Debian Bug report logs - #598421
salome: CVE-2010-3377: insecure library loading

version graph

Package: salome; Maintainer for salome is (unknown);

Reported by: Raphael Geissert <geissert@debian.org>

Date: Tue, 28 Sep 2010 21:09:11 UTC

Severity: grave

Tags: security

Found in version salome/5.1.3-9

Fixed in version salome/5.1.3-11

Done: hazelsct@debian.org ("Adam C. Powell, IV")

Bug is archived. No further changes may be made.

Toggle useless messages

View this report as an mbox folder, status mbox, maintainer mbox


Report forwarded to debian-bugs-dist@lists.debian.org, Debian Science Maintainers <debian-science-maintainers@lists.alioth.debian.org>:
Bug#598421; Package salome. (Tue, 28 Sep 2010 21:09:14 GMT) Full text and rfc822 format available.

Acknowledgement sent to Raphael Geissert <geissert@debian.org>:
New Bug report received and forwarded. Copy sent to Debian Science Maintainers <debian-science-maintainers@lists.alioth.debian.org>. (Tue, 28 Sep 2010 21:09:14 GMT) Full text and rfc822 format available.

Message #5 received at submit@bugs.debian.org (full text, mbox):

From: Raphael Geissert <geissert@debian.org>
To: submit@bugs.debian.org
Subject: salome: CVE-2010-3377: insecure library loading
Date: Tue, 28 Sep 2010 21:07:08 +0000
Package: salome
Version: 5.1.3-9
Severity: grave
Tags: security
User: team@security.debian.org
Usertags: ldpath

Hello,

During a review of the Debian archive, I've found your package to
contain a script that can be abused by an attacker to execute arbitrary
code.

The vulnerability is introduced by an insecure change to
LD_LIBRARY_PATH, an environment variable used by ld.so(8) to look for
libraries on a directory other than the standard paths.

Vulnerable code follows:

/usr/bin/runSalome line 28:
export LD_LIBRARY_PATH=${prefix}/lib:${libdir}:$LD_LIBRARY_PATH
/usr/bin/runTestMedCorba line 29:
  export LD_LIBRARY_PATH=$MED_ROOT_DIR/lib/salome:${LD_LIBRARY_PATH}
/usr/bin/runTestMedCorba line 37:
  export LD_LIBRARY_PATH=$MED_ROOT_DIR/lib/salome:${LD_LIBRARY_PATH}

Possibly vulnerable too:
/usr/lib/salome/bin/runLightSalome line 139:
    export LD_LIBRARY_PATH=${MY_LD_LIBRARY_PATH}:${LD_LIBRARY_PATH}
/usr/lib/salome/bin/hxx2salome line 329:
	    echo -e "setenv LD_LIBRARY_PATH \${${CLASS_NAME}CPP_ROOT_DIR}${lib_dir#${CPP_ROOT_DIR}}:\${LD_LIBRARY_PATH}" >> ${ENVIRON_FILE}
/usr/lib/salome/bin/hxx2salome line 351:
	    echo -e "export LD_LIBRARY_PATH=\${${CLASS_NAME}CPP_ROOT_DIR}${lib_dir#${CPP_ROOT_DIR}}:\${LD_LIBRARY_PATH}" \
	    >> ${ENVIRON_FILE}

When there's an empty item on the colon-separated list of
LD_LIBRARY_PATH, ld.so treats it as '.' (i.e. CWD/$PWD.)
If the given script is executed from a directory where a potential,
local, attacker can write files to, there's a chance to exploit this
bug.

This vulnerability has been assigned the CVE id CVE-2010-3377. Please make sure
you mention it when forwarding this report to upstream and when fixing
this bug (everywhere: upstream and here at Debian.)

[0] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3377
[1] http://security-tracker.debian.org/tracker/CVE-2010-3377

Sincerely,
Raphael Geissert




Information forwarded to debian-bugs-dist@lists.debian.org, Debian Science Maintainers <debian-science-maintainers@lists.alioth.debian.org>:
Bug#598421; Package salome. (Thu, 30 Sep 2010 03:03:05 GMT) Full text and rfc822 format available.

Acknowledgement sent to Adam C Powell IV <hazelsct@debian.org>:
Extra info received and forwarded to list. Copy sent to Debian Science Maintainers <debian-science-maintainers@lists.alioth.debian.org>. (Thu, 30 Sep 2010 03:03:06 GMT) Full text and rfc822 format available.

Message #10 received at 598421@bugs.debian.org (full text, mbox):

From: Adam C Powell IV <hazelsct@debian.org>
To: Raphael Geissert <geissert@debian.org>, 598421@bugs.debian.org
Subject: Re: Bug#598421: salome: CVE-2010-3377: insecure library loading
Date: Wed, 29 Sep 2010 23:01:00 -0400
[Message part 1 (text/plain, inline)]
Hello,

On Tue, 2010-09-28 at 21:07 +0000, Raphael Geissert wrote:
> Package: salome
> Version: 5.1.3-9
> Severity: grave
> Tags: security
> User: team@security.debian.org
> Usertags: ldpath
> 
> Hello,
> 
> During a review of the Debian archive, I've found your package to
> contain a script that can be abused by an attacker to execute arbitrary
> code.
> 
> The vulnerability is introduced by an insecure change to
> LD_LIBRARY_PATH, an environment variable used by ld.so(8) to look for
> libraries on a directory other than the standard paths.

Thank you, I'm glad your review found this.

Would a secure change omit the former LD_LIBRARY_PATH?  That is, would
it fix this in runSalome to say:

export LD_LIBRARY_PATH=${prefix}/lib:${libdir}:/usr/lib:/usr/local/lib
?

The prefix and libdir variables are set elsewhere in runSalome, so I
don't think one could override those...  But if it could be a problem,
I'll have that script hard-code them instead.

> Vulnerable code follows:
> 
> /usr/bin/runSalome line 28:
> export LD_LIBRARY_PATH=${prefix}/lib:${libdir}:$LD_LIBRARY_PATH
> /usr/bin/runTestMedCorba line 29:
>   export LD_LIBRARY_PATH=$MED_ROOT_DIR/lib/salome:${LD_LIBRARY_PATH}
> /usr/bin/runTestMedCorba line 37:
>   export LD_LIBRARY_PATH=$MED_ROOT_DIR/lib/salome:${LD_LIBRARY_PATH}
> 
> Possibly vulnerable too:
> /usr/lib/salome/bin/runLightSalome line 139:
>     export LD_LIBRARY_PATH=${MY_LD_LIBRARY_PATH}:${LD_LIBRARY_PATH}
> /usr/lib/salome/bin/hxx2salome line 329:
> 	    echo -e "setenv LD_LIBRARY_PATH \${${CLASS_NAME}CPP_ROOT_DIR}${lib_dir#${CPP_ROOT_DIR}}:\${LD_LIBRARY_PATH}" >> ${ENVIRON_FILE}
> /usr/lib/salome/bin/hxx2salome line 351:
> 	    echo -e "export LD_LIBRARY_PATH=\${${CLASS_NAME}CPP_ROOT_DIR}${lib_dir#${CPP_ROOT_DIR}}:\${LD_LIBRARY_PATH}" \
> 	    >> ${ENVIRON_FILE}

I see a couple of other bugs in those lines as well...  Okay, a lot of
work to do, but starting with fixing the security issue, as soon as I
hear my fix idea above.

> When there's an empty item on the colon-separated list of
> LD_LIBRARY_PATH, ld.so treats it as '.' (i.e. CWD/$PWD.)
> If the given script is executed from a directory where a potential,
> local, attacker can write files to, there's a chance to exploit this
> bug.
> 
> This vulnerability has been assigned the CVE id CVE-2010-3377. Please make sure
> you mention it when forwarding this report to upstream and when fixing
> this bug (everywhere: upstream and here at Debian.)
> 
> [0] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3377
> [1] http://security-tracker.debian.org/tracker/CVE-2010-3377

Thanks, I'll make sure upstream knows about this.

-Adam
-- 
GPG fingerprint: D54D 1AEE B11C CE9B A02B  C5DD 526F 01E8 564E E4B6

Engineering consulting with open source tools
http://www.opennovation.com/
[signature.asc (application/pgp-signature, inline)]

Information forwarded to debian-bugs-dist@lists.debian.org, Debian Science Maintainers <debian-science-maintainers@lists.alioth.debian.org>:
Bug#598421; Package salome. (Thu, 30 Sep 2010 04:27:03 GMT) Full text and rfc822 format available.

Acknowledgement sent to Raphael Geissert <geissert@debian.org>:
Extra info received and forwarded to list. Copy sent to Debian Science Maintainers <debian-science-maintainers@lists.alioth.debian.org>. (Thu, 30 Sep 2010 04:27:03 GMT) Full text and rfc822 format available.

Message #15 received at 598421@bugs.debian.org (full text, mbox):

From: Raphael Geissert <geissert@debian.org>
To: 598421@bugs.debian.org
Subject: Re: Bug#598421: salome: CVE-2010-3377: insecure library loading
Date: Wed, 29 Sep 2010 23:24:26 -0500
On 29 September 2010 22:01, Adam C Powell IV <hazelsct@debian.org> wrote:
> On Tue, 2010-09-28 at 21:07 +0000, Raphael Geissert wrote:
> Would a secure change omit the former LD_LIBRARY_PATH?  That is, would
> it fix this in runSalome to say:
>
> export LD_LIBRARY_PATH=${prefix}/lib:${libdir}:/usr/lib:/usr/local/lib
> ?

You could do that, or use the following:
export LD_LIBRARY_PATH=${prefix}/lib:${libdir}${LD_LIBRARY_PATH:+:$LD_LIBRARY_PATH}

(note the ${VAR:+foo} construct, which is what makes the shell only
expand to the latter part when VAR is set and non-empty. The colon
_before_ the plus sign is important.)

Cheers,
-- 
Raphael Geissert - Debian Developer
www.debian.org - get.debian.net




Information forwarded to debian-bugs-dist@lists.debian.org, Debian Science Maintainers <debian-science-maintainers@lists.alioth.debian.org>:
Bug#598421; Package salome. (Thu, 30 Sep 2010 14:15:06 GMT) Full text and rfc822 format available.

Acknowledgement sent to Adam C Powell IV <hazelsct@debian.org>:
Extra info received and forwarded to list. Copy sent to Debian Science Maintainers <debian-science-maintainers@lists.alioth.debian.org>. (Thu, 30 Sep 2010 14:15:06 GMT) Full text and rfc822 format available.

Message #20 received at 598421@bugs.debian.org (full text, mbox):

From: Adam C Powell IV <hazelsct@debian.org>
To: Raphael Geissert <geissert@debian.org>, 598421@bugs.debian.org
Cc: control@bugs.debian.org
Subject: Re: Bug#598421: salome: CVE-2010-3377: insecure library loading
Date: Thu, 30 Sep 2010 10:11:17 -0400
[Message part 1 (text/plain, inline)]
tags 598421 pending
thanks

On Wed, 2010-09-29 at 23:24 -0500, Raphael Geissert wrote:
> On 29 September 2010 22:01, Adam C Powell IV <hazelsct@debian.org> wrote:
> > On Tue, 2010-09-28 at 21:07 +0000, Raphael Geissert wrote:
> > Would a secure change omit the former LD_LIBRARY_PATH?  That is, would
> > it fix this in runSalome to say:
> >
> > export LD_LIBRARY_PATH=${prefix}/lib:${libdir}:/usr/lib:/usr/local/lib
> > ?
> 
> You could do that, or use the following:
> export LD_LIBRARY_PATH=${prefix}/lib:${libdir}${LD_LIBRARY_PATH:+:$LD_LIBRARY_PATH}
> 
> (note the ${VAR:+foo} construct, which is what makes the shell only
> expand to the latter part when VAR is set and non-empty. The colon
> _before_ the plus sign is important.)

Thanks.  I assume this works in both bash and dash, and have applied
this to the files you mentioned in the package git repository on alioth.

There's one more RC/FTBFS bug to fix, then I'll upload, hopefully by
tomorrow but maybe early next week.

-Adam
-- 
GPG fingerprint: D54D 1AEE B11C CE9B A02B  C5DD 526F 01E8 564E E4B6

Engineering consulting with open source tools
http://www.opennovation.com/
[signature.asc (application/pgp-signature, inline)]

Added tag(s) pending. Request was from Adam C Powell IV <hazelsct@debian.org> to control@bugs.debian.org. (Thu, 30 Sep 2010 14:15:09 GMT) Full text and rfc822 format available.

Information forwarded to debian-bugs-dist@lists.debian.org, Debian Science Maintainers <debian-science-maintainers@lists.alioth.debian.org>:
Bug#598421; Package salome. (Thu, 30 Sep 2010 14:21:11 GMT) Full text and rfc822 format available.

Acknowledgement sent to Adam C Powell IV <hazelsct@debian.org>:
Extra info received and forwarded to list. Copy sent to Debian Science Maintainers <debian-science-maintainers@lists.alioth.debian.org>. (Thu, 30 Sep 2010 14:21:11 GMT) Full text and rfc822 format available.

Message #27 received at 598421@bugs.debian.org (full text, mbox):

From: Adam C Powell IV <hazelsct@debian.org>
To: Andre Espaze <andre.espaze@logilab.fr>
Cc: 598421@bugs.debian.org
Subject: CVE-2010-3377 -- security problem in a few files
Date: Thu, 30 Sep 2010 10:16:50 -0400
[Message part 1 (text/plain, inline)]
Hello Andre,

There's a security bug in the Debian package for salome due to insecure
handling of LD_LIBRARY_PATH in a couple of places, bug 598421.

To fix it, I've patched my runSalome script (this does not affect
upstream runSalome), and several upstream files, and pushed the fixes to
the alioth repository.

Can you please forward upstream the *-secure-library-path.patch files
(*=gui, med, yacs)?  Please mention that it fixes Common Vulnerabilities
and Exposures issue ID CVE-2010-3377 , as mentioned in the patches.

Thanks,
Adam
-- 
GPG fingerprint: D54D 1AEE B11C CE9B A02B  C5DD 526F 01E8 564E E4B6

Engineering consulting with open source tools
http://www.opennovation.com/
[signature.asc (application/pgp-signature, inline)]

Information forwarded to debian-bugs-dist@lists.debian.org, Debian Science Maintainers <debian-science-maintainers@lists.alioth.debian.org>:
Bug#598421; Package salome. (Wed, 13 Oct 2010 15:42:05 GMT) Full text and rfc822 format available.

Acknowledgement sent to Andre Espaze <andre.espaze@logilab.fr>:
Extra info received and forwarded to list. Copy sent to Debian Science Maintainers <debian-science-maintainers@lists.alioth.debian.org>. (Wed, 13 Oct 2010 15:42:05 GMT) Full text and rfc822 format available.

Message #32 received at 598421@bugs.debian.org (full text, mbox):

From: Andre Espaze <andre.espaze@logilab.fr>
To: Adam C Powell IV <hazelsct@debian.org>
Cc: 598421@bugs.debian.org
Subject: Re: CVE-2010-3377 -- security problem in a few files
Date: Wed, 13 Oct 2010 17:40:19 +0200
Hello Adam,
> 
> There's a security bug in the Debian package for salome due to insecure
> handling of LD_LIBRARY_PATH in a couple of places, bug 598421.
> 
> To fix it, I've patched my runSalome script (this does not affect
> upstream runSalome), and several upstream files, and pushed the fixes to
> the alioth repository.
> 
> Can you please forward upstream the *-secure-library-path.patch files
> (*=gui, med, yacs)?  Please mention that it fixes Common Vulnerabilities
> and Exposures issue ID CVE-2010-3377 , as mentioned in the patches.
Ok, I plan to submit them with the report on the 5.1.4 version. In case
it is more urgent, just let me know.

All the best,

André




Information forwarded to debian-bugs-dist@lists.debian.org, Debian Science Maintainers <debian-science-maintainers@lists.alioth.debian.org>:
Bug#598421; Package salome. (Wed, 13 Oct 2010 16:09:03 GMT) Full text and rfc822 format available.

Acknowledgement sent to Adam C Powell IV <hazelsct@debian.org>:
Extra info received and forwarded to list. Copy sent to Debian Science Maintainers <debian-science-maintainers@lists.alioth.debian.org>. (Wed, 13 Oct 2010 16:09:03 GMT) Full text and rfc822 format available.

Message #37 received at 598421@bugs.debian.org (full text, mbox):

From: Adam C Powell IV <hazelsct@debian.org>
To: Andre Espaze <andre.espaze@logilab.fr>, 598421@bugs.debian.org
Subject: Re: Bug#598421: CVE-2010-3377 -- security problem in a few files
Date: Wed, 13 Oct 2010 12:07:36 -0400
[Message part 1 (text/plain, inline)]
On Wed, 2010-10-13 at 17:40 +0200, Andre Espaze wrote:
> Hello Adam,
> > 
> > There's a security bug in the Debian package for salome due to insecure
> > handling of LD_LIBRARY_PATH in a couple of places, bug 598421.
> > 
> > To fix it, I've patched my runSalome script (this does not affect
> > upstream runSalome), and several upstream files, and pushed the fixes to
> > the alioth repository.
> > 
> > Can you please forward upstream the *-secure-library-path.patch files
> > (*=gui, med, yacs)?  Please mention that it fixes Common Vulnerabilities
> > and Exposures issue ID CVE-2010-3377 , as mentioned in the patches.
> Ok, I plan to submit them with the report on the 5.1.4 version. In case
> it is more urgent, just let me know.

Thanks.  It's not really urgent for Debian because the package is only
in unstable, and this bug is fixed in alioth.  As for upstream, it's a
locally-exploitable problem, i.e. a user can use it for privilege
escalation, so it's somewhat more important than the other patches.

Hopefully my current running build will work and I can upload 5.1.3-11
with this fix today, along with fixes for 15 other bugs (!)...

-Adam
-- 
GPG fingerprint: D54D 1AEE B11C CE9B A02B  C5DD 526F 01E8 564E E4B6

Engineering consulting with open source tools
http://www.opennovation.com/
[signature.asc (application/pgp-signature, inline)]

Reply sent to hazelsct@debian.org ("Adam C. Powell, IV"):
You have taken responsibility. (Thu, 28 Oct 2010 11:51:59 GMT) Full text and rfc822 format available.

Notification sent to Raphael Geissert <geissert@debian.org>:
Bug acknowledged by developer. (Thu, 28 Oct 2010 11:51:59 GMT) Full text and rfc822 format available.

Message #42 received at 598421-close@bugs.debian.org (full text, mbox):

From: hazelsct@debian.org ("Adam C. Powell, IV")
To: 598421-close@bugs.debian.org
Subject: Bug#598421: fixed in salome 5.1.3-11
Date: Thu, 28 Oct 2010 11:48:41 +0000
Source: salome
Source-Version: 5.1.3-11

We believe that the bug you reported is fixed in the latest version of
salome, which is due to be installed in the Debian FTP archive:

salome-common_5.1.3-11_all.deb
  to main/s/salome/salome-common_5.1.3-11_all.deb
salome-dev_5.1.3-11_amd64.deb
  to main/s/salome/salome-dev_5.1.3-11_amd64.deb
salome-doc_5.1.3-11_all.deb
  to main/s/salome/salome-doc_5.1.3-11_all.deb
salome-examples_5.1.3-11_amd64.deb
  to main/s/salome/salome-examples_5.1.3-11_amd64.deb
salome-extras_5.1.3-11_amd64.deb
  to main/s/salome/salome-extras_5.1.3-11_amd64.deb
salome-test_5.1.3-11_amd64.deb
  to main/s/salome/salome-test_5.1.3-11_amd64.deb
salome_5.1.3-11.debian.tar.gz
  to main/s/salome/salome_5.1.3-11.debian.tar.gz
salome_5.1.3-11.dsc
  to main/s/salome/salome_5.1.3-11.dsc
salome_5.1.3-11_amd64.deb
  to main/s/salome/salome_5.1.3-11_amd64.deb



A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 598421@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
"Adam C. Powell, IV" <hazelsct@debian.org> (supplier of updated salome package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.8
Date: Wed, 13 Oct 2010 10:13:20 -0400
Source: salome
Binary: salome salome-common salome-extras salome-examples salome-dev salome-test salome-doc
Architecture: source amd64 all
Version: 5.1.3-11
Distribution: unstable
Urgency: low
Maintainer: Debian Science Maintainers <debian-science-maintainers@lists.alioth.debian.org>
Changed-By: "Adam C. Powell, IV" <hazelsct@debian.org>
Description: 
 salome     - Numerical simulation pre- and post-processor
 salome-common - Numerical simulation pre- and post-processor
 salome-dev - Numerical simulation pre- and post-processor development files
 salome-doc - Numerical simulation pre- and post-processor documentation
 salome-examples - Numerical simulation pre- and post-processor documentation
 salome-extras - Numerical simulation pre- and post-processor
 salome-test - Numerical simulation pre- and post-processor development files
Closes: 584590 593656 593657 595092 595260 595281 595909 597739 598421 598480 598690 598772 598916
Changes: 
 salome (5.1.3-11) unstable; urgency=low
 .
   [ Denis Barbier ]
   * Replaced csh-style >& redirects with 2>&1 for dash (closes: #593656).
   * Added library version to StdPlugin plugin (closes: #593657).
   * Added debian/patches/quiltrc and refreshed patches to follow its style.
   * Added refresh-patches target to debian/rules.
   * Removed CSF_GraphicShr definition from runSalome, should permit removal of
     libopencascade-visualization-dev from salome Depends (closes: #595092).
 .
   [ Adam C. Powell, IV ]
   * Reorganization of binary packages (closes: #584590).
   * Removed obsolete build-in-tree patches.
   * Moved RECONFIGURE step to reconfigure-stamp target, simplifying
     build-indep-stamp target (no longer requires build-arch-stamp).
   * Stamps for each module (and docs) allow build targets to skip modules
     already done.
   * Build documentation in a separate tree and break out separate targets to
     avoid remove-build race conditions (closes: #595260, #598916).
   * Ignore -fix-clean patches because we don't use upstream's clean targets any
     more, though the patches may still be useful to upstream.
   * Added XDATA module, in the -dev package.
   * Moved graphviz back from Build-Depends to Build-Depends-Indep.
   * Created directories /usr/share/salome/MODULE_SRC with full adm_local and
     salome_adm directories (closes: #595909).
   * Have YACS configure fail without doxygen, it's required for -arch as well
     as -indep builds.
   * Fixed executable path in MED_Factory.cxx (closes: #598480).
   * Added conditionals to prevent empty LD_LIBRARY_PATH segments and arbitrary
     code execution (closes: #598421) - CVE-2010-3377 .
   * Modified GEOM idl Makefile.am and added .NOTPARALLEL: to XDATA directories
     to prevent code generation/compilation race (closes: #595281, #598772).
   * Got rid of all extra copies of xversion.py so one and only one is installed
     (closes: #598690).
   * Use a patch to remove XDATA generated files so clean restores the original
     tree.
   * Fixed a bunch of lintian warnings.
   * Significant documentation updates including a doc-base entry for salome-doc.
 .
   [ Alain Leufroy ]
   * Patched salomeloader to use the full Salomé PYTHONPATH (closes: #597739).
Checksums-Sha1: 
 7c0b8abd4cacd85311f01617aedebbfa76344b31 2356 salome_5.1.3-11.dsc
 1b4eaa27d9bb59744345d125f397ca34fc22ed73 135346 salome_5.1.3-11.debian.tar.gz
 9414cd4acb2959ccc956558b547d80b926a4ea7d 36472834 salome_5.1.3-11_amd64.deb
 1958823e6760be3b07abab2695221f17a19ae73b 336298 salome-extras_5.1.3-11_amd64.deb
 91d77b64e18b4698d481f732ca3a12b98f5b7427 64155300 salome-examples_5.1.3-11_amd64.deb
 d051b6a66b065dd6ee09bc31507b766d0931bd96 2577280 salome-dev_5.1.3-11_amd64.deb
 5be4c5cbf3366140ae4c855bb840ac6d7915b480 9682100 salome-test_5.1.3-11_amd64.deb
 cbdb49214388aaef479c260b48a4e4a67c974e78 1612554 salome-common_5.1.3-11_all.deb
 e84e97d7e729ac2b7ae07039a521700f01576b9b 32160072 salome-doc_5.1.3-11_all.deb
Checksums-Sha256: 
 8bbd6c5f81bdfbb797ec0351834442701e4032eb629bb54c59068143267fa204 2356 salome_5.1.3-11.dsc
 ae99b86c4303f8e8e46ae414cf2adbe85fad5dabceb193f26b098ddb91beba43 135346 salome_5.1.3-11.debian.tar.gz
 52f1c9d65dd49e8e274bb42c0d6f197e38cd985b26bb65c5366faa75a746ae39 36472834 salome_5.1.3-11_amd64.deb
 d0aad44bfab46280f756acb1cad5c5f8c50f35a375c93b78d0876a19f624e18e 336298 salome-extras_5.1.3-11_amd64.deb
 3c9d3678ae882e4a913494b1eee749df6a197b09e6f1621674105327d51a7968 64155300 salome-examples_5.1.3-11_amd64.deb
 d554518cb78b6c58715de1cf922146e98e9ca1bec417f00baf84808fa677bbd6 2577280 salome-dev_5.1.3-11_amd64.deb
 cfa8bae1c84f40ec3fd166645ea0eb6d4421c436014b23309bf9b3aa74bce5df 9682100 salome-test_5.1.3-11_amd64.deb
 ed6ea771a439d35066a68e4b7cd35a0c42cf2de3da14f377e432c215c7601d6e 1612554 salome-common_5.1.3-11_all.deb
 a32c4b5aee815d4173d625eeb218effc6a8e8c66d224d55dcf7b646b8ac37d89 32160072 salome-doc_5.1.3-11_all.deb
Files: 
 308af2a8320c1934c412b4a9cddbebe0 2356 science extra salome_5.1.3-11.dsc
 dc7d66ee98c155a409702e34fbe9c7c4 135346 science extra salome_5.1.3-11.debian.tar.gz
 da60af293e54c332f536c43b057251c6 36472834 science extra salome_5.1.3-11_amd64.deb
 4b8ecf09246d9f9a031c092de3bfc8df 336298 science extra salome-extras_5.1.3-11_amd64.deb
 5e2541c678dbd19c5dcb06092d3d3043 64155300 devel extra salome-examples_5.1.3-11_amd64.deb
 4076e0c760e48fdc2e4eb2d32ad192d0 2577280 devel extra salome-dev_5.1.3-11_amd64.deb
 d9dc41cb8bcac19af4c72ea1ab79b9c1 9682100 devel extra salome-test_5.1.3-11_amd64.deb
 b3cbd0dc0e5b76e6b5090a4d594f131b 1612554 science extra salome-common_5.1.3-11_all.deb
 2af132747522ac3f1263819a3b3b9173 32160072 doc extra salome-doc_5.1.3-11_all.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)

iEYEARECAAYFAky1408ACgkQUm8B6FZO5LYNQgCggLQI86kCMMFfQl+eKaO86ply
LZIAn1qKkIwFCj4qu25idCb9bxFuOhlZ
=o718
-----END PGP SIGNATURE-----





Bug archived. Request was from Debbugs Internal Request <owner@bugs.debian.org> to internal_control@bugs.debian.org. (Fri, 27 Jan 2012 07:34:17 GMT) Full text and rfc822 format available.

Send a report that this bug log contains spam.


Debian bug tracking system administrator <owner@bugs.debian.org>. Last modified: Fri Apr 25 06:51:40 2014; Machine Name: buxtehude.debian.org

Debian Bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.