Bulletin d'alerte Debian

DSA-030-2 xfree86 -- Dépassement de tampon, gestion non sécurisée de fichier temporaire et attaque de type déni de service

Date du rapport:

12 février 2001

Paquets concernés:

Vulnérabilité:

Oui

Références dans la base de données de sécurité:

Dans la base de données de suivi des bogues (chez SecurityFocus) : Identificateur BugTraq 1430, Identificateur BugTraq 2925, Identificateur BugTraq 2924.

Pour plus d'information:

Chris Evans, Joseph S. Myers, Michal Zalewski, Alan Cox, et d'autres ont noté de nombreux problèmes dans plusieurs components du système de fenêtrage X d'implémentation simple (duquel est dérivé XFree86). Même si aucune exploitation n'est connue dans le monde réel, il est tout de même conseiller de mettre à jour vos paquets XFree86 immédiatement.

La portée de cette annonce est XFree86 3.3.6 seulement, vu que c'est la version sortie avec Debian GNU/Linux 2.2 (Potato) ; les paquets Debian de XFree86 4.0 et plus ne sont pas encore sortis en tant que parties d'une distribution Debian.

Plusieurs personnes sont responsables de l'écriture de ces corrections, incluant Aaron Campbell, Paulo Cesar Pereira de Andrade, Keith Packard, David Dawes, Matthieu Herrb, Trevor Johnson, Colin Phipps et Branden Robinson.

Les serveurs X sont vulnérables d'une attaque de type déni de service lors de la négociation du protocole XC-SECURITY ;
Les clients X basés sur Xlib (donc la plupart) sont sujets à de potentiels dépassements de tampon dans les fonctions _XReply() et _XAsyncReply() s'ils se connectent à un serveur X malicieux qui a des données corrompues dans ses réponses au protocole X. NOTE : Cette attaque n'est effective que si les clients X utilisent des applications avec des privilèges élevés et au maximum elle offre un accès qu'à ce niveau de privilège. Par exemple, le client classique de X est xterm. Sur beaucoup de systèmes Unix, xterm est lié à root ; dans Debian 2.2, xterm est lié au groupe utmp, ce qui signifie qu'une exploitation effective permettrait de modifier les fichiers lastlog, utmp et wtmp -- pas d'accès root général. Notez aussi que l'attaquant doit avoir les droits suffisants pour démarrer un client X et pouvoir se connecter avec succès à un serveur X ;
Il y a un dépassement de tampon (et pas d'une pile) dans le code XDMCP de xdmnbsp;;
Il y a un dépassement de plus d'un octet dans Xtrans.c ;
Xtranssock.c est aussi sujet aux dépassements de tampon ;
Il y a un dépassement de tampon avec le drapeau -xkbmap du serveur X ;
Le widget MultiSrc dans la bibliothèque de widgets Athena ne gère pas proprement les fichiers temporaires ;
Le programme imake ne gère pas proprement les fichiers temporaires quand il exécute les règles d'install ;
La bibliothèque ICE est vulnérable aux dépassements de tampon ;
Le programme xauth ne gère pas proprement les fichiers temporaires ;
La fonction XauLock() dans la bibliothèque Xau ne gère pas proprement les fichiers temporaires ;
Les programmes gccmakedep et makedepend ne gèrent pas proprement les fichiers temporaires.

Tous ces points sont corrigés par cette nouvelle version.

Il existe plusieurs autres soucis concernant la sécurité et XFree86 qui sont annoncés avec ceux ci-dessus mais pour lesquels un système à jour Debian 2.2 N'EST PAS vulnérable :

Il y a 4 problèmes distincts avec la fonction XOpenDisplay() de Xlib par laquelle un serveur X malin pourrait causer un déni de service ou une attaque par dépassement de tampon. Comme au dessus, cette attaque est effective que si les clients X utilisent des privilèges élevés et l'attaquant doit avoir les droits suffisants pour démarrer un client X et pouvoir se connecter avec succès à un serveur X. Debian 2.2 et 2.2r1 sont vulnérables à un seul de ces problèmes car nous avons inclus des correctifs XFree86 3.3.6 pour annuler les trois autres. Une autre correction est faite dans Debian 2.2r2 réglant ce quatrième souci ;
Le widget AsciiSrc dans la bibliothèque de widgets Athena ne gère pas proprement les fichiers temporaires. Debian 2.2r2 n'est pas vulnérable car nous avons inclus un correctif ;
Le programme imake utilise mktemp() au lieu de mkstemp(). Ce problème n'existe plus dans XFree86 3.3.6 et donc aucune Debian 2.2 n'est affectée.

Ces problèmes sont corrigés dans la version 3.3.6-11potato32 et nous vous recommandons de mettre à jour vos paquets X immédiatement.

Corrigé dans:

Debian 2.2 (potato)

Source :: http://security.debian.org/dists/stable/updates/main/source/xfree86-1_3.3.6-11potato32.diff.gz; http://security.debian.org/dists/stable/updates/main/source/xfree86-1_3.3.6-11potato32.dsc; http://security.debian.org/dists/stable/updates/main/source/xfree86-1_3.3.6.orig.tar.gz
Composant indépendant de l'architecture :: http://security.debian.org/dists/stable/updates/main/binary-all/rstart_3.3.6-11potato32_all.deb; http://security.debian.org/dists/stable/updates/main/binary-all/xbase_3.3.6-11potato32_all.deb; http://security.debian.org/dists/stable/updates/main/binary-all/xfree86-common_3.3.6-11potato32_all.deb
alpha:: http://security.debian.org/dists/stable/updates/main/binary-alpha/rstartd_3.3.6-11potato32_alpha.deb; http://security.debian.org/dists/stable/updates/main/binary-alpha/twm_3.3.6-11potato32_alpha.deb; http://security.debian.org/dists/stable/updates/main/binary-alpha/xbase-clients_3.3.6-11potato32_alpha.deb; http://security.debian.org/dists/stable/updates/main/binary-alpha/xdm_3.3.6-11potato32_alpha.deb; http://security.debian.org/dists/stable/updates/main/binary-alpha/xext_3.3.6-11potato32_alpha.deb; http://security.debian.org/dists/stable/updates/main/binary-alpha/xf86setup_3.3.6-11potato32_alpha.deb; http://security.debian.org/dists/stable/updates/main/binary-alpha/xlib6g-dev_3.3.6-11potato32_alpha.deb; http://security.debian.org/dists/stable/updates/main/binary-alpha/xlib6g-static_3.3.6-11potato32_alpha.deb; http://security.debian.org/dists/stable/updates/main/binary-alpha/xlib6g_3.3.6-11potato32_alpha.deb; http://security.debian.org/dists/stable/updates/main/binary-alpha/xmh_3.3.6-11potato32_alpha.deb; http://security.debian.org/dists/stable/updates/main/binary-alpha/xnest_3.3.6-11potato32_alpha.deb; http://security.debian.org/dists/stable/updates/main/binary-alpha/xproxy_3.3.6-11potato32_alpha.deb; http://security.debian.org/dists/stable/updates/main/binary-alpha/xprt_3.3.6-11potato32_alpha.deb; http://security.debian.org/dists/stable/updates/main/binary-alpha/xserver-3dlabs_3.3.6-11potato32_alpha.deb; http://security.debian.org/dists/stable/updates/main/binary-alpha/xserver-common_3.3.6-11potato32_alpha.deb; http://security.debian.org/dists/stable/updates/main/binary-alpha/xserver-fbdev_3.3.6-11potato32_alpha.deb; http://security.debian.org/dists/stable/updates/main/binary-alpha/xserver-i128_3.3.6-11potato32_alpha.deb; http://security.debian.org/dists/stable/updates/main/binary-alpha/xserver-mach64_3.3.6-11potato32_alpa.deb; http://security.debian.org/dists/stable/updates/main/binary-alpha/xserver-mono_3.3.6-11potato32_alpha.deb; http://security.debian.org/dists/stable/updates/main/binary-alpha/xserver-p9000_3.3.6-11potato32_alpha.deb; http://security.debian.org/dists/stable/updates/main/binary-alpha/xserver-s3_3.3.6-11potato32_alpha.deb; http://security.debian.org/dists/stable/updates/main/binary-alpha/xserver-s3v_3.3.6-11potato32_alpha.deb; http://security.debian.org/dists/stable/updates/main/binary-alpha/xserver-svga_3.3.6-11potato32_alpha.deb; http://security.debian.org/dists/stable/updates/main/binary-alpha/xserver-tga_3.3.6-11potato32_alpha.deb; http://security.debian.org/dists/stable/updates/main/binary-alpha/xserver-vga16_3.3.6-11potato32_alpha.deb; http://security.debian.org/dists/stable/updates/main/binary-alpha/xsm_3.3.6-11potato32_alpha.deb; http://security.debian.org/dists/stable/updates/main/binary-alpha/xterm_3.3.6-11potato32_alpha.deb; http://security.debian.org/dists/stable/updates/main/binary-alpha/xvfb_3.3.6-11potato32_alpha.deb
arm:: http://security.debian.org/dists/stable/updates/main/binary-arm/rstartd_3.3.6-11potato32_arm.deb; http://security.debian.org/dists/stable/updates/main/binary-arm/twm_3.3.6-11potato32_arm.deb; http://security.debian.org/dists/stable/updates/main/binary-arm/xbase-clients_3.3.6-11potato32_arm.deb; http://security.debian.org/dists/stable/updates/main/binary-arm/xdm_3.3.6-11potato32_arm.deb; http://security.debian.org/dists/stable/updates/main/binary-arm/xext_3.3.6-11potato32_arm.deb; http://security.debian.org/dists/stable/updates/main/binary-arm/xf86setup_3.3.6-11potato32_arm.deb; http://security.debian.org/dists/stable/updates/main/binary-arm/xlib6g-dev_3.3.6-11potato32_arm.deb; http://security.debian.org/dists/stable/updates/main/binary-arm/xlib6g-static_3.3.6-11potato32_arm.deb; http://security.debian.org/dists/stable/updates/main/binary-arm/xlib6g_3.3.6-11potato32_arm.deb; http://security.debian.org/dists/stable/updates/main/binary-arm/xmh_3.3.6-11potato32_arm.deb; http://security.debian.org/dists/stable/updates/main/binary-arm/xnest_3.3.6-11potato32_arm.deb; http://security.debian.org/dists/stable/updates/main/binary-arm/xproxy_3.3.6-11potato32_arm.deb; http://security.debian.org/dists/stable/updates/main/binary-arm/xprt_3.3.6-11potato32_arm.deb; http://security.debian.org/dists/stable/updates/main/binary-arm/xserver-3dlabs_3.3.6-11potato32_arm.deb; http://security.debian.org/dists/stable/updates/main/binary-arm/xserver-common_3.3.6-11potato32_arm.deb; http://security.debian.org/dists/stable/updates/main/binary-arm/xserver-fbdev_3.3.6-11potato32_arm.deb; http://security.debian.org/dists/stable/updates/main/binary-arm/xserver-i128_3.3.6-11potato32_arm.deb; http://security.debian.org/dists/stable/updates/main/binary-arm/xserver-mach64_3.3.6-11potato32_alpa.deb; http://security.debian.org/dists/stable/updates/main/binary-arm/xserver-mono_3.3.6-11potato32_arm.deb; http://security.debian.org/dists/stable/updates/main/binary-arm/xserver-p9000_3.3.6-11potato32_arm.deb; http://security.debian.org/dists/stable/updates/main/binary-arm/xserver-s3_3.3.6-11potato32_arm.deb; http://security.debian.org/dists/stable/updates/main/binary-arm/xserver-s3v_3.3.6-11potato32_arm.deb; http://security.debian.org/dists/stable/updates/main/binary-arm/xserver-svga_3.3.6-11potato32_arm.deb; http://security.debian.org/dists/stable/updates/main/binary-arm/xserver-tga_3.3.6-11potato32_arm.deb; http://security.debian.org/dists/stable/updates/main/binary-arm/xserver-vga16_3.3.6-11potato32_arm.deb; http://security.debian.org/dists/stable/updates/main/binary-arm/xsm_3.3.6-11potato32_arm.deb; http://security.debian.org/dists/stable/updates/main/binary-arm/xterm_3.3.6-11potato32_arm.deb; http://security.debian.org/dists/stable/updates/main/binary-arm/xvfb_3.3.6-11potato32_arm.deb
i386:: http://security.debian.org/dists/stable/updates/main/binary-i386/rstartd_3.3.6-11potato32_i386.deb; http://security.debian.org/dists/stable/updates/main/binary-i386/twm_3.3.6-11potato32_i386.deb; http://security.debian.org/dists/stable/updates/main/binary-i386/xbase-clients_3.3.6-11potato32_i386.deb; http://security.debian.org/dists/stable/updates/main/binary-i386/xdm_3.3.6-11potato32_i386.deb; http://security.debian.org/dists/stable/updates/main/binary-i386/xext_3.3.6-11potato32_i386.deb; http://security.debian.org/dists/stable/updates/main/binary-i386/xf86setup_3.3.6-11potato32_i386.deb; http://security.debian.org/dists/stable/updates/main/binary-i386/xlib6g-dev_3.3.6-11potato32_i386.deb; http://security.debian.org/dists/stable/updates/main/binary-i386/xlib6g-static_3.3.6-11potato32_i386.deb; http://security.debian.org/dists/stable/updates/main/binary-i386/xlib6g_3.3.6-11potato32_i386.deb; http://security.debian.org/dists/stable/updates/main/binary-i386/xmh_3.3.6-11potato32_i386.deb; http://security.debian.org/dists/stable/updates/main/binary-i386/xnest_3.3.6-11potato32_i386.deb; http://security.debian.org/dists/stable/updates/main/binary-i386/xproxy_3.3.6-11potato32_i386.deb; http://security.debian.org/dists/stable/updates/main/binary-i386/xprt_3.3.6-11potato32_i386.deb; http://security.debian.org/dists/stable/updates/main/binary-i386/xserver-3dlabs_3.3.6-11potato32_i386.deb; http://security.debian.org/dists/stable/updates/main/binary-i386/xserver-common_3.3.6-11potato32_i386.deb; http://security.debian.org/dists/stable/updates/main/binary-i386/xserver-fbdev_3.3.6-11potato32_i386.deb; http://security.debian.org/dists/stable/updates/main/binary-i386/xserver-i128_3.3.6-11potato32_i386.deb; http://security.debian.org/dists/stable/updates/main/binary-i386/xserver-mach64_3.3.6-11potato32_alpa.deb; http://security.debian.org/dists/stable/updates/main/binary-i386/xserver-mono_3.3.6-11potato32_i386.deb; http://security.debian.org/dists/stable/updates/main/binary-i386/xserver-p9000_3.3.6-11potato32_i386.deb; http://security.debian.org/dists/stable/updates/main/binary-i386/xserver-s3_3.3.6-11potato32_i386.deb; http://security.debian.org/dists/stable/updates/main/binary-i386/xserver-s3v_3.3.6-11potato32_i386.deb; http://security.debian.org/dists/stable/updates/main/binary-i386/xserver-svga_3.3.6-11potato32_i386.deb; http://security.debian.org/dists/stable/updates/main/binary-i386/xserver-tga_3.3.6-11potato32_i386.deb; http://security.debian.org/dists/stable/updates/main/binary-i386/xserver-vga16_3.3.6-11potato32_i386.deb; http://security.debian.org/dists/stable/updates/main/binary-i386/xsm_3.3.6-11potato32_i386.deb; http://security.debian.org/dists/stable/updates/main/binary-i386/xterm_3.3.6-11potato32_i386.deb; http://security.debian.org/dists/stable/updates/main/binary-i386/xvfb_3.3.6-11potato32_i386.deb
m68k:: http://security.debian.org/dists/stable/updates/main/binary-m68k/rstartd_3.3.6-11potato32_m68k.deb; http://security.debian.org/dists/stable/updates/main/binary-m68k/twm_3.3.6-11potato32_m68k.deb; http://security.debian.org/dists/stable/updates/main/binary-m68k/xbase-clients_3.3.6-11potato32_m68k.deb; http://security.debian.org/dists/stable/updates/main/binary-m68k/xdm_3.3.6-11potato32_m68k.deb; http://security.debian.org/dists/stable/updates/main/binary-m68k/xext_3.3.6-11potato32_m68k.deb; http://security.debian.org/dists/stable/updates/main/binary-m68k/xf86setup_3.3.6-11potato32_m68k.deb; http://security.debian.org/dists/stable/updates/main/binary-m68k/xlib6g-dev_3.3.6-11potato32_m68k.deb; http://security.debian.org/dists/stable/updates/main/binary-m68k/xlib6g-static_3.3.6-11potato32_m68k.deb; http://security.debian.org/dists/stable/updates/main/binary-m68k/xlib6g_3.3.6-11potato32_m68k.deb; http://security.debian.org/dists/stable/updates/main/binary-m68k/xmh_3.3.6-11potato32_m68k.deb; http://security.debian.org/dists/stable/updates/main/binary-m68k/xnest_3.3.6-11potato32_m68k.deb; http://security.debian.org/dists/stable/updates/main/binary-m68k/xproxy_3.3.6-11potato32_m68k.deb; http://security.debian.org/dists/stable/updates/main/binary-m68k/xprt_3.3.6-11potato32_m68k.deb; http://security.debian.org/dists/stable/updates/main/binary-m68k/xserver-3dlabs_3.3.6-11potato32_m68k.deb; http://security.debian.org/dists/stable/updates/main/binary-m68k/xserver-common_3.3.6-11potato32_m68k.deb; http://security.debian.org/dists/stable/updates/main/binary-m68k/xserver-fbdev_3.3.6-11potato32_m68k.deb; http://security.debian.org/dists/stable/updates/main/binary-m68k/xserver-i128_3.3.6-11potato32_m68k.deb; http://security.debian.org/dists/stable/updates/main/binary-m68k/xserver-mach64_3.3.6-11potato32_alpa.deb; http://security.debian.org/dists/stable/updates/main/binary-m68k/xserver-mono_3.3.6-11potato32_m68k.deb; http://security.debian.org/dists/stable/updates/main/binary-m68k/xserver-p9000_3.3.6-11potato32_m68k.deb; http://security.debian.org/dists/stable/updates/main/binary-m68k/xserver-s3_3.3.6-11potato32_m68k.deb; http://security.debian.org/dists/stable/updates/main/binary-m68k/xserver-s3v_3.3.6-11potato32_m68k.deb; http://security.debian.org/dists/stable/updates/main/binary-m68k/xserver-svga_3.3.6-11potato32_m68k.deb; http://security.debian.org/dists/stable/updates/main/binary-m68k/xserver-tga_3.3.6-11potato32_m68k.deb; http://security.debian.org/dists/stable/updates/main/binary-m68k/xserver-vga16_3.3.6-11potato32_m68k.deb; http://security.debian.org/dists/stable/updates/main/binary-m68k/xsm_3.3.6-11potato32_m68k.deb; http://security.debian.org/dists/stable/updates/main/binary-m68k/xterm_3.3.6-11potato32_m68k.deb; http://security.debian.org/dists/stable/updates/main/binary-m68k/xvfb_3.3.6-11potato32_m68k.deb
powerpc:: http://security.debian.org/dists/stable/updates/main/binary-powerpc/rstartd_3.3.6-11potato32_powerpc.deb; http://security.debian.org/dists/stable/updates/main/binary-powerpc/twm_3.3.6-11potato32_powerpc.deb; http://security.debian.org/dists/stable/updates/main/binary-powerpc/xbase-clients_3.3.6-11potato32_powerpc.deb; http://security.debian.org/dists/stable/updates/main/binary-powerpc/xdm_3.3.6-11potato32_powerpc.deb; http://security.debian.org/dists/stable/updates/main/binary-powerpc/xext_3.3.6-11potato32_powerpc.deb; http://security.debian.org/dists/stable/updates/main/binary-powerpc/xf86setup_3.3.6-11potato32_powerpc.deb; http://security.debian.org/dists/stable/updates/main/binary-powerpc/xlib6g-dev_3.3.6-11potato32_powerpc.deb; http://security.debian.org/dists/stable/updates/main/binary-powerpc/xlib6g-static_3.3.6-11potato32_powerpc.deb; http://security.debian.org/dists/stable/updates/main/binary-powerpc/xlib6g_3.3.6-11potato32_powerpc.deb; http://security.debian.org/dists/stable/updates/main/binary-powerpc/xmh_3.3.6-11potato32_powerpc.deb; http://security.debian.org/dists/stable/updates/main/binary-powerpc/xnest_3.3.6-11potato32_powerpc.deb; http://security.debian.org/dists/stable/updates/main/binary-powerpc/xproxy_3.3.6-11potato32_powerpc.deb; http://security.debian.org/dists/stable/updates/main/binary-powerpc/xprt_3.3.6-11potato32_powerpc.deb; http://security.debian.org/dists/stable/updates/main/binary-powerpc/xserver-3dlabs_3.3.6-11potato32_powerpc.deb; http://security.debian.org/dists/stable/updates/main/binary-powerpc/xserver-common_3.3.6-11potato32_powerpc.deb; http://security.debian.org/dists/stable/updates/main/binary-powerpc/xserver-fbdev_3.3.6-11potato32_powerpc.deb; http://security.debian.org/dists/stable/updates/main/binary-powerpc/xserver-i128_3.3.6-11potato32_powerpc.deb; http://security.debian.org/dists/stable/updates/main/binary-powerpc/xserver-mach64_3.3.6-11potato32_alpa.deb; http://security.debian.org/dists/stable/updates/main/binary-powerpc/xserver-mono_3.3.6-11potato32_powerpc.deb; http://security.debian.org/dists/stable/updates/main/binary-powerpc/xserver-p9000_3.3.6-11potato32_powerpc.deb; http://security.debian.org/dists/stable/updates/main/binary-powerpc/xserver-s3_3.3.6-11potato32_powerpc.deb; http://security.debian.org/dists/stable/updates/main/binary-powerpc/xserver-s3v_3.3.6-11potato32_powerpc.deb; http://security.debian.org/dists/stable/updates/main/binary-powerpc/xserver-svga_3.3.6-11potato32_powerpc.deb; http://security.debian.org/dists/stable/updates/main/binary-powerpc/xserver-tga_3.3.6-11potato32_powerpc.deb; http://security.debian.org/dists/stable/updates/main/binary-powerpc/xserver-vga16_3.3.6-11potato32_powerpc.deb; http://security.debian.org/dists/stable/updates/main/binary-powerpc/xsm_3.3.6-11potato32_powerpc.deb; http://security.debian.org/dists/stable/updates/main/binary-powerpc/xterm_3.3.6-11potato32_powerpc.deb; http://security.debian.org/dists/stable/updates/main/binary-powerpc/xvfb_3.3.6-11potato32_powerpc.deb
sparc:: http://security.debian.org/dists/stable/updates/main/binary-sparc/rstartd_3.3.6-11potato32_sparc.deb; http://security.debian.org/dists/stable/updates/main/binary-sparc/twm_3.3.6-11potato32_sparc.deb; http://security.debian.org/dists/stable/updates/main/binary-sparc/xbase-clients_3.3.6-11potato32_sparc.deb; http://security.debian.org/dists/stable/updates/main/binary-sparc/xdm_3.3.6-11potato32_sparc.deb; http://security.debian.org/dists/stable/updates/main/binary-sparc/xext_3.3.6-11potato32_sparc.deb; http://security.debian.org/dists/stable/updates/main/binary-sparc/xf86setup_3.3.6-11potato32_sparc.deb; http://security.debian.org/dists/stable/updates/main/binary-sparc/xlib6g-dev_3.3.6-11potato32_sparc.deb; http://security.debian.org/dists/stable/updates/main/binary-sparc/xlib6g-static_3.3.6-11potato32_sparc.deb; http://security.debian.org/dists/stable/updates/main/binary-sparc/xlib6g_3.3.6-11potato32_sparc.deb; http://security.debian.org/dists/stable/updates/main/binary-sparc/xmh_3.3.6-11potato32_sparc.deb; http://security.debian.org/dists/stable/updates/main/binary-sparc/xnest_3.3.6-11potato32_sparc.deb; http://security.debian.org/dists/stable/updates/main/binary-sparc/xproxy_3.3.6-11potato32_sparc.deb; http://security.debian.org/dists/stable/updates/main/binary-sparc/xprt_3.3.6-11potato32_sparc.deb; http://security.debian.org/dists/stable/updates/main/binary-sparc/xserver-3dlabs_3.3.6-11potato32_sparc.deb; http://security.debian.org/dists/stable/updates/main/binary-sparc/xserver-common_3.3.6-11potato32_sparc.deb; http://security.debian.org/dists/stable/updates/main/binary-sparc/xserver-fbdev_3.3.6-11potato32_sparc.deb; http://security.debian.org/dists/stable/updates/main/binary-sparc/xserver-i128_3.3.6-11potato32_sparc.deb; http://security.debian.org/dists/stable/updates/main/binary-sparc/xserver-mach64_3.3.6-11potato32_alpa.deb; http://security.debian.org/dists/stable/updates/main/binary-sparc/xserver-mono_3.3.6-11potato32_sparc.deb; http://security.debian.org/dists/stable/updates/main/binary-sparc/xserver-p9000_3.3.6-11potato32_sparc.deb; http://security.debian.org/dists/stable/updates/main/binary-sparc/xserver-s3_3.3.6-11potato32_sparc.deb; http://security.debian.org/dists/stable/updates/main/binary-sparc/xserver-s3v_3.3.6-11potato32_sparc.deb; http://security.debian.org/dists/stable/updates/main/binary-sparc/xserver-svga_3.3.6-11potato32_sparc.deb; http://security.debian.org/dists/stable/updates/main/binary-sparc/xserver-tga_3.3.6-11potato32_sparc.deb; http://security.debian.org/dists/stable/updates/main/binary-sparc/xserver-vga16_3.3.6-11potato32_sparc.deb; http://security.debian.org/dists/stable/updates/main/binary-sparc/xsm_3.3.6-11potato32_sparc.deb; http://security.debian.org/dists/stable/updates/main/binary-sparc/xterm_3.3.6-11potato32_sparc.deb; http://security.debian.org/dists/stable/updates/main/binary-sparc/xvfb_3.3.6-11potato32_sparc.deb