From security at tinysofa.org Wed Jun 2 11:43:00 2004 From: security at tinysofa.org (tinysofa Security Team) Date: Wed, 2 Jun 2004 21:43:00 +1000 Subject: [tinysofa-announce] TSSA-2004-008 - apache Message-ID: <20040602114300.GA20672@tinysofa.org> =========================================================================== _ |_ . _ _ _ (_ _ |_ | | ) \/ _) (_) | (_| / Security Advisory #2004-008 Package names: apache Summary: Boundary Condition Error Advisory ID: TSSA-2004-008 Date: 2004-06-02 Affected versions: tinysofa enterprise server 1.0 tinysofa enterprise server 1.0-U1 =========================================================================== Security Fixes ============== Description ----------- apache: * Georgi Guninski discovered [1] a stack-based buffer overflow in the "SSLOptions +FakeBasicAuth" implementation of Apache's SSL/TLS extension module mod_ssl [0]. The overflow can occur if the Subject-DN in the client certificate exceeds 6KB in length and mod_ssl is configured to trust the issuing CA. The Common Vulnerabilities and Exposures (CVE) project assigned the id CAN-2004-0488 [2] to the problem. References ---------- [0] http://www.modssl.org/ [1] http://lists.netsys.com/pipermail/full-disclosure/2004-May/021610.html [2] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0488 Recommended Action ================== We recommend that all systems with these packages installed be upgraded. Please note that if you do not need the functionality provided by this package, you may want to remove it from your system. Location ======== All tinysofa updates are available from Automatic Updates ================= Users of the SWUP tool can enjoy having updates automatically installed using 'swup --upgrade'. Questions? ========== Check out our mailing lists: Verification ============ This advisory is signed with the tinysofa security sign key. This key is available from: All tinysofa packages are signed with the tinysofa stable sign key. This key is available from: The advisory is available from the tinysofa errata database at or directly at MD5sums Of The Packages ======================= b3ba8a04271c9b998527088b795fefdc apache-2.0.49-9ts.i586.rpm 2503a219d5bab57badd24df4c65c8647 apache-dbm-2.0.49-9ts.i586.rpm 8186ab1bdea195361f728e7a2251328a apache-devel-2.0.49-9ts.i586.rpm 3386f280b2ee1589eb1010d7a0d2ec35 apache-manual-2.0.49-9ts.i586.rpm 3e9e97b467af635997066bffc4fbbec8 apr-0.9.5-9ts.i586.rpm 7175e597215b0708ebd79c34e656d5c7 apr-devel-0.9.5-9ts.i586.rpm c553f65ab1b16124171ea0f0c800102a apr-util-0.9.5-9ts.i586.rpm 742f59fc0f3cc5f05cc3414c1b20db97 apr-util-devel-0.9.5-9ts.i586.rpm -- tinysofa Security Team -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: not available Url : http://lists.tinysofa.org/pipermail/tinysofa-announce/attachments/20040602/aac88645/attachment.bin From security at tinysofa.org Wed Jun 2 11:44:42 2004 From: security at tinysofa.org (tinysofa Security Team) Date: Wed, 2 Jun 2004 21:44:42 +1000 Subject: [tinysofa-announce] TSSA-2004-009 - kerberos5 Message-ID: <20040602114442.GB20672@tinysofa.org> =========================================================================== _ |_ . _ _ _ (_ _ |_ | | ) \/ _) (_) | (_| / Security Advisory #2004-009 Package names: kerberos5 Summary: Arbitary Code Execution Advisory ID: TSSA-2004-009 Date: 2004-06-02 Affected versions: tinysofa enterprise server 1.0 tinysofa enterprise server 1.0-U1 =========================================================================== Security Fixes ============== Description ----------- kerberos5: * The krb5_aname_to_localname() library function contains multiple buffer overflows which could be exploited to gain unauthorized root access. Exploitation of these flaws requires an unusual combination of factors, including successful authentication to a vulnerable service and a non-default configuration on the target service. This flaw effects all releases of MIT Kerberos 5 [0], up to and including krb5-1.3.3. This problem has been assigned the id MITKRB5-SA-2004-001 [1]. References ---------- [0] http://web.mit.edu/kerberos/www/ [1] http://web.mit.edu/kerberos/www/advisories/ Recommended Action ================== We recommend that all systems with these packages installed be upgraded. Please note that if you do not need the functionality provided by this package, you may want to remove it from your system. Location ======== All tinysofa updates are available from Automatic Updates ================= Users of the SWUP tool can enjoy having updates automatically installed using 'swup --upgrade'. Questions? ========== Check out our mailing lists: Verification ============ This advisory is signed with the tinysofa security sign key. This key is available from: All tinysofa packages are signed with the tinysofa stable sign key. This key is available from: The advisory is available from the tinysofa errata database at or directly at MD5sums Of The Packages ======================= 3b57bce78cadabfb6a231bbc6bb32b6c kerberos5-1.3.3-3ts.i586.rpm f13a566fa54b42bf7ea5fe34bdb22e75 kerberos5-devel-1.3.3-3ts.i586.rpm 5a1f1c757fe960e8510dc1b219e5bf41 kerberos5-libs-1.3.3-3ts.i586.rpm -- tinysofa Security Team -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: not available Url : http://lists.tinysofa.org/pipermail/tinysofa-announce/attachments/20040602/2936bf3d/attachment.bin From security at tinysofa.org Wed Jun 2 11:43:00 2004 From: security at tinysofa.org (tinysofa Security Team) Date: Wed, 2 Jun 2004 21:43:00 +1000 Subject: [tinysofa-announce] TSSA-2004-008 - apache Message-ID: <20040602114300.GA20672@tinysofa.org> =========================================================================== _ |_ . _ _ _ (_ _ |_ | | ) \/ _) (_) | (_| / Security Advisory #2004-008 Package names: apache Summary: Boundary Condition Error Advisory ID: TSSA-2004-008 Date: 2004-06-02 Affected versions: tinysofa enterprise server 1.0 tinysofa enterprise server 1.0-U1 =========================================================================== Security Fixes ============== Description ----------- apache: * Georgi Guninski discovered [1] a stack-based buffer overflow in the "SSLOptions +FakeBasicAuth" implementation of Apache's SSL/TLS extension module mod_ssl [0]. The overflow can occur if the Subject-DN in the client certificate exceeds 6KB in length and mod_ssl is configured to trust the issuing CA. The Common Vulnerabilities and Exposures (CVE) project assigned the id CAN-2004-0488 [2] to the problem. References ---------- [0] http://www.modssl.org/ [1] http://lists.netsys.com/pipermail/full-disclosure/2004-May/021610.html [2] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0488 Recommended Action ================== We recommend that all systems with these packages installed be upgraded. Please note that if you do not need the functionality provided by this package, you may want to remove it from your system. Location ======== All tinysofa updates are available from Automatic Updates ================= Users of the SWUP tool can enjoy having updates automatically installed using 'swup --upgrade'. Questions? ========== Check out our mailing lists: Verification ============ This advisory is signed with the tinysofa security sign key. This key is available from: All tinysofa packages are signed with the tinysofa stable sign key. This key is available from: The advisory is available from the tinysofa errata database at or directly at MD5sums Of The Packages ======================= b3ba8a04271c9b998527088b795fefdc apache-2.0.49-9ts.i586.rpm 2503a219d5bab57badd24df4c65c8647 apache-dbm-2.0.49-9ts.i586.rpm 8186ab1bdea195361f728e7a2251328a apache-devel-2.0.49-9ts.i586.rpm 3386f280b2ee1589eb1010d7a0d2ec35 apache-manual-2.0.49-9ts.i586.rpm 3e9e97b467af635997066bffc4fbbec8 apr-0.9.5-9ts.i586.rpm 7175e597215b0708ebd79c34e656d5c7 apr-devel-0.9.5-9ts.i586.rpm c553f65ab1b16124171ea0f0c800102a apr-util-0.9.5-9ts.i586.rpm 742f59fc0f3cc5f05cc3414c1b20db97 apr-util-devel-0.9.5-9ts.i586.rpm -- tinysofa Security Team -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: not available Url : http://lists.tinysofa.org/pipermail/tinysofa-announce/attachments/20040602/aac88645/attachment-0001.bin From security at tinysofa.org Wed Jun 2 11:44:42 2004 From: security at tinysofa.org (tinysofa Security Team) Date: Wed, 2 Jun 2004 21:44:42 +1000 Subject: [tinysofa-announce] TSSA-2004-009 - kerberos5 Message-ID: <20040602114442.GB20672@tinysofa.org> =========================================================================== _ |_ . _ _ _ (_ _ |_ | | ) \/ _) (_) | (_| / Security Advisory #2004-009 Package names: kerberos5 Summary: Arbitary Code Execution Advisory ID: TSSA-2004-009 Date: 2004-06-02 Affected versions: tinysofa enterprise server 1.0 tinysofa enterprise server 1.0-U1 =========================================================================== Security Fixes ============== Description ----------- kerberos5: * The krb5_aname_to_localname() library function contains multiple buffer overflows which could be exploited to gain unauthorized root access. Exploitation of these flaws requires an unusual combination of factors, including successful authentication to a vulnerable service and a non-default configuration on the target service. This flaw effects all releases of MIT Kerberos 5 [0], up to and including krb5-1.3.3. This problem has been assigned the id MITKRB5-SA-2004-001 [1]. References ---------- [0] http://web.mit.edu/kerberos/www/ [1] http://web.mit.edu/kerberos/www/advisories/ Recommended Action ================== We recommend that all systems with these packages installed be upgraded. Please note that if you do not need the functionality provided by this package, you may want to remove it from your system. Location ======== All tinysofa updates are available from Automatic Updates ================= Users of the SWUP tool can enjoy having updates automatically installed using 'swup --upgrade'. Questions? ========== Check out our mailing lists: Verification ============ This advisory is signed with the tinysofa security sign key. This key is available from: All tinysofa packages are signed with the tinysofa stable sign key. This key is available from: The advisory is available from the tinysofa errata database at or directly at MD5sums Of The Packages ======================= 3b57bce78cadabfb6a231bbc6bb32b6c kerberos5-1.3.3-3ts.i586.rpm f13a566fa54b42bf7ea5fe34bdb22e75 kerberos5-devel-1.3.3-3ts.i586.rpm 5a1f1c757fe960e8510dc1b219e5bf41 kerberos5-libs-1.3.3-3ts.i586.rpm -- tinysofa Security Team -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: not available Url : http://lists.tinysofa.org/pipermail/tinysofa-announce/attachments/20040602/2936bf3d/attachment-0001.bin From security at tinysofa.org Wed Jun 9 11:20:52 2004 From: security at tinysofa.org (tinysofa Security Team) Date: Wed, 9 Jun 2004 21:20:52 +1000 Subject: [tinysofa-announce] TSSA-2004-010 - squid Message-ID: <20040609112051.GA24512@tinysofa.org> =========================================================================== _ |_ . _ _ _ (_ _ |_ | | ) \/ _) (_) | (_| / Security Advisory #2004-010 Package name: squid Summary: Arbitary Code Execution Advisory ID: TSSA-2004-010 Date: 2004-06-09 Affected versions: tinysofa enterprise server 1.0 tinysofa enterprise server 1.0-U1 =========================================================================== Security Fixes ============== Description ----------- squid: * Remote exploitation of a buffer overflow vulnerability in Squid Web Proxy Cache [0] could allow a remote attacker to execute arbitrary code. Squid Web Proxy Cache supports Basic, Digest and NTLM authentication. The vulnerability specifically exists within the NTLM authentication helper routine, ntlm_check_auth(), located in helpers/ntlm_auth/SMB/libntlmssp.c: char *ntlm_check_auth(ntlm_authenticate * auth, int auth_length) { int rv; char pass[25] /*, encrypted_pass[40] */; char *domain = credentials; ... memcpy(pass, tmp.str, tmp.l); ... The function contains a buffer overflow vulnerability due to a lack of bounds checking on the values copied to the 'pass' variable. Both the 'tmp.str' and 'tmp.l' variables used in the memcpy() call contain user-supplied data. This problem has been assigned the name CAN-2004-0541 [1] by the Common Vulnerabilities and Exposures (CVE) project. This problem was first reported by iDEFENSE [2]. References ---------- [0] http://http://www.squid-cache.org/ [1] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0541 [2] http://www.idefense.com/application/poi/display?id=107 Recommended Action ================== We recommend that all systems with these packages installed be upgraded. Please note that if you do not need the functionality provided by this package, you may want to remove it from your system. Location ======== All tinysofa updates are available from Automatic Updates ================= Users of the SWUP tool can enjoy having updates automatically installed using 'swup --upgrade'. Questions? ========== Check out our mailing lists: Verification ============ This advisory is signed with the tinysofa security sign key. This key is available from: All tinysofa packages are signed with the tinysofa stable sign key. This key is available from: The advisory is available from the tinysofa errata database at or directly at MD5sums Of The Packages ======================= 1fc7bd552435e8c6605d1cdd064d2edc squid-2.5.STABLE5-6ts.i586.rpm -- tinysofa Security Team -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: not available Url : http://lists.tinysofa.org/pipermail/tinysofa-announce/attachments/20040609/3be3aaed/attachment.bin From security at tinysofa.org Fri Jun 18 08:49:54 2004 From: security at tinysofa.org (tinysofa Security Team) Date: Fri, 18 Jun 2004 18:49:54 +1000 Subject: [tinysofa-announce] TSSA-2004-011 - kernel Message-ID: <20040618084954.GA312@tinysofa.org> =========================================================================== _ |_ . _ _ _ (_ _ |_ | | ) \/ _) (_) | (_| / Security Advisory #2004-011 Package name: kernel Summary: Denial Of Service Advisory ID: TSSA-2004-011 Date: 2004-06-18 Affected versions: tinysofa enterprise server 1.0 tinysofa enterprise server 1.0-U1 Immune versions: tinysofa enterprise server 1.0-U2 =========================================================================== Security Fixes ============== Description ----------- kernel: * Linux kernel [0] 2.4.2x and 2.6.x for x86 allows local users to cause a denial of service (system crash), possibly via an infinite loop that triggers a signal handler with a certain sequence of fsave and frstor instructions. This problem has been assigned the name CAN-2004-0554 [1] by the Common Vulnerabilities and Exposures (CVE) project. This problem was first reported by ?yvind S?ther [2]. References ---------- [0] http://www.kernel.org/ [1] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0554 [2] http://linuxreviews.org/news/2004-06-11_kernel_crash/index.html Recommended Action ================== We recommend that all systems with these packages installed be upgraded. Please note that if you do not need the functionality provided by this package, you may want to remove it from your system. Location ======== All tinysofa updates are available from Automatic Updates ================= Users of the SWUP tool can enjoy having updates automatically installed using 'swup --upgrade'. Questions? ========== Check out our mailing lists: Verification ============ This advisory is signed with the tinysofa security sign key. This key is available from: All tinysofa packages are signed with the tinysofa stable sign key. This key is available from: The advisory is available from the tinysofa errata database at or directly at MD5sums Of The Packages ======================= f946d5730ca05552c2e4558c30f85385 kernel-2.4.26-7ts.i586.rpm f6830e8c4fabd1fe2ca6f10ba51d470f kernel-BOOT-2.4.26-7ts.i586.rpm a2514654659e6d5a3bf3070122ad5ebe kernel-doc-2.4.26-7ts.i586.rpm f1b166ec413f2bea0e6b8cb3f59cf6d8 kernel-firewall-2.4.26-7ts.i586.rpm bba4b058793545867b5ef0ba76beea89 kernel-firewallsmp-2.4.26-7ts.i586.rpm 3c318967fee6b34cfb453d64ab7dbaeb kernel-smp-2.4.26-7ts.i586.rpm 5f3ded94047616a0f5dec63fcb227d81 kernel-source-2.4.26-7ts.i586.rpm ad6419eca94eec034503558e75318663 kernel-utils-2.4.26-7ts.i586.rpm -- tinysofa Security Team -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: not available Url : http://lists.tinysofa.org/pipermail/tinysofa-announce/attachments/20040618/fec222d4/attachment.bin From omar at tinysofa.org Sun Jun 20 09:51:46 2004 From: omar at tinysofa.org (Omar Kilani) Date: Sun, 20 Jun 2004 19:51:46 +1000 Subject: [tinysofa-announce] [announce] tinysofa enterprise server 1.0-U2 Message-ID: <20040620095146.GA7777@tinysofa.org> ======================================================================== ,,,................, ,....JugQmmmGmmmmmccccccc3cccccmmmGWg, .JQmGGm3ccc?ccccccc?I??ccc?ccccccccccccccccZA, .$mccccccccccccccccccccccQQQcccccccc3ZBQccccccmW0Gmxj...., .Dccccccccccccccccc3$GQccmD!IGGGGGmQ$0=lmQccccccme:!!!::lIIOGQQ:. ..gQQccccccccccccccccYn!!IOGXuu!!::!dS:::!cdGQQQQQmQuuul!:::!u$v:lD ,$v!:ldGGQQQccccccccccmU:!:!!::uDo!:!uQI!:!uugm8GmmmmmmmGGEBQQgDc:ug+ mu:::::!:cdGBQQcccc3mDu!!::!:jZouu!u4BAuugmccccccccccccccccc?mD:jf' 4Qu::!:::uQ00GMQQWWGmmmQQguudWGGGmQQmZBmWWQccccccccccc3QQQQQWDjD !EGQgu:jE=::!:3BQcccccccmmWmccccccccccc?mWQQQQQQQWWM8880v=:dDjz je:ldGmWu!::!!jmQcccccccccccccccQQQQQQWMMM80II!:::!::::!::dDlz .U:!!::lGWc!!:!4XcccccQQQQQQQWM888YI=:::!::!!:!:!::!:!:!lugAgb .vl::!:!!3mc:!:3WWWMM8HY0II!::!::::!:!:!::!::!:!!uuuuoO+"BQaC Qwl::!:::dA!::jD:::!::::!::!::!:!::!:!luuuaxI++"^ dmWXal:!!lmc!:4C::!:!:!::!::!!uuuueZ++"` 7` 7mu:lmn!!4n::::!uuuuxoO+"^ .+gdn:ugwuwO++"' jGEGR` .4HZ+ 01110100 01101001 01101110 01111001 01110011 01101111 01100110 01100001 tinysofa release announcement tinysofa enterprise server 1.0-U2 "imagine a world full of tiny sofas..." ======================================================================== Featuring security updates, bug fixes, and application enhancements, tinysofa enterprise server 1.0-U2 (Update 2) is now generally available. This release moves the 1.0 branch of tinysofa enterprise server into a maintenance state; i.e., a security update and bug fix only cycle. What's New? =========== Updates since tinysofa enterprise server 1.0-U1: * dev86 0.16.15 * glib 2.4.2 * iptables 1.2.10 * kernel 2.4.27-pre6 (snapshot 1.460; fixes all known security issues.) * lftp 3.0.6 * links 2.1pre5 has replaced lynx. * m4 1.4.1 * PHP 4.3.7 * PostgreSQL 7.4.3 * Python 2.3.4 * SWUP 2.4.6 * sed 4.1 * vim 6.2.532 Bugs fixed since tinysofa enterprise server 1.0-U1: * Apache now rotates logs properly. * iptables loads modules properly, fixes Bug #17. * kerberos5 includes an updated fix to MITKRB5-SA-2004-001. * kernel contains a fix for CAN-2004-0554. * A bug in SWUP that caused all packages providing a certain resource (e.g., smtpdaemon) to be installed has been fixed. * vim now contains multibyte and UTF8 support, and issues with large file support have been fixed. Getting tinysofa enterprise server 1.0-U2 ========================================= tinysofa may be downloaded using various protocols from: * http://www.tinysofa.org/download/ The tinysofa website, and means of support, communication and so forth can be found at: * http://www.tinysofa.org/ Upgrading from tinysofa enterprise server 1.0 ============================================= SWUP ---- The SWUP tool can be used to upgrade a tinysofa enterprise server 1.0 or 1.0-U1 system to 1.0-U2. This can be achieved by executing the command: swup --upgrade anaconda -------- The anaconda installer can be used to upgrade all packages on 1.0 whilst leaving all configuration intact. To upgrade your system using anaconda, insert the tinysofa enterprise server 1.0-U2 CD into your CDROM drive, enter the anaconda installation program, and select "Upgrade Existing System" on the "Installation Type" screen, and follow the prompts. The tinysofa development team ============================= tinysofa is brought to you by: Omar Kilani -- Sydney, NSW, Australia -- Emily Boyd -- Newcastle, NSW, Australia -- Gerald Dachs -- Germany -- Goetz Bock -- Munich, Germany -- Jaakko Heinonen -- Turku, Finland -- Michael Wolf -- Boston, MA, USA -- Tor Hveem -- Norway -- -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: not available Url : http://lists.tinysofa.org/pipermail/tinysofa-announce/attachments/20040620/d434874a/attachment.bin From security at tinysofa.org Tue Jun 29 14:49:09 2004 From: security at tinysofa.org (tinysofa Security Team) Date: Wed, 30 Jun 2004 00:49:09 +1000 Subject: [tinysofa-announce] TSSA-2004-012 - apache Message-ID: <20040629144909.GA7636@tinysofa.org> =========================================================================== _ |_ . _ _ _ (_ _ |_ | | ) \/ _) (_) | (_| / Security Advisory #2004-012 Package name: apache / httpd Summary: Denial Of Service Advisory ID: TSSA-2004-012 Date: 2004-06-29 Affected versions: tinysofa enterprise server 1.0 tinysofa enterprise server 1.0-U1 tinysofa enterprise server 1.0-U2 tinysofa enterprise server 2.0-pre1 =========================================================================== Security Fixes ============== Description ----------- apache: * A remote exploit has been discovered in the Apache HTTP server [0] which allows an attacker to cause the server to allocate increasing amounts of memory until system memory is exhausted or until process limits are reached. This problem has been assigned the name CAN-2004-0493 [1] by the Common Vulnerabilities and Exposures (CVE) project. References ---------- [0] http://httpd.apache.org/ [1] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0493 Recommended Action ================== We recommend that all systems with these packages installed be upgraded. Please note that if you do not need the functionality provided by this package, you may want to remove it from your system. Location ======== All tinysofa updates are available from Automatic Updates ================= Users of the SWUP tool can enjoy having updates automatically installed using 'swup --upgrade'. Users of the APT tool may use the 'apt-get upgrade' command. Questions? ========== Check out our mailing lists: Verification ============ This advisory is signed with the tinysofa security sign key. This key is available from: All tinysofa packages are signed with the tinysofa stable sign key. This key is available from: The advisory is available from the tinysofa errata database at or directly at MD5sums Of The Packages ======================= [server-1.0] ebc6032e2b8581955df97921bd194fda apache-2.0.49-14ts.i586.rpm 581dfd444acf8e5d22bd1f2ce34a7213 apache-dbm-2.0.49-14ts.i586.rpm 079c2e42a23afbe60f8f8b98b9287410 apache-devel-2.0.49-14ts.i586.rpm 4956d084928e6f3591cf112d211496a5 apache-manual-2.0.49-14ts.i586.rpm e36c1e88e598907e7ec44b13eca9d64b apr-0.9.5-14ts.i586.rpm acdac3d099decb442e271febc18696d9 apr-devel-0.9.5-14ts.i586.rpm b45a7a65fe3cc2bc435bdabb79535373 apr-util-0.9.5-14ts.i586.rpm 5110e06e4d7bf2b24e8298cc2c0b54f4 apr-util-devel-0.9.5-14ts.i586.rpm [server-2.0] dc3bf12c0df7ea363da38382e11ed5d4 httpd-2.0.49-8ts.i386.rpm 0cb2829c70eed23a3a839ee0e3cb755a httpd-devel-2.0.49-8ts.i386.rpm 6f4915a3221629c2a56b4ccc517509f4 httpd-manual-2.0.49-8ts.i386.rpm 62df1e70370c41795e6abff6950e925b mod_ssl-2.0.49-8ts.i386.rpm -- tinysofa Security Team -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: not available Url : http://lists.tinysofa.org/pipermail/tinysofa-announce/attachments/20040630/3110b5f5/attachment.bin