/krb5/krb5_1.3.6-2sarge2.dsc; http://security.debian.org/pool/updates/main/k/krb5/krb5_1.3.6-2sarge2.diff.gz
Arkitekturuafhængig komponent:: http://security.debian.org/pool/updates/main/k/krb5/krb5-doc_1.3.6-2sarge2_all.deb
Alpha:: http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.3.6-2sarge2_alpha.deb; http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.3.6-2sarge2_alpha.deb; http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.3.6-2sarge2_alpha.deb; http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.3.6-2sarge2_alpha.deb; http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.3.6-2sarge2_alpha.deb; http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.3.6-2sarge2_alpha.deb; http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.3.6-2sarge2_alpha.deb; http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.3.6-2sarge2_alpha.deb; http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.3.6-2sarge2_alpha.deb; http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.3.6-2sarge2_alpha.deb
ARM:: http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.3.6-2sarge2_arm.deb; http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.3.6-2sarge2_arm.deb; http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.3.6-2sarge2_arm.deb; http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.3.6-2sarge2_arm.deb; http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.3.6-2sarge2_arm.deb; http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.3.6-2sarge2_arm.deb; http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.3.6-2sarge2_arm.deb; http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.3.6-2sarge2_arm.deb; http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.3.6-2sarge2_arm.deb
HP Precision:: http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.3.6-2sarge2_hppa.deb; http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.3.6-2sarge2_hppa.deb; http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.3.6-2sarge2_hppa.deb; http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.3.6-2sarge2_hppa.deb; http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.3.6-2sarge2_hppa.deb; http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.3.6-2sarge2_hppa.deb; http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.3.6-2sarge2_hppa.deb; http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.3.6-2sarge2_hppa.deb; http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.3.6-2sarge2_hppa.deb; http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.3.6-2sarge2_hppa.deb
Intel IA-32:: http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.3.6-2sarge2_i386.deb; http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.3.6-2sarge2_i386.deb; http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.3.6-2sarge2_i386.deb; http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.3.6-2sarge2_i386.deb; http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.3.6-2sarge2_i386.deb; http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.3.6-2sarge2_i386.deb; http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.3.6-2sarge2_i386.deb; http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.3.6-2sarge2_i386.deb; http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.3.6-2sarge2_i386.deb; http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.3.6-2sarge2_i386.deb
Intel IA-64:: http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.3.6-2sarge2_ia64.deb; http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.3.6-2sarge2_ia64.deb; http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.3.6-2sarge2_ia64.deb; http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.3.6-2sarge2_ia64.deb; http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.3.6-2sarge2_ia64.deb; http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.3.6-2sarge2_ia64.deb; http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.3.6-2sarge2_ia64.deb; http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.3.6-2sarge2_ia64.deb; http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.3.6-2sarge2_ia64.deb; http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.3.6-2sarge2_ia64.deb
Motorola 680x0:: http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.3.6-2sarge2_m68k.deb; http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.3.6-2sarge2_m68k.deb; http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.3.6-2sarge2_m68k.deb; http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.3.6-2sarge2_m68k.deb; http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.3.6-2sarge2_m68k.deb; http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.3.6-2sarge2_m68k.deb; http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.3.6-2sarge2_m68k.deb; http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.3.6-2sarge2_m68k.deb; http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.3.6-2sarge2_m68k.deb; http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.3.6-2sarge2_m68k.deb
Big-endian MIPS:: http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.3.6-2sarge2_mips.deb; http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.3.6-2sarge2_mips.deb; http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.3.6-2sarge2_mips.deb; http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.3.6-2sarge2_mips.deb; http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.3.6-2sarge2_mips.deb; http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.3.6-2sarge2_mips.deb; http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.3.6-2sarge2_mips.deb; http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.3.6-2sarge2_mips.deb; http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.3.6-2sarge2_mips.deb; http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.3.6-2sarge2_mips.deb
Little-endian MIPS:: http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.3.6-2sarge2_mipsel.deb; http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.3.6-2sarge2_mipsel.deb; http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.3.6-2sarge2_mipsel.deb; http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.3.6-2sarge2_mipsel.deb; http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.3.6-2sarge2_mipsel.deb; http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.3.6-2sarge2_mipsel.deb; http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.3.6-2sarge2_mipsel.deb; http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.3.6-2sarge2_mipsel.deb; http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.3.6-2sarge2_mipsel.deb; http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.3.6-2sarge2_mipsel.deb
PowerPC:: http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.3.6-2sarge2_powerpc.deb; http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.3.6-2sarge2_powerpc.deb; http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.3.6-2sarge2_powerpc.deb; http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.3.6-2sarge2_powerpc.deb; http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.3.6-2sarge2_powerpc.deb; http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.3.6-2sarge2_powerpc.deb; http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.3.6-2sarge2_powerpc.deb; http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.3.6-2sarge2_powerpc.deb; http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.3.6-2sarge2_powerpc.deb; http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.3.6-2sarge2_powerpc.deb
IBM S/390:: http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.3.6-2sarge2_s390.deb; http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.3.6-2sarge2_s390.deb; http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.3.6-2sarge2_s390.deb; http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.3.6-2sarge2_s390.deb; http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.3.6-2sarge2_s390.deb; http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.3.6-2sarge2_s390.deb; http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.3.6-2sarge2_s390.deb; http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.3.6-2sarge2_s390.deb; http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.3.6-2sarge2_s390.deb; http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.3.6-2sarge2_s390.deb
Sun Sparc:: http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.3.6-2sarge2_sparc.deb; http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.3.6-2sarge2_sparc.deb; http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.3.6-2sarge2_sparc.deb; http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.3.6-2sarge2_sparc.deb; http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.3.6-2sarge2_sparc.deb; http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.3.6-2sarge2_sparc.deb; http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.3.6-2sarge2_sparc.deb; http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.3.6-2sarge2_sparc.deb; http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.3.6-2sarge2_sparc.deb; http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.3.6-2sarge2_sparc.deb

MD5-kontrolsummer for de listede filer findes i den originale sikkerhedsbulletin.