
- ------------------------------------------------------------------------
Debian Security Advisory DSA-1953-2                  security@debian.org
http://www.debian.org/security/                           Stefan Fritsch
December 31, 2009                     http://www.debian.org/security/faq
- ------------------------------------------------------------------------

Package        : expat
Vulnerability  : denial of service
Problem type   : remote
Debian-specific: no
CVE Id         : CVE-2009-3560
Debian Bug     : 560901 561658

The expat updates released in DSA-1953-1 caused a regression: In some
cases, expat would abort with the message "error in processing external
entity reference".

For the old stable distribution (etch), this problem has been fixed in
version 1.95.8-3.4+etch3.

For the stable distribution (lenny), this problem has been fixed in
version 2.0.1-4+lenny3.

For the testing distribution (squeeze) and the unstable distribution
(sid), this problem will be fixed soon.

We recommend that you upgrade your expat packages.

For reference, the original advisory text is provided below.

Jan Lieskovsky discovered an error in expat, an XML parsing C library,
when parsing certain UTF-8 sequences, which can be exploited to crash an
application using the library.

Upgrade instructions
- --------------------

wget url
        will fetch the file for you
dpkg -i file.deb
        will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
        will update the internal database
apt-get upgrade
        will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.


Debian GNU/Linux 4.0 alias etch (oldstable)
- -------------------------------------------

Oldstable updates are available for alpha, amd64, arm, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.

Source archives:

      Size/MD5 checksum:      703 dc4b1744126125076c101096cd8ee0ab
      Size/MD5 checksum:   318349 aff487543845a82fe262e6e2922b4c8e
      Size/MD5 checksum:   413486 61974eddb0940c5fcbdc6c8e8c7d77ee

alpha architecture (DEC Alpha)

      Size/MD5 checksum:    69540 0dd4beb265a355059da5493e6e055358
      Size/MD5 checksum:    22400 ced8d1aec911ac230d7b9316266e497e
      Size/MD5 checksum:   143198 1cae2e63c8b6d23065b4e3bc1eddafad
      Size/MD5 checksum:    61242 32ddd8b14c7b53e8c8f24a3209854deb

amd64 architecture (AMD x86_64 (AMD64))

      Size/MD5 checksum:    64742 3647c9e24678bdb2f67565b19343e182
      Size/MD5 checksum:    21568 c374f70f56b491b2a433fb52cc0cd9c5
      Size/MD5 checksum:    56498 cb988b6a99abba9a4e83d94c87c67beb
      Size/MD5 checksum:   134074 63d86aa6106c5e0ec60e0f271b69ccb8

arm architecture (ARM)

      Size/MD5 checksum:    49436 fc58417fe2ed502fb479f29af596641b
      Size/MD5 checksum:    19860 eb5abe1650682c1a1d7a3f3af4d94321
      Size/MD5 checksum:    57340 77f5c9b0f78ca6b19d76b2253bee0d59
      Size/MD5 checksum:   126218 0f9b91af3f1a4e4a36ff70e79c98d789

hppa architecture (HP PA RISC)

      Size/MD5 checksum:    64800 2ea496e98886dbb373009dbe15e423dd
      Size/MD5 checksum:    22728 0b9d6affa1488fea43d2e1e4816139ce
      Size/MD5 checksum:    73062 fa2c9ca6ddb37a7fe058eccfff268b26
      Size/MD5 checksum:   151940 a615081dba00562e1d2e9ac68c223276

i386 architecture (Intel ia32)

      Size/MD5 checksum:    54992 8b4d6a3739653d5158c527000eb08701
      Size/MD5 checksum:    63194 b4ce5489fcb44555acba9aefc022d188
      Size/MD5 checksum:    21158 60ee653353eaedddc9390e9747b9d669
      Size/MD5 checksum:   130028 990eba22f2b6d8e05b61e0242a03a822

ia64 architecture (Intel ia64)

      Size/MD5 checksum:    95948 8bd3da491fe5eb8533acd702ab00946b
      Size/MD5 checksum:    87382 ba190b269289552760bbd8a5769a09c0
      Size/MD5 checksum:    25128 16e932c435c7fa41ae1ed43c765694dd
      Size/MD5 checksum:   165122 a53048245382e6459dd6879f6ea858ce

mips architecture (MIPS (Big Endian))

      Size/MD5 checksum:    56622 804d770c7f404a30340b53085852a006
      Size/MD5 checksum:    21578 3eb622edc64bee8a47c8cff1a663f0c9
      Size/MD5 checksum:   139334 53593f0163eb99eb07e221e6f6de58db
      Size/MD5 checksum:    64842 87194200f304a8ea3a666b81394e367c

mipsel architecture (MIPS (Little Endian))

      Size/MD5 checksum:    21704 e1079ae868512000f34aac19b699d7bb
      Size/MD5 checksum:    56230 154329ee84d1c27f3e24a9eaefaed930
      Size/MD5 checksum:    64416 8234823f366d484cb8f01ce02f75fa38
      Size/MD5 checksum:   139626 d35fe671e6a7a66a85ee3e26bfd8c443

powerpc architecture (PowerPC)

      Size/MD5 checksum:   148364 2256e210bd73511bcb55a2f5501e1cf6
      Size/MD5 checksum:    67760 c967286260ce41de83970ac54cd0a274
      Size/MD5 checksum:    23006 2b94ca9cb2695d119da9c3579bed8c02
      Size/MD5 checksum:    59506 029a1f7d15eea61e8e3f3bf570bc7277

s390 architecture (IBM S/390)

      Size/MD5 checksum:    56786 cb66f6f07153f0495fd14a61abea0ca2
      Size/MD5 checksum:    21478 237d2e85e9919b00541d235030466679
      Size/MD5 checksum:    64988 229b084e5024dbadca4ad4c12eda7ed8
      Size/MD5 checksum:   132606 3fe7429e6a2d1e4c6214c972ae6b6b07

sparc architecture (Sun SPARC/UltraSPARC)

      Size/MD5 checksum:    20452 2a29a1a2b01f6fccbf22b66c88f224be
      Size/MD5 checksum:   128230 362c44585e31182d95dd50ae9a12174d
      Size/MD5 checksum:    59922 9355e8f7e28a6bb5e308544c469b3577
      Size/MD5 checksum:    51922 e4c3ad57069782044fbf914ba836df8f

Debian GNU/Linux 5.0 alias lenny (stable)
- -----------------------------------------

Stable updates are available for alpha, amd64, arm, armel, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.

Source archives:

      Size/MD5 checksum:   446456 ee8b492592568805593f81f8cdf2a04c
      Size/MD5 checksum:   134076 538ad21eb6bdf5acc8328df18c4cf052
      Size/MD5 checksum:     1438 ad2aa942056412be8b8da88604b39ab8

alpha architecture (DEC Alpha)

      Size/MD5 checksum:    24758 1a5b0b40e6f0549a6745814011a7a013
      Size/MD5 checksum:    62908 e1f1c34f488d5075937225756006577c
      Size/MD5 checksum:   221376 d7835b9b1b0e189729ed36e11410a303
      Size/MD5 checksum:   136010 5a3764a1767f11a3721a78924f15e0e5

amd64 architecture (AMD x86_64 (AMD64))

      Size/MD5 checksum:   223666 60fe9f404fef81ce62c19ff552ff6aa2
      Size/MD5 checksum:    24036 368d4707dd082b6d85cddce63100a5b3
      Size/MD5 checksum:    62884 ed501255c7d6690072f26a55f1126019
      Size/MD5 checksum:   136658 230844421fe45a3e2df6c47448e4875f

arm architecture (ARM)

      Size/MD5 checksum:   203682 2db3ccf7a4f9dca59afd8fcab27503d8
      Size/MD5 checksum:   116232 995d1242155b7ad3eee21179f4794c71
      Size/MD5 checksum:    52676 960c289152c08334c86c30c06d6692df
      Size/MD5 checksum:    22244 c6b6f15dc51f706f3b4e657b546acbf7

armel architecture (ARM EABI)

      Size/MD5 checksum:   212558 95727f5705a886c434f35f3f3bcaefae
      Size/MD5 checksum:    54212 adf9e7072ba86a5fd9e631ea2ebcc1a7
      Size/MD5 checksum:    22632 6ab54def8b3fd10bd1043e63f1f04c0d
      Size/MD5 checksum:   118622 f541932a5d3741cf8a5fc74e3eed3291

hppa architecture (HP PA RISC)

      Size/MD5 checksum:    24956 b74d5d349e09462cad66fd3914fe3d92
      Size/MD5 checksum:   263378 e1cce62bfa58bf23c08edb53a7181b8e
      Size/MD5 checksum:   148796 a08d5a83c5c014e20f61e80af1f85934
      Size/MD5 checksum:    69468 2c1f26a69352ab07ed2caeeac05b95fa

i386 architecture (Intel ia32)

      Size/MD5 checksum:   132090 16f40a05b5e246cee5db23215e6f8b13
      Size/MD5 checksum:   210830 913c65f97181c1960564743ed23361fe
      Size/MD5 checksum:    60870 25a3fb0e0b7e3e38ea75068c6225379d
      Size/MD5 checksum:   168566 60b34707f84117713ace944b333ed771
      Size/MD5 checksum:    23472 4674856b3fe32f76468e66b6956ab3bd
      Size/MD5 checksum:   136634 a845b4395000e0f4b565d32f482ae342

ia64 architecture (Intel ia64)

      Size/MD5 checksum:    98294 214e48ccad054b29171b803fc1f46586
      Size/MD5 checksum:    27554 7874802938138a5fce2d2a9c53238a8d
      Size/MD5 checksum:   206396 59a5815d13e1bc1f54baab8d5f5d8ee7
      Size/MD5 checksum:   292014 ae322be8a4e9777f0537a3220cc8f8f5

mips architecture (MIPS (Big Endian))

      Size/MD5 checksum:    23944 d0b5b71a2332b557a4ae0773e3a098a1
      Size/MD5 checksum:    61226 cbcc50141de10a9bb0a097ec49b65f1e
      Size/MD5 checksum:   132944 fa7958232168bb5d31df4a8cda7a4d76
      Size/MD5 checksum:   234614 6e7cc1122d737c19a8b231910dd91620

mipsel architecture (MIPS (Little Endian))

      Size/MD5 checksum:   131794 d55703db361b51a7256c07fa7766483a
      Size/MD5 checksum:    60640 187badd5d787e2ffeca09c5c5319aa57
      Size/MD5 checksum:   224284 dbb538208e0cb04408f5ce8fa640902e
      Size/MD5 checksum:    23962 11121782a8ec5eda91991d2f16ce7703

powerpc architecture (PowerPC)

      Size/MD5 checksum:    26946 c5519033b6e4b61ad7182e01c8a5ee3e
      Size/MD5 checksum:    65030 f68132531320f8cc7f589851f674e2c6
      Size/MD5 checksum:   144086 632f3155d0425028d384d1a05ada6448
      Size/MD5 checksum:   140634 2b113edb6f97f4829b6970ee4151680f
      Size/MD5 checksum:   156886 f34f44a58f848f666ff850f4629f0263
      Size/MD5 checksum:   280566 dbd6730ca071ce2c082aa1c20d8140b8

s390 architecture (IBM S/390)

      Size/MD5 checksum:   134684 a6102b9af5ebd27e473d8a783a6a56f1
      Size/MD5 checksum:   220416 e790866b2a575d3930b170e792af7920
      Size/MD5 checksum:   173454 eae43312ae4f09009d488f93b09e38b2
      Size/MD5 checksum:   134704 29bd6a26215bfe4645903f753efe23df
      Size/MD5 checksum:    24342 8f0247bbed18cf5c4f104ed03ddf0ead
      Size/MD5 checksum:    61968 386065abe715c0d7f6eb03efbe587e69

sparc architecture (Sun SPARC/UltraSPARC)

      Size/MD5 checksum:   125782 f46be4cacab03227c5bac78f693b364e
      Size/MD5 checksum:    57678 b35c350f3164b69e1be69da712e487da
      Size/MD5 checksum:   216822 74a3023a185d9bb46b7cb581beadffb7
      Size/MD5 checksum:   133782 2e228b1379c728f868e1e6be711d525c
      Size/MD5 checksum:   172028 d51e13c7f5c2420b37f26b0313c55346
      Size/MD5 checksum:    23292 572596331f0b2ecb3686e5c144a82bde


  These files will probably be moved into the stable distribution on
  its next update.

- ---------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp:  dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
Package info: `apt-cache show ' and http://packages.debian.org/

Debian: DSA-1953-2: New expat packages fix regression

December 31, 2009

The expat updates released in DSA-1953-1 caused a regression: In some cases, expat would abort with the message "error in processing external entity reference"

Summary

For the old stable distribution (etch), this problem has been fixed in
version 1.95.8-3.4+etch3.

For the stable distribution (lenny), this problem has been fixed in
version 2.0.1-4+lenny3.

For the testing distribution (squeeze) and the unstable distribution
(sid), this problem will be fixed soon.

We recommend that you upgrade your expat packages.

For reference, the original advisory text is provided below.

Jan Lieskovsky discovered an error in expat, an XML parsing C library,
when parsing certain UTF-8 sequences, which can be exploited to crash an
application using the library.

Upgrade instructions
- --------------------

wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
will update the internal database
apt-get upgrade
will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.

Debian GNU/Linux 4.0 alias etch (oldstable)

Oldstable updates are available for alpha, amd64, arm, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.

Source archives:

Size/MD5 checksum: 703 dc4b1744126125076c101096cd8ee0ab
Size/MD5 checksum: 318349 aff487543845a82fe262e6e2922b4c8e
Size/MD5 checksum: 413486 61974eddb0940c5fcbdc6c8e8c7d77ee

alpha architecture (DEC Alpha)

Size/MD5 checksum: 69540 0dd4beb265a355059da5493e6e055358
Size/MD5 checksum: 22400 ced8d1aec911ac230d7b9316266e497e
Size/MD5 checksum: 143198 1cae2e63c8b6d23065b4e3bc1eddafad
Size/MD5 checksum: 61242 32ddd8b14c7b53e8c8f24a3209854deb

amd64 architecture (AMD x86_64 (AMD64))

Size/MD5 checksum: 64742 3647c9e24678bdb2f67565b19343e182
Size/MD5 checksum: 21568 c374f70f56b491b2a433fb52cc0cd9c5
Size/MD5 checksum: 56498 cb988b6a99abba9a4e83d94c87c67beb
Size/MD5 checksum: 134074 63d86aa6106c5e0ec60e0f271b69ccb8

arm architecture (ARM)

Size/MD5 checksum: 49436 fc58417fe2ed502fb479f29af596641b
Size/MD5 checksum: 19860 eb5abe1650682c1a1d7a3f3af4d94321
Size/MD5 checksum: 57340 77f5c9b0f78ca6b19d76b2253bee0d59
Size/MD5 checksum: 126218 0f9b91af3f1a4e4a36ff70e79c98d789

hppa architecture (HP PA RISC)

Size/MD5 checksum: 64800 2ea496e98886dbb373009dbe15e423dd
Size/MD5 checksum: 22728 0b9d6affa1488fea43d2e1e4816139ce
Size/MD5 checksum: 73062 fa2c9ca6ddb37a7fe058eccfff268b26
Size/MD5 checksum: 151940 a615081dba00562e1d2e9ac68c223276

i386 architecture (Intel ia32)

Size/MD5 checksum: 54992 8b4d6a3739653d5158c527000eb08701
Size/MD5 checksum: 63194 b4ce5489fcb44555acba9aefc022d188
Size/MD5 checksum: 21158 60ee653353eaedddc9390e9747b9d669
Size/MD5 checksum: 130028 990eba22f2b6d8e05b61e0242a03a822

ia64 architecture (Intel ia64)

Size/MD5 checksum: 95948 8bd3da491fe5eb8533acd702ab00946b
Size/MD5 checksum: 87382 ba190b269289552760bbd8a5769a09c0
Size/MD5 checksum: 25128 16e932c435c7fa41ae1ed43c765694dd
Size/MD5 checksum: 165122 a53048245382e6459dd6879f6ea858ce

mips architecture (MIPS (Big Endian))

Size/MD5 checksum: 56622 804d770c7f404a30340b53085852a006
Size/MD5 checksum: 21578 3eb622edc64bee8a47c8cff1a663f0c9
Size/MD5 checksum: 139334 53593f0163eb99eb07e221e6f6de58db
Size/MD5 checksum: 64842 87194200f304a8ea3a666b81394e367c

mipsel architecture (MIPS (Little Endian))

Size/MD5 checksum: 21704 e1079ae868512000f34aac19b699d7bb
Size/MD5 checksum: 56230 154329ee84d1c27f3e24a9eaefaed930
Size/MD5 checksum: 64416 8234823f366d484cb8f01ce02f75fa38
Size/MD5 checksum: 139626 d35fe671e6a7a66a85ee3e26bfd8c443

powerpc architecture (PowerPC)

Size/MD5 checksum: 148364 2256e210bd73511bcb55a2f5501e1cf6
Size/MD5 checksum: 67760 c967286260ce41de83970ac54cd0a274
Size/MD5 checksum: 23006 2b94ca9cb2695d119da9c3579bed8c02
Size/MD5 checksum: 59506 029a1f7d15eea61e8e3f3bf570bc7277

s390 architecture (IBM S/390)

Size/MD5 checksum: 56786 cb66f6f07153f0495fd14a61abea0ca2
Size/MD5 checksum: 21478 237d2e85e9919b00541d235030466679
Size/MD5 checksum: 64988 229b084e5024dbadca4ad4c12eda7ed8
Size/MD5 checksum: 132606 3fe7429e6a2d1e4c6214c972ae6b6b07

sparc architecture (Sun SPARC/UltraSPARC)

Size/MD5 checksum: 20452 2a29a1a2b01f6fccbf22b66c88f224be
Size/MD5 checksum: 128230 362c44585e31182d95dd50ae9a12174d
Size/MD5 checksum: 59922 9355e8f7e28a6bb5e308544c469b3577
Size/MD5 checksum: 51922 e4c3ad57069782044fbf914ba836df8f

Debian GNU/Linux 5.0 alias lenny (stable)

Stable updates are available for alpha, amd64, arm, armel, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.

Source archives:

Size/MD5 checksum: 446456 ee8b492592568805593f81f8cdf2a04c
Size/MD5 checksum: 134076 538ad21eb6bdf5acc8328df18c4cf052
Size/MD5 checksum: 1438 ad2aa942056412be8b8da88604b39ab8

alpha architecture (DEC Alpha)

Size/MD5 checksum: 24758 1a5b0b40e6f0549a6745814011a7a013
Size/MD5 checksum: 62908 e1f1c34f488d5075937225756006577c
Size/MD5 checksum: 221376 d7835b9b1b0e189729ed36e11410a303
Size/MD5 checksum: 136010 5a3764a1767f11a3721a78924f15e0e5

amd64 architecture (AMD x86_64 (AMD64))

Size/MD5 checksum: 223666 60fe9f404fef81ce62c19ff552ff6aa2
Size/MD5 checksum: 24036 368d4707dd082b6d85cddce63100a5b3
Size/MD5 checksum: 62884 ed501255c7d6690072f26a55f1126019
Size/MD5 checksum: 136658 230844421fe45a3e2df6c47448e4875f

arm architecture (ARM)

Size/MD5 checksum: 203682 2db3ccf7a4f9dca59afd8fcab27503d8
Size/MD5 checksum: 116232 995d1242155b7ad3eee21179f4794c71
Size/MD5 checksum: 52676 960c289152c08334c86c30c06d6692df
Size/MD5 checksum: 22244 c6b6f15dc51f706f3b4e657b546acbf7

armel architecture (ARM EABI)

Size/MD5 checksum: 212558 95727f5705a886c434f35f3f3bcaefae
Size/MD5 checksum: 54212 adf9e7072ba86a5fd9e631ea2ebcc1a7
Size/MD5 checksum: 22632 6ab54def8b3fd10bd1043e63f1f04c0d
Size/MD5 checksum: 118622 f541932a5d3741cf8a5fc74e3eed3291

hppa architecture (HP PA RISC)

Size/MD5 checksum: 24956 b74d5d349e09462cad66fd3914fe3d92
Size/MD5 checksum: 263378 e1cce62bfa58bf23c08edb53a7181b8e
Size/MD5 checksum: 148796 a08d5a83c5c014e20f61e80af1f85934
Size/MD5 checksum: 69468 2c1f26a69352ab07ed2caeeac05b95fa

i386 architecture (Intel ia32)

Size/MD5 checksum: 132090 16f40a05b5e246cee5db23215e6f8b13
Size/MD5 checksum: 210830 913c65f97181c1960564743ed23361fe
Size/MD5 checksum: 60870 25a3fb0e0b7e3e38ea75068c6225379d
Size/MD5 checksum: 168566 60b34707f84117713ace944b333ed771
Size/MD5 checksum: 23472 4674856b3fe32f76468e66b6956ab3bd
Size/MD5 checksum: 136634 a845b4395000e0f4b565d32f482ae342

ia64 architecture (Intel ia64)

Size/MD5 checksum: 98294 214e48ccad054b29171b803fc1f46586
Size/MD5 checksum: 27554 7874802938138a5fce2d2a9c53238a8d
Size/MD5 checksum: 206396 59a5815d13e1bc1f54baab8d5f5d8ee7
Size/MD5 checksum: 292014 ae322be8a4e9777f0537a3220cc8f8f5

mips architecture (MIPS (Big Endian))

Size/MD5 checksum: 23944 d0b5b71a2332b557a4ae0773e3a098a1
Size/MD5 checksum: 61226 cbcc50141de10a9bb0a097ec49b65f1e
Size/MD5 checksum: 132944 fa7958232168bb5d31df4a8cda7a4d76
Size/MD5 checksum: 234614 6e7cc1122d737c19a8b231910dd91620

mipsel architecture (MIPS (Little Endian))

Size/MD5 checksum: 131794 d55703db361b51a7256c07fa7766483a
Size/MD5 checksum: 60640 187badd5d787e2ffeca09c5c5319aa57
Size/MD5 checksum: 224284 dbb538208e0cb04408f5ce8fa640902e
Size/MD5 checksum: 23962 11121782a8ec5eda91991d2f16ce7703

powerpc architecture (PowerPC)

Size/MD5 checksum: 26946 c5519033b6e4b61ad7182e01c8a5ee3e
Size/MD5 checksum: 65030 f68132531320f8cc7f589851f674e2c6
Size/MD5 checksum: 144086 632f3155d0425028d384d1a05ada6448
Size/MD5 checksum: 140634 2b113edb6f97f4829b6970ee4151680f
Size/MD5 checksum: 156886 f34f44a58f848f666ff850f4629f0263
Size/MD5 checksum: 280566 dbd6730ca071ce2c082aa1c20d8140b8

s390 architecture (IBM S/390)

Size/MD5 checksum: 134684 a6102b9af5ebd27e473d8a783a6a56f1
Size/MD5 checksum: 220416 e790866b2a575d3930b170e792af7920
Size/MD5 checksum: 173454 eae43312ae4f09009d488f93b09e38b2
Size/MD5 checksum: 134704 29bd6a26215bfe4645903f753efe23df
Size/MD5 checksum: 24342 8f0247bbed18cf5c4f104ed03ddf0ead
Size/MD5 checksum: 61968 386065abe715c0d7f6eb03efbe587e69

sparc architecture (Sun SPARC/UltraSPARC)

Size/MD5 checksum: 125782 f46be4cacab03227c5bac78f693b364e
Size/MD5 checksum: 57678 b35c350f3164b69e1be69da712e487da
Size/MD5 checksum: 216822 74a3023a185d9bb46b7cb581beadffb7
Size/MD5 checksum: 133782 2e228b1379c728f868e1e6be711d525c
Size/MD5 checksum: 172028 d51e13c7f5c2420b37f26b0313c55346
Size/MD5 checksum: 23292 572596331f0b2ecb3686e5c144a82bde

These files will probably be moved into the stable distribution on
its next update.

For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
Package info: `apt-cache show ' and http://packages.debian.org/