USN-288-3: PostgreSQL client vulnerabilities
Posted on: 06/09/2006 12:12 PM

A new PostgreSQL client vulnerabilities update is available for Ubuntu Linux. Here the announcement:

Ubuntu Security Notice USN-288-3 June 09, 2006
dovecot, exim4, postfix vulnerabilities
CVE-2006-2314, CVE-2006-2753
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D

A security issue affects the following Ubuntu releases:

Ubuntu 5.04
Ubuntu 5.10
Ubuntu 6.06 LTS

This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.

The problem can be corrected by upgrading your system to the
following package versions:

Ubuntu 5.04:
dovecot-common 0.99.13-3ubuntu0.1
exim4-daemon-heavy 4.34-10ubuntu0.1
postfix-pgsql 2.1.5-9ubuntu3.1

Ubuntu 5.10:
dovecot-common 0.99.14-1ubuntu1.1
exim4-daemon-heavy 4.52-1ubuntu0.1
postfix-pgsql 2.2.4-1ubuntu2.1

Ubuntu 6.06 LTS:
dovecot-common 1.0.beta3-3ubuntu5.1
exim4-daemon-heavy 4.60-3ubuntu3.1
postfix-pgsql 2.2.10-1ubuntu0.1

In general, a standard system upgrade is sufficient to effect the
necessary changes.

Details follow:

USN-288-1 described a PostgreSQL client vulnerability in the way=20
the gt;gt;'lt;lt; character is escaped in SQL queries. It was determined that
the PostgreSQL backends of Exim, Dovecot, and Postfix used this unsafe
escaping method.

For reference, these are the details of the original USN:

CVE-2006-2313:
Akio Ishida and Yasuo Ohgaki discovered a weakness in the handling of
invalidly-encoded multibyte text data. If a client application
processed untrusted input without respecting its encoding and applied
standard string escaping techniques (such as replacing a single quote
gt;gt;'lt;lt; with gt;gt;\\'lt;lt; or gt;gt;''lt;lt;), the PostgreSQL server could interpret the
resulting string in a way that allowed an attacker to inject arbitrary
SQL commands into the resulting SQL query. The PostgreSQL server has
been modified to reject such invalidly encoded strings now, which
completely fixes the problem for some 'safe' multibyte encodings like
UTF-8.

CVE-2006-2314:
However, there are some less popular and client-only multibyte
encodings (such as SJIS, BIG5, GBK, GB18030, and UHC) which contain
valid multibyte characters that end with the byte 0x5c, which is the
representation of the backslash character gt;gt;\\lt;lt; in ASCII. Many client
libraries and applications use the non-standard, but popular way of
escaping the gt;gt;'lt;lt; character by replacing all occurences of it with
gt;gt;\\'lt;lt;. If a client application uses one of the affected encodings and
does not interpret multibyte characters, and an attacker supplies a
specially crafted byte sequence as an input string parameter, this
escaping method would then produce a validly-encoded character and
an excess gt;gt;'lt;lt; character which would end the string. All subsequent
characters would then be interpreted as SQL code, so the attacker
could execute arbitrary SQL commands.

To fix this vulnerability end-to-end, client-side applications must
be fixed to properly interpret multibyte encodings and use gt;gt;''lt;lt;
instead of gt;gt;\\'lt;lt;. However, as a precautionary measure, the sequence
gt;gt;\\'lt;lt; is now regarded as invalid when one of the affected client
encodings is in use. If you depend on the previous behaviour, you
can restore it by setting 'backslash_quote =3D on' in postgresql.conf.
However, please be aware that this could render you vulnerable
again.

This issue does not affect you if you only use single-byte (like
SQL_ASCII or the ISO-8859-X family) or unaffected multibyte (like
UTF-8) encodings.

Please see http://www.postgresql.org/docs/techdocs.50 for further
details.

Updated packages for Ubuntu 5.04:

Source archives:

http://security.ubuntu.com/ubuntu/pool/main/d/dovecot/dovecot_0.99.13-3=
ubuntu0.1.diff.gz
Size/MD5: 25404 3c04c4209d088672d44274173375bbae
http://security.ubuntu.com/ubuntu/pool/main/d/dovecot/dovecot_0.99.13-3=
ubuntu0.1.dsc
Size/MD5: 766 62f4a67113049644ff4ba1fe64186644
http://security.ubuntu.com/ubuntu/pool/main/d/dovecot/dovecot_0.99.13.o=
rig.tar.gz
Size/MD5: 867787 a84896c4236232b843972370e3730729
http://security.ubuntu.com/ubuntu/pool/main/e/exim4/exim4_4.34-10ubuntu=
0.1.diff.gz
Size/MD5: 543118 eac768b2342855381a06668e0b9092b5
http://security.ubuntu.com/ubuntu/pool/main/e/exim4/exim4_4.34-10ubuntu=
0.1.dsc
Size/MD5: 1093 cec092fdddee02a57f057adced2fc2b3
http://security.ubuntu.com/ubuntu/pool/main/e/exim4/exim4_4.34.orig.tar=
=2Egz
Size/MD5: 1717473 acdf7117f18b71702d4da284b1263275
http://security.ubuntu.com/ubuntu/pool/main/p/postfix/postfix_2.1.5-9ub=
untu3.1.diff.gz
Size/MD5: 461692 f88e13bc7a3bd0a7f21d4038c6ab1ba6
http://security.ubuntu.com/ubuntu/pool/main/p/postfix/postfix_2.1.5-9ub=
untu3.1.dsc
Size/MD5: 870 9f52b77f7d9e17750e1b3fe83ea07495
http://security.ubuntu.com/ubuntu/pool/main/p/postfix/postfix_2.1.5.ori=
g.tar.gz
Size/MD5: 1971931 bcaa4aac80595d04c60c72844203a04d

Architecture independent packages:

http://security.ubuntu.com/ubuntu/pool/main/d/dovecot/dovecot_0.99.13-3=
ubuntu0.1_all.deb
Size/MD5: 7144 308256cb6d3eff54e7fbe5478b59904b
http://security.ubuntu.com/ubuntu/pool/main/e/exim4/exim4-config_4.34-1=
0ubuntu0.1_all.deb
Size/MD5: 210038 816e14a8bd771630af9c95bfd376227c
http://security.ubuntu.com/ubuntu/pool/universe/e/exim4/exim4_4.34-10ub=
untu0.1_all.deb
Size/MD5: 1210 4a8339d0904183740be4e7d36204e97c
http://security.ubuntu.com/ubuntu/pool/main/p/postfix/postfix-dev_2.1.5=
-9ubuntu3.1_all.deb
Size/MD5: 99246 8e829a7b7773c3636444671161d19282
http://security.ubuntu.com/ubuntu/pool/main/p/postfix/postfix-doc_2.1.5=
-9ubuntu3.1_all.deb
Size/MD5: 645018 2b5566dfe962de20ec7a424b593243a9

amd64 architecture (Athlon64, Opteron, EM64T Xeon)

http://security.ubuntu.com/ubuntu/pool/main/d/dovecot/dovecot-common_0.=
99.13-3ubuntu0.1_amd64.deb
Size/MD5: 257584 ecdf36cb88941ad9bccaecfec534a896
http://security.ubuntu.com/ubuntu/pool/main/d/dovecot/dovecot-imapd_0.9=
9.13-3ubuntu0.1_amd64.deb
Size/MD5: 310840 ef8e4da46aa56a85a3872205483b1794
http://security.ubuntu.com/ubuntu/pool/main/d/dovecot/dovecot-pop3d_0.9=
9.13-3ubuntu0.1_amd64.deb
Size/MD5: 284520 d4ccd9925d349e5d1584f1acdfb0d121
http://security.ubuntu.com/ubuntu/pool/main/e/exim4/exim4-base_4.34-10u=
buntu0.1_amd64.deb
Size/MD5: 795196 0cb46c1c5c4e7a4d092861c6a3b3daa0
http://security.ubuntu.com/ubuntu/pool/main/e/exim4/exim4-daemon-heavy_=
4.34-10ubuntu0.1_amd64.deb
Size/MD5: 434060 d5677ec8e8650fe79df02d08b48968a9
http://security.ubuntu.com/ubuntu/pool/main/e/exim4/exim4-daemon-light_=
4.34-10ubuntu0.1_amd64.deb
Size/MD5: 362470 e71aa63431444d06509b310e58fe409c
http://security.ubuntu.com/ubuntu/pool/universe/e/exim4/eximon4_4.34-10=
ubuntu0.1_amd64.deb
Size/MD5: 75250 8c85f39ab5f0458fa1dd04dd78e1c5b0
http://security.ubuntu.com/ubuntu/pool/main/p/postfix/postfix-ldap_2.1.=
5-9ubuntu3.1_amd64.deb
Size/MD5: 37652 d3cc2c8c38072fb91c2ec4bc117bde45
http://security.ubuntu.com/ubuntu/pool/main/p/postfix/postfix-mysql_2.1=
=2E5-9ubuntu3.1_amd64.deb
Size/MD5: 33110 fd30148e23759cef5293e463b6930696
http://security.ubuntu.com/ubuntu/pool/main/p/postfix/postfix-pcre_2.1.=
5-9ubuntu3.1_amd64.deb
Size/MD5: 32644 b21381849d64b4c59cc242c80d266646
http://security.ubuntu.com/ubuntu/pool/main/p/postfix/postfix-pgsql_2.1=
=2E5-9ubuntu3.1_amd64.deb
Size/MD5: 33444 2cc8e8585c41a5d2dde8716f2dffadff
http://security.ubuntu.com/ubuntu/pool/main/p/postfix/postfix-tls_2.1.5=
-9ubuntu3.1_amd64.deb
Size/MD5: 168572 ec7260c04216c1c12ebea2a1ebf06f88
http://security.ubuntu.com/ubuntu/pool/main/p/postfix/postfix_2.1.5-9ub=
untu3.1_amd64.deb
Size/MD5: 858314 de6cd5dfcdeb1d947453e8dc7ca7dc3e

i386 architecture (x86 compatible Intel/AMD)

http://security.ubuntu.com/ubuntu/pool/main/d/dovecot/dovecot-common_0.=
99.13-3ubuntu0.1_i386.deb
Size/MD5: 240224 0ce0d4342a41e0a12ff47d189c537897
http://security.ubuntu.com/ubuntu/pool/main/d/dovecot/dovecot-imapd_0.9=
9.13-3ubuntu0.1_i386.deb
Size/MD5: 282390 392c5fc6911253cd3e73d540487ba75a
http://security.ubuntu.com/ubuntu/pool/main/d/dovecot/dovecot-pop3d_0.9=
9.13-3ubuntu0.1_i386.deb
Size/MD5: 258750 497620834fc789001c1978d96b419373
http://security.ubuntu.com/ubuntu/pool/main/e/exim4/exim4-base_4.34-10u=
buntu0.1_i386.deb
Size/MD5: 791446 d2b3a59541e7593e4c9b334d1724668e
http://security.ubuntu.com/ubuntu/pool/main/e/exim4/exim4-daemon-heavy_=
4.34-10ubuntu0.1_i386.deb
Size/MD5: 407224 26dbb50a3944f112290fd31ff22d853b
http://security.ubuntu.com/ubuntu/pool/main/e/exim4/exim4-daemon-light_=
4.34-10ubuntu0.1_i386.deb
Size/MD5: 338126 e37ab13f42dc88af0ce27fa9f91b5dff
http://security.ubuntu.com/ubuntu/pool/universe/e/exim4/eximon4_4.34-10=
ubuntu0.1_i386.deb
Size/MD5: 70754 9e8c4d81472144892abf613cd323bb54
http://security.ubuntu.com/ubuntu/pool/main/p/postfix/postfix-ldap_2.1.=
5-9ubuntu3.1_i386.deb
Size/MD5: 36986 e9889afa0b147ab8ee50e3b51b79e1c9
http://security.ubuntu.com/ubuntu/pool/main/p/postfix/postfix-mysql_2.1=
=2E5-9ubuntu3.1_i386.deb
Size/MD5: 32482 df937e9f336a72d00dc6515b505b4ea6
http://security.ubuntu.com/ubuntu/pool/main/p/postfix/postfix-pcre_2.1.=
5-9ubuntu3.1_i386.deb
Size/MD5: 32204 198b8b1a908fb6ecb164bfcdeecfdb24
http://security.ubuntu.com/ubuntu/pool/main/p/postfix/postfix-pgsql_2.1=
=2E5-9ubuntu3.1_i386.deb
Size/MD5: 32798 5f94ffcad97d9e06ff0ee20ac266e3ce
http://security.ubuntu.com/ubuntu/pool/main/p/postfix/postfix-tls_2.1.5=
-9ubuntu3.1_i386.deb
Size/MD5: 151248 0807050f98c1e501c66a5c5eeffb5a4b
http://security.ubuntu.com/ubuntu/pool/main/p/postfix/postfix_2.1.5-9ub=
untu3.1_i386.deb
Size/MD5: 791288 fced5c9b838cd5bbaae459b36157336e

powerpc architecture (Apple Macintosh G3/G4/G5)

http://security.ubuntu.com/ubuntu/pool/main/d/dovecot/dovecot-common_0.=
99.13-3ubuntu0.1_powerpc.deb
Size/MD5: 255660 180f1c39a0774b67a56e5d30adf7686f
http://security.ubuntu.com/ubuntu/pool/main/d/dovecot/dovecot-imapd_0.9=
9.13-3ubuntu0.1_powerpc.deb
Size/MD5: 313168 aff398b62396e0547723b7e3423c9d94
http://security.ubuntu.com/ubuntu/pool/main/d/dovecot/dovecot-pop3d_0.9=
9.13-3ubuntu0.1_powerpc.deb
Size/MD5: 286018 a42a954ade694c7c6105f7839275c36b
http://security.ubuntu.com/ubuntu/pool/main/e/exim4/exim4-base_4.34-10u=
buntu0.1_powerpc.deb
Size/MD5: 799832 628acf8edf12267b5c66e207153e7684
http://security.ubuntu.com/ubuntu/pool/main/e/exim4/exim4-daemon-heavy_=
4.34-10ubuntu0.1_powerpc.deb
Size/MD5: 440108 76af6eb72a658011fe29d1eb84341237
http://security.ubuntu.com/ubuntu/pool/main/e/exim4/exim4-daemon-light_=
4.34-10ubuntu0.1_powerpc.deb
Size/MD5: 366556 4b0dc8bb7eea3735ad417e068c20ef1f
http://security.ubuntu.com/ubuntu/pool/universe/e/exim4/eximon4_4.34-10=
ubuntu0.1_powerpc.deb
Size/MD5: 76620 abe917f7441e0a45ccb835a292d6dc5e
http://security.ubuntu.com/ubuntu/pool/main/p/postfix/postfix-ldap_2.1.=
5-9ubuntu3.1_powerpc.deb
Size/MD5: 38752 ebf53b5354b464210db8c89a8cd8264a
http://security.ubuntu.com/ubuntu/pool/main/p/postfix/postfix-mysql_2.1=
=2E5-9ubuntu3.1_powerpc.deb
Size/MD5: 34472 ebb9499db973bd9bf6e39d127e3cc07a
http://security.ubuntu.com/ubuntu/pool/main/p/postfix/postfix-pcre_2.1.=
5-9ubuntu3.1_powerpc.deb
Size/MD5: 34092 b8da4cfaff13e12c480b9703a7ee30da
http://security.ubuntu.com/ubuntu/pool/main/p/postfix/postfix-pgsql_2.1=
=2E5-9ubuntu3.1_powerpc.deb
Size/MD5: 34780 8be7cdf056113d6f1216913661836af8
http://security.ubuntu.com/ubuntu/pool/main/p/postfix/postfix-tls_2.1.5=
-9ubuntu3.1_powerpc.deb
Size/MD5: 168392 b88488c15128976f43268591cb512c24
http://security.ubuntu.com/ubuntu/pool/main/p/postfix/postfix_2.1.5-9ub=
untu3.1_powerpc.deb
Size/MD5: 877008 43221e95cc5c65c3498abd5f9ddb157e

Updated packages for Ubuntu 5.10:

Source archives:

http://security.ubuntu.com/ubuntu/pool/main/d/dovecot/dovecot_0.99.14-1=
ubuntu1.1.diff.gz
Size/MD5: 27126 3fd143fefd809ebbefecc150a74947c4
http://security.ubuntu.com/ubuntu/pool/main/d/dovecot/dovecot_0.99.14-1=
ubuntu1.1.dsc
Size/MD5: 761 855f9a3712f148a2ef168b06be8f177c
http://security.ubuntu.com/ubuntu/pool/main/d/dovecot/dovecot_0.99.14.o=
rig.tar.gz
Size/MD5: 871285 a12e26fd378a46c31ec3a81ab7b55b5b
http://security.ubuntu.com/ubuntu/pool/main/e/exim4/exim4_4.52-1ubuntu0=
=2E1.diff.gz
Size/MD5: 468930 6281cae7b68991dfd5424f7873a99292
http://security.ubuntu.com/ubuntu/pool/main/e/exim4/exim4_4.52-1ubuntu0=
=2E1.dsc
Size/MD5: 1060 d63caa05cc23fc419fb7558d01464cc3
http://security.ubuntu.com/ubuntu/pool/main/e/exim4/exim4_4.52.orig.tar=
=2Egz
Size/MD5: 1990727 299a40aaa75ee9de9f6048239cbfc38c
http://security.ubuntu.com/ubuntu/pool/main/p/postfix/postfix_2.2.4-1ub=
untu2.1.diff.gz
Size/MD5: 145021 4d548439afa868b4a88d7d7244d4ff21
http://security.ubuntu.com/ubuntu/pool/main/p/postfix/postfix_2.2.4-1ub=
untu2.1.dsc
Size/MD5: 852 afc3aa012b5e3e3be90c362cf88c3c85
http://security.ubuntu.com/ubuntu/pool/main/p/postfix/postfix_2.2.4.ori=
g.tar.gz
Size/MD5: 2427281 77394db3a4ebe578fa453502040698ac

Architecture independent packages:

http://security.ubuntu.com/ubuntu/pool/main/d/dovecot/dovecot_0.99.14-1=
ubuntu1.1_all.deb
Size/MD5: 7742 28bab2e1fc9cc14c9b7069e0acd11bca
http://security.ubuntu.com/ubuntu/pool/main/e/exim4/exim4-config_4.52-1=
ubuntu0.1_all.deb
Size/MD5: 247598 18b47b93e49ee693b5895b463660b4cc
http://security.ubuntu.com/ubuntu/pool/universe/e/exim4/exim4_4.52-1ubu=
ntu0.1_all.deb
Size/MD5: 1134 fc09d2b941ef5feecfd36422f3e7dfcc
http://security.ubuntu.com/ubuntu/pool/main/p/postfix/postfix-dev_2.2.4=
-1ubuntu2.1_all.deb
Size/MD5: 109476 9f7b821fe18085c83e0397117673cc23
http://security.ubuntu.com/ubuntu/pool/main/p/postfix/postfix-doc_2.2.4=
-1ubuntu2.1_all.deb
Size/MD5: 655600 8f736baf9008c0e95b895a84e31d2c6f

amd64 architecture (Athlon64, Opteron, EM64T Xeon)

http://security.ubuntu.com/ubuntu/pool/main/d/dovecot/dovecot-common_0.=
99.14-1ubuntu1.1_amd64.deb
Size/MD5: 260170 5c55a3ecacc8f6f50547e56b95737263
http://security.ubuntu.com/ubuntu/pool/main/d/dovecot/dovecot-imapd_0.9=
9.14-1ubuntu1.1_amd64.deb
Size/MD5: 315484 a8b17f32b8d05bf07b6e53a56644a8e4
http://security.ubuntu.com/ubuntu/pool/main/d/dovecot/dovecot-pop3d_0.9=
9.14-1ubuntu1.1_amd64.deb
Size/MD5: 289070 db6c2d956e26a1377b40b4858eb3fd2a
http://security.ubuntu.com/ubuntu/pool/main/e/exim4/exim4-base_4.52-1ub=
untu0.1_amd64.deb
Size/MD5: 836786 18680c12905c9ff827ee728c26ff79a0
http://security.ubuntu.com/ubuntu/pool/main/e/exim4/exim4-daemon-heavy_=
4.52-1ubuntu0.1_amd64.deb
Size/MD5: 460294 4f9e11869c68824983430c65f3ffd897
http://security.ubuntu.com/ubuntu/pool/main/e/exim4/exim4-daemon-light_=
4.52-1ubuntu0.1_amd64.deb
Size/MD5: 406816 65800202851a53314eba5fe6f134c142
http://security.ubuntu.com/ubuntu/pool/universe/e/exim4/eximon4_4.52-1u=
buntu0.1_amd64.deb
Size/MD5: 82432 9b4825151fafa6eb8fcc7f94ee1fa86b
http://security.ubuntu.com/ubuntu/pool/main/p/postfix/postfix-ldap_2.2.=
4-1ubuntu2.1_amd64.deb
Size/MD5: 39464 eff6d24868223136877e3e98b54304e2
http://security.ubuntu.com/ubuntu/pool/main/p/postfix/postfix-mysql_2.2=
=2E4-1ubuntu2.1_amd64.deb
Size/MD5: 34726 f69736862efa52419c8d930457f8588d
http://security.ubuntu.com/ubuntu/pool/main/p/postfix/postfix-pcre_2.2.=
4-1ubuntu2.1_amd64.deb
Size/MD5: 34276 9d1964d8f602e35a855604fa066d80aa
http://security.ubuntu.com/ubuntu/pool/main/p/postfix/postfix-pgsql_2.2=
=2E4-1ubuntu2.1_amd64.deb
Size/MD5: 34588 6da772723c68979e93d780c881cd4f3b
http://security.ubuntu.com/ubuntu/pool/main/p/postfix/postfix_2.2.4-1ub=
untu2.1_amd64.deb
Size/MD5: 987528 f031b1ad7511d94a0f4c5649d4174fea

i386 architecture (x86 compatible Intel/AMD)

http://security.ubuntu.com/ubuntu/pool/main/d/dovecot/dovecot-common_0.=
99.14-1ubuntu1.1_i386.deb
Size/MD5: 240766 6676d1a97f70e5c9e471cf1c10dfbb6d
http://security.ubuntu.com/ubuntu/pool/main/d/dovecot/dovecot-imapd_0.9=
9.14-1ubuntu1.1_i386.deb
Size/MD5: 283682 662a48b2528c7aec4961002db3fd4b1a
http://security.ubuntu.com/ubuntu/pool/main/d/dovecot/dovecot-pop3d_0.9=
9.14-1ubuntu1.1_i386.deb
Size/MD5: 259402 532fbb4e76cc17d2b560e3b6a1b33f99
http://security.ubuntu.com/ubuntu/pool/main/e/exim4/exim4-base_4.52-1ub=
untu0.1_i386.deb
Size/MD5: 833830 110ad2c340cd2619e50b3b42361e86da
http://security.ubuntu.com/ubuntu/pool/main/e/exim4/exim4-daemon-heavy_=
4.52-1ubuntu0.1_i386.deb
Size/MD5: 416656 9743ce903d5d4db407eb7bc7177924c0
http://security.ubuntu.com/ubuntu/pool/main/e/exim4/exim4-daemon-light_=
4.52-1ubuntu0.1_i386.deb
Size/MD5: 367752 6f04d88cf362ff01d251b3eafe46f34a
http://security.ubuntu.com/ubuntu/pool/universe/e/exim4/eximon4_4.52-1u=
buntu0.1_i386.deb
Size/MD5: 77712 804bdae1b53386b7566109e6d6c53fca
http://security.ubuntu.com/ubuntu/pool/main/p/postfix/postfix-ldap_2.2.=
4-1ubuntu2.1_i386.deb
Size/MD5: 38434 61fd8bc9591c66be64a5b5867fac9892
http://security.ubuntu.com/ubuntu/pool/main/p/postfix/postfix-mysql_2.2=
=2E4-1ubuntu2.1_i386.deb
Size/MD5: 34316 d92f64a6089167b89d8698c6041f5f47
http://security.ubuntu.com/ubuntu/pool/main/p/postfix/postfix-pcre_2.2.=
4-1ubuntu2.1_i386.deb
Size/MD5: 33716 ee16f260cd106f77b8025d3d38827196
http://security.ubuntu.com/ubuntu/pool/main/p/postfix/postfix-pgsql_2.2=
=2E4-1ubuntu2.1_i386.deb
Size/MD5: 34158 466627283a472e1fc863c78c06b16c7e
http://security.ubuntu.com/ubuntu/pool/main/p/postfix/postfix_2.2.4-1ub=
untu2.1_i386.deb
Size/MD5: 910972 07e6d8b30e574f3e73e1060b4b41bb2a

powerpc architecture (Apple Macintosh G3/G4/G5)

http://security.ubuntu.com/ubuntu/pool/main/d/dovecot/dovecot-common_0.=
99.14-1ubuntu1.1_powerpc.deb
Size/MD5: 257066 54d42da15afff116c908f58701576e8e
http://security.ubuntu.com/ubuntu/pool/main/d/dovecot/dovecot-imapd_0.9=
9.14-1ubuntu1.1_powerpc.deb
Size/MD5: 314050 f6790727d0314c9857d091538294eb49
http://security.ubuntu.com/ubuntu/pool/main/d/dovecot/dovecot-pop3d_0.9=
9.14-1ubuntu1.1_powerpc.deb
Size/MD5: 286638 deeb0e7273a5735f1501d3907a1b1b1c
http://security.ubuntu.com/ubuntu/pool/main/e/exim4/exim4-base_4.52-1ub=
untu0.1_powerpc.deb
Size/MD5: 842672 c938548b25af8c6e8a9a91fc444c561e
http://security.ubuntu.com/ubuntu/pool/main/e/exim4/exim4-daemon-heavy_=
4.52-1ubuntu0.1_powerpc.deb
Size/MD5: 462364 8d11279fed9e5bb629e41c1d7c3c5986
http://security.ubuntu.com/ubuntu/pool/main/e/exim4/exim4-daemon-light_=
4.52-1ubuntu0.1_powerpc.deb
Size/MD5: 408412 bfca4bf404e02f800db8a3995080b6a6
http://security.ubuntu.com/ubuntu/pool/universe/e/exim4/eximon4_4.52-1u=
buntu0.1_powerpc.deb
Size/MD5: 84192 b82e5edb2d0398a7171bd2079953eaf0
http://security.ubuntu.com/ubuntu/pool/main/p/postfix/postfix-ldap_2.2.=
4-1ubuntu2.1_powerpc.deb
Size/MD5: 40202 77bd56185593ae219aada54b0225ffe4
http://security.ubuntu.com/ubuntu/pool/main/p/postfix/postfix-mysql_2.2=
=2E4-1ubuntu2.1_powerpc.deb
Size/MD5: 36160 0e53a13c61e66966b12bea2e3db9627d
http://security.ubuntu.com/ubuntu/pool/main/p/postfix/postfix-pcre_2.2.=
4-1ubuntu2.1_powerpc.deb
Size/MD5: 35666 4008d85e8ea56762343dbe556bdf4501
http://security.ubuntu.com/ubuntu/pool/main/p/postfix/postfix-pgsql_2.2=
=2E4-1ubuntu2.1_powerpc.deb
Size/MD5: 36026 4e77a311c431beb525a87a4fdce556a1
http://security.ubuntu.com/ubuntu/pool/main/p/postfix/postfix_2.2.4-1ub=
untu2.1_powerpc.deb
Size/MD5: 1011988 ffa173c1ec058be86dc611d8ae502ae6

Updated packages for Ubuntu 6.06 LTS:

Source archives:

http://security.ubuntu.com/ubuntu/pool/main/d/dovecot/dovecot_1.0.beta3=
-3ubuntu5.1.diff.gz
Size/MD5: 467397 84e421e425626e95818ab0e6bb78507a
http://security.ubuntu.com/ubuntu/pool/main/d/dovecot/dovecot_1.0.beta3=
-3ubuntu5.1.dsc
Size/MD5: 869 7e34176053b4d9cc71ce6cef1e91e0dd
http://security.ubuntu.com/ubuntu/pool/main/d/dovecot/dovecot_1.0.beta3=
=2Eorig.tar.gz
Size/MD5: 1360574 5418f9f7fe99e4f10bb82d9fe504138a
http://security.ubuntu.com/ubuntu/pool/main/e/exim4/exim4_4.60-3ubuntu3=
=2E1.diff.gz
Size/MD5: 325886 0fb41c8454b2ff60edddc03cd6fdc7c9
http://security.ubuntu.com/ubuntu/pool/main/e/exim4/exim4_4.60-3ubuntu3=
=2E1.dsc
Size/MD5: 1063 ed54cdc4fe6404cc51ad8884da6f9228
http://security.ubuntu.com/ubuntu/pool/main/e/exim4/exim4_4.60.orig.tar=
=2Egz
Size/MD5: 2022260 5f8e5834c648ac9a62bb8ab6ad2a6227
http://security.ubuntu.com/ubuntu/pool/main/p/postfix/postfix_2.2.10-1u=
buntu0.1.diff.gz
Size/MD5: 155767 7365365589b7e642ac0a84f18b33082a
http://security.ubuntu.com/ubuntu/pool/main/p/postfix/postfix_2.2.10-1u=
buntu0.1.dsc
Size/MD5: 891 f82df216818f1af810134abdad18e019
http://security.ubuntu.com/ubuntu/pool/main/p/postfix/postfix_2.2.10.or=
ig.tar.gz
Size/MD5: 2443513 440a4702182a79ac2f51e8974fb742c9

Architecture independent packages:

http://security.ubuntu.com/ubuntu/pool/main/e/exim4/exim4-config_4.60-3=
ubuntu3.1_all.deb
Size/MD5: 262974 be5938c58c4bdc5b5edc9a42d72c1c13
http://security.ubuntu.com/ubuntu/pool/main/e/exim4/exim4_4.60-3ubuntu3=
=2E1_all.deb
Size/MD5: 1578 bb0518f1659df1557048b770abdad1b0
http://security.ubuntu.com/ubuntu/pool/main/p/postfix/postfix-dev_2.2.1=
0-1ubuntu0.1_all.deb
Size/MD5: 110882 c6bb3f33e3e13d8dfb025ea6726fb054
http://security.ubuntu.com/ubuntu/pool/main/p/postfix/postfix-doc_2.2.1=
0-1ubuntu0.1_all.deb
Size/MD5: 665714 7890ffba13c8d8cf34a6734f06589084

amd64 architecture (Athlon64, Opteron, EM64T Xeon)

http://security.ubuntu.com/ubuntu/pool/main/d/dovecot/dovecot-common_1.=
0.beta3-3ubuntu5.1_amd64.deb
Size/MD5: 962494 beb0422c24d9a9467022c0e2e4537d8f
http://security.ubuntu.com/ubuntu/pool/main/d/dovecot/dovecot-imapd_1.0=
=2Ebeta3-3ubuntu5.1_amd64.deb
Size/MD5: 532400 4b3f8965b3ce4fb5be7ce08416342bd9
http://security.ubuntu.com/ubuntu/pool/main/d/dovecot/dovecot-pop3d_1.0=
=2Ebeta3-3ubuntu5.1_amd64.deb
Size/MD5: 500552 724c8a04b310d65c91cffbf2f487b6dd
http://security.ubuntu.com/ubuntu/pool/main/e/exim4/exim4-base_4.60-3ub=
untu3.1_amd64.deb
Size/MD5: 876836 c21f4fa14e1378d24927908e1ab58412
http://security.ubuntu.com/ubuntu/pool/main/e/exim4/exim4-daemon-heavy_=
4.60-3ubuntu3.1_amd64.deb
Size/MD5: 468422 7ae7e10a60af0fdb876bb7f2872b477c
http://security.ubuntu.com/ubuntu/pool/main/e/exim4/exim4-daemon-light_=
4.60-3ubuntu3.1_amd64.deb
Size/MD5: 414490 4114ea311c8b398ee3b63007f1f18aec
http://security.ubuntu.com/ubuntu/pool/main/e/exim4/eximon4_4.60-3ubunt=
u3.1_amd64.deb
Size/MD5: 86398 759736cd7914aff54053065271e6cc22
http://security.ubuntu.com/ubuntu/pool/main/p/postfix/postfix-ldap_2.2.=
10-1ubuntu0.1_amd64.deb
Size/MD5: 40514 beb6b9901297aecd2207e7b6cf6288b5
http://security.ubuntu.com/ubuntu/pool/main/p/postfix/postfix-mysql_2.2=
=2E10-1ubuntu0.1_amd64.deb
Size/MD5: 35728 767c0b0de170bc0a11fe0fc41f5dd6db
http://security.ubuntu.com/ubuntu/pool/main/p/postfix/postfix-pcre_2.2.=
10-1ubuntu0.1_amd64.deb
Size/MD5: 35344 98c69bf98e6e178f481592fe693bc889
http://security.ubuntu.com/ubuntu/pool/main/p/postfix/postfix-pgsql_2.2=
=2E10-1ubuntu0.1_amd64.deb
Size/MD5: 35540 82e663d429fb2ea74190e0ece4e902c2
http://security.ubuntu.com/ubuntu/pool/main/p/postfix/postfix_2.2.10-1u=
buntu0.1_amd64.deb
Size/MD5: 1001770 61e88d0dee4d10f6f327bd6a1549d974

i386 architecture (x86 compatible Intel/AMD)

http://security.ubuntu.com/ubuntu/pool/main/d/dovecot/dovecot-common_1.=
0.beta3-3ubuntu5.1_i386.deb
Size/MD5: 838372 67e454c42a0bc98d6bd493d767ef9b8a
http://security.ubuntu.com/ubuntu/pool/main/d/dovecot/dovecot-imapd_1.0=
=2Ebeta3-3ubuntu5.1_i386.deb
Size/MD5: 485598 795b33ee2544f9725c8fea95ed869eeb
http://security.ubuntu.com/ubuntu/pool/main/d/dovecot/dovecot-pop3d_1.0=
=2Ebeta3-3ubuntu5.1_i386.deb
Size/MD5: 456320 58489840eda39de790d7123e5359bcf5
http://security.ubuntu.com/ubuntu/pool/main/e/exim4/exim4-base_4.60-3ub=
untu3.1_i386.deb
Size/MD5: 873870 5570ba183d145884094fa7166102cb68
http://security.ubuntu.com/ubuntu/pool/main/e/exim4/exim4-daemon-heavy_=
4.60-3ubuntu3.1_i386.deb
Size/MD5: 423558 b381d166ab50c16f8d646fd379562efe
http://security.ubuntu.com/ubuntu/pool/main/e/exim4/exim4-daemon-light_=
4.60-3ubuntu3.1_i386.deb
Size/MD5: 374134 f2b29f489de1966713bafa7d9ab65de5
http://security.ubuntu.com/ubuntu/pool/main/e/exim4/eximon4_4.60-3ubunt=
u3.1_i386.deb
Size/MD5: 81706 97a0492d520e2ad804a31091b724ce05
http://security.ubuntu.com/ubuntu/pool/main/p/postfix/postfix-ldap_2.2.=
10-1ubuntu0.1_i386.deb
Size/MD5: 39448 6336f2cea35d77b7b5632d57d857b4d9
http://security.ubuntu.com/ubuntu/pool/main/p/postfix/postfix-mysql_2.2=
=2E10-1ubuntu0.1_i386.deb
Size/MD5: 35280 d8f4590ee3ce24323708cfd8c6a01440
http://security.ubuntu.com/ubuntu/pool/main/p/postfix/postfix-pcre_2.2.=
10-1ubuntu0.1_i386.deb
Size/MD5: 34732 20ccbdf3d565ce9809993247a0810f43
http://security.ubuntu.com/ubuntu/pool/main/p/postfix/postfix-pgsql_2.2=
=2E10-1ubuntu0.1_i386.deb
Size/MD5: 35094 06934d478132fda532a4a7b428df1977
http://security.ubuntu.com/ubuntu/pool/main/p/postfix/postfix_2.2.10-1u=
buntu0.1_i386.deb
Size/MD5: 922958 29714ee5a14e7d450945861234d164b4

powerpc architecture (Apple Macintosh G3/G4/G5)

http://security.ubuntu.com/ubuntu/pool/main/d/dovecot/dovecot-common_1.=
0.beta3-3ubuntu5.1_powerpc.deb
Size/MD5: 940726 10c8f031ac47c72466e9510675fd9b7b
http://security.ubuntu.com/ubuntu/pool/main/d/dovecot/dovecot-imapd_1.0=
=2Ebeta3-3ubuntu5.1_powerpc.deb
Size/MD5: 526210 6c50738f3e289c156110e30c5d187f83
http://security.ubuntu.com/ubuntu/pool/main/d/dovecot/dovecot-pop3d_1.0=
=2Ebeta3-3ubuntu5.1_powerpc.deb
Size/MD5: 493892 f91762a082d24fa43d952a02e0b019d2
http://security.ubuntu.com/ubuntu/pool/main/e/exim4/exim4-base_4.60-3ub=
untu3.1_powerpc.deb
Size/MD5: 883686 35000d2c6575ffaeae422e4e9a5df64c
http://security.ubuntu.com/ubuntu/pool/main/e/exim4/exim4-daemon-heavy_=
4.60-3ubuntu3.1_powerpc.deb
Size/MD5: 469718 7cd83bc91708d2b0956f21855e6be3f5
http://security.ubuntu.com/ubuntu/pool/main/e/exim4/exim4-daemon-light_=
4.60-3ubuntu3.1_powerpc.deb
Size/MD5: 416166 adafd22508c06d38c71210365d93d110
http://security.ubuntu.com/ubuntu/pool/main/e/exim4/eximon4_4.60-3ubunt=
u3.1_powerpc.deb
Size/MD5: 88388 351f4a9537a0d571175918fbb2305016
http://security.ubuntu.com/ubuntu/pool/main/p/postfix/postfix-ldap_2.2.=
10-1ubuntu0.1_powerpc.deb
Size/MD5: 41168 a1c650bc4aa9aeee36eac83d5a1b2399
http://security.ubuntu.com/ubuntu/pool/main/p/postfix/postfix-mysql_2.2=
=2E10-1ubuntu0.1_powerpc.deb
Size/MD5: 37152 2d66a39848846dab066e41e579f8e39b
http://security.ubuntu.com/ubuntu/pool/main/p/postfix/postfix-pcre_2.2.=
10-1ubuntu0.1_powerpc.deb
Size/MD5: 36712 091e7c585786cb4b6bff6fc97342c37f
http://security.ubuntu.com/ubuntu/pool/main/p/postfix/postfix-pgsql_2.2=
=2E10-1ubuntu0.1_powerpc.deb
Size/MD5: 36980 0a5b166ef04bb74ddfab5d6ed60f14d2
http://security.ubuntu.com/ubuntu/pool/main/p/postfix/postfix_2.2.10-1u=
buntu0.1_powerpc.deb
Size/MD5: 1022104 352e877a6a963776174e15996f64fe5e


--2/5bycvrmDh4d1IB
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: Digital signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2.2 (GNU/Linux)

iD8DBQFEiVGODecnbV4Fd/IRAhYOAKDzDKWYDXKx9swTzStgV+i6FubEoACgnfuw
8H3XoulEEEYRxlmvMaFJ+/4=
=tUjY
-----END PGP SIGNATURE-----



Printed from Linux Compatible (http://www.linuxcompatible.org/news/story/usn_288_3_postgresql_client_vulnerabilities.html)