Debian DSA-1526-1 : xwine - several vulnerabilities
2008-03-21T00:00:00
ID DEBIAN_DSA-1526.NASL Type nessus Reporter This script is Copyright (C) 2008-2021 and is owned by Tenable, Inc. or an Affiliate thereof. Modified 2008-03-21T00:00:00
Description
Steve Kemp from the Debian Security Audit project discovered several
local vulnerabilities in xwine, a graphical user interface for the
WINE emulator.
The Common Vulnerabilities and Exposures project identifies the
following problems :
CVE-2008-0930
The xwine command makes unsafe use of local temporary
files when printing. This could allow the removal of
arbitrary files belonging to users who invoke the
program.
CVE-2008-0931
The xwine command changes the permissions of the global
WINE configuration file such that it is world-writable.
This could allow local users to edit it such that
arbitrary commands could be executed whenever any local
user executed a program under WINE.
#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Debian Security Advisory DSA-1526. The text
# itself is copyright (C) Software in the Public Interest, Inc.
#
include('deprecated_nasl_level.inc');
include('compat.inc');
if (description)
{
script_id(31632);
script_version("1.19");
script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/04");
script_cve_id("CVE-2008-0930", "CVE-2008-0931");
script_xref(name:"DSA", value:"1526");
script_name(english:"Debian DSA-1526-1 : xwine - several vulnerabilities");
script_summary(english:"Checks dpkg output for the updated package");
script_set_attribute(
attribute:"synopsis",
value:"The remote Debian host is missing a security-related update."
);
script_set_attribute(
attribute:"description",
value:
"Steve Kemp from the Debian Security Audit project discovered several
local vulnerabilities in xwine, a graphical user interface for the
WINE emulator.
The Common Vulnerabilities and Exposures project identifies the
following problems :
- CVE-2008-0930
The xwine command makes unsafe use of local temporary
files when printing. This could allow the removal of
arbitrary files belonging to users who invoke the
program.
- CVE-2008-0931
The xwine command changes the permissions of the global
WINE configuration file such that it is world-writable.
This could allow local users to edit it such that
arbitrary commands could be executed whenever any local
user executed a program under WINE."
);
script_set_attribute(
attribute:"see_also",
value:"https://security-tracker.debian.org/tracker/CVE-2008-0930"
);
script_set_attribute(
attribute:"see_also",
value:"https://security-tracker.debian.org/tracker/CVE-2008-0931"
);
script_set_attribute(
attribute:"see_also",
value:"https://www.debian.org/security/2008/dsa-1526"
);
script_set_attribute(
attribute:"solution",
value:
"Upgrade the xwine package.
For the stable distribution (etch), these problems have been fixed in
version 1.0.1-1etch1."
);
script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C");
script_cwe_id(59, 264);
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:xwine");
script_set_attribute(attribute:"cpe", value:"cpe:/o:debian:debian_linux:4.0");
script_set_attribute(attribute:"patch_publication_date", value:"2008/03/20");
script_set_attribute(attribute:"plugin_publication_date", value:"2008/03/21");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_copyright(english:"This script is Copyright (C) 2008-2021 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_family(english:"Debian Local Security Checks");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/Debian/release", "Host/Debian/dpkg-l");
exit(0);
}
include("audit.inc");
include("debian_package.inc");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if (!get_kb_item("Host/Debian/release")) audit(AUDIT_OS_NOT, "Debian");
if (!get_kb_item("Host/Debian/dpkg-l")) audit(AUDIT_PACKAGE_LIST_MISSING);
flag = 0;
if (deb_check(release:"4.0", prefix:"xwine", reference:"1.0.1-1etch1")) flag++;
if (flag)
{
if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());
else security_hole(0);
exit(0);
}
else audit(AUDIT_HOST_NOT, "affected");
{"id": "DEBIAN_DSA-1526.NASL", "bulletinFamily": "scanner", "title": "Debian DSA-1526-1 : xwine - several vulnerabilities", "description": "Steve Kemp from the Debian Security Audit project discovered several\nlocal vulnerabilities in xwine, a graphical user interface for the\nWINE emulator.\n\nThe Common Vulnerabilities and Exposures project identifies the\nfollowing problems :\n\n - CVE-2008-0930\n The xwine command makes unsafe use of local temporary\n files when printing. This could allow the removal of\n arbitrary files belonging to users who invoke the\n program.\n\n - CVE-2008-0931\n The xwine command changes the permissions of the global\n WINE configuration file such that it is world-writable.\n This could allow local users to edit it such that\n arbitrary commands could be executed whenever any local\n user executed a program under WINE.", "published": "2008-03-21T00:00:00", "modified": "2008-03-21T00:00:00", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}, "href": "https://www.tenable.com/plugins/nessus/31632", "reporter": "This script is Copyright (C) 2008-2021 and is owned by Tenable, Inc. or an Affiliate thereof.", "references": ["https://www.debian.org/security/2008/dsa-1526", "https://security-tracker.debian.org/tracker/CVE-2008-0930", "https://security-tracker.debian.org/tracker/CVE-2008-0931"], "cvelist": ["CVE-2008-0930", "CVE-2008-0931"], "type": "nessus", "lastseen": "2021-01-06T09:44:59", "edition": 27, "viewCount": 13, "enchantments": {"dependencies": {"references": [{"type": "cve", "idList": ["CVE-2008-0930", "CVE-2008-0931"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:19461", "SECURITYVULNS:VULN:8810"]}, {"type": "debian", "idList": ["DEBIAN:DSA-1522-1:F3B7C"]}], "modified": "2021-01-06T09:44:59", "rev": 2}, "score": {"value": 6.2, "vector": "NONE", "modified": "2021-01-06T09:44:59", "rev": 2}, "vulnersScore": 6.2}, "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-1526. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(31632);\n script_version(\"1.19\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2008-0930\", \"CVE-2008-0931\");\n script_xref(name:\"DSA\", value:\"1526\");\n\n script_name(english:\"Debian DSA-1526-1 : xwine - several vulnerabilities\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Steve Kemp from the Debian Security Audit project discovered several\nlocal vulnerabilities in xwine, a graphical user interface for the\nWINE emulator.\n\nThe Common Vulnerabilities and Exposures project identifies the\nfollowing problems :\n\n - CVE-2008-0930\n The xwine command makes unsafe use of local temporary\n files when printing. This could allow the removal of\n arbitrary files belonging to users who invoke the\n program.\n\n - CVE-2008-0931\n The xwine command changes the permissions of the global\n WINE configuration file such that it is world-writable.\n This could allow local users to edit it such that\n arbitrary commands could be executed whenever any local\n user executed a program under WINE.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2008-0930\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2008-0931\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2008/dsa-1526\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the xwine package.\n\nFor the stable distribution (etch), these problems have been fixed in\nversion 1.0.1-1etch1.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_cwe_id(59, 264);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:xwine\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:4.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/03/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2008/03/21\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2008-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"4.0\", prefix:\"xwine\", reference:\"1.0.1-1etch1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "naslFamily": "Debian Local Security Checks", "pluginID": "31632", "cpe": ["cpe:/o:debian:debian_linux:4.0", "p-cpe:/a:debian:debian_linux:xwine"], "scheme": null}
{"cve": [{"lastseen": "2020-10-03T11:50:57", "description": "w_export.c in XWine 1.0.1 on Debian GNU/Linux sets insecure permissions (0666) for /etc/wine/config, which might allow local users to execute arbitrary commands or cause a denial of service by modifying the file.", "edition": 3, "cvss3": {}, "published": "2008-03-04T00:44:00", "title": "CVE-2008-0931", "type": "cve", "cwe": ["CWE-264"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.4, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 6.3, "vectorString": "AV:L/AC:M/Au:N/C:N/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 9.2, "obtainUserPrivilege": false}, "cvelist": ["CVE-2008-0931"], "modified": "2008-09-05T21:36:00", "cpe": ["cpe:/a:xwine:xwine:1.0.1"], "id": "CVE-2008-0931", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-0931", "cvss": {"score": 6.3, "vector": "AV:L/AC:M/Au:N/C:N/I:C/A:C"}, "cpe23": ["cpe:2.3:a:xwine:xwine:1.0.1:*:*:*:*:*:*:*"]}, {"lastseen": "2020-10-03T11:50:57", "description": "w_editeur.c in XWine 1.0.1 for Debian GNU/Linux allows local users to overwrite or print arbitrary files via a symlink attack on the temporaire temporary file. NOTE: some of these details are obtained from third party information.", "edition": 3, "cvss3": {}, "published": "2008-03-04T00:44:00", "title": "CVE-2008-0930", "type": "cve", "cwe": ["CWE-59"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2008-0930"], "modified": "2008-09-05T21:36:00", "cpe": ["cpe:/a:freshmeat:xwine:1.0.1"], "id": "CVE-2008-0930", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-0930", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:a:freshmeat:xwine:1.0.1:*:*:*:*:*:*:*"]}], "securityvulns": [{"lastseen": "2018-08-31T11:10:25", "bulletinFamily": "software", "cvelist": ["CVE-2008-0930", "CVE-2008-0931"], "description": "-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\n- ------------------------------------------------------------------------\r\nDebian Security Advisory DSA-1526-1 security@debian.org\r\nhttp://www.debian.org/security/ Steve Kemp\r\nMarch 20, 2008 http://www.debian.org/security/faq\r\n- ------------------------------------------------------------------------\r\n\r\nPackage : xwine\r\nVulnerability : various\r\nProblem type : local\r\nDebian-specific: no\r\nCVE Id(s) : CVE-2008-0930 CVE-2008-0931\r\n\r\nSteve Kemp from the Debian Security Audit project discovered several local\r\nvulnerabilities have been discovered in xwine, a graphical user interface\r\nfor the WINE emulator.\r\n\r\nThe Common Vulnerabilities and Exposures project identifies the following\r\nproblems:\r\n\r\nCVE-2008-0930\r\n The xwine command makes unsafe use of local temporary files when\r\n printing. This could allow the removal of arbitrary files belonging\r\n to users who invoke the program.\r\n\r\nCVE-2008-0931\r\n The xwine command changes the permissions of the global WINE configuration\r\n file such that it is world-writable. This could allow local users to edit\r\n it such that arbitrary commands could be executed whenever any local user\r\n executed a program under WINE.\r\n\r\nFor the stable distribution (etch), these problems have been fixed in version\r\n1.0.1-1etch1.\r\n\r\nWe recommend that you upgrade your xwine package.\r\n\r\n\r\nUpgrade instructions\r\n- --------------------\r\n\r\nwget url\r\n will fetch the file for you\r\ndpkg -i file.deb\r\n will install the referenced file.\r\n\r\nIf you are using the apt-get package manager, use the line for\r\nsources.list as given below:\r\n\r\napt-get update\r\n will update the internal database\r\napt-get upgrade\r\n will install corrected packages\r\n\r\nYou may use an automated update by adding the resources from the\r\nfooter to the proper configuration.\r\n\r\n\r\nDebian GNU/Linux 4.0 alias etch\r\n- -------------------------------\r\n\r\nSource archives:\r\n\r\n http://security.debian.org/pool/updates/main/x/xwine/xwine_1.0.1-1etch1.diff.gz\r\n Size/MD5 checksum: 27365 a7f1316789d0d54fbfdfbbbca8fb5c27\r\n http://security.debian.org/pool/updates/main/x/xwine/xwine_1.0.1-1etch1.dsc\r\n Size/MD5 checksum: 619 477cc8074941df31e0d3c04c2d5ecf90\r\n http://security.debian.org/pool/updates/main/x/xwine/xwine_1.0.1.orig.tar.gz\r\n Size/MD5 checksum: 1527684 2748b66d5ab0b4cc172cbb296cc8363b\r\n\r\nalpha architecture (DEC Alpha)\r\n\r\n http://security.debian.org/pool/updates/main/x/xwine/xwine_1.0.1-1etch1_alpha.deb\r\n Size/MD5 checksum: 1078778 f7f62194f4bcfcf08b3f24c2caad2cf0\r\n\r\namd64 architecture (AMD x86_64 (AMD64))\r\n\r\n http://security.debian.org/pool/updates/main/x/xwine/xwine_1.0.1-1etch1_amd64.deb\r\n Size/MD5 checksum: 1044810 5a9c6db84637c399f53ac631685d359d\r\n\r\narm architecture (ARM)\r\n\r\n http://security.debian.org/pool/updates/main/x/xwine/xwine_1.0.1-1etch1_arm.deb\r\n Size/MD5 checksum: 1042890 88b6f1cc95a3d1064be79c420535b70c\r\n\r\nhppa architecture (HP PA RISC)\r\n\r\n http://security.debian.org/pool/updates/main/x/xwine/xwine_1.0.1-1etch1_hppa.deb\r\n Size/MD5 checksum: 1054266 9eb4ea73d3ea9eef16f9f8002e9b3d43\r\n\r\ni386 architecture (Intel ia32)\r\n\r\n http://security.debian.org/pool/updates/main/x/xwine/xwine_1.0.1-1etch1_i386.deb\r\n Size/MD5 checksum: 1049258 caf4aeb5e2a45b6c38abe8f5e0c7fb61\r\n\r\nia64 architecture (Intel ia64)\r\n\r\n http://security.debian.org/pool/updates/main/x/xwine/xwine_1.0.1-1etch1_ia64.deb\r\n Size/MD5 checksum: 1099784 a3a5facdb404d481df42ee386402b4fa\r\n\r\npowerpc architecture (PowerPC)\r\n\r\n http://security.debian.org/pool/updates/main/x/xwine/xwine_1.0.1-1etch1_powerpc.deb\r\n Size/MD5 checksum: 1045496 74235e48bda3cb5b43f589be5962c65f\r\n\r\ns390 architecture (IBM S/390)\r\n\r\n http://security.debian.org/pool/updates/main/x/xwine/xwine_1.0.1-1etch1_s390.deb\r\n Size/MD5 checksum: 1021898 374b7326c9092fba9d34eea4e3d69ce0\r\n\r\nsparc architecture (Sun SPARC/UltraSPARC)\r\n\r\n http://security.debian.org/pool/updates/main/x/xwine/xwine_1.0.1-1etch1_sparc.deb\r\n Size/MD5 checksum: 1037724 32c6b9725b87a9f81074667290fab29b\r\n\r\n\r\n These files will probably be moved into the stable distribution on\r\n its next update.\r\n\r\n- ---------------------------------------------------------------------------------\r\nFor apt-get: deb http://security.debian.org/ stable/updates main\r\nFor dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main\r\nMailing list: debian-security-announce@lists.debian.org\r\nPackage info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG v1.4.6 (GNU/Linux)\r\n\r\niD8DBQFH4rYOwM/Gs81MDZ0RAhM/AKClVPQIykIm2h9v/Te/vgF6Tb5RkgCgrWlL\r\nkEKXH2c6/XFtM4lF0jSFrIM=\r\n=Iknm\r\n-----END PGP SIGNATURE-----", "edition": 1, "modified": "2008-03-20T00:00:00", "published": "2008-03-20T00:00:00", "id": "SECURITYVULNS:DOC:19461", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:19461", "title": "[SECURITY] [DSA 1522-1] New xwine packages fix several vulnerabilities", "type": "securityvulns", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T11:09:28", "bulletinFamily": "software", "cvelist": ["CVE-2008-0930", "CVE-2008-0931"], "description": "Symbolic links problem on temporary files creation, weak configuration file permissions.", "edition": 1, "modified": "2008-03-20T00:00:00", "published": "2008-03-20T00:00:00", "id": "SECURITYVULNS:VULN:8810", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:8810", "title": "XWine WINE graphical interface multiple security vulnerabilities", "type": "securityvulns", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "debian": [{"lastseen": "2020-08-12T00:51:10", "bulletinFamily": "unix", "cvelist": ["CVE-2008-0930", "CVE-2008-0931"], "description": "- ------------------------------------------------------------------------\nDebian Security Advisory DSA-1526-1 security@debian.org\nhttp://www.debian.org/security/ Steve Kemp\nMarch 20, 2008 http://www.debian.org/security/faq\n- ------------------------------------------------------------------------\n\nPackage : xwine\nVulnerability : various\nProblem type : local\nDebian-specific: no\nCVE Id(s) : CVE-2008-0930 CVE-2008-0931\n\nSteve Kemp from the Debian Security Audit project discovered several local\nvulnerabilities have been discovered in xwine, a graphical user interface\nfor the WINE emulator.\n\nThe Common Vulnerabilities and Exposures project identifies the following\nproblems:\n\nCVE-2008-0930\n The xwine command makes unsafe use of local temporary files when\n printing. This could allow the removal of arbitrary files belonging\n to users who invoke the program.\n\nCVE-2008-0931\n The xwine command changes the permissions of the global WINE configuration\n file such that it is world-writable. This could allow local users to edit\n it such that arbitrary commands could be executed whenever any local user\n executed a program under WINE.\n\nFor the stable distribution (etch), these problems have been fixed in version\n1.0.1-1etch1.\n\nWe recommend that you upgrade your xwine package.\n\n\nUpgrade instructions\n- --------------------\n\nwget url\n will fetch the file for you\ndpkg -i file.deb\n will install the referenced file.\n\nIf you are using the apt-get package manager, use the line for\nsources.list as given below:\n\napt-get update\n will update the internal database\napt-get upgrade\n will install corrected packages\n\nYou may use an automated update by adding the resources from the\nfooter to the proper configuration.\n\n\nDebian GNU/Linux 4.0 alias etch\n- -------------------------------\n\nSource archives:\n\n http://security.debian.org/pool/updates/main/x/xwine/xwine_1.0.1-1etch1.diff.gz\n Size/MD5 checksum: 27365 a7f1316789d0d54fbfdfbbbca8fb5c27\n http://security.debian.org/pool/updates/main/x/xwine/xwine_1.0.1-1etch1.dsc\n Size/MD5 checksum: 619 477cc8074941df31e0d3c04c2d5ecf90\n http://security.debian.org/pool/updates/main/x/xwine/xwine_1.0.1.orig.tar.gz\n Size/MD5 checksum: 1527684 2748b66d5ab0b4cc172cbb296cc8363b\n\nalpha architecture (DEC Alpha)\n\n http://security.debian.org/pool/updates/main/x/xwine/xwine_1.0.1-1etch1_alpha.deb\n Size/MD5 checksum: 1078778 f7f62194f4bcfcf08b3f24c2caad2cf0\n\namd64 architecture (AMD x86_64 (AMD64))\n\n http://security.debian.org/pool/updates/main/x/xwine/xwine_1.0.1-1etch1_amd64.deb\n Size/MD5 checksum: 1044810 5a9c6db84637c399f53ac631685d359d\n\narm architecture (ARM)\n\n http://security.debian.org/pool/updates/main/x/xwine/xwine_1.0.1-1etch1_arm.deb\n Size/MD5 checksum: 1042890 88b6f1cc95a3d1064be79c420535b70c\n\nhppa architecture (HP PA RISC)\n\n http://security.debian.org/pool/updates/main/x/xwine/xwine_1.0.1-1etch1_hppa.deb\n Size/MD5 checksum: 1054266 9eb4ea73d3ea9eef16f9f8002e9b3d43\n\ni386 architecture (Intel ia32)\n\n http://security.debian.org/pool/updates/main/x/xwine/xwine_1.0.1-1etch1_i386.deb\n Size/MD5 checksum: 1049258 caf4aeb5e2a45b6c38abe8f5e0c7fb61\n\nia64 architecture (Intel ia64)\n\n http://security.debian.org/pool/updates/main/x/xwine/xwine_1.0.1-1etch1_ia64.deb\n Size/MD5 checksum: 1099784 a3a5facdb404d481df42ee386402b4fa\n\npowerpc architecture (PowerPC)\n\n http://security.debian.org/pool/updates/main/x/xwine/xwine_1.0.1-1etch1_powerpc.deb\n Size/MD5 checksum: 1045496 74235e48bda3cb5b43f589be5962c65f\n\ns390 architecture (IBM S/390)\n\n http://security.debian.org/pool/updates/main/x/xwine/xwine_1.0.1-1etch1_s390.deb\n Size/MD5 checksum: 1021898 374b7326c9092fba9d34eea4e3d69ce0\n\nsparc architecture (Sun SPARC/UltraSPARC)\n\n http://security.debian.org/pool/updates/main/x/xwine/xwine_1.0.1-1etch1_sparc.deb\n Size/MD5 checksum: 1037724 32c6b9725b87a9f81074667290fab29b\n\n\n These files will probably be moved into the stable distribution on\n its next update.\n\n- ---------------------------------------------------------------------------------\nFor apt-get: deb http://security.debian.org/ stable/updates main\nFor dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main\nMailing list: debian-security-announce@lists.debian.org\nPackage info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>\n", "edition": 6, "modified": "2008-03-20T19:09:52", "published": "2008-03-20T19:09:52", "id": "DEBIAN:DSA-1522-1:F3B7C", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2008/msg00094.html", "title": "[SECURITY] [DSA 1522-1] New xwine packages fix several vulnerabilities", "type": "debian", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}]}
