Search This Blog

Friday, June 29, 2007

Top 25 'iPhonies'; Harry Potter worm says he is dead

Network World

Daily News: PM




Network World Daily News: PM, 06/29/07

Top 25 'iPhonies'
Take a look back at the best of the Photoshopped speculation surrounding one of the most-hyped tech devices.
Plus: Bradner: Will Apple's iPhone walk on water?

Harry Potter worm says he is dead
Always ready to hitch their creations to current pop-culture events, malware writers have developed a new worm just in time for the release of the latest "Harry Potter" movie and novel.

Schwartz mum on GPLv3, reveals licensing fantasy
Sun CEO Jonathan Schwartz showed up Thursday evening at the Burton Group Catalyst Conference and declared he would not answer questions about the GNU general public license version 3, but he did disclose his lifelong fantasy concerning open source licensing.

Manage Insider Security Threats

Experts say 75% of security threats come from inside your organization. Watch the latest Network World Editorial Perspectives Webcast today, "Security From the Inside," and learn which technologies and processes best protect your intellectual property and assets inside the perimeter.

Click Here to View

YouTube video puts sharp focus on tech job ads
Cisco placed a help-wanted ad for a network consulting engineer in the Chicago Tribune on Sunday, June 3, and David Huber, a networking professional who lives in Chicago, was interested in the job.

Blogs

How much is your test lab at home worth?
Scott Morris, quadruple Cisco CCIE, boasts a $2.3 million lab in the basement of his home. Read more at the Brad Reese on Cisco blog.

Blogger John Obeto on Microsoft Subnet
Guess which Linux vendor is being less than honest about dealing with Microsoft? Windows Vista Hardware Assessment. A Windows Vista virtualization FAQ. Data Encryption toolkit for mobile PCs.

TODAY'S MOST-READ STORIES:

1. Withdrawn Black Hat paper hints at security flaws
2. 3Com to spin out TippingPoint
3. Gartner to IT: Avoid Apple's iPhone
4. Lawyers show how to avoid hiring an American
5. The $2.3M home lab of Quadruple CCIE
6. The most-hyped tech products of all time
7. CIOs leery of iPhone
8. Giving an interview gets a guy fired
9. Parallel system 100X faster than PCs
10. Microsoft security group on 'worst jobs' list

MOST-DOWNLOADED PODCAST:
Network World 360: Operation Bot Roast, search engine roulette and more


Contact the author:

Questions? Feedback? Contact NetworkWorld.com Site Editor Jeff Caruso.



BONUS FEATURE

IT PRODUCT RESEARCH AT YOUR FINGERTIPS

Get detailed information on thousands of products, conduct side-by-side comparisons and read product test and review results with Network World’s IT Buyer’s Guides. Find the best solution faster than ever with over 100 distinct categories across the security, storage, management, wireless, infrastructure and convergence markets. Click here for details.


PRINT SUBSCRIPTIONS AVAILABLE
You've got the technology snapshot of your choice delivered to your inbox each day. Extend your knowledge with a print subscription to the Network World newsweekly, Apply here today.

International subscribers, click here.


SUBSCRIPTION SERVICES

To subscribe or unsubscribe to any Network World newsletter, change your e-mail address or contact us, click here.

This message was sent to: security.world@gmail.com. Please use this address when modifying your subscription.


Advertising information: Write to Associate Publisher Online Susan Cardoza

Network World, Inc., 118 Turnpike Road, Southborough, MA 01772

Copyright Network World, Inc., 2007

Security Management Weekly - June 29, 2007

header

  Learn more! ->   sm professional  

June 29, 2007
 
 
CORPORATE SECURITY  
  1. " Dangerous Employees: How to Deal With a Potential Threat"
  2. " McCartney Rocks Record Store" Tight Security for Paul McCartney Concert at Hollywood Record Store
  3. " Paris Hilton's Trash for Sale on eBay" Web Site Uses Map of Celebrities' Homes to Take Their Trash
  4. " Identity Theft: Advice From the FTC Chairman"
  5. " The Changing Role of Private Security" Private Security Industry Members Discuss Issues Facing the Industry

HOMELAND SECURITY  
  6. " Police Find Bomb in London" Major Car Bomb Defused Outside Popular Nightclub
  7. " U.S. Terror Threat Unchanged After London Incident" DHS Reportedly Considering Raising National Terror Alert Level
  8. " EU, US Reach Deal on Air Passenger Data"
  9. " CDC Probes A&M Bioweapons Infections" Texas A&M University Allegedly Fails to Report Researchers Infected With Biological Weapons Agents
  10. " DOD Seeks Builder for Shape-Shifting Military Robot" Sci-Fi-Like Robot Would Morph to Slip Through Small Openings
  11. " Flexible and Fearless, Seeking Rescue Work" DHS Sponsors Rescue-Robot Exercise at Mock Disaster Site
  12. " Green Bay Packers to Add Security Barrier Around Lambeau Field"
  13. " EMU Ramps Up Security" Eastern Michigan University Introduces 16-Point Campus-Security Plan

CYBER SECURITY  
  14. " Can the Internet Be Saved?" National Science Foundation Project Seeks to Reduce Security Threats by Reinventing Internet
  15. " Conference Unites Cybersecurity, Justice Officials for First Time" Feds Aim to Increase Number of Cybercrime Convictions


   









 

"Dangerous Employees: How to Deal With a Potential Threat"
American Medical News (06/25/07) ; Stevens, Larry

Though it is rare for disgruntled employees to act violently toward employers and co-workers, Quality America CEO Sheila Dunn says medical practices must be on the lookout for behavioral "red flags." Experts discourage personality profiling because loners, video-game addicts, and people who avoid eye contact--generally singled out as harboring aggression--are not all violent. Instead, Dunn says practices should be concerned when employees no longer exhibit good personal hygiene, cry a lot, miss work often, or get defensive when suggestions are made. Dunn encourages practice managers to talk to the employee, inquiring about any problems and urging him or her to get professional help; but she notes they cannot require the employee to take action unless the behavior is taking a toll on office operations. Experts say practices should take any threats seriously, as violent individuals tend to let someone know what they plan to do before they do it. Practices should provide a means for employees to report threats anonymously and put a doctor--not the practice administrator--in charge of workplace violence oversight. All incidents should be detailed in writing--regardless of whether the employee receives a warning or is terminated--to safeguard against lawsuits.
(go to web site)

"McCartney Rocks Record Store"
Australian Broadcasting Corp. News (06/29/07)

Former Beatles star Paul McCartney treated 900 of his fans to a free 85-minute concert at a Hollywood record store this week. Security for the event was tight, with fans assigned to designated areas and security guards ensuring that they remained there. Fire marshals also were on hand. Yellow tape was used to section off parts of the store, and concertgoers received blue wristbands to enter the store. "No shoplifting please," McCartney quipped. McCartney is playing a series of informal gigs to promote his new album.
(go to web site)

"Paris Hilton's Trash for Sale on eBay"
Washington Post (06/25/07)

The operators of the Web site HollywoodStarTrash.com claim to have taken six bags of trash from Paris Hilton's curbside trash can. The operators have posted some of the items in the trash bags--including a used toothbrush, a Hilton-autographed postcard, and a fan letter to Hilton--for sale on eBay. Bidding for the items ends on July 1, but as of June 25 no one had placed a bid for the items. A video at the Web site explains that the site's operators found Hilton's address using a map showing the homes of Hollywood stars. Two men, including one wearing an Uncle Sam mask, snuck into Hilton's neighborhood under the cover of darkness one recent morning and took her garbage. A man on the video who claims to be a lawyer says that stealing the trash is legal so long as the cans are on the street and there is no trespassing. A statement on the Web site indicates that the site operators will eventually target other celebrities' trash and post it on eBay.
(go to web site)

"Identity Theft: Advice From the FTC Chairman"
U.S. News & World Report (06/14/07) ; Palmer, Kimberly

Federal Trade Commission Chairman Deborah Platt Majoras says most Americans are vulnerable to identity theft and should take steps to protect themselves. The first thing people can do to protect themselves is to watch how they handle their personal information. Majoras says most people are careless when it comes to this, especially online, where account information is often requested. She advises that people refrain from the practice unless they initiate the contact. People should also never throw away bank statements bearing their account information. According to Majoras, bank statements should always be shredded. Consumers should also make a point to routinely check their bank accounts, credit statements, and credit reports for unusual activity. Credit reports should be checked at least once a year. Majoras says Social Security numbers should be given out sparingly. When sought, Majoras says, it is reasonable for people to ask whether it is necessary to give their Social Security information to receive service.
(go to web site)

"The Changing Role of Private Security"
Security Technology & Design (05/07) Vol. 17, No. 5, P. 30

Three representatives of the private security industry recently participated in a roundtable discussion about the issues confronting the industry. The members noted that since the Sept. 11 attacks, companies have been seeking out private security companies to create and implement their emergency preparedness plans or help them navigate U.S. Department of Homeland Security rules and regulations. Meanwhile, commercial high-rise buildings have been using private security to help in the areas of reception/concierge, emergency evacuation drills, and training. The security representatives said that the industry is taking steps to increase wages and training for security guards. Efforts are also being made in the areas of recruiting, screening, and placing security employees in appropriate positions. The biggest issue confronting the security industry is the lack of standardization, especially in the areas of training and background checks, panelists said. One of the panelists, Securitas Security Services USA Chairman Don Walker, noted that legislative groups like ASIS International are helping members of the industry improve standards. The convergence of physical and IT security technology has had a tremendous positive impact on the industry, panelists said, and the implementation of security technology has helped increase the overall effectiveness of security personnel.
(go to web site)

"Police Find Bomb in London"
Reuters (UK) (06/29/07) ; Holden, Michael; Baker, Luke

Authorities in London have prevented what could have been a major terrorist attack after they discovered and then disabled a nail-packed car bomb that had been parked outside a popular nightclub. The car, a light green Mercedes packed with a large amount of gas cylinders, petrol, and nails, had been left outside the nightclub around 1:00 a.m. Friday, a time when hundreds of people were near the car, according to London anti-terrorism chief Peter Clarke. "It is obvious that if the device had detonated, there could have been significant injury or loss of life," Clarke said. The media questioned whether the car bomb is linked to a bomb discovered in France, but Clarke did not provide details about a potential link. The discovery of the car bomb, which comes shortly before the two-year anniversary of the July 2005 London bombings, occurred by happenstance as an ambulance crew in the area noticed what appeared to be smoke inside the car. U.K. intelligence officials have previously warned that terrorists could target U.K. nightclubs for attack. The discovery of the bomb has prompted increased security levels across the country, including at Parliament and the Wimbledon tennis tournament. Potential suspects include domestic Islamic terrorists and Al Qaeda.
(go to web site)

"U.S. Terror Threat Unchanged After London Incident"
CNN.com (06/29/07)

The U.S. Department of Homeland Security (DHS) is considering raising the national terrorism alert level in the United States due to the discovery of the London car bomb, according to one unidentified DHS official. The DHS and FBI are paying close attention to the situation in London, but U.S. officials said there is nothing at the present time that would indicate a threat to the United States. However, the FBI is asking the public to be on the lookout for suspicious activity and to report any such activity to law enforcement. U.S. law enforcement agencies--local, state, and federal--are on alert. CNN reports that the London bomb was a "relatively crude" device composed of a detonator and 52 gallons of fuel.
(go to web site)

"EU, US Reach Deal on Air Passenger Data"
Houston Chronicle (06/29/07) ; Sliva, Jan

The European Union and United States have reached a "basic political understanding" on the contentious issue of sharing data about air passengers flying between Europe and the United States, and a formal deal could be in place by August, according to EU sources. EU privacy concerns had long been a stumbling block to reaching a deal, but an apparent breakthrough was reached after both sides compromised, with the United States agreeing to receive less data from the EU and the EU agreeing to allow U.S. officials to retain the data longer. EU member countries must first study the language of the proposed deal before ratifying the proposal, EU sources said. The proposed deal calls for the EU to transfer 19 pieces of data to U.S. officials instead of the 34 pieces U.S. officials had been demanding. U.S. officials would retain the data for up to 15 years, although tight restrictions on accessing the data would kick in after seven years. Highly sensitive passenger data--including ethnicity, religion, and political views--will be inaccessible to the United States except in instances where the data could save someone's life. The current interim deal between the two sides is set to expire at the end of July, and U.S. officials warn that the airline industry will be beset by chaos unless a new deal is reached.
(go to web site)

"CDC Probes A&M Bioweapons Infections"
Dallas Morning News (06/27/07) ; Ramshaw, Emily

Texas A&M University is under investigation by the Centers for Disease Control and Prevention (CDC) for neglecting to report instances in which researchers were infected with biological weapons agents last year. While examining universities interested in becoming home to the new National Bio and Agro-Defense Facility, The Sunshine Project watchdog group learned of one researcher who was infected with Brucella in February 2006 and three researchers who were exposed to Q fever two months later; only the Brucella case was reported to the CDC, but the report was not made until this year. Brucella and Q fever are not considered deadly or contagious--sparking hard-to-cure fevers and flu-like symptoms--but The Sunshine Project is concerned about what the unreported cases mean for the bioweapons research industry. Edward Hammond, director of The Sunshine Project, asserted: "The A&M problems, I think, are symptomatic of a larger problem, and that's that we are putting literally thousands and thousands of people behind the wheel of this apparatus to study biological weapons agents. They don't have the experience, and we don't have the proper legislative framework to do it safely." The Department of Homeland Security and the National Institutes of Health gave Texas A&M millions in funding to research vaccines for these biological agents.
(go to web site)

"DOD Seeks Builder for Shape-Shifting Military Robot"
Computerworld (06/25/07) ; Songini, Marc L.

The U.S. Defense Advanced Research Projects Agency (DARPA) has released a request for proposals for a "Chemical Robot" that is capable of shrinking and radically changing its shape while squeezing through narrow openings. Once through the opening, the robot should then be able to morph back into its normal shape and height, DARPA says. As described, the robot evokes comparisons to the liquid-based evil cyborg from the Terminator 2 movie. Scientists have until July 2 to submit their proposals to DARPA, which has suggested that the robot be composed of gels, fluids, and shape memory materials. The Chemical Robot would be used in battlefield-like situations to "safely and covertly gain access to denied or hostile areas and perform useful tasks," including support for soldiers. DARPA states that the robot should be able to "rapidly traverse arbitrary size/shape openings whose dimensions are much smaller than the robot itself and are not known a-priori." The robot could be modeled after an insect or octopus, DARPA said.
(go to web site)

"Flexible and Fearless, Seeking Rescue Work"
New York Times (06/25/07) P. A12 ; Blumenthal, Ralph

Texas A&M University's Texas Engineering Extension Service operates a 52-acre "Disaster City" where fire fighters and other emergency responders from across the globe can participate in training exercises. The site was recently the scene of a robotics exercise sponsored by the Department of Homeland Security's Science and Technology Directorate and the Commerce Department's National Institute of Standards and Technology. Several varieties of rescue robots participated in the exercise, which included obstacle courses based on mock set-ups of the Oklahoma City bombing, 1993 World Trade Center bombing, and Mexico City earthquake. The robots included a 30-foot, snake-like optic robot that slinks through crevasses and holes while providing images of its discoveries. That robot, produced by university researchers in Japan, is attached to the operator's body, unlike most robots, which are operated via consoles or laptops. One Texas A&M official predicted that robots will soon become a regular part of rescue work.
(go to web site)

"Green Bay Packers to Add Security Barrier Around Lambeau Field"
Oshkosh Northwestern (06/26/07) ; Boyd, Sara

The Green Bay Packers' historic Lambeau Field stadium is receiving a $1 million security makeover that will include the deployment of a 2.5-foot-high ring of concrete barriers around three of the stadium's four sides. The barriers will be situated some 100 feet from the stadium's exterior walls. The security plan also calls for the deployment of 33 planters and 12 monuments, all of which will feature the logos of the Packers and Lambeau Field. The planters are 2.5 feet tall, 28 feet long, and six feet wide, while the monuments are 12 feet tall and four feet square. A pair of concrete benches, each seven feet long, will abut each of the monuments. On game days, one side of the stadium also will be protected by 29 portable planters. Some planters will be featured in tandem with landscaping. The Packers announced the security project on June 26, and team officials said the project is expected to complete by Aug. 18, the team's first home preseason game.
(go to web site)

"EMU Ramps Up Security"
Ann Arbor News (MI) (06/23/07)

The president of Eastern Michigan University (EMU) has released a 16-point plan for improving campus security. The university and President John Fallon have come under fire for allegedly attempting to cover up a suspected homicide on campus in December; that incident led to a highly critical June 8 report from an independent law firm. According to the report, investigators suspected right away that the death of student Laura Dickinson was a homicide, but the university announced that no foul play was suspected in her death. The university did not change its position on Dickinson's death until 10 weeks later, after an arrest had been made in the case. The report found that EMU's response to Dickinson's death violated the federal Clery Act; the report also identified a number of campus-security shortcomings and made recommendations for addressing them. On June 22, Fallon released a 16-point security plan based on the report's findings. Among other things, the plan calls for training campus personnel to comply with the Cleary Act; conducting a review of campus safety policies; implementing an official crisis-communications policy and team; and issuing bi-weekly campus-crime reports to students and staff.
(go to web site)

"Can the Internet Be Saved?"
Chronicle of Higher Education (06/29/07) Vol. 53, No. 43, P. A25 ; Fischman, Josh

The Internet is bowing under constant pressure from spam, malware, mobile devices, a lack of security, and spotty connections, and the National Science Foundation officially launched the Global Environment for Network Innovations (GENI) project to reinvent the Net in May. The biggest problem with the Internet is security, and at the root of this problem is the lack of authenticated identity and the erroneous assumption that every network insider is to be trusted; Princeton professor Larry L. Peterson thinks one solution is to construct a network that can contain attacks launched by end-users' machines. To effect more reliable data transmission, researchers are investigating the potential of using more programmable routers that communicate with each other, facilitating a more global perspective and allowing operators to split the network into virtual "slices" so management is easier. As for the problem of increasing numbers of mobile devices and the strain this places on the network, researchers are experimenting with ad-hoc networking on facilities that include Internet2 and the National LambdaRail network. The GENI project office is run by BBN Technologies engineer Chip Elliott, who thinks the effort calls for two strategies. "First, if you don't like conventional Internet protocols, try something completely different," he explains. "Second, do it on a large enough scale, with enough users, so that your results actually mean something." Among those involved in the GENI planning process are researchers from MIT, UC Berkeley, USC, and Princeton University, as well as Intel and other industry players.
(go to web site)

"Conference Unites Cybersecurity, Justice Officials for First Time"
CQ Weekly (06/25/07) ; Berger, Matthew E.

Federal cybersecurity professionals are teaming up this week with U.S. attorneys at the Government Forum of Incident Response and Security Teams Conference to ensure that all individuals battling cybercrime comprehend the battle's investigative and prosecutorial branches. Federal officials admit that by concentrating on obstructing and alleviating attacks, not enough attention has been paid to assessing where the attacks come from, or to holding criminals responsible. Experts concur that modern hackers are sophisticated, often work in synchronized criminal networks, and think they can escape prosecution for cyber-attacks. To increase the number of convictions, first-responders must recognize the tools and data that can assist investigators in pursuing cybercriminals. In addition, administrators must learn how to facilitate network investigations post-attack so as to balance swift response with criminal reporting. Government agencies and private companies can assist investigators while remaining productive by digitally copying their hard drives and networks. Another technique involves employing a duplicate system that can operate while the attacked system is probed for evidence. In addition, the attorneys will be given technology training at the conference to improve their ability to spot weaknesses in systems and infrastructures.
(go to web site)

Abstracts Copyright © 2007 Information, Inc. Bethesda, MD


  ASIS also offers a daily and a non-sponsored, special-content Professional Edition of
Security Newsbriefs. Please click to see a sample or to contact us for more information.

Unsubscribe | Change E-mail | Advertising Opportunities | Security Management Online | ASIS Online

InfoWorld Daily: Calculating the cost of an iPhone

========================================================================
INFOWORLD DAILY: INFOWORLD STAFF

http://www.infoworld.com/
========================================================================
Friday, June 29, 2007

* Calculating the cost of an iPhone
* InfoWorld Daily Podcast
* Talent war and H-1B make smokescreen

-- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -
ADVERTISEMENT

CRITICAL DATA PROTECTION QUESTIONS FOR IT DECISION-MAKERS

In this Webcast, Doug Chandler of IDC will explain how many companies
have evaluated their data protection choices in today's market and
made a successful transition from in-house backup and recovery
operations to service-based solutions. Sponsored by Arsenal.

http://newsletter.infoworld.com/t?ctl=17FC4E2:20920CD98AAF82DD2F2752A06D3A022AEFF29049075316B4

-- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -

========================================================================

CALCULATING THE COST OF AN IPHONE

Wireless: Now that they will be officially available this evening, albeit
likely hard to find, Apple's iPhone brings the reality of a two-year
contract replete with beefy monthly payments. Tom Yager does the math in
this Ahead of the Curve post. "What's the absolute minimum cost of
iPhone? Add it all up and it comes out to $2,034.75." That number does
not include taxes, fees and surcharges which -- as anyone with a
telephone can tell you -- account for a healthy portion of one's monthly
bill. "That's the cost of a $499 iPhone, a two-year AT&T contract at
$59.99... ...

More of this blog:
http://newsletter.infoworld.com/t?ctl=17FC4DB:20920CD98AAF82DD2F2752A06D3A022AEFF29049075316B4

========================================================================

INFOWORLD DAILY PODCAST

iPhone to become available tonight, experts caution against supporting
them in the enterprise, and we calculate absolute minimum it will cost.
Also, DHS plots closed-door cybersecurity meeting, RIM announces record
growth, and more LISTEN!... ...

More of this blog:
http://newsletter.infoworld.com/t?ctl=17FC4DA:20920CD98AAF82DD2F2752A06D3A022AEFF29049075316B4

========================================================================

TALENT WAR AND H-1B MAKE SMOKESCREEN

Careers: "The problem isn't talent -- there is a lot around," explains
Nick Corcodilos. "The problem, I think, is management." Companies are so
focused on stock price and PR that they define jobs so narrowly they
can't find the perfect candidate. "The focus is on filling jobs rather
than building bench strength. So companies wage a talent war, lawyers
handle the recruiting, the whole thing is revealed to be a sham, and HR
is left holding the H-1B bag." Green IT: Dell chills with Emerson, but
the companies claim that the combined Dell-Liebert Energy Smart
Solutions heat up servers by... ...

More of this blog:
http://newsletter.infoworld.com/t?ctl=17FC4DC:20920CD98AAF82DD2F2752A06D3A022AEFF29049075316B4

-- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -
ADVERTISEMENT

CRITICAL DATA PROTECTION QUESTIONS FOR IT DECISION-MAKERS

In this Webcast, Doug Chandler of IDC will explain how many companies
have evaluated their data protection choices in today's market and
made a successful transition from in-house backup and recovery
operations to service-based solutions. Sponsored by Arsenal.

http://newsletter.infoworld.com/t?ctl=17FC4E2:20920CD98AAF82DD2F2752A06D3A022AEFF29049075316B4

-- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -

DAILY NEWS, DELIVERED TO YOUR COMPUTER, MP3 PLAYER OR CELL PHONE

The InfoWorld Daily podcast provides readers with
up-to-the-minute news and features that shape the world
of enterprise IT. Tom Sullivan reports on the leading news
and events that shape the today's IT community.

http://newsletter.infoworld.com/t?ctl=17FC4DD:20920CD98AAF82DD2F2752A06D3A022AEFF29049075316B4

======================================================================

ADVERTISE

To advertise, contact Kate_Hobbie@infoworld.com.

======================================================================

UNSUBSCRIBE/MANAGE NEWSLETTERS

To subscribe, unsubscribe or change your e-mail address for any of
InfoWorld's e-mail newsletters, go to:
http://newsletter.infoworld.com/t?ctl=17FC4DE:20920CD98AAF82DD2F2752A06D3A022AEFF29049075316B4

Contact Customer Service at: customerservice@infoworld.com

To view InfoWorld's privacy policy, visit:
http://newsletter.infoworld.com/t?ctl=17FC4E0:20920CD98AAF82DD2F2752A06D3A022AEFF29049075316B4

Copyright (C) 2007 InfoWorld Media Group.
501 Second St., San Francisco, CA 94107


This message was sent to: security.world@gmail.com

About Net Security: Administering Windows Vista Security

About.com   Net Security
In the Spotlight | More Topics | Have a Healthy Smile
  from Tony Bradley, CISSP-ISSAP
Windows Vista introduces a lot of new features, many of which are focused on security. Mark Minasi helps explain the new features and functions in his book Administering Windows Vista Security: The Big Surprises. Check out my review. Also, check back later today for my visual step-by-step guide to Parental Controls in Windows Vista

 
In the Spotlight
Book Review: Administering Windows Vista Security
With Windows Vista, Microsoft has introduced a number of new security controls. What this means to users and administrators is understanding a variety of new acronyms such as WIC and UAC, or new terminology...read more

 
         More Topics
More Than 10,000 Sites Infected
Security vendor Trend Micro is working with the FBI to identify the source of a malware attack that has hijacked more than 10,000 web site and is infecting vulnerable machines...read more

 
Basic Computer and Network Security
Articles, news and editorials on computer and network security, new technology and information security legislation. Plus categorized tips and information by operating system to help you secure and protect your system.

 
 
Sponsored Links
 
Have a Healthy Smile

Learn how to get your smile its brightest, and whether tooth whitening is right for you.
How Does Whitening Work?
How to Prevent Bad Breath

Advertisement
 
 
Visit Related About GuideSites:
Wireless / Networking Antivirus Software Focus on Windows
Email internet  
Search About  

 
More Newsletters: To sign up for more free newsletters on What You Need to Know About your favorite topics, visit: http://talk.about.com

You are receiving this newsletter because you subscribed to the About Net Security newsletter as security.world@GMAIL.COM. If you wish to change or remove your email address, please visit:
http://www.about.com/nl/usgs.htm?nl=netsecurity&e=security.world@GMAIL.COM

About respects your privacy. Our Privacy Policy.

Our Contact Information.
249 West 17th Street
New York, NY, 10011

© 2007 About, Inc.

Register Now! Blades & Virtualization: A Perfect Match?

This is a special mailing for Enterprise IT Planet Security News Report newsletter subscribers. You are receiving this e-mail as part of your Enterprise IT Planet Security News Report newsletter subscription. Your e-mail address has not been rented, sold, or otherwise shared with any third-parties to bring you this mailing.
JupiterwebSpecial Offers
 
July 12, 2007 (2 p.m. EDT, 11 a.m. PDT)
 
Blades have been promoted as the path to IT nirvana in their own right. However, blades by themselves only simplify the physical infrastructure. The real win comes from combining blades with a variety of software technologies to simplify management and improve operational efficiency. Virtualization technology helps deliver on blade promises such as manageability, availability and flexibility. In this Webcast, Gordon Haff, principal IT advisor at Illuminata, looks at the options available - and tradeoffs involved - for combining blades with virtualization in both server-side and client-side computing.
 
 
Click here to register for this webcast.
 
On Demand
 
The growth of mission-critical applications and business data combined with ever-mounting compliance regulations is requiring small and mid-sized business (SMBs) to add more storage capacity and better utilize their server infrastructure. Unfortunately, storage solutions such as NAS and Fibre Channel are usually too costly, too complex or overkill for SMBs. However, there's another option: The StoreVault S500 is now certified to work with VMware ESX Server for iSCSI to combine storage and server virtualization. Attend this upcoming Jupitermedia Webcast to learn how to save money, simplify administration and increase uptime.
 
 
Click here to watch this webcast.
 
On Demand
 
The more your organization depends upon the network and your servers, the more heat they produce and the more power they consume. Learn about technological and data center changes that are driving your cooling bills through the roof, forcing you to drag in even more power to your server room that's already resonating at 60 Hz. Learn what you can do to stave off higher cooling bills and power costs - at least for now.
 
Click here to watch this webcast.

Jupitermedia Corporation * 23 Old Kings Highway South * Darien, CT * 06820


NAC users driven by regulatory compliance; IPv6 D-Day is coming

Network World

Standards and Regulatory Compliance News Alert




Network World's Standards and Regulations News Alert, 06/29/07

NAC users driven by regulatory compliance, 06/28/07: Increasingly, businesses deploying NAC are worried about proving to regulators that they are following appropriate industry and governmental guidelines ...

IPv6 D-Day is coming up fast, 06/28/07: If you had asked John Curran, head of the American Registry of Internet Numbers, three years ago to pinpoint the date at which we would run out of IP address space under IPv4, he would have said 2025. Two years ago, his answer would have been 2017. On Wednesday, he told an audience at the Burton Group’s Catalyst Conference that the doomsday date is now 2011.

Multivendor identity systems can work together, demo shows, 06/28/07: A unique demonstration showed user-centric identity software from major vendors, start-ups, one-woman projects and open source hackers all working in concert to replace passwords with validated identity-card access to Web-based resources.

Network World VoIP and Convergence Buyer's Guide

Find the right products for your enterprise - fast. Our extensive database of detailed product information will quickly help you pinpoint the hardware or software you need to build out a converged voice and data network. With the side-by-side comparison tool you can evaluate product features and make the best decision for your enterprise.

Click her to go to the Buyer's Guide now.

IBM expands security audit and compliance software, 06/28/07: IBM Tivoli expands security audit and compliance software.

Greens don't accept Berlin 'nein' to open source, 06/25/07: The Green Party is accusing the Berlin city government of lacking a coherent IT strategy and thus not being in a position to adequately judge the merits of open source software.

TODAY'S MOST-READ STORIES:

1. The most-hyped tech products of all time
2. Gartner to IT: Avoid Apple's iPhone
3. Microsoft security group on 'worst jobs' list
4. Parallel system 100X faster than PCs
5. Microsoft moves against pirates
6. Giving an interview gets a guy fired
7. CIOs leery of iPhone
8. U.S. citizens warned of phishing attack
9. Can cell phones be hacked?
10. Wireless service providers struggling

MOST-DOWNLOADED PODCAST:
Twisted Pair: Microsoft can patch anything faster than you


Contact the author:

Contact Site Editor Jeff Caruso



BONUS FEATURE

IT PRODUCT RESEARCH AT YOUR FINGERTIPS

Get detailed information on thousands of products, conduct side-by-side comparisons and read product test and review results with Network World’s IT Buyer’s Guides. Find the best solution faster than ever with over 100 distinct categories across the security, storage, management, wireless, infrastructure and convergence markets. Click here for details.


PRINT SUBSCRIPTIONS AVAILABLE
You've got the technology snapshot of your choice delivered to your inbox each day. Extend your knowledge with a print subscription to the Network World newsweekly, Apply here today.

International subscribers, click here.


SUBSCRIPTION SERVICES

To subscribe or unsubscribe to any Network World newsletter, change your e-mail address or contact us, click here.

This message was sent to: security.world@gmail.com. Please use this address when modifying your subscription.


Advertising information: Write to Associate Publisher Online Susan Cardoza

Network World, Inc., 118 Turnpike Road, Southborough, MA 01772

Copyright Network World, Inc., 2007

IBM expands security audit and compliance software; 3Com to spin out TippingPoint

Network World

Security News Alert




Network World's Security News Alert, 06/29/07

IBM expands security audit and compliance software, 06/28/07: IBM Tivoli expands security audit and compliance software.

3Com to spin out TippingPoint, 06/28/07: 3Com is spinning out its intrusion-prevention subsidiary.

Multivendor identity systems can work together, demo shows, 06/28/07: User-centric identity may focus on consumers, but corporate users are finding that CardSpace, OpenID and other technologies could solve federation issues and attack privacy, access, management and other concerns.

From servers to storage: Virtualization saves

It's touted as one of the fastest and easiest ways to better manage and control your infrastructure. Download this guide today and see how network IT execs are making virtualization pay off in the real world; discover the 8 virtualization gotchas you need to know; and much more.
Click here to download.

RealPlayer, Helix Player vulnerable to attack, 06/28/07: Users are being advised to upgrade to newer versions of the RealPlayer and Helix Player multimedia products because of a critical security flaw.

MySpace again under phishing attack, 06/28/07: Phishers have been using compromised MySpace.com accounts to attack unsuspecting Web surfers, security experts said Thursday.

Homeland Security to host closed-door security forum, 06/28/07: The U.S. Department of Homeland security will host a invite-only conference two months from now that will bring together security experts from law enforcement, Internet service providers, and the technology industry.

1984 plus 23 equals CACP, 06/28/07: Orwell’s 1984 conjured up a dystopian future where the masses were manipulated and controlled to preserve the power of the elite. Kind of brings the tactics of the RIAA and the MPAA to mind doesn’t it? And now there’s something called the “Coalition ...

TODAY'S MOST-READ STORIES:

1. The most-hyped tech products of all time
2. Gartner to IT: Avoid Apple's iPhone
3. Microsoft security group on 'worst jobs' list
4. Parallel system 100X faster than PCs
5. Microsoft moves against pirates
6. Giving an interview gets a guy fired
7. CIOs leery of iPhone
8. U.S. citizens warned of phishing attack
9. Can cell phones be hacked?
10. Wireless service providers struggling

MOST-DOWNLOADED PODCAST:
Twisted Pair: Microsoft can patch anything faster than you


Contact the author:

Senior Editor Ellen Messmer covers security for Network World. E-mail Ellen.



BONUS FEATURE

IT PRODUCT RESEARCH AT YOUR FINGERTIPS

Get detailed information on thousands of products, conduct side-by-side comparisons and read product test and review results with Network World’s IT Buyer’s Guides. Find the best solution faster than ever with over 100 distinct categories across the security, storage, management, wireless, infrastructure and convergence markets. Click here for details.


PRINT SUBSCRIPTIONS AVAILABLE
You've got the technology snapshot of your choice delivered to your inbox each day. Extend your knowledge with a print subscription to the Network World newsweekly, Apply here today.

International subscribers, click here.


SUBSCRIPTION SERVICES

To subscribe or unsubscribe to any Network World newsletter, change your e-mail address or contact us, click here.

This message was sent to: security.world@gmail.com. Please use this address when modifying your subscription.


Advertising information: Write to Associate Publisher Online Susan Cardoza

Network World, Inc., 118 Turnpike Road, Southborough, MA 01772

Copyright Network World, Inc., 2007

[SECURITY] [DSA 1325-1] New evolution packages fix arbitrary code execution

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- --------------------------------------------------------------------------
Debian Security Advisory DSA 1325-1 security@debian.org
http://www.debian.org/security/

Moritz Muehlenhoff
June 29th, 2007

http://www.debian.org/security/faq
- --------------------------------------------------------------------------

Package : evolution
Vulnerability : several
Problem-Type : remote
Debian-specific: no
CVE ID : CVE-2007-1002 CVE-2007-3257

Several remote vulnerabilities have been discovered in Evolution, a
groupware suite with mail client and organizer. The Common Vulnerabilities
and Exposures project identifies the following problems:

CVE-2007-1002

Ulf Harnhammer discovered that a format string vulnerability in
the handling of shared calendars may allow the execution of arbitrary
code.

CVE-2007-3257

It was discovered that the IMAP code in the Evolution Data Server
performs insufficient sanitising of a value later used an array index,
which can lead to the execution of arbitrary code.

For the oldstable distribution (sarge) these problems have been fixed in
version 2.0.4-2sarge2. Packages for hppa, mips and powerpc are not yet
available. They will be provided later.

For the stable distribution (etch) these problems have been fixed
in version 2.6.3-6etch1. Packages for mips are not yet available. They
will be provided later.

For the unstable distribution (sid) these problems will be fixed soon.

We recommend that you upgrade your evolution packages.


Upgrade Instructions
- --------------------

wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
will update the internal database
apt-get upgrade
will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.


Debian GNU/Linux 4.0 alias etch
- -------------------------------

Source archives:

http://security.debian.org/pool/updates/main/e/evolution/evolution_2.6.3-6etch1.dsc

Size/MD5 checksum: 1977 578b24366558cbb610a52fde5df44b3b

http://security.debian.org/pool/updates/main/e/evolution/evolution_2.6.3-6etch1.diff.gz

Size/MD5 checksum: 54055 12965737c082f0532cf2d27cd7627a47

http://security.debian.org/pool/updates/main/e/evolution/evolution_2.6.3.orig.tar.gz

Size/MD5 checksum: 17176288 7af880364d53b18ba72b1f85f3813c81

Architecture independent components:

http://security.debian.org/pool/updates/main/e/evolution/evolution-common_2.6.3-6etch1_all.deb

Size/MD5 checksum: 10103432 5b0a1644494c4200d85c8ec4dcf578bd

Alpha architecture:

http://security.debian.org/pool/updates/main/e/evolution/evolution_2.6.3-6etch1_alpha.deb

Size/MD5 checksum: 2740178 58094673290b0d2f0f02724409f8de73

http://security.debian.org/pool/updates/main/e/evolution/evolution-dbg_2.6.3-6etch1_alpha.deb

Size/MD5 checksum: 6443430 c9a5ad93c1d5ef443c012997c32f7c92

http://security.debian.org/pool/updates/main/e/evolution/evolution-dev_2.6.3-6etch1_alpha.deb

Size/MD5 checksum: 218784 1d29838627ce81b8ed50959553a2e8bf

http://security.debian.org/pool/updates/main/e/evolution/evolution-plugins_2.6.3-6etch1_alpha.deb

Size/MD5 checksum: 119354 df6e947cef9e051d7e20a1dcebd82415

http://security.debian.org/pool/updates/main/e/evolution/evolution-plugins-experimental_2.6.3-6etch1_alpha.deb

Size/MD5 checksum: 94514 6fa19364ce5e782a4dfed7e18ecc3e37

AMD64 architecture:

http://security.debian.org/pool/updates/main/e/evolution/evolution_2.6.3-6etch1_amd64.deb

Size/MD5 checksum: 2564562 c8421df9d8ca72b77334540c46b5198f

http://security.debian.org/pool/updates/main/e/evolution/evolution-dbg_2.6.3-6etch1_amd64.deb

Size/MD5 checksum: 6504728 525c0348998ec55980c3fd3384a0b6f0

http://security.debian.org/pool/updates/main/e/evolution/evolution-dev_2.6.3-6etch1_amd64.deb

Size/MD5 checksum: 213638 9bac9cf35da6ffe9cb19abb20ba63aed

http://security.debian.org/pool/updates/main/e/evolution/evolution-plugins_2.6.3-6etch1_amd64.deb

Size/MD5 checksum: 117566 8415d9121b8c63e25b3cdf8109b43f81

http://security.debian.org/pool/updates/main/e/evolution/evolution-plugins-experimental_2.6.3-6etch1_amd64.deb

Size/MD5 checksum: 94500 5fa8d2938b94f43216dc2170291da97d

ARM architecture:

http://security.debian.org/pool/updates/main/e/evolution/evolution_2.6.3-6etch1_arm.deb

Size/MD5 checksum: 2250610 44497cf9d0a45358384187ac7efab563

http://security.debian.org/pool/updates/main/e/evolution/evolution-dbg_2.6.3-6etch1_arm.deb

Size/MD5 checksum: 6188510 37315f3a07a716a6e5023aa6607fdf7c

http://security.debian.org/pool/updates/main/e/evolution/evolution-dev_2.6.3-6etch1_arm.deb

Size/MD5 checksum: 213906 d5ad98f0c51b42a0d59edfe162c6e946

http://security.debian.org/pool/updates/main/e/evolution/evolution-plugins_2.6.3-6etch1_arm.deb

Size/MD5 checksum: 110274 e538017a89ae1122088990fc3d887cd5

http://security.debian.org/pool/updates/main/e/evolution/evolution-plugins-experimental_2.6.3-6etch1_arm.deb

Size/MD5 checksum: 91444 f179118a62ff229743e6847a7ce1b56d

HP Precision architecture:

http://security.debian.org/pool/updates/main/e/evolution/evolution_2.6.3-6etch1_hppa.deb

Size/MD5 checksum: 2857208 b647321570b2388244ca7aee5807e16b

http://security.debian.org/pool/updates/main/e/evolution/evolution-dbg_2.6.3-6etch1_hppa.deb

Size/MD5 checksum: 6436170 d324495c0bdd05d1c6f4929b84c2ea36

http://security.debian.org/pool/updates/main/e/evolution/evolution-dev_2.6.3-6etch1_hppa.deb

Size/MD5 checksum: 213704 1af2551c6e854634dd5ce597e60e9487

http://security.debian.org/pool/updates/main/e/evolution/evolution-plugins_2.6.3-6etch1_hppa.deb

Size/MD5 checksum: 120416 4a1d0998c2f924b3de5017fdb4a8c5d8

http://security.debian.org/pool/updates/main/e/evolution/evolution-plugins-experimental_2.6.3-6etch1_hppa.deb

Size/MD5 checksum: 95478 93bed95e8bd6dad12d3465c8ed6be0db

Intel IA-32 architecture:

http://security.debian.org/pool/updates/main/e/evolution/evolution_2.6.3-6etch1_i386.deb

Size/MD5 checksum: 2403898 e0fe291efb927324afc9fec7a2dc53f6

http://security.debian.org/pool/updates/main/e/evolution/evolution-dbg_2.6.3-6etch1_i386.deb

Size/MD5 checksum: 6137476 0c5d0d9151dfb363cb9291181eb4a82b

http://security.debian.org/pool/updates/main/e/evolution/evolution-dev_2.6.3-6etch1_i386.deb

Size/MD5 checksum: 213648 94560dc3d0349489e04571f1ddb5a099

http://security.debian.org/pool/updates/main/e/evolution/evolution-plugins_2.6.3-6etch1_i386.deb

Size/MD5 checksum: 113164 747f1de321552792da380c4048037216

http://security.debian.org/pool/updates/main/e/evolution/evolution-plugins-experimental_2.6.3-6etch1_i386.deb

Size/MD5 checksum: 92396 cad5b0c3acfcd59001fc76587869ee10

Intel IA-64 architecture:

http://security.debian.org/pool/updates/main/e/evolution/evolution_2.6.3-6etch1_ia64.deb

Size/MD5 checksum: 3419724 cdf39b6755216b8a72a8810d77166516

http://security.debian.org/pool/updates/main/e/evolution/evolution-dbg_2.6.3-6etch1_ia64.deb

Size/MD5 checksum: 6137680 c713dafa4535471d1304298c900631e9

http://security.debian.org/pool/updates/main/e/evolution/evolution-dev_2.6.3-6etch1_ia64.deb

Size/MD5 checksum: 213634 9b819bc46ce79faef462a7eb71773050

http://security.debian.org/pool/updates/main/e/evolution/evolution-plugins_2.6.3-6etch1_ia64.deb

Size/MD5 checksum: 129692 d4e1d68c1190f50adb9da1472754ff32

http://security.debian.org/pool/updates/main/e/evolution/evolution-plugins-experimental_2.6.3-6etch1_ia64.deb

Size/MD5 checksum: 99584 9bae1417cb9656164310660ad4860f08

Little endian MIPS architecture:

http://security.debian.org/pool/updates/main/e/evolution/evolution_2.6.3-6etch1_mipsel.deb

Size/MD5 checksum: 2334086 f2dae7d431375bc0570206ba968a72d2

http://security.debian.org/pool/updates/main/e/evolution/evolution-dbg_2.6.3-6etch1_mipsel.deb

Size/MD5 checksum: 6484682 592f1e0ee53eb7e54e2be832076fd06a

http://security.debian.org/pool/updates/main/e/evolution/evolution-dev_2.6.3-6etch1_mipsel.deb

Size/MD5 checksum: 213670 d7272b29aef4160640556d60abf03def

http://security.debian.org/pool/updates/main/e/evolution/evolution-plugins_2.6.3-6etch1_mipsel.deb

Size/MD5 checksum: 112214 a0cd549d60096deb37759c28e08872d5

http://security.debian.org/pool/updates/main/e/evolution/evolution-plugins-experimental_2.6.3-6etch1_mipsel.deb

Size/MD5 checksum: 92442 fe82fee493dfd6f6f41b1cc152c8534e

PowerPC architecture:

http://security.debian.org/pool/updates/main/e/evolution/evolution_2.6.3-6etch1_powerpc.deb

Size/MD5 checksum: 2465894 39e6a477a30c49e42e496fc4c0b09c90

http://security.debian.org/pool/updates/main/e/evolution/evolution-dbg_2.6.3-6etch1_powerpc.deb

Size/MD5 checksum: 6513656 0666ce31cad6c1e28fe9e3d89aec8bf1

http://security.debian.org/pool/updates/main/e/evolution/evolution-dev_2.6.3-6etch1_powerpc.deb

Size/MD5 checksum: 213664 f2d904adba62e249336ec494f76a1fa5

http://security.debian.org/pool/updates/main/e/evolution/evolution-plugins_2.6.3-6etch1_powerpc.deb

Size/MD5 checksum: 124958 d17c947715c7f22ec36ed8eb2c42bfe6

http://security.debian.org/pool/updates/main/e/evolution/evolution-plugins-experimental_2.6.3-6etch1_powerpc.deb

Size/MD5 checksum: 99208 e36c5636970a8bf62791f1bfcdd52cb5

IBM S/390 architecture:

http://security.debian.org/pool/updates/main/e/evolution/evolution_2.6.3-6etch1_s390.deb

Size/MD5 checksum: 2690750 5fdde7518305b8e1b5ea620b672a676f

http://security.debian.org/pool/updates/main/e/evolution/evolution-dbg_2.6.3-6etch1_s390.deb

Size/MD5 checksum: 6397252 e6b747d66ff2f2509f2e9917e9c17a97

http://security.debian.org/pool/updates/main/e/evolution/evolution-dev_2.6.3-6etch1_s390.deb

Size/MD5 checksum: 213624 45a273c5d4ada0b910f0dc727bea5960

http://security.debian.org/pool/updates/main/e/evolution/evolution-plugins_2.6.3-6etch1_s390.deb

Size/MD5 checksum: 118260 cc9f6b42fa9e89d8b762292e5087a2bf

http://security.debian.org/pool/updates/main/e/evolution/evolution-plugins-experimental_2.6.3-6etch1_s390.deb

Size/MD5 checksum: 94170 b7c20d6bea74454b0fb344fab1f0c1a6

Sun Sparc architecture:

http://security.debian.org/pool/updates/main/e/evolution/evolution_2.6.3-6etch1_sparc.deb

Size/MD5 checksum: 2375188 9688ef4d3c948c77c8f9ec243fa13ffe

http://security.debian.org/pool/updates/main/e/evolution/evolution-dbg_2.6.3-6etch1_sparc.deb

Size/MD5 checksum: 6022044 1648818f346aa0e18ad7b9a6f47c4e51

http://security.debian.org/pool/updates/main/e/evolution/evolution-dev_2.6.3-6etch1_sparc.deb

Size/MD5 checksum: 213672 d666053b367b337d1393d8cd99acb2d2

http://security.debian.org/pool/updates/main/e/evolution/evolution-plugins_2.6.3-6etch1_sparc.deb

Size/MD5 checksum: 111144 2ab6e4a9e36b01b00356a0c0d8306e5b

http://security.debian.org/pool/updates/main/e/evolution/evolution-plugins-experimental_2.6.3-6etch1_sparc.deb

Size/MD5 checksum: 91356 d13430ac396cd25d464de07f0e809b92

Debian GNU/Linux 3.1 alias sarge
- --------------------------------

Source archives:

http://security.debian.org/pool/updates/main/e/evolution/evolution_2.0.4-2sarge2.dsc

Size/MD5 checksum: 1167 099060ef401e9bd005ecce322b2b1905

http://security.debian.org/pool/updates/main/e/evolution/evolution_2.0.4-2sarge2.diff.gz

Size/MD5 checksum: 293848 a0eecfdbfba9f098d200c6add4a27707

http://security.debian.org/pool/updates/main/e/evolution/evolution_2.0.4.orig.tar.gz

Size/MD5 checksum: 20968383 d555a0b1d56f0f0b9c33c35b057f73e6

Alpha architecture:

http://security.debian.org/pool/updates/main/e/evolution/evolution_2.0.4-2sarge2_alpha.deb

Size/MD5 checksum: 10648460 2cc1271a6bf74c07dda2e20b95215673

http://security.debian.org/pool/updates/main/e/evolution/evolution-dev_2.0.4-2sarge2_alpha.deb

Size/MD5 checksum: 163046 a6377c8f6cbc0ba6a18df3ab9f2573ea

AMD64 architecture:

http://security.debian.org/pool/updates/main/e/evolution/evolution_2.0.4-2sarge2_amd64.deb

Size/MD5 checksum: 10447646 b4f3f8a0e9a6cb98858d7af4bde78c19

http://security.debian.org/pool/updates/main/e/evolution/evolution-dev_2.0.4-2sarge2_amd64.deb

Size/MD5 checksum: 160332 7abdb02216902914d11f29f1f1f59024

ARM architecture:

http://security.debian.org/pool/updates/main/e/evolution/evolution_2.0.4-2sarge2_arm.deb

Size/MD5 checksum: 10251532 8e442313f5bed9aeebc63665bc41fb46

http://security.debian.org/pool/updates/main/e/evolution/evolution-dev_2.0.4-2sarge2_arm.deb

Size/MD5 checksum: 160552 7f3e4a5e9b7c245aa9412cfe04434921

Intel IA-32 architecture:

http://security.debian.org/pool/updates/main/e/evolution/evolution_2.0.4-2sarge2_i386.deb

Size/MD5 checksum: 10232410 a4afa05be3fd2916e18e8633e1a409c7

http://security.debian.org/pool/updates/main/e/evolution/evolution-dev_2.0.4-2sarge2_i386.deb

Size/MD5 checksum: 160362 2abbd56ddb2e6fbea4db658bbec5f7f0

Intel IA-64 architecture:

http://security.debian.org/pool/updates/main/e/evolution/evolution_2.0.4-2sarge2_ia64.deb

Size/MD5 checksum: 11419386 6116133ec485569c945402d7a07870d2

http://security.debian.org/pool/updates/main/e/evolution/evolution-dev_2.0.4-2sarge2_ia64.deb

Size/MD5 checksum: 160326 2dc98f5a820e1cce1b639abd74d78ba7

Motorola 680x0 architecture:

http://security.debian.org/pool/updates/main/e/evolution/evolution_2.0.4-2sarge2_m68k.deb

Size/MD5 checksum: 10387558 62b1d6f774f927862b6a8c1e83aa90a4

http://security.debian.org/pool/updates/main/e/evolution/evolution-dev_2.0.4-2sarge2_m68k.deb

Size/MD5 checksum: 160774 c32e6f33fee20a264f75b904d7f5486e

Little endian MIPS architecture:

http://security.debian.org/pool/updates/main/e/evolution/evolution_2.0.4-2sarge2_mipsel.deb

Size/MD5 checksum: 10195334 5cc12dae2c5554048e578f506da61edb

http://security.debian.org/pool/updates/main/e/evolution/evolution-dev_2.0.4-2sarge2_mipsel.deb

Size/MD5 checksum: 160396 0e3d20548f09988d54e169a8aef9195b

IBM S/390 architecture:

http://security.debian.org/pool/updates/main/e/evolution/evolution_2.0.4-2sarge2_s390.deb

Size/MD5 checksum: 10639100 e703df57d83a286068ccdbc0979cd9aa

http://security.debian.org/pool/updates/main/e/evolution/evolution-dev_2.0.4-2sarge2_s390.deb

Size/MD5 checksum: 160326 b5b24541c481378eade7e085e1cbf403

Sun Sparc architecture:

http://security.debian.org/pool/updates/main/e/evolution/evolution_2.0.4-2sarge2_sparc.deb

Size/MD5 checksum: 10349344 0cf504d0a4acd1a0078fd155f82a6f81

http://security.debian.org/pool/updates/main/e/evolution/evolution-dev_2.0.4-2sarge2_sparc.deb

Size/MD5 checksum: 160390 1907f5d66dda48a061b664726c5a8bee


These files will probably be moved into the stable distribution on
its next update.

- ---------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
Package info: `apt-cache show <pkg>' and http://packages.debian.org/
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)

iD8DBQFGhR/YXm3vHE4uyloRAgbhAKDVto5or6DumtYkju44ysJyI3sGKQCfeIcH
bm6bjui7EBh5LheBcdJjSPc=
=Gidi
-----END PGP SIGNATURE-----


--
To UNSUBSCRIBE, email to debian-security-announce-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org