Debian Bug report logs - #496404
The possibility of attack with the help of symlinks in some Debian packages

version graph

Package: caudium; Maintainer for caudium is (unknown);

Reported by: "Dmitry E. Oboukhov" <dimka@uvw.ru>

Date: Sun, 24 Aug 2008 18:11:00 UTC

Severity: important

Tags: security

Fixed in version caudium/3:1.4.12-11.1

Done: Nico Golde <nion@debian.org>

Bug is archived. No further changes may be made.

Toggle useless messages

View this report as an mbox folder, status mbox, maintainer mbox


Report forwarded to debian-bugs-dist@lists.debian.org, Henrik Andreasson <debian@han.pp.se>:
Bug#496404; Package caudium. Full text and rfc822 format available.

Acknowledgement sent to "Dmitry E. Oboukhov" <dimka@uvw.ru>:
New Bug report received and forwarded. Copy sent to Henrik Andreasson <debian@han.pp.se>. Full text and rfc822 format available.

Message #5 received at submit@bugs.debian.org (full text, mbox):

From: "Dmitry E. Oboukhov" <dimka@uvw.ru>
To: submit@bugs.debian.org
Cc: dimka@uvw.ru
Subject: The possibility of attack with the help of symlinks in some Debian packages
Date: Sun, 24 Aug 2008 22:05:29 +0400
Package: caudium
Severity: grave

Hi, maintainer!

This message about the error concerns a few packages  at  once.   I've
tested all the packages (for Lenny) on my Debian mirror.  All  scripts
of packages (marked as executable) were tested.

In some packages I've discovered scripts with errors which may be used
by a user for damaging important system files or user's files.

For example if a script uses in its work a temp file which is  created
in /tmp directory, then every user can create symlink  with  the  same
name in this directory in order to  destroy  or  rewrite  some  system
or user file.  Symlink attack may also  lead  not  only  to  the  data
desctruction but to denial of service as well.

Even if you create files or directories with help of function 'RANDOM'
or pid(), then your system is not protected. Attacker can create many
symlinks in order to destroy your data or create 'denial  of  service'
for your package scripts.

Even if you make rm(dir) for files/directories, then  your  system  is
not protected. Attacker can permanently create symlinks.

This list is created with the help of script.  This list is sorted  by
hand. Howewer in some cases mistake is possible.

Please, Be understanding to possible mistakes. :)

I set Severity into grave for this bug. The table of discovered
problems is below.

Discussion of this bug you can see in debian-devel@:
    http://lists.debian.org/debian-devel/2008/08/msg00271.html

Binary-package: r-base-core-ra (1.1.1-1)
    file: /usr/lib/Ra/lib/R/bin/javareconf
Binary-package: rccp (0.9-2)
    file: /usr/lib/rccp/delqueueask
Binary-package: mafft (6.240-1)
    file: /usr/bin/mafft-homologs
Binary-package: openoffice.org-common (1:2.4.1-6)
    file: /usr/lib/openoffice/program/senddoc
Binary-package: crossfire-maps (1.11.0-1)
    file: /usr/share/games/crossfire/maps/Info/combine.pl
Binary-package: sgml2x (1.0.0-11.1)
    file: /usr/bin/rlatex
Binary-package: liguidsoap (0.3.6-4)
    file: /var/lib/liguidsoap/liguidsoap.py
Binary-package: citadel-server (7.37-1)
    file: /usr/lib/citadel-server/migrate_aliases.sh
Binary-package: ampache (3.4.1-1)
    file: /usr/share/ampache/www/locale/base/gather-messages.sh
Binary-package: xen-utils-3.2-1 (3.2.1-2)
    file: /usr/lib/xen-3.2-1/bin/qemu-dm.debug
Binary-package: dtc-common (0.29.6-1)
    file: /usr/share/dtc/admin/accesslog.php
    file: /usr/share/dtc/admin/sa-wrapper
Binary-package: honeyd-common (1.5c-3)
    file: /usr/share/honeyd/scripts/test.sh
Binary-package: lustre-tests (1.6.5-1)
    file: /usr/lib/lustre/tests/runiozone
Binary-package: linuxtrade (3.65-8+b4)
    file: /usr/share/linuxtrade/bin/linuxtrade.bwkvol
    file: /usr/share/linuxtrade/bin/linuxtrade.wn
    file: /usr/share/linuxtrade/bin/moneyam.helper
Binary-package: freevo (1.8.1-0)
    file: /usr/bin/freevo.real
Binary-package: fml (4.0.3.dfsg-2)
    file: /usr/share/fml/libexec/mead.pl
Binary-package: rkhunter (1.3.2-3)
    file: /usr/bin/rkhunter
Binary-package: openswan (1:2.4.12+dfsg-1.1)
    file: /usr/lib/ipsec/livetest
Binary-package: linux-patch-openswan (1:2.4.12+dfsg-1.1)
    file: /usr/src/kernel-patches/all/openswan/packaging/utils/maysnap
    file: /usr/src/kernel-patches/all/openswan/packaging/utils/maytest
Binary-package: aptoncd (0.1-1.1)
    file: /usr/share/aptoncd/xmlfile.py
Binary-package: cdcontrol (1.90-1.1)
    file: /usr/lib/cdcontrol/writtercontrol
Binary-package: newsgate (1.6-23)
    file: /usr/bin/mkmailpost
Binary-package: gpsdrive-scripts (2.10~pre4-3)
    file: /usr/bin/geo-code
Binary-package: impose+ (0.2-11)
    file: /usr/bin/impose
Binary-package: mgt (2.31-5)
    file: /usr/games/mailgo
Binary-package: audiolink (0.05-1)
    file: /usr/bin/audiolink
Binary-package: ibackup (2.27-4.1)
    file: /usr/bin/ibackup
Binary-package: emacspeak (26.0-3)
    file: /usr/share/emacs/site-lisp/emacspeak/etc/extract-table.pl
Binary-package: bk2site (1:1.1.9-3.1)
    file: /usr/lib/cgi-bin/bk2site/redirect.pl
Binary-package: datafreedom-perl (0.1.7-1)
    file: /usr/bin/dfxml-invoice
Binary-package: emacs-jabber (0.7.91-1)
    file: /usr/lib/emacsen-common/packages/install/emacs-jabber
Binary-package: lmbench (3.0-a7-1)
    file: /usr/lib/lmbench/scripts/rccs
    file: /usr/lib/lmbench/scripts/STUFF
Binary-package: rancid-util (2.3.2~a8-1)
    file: /var/lib/rancid/getipacctg
Binary-package: ogle (0.9.2-5.2)
    file: /usr/lib/ogle/ogle_audio_debug
    file: /usr/lib/ogle/ogle_cli_debug
    file: /usr/lib/ogle/ogle_ctrl_debug
    file: /usr/lib/ogle/ogle_gui_debug
    file: /usr/lib/ogle/ogle_mpeg_ps_debug
    file: /usr/lib/ogle/ogle_mpeg_vs_debug
    file: /usr/lib/ogle/ogle_nav_debug
    file: /usr/lib/ogle/ogle_vout_debug
Binary-package: firehol (1.256-4)
    file: /sbin/firehol
Binary-package: aview (1.3.0rc1-8)
    file: /usr/bin/asciiview
Binary-package: radiance (3R9+20080530-3)
    file: /usr/bin/optics2rad
    file: /usr/bin/pdelta
    file: /usr/bin/dayfact
    file: /usr/bin/raddepend
Binary-package: vdr-dbg (1.6.0-5)
    file: /usr/bin/vdrleaktest
Binary-package: ogle-mmx (0.9.2-5.2)
    file: /usr/lib/ogle/ogle_audio_debug
    file: /usr/lib/ogle/ogle_cli_debug
    file: /usr/lib/ogle/ogle_ctrl_debug
    file: /usr/lib/ogle/ogle_gui_debug
    file: /usr/lib/ogle/ogle_mpeg_ps_debug
    file: /usr/lib/ogle/ogle_mpeg_vs_debug
    file: /usr/lib/ogle/ogle_nav_debug
    file: /usr/lib/ogle/ogle_vout_debug
Binary-package: convirt (0.8.2-3)
    file: /usr/share/convirt/image_store/_template_/provision.sh
    file: /usr/share/convirt/image_store/Linux_CD_Install/provision.sh
    file: /usr/share/convirt/image_store/Fedora_PV_Install/provision.sh
    file: /usr/share/convirt/image_store/CentOS_PV_Install/provision.sh
    file: /usr/share/convirt/image_store/common/provision.sh
    file: /usr/share/convirt/image_store/example/provision.sh
    file: /usr/share/convirt/image_store/Windows_CD_Install/provision.sh
Binary-package: printfilters-ppd (2.13-9)
    file: /usr/lib/printfilters/master-filter
Binary-package: r-base-core (2.7.1-1)
    file: /usr/lib/R/bin/javareconf
    file: /usr/lib/R/bin/javareconf.orig
Binary-package: xmcd (2.6-19.3)
    file: /usr/share/xmcd/scripts/ncsarmt
    file: /usr/share/xmcd/scripts/ncsawrap
Binary-package: tiger (1:3.2.2-3.1)
    file: /usr/lib/tiger/util/genmsgidx
Binary-package: scilab-bin (4.1.2-5)
    file: /usr/lib/scilab-4.1.2/bin/scilink
    file: /usr/lib/scilab-4.1.2/util/scidoc
    file: /usr/lib/scilab-4.1.2/util/scidem
Binary-package: dpkg-cross (2.3.0)
    file: /usr/share/dpkg-cross/bin/gccross
Binary-package: ltp-network-test (20060918-2.1)
    file: /usr/lib/debian-test/tests/linux/testcases/bin/ftp_setup_vsftp_conf
    file: /usr/lib/debian-test/tests/linux/testcases/bin/nfs_fsstress.sh
Binary-package: cman (2.20080629-1)
    file: /usr/sbin/fence_egenera
Binary-package: scratchbox2 (1.99.0.24-1)
    file: /usr/share/scratchbox2/scripts/dpkg-checkbuilddeps
    file: /usr/share/scratchbox2/scripts/sb2-check-pkg-mappings
Binary-package: sendmail-base (8.14.3-5)
    file: /usr/sbin/checksendmail
    file: /usr/bin/expn
Binary-package: fwbuilder (2.1.19-3)
    file: /usr/bin/fwb_install
Binary-package: sng (1.0.2-5)
    file: /usr/bin/sng_regress
Binary-package: dist (1:3.5-17-1)
    file: /usr/bin/patcil
    file: /usr/bin/patdiff
Binary-package: sympa (5.3.4-5)
    file: /usr/lib/cgi-bin/sympa/wwsympa.fcgi
    file: /usr/lib/sympa/bin/sympa.pl
Binary-package: postfix (2.5.2-2)
    file: /usr/lib/postfix_groups.pl
Binary-package: caudium (3:1.4.12-11)
    file: /usr/share/caudium/configvar
Binary-package: mgetty-fax (1.1.36-1.2)
    file: /usr/bin/faxspool
Binary-package: aegis (4.24-3)
    file: /usr/share/doc/aegis/examples/remind/bng_dvlpd.sh
    file: /usr/share/doc/aegis/examples/remind/bng_rvwd.sh
    file: /usr/share/doc/aegis/examples/remind/awt_dvlp.sh
    file: /usr/share/doc/aegis/examples/remind/awt_intgrtn.sh
Binary-package: aegis-web (4.24-3)
    file: /usr/lib/cgi-bin/aegis.cgi
Binary-package: digitaldj (0.7.5-6+b1)
    file: /usr/share/digitaldj/fest.pl
Binary-package: mon (0.99.2-12)
    file: /usr/lib/mon/alert.d/test.alert
Binary-package: feta (1.4.16)
    file: /usr/share/feta/plugins/to-upgrade
Binary-package: arb-common (0.0.20071207.1-4)
    file: /usr/lib/arb/SH/arb_fastdnaml
    file: /usr/lib/arb/SH/dszmconnect.pl
Binary-package: qemu (0.9.1-5)
    file: /usr/sbin/qemu-make-debian-root
Binary-package: apertium (3.0.7+1-1+b1)
    file: /usr/bin/apertium-gen-deformat
    file: /usr/bin/apertium-gen-reformat
    file: /usr/bin/apertium
Binary-package: xcal (4.1-18.3)
    file: /usr/bin/pscal
Binary-package: myspell-tools (1:3.1-20)
    file: /usr/bin/i2myspell
Binary-package: gccxml (0.9.0+cvs20080525-1)
    file: /usr/share/gccxml-0.9/MIPSpro/find_flags
Binary-package: freeradius-dialupadmin (2.0.4+dfsg-4)
    file: /usr/share/freeradius-dialupadmin/bin/backup_radacct
    file: /usr/share/freeradius-dialupadmin/bin/clean_radacct
    file: /usr/share/freeradius-dialupadmin/bin/monthly_tot_stats
    file: /usr/share/freeradius-dialupadmin/bin/tot_stats
    file: /usr/share/freeradius-dialupadmin/bin/truncate_radacct
Binary-package: dhis-server (5.3-1)
    file: /usr/lib/dhis-server/dhis-dummy-log-engine
Binary-package: wims (3.62-13)
    file: /var/lib/wims/public_html/bin/coqweb
    file: /var/lib/wims/bin/account.sh
Binary-package: initramfs-tools (0.92f)
    file: /usr/share/initramfs-tools/init
Binary-package: realtimebattle-common (1.0.8-7)
    file: /usr/lib/realtimebattle/Robots/perl.robot
Binary-package: netmrg (0.20-1)
    file: /usr/bin/rrdedit
Binary-package: bulmages-servers (0.11.1-2)
    file: /usr/share/bulmages/examples/scripts/actualizabulmacont
    file: /usr/share/bulmages/examples/scripts/installbulmages-db
    file: /usr/share/bulmages/examples/scripts/creabulmafact
    file: /usr/share/bulmages/examples/scripts/creabulmacont
    file: /usr/share/bulmages/examples/scripts/actualizabulmafact
Binary-package: xastir (1.9.2-1)
    file: /usr/lib/xastir/get-maptools.sh
    file: /usr/lib/xastir/get_shapelib.sh
Binary-package: plait (1.5.2-1)
    file: /usr/bin/plaiter
    file: /usr/bin/plait
Binary-package: cdrw-taper (0.4-2)
    file: /usr/sbin/amlabel-cdrw
Binary-package: konwert-filters (1.8-11.1)
    file: /usr/share/konwert/filters/any-UTF8
Binary-package: gdrae (0.1-1)
    file: /usr/bin/gdrae
Binary-package: lazarus-src (0.9.24-0-9)
    file: /usr/lib/lazarus/tools/install/create_lazarus_export_tgz.sh




Severity set to `important' from `grave' Request was from Christian Perrier <bubulle@debian.org> to control@bugs.debian.org. (Mon, 25 Aug 2008 08:03:06 GMT) Full text and rfc822 format available.

Tags added: Request was from "Dmitry E. Oboukhov" <dimka@uvw.ru> to control@bugs.debian.org. (Tue, 26 Aug 2008 08:45:43 GMT) Full text and rfc822 format available.

Tags added: security Request was from "Dmitry E. Oboukhov" <dimka@uvw.ru> to control@bugs.debian.org. (Tue, 26 Aug 2008 08:57:33 GMT) Full text and rfc822 format available.

Information forwarded to debian-bugs-dist@lists.debian.org, Henrik Andreasson <debian@han.pp.se>:
Bug#496404; Package caudium. Full text and rfc822 format available.

Acknowledgement sent to Steffen Joeris <steffen.joeris@skolelinux.de>:
Extra info received and forwarded to list. Copy sent to Henrik Andreasson <debian@han.pp.se>. Full text and rfc822 format available.

Message #16 received at 496404@bugs.debian.org (full text, mbox):

From: Steffen Joeris <steffen.joeris@skolelinux.de>
To: 496404@bugs.debian.org
Subject: CVE id allocated
Date: Wed, 3 Sep 2008 19:45:54 +1000
[Message part 1 (text/plain, inline)]
Hi

This issue is now being tracked as CVE-2008-3883.
When you fix it, please mention the CVE id in your changelog entry.

Here is the text for the CVE entry:

CVE-2008-3883[0]:
| configvar in Caudium 1.4.12 allows local users to overwrite arbitrary
| files via a symlink attack on a /tmp/roken#####.pike temporary file.


[0] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3883
    http://security-tracker.debian.net/tracker/CVE-2008-3883


Cheers
Steffen
[signature.asc (application/pgp-signature, inline)]

Information forwarded to debian-bugs-dist@lists.debian.org, Henrik Andreasson <debian@han.pp.se>:
Bug#496404; Package caudium. Full text and rfc822 format available.

Acknowledgement sent to Nico Golde <nion@debian.org>:
Extra info received and forwarded to list. Copy sent to Henrik Andreasson <debian@han.pp.se>. Full text and rfc822 format available.

Message #21 received at 496404@bugs.debian.org (full text, mbox):

From: Nico Golde <nion@debian.org>
To: 496404@bugs.debian.org
Subject: intent to NMU
Date: Thu, 4 Sep 2008 13:36:25 +0200
[Message part 1 (text/plain, inline)]
Hi,
attached is a patch which fixes this issue. It will be also 
archived on:
http://people.debian.org/~nion/nmu-diff/caudium-1.4.12-11_1.4.12-11.1.patch

Kind regards
Nico

-- 
Nico Golde - http://www.ngolde.de - nion@jabber.ccc.de - GPG: 0x73647CFF
For security reasons, all text in this mail is double-rot13 encrypted.
[caudium-1.4.12-11_1.4.12-11.1.patch (text/x-diff, attachment)]
[Message part 3 (application/pgp-signature, inline)]

Information forwarded to debian-bugs-dist@lists.debian.org, Henrik Andreasson <debian@han.pp.se>:
Bug#496404; Package caudium. Full text and rfc822 format available.

Acknowledgement sent to Henrik Andreasson <caudium@han.pp.se>:
Extra info received and forwarded to list. Copy sent to Henrik Andreasson <debian@han.pp.se>. Full text and rfc822 format available.

Message #26 received at 496404@bugs.debian.org (full text, mbox):

From: Henrik Andreasson <caudium@han.pp.se>
To: Nico Golde <nion@debian.org>, 496404@bugs.debian.org
Cc: Henrik Andreasson <debian@han.pp.se>
Subject: Re: Bug#496404: intent to NMU
Date: Thu, 4 Sep 2008 14:14:50 +0200 (CEST)
On Thu, 4 Sep 2008, Nico Golde wrote:

Yes please do since I'm not a dd.
My patch is very similar.


> Hi,
> attached is a patch which fixes this issue. It will be also
> archived on:
> http://people.debian.org/~nion/nmu-diff/caudium-1.4.12-11_1.4.12-11.1.patch
>
> Kind regards
> Nico
>
> -- 
> Nico Golde - http://www.ngolde.de - nion@jabber.ccc.de - GPG: 0x73647CFF
> For security reasons, all text in this mail is double-rot13 encrypted.
>




Reply sent to Nico Golde <nion@debian.org>:
You have taken responsibility. Full text and rfc822 format available.

Notification sent to "Dmitry E. Oboukhov" <dimka@uvw.ru>:
Bug acknowledged by developer. Full text and rfc822 format available.

Message #31 received at 496404-close@bugs.debian.org (full text, mbox):

From: Nico Golde <nion@debian.org>
To: 496404-close@bugs.debian.org
Subject: Bug#496404: fixed in caudium 3:1.4.12-11.1
Date: Thu, 04 Sep 2008 14:17:03 +0000
Source: caudium
Source-Version: 3:1.4.12-11.1

We believe that the bug you reported is fixed in the latest version of
caudium, which is due to be installed in the Debian FTP archive:

caudium-dev_1.4.12-11.1_all.deb
  to pool/main/c/caudium/caudium-dev_1.4.12-11.1_all.deb
caudium-modules_1.4.12-11.1_amd64.deb
  to pool/main/c/caudium/caudium-modules_1.4.12-11.1_amd64.deb
caudium-perl_1.4.12-11.1_all.deb
  to pool/main/c/caudium/caudium-perl_1.4.12-11.1_all.deb
caudium-pixsl_1.4.12-11.1_amd64.deb
  to pool/main/c/caudium/caudium-pixsl_1.4.12-11.1_amd64.deb
caudium-ultralog_1.4.12-11.1_amd64.deb
  to pool/main/c/caudium/caudium-ultralog_1.4.12-11.1_amd64.deb
caudium_1.4.12-11.1.diff.gz
  to pool/main/c/caudium/caudium_1.4.12-11.1.diff.gz
caudium_1.4.12-11.1.dsc
  to pool/main/c/caudium/caudium_1.4.12-11.1.dsc
caudium_1.4.12-11.1_all.deb
  to pool/main/c/caudium/caudium_1.4.12-11.1_all.deb



A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 496404@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Nico Golde <nion@debian.org> (supplier of updated caudium package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.8
Date: Thu, 04 Sep 2008 13:34:24 +0200
Source: caudium
Binary: caudium caudium-modules caudium-pixsl caudium-ultralog caudium-dev caudium-perl
Architecture: source amd64 all
Version: 3:1.4.12-11.1
Distribution: unstable
Urgency: high
Maintainer: Henrik Andreasson <debian@han.pp.se>
Changed-By: Nico Golde <nion@debian.org>
Description: 
 caudium    - An extensible WWW server written in Pike
 caudium-dev - Development files for Caudium
 caudium-modules - C modules for Caudium
 caudium-perl - Perl script support for Caudium
 caudium-pixsl - Pike XSLT module for Caudium
 caudium-ultralog - Log Parser module for Caudium
Closes: 496404
Changes: 
 caudium (3:1.4.12-11.1) unstable; urgency=high
 .
   * Non-maintainer upload by the Security Team.
   * Fix insecure temporary file usage in configvar script
     (CVE-2008-3883; Closes: #496404)
Checksums-Sha1: 
 619c2de0e832e3ff33cb6e8b0c4684969c18bed0 1447 caudium_1.4.12-11.1.dsc
 491251fbc07047c389b9b317e3d1efd107f47299 91464 caudium_1.4.12-11.1.diff.gz
 40ebfbee833e2bfcc3aa3c3b53b94b7d33e612f8 234282 caudium-modules_1.4.12-11.1_amd64.deb
 57336bab542c12392331019997697662afd67257 205206 caudium-pixsl_1.4.12-11.1_amd64.deb
 9425ce7b4a333e789552652b0dd6663194bd32e2 239708 caudium-ultralog_1.4.12-11.1_amd64.deb
 9edf3333c12a5514640a92259533fccfb0ef720b 2737954 caudium_1.4.12-11.1_all.deb
 4bbc42604087df163c1dff1bfdbb89572df302fe 235646 caudium-dev_1.4.12-11.1_all.deb
 cadeacce8383cdc24f56e74c74f72a136ebee336 195490 caudium-perl_1.4.12-11.1_all.deb
Checksums-Sha256: 
 16d0c95602d5ec4cf043e439fbdc999b9e0ea72472aa084d5a14667d41fb0f75 1447 caudium_1.4.12-11.1.dsc
 5c368fe201977a902c5bc75525b518e6a750edc56192c27f71e294ab4ce3b729 91464 caudium_1.4.12-11.1.diff.gz
 6ea6d1a128d53034041403794a2b517755147550d1da2213a783fa04479e27fa 234282 caudium-modules_1.4.12-11.1_amd64.deb
 8b3ac090dd3cc28ea7b8ef48dde5d83a986e93f80b3ad23739f2427b084fce16 205206 caudium-pixsl_1.4.12-11.1_amd64.deb
 0348cb25fba0b3bcf53cca3286b9819aadb8ccfab8b783999244076d857fcf14 239708 caudium-ultralog_1.4.12-11.1_amd64.deb
 3ccd03e3e5f398eaaf595d4469f20f1026343586f20fcce269ea93b26d00cff2 2737954 caudium_1.4.12-11.1_all.deb
 dabfc9d36bad6dffc4f1f1230333e2a001e7387270a12d26dc9697fbb062745b 235646 caudium-dev_1.4.12-11.1_all.deb
 901a5061205443523dae75ad2822d1529e6d15aa5e215ea382876238b01bff11 195490 caudium-perl_1.4.12-11.1_all.deb
Files: 
 c15813e5eaf1787fa25fabad0c839619 1447 web optional caudium_1.4.12-11.1.dsc
 fa1a6f336f805db593443f254e33f54c 91464 web optional caudium_1.4.12-11.1.diff.gz
 f6f8c092fbef60122fbe1e67fb43b03a 234282 web optional caudium-modules_1.4.12-11.1_amd64.deb
 53380babc03ab8797aa77d2b5b3a9567 205206 web optional caudium-pixsl_1.4.12-11.1_amd64.deb
 02fb4f07cdf23be855f9d78b1e7e5e81 239708 web optional caudium-ultralog_1.4.12-11.1_amd64.deb
 cc51bc53ca5d8a09eaf8cf2535c7eba4 2737954 web optional caudium_1.4.12-11.1_all.deb
 b887f5e17ff7f624274ea99dacb50152 235646 devel optional caudium-dev_1.4.12-11.1_all.deb
 e9e65256e03735a11069b188ee775250 195490 web optional caudium-perl_1.4.12-11.1_all.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iEYEARECAAYFAki/yMsACgkQHYflSXNkfP8fqQCgjTzFWKffOJnrtXzxk3P8n7jC
2wMAnif1IT3HVWcSbo65KGkVFGAhKhtz
=V0dv
-----END PGP SIGNATURE-----





Bug archived. Request was from Debbugs Internal Request <owner@bugs.debian.org> to internal_control@bugs.debian.org. (Mon, 03 Nov 2008 07:25:50 GMT) Full text and rfc822 format available.

Send a report that this bug log contains spam.


Debian bug tracking system administrator <owner@bugs.debian.org>. Last modified: Thu Apr 24 02:37:22 2014; Machine Name: beach.debian.org

Debian Bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.