Accepted libdatetime-timezone-perl 1:1.75-2+2016g (source all) into proposed-updates->stable-new, proposed-updates
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Tue, 27 Sep 2016 23:20:52 +0200 Source: libdatetime-timezone-perl Binary: libdatetime-timezone-perl Architecture: source all Version: 1:1.75-2+2016g Distribution: jessie Urgency: medium Maintainer: Debian Perl Group Changed-By: gregor herrmann Description: libdatetime-timezone-perl - framework exposing the Olson time zone database to Perl Changes: libdatetime-timezone-perl (1:1.75-2+2016g) jessie; urgency=medium . * Update to Olson database version 2016g. Add patch debian/patches/olson-2016g, which updates the timezone *.pm files, using upstream's tools/parse_olson script. This update contains contemporary changes for Europe/Istanbul. Checksums-Sha1: 76b17fd953601062b6b657e51b3abe9864d53c06 2596 libdatetime-timezone-perl_1.75-2+2016g.dsc 939610cc2300adb6c0065313249ac421169962c4 144932 libdatetime-timezone-perl_1.75-2+2016g.debian.tar.xz a76765276d7bc32ce291e6acd895cdf71565de7d 269802 libdatetime-timezone-perl_1.75-2+2016g_all.deb Checksums-Sha256: ac36d7210af0e48b303744d7cce7fdc855d11d057c9e3d8029b17ed74b674dfa 2596 libdatetime-timezone-perl_1.75-2+2016g.dsc 711d8d996c1956eafd7bc441fda8e15aa9a4332cea4571b82e3c921b86dbad6d 144932 libdatetime-timezone-perl_1.75-2+2016g.debian.tar.xz 85671184e4e054c03f2a27fc804a426aada3e749ec53decdf2d2135c84a1987d 269802 libdatetime-timezone-perl_1.75-2+2016g_all.deb Files: e71613d9652587b0aaec26202afa4647 2596 perl optional libdatetime-timezone-perl_1.75-2+2016g.dsc ea55c14527b7485279c414f22abbe736 144932 perl optional libdatetime-timezone-perl_1.75-2+2016g.debian.tar.xz 112b6c861bdf97e85fca74cfdfb96dbb 269802 perl optional libdatetime-timezone-perl_1.75-2+2016g_all.deb -BEGIN PGP SIGNATURE- iQJ8BAEBCgBmBQJX6uMcXxSAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXREMUUxMzE2RTkzQTc2MEE4MTA0RDg1RkFC QjNBNjgwMTg2NDlBQTA2AAoJELs6aAGGSaoGrBEP/jmPFvssyylmKXORGCA7dVrz Vuyc7Xl7/dojs6yySiBDNEU/TQG3wNxNgL934PwPdD9ozT/CfccPKD5UlGjyYM/I 9st7YTlPtMaqfUFrb5lhrwXKIzSGyz0l60BxZxZRJ+kfAdQv4h0Z+NiOene1Q6fn bxxc1CkKHe3wPintLJaltt9DBBZDKYp/heRCmfxLVo51rBq1NmSaIUNLfXwY0CBg EajhfqUUTdc7dyautqN1cV7Bi64LwSggzzEn6OWtu5LoShpx6GeeH/rg4uCajrdr UkyG7bMUPJbioBNrmAjQbrJYv5FsZDTrDW0xDGlyvl0FD79mCBmHFGVcvBQojQK0 NnoIWsmtExeIqUCtAfa7Px+g5KfBRz1qWP6qy3Fym9RVABh15F9gfyB6AiBhacnx yuKE1aYBXPAJjXiuMlSoFsv5bb9iD1dWqzHYOqYEkoXL4Une65bMCMd7aw5VgFSC oazMjiJvU9oa/iY1f82jCukdl7QlyKTV6aRDorWr8Eii/LSU60uodf5DmUpZDXC3 pJs5eZi2MKWLsMOdFjxHAl5Wp9Wwb6BfwBv1JjhLo1i24npMZCPXFQ0yIOHDT8Xc 7z4SZlr4ji9TxFZiAC1Q/K2yqCjORo9UINEkv5MMqqh25oBPYIq3UzKpvhfPOlO/ fRb5oiXtliiNif4ITbm+ =9JCn -END PGP SIGNATURE-
Accepted unadf 0.7.11a-3+deb8u1 (source amd64) into proposed-updates->stable-new, proposed-updates
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Sun, 18 Sep 2016 23:11:18 -0400 Source: unadf Binary: unadf Architecture: source amd64 Version: 0.7.11a-3+deb8u1 Distribution: stable-security Urgency: high Maintainer: Debian QA Group Changed-By: Luciano Bello Description: unadf - Extract files from an Amiga Disk File dump (.adf) Closes: 838248 Changes: unadf (0.7.11a-3+deb8u1) stable-security; urgency=high . * Orphaned package with security issues. * Tuomas Räsäne discoveried two security issues (Closes: #838248): - CVE-2016-1243: stack buffer overflow caused by blindly trusting on pathname lengths of archived files. - CVE-2016-1244: execution of unsanitized input. Checksums-Sha1: a9833a042a8124bfdbe6c305b79b63a419258c96 1723 unadf_0.7.11a-3+deb8u1.dsc 63c05f97302ff67f5d7ff2d9e33f9a66196f9578 209458 unadf_0.7.11a.orig.tar.gz d7a189f0824ddc05cbe13dde8ba7280bc0c2ae91 19368 unadf_0.7.11a-3+deb8u1.debian.tar.xz 330193a8f503a1666a6294c0bec3c52b298c8f7e 22 unadf_0.7.11a-3+deb8u1_amd64.deb Checksums-Sha256: cdf0531de6b73dfe4ab7f4d9a0886ae4b2565d4f5f5a48fb1db3bf0953c1319b 1723 unadf_0.7.11a-3+deb8u1.dsc fa9e0e34b1b0f4f4287905a3d485e3bba498451af98d6c12be87ab3a2b436471 209458 unadf_0.7.11a.orig.tar.gz 6aa90a89df12f712098d62213eb35c2d4195bfbea389af4936d8a74f6f6b78bc 19368 unadf_0.7.11a-3+deb8u1.debian.tar.xz a30718e98459f6c3b2d292cdf67115dba3f77c26b6e5530c1b244daec20d018d 22 unadf_0.7.11a-3+deb8u1_amd64.deb Files: 09671a48add8e2d1998572c1f28fd258 1723 utils optional unadf_0.7.11a-3+deb8u1.dsc 63c21eeb61e1473d8dd214e0b39cb819 209458 utils optional unadf_0.7.11a.orig.tar.gz 01bc54dc8cce49609bf509dfd6182ded 19368 utils optional unadf_0.7.11a-3+deb8u1.debian.tar.xz 388dd0e716d5bb36096a1217609b38dd 22 utils optional unadf_0.7.11a-3+deb8u1_amd64.deb -BEGIN PGP SIGNATURE- Version: GnuPG v1 iQIcBAEBCAAGBQJX5shEAAoJEG7C3vaP/jd0VVMQAI3I7PjzwtpBxz8iGaIYCkHq 1JwEQGcO8QsEdekVfb8aWVan2xOIBw0rfgA3HHa8l8EwA6EInAdNOBhF/TxwMo5P 5myXhOyMj5LBsgT+7V4BRaoH9wM4TEP/K6EW5hpd1RHiZWdUni2B0zijelz8pzcf VtwiVIZCkdblWIjqnxeeU1rQNvUBXkVU1/EDOZlg/ePzySQSXFDFT5JVkbbPGAVW EMIJC6j5GeN06bFi6fN7wZlK3kVTzmrgBNQZitMHuMC9Cjdah5RzPmh/vyU6Za+v alzvkLDNdn6R4J2sgtf3Eg5ol6FNjGKZDIbd5PfI/q3KWj1R+wWA/01DRur3yP+Y c+cQi+4SpXlXOYYSnOC2x9qJvAt47T5lXfaPXQ2q00wPckch3nUegxn0qCUExS+U Bnx+6fngdqVdCQGmJjo4qEcDQEdhUFEYURis0E3VLQP8afk+slu8xaFeWAS2APMg umYCLRhmqENh4UvbXDeyaluqG/P2/yAqpFb4/sGJZZIPsM1reaIltSMc0S6eSpSl kTkQmk1eyP46ixbgCKF5rHvu9vL316Q6twBNRlG4SYj14O/HJM0filbNJN9MJvfN 3AeKqG6JQ6ytQcpP1z0GUP+ZRvA6TZIXUmXrjG8FKmZzie8xtt0FHPEuGLEcwPN6 Q9jQBp5ThZ5Bb4bOsWbp =Mc7h -END PGP SIGNATURE-
Accepted tzdata 2016g-0+deb8u1 (source all) into proposed-updates->stable-new, proposed-updates
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Tue, 27 Sep 2016 23:50:25 +0200 Source: tzdata Binary: tzdata tzdata-java Architecture: source all Version: 2016g-0+deb8u1 Distribution: stable Urgency: medium Maintainer: GNU Libc Maintainers Changed-By: Aurelien Jarno Description: tzdata - time zone and daylight-saving time data tzdata-java - time zone and daylight-saving time data for use by java runtimes Closes: 838781 Changes: tzdata (2016g-0+deb8u1) stable; urgency=medium . * New upstream version, affecting the following future time stamps: - Europe/Istanbul switch from EET/EEST (+02/+03) to permanent +03 on 2016-09-07. While the timezone has changed, the divergence from EET/EEST will happen on 2016-10-30. Closes: #838781. - New leap second 2016-12-31 23:59:60 UTC as per IERS Bulletin C 52. Checksums-Sha1: db3be53e59ff8699c3b414d77c105090a7b164a7 1953 tzdata_2016g-0+deb8u1.dsc b60858b3e223ee10440f6c10f728d301269431ca 316669 tzdata_2016g.orig.tar.gz 47d3b5776e0dce64c1af16977ef68a4eadb16d5f 101888 tzdata_2016g-0+deb8u1.debian.tar.xz 4a5906924aefc6029eaa2a7d39b18c100df8f5d6 185900 tzdata_2016g-0+deb8u1_all.deb 83bdf87b7cc7b8d0664695939a6ffa7a24c50ccf 81522 tzdata-java_2016g-0+deb8u1_all.deb Checksums-Sha256: f78b0a88291f7b06608bd2e519b9a74d4d4303c6948b0e2f675a01f3d5bf536a 1953 tzdata_2016g-0+deb8u1.dsc 3c7137b2bc47323b0de47b77786bacf81ed503d4b2c693ff8ada2fbd1281ebd1 316669 tzdata_2016g.orig.tar.gz 299c517ddfeebd5398da49be57aff44a144e409c8596e14abf7b4a5cda211247 101888 tzdata_2016g-0+deb8u1.debian.tar.xz fc4d755810441eed561ef33360c6c380843eea2e6c62045eb4c3dc1299083fb8 185900 tzdata_2016g-0+deb8u1_all.deb dea3b3cde51f63b2dcb7ab9ea2a0de11fb53490eb861b7d06cee957d62200cf9 81522 tzdata-java_2016g-0+deb8u1_all.deb Files: a7f0f67dfd3bc546e7a722b96289ba05 1953 localization required tzdata_2016g-0+deb8u1.dsc 3c7e97ec8527211104d27cc1d97a23de 316669 localization required tzdata_2016g.orig.tar.gz 2e5054eb7dcaf0055b634018abb05ea7 101888 localization required tzdata_2016g-0+deb8u1.debian.tar.xz c88ceb29a83bdb9c00275599d39ca324 185900 localization required tzdata_2016g-0+deb8u1_all.deb 7da3e33e0dd3af9f0ffc5cfe2dbebbf4 81522 java optional tzdata-java_2016g-0+deb8u1_all.deb -BEGIN PGP SIGNATURE- iQIcBAEBCgAGBQJX6vAHAAoJELqceAYd3YybFuYP/2TiLkVS1Els3ZirkCMKoZjZ D+9T4GCfQn8c+xDy3oUI6GERKqqoO6Y96ZB2ZsYIpQugoRjKgxvCCEH1UACQa2UG 2Jfr8of/peIdDJHbUJiILs/hqih4wO3pL7ZqgKjFgLzmBqFj3ya5smqTdRYegHY+ 1JovNJPpbPhNAzcYHLisMAzN72wsYJwm6oYXkAhXfjfeY+co67+cTfBWxIHEJAN4 kbEW2V0DE3h7lwLi31Eg1HbsjZbErqV7ksLU6pK8al4bwgGyajeMqyc+r1zCezt4 uhLLPOwU9DjlErvh6BUOVzkqbgXc3WSle7it/CMDNBhkdcw6amCcSwfLlneNGVDc YbofX0EQp0CO1o0A/ga0C2wogbBqd0wtbpEBAykeom41u5LB50usVYEUxMjnBTvs cE7ak26fGYxAa+QJe96ICmLZK10zYUFr2uZBCxLSpi7XIzFFFQjh4twhm85ZfwdI heie+GMaLiGn0alBdphks68yCotfOejkG5DYeLbMeKBXkkmfi7zgnFWX6eZDNvfe dl6cPuDBvIh8wtiATfaJaSSk215t0azDMQYcGeVB4F7XlNXgapVuf1v8jnfXcm6+ yr+H8h6Yx52LvX0ZwOWFsNiocIcX5uVGg2MNWli4e0tWzL0AqIHqeKfTtp4BVpOo eKnrgchbtENTDh3mF0ws =NEf2 -END PGP SIGNATURE-
Accepted zookeeper 3.4.5+dfsg-2+deb8u1 (source all amd64) into proposed-updates->stable-new, proposed-updates
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Sat, 01 Oct 2016 20:02:51 +0200 Source: zookeeper Binary: libzookeeper-java zookeeper zookeeperd libzookeeper-java-doc libzookeeper-mt2 libzookeeper-st2 libzookeeper2 libzookeeper-mt-dev libzookeeper-st-dev zookeeper-bin python-zookeeper Architecture: source all amd64 Version: 3.4.5+dfsg-2+deb8u1 Distribution: jessie Urgency: high Maintainer: Debian Java Maintainers Changed-By: Markus Koschany Description: libzookeeper-java - Core Java libraries for zookeeper libzookeeper-java-doc - API Documentation for zookeeper libzookeeper-mt-dev - Development files for multi threaded zookeeper C bindings libzookeeper-mt2 - Multi threaded C bindings for zookeeper libzookeeper-st-dev - Development files for single threaded zookeeper C bindings libzookeeper-st2 - Single threaded C bindings for zookeeper libzookeeper2 - C bindings for zookeeper - transitional package python-zookeeper - Python bindings for zookeeper zookeeper - High-performance coordination service for distributed application zookeeper-bin - Command line utilities for zookeeper zookeeperd - Init control scripts for zookeeper Changes: zookeeper (3.4.5+dfsg-2+deb8u1) jessie; urgency=high . * Team upload. * Fix CVE-2016-5017: Lyon Yang discovered that the C client shells cli_st and cli_mt of Apache Zookeeper, a high-performance coordination service for distributed applications, were affected by a buffer overflow vulnerability associated with parsing of the input command when using the "cmd:" batch mode syntax. If the command string exceeds 1024 characters a buffer overflow will occur. Checksums-Sha1: 291fdf5097dd1406e9af98f5abecdc530647577d 3116 zookeeper_3.4.5+dfsg-2+deb8u1.dsc a020ecefd0d6802cc2293b5d02bd3e7acc073822 34164 zookeeper_3.4.5+dfsg-2+deb8u1.debian.tar.xz e33d531896b61ae478e2700253d9cd8a7bf3ac7e 1250858 libzookeeper-java_3.4.5+dfsg-2+deb8u1_all.deb e5f9f35813259b696220dee9747d119b2c4808af 18 zookeeper_3.4.5+dfsg-2+deb8u1_all.deb 3aeba62c9bdae944d187eec15dcd4155baf222b7 35640 zookeeperd_3.4.5+dfsg-2+deb8u1_all.deb 63a78b772faf0658611454c2555fba839f1715de 373792 libzookeeper-java-doc_3.4.5+dfsg-2+deb8u1_all.deb c2be5a34b7952b746e0859d97ab25f103dd4ab10 67092 libzookeeper-mt2_3.4.5+dfsg-2+deb8u1_amd64.deb a497b5b0413899204a5c9ff95a1853947281bf33 64810 libzookeeper-st2_3.4.5+dfsg-2+deb8u1_amd64.deb 65f92cd524b00b911bbbe449d6e16b99889fd417 33094 libzookeeper2_3.4.5+dfsg-2+deb8u1_amd64.deb 4ef4a4df7152375e021ab706737f2bccf22600b0 82960 libzookeeper-mt-dev_3.4.5+dfsg-2+deb8u1_amd64.deb 258a439aa7b77dda2d7344b067971cb22c7fa9e1 80326 libzookeeper-st-dev_3.4.5+dfsg-2+deb8u1_amd64.deb 1bb806db28233b38e2841110ce99944f7ba50e3c 83918 zookeeper-bin_3.4.5+dfsg-2+deb8u1_amd64.deb 2b920126ccca47e2d2d384da537264cb2525d4d8 50308 python-zookeeper_3.4.5+dfsg-2+deb8u1_amd64.deb Checksums-Sha256: 76e7cc7e0f2ba94035795106002c8ac0d6a15e29381cf47d06ea5bab15f9a6ac 3116 zookeeper_3.4.5+dfsg-2+deb8u1.dsc ef8787c64d60294c4e00c1614213a372074cfbb225ce02aed79fe57093e4ccff 34164 zookeeper_3.4.5+dfsg-2+deb8u1.debian.tar.xz 3524d7295ee0cdc4ff21e5c11219698c115c058c9e1c0883349c0c4e3bc643b6 1250858 libzookeeper-java_3.4.5+dfsg-2+deb8u1_all.deb a99beb725336a48cfd515e50abd21381ca47523d4dc43c763c29067342583bb9 18 zookeeper_3.4.5+dfsg-2+deb8u1_all.deb 61dff9aa32ae600e4f6015fbe3d22a53da48d2d878d0fd7c445d631d70310c14 35640 zookeeperd_3.4.5+dfsg-2+deb8u1_all.deb 26de66d0f9e720f0b0952d5db9b19ff3a4a4736498a0b740c4cd9175c81a7a3d 373792 libzookeeper-java-doc_3.4.5+dfsg-2+deb8u1_all.deb 8fd73e522bad937e22b6ac3b32c7b4245357c23639a21f2dd75674c266830c9d 67092 libzookeeper-mt2_3.4.5+dfsg-2+deb8u1_amd64.deb 3c8f7ef7ed78288e023f7f3c04e2de8f05d3d715e9318dca46969d792179b71a 64810 libzookeeper-st2_3.4.5+dfsg-2+deb8u1_amd64.deb 76f9e2c41461d27c61a3f37969abfb49839fa3597a4e520c0651b83bd3199012 33094 libzookeeper2_3.4.5+dfsg-2+deb8u1_amd64.deb daec30d12f414a6e5966b2257f2b810b013b4f4fb718c2e8bea72b3da5615599 82960 libzookeeper-mt-dev_3.4.5+dfsg-2+deb8u1_amd64.deb ae9bd32ca21917f7cc08b21b9f468333cb3094d49538c5c3e9478d8e0bc5b217 80326 libzookeeper-st-dev_3.4.5+dfsg-2+deb8u1_amd64.deb e66fe967d122b2e361c80a59bff703f0e54349e062e2dd02d04c09bfa90bcc9d 83918 zookeeper-bin_3.4.5+dfsg-2+deb8u1_amd64.deb 65e94d77d707918142364e6f9bb3f920bcffdf59817bf9c422cd7676aa20d517 50308 python-zookeeper_3.4.5+dfsg-2+deb8u1_amd64.deb Files: d0edc1c8468bca8e07a6517cb40b6b47 3116 java optional zookeeper_3.4.5+dfsg-2+deb8u1.dsc a93aca104dc007f167d72fafc1f7a142 34164 java optional zookeeper_3.4.5+dfsg-2+deb8u1.debian.tar.xz ce5406fbf8564540df0b5ff29d413d91 1250858 java optional libzookeeper-java_3.4.5+dfsg-2+deb8u1_all.deb dac88f6a70bb7dc5d1166bec5f1cc53c 18 java optional zookeeper_3.4.5+dfsg-2+deb8u1_all.deb 47fc03983f0842618f8e4697860567a5 35640 java optional zookeeperd_3.4.5+dfsg-2+deb8u1_all.deb 697d8750c360f281176347fdc941b39f 373792 doc optional
Accepted elog 2.9.2+2014.05.11git44800a7-2+deb8u1 (source amd64) into proposed-updates->stable-new, proposed-updates
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Sat, 17 Sep 2016 20:22:36 +0200 Source: elog Binary: elog Architecture: source amd64 Version: 2.9.2+2014.05.11git44800a7-2+deb8u1 Distribution: jessie Urgency: medium Maintainer: Roger Kalt Changed-By: Roger Kalt Description: elog - Logbook system to manage notes through a Web interface Closes: 836505 Changes: elog (2.9.2+2014.05.11git44800a7-2+deb8u1) jessie; urgency=medium . * Added patch 0005_elogd_CVE-2016-6342_fix to fix posting entry as arbitrary username (Closes: #836505, CVE-2016-6342) Checksums-Sha1: 157b7e960df3e269bee4eb925aeadd70fd0e3d5f 1855 elog_2.9.2+2014.05.11git44800a7-2+deb8u1.dsc c330b954e4bc5f6181c3a7f707b9f8acd402cf44 20160 elog_2.9.2+2014.05.11git44800a7-2+deb8u1.debian.tar.xz 12b3cfe5a0b7b1e338250a83425135fae28f4686 1299088 elog_2.9.2+2014.05.11git44800a7-2+deb8u1_amd64.deb Checksums-Sha256: 91962ae6acf8321e0b3b52cff0def990b3aec4983fa5e59d9cfb8b911a4dbf84 1855 elog_2.9.2+2014.05.11git44800a7-2+deb8u1.dsc 698fb4e2513acb71a2721b52cd174368ebb29f87a7d4d2d4a77a70566c041ea5 20160 elog_2.9.2+2014.05.11git44800a7-2+deb8u1.debian.tar.xz 8dc1b4543a9224815de08a9fa3f90910baed4ed5223dfe62f440cd9eafd37d66 1299088 elog_2.9.2+2014.05.11git44800a7-2+deb8u1_amd64.deb Files: af64171ed8008b57ea7be91df84dbd46 1855 web optional elog_2.9.2+2014.05.11git44800a7-2+deb8u1.dsc 847fee445bfd1074dd1b36151eda8ef0 20160 web optional elog_2.9.2+2014.05.11git44800a7-2+deb8u1.debian.tar.xz f96cc48d04aee014d55b3f34dad15fe7 1299088 web optional elog_2.9.2+2014.05.11git44800a7-2+deb8u1_amd64.deb -BEGIN PGP SIGNATURE- Version: GnuPG v1 iQIcBAEBCAAGBQJX8YyxAAoJEC/5zVlhJha1U10QAI8Bff6btCIhKA4EjZv+qk1n TsNr5xELN9IrjYh5S+A1y3iKgkWpNWqLyYzF0L9t4DIpS5M6oT/sMEeP2sHrVdtU 1euPssZEBLxZu1qOY49j+Km8e9EBxsTf+2kV5wqkUX6pIgDpUqJjLxcTu8S6aTtm 7ypQ680uH9DMsxwNWNn+/n9ldPkdK9siCvYUJRN3KAAiMI8/yIHlLVOdXFEixIbs 1Pe34vqZEliKEAbKq8Mfxtd4unP6AEmHJyZLVhj6gHD380L4sk00ePEHZmjkQB8M G9w41tU16AS+1DGM5kEHxOqiD4ZOIonno97akfUFSxGVVVo4ePnegoe5OghFxiJl eLw5+O74qcrddYdiq4UmkisKhqx0AXRuxQveDifNc9nJ7ED3KmnmMUIbHf+ziFAs OfLH4mPs3qp11MqT4fVM+CTrRM57eCc981uOC82LAi7DN3wmal5ywtj70Z4vtFO+ lozna9k7f8qNSZeZfKMsr/oGwEK50OnGxRov+Ccf2CgZtUEzs6U/9+kVczaifY8j dM87Ul8+rlUhpzA3qMVDH+KOT85K/RLy9t58M7fjFP/5oV3iJSFFmOegYYjyCgli RPRGFf4ZteC/mio9N6kzaQWArUfrPSGEuEp+3K483icRD1ZZm2w556dCQIAcRPXs 0RmjhVY1yy5ScXSBIWQI =hZCW -END PGP SIGNATURE-
Accepted linkchecker 9.3-1+deb8u1 (source amd64 all) into proposed-updates->stable-new, proposed-updates
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Thu, 19 May 2016 14:53:14 -0400 Source: linkchecker Binary: linkchecker linkchecker-web linkchecker-gui Architecture: source amd64 all Version: 9.3-1+deb8u1 Distribution: stable Urgency: medium Maintainer: Bastian Kleineidam Changed-By: Antoine Beaupré Description: linkchecker - check websites and HTML documents for broken links linkchecker-gui - check websites and HTML documents for broken links (GUI client) linkchecker-web - check websites and HTML documents for broken links (web client) Closes: 772947 Changes: linkchecker (9.3-1+deb8u1) stable; urgency=medium . * Non-maintainer upload. * fix HTTPS checks (Closes: #772947) Checksums-Sha1: 8dba43a9bc8f358d8ddebcbf203bf232ce9744e9 1962 linkchecker_9.3-1+deb8u1.dsc 939a326ae89d4fcd5cc8c4b901ec1b4c24f52acf 19644 linkchecker_9.3-1+deb8u1.debian.tar.xz 713d278d8fa56b095196ae3e2e8628f6ca9dd0ba 312820 linkchecker_9.3-1+deb8u1_amd64.deb a8846c9f5975df2fc1158d57867f857b8460ed31 57792 linkchecker-web_9.3-1+deb8u1_all.deb f43c82be70cceca5622ae100841681232c7c7091 101154 linkchecker-gui_9.3-1+deb8u1_all.deb Checksums-Sha256: 74b41913946a4828323c7fca06e3d992356a85d6b2fc349391f3194d2fb119a0 1962 linkchecker_9.3-1+deb8u1.dsc 8e02783368a1aedb89b5c097157fa0bcce1491e02084c2a9eb1cf0c6ee10a33d 19644 linkchecker_9.3-1+deb8u1.debian.tar.xz 0c4ad0d3df1e0b6fc1e25b486a60f8fe7bbae25fe8ef8e33f28334c46b67 312820 linkchecker_9.3-1+deb8u1_amd64.deb d5dad767e5ee37e609b02ec5c40d855851ff74995eb6a470055c6850bad54214 57792 linkchecker-web_9.3-1+deb8u1_all.deb cd6d56ea5810eb1b1dd75da591ccdf7a2dfcc8cb617cde33281eb652cf1b 101154 linkchecker-gui_9.3-1+deb8u1_all.deb Files: 7f522dbfc2d6ce00d9ff1d9fb7fc2779 1962 web optional linkchecker_9.3-1+deb8u1.dsc 05fd502b39a0e1b5cc19213eecbd38be 19644 web optional linkchecker_9.3-1+deb8u1.debian.tar.xz 27832f2128575dd2de5d6f3763d7b380 312820 web optional linkchecker_9.3-1+deb8u1_amd64.deb 980d1faa8e84625b5fcb41ef316115b0 57792 web optional linkchecker-web_9.3-1+deb8u1_all.deb 24573b3996d8ae3970a0c3f719d5a9c6 101154 web optional linkchecker-gui_9.3-1+deb8u1_all.deb -BEGIN PGP SIGNATURE- Version: GnuPG v1 iQIcBAEBCAAGBQJX8llwAAoJEHkhUlJ7dZIeERMP/3LSqgvjifgB2vCqpXQ+wN+B X5o9OPGcKLtSH1rsSOyLQbQrRQQs4zixqrmz3SU18l+6ZFaFz8j96Rzjp9VtD4CM nU2ztGfbOSein5mS8OCAHsaGNMmQwVITh2iaea3bKgJu6PHhVeBJFRgbEH9CGEPb FO/7e2o/hkWsBYkvLA0cQalty9JniQm9Vf5kBjx1umE4B1STEJ77Wa5jMfTOaRtI HBDH0+RXHXJMqTFzrRG3EO6rPCKQCXQFkpsUHEAcTJHd8q8wiONiIa2ZtFo3hOOB WhUO0YDAV619xw5syu/1QO+RgFiQ9JjH0EOZr7IS7vHeA3UKe57amE9E3vOyFsd/ 8Jdn3jJ6DYneCkb2Htm3nMnJZBTcbRi9nTI8I8Dp9zRyzDnOhFmP2sdO+TgBdUSB VxzOeUV+VeGd88S/D0AJWR9uZigQ+reVyK9LMJb+lqU98SuuzSlKIY8t37h2Q8En Ev3hk7FDQx1zOrC8HFiz+xE5jCPuK+JqNCLX1lzwl6E1zwIFXBNgbf4YMN1e5Lf7 b3/w/qx6W/Fnaogw68cB2/pGJAZdt1rwglBdz8GzypC9CGsVhCt+7Meu+HVjZc42 ucPZhg8kqM8HeRicU/mx7PEEQh2/wXmQJAh4fCkYeLdF6N3QV+/ZoJvWOgZHSnGF DIYzWyNOXw/0ROkwC4LG =5ySx -END PGP SIGNATURE-
Accepted python-django 1.7.11-1+deb8u1 (source all) into proposed-updates->stable-new, proposed-updates
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Format: 1.8 Date: Sun, 25 Sep 2016 15:29:11 + Source: python-django Binary: python-django python3-django python-django-common python-django-doc Architecture: source all Version: 1.7.11-1+deb8u1 Distribution: jessie-security Urgency: high Maintainer: Debian Python Modules Team Changed-By: Luke Faraone Description: python-django - High-level Python web development framework (Python 2 version) python-django-common - High-level Python web development framework (common) python-django-doc - High-level Python web development framework (documentation) python3-django - High-level Python web development framework (Python 3 version) Changes: python-django (1.7.11-1+deb8u1) jessie-security; urgency=high . * SECURITY UPDATE: - CVE-2016-7401: CSRF protection bypass on a site with Google Analytics Checksums-Sha1: e1ecdc0d197fb86f318ada7d869a50134c7bc1e7 2376 python-django_1.7.11-1+deb8u1.dsc f9abaf7eacec73bc1c5e6080e2778a7174ebf9d4 7586798 python-django_1.7.11.orig.tar.gz 9110a9f22400b62b38e6404aad541af82d6d7e87 31616 python-django_1.7.11-1+deb8u1.debian.tar.xz a54dcb367cd1a2d5174957cff21ca4fc2ddd45fe 986602 python-django_1.7.11-1+deb8u1_all.deb aa5cedf6f98e7dfbba0c521a06cc0d5a966ef647 974246 python3-django_1.7.11-1+deb8u1_all.deb d44ffe496f59de8c07f3d296823e3c71ebeeb068 1491146 python-django-common_1.7.11-1+deb8u1_all.deb e1a117b1aad3116dcc54e8207d467face14fe42b 2474966 python-django-doc_1.7.11-1+deb8u1_all.deb Checksums-Sha256: 0babc1bc5dfb620db1d533828cdffc785f66ff6ae2b761149f9e1cf863df4999 2376 python-django_1.7.11-1+deb8u1.dsc 2039144fce8f1b603d03fa5a5643578df1ad007c4ed41a617f02a3943f7059a1 7586798 python-django_1.7.11.orig.tar.gz 13216b15a5c62566c5366d8e2a73c72ee9e2780d890b10bea74e39b55eb50dd0 31616 python-django_1.7.11-1+deb8u1.debian.tar.xz 1e03228eb5f5fa0a162f02443c43e9c551af7eeb2a4ab24cfc733b6b4635f4e6 986602 python-django_1.7.11-1+deb8u1_all.deb 7368f33bd03b6715672a721afa405b0b0a557878fd7af3cfe428fc69d36aebd7 974246 python3-django_1.7.11-1+deb8u1_all.deb eb29c1906758f80439406d4b796b9b1c34af88a864a97cb24b8d1b5631730131 1491146 python-django-common_1.7.11-1+deb8u1_all.deb bdcf6e5bf84e3cd29e94e9e57d1679090aa78ab657ac0902204b5bbd9a1efbca 2474966 python-django-doc_1.7.11-1+deb8u1_all.deb Files: 1b51f7217f4fded78926a6653628cf52 2376 python optional python-django_1.7.11-1+deb8u1.dsc 030b2f9c99a6e4e0418eadf7dba9e235 7586798 python optional python-django_1.7.11.orig.tar.gz 8ae6bdce97666d7e39b0872f177f6504 31616 python optional python-django_1.7.11-1+deb8u1.debian.tar.xz ac178115802d50e0abb0d2892039db35 986602 python optional python-django_1.7.11-1+deb8u1_all.deb 1b73ac1b32bd782b5a0e1be0114d3bdb 974246 python optional python3-django_1.7.11-1+deb8u1_all.deb bd66ab14e39e24d82c7d04f5fce4303c 1491146 python optional python-django-common_1.7.11-1+deb8u1_all.deb 2e4d805829b395df1e3d577cb801 2474966 doc optional python-django-doc_1.7.11-1+deb8u1_all.deb -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.10 (GNU/Linux) iQEcBAEBAgAGBQJX6ZRJAAoJEL97/wQC1SS+jsEIAIy0bceI20FtS2MvzTwmtp/n Vx0ZNBdBVCtJ6UqvylgskyO7cwxbENQsMY4cIQf702kIGy2hmF+QSxL5A1oe+YB5 u7gbEzuGz7bUdE/DnXNr9NzgAMj+XBzkWR4rL0F9ty2JxncErsfNB/55SDRbcdD7 qT6L+jdBqsPImZdmP52P5EkDW8M+4qLNlZRlx2wmfRqj+/a3t6PvSXsGBcnSCBxU TlRHO5K/fvRmONZZdxy/iK1SseUWnoHhA8e/lXP4pcsFHfeRG/h6n+zorvS/XmB5 PtIC5/leAffCwrvfacFnHbv3AcorjuD89V1Ug63pknA7GHLOAWbgok86qhoer9E= =N+MI -END PGP SIGNATURE-
Accepted jackrabbit 2.3.6-1+deb8u2 (source all) into proposed-updates->stable-new, proposed-updates
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Mon, 26 Sep 2016 20:05:38 +0200 Source: jackrabbit Binary: libjackrabbit-java Architecture: source all Version: 2.3.6-1+deb8u2 Distribution: jessie-security Urgency: high Maintainer: Debian Java Maintainers Changed-By: Markus Koschany Description: libjackrabbit-java - content repository implementation (JCR API) Changes: jackrabbit (2.3.6-1+deb8u2) jessie-security; urgency=high . * Team upload. * Fix CVE-2016-6801: The CSRF content-type check for POST requests did not handle missing Content-Type header fields, nor variations in field values with respect to upper/lower case or optional parameters. This could be exploited to create a resource via CSRF. Checksums-Sha1: 95b58cbdb45924a39f9da2bb4d2b494af6756de7 2262 jackrabbit_2.3.6-1+deb8u2.dsc 1eee828d7b7dee73d9d7b2c54b7672189c4bfeb2 11092 jackrabbit_2.3.6-1+deb8u2.debian.tar.xz 95b3501306adb84fb78970f36991147b5346f8d1 275980 libjackrabbit-java_2.3.6-1+deb8u2_all.deb Checksums-Sha256: 4de2ed0ac7cef5e46e37cc60133ae3184387434f210673bb6a80c146f67fd83d 2262 jackrabbit_2.3.6-1+deb8u2.dsc ca9144ec0b5c68697f13312622a7c365a2f8b49442d455896d28a6b81a1c7448 11092 jackrabbit_2.3.6-1+deb8u2.debian.tar.xz a13bf155f7fd18fb2f20497556cef6e12c5937bfbd9406b9f8f9c3d85572fb6a 275980 libjackrabbit-java_2.3.6-1+deb8u2_all.deb Files: 9cbacbf04ad59521863486d38073c895 2262 java optional jackrabbit_2.3.6-1+deb8u2.dsc 843597a3f9bdb1ab07fabb3a2720c6a3 11092 java optional jackrabbit_2.3.6-1+deb8u2.debian.tar.xz c786ac04b0495d577b618c412fe89046 275980 java optional libjackrabbit-java_2.3.6-1+deb8u2_all.deb -BEGIN PGP SIGNATURE- iQKMBAEBCgB2BQJX6WVLXxSAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXRBQ0YzRDA4OEVGMzJFREVGNkExQTgzNUZE OUFEMTRCOTUxM0I1MUU0DxxhcG9AZGViaWFuLm9yZwAKCRDZrRS5UTtR5N6ED/98 Enza/8A/Neeuo3xcaQcm4CUJG8x1HqQW4kn59RcMvbWnRukeUISaVpd6nsaLj4Zf HGOjPX/QwofVSUsJK2/7U0K/SPrbN3mJyfB0my8fJSZMZprDc3XKSuHQ4N9VxKpn ZRddBJJ+ntlhXoNURV194RQr/HItIBTW76OFyYy0TZxg6bctAe/pit8ongaqhBNS y/aZ1n3xMr0i/I88KidADW+iWqUzGmeAJGORPsIdO5geqeRx2GgIH763Gt2zFVwR x0RS3Lplr1Kq6QHEz1qak3XptgQRMN6yzf9KjUFySBAaVpZMLR4GbOUCr9qidcMG uTxwVN7T6q3YSt5mB8AZBTYSp4zwxPxVfiHTY1YhKFpQUKQSCXUdsXw59J1OO5R6 ie+clbdqfZkH8jpXvEmHJBLYVf2kOyXyeCjwO/Fo2iD5m6kQy9do8MiNX/Kqg2Zl rFgonbIjlmlgFcbS80ChiZfutgaUEfpvHTTjn64kfLBhrJATk6066lOIFO0MmKtO dMoMW58ookQUai5MerDRwQSQdvmmpDD3J45b9K7ANVmQk9EQRJSzU6l6DwkjJmyC fojKBRe5XpAm29M8WZ/Auf4oqTYQifh0L9VuPnwOTIOHQHhZSEE6OqEBnJQxOZo6 wvhB+1AWMhFh6OUnC8ydCrlKKJJqDauhYaHHMsp9xw== =OR8C -END PGP SIGNATURE-
Accepted libarchive 3.1.2-11+deb8u3 (source) into proposed-updates->stable-new, proposed-updates
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Sat, 24 Sep 2016 13:25:26 +0200 Source: libarchive Binary: libarchive-dev libarchive13 bsdtar bsdcpio Architecture: source Version: 3.1.2-11+deb8u3 Distribution: jessie-security Urgency: high Maintainer: Debian Libarchive Maintainers Changed-By: Salvatore Bonaccorso Closes: 837714 Description: bsdcpio- Implementation of the 'cpio' program from FreeBSD bsdtar - Implementation of the 'tar' program from FreeBSD libarchive-dev - Multi-format archive and compression library (development files) libarchive13 - Multi-format archive and compression library (shared library) Changes: libarchive (3.1.2-11+deb8u3) jessie-security; urgency=high . * Non-maintainer upload by the Security Team. * CVE-2016-7166: Denial of service using a crafted gzip file * CVE-2016-6250: Integer overflow in the ISO9660 writer * CVE-2016-5418: Archive Entry with type 1 (hardlink), but has a non-zero data size file overwrite (Closes: #837714) Checksums-Sha1: effe9337181e17f0dbedd313ec796cb59dd66cba 2453 libarchive_3.1.2-11+deb8u3.dsc 518986a94568b2111a1e087a0ca0cd5ebaa9b268 36064 libarchive_3.1.2-11+deb8u3.debian.tar.xz Checksums-Sha256: 5838e99469280cb3e90653d327c5b3b315fba810414591cb45206488017fb598 2453 libarchive_3.1.2-11+deb8u3.dsc ab2c0220d1253675b07a23c6fe8a4eeea9d59168b165bdf59f6a93c78d25fbe0 36064 libarchive_3.1.2-11+deb8u3.debian.tar.xz Files: 3345cb4ec3faea86a57c70d9fffd703e 2453 libs optional libarchive_3.1.2-11+deb8u3.dsc 10b2951cb6feb392bb6d3831797982e2 36064 libs optional libarchive_3.1.2-11+deb8u3.debian.tar.xz -BEGIN PGP SIGNATURE- iQKPBAEBCgB5BQJX54P9XxSAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXQ0NjQ0NDA5ODA4QzE3MUUwNTUzMURERUUw NTRDQjhGMzEzNDNDRjQ0EhxjYXJuaWxAZGViaWFuLm9yZwAKCRAFTLjzE0PPRDHE EACMnMrIj3TPAhWfJ0azDLuFkU7xWZWwaSHGAN87cZ6OjRTg8I3U0VLkpXrATpFA LXrog/M/ahyM3y4obPNroVUbYwz0tk0Yh/UPa9szVKOPfcprJUyW9iXX0u3oP6Zo GtCLLm2ZBlbgs3bCdEOZBUUzlW/FmpfLfylcXeDSrz2SNvoaT4XBYveGBhgqRwAz Ox7sfVbk5Rzpup7jOJJHrV8fWCcbTAdwap/MpJzRHSmrac1tqEwpVGaZLfUQHTgi GuvKkCsU1V6N5A5tH7cqc//xcfpL0KE1x07DzkxgJNru2lhAc0SoFv0PSsK5VRVM DB4frOERNciOwxqu9le9ktivzlyfrzZrw/HK5ZjMyLFMjKv+Pq6iPNRL16dyKRkG LqcDLkAR8HK4uWus1VaJHtpyxiWWbzIuh/kE39EtOMSv3YNrJkKU+J/eBMMATh1n kmGCKEcGeWpYD0Np65jXU/qB5RkyaJoaG8trv4juhZYPTyO9lPqOhqiDQe59jB1M 7iCmFRbM5IjMBSSh1HDnvBIout6QTwzBnCfvGI28gft6FPVUHTD4UiT0ZccZ+VZl BdBUbmCV3Q8DAWiT6rV0qFQjGatbfk2ysomFp8FTAzPjHiAtTzdAmHy6VMq9Nn/O PjVNV2mEH5pYoDDj6p4LfZuZGXC7GUrWN85zHWnEV18I9Q== =DopT -END PGP SIGNATURE-
Accepted darktable 1.4.2-1+deb8u1 (source amd64) into proposed-updates->stable-new, proposed-updates
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Sun, 25 Sep 2016 21:49:23 -0300 Source: darktable Binary: darktable darktable-dbg Architecture: source amd64 Version: 1.4.2-1+deb8u1 Distribution: stable Urgency: medium Maintainer: Debian PhotoTools Maintainers Changed-By: David Bremner Description: darktable - virtual lighttable and darkroom for photographers darktable-dbg - virtual lighttable and darkroom for photographers (debug) Closes: 786792 Changes: darktable (1.4.2-1+deb8u1) stable; urgency=medium . * Cherry pick upstream commit 0f809ca5048. Fix for CVE-2015-3885 (Closes: #786792) Checksums-Sha1: eb635a1102498796de294c4d28406874fbd9b42a 2318 darktable_1.4.2-1+deb8u1.dsc e659312a2b6f5891f3249d0dc43c5fee4101741c 13360 darktable_1.4.2-1+deb8u1.debian.tar.xz 76d7db7a8c9ab1bbeee238541116cbf99affd9be 2158702 darktable_1.4.2-1+deb8u1_amd64.deb 78dd5eebafc4dbc21650d1fe5e42147e004d09fa 7679820 darktable-dbg_1.4.2-1+deb8u1_amd64.deb Checksums-Sha256: e9d96f325980479d04ca042cf8506933ab92e515dbbe8dfa08066e3c9dd9f64b 2318 darktable_1.4.2-1+deb8u1.dsc 550d7a23e23d97ab233cfeaa98f671ad69ca1d663ca5f339486f153f38a177a3 13360 darktable_1.4.2-1+deb8u1.debian.tar.xz f0932fcf06bf10f5cf736ec47078095449558b55beb85c44c6e3d396532b9c4a 2158702 darktable_1.4.2-1+deb8u1_amd64.deb 4b30bfe498599b756232beb40951ae215fcf2a81d99677f5eaab7a14c5386391 7679820 darktable-dbg_1.4.2-1+deb8u1_amd64.deb Files: 8288d785604f89e44688f893e966c9b2 2318 graphics optional darktable_1.4.2-1+deb8u1.dsc 514ef2cd2d1122dcf7ff0d3d787504df 13360 graphics optional darktable_1.4.2-1+deb8u1.debian.tar.xz 8e2c1ca10e6ab1693984919aa5e26e0e 2158702 graphics optional darktable_1.4.2-1+deb8u1_amd64.deb 2b213d39ae399763e0321cdd8a554ab4 7679820 debug extra darktable-dbg_1.4.2-1+deb8u1_amd64.deb -BEGIN PGP SIGNATURE- iQGcBAEBCAAGBQJX8E9TAAoJEPIClx2kp54s8OUMAJDi05SQS4lEkGIWyctYpnRD NuqW2eTER2GaQLUr6rWeJjBNaZRAuprFzqhV4VIpdl34AR5xL0r4I1JzUiEah26s DyXKUmWUM0VeJHZX35F9JYNuraHHQNd9Bk8Aw2TAUiujg8twA1tMPjemrBXWPNqt DXbKF0f0ru8YqlS7PUMvJKwSq5WeTHNpFudEfitx9uDa9QEq0KMzGgjDKaPvD3uE 9b+kfmPZAjAWDo+BH9tiOtfjaqgz1cOb9GPOOWYo2j1QJaWGcItL2QDR5a+eMsRd I1aRcfos7i9zppIIGXsF47WlYBx/eaSodIOrf89hDf9YZd1PUaay9Dml/5zlEF0O FbPHxBxM3wSO4ezRiG1xZEZlI32wDk8JSu77a1j3fhl7tg6Nlaaks24JkHDx+VmG w2muxB2qqTqQz+H8aOjBXYhiubwEBFMD5VSnLwPOWb9wE8Ohj0PjrdgF93cTiPcJ A6W5TIlfJ5DhOd8uhAhRoS2clslhhYIo2Xk1R50IFw== =GUXr -END PGP SIGNATURE-
Accepted c-ares 1.10.0-2+deb8u1 (source amd64) into proposed-updates->stable-new, proposed-updates
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Format: 1.8 Date: Thu, 29 Sep 2016 20:30:48 +0200 Source: c-ares Binary: libc-ares-dev libc-ares2 Architecture: source amd64 Version: 1.10.0-2+deb8u1 Distribution: jessie-security Urgency: high Maintainer: Andreas Schuldei Changed-By: Gregor Jasny Description: libc-ares-dev - asynchronous name resolver - development files libc-ares2 - asynchronous name resolver Closes: 839151 Changes: c-ares (1.10.0-2+deb8u1) jessie-security; urgency=high . * Apply patch for CVE-2016-5180 (Closes: #839151) Checksums-Sha1: f06eb0a9d1802c2a918a6472b6ea9d60c59a6cd3 1642 c-ares_1.10.0-2+deb8u1.dsc e44e6575d5af99cb3a38461486e1ee8b49810eb5 809073 c-ares_1.10.0.orig.tar.gz b6d2f687e7b6ad04dc6def5768fd1ad81e8922ec 6496 c-ares_1.10.0-2+deb8u1.debian.tar.xz 37f6c27398eda3bc2f5030176d86036bd1cddf2a 137300 libc-ares-dev_1.10.0-2+deb8u1_amd64.deb 6642247fba5d21305564dd70e39cf0386a0c9a64 72490 libc-ares2_1.10.0-2+deb8u1_amd64.deb Checksums-Sha256: 146a7599f25c9fc19494d4c211724a59615e5875d066a3782c0f0dd9115c4c85 1642 c-ares_1.10.0-2+deb8u1.dsc 3d701674615d1158e56a59aaede7891f2dde3da0f46a6d3c684e0ae70f52d3db 809073 c-ares_1.10.0.orig.tar.gz ec75bcca4210757db03408f31c485fa43c1baba2cd8e196cf6fe8bbd51c12f89 6496 c-ares_1.10.0-2+deb8u1.debian.tar.xz 9e13a09f8d5db02742f5866ac3e0cd5da9280fbd980758e814f8f9508a66bed7 137300 libc-ares-dev_1.10.0-2+deb8u1_amd64.deb 2328f59a71993b89ff7f41ab45b31190550d33291b9a9e53a5c287595f9bb5ef 72490 libc-ares2_1.10.0-2+deb8u1_amd64.deb Files: 709831eee46cd97dbb0472d0a03290ff 1642 libs extra c-ares_1.10.0-2+deb8u1.dsc 1196067641411a75d3cbebe074fd36d8 809073 libs extra c-ares_1.10.0.orig.tar.gz f9a657d7f729ebca40961ed8ce696bc9 6496 libs extra c-ares_1.10.0-2+deb8u1.debian.tar.xz 8b785ab031dd3caea0f60021f828f40a 137300 libdevel extra libc-ares-dev_1.10.0-2+deb8u1_amd64.deb 8d7d9ff10f17087ae5c1963410510654 72490 libs extra libc-ares2_1.10.0-2+deb8u1_amd64.deb -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.10 (GNU/Linux) iQEcBAEBAgAGBQJX7sSuAAoJEL97/wQC1SS+PeIIAJ94Us9U2krP0+Ya4Sdz24cJ EEgzpJ+PM+NpEyZVI/iQvfwgnK5ga31s6NpF9GuQ0zdoj/w8OFL40LibU3z8FzyO GQRaojlMIC2tZiyPydZUjTynvm3N1Wqy9cZUa97qZWnCnftgOkCDvL92heRiKIu3 DYDql7EWuO7xkn3fLxxHS4+nb6D6iIF12rik870kRj6fNxP1xgzquJnT7GGUWI7E Sx/0XRdzaWkc8CA3YWlygIJobrySVVF9Yt+nuOkFHcWVgET3eS/TSRyE8BXLW5i6 jeenuven+5jD+bz1uF1gXFBAmxeCbY46l9Yr/5xdtF1tbeYy7NeYqfnSnycIVeQ= =3k2v -END PGP SIGNATURE-
Accepted chromium-browser 53.0.2785.143-1~deb8u1 (source i386 all) into proposed-updates->stable-new, proposed-updates
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Sat, 01 Oct 2016 23:13:19 + Source: chromium-browser Binary: chromium chromium-dbg chromium-l10n chromium-inspector chromedriver Architecture: source i386 all Version: 53.0.2785.143-1~deb8u1 Distribution: jessie-security Urgency: medium Maintainer: Debian Chromium Maintainers Changed-By: Michael Gilbert Description: chromedriver - web browser - WebDriver support chromium - web browser chromium-dbg - web browser - debugging symbols chromium-inspector - web browser - page inspection support chromium-l10n - web browser - language packs Changes: chromium-browser (53.0.2785.143-1~deb8u1) jessie-security; urgency=medium . * New upstream security release: - CVE-2016-5177: Use after free in V8. Credit to Anonymous - CVE-2016-5178: Various fixes from internal audits, fuzzing and other initiatives. Checksums-Sha1: d770cc480942cb1db5a25be8c3fb499dbdde0941 4061 chromium-browser_53.0.2785.143-1~deb8u1.dsc 9f320759053b911373098e56e2bbfdd622addca4 471856052 chromium-browser_53.0.2785.143.orig.tar.xz 4d6f6c36b33eb5e21c7bb858fe707a96cc01dbe1 181412 chromium-browser_53.0.2785.143-1~deb8u1.debian.tar.xz 3178037d604ab25ef64c187407eeb9d4016425c8 41699170 chromium_53.0.2785.143-1~deb8u1_i386.deb 29c49803bc997caa7dd105be53af7aa8e1b8509b 7826944 chromium-dbg_53.0.2785.143-1~deb8u1_i386.deb 027f3ece9309cdd2c74ecd0664a15b6614ceb926 3135018 chromium-l10n_53.0.2785.143-1~deb8u1_all.deb 8943574489798b8db4ef665910ef8831ac2b13d3 1351622 chromium-inspector_53.0.2785.143-1~deb8u1_all.deb f58585085b86b80b46a3838a5dfd491fbc92a11e 2666232 chromedriver_53.0.2785.143-1~deb8u1_i386.deb Checksums-Sha256: 9621ca5fb5644ef415cf65e2b56328fab6599879bc6c00f4a9a225de9b1e1191 4061 chromium-browser_53.0.2785.143-1~deb8u1.dsc e3cd751c90b607de719d053ce8a4c145147dae44e16c36a767b372a51865d514 471856052 chromium-browser_53.0.2785.143.orig.tar.xz 72108cd068cca180c9170497059ceea8be288b869b6d822645687d095e1c6f23 181412 chromium-browser_53.0.2785.143-1~deb8u1.debian.tar.xz f4d98a5c485345981773f44a72e2a854428d2e7b253d4db2a3a4d4fa77ac23c2 41699170 chromium_53.0.2785.143-1~deb8u1_i386.deb e5c07197091b4e03306a67df1bc5d7fd87fd0dd9835ba9f680fcc94b38f7e2d5 7826944 chromium-dbg_53.0.2785.143-1~deb8u1_i386.deb b76ad84e35ff16ee84b800aae2d151ef98fe177bd95813644f4122818fc54978 3135018 chromium-l10n_53.0.2785.143-1~deb8u1_all.deb 4e56e930d4160c15c6a273367ca2f8410daeec389b78c51ea445cfa34baaed05 1351622 chromium-inspector_53.0.2785.143-1~deb8u1_all.deb 2cff2cdac6b84ccbcf70e747a2e2f09a6363173c5b2327f65a4c952445bb85f1 2666232 chromedriver_53.0.2785.143-1~deb8u1_i386.deb Files: 542b6cf954f93f452532af4646d884b4 4061 web optional chromium-browser_53.0.2785.143-1~deb8u1.dsc 35d3846d64dcfc5a4bd167267e604c61 471856052 web optional chromium-browser_53.0.2785.143.orig.tar.xz 20a0b761e38ff06595995886ee765d50 181412 web optional chromium-browser_53.0.2785.143-1~deb8u1.debian.tar.xz e6bbe0692a573ef87c5da3e630962801 41699170 web optional chromium_53.0.2785.143-1~deb8u1_i386.deb 157c4d48fa2e457ceab85b5da58e2b7b 7826944 debug extra chromium-dbg_53.0.2785.143-1~deb8u1_i386.deb 805111fbcdb00f74644b025913b8d09b 3135018 localization optional chromium-l10n_53.0.2785.143-1~deb8u1_all.deb 1ee509f629c7149e767c44fe0086aeea 1351622 web optional chromium-inspector_53.0.2785.143-1~deb8u1_all.deb 885d1805bb643b48382003ccfc3b727a 2666232 web optional chromedriver_53.0.2785.143-1~deb8u1_i386.deb -BEGIN PGP SIGNATURE- iQQcBAEBCgAGBQJX8IFBAAoJELjWss0C1vRz7HMf/1FQXZKZn1MWvBQWRDWnAJ+P MltiYQ7TAddRRIKHPLHr9WIBs61VsETkW7Jqul6Z0gu2hwxj4WfFTr7j3kqTzDVF rJInE+7D0iR3fxORCvrnbvfLcF6CCW5SRyuFTMB5WEWIeffDLSvcrgoLinht5VMb e/Reut1kdRBvgP7nXDbprkFDYl9ot2qDflZSNa59jBTPAma3w2QxUWisd1ouB0ql jl/aGXOfGvei6nuJduLWOq561ToMRAhgPwTcdoSSvIphEpBFEBCmtPYdXy+M/r/q 5S/UHyWnlui80y+r5JjhopO9e/zbSZMJXKC9mHTDwZ0kdJUJeuqoDLE5aEUyB7/L 28PcD7EJIrVRZI4oBxTnJjWb4LacyJueX2D5KkiFGBH00dN46xYSnYodhymKEtEY dTNDZElxiplVMFt0mNAxHiVMCH26w5kLztbCoqpfya4UrtVfciAvtyKRBvGVml8C NVPjeh2qBuh/T87ucr6wKUhNoxBI7++sv2VnxYUHXSasYeoufBBPz5kz1N70rLXP RcfooCNwbEUQ++n/JK30jt/QUlSAWjWN6DnF5K1DVD4fQicRZo2t4Ja1TVQiM1nV sVuS9I45lv3Le/ZMAs26bfndvH2UHyjXdOCiRoeek+WA79wFomFLajkTW5KMh9mc 1jY3rh0Q7xroLJrABCa0/t7UBkjRHf4p6Y4IE8o4vUPsqyUGMGdVkmVK1rmWfVUq OLVoFyj1dEWrStwaum8TjfX8r4VfQu+4MbYndYbnd5OUUWpBak2mej3WOEHR/hNL GD2dH5tMyx4r3sbTCoTyt8XWyz4DeYdS50Y5oSQIO4Tf1GNQyMp0wvhaIY7xNmfu 9Q2+5384N50WANM6kC1jUeYtb01OnDTn67Wm8pF2VVFkHLQQbyqPxj8SYFPaHZmz eHxkP4ZUgI8Rfruy9/AGoQcFY/yC8bvqXbMbrY3+XSarbunsHwo/vKN+bkkaM0lG 7R0IDsNJvry2UliNZvcA8Nh3kLM50JmKij+RKaRevci/pM/vZZyqyqm9ns1ert8O d3PYcWUXfq7xRlSypgzs/kF3KRm7HHxzfC/JGaAiQKeL0aTuHfj+C0EscYi/qZ09 VpaVAIYg0j/Ts/P4ShWc/x2S+H01qZSjFoze8aH0kmuC9ZK62JWmJ6DB0DQuN/ho 3XCxnjuoEGfG69diA1Q31NwHODF4qslYgZ902smstC1jOj15DCTfAn9Lmab+2aWe 2x7YNLQPAfiz0DkMUAKsqgPJRfMPo56lCpmFhkMUXmZhDRnHBmaFCPZfCWGarhQd BWCtpwF68fhklOO5MXagjLL4U0CGWJPL9MwNgzsvXp453Dsc+yAgmDDmrJbmuH4= =4WmX -END PGP SIGNATURE---
Accepted bind9 1:9.9.5.dfsg-9+deb8u7 (source all amd64) into proposed-updates->stable-new, proposed-updates
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Format: 1.8 Date: Tue, 27 Sep 2016 19:46:00 +0200 Source: bind9 Binary: bind9 bind9utils bind9-doc host bind9-host libbind-dev libbind9-90 libdns100 libisc95 liblwres90 libisccc90 libisccfg90 dnsutils lwresd libbind-export-dev libdns-export100 libdns-export100-udeb libisc-export95 libisc-export95-udeb libisccfg-export90 libisccfg-export90-udeb libirs-export91 libirs-export91-udeb Architecture: source all amd64 Version: 1:9.9.5.dfsg-9+deb8u7 Distribution: jessie-security Urgency: high Maintainer: LaMont Jones Changed-By: Florian Weimer Description: bind9 - Internet Domain Name Server bind9-doc - Documentation for BIND bind9-host - Version of 'host' bundled with BIND 9.X bind9utils - Utilities for BIND dnsutils - Clients provided with BIND host - Transitional package libbind-dev - Static Libraries and Headers used by BIND libbind-export-dev - Development files for the exported BIND libraries libbind9-90 - BIND9 Shared Library used by BIND libdns-export100 - Exported DNS Shared Library libdns-export100-udeb - Exported DNS library for debian-installer (udeb) libdns100 - DNS Shared Library used by BIND libirs-export91 - Exported IRS Shared Library libirs-export91-udeb - Exported IRS library for debian-installer (udeb) libisc-export95 - Exported ISC Shared Library libisc-export95-udeb - Exported ISC library for debian-installer (udeb) libisc95 - ISC Shared Library used by BIND libisccc90 - Command Channel Library used by BIND libisccfg-export90 - Exported ISC CFG Shared Library libisccfg-export90-udeb - Exported ISC CFG library for debian-installer (udeb) libisccfg90 - Config File Handling Library used by BIND liblwres90 - Lightweight Resolver Library used by BIND lwresd - Lightweight Resolver Daemon Closes: 831796 839010 Changes: bind9 (1:9.9.5.dfsg-9+deb8u7) jessie-security; urgency=high . * CVE-2016-2775: lwresd crash with long query name. Backport of upstream commit 38cc2d14e218e536e0102fa70deef99461354232. Closes: #831796. * CVE-2016-2776: assertion failure due to unspecified crafted query. Fix based on 43139-9-9.patch from ISC. Closes: #839010. Checksums-Sha1: 59538c1b3bd16b405ee8643faecd56276612bb4c 3116 bind9_9.9.5.dfsg-9+deb8u7.dsc 20df2c3491f36787547e18bbc06b3e6c25845154 121116 bind9_9.9.5.dfsg-9+deb8u7.diff.gz e6d91efa2476ed6d911299668f8fa2413fc85e04 338634 bind9-doc_9.9.5.dfsg-9+deb8u7_all.deb f110441cfca25acf6eae31392a49c2526e1ed944 23326 host_9.9.5.dfsg-9+deb8u7_all.deb 51faace2d1c5079bb8334d36385f1cb821770709 314658 bind9_9.9.5.dfsg-9+deb8u7_amd64.deb f45539818ade2126e3728df8e2064dae78d31e57 167200 bind9utils_9.9.5.dfsg-9+deb8u7_amd64.deb 163346f61748de37578208b408456e9e72d990f3 67456 bind9-host_9.9.5.dfsg-9+deb8u7_amd64.deb 251c9c6ad595c1acdb43340a9bfc7e457ccb62b3 1230914 libbind-dev_9.9.5.dfsg-9+deb8u7_amd64.deb d3413c2dafbc4e191b7ecb7037b6d26046499d0d 43034 libbind9-90_9.9.5.dfsg-9+deb8u7_amd64.deb 6f5881ebbfccc659337f110e23e576735cc32240 679836 libdns100_9.9.5.dfsg-9+deb8u7_amd64.deb f24f6654ba5d85594867f3f0bf50438da4943eb9 168084 libisc95_9.9.5.dfsg-9+deb8u7_amd64.deb 49da22e059c3ce31b552259802049b3638686722 52678 liblwres90_9.9.5.dfsg-9+deb8u7_amd64.deb f5152e9902d7e76e925f098c2328603b08f578aa 36326 libisccc90_9.9.5.dfsg-9+deb8u7_amd64.deb 3aa4b9f97741e44048cd7deda002bb81c3339599 56894 libisccfg90_9.9.5.dfsg-9+deb8u7_amd64.deb 68fe2588ed8a28c2844c27ac239e1aaf27f2d645 118648 dnsutils_9.9.5.dfsg-9+deb8u7_amd64.deb 21fdf3458a56e93d22ab4dd58f6afd378ed20517 231210 lwresd_9.9.5.dfsg-9+deb8u7_amd64.deb 6539f2b30336e414415e164f6b8f9d9ba8ea3247 829602 libbind-export-dev_9.9.5.dfsg-9+deb8u7_amd64.deb 7d0e52077c26c2137cd7ba520324ffa7b2e11806 456102 libdns-export100_9.9.5.dfsg-9+deb8u7_amd64.deb 25910d94089284a4a6cfcc0e4c93fde3dec99d89 434026 libdns-export100-udeb_9.9.5.dfsg-9+deb8u7_amd64.udeb 492c1807ff63d2509e5b673b1d0d24ec9eb14456 140402 libisc-export95_9.9.5.dfsg-9+deb8u7_amd64.deb 4945cb9ef81a5597fe8398e19f503d75a12cc017 117278 libisc-export95-udeb_9.9.5.dfsg-9+deb8u7_amd64.udeb 06f4ec52ddc936d23c04138210d3de9b471ecd41 40522 libisccfg-export90_9.9.5.dfsg-9+deb8u7_amd64.deb 22f340c006b83e7a0197ef2d9a8cb91df95a6aa9 17570 libisccfg-export90-udeb_9.9.5.dfsg-9+deb8u7_amd64.udeb ec3412ad354be63238f7e9b321e9faaac46b96c9 38234 libirs-export91_9.9.5.dfsg-9+deb8u7_amd64.deb 69200cc524956e99ddfb2b509cf4c3edbdfa9d34 15360 libirs-export91-udeb_9.9.5.dfsg-9+deb8u7_amd64.udeb Checksums-Sha256: b726f8405202216606066177f75a451a4149bef222756ade2dbcd3146411374e 3116 bind9_9.9.5.dfsg-9+deb8u7.dsc 7f4132b821afb96d247190866a58a3cf60ec55ac958c06d4bdfc126a77c393fc 121116 bind9_9.9.5.dfsg-9+deb8u7.diff.gz 19b6d0cffbbaeb769b0cb385b610fcff6f462adbcb25cdeea0a07651c9f98f29 338634 bind9-doc_9.9.5.dfsg-9+deb8u7_all.deb 326ec7bbea0f2576147f34a52cdafa8ab5e7432de640c42ef3c2124aaf23f880 23326 host_9.9.5.dfsg-9+deb8u7_all.deb 34e65cebadefee898339c9496cdc7d29
Accepted wordpress 4.1+dfsg-1+deb8u11 (source all) into proposed-updates->stable-new, proposed-updates
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Sat, 01 Oct 2016 11:38:14 +0200 Source: wordpress Binary: wordpress wordpress-l10n wordpress-theme-twentyfifteen wordpress-theme-twentyfourteen wordpress-theme-twentythirteen Architecture: source all Version: 4.1+dfsg-1+deb8u11 Distribution: jessie-security Urgency: high Maintainer: Craig Small Changed-By: Yves-Alexis Perez Description: wordpress - weblog manager wordpress-l10n - weblog manager - language files wordpress-theme-twentyfifteen - weblog manager - twentytfifteen theme files wordpress-theme-twentyfourteen - weblog manager - twentyfourteen theme files wordpress-theme-twentythirteen - weblog manager - twentythirteen theme files Closes: 839190 Changes: wordpress (4.1+dfsg-1+deb8u11) jessie-security; urgency=high . * Non-maintainer upload by the Security Team. * debian/patches/CVE-2016-6635.patch: - don't duplicate wp_encode_json() which has already been backported upstream, just merge later changes, fix regression in the previous upload. closes: #839190 * debian/languages: fix language with "\n" inconsistencies in msgid/msgstr. Checksums-Sha1: 760d8f442093f2980779e6cc14e6fdd8d486dfb8 2173 wordpress_4.1+dfsg-1+deb8u11.dsc 017ed5af867e0028c790544842801944fb2cb069 6031528 wordpress_4.1+dfsg-1+deb8u11.debian.tar.xz d8742e21b7b20ef883ed9a7023e490e8a067e8a8 3170566 wordpress_4.1+dfsg-1+deb8u11_all.deb ba9e22494977653906d1d9aa27b78eb622e7f6f3 4073284 wordpress-l10n_4.1+dfsg-1+deb8u11_all.deb 7e90dbf7802f9231b0768a27af97aac4208f5f7d 502120 wordpress-theme-twentyfifteen_4.1+dfsg-1+deb8u11_all.deb a16595ecd125d754482d80b0f8e66098135617c7 803526 wordpress-theme-twentyfourteen_4.1+dfsg-1+deb8u11_all.deb fd3d5ebc621dfdf62486b2c496f02f5b69c5bf49 321164 wordpress-theme-twentythirteen_4.1+dfsg-1+deb8u11_all.deb Checksums-Sha256: 8870845fce0da8f8712520ce032d84cabb2ef3c5de2ce36a02a35b98588b91f7 2173 wordpress_4.1+dfsg-1+deb8u11.dsc 54e666b271ef67563397dde144693f032dc8b37d1bcacee2a6b1e88338f8960a 6031528 wordpress_4.1+dfsg-1+deb8u11.debian.tar.xz 8414bde2cdb970c3d73e556ce37a29b782a428419afdd834638d234bf91a61cb 3170566 wordpress_4.1+dfsg-1+deb8u11_all.deb a934e1d4fad3338f048208635c4c8c214bfa809cb5857812d97b0284bfdad3c4 4073284 wordpress-l10n_4.1+dfsg-1+deb8u11_all.deb 468ad583644ea23d99eda398197803fe76d1b9a5c00c05cac69048127b254561 502120 wordpress-theme-twentyfifteen_4.1+dfsg-1+deb8u11_all.deb 17919fab8621fb060d7ed959bda7cc96cfec015286249def9145288aca8fe5f0 803526 wordpress-theme-twentyfourteen_4.1+dfsg-1+deb8u11_all.deb 8576ea85a9d7c9ce06b601f092747b66b3170be93cfc91b9e0b17ca254f06006 321164 wordpress-theme-twentythirteen_4.1+dfsg-1+deb8u11_all.deb Files: dfba4cb00cb7024b7b662cc5c988d2ec 2173 web optional wordpress_4.1+dfsg-1+deb8u11.dsc 08cf64a28440969fd46080bca7b055d5 6031528 web optional wordpress_4.1+dfsg-1+deb8u11.debian.tar.xz 25ccca3a494b0196598fd23853ae1568 3170566 web optional wordpress_4.1+dfsg-1+deb8u11_all.deb 5fe60a340df21466bdcf94e1de6ed134 4073284 localization optional wordpress-l10n_4.1+dfsg-1+deb8u11_all.deb 63ed94a15d5d6a8c831e59c27b076d4e 502120 web optional wordpress-theme-twentyfifteen_4.1+dfsg-1+deb8u11_all.deb 4bc6ba549cc9f4a4fc5199bec4dd3fac 803526 web optional wordpress-theme-twentyfourteen_4.1+dfsg-1+deb8u11_all.deb 06f977fe4f829572266fe7a1b375f5a0 321164 web optional wordpress-theme-twentythirteen_4.1+dfsg-1+deb8u11_all.deb -BEGIN PGP SIGNATURE- iQEcBAEBCgAGBQJX74UMAAoJEG3bU/KmdcClpzEIAJjvWopXXCKfvJ9YzaozQKU6 iyTDl7hQKnvufRlhhIf7eTNpSDw0Co+SsPGH3oOx37OLZoUQSO6PZZLgueOA1TEH PSMEAoZQSJZsy7FG/3jdjZvsiUPEUGF6sZIxbPyXs8jDeI0r03bc4A5t8UbLOJR1 fGkyPczb6rhMjfH7+ho0lgFMPihzGnG8AlPvl6cMVmdn7KuD3m4fS4NP1GWg/3fM K128R+B8f8iZZoi5Nu/yErNEUT0sNjNdH4KuoUvQcKlqJs6vRYGUvKev9ITgXyga 89ChQTf8wx8LBo1ztTpbPfhSeveZVfRokBbTlrqLb5/x6oOp7T1bQQeZjlBY45g= =VGfR -END PGP SIGNATURE-
Accepted wordpress 4.1+dfsg-1+deb8u10 (source all) into proposed-updates->stable-new, proposed-updates
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Sat, 10 Sep 2016 08:07:11 +1000 Source: wordpress Binary: wordpress wordpress-l10n wordpress-theme-twentyfifteen wordpress-theme-twentyfourteen wordpress-theme-twentythirteen Architecture: source all Version: 4.1+dfsg-1+deb8u10 Distribution: jessie-security Urgency: high Maintainer: Craig Small Changed-By: Craig Small Description: wordpress - weblog manager wordpress-l10n - weblog manager - language files wordpress-theme-twentyfifteen - weblog manager - twentytfifteen theme files wordpress-theme-twentyfourteen - weblog manager - twentyfourteen theme files wordpress-theme-twentythirteen - weblog manager - twentythirteen theme files Closes: 837090 Changes: wordpress (4.1+dfsg-1+deb8u10) jessie-security; urgency=high . * Backport patches from 4.6.1/4.1.13 Closes: #837090 * CVE-2016-6896 and CVE-2016-6897 not vulnerable * Changeset 38538 sanitize filename in media CVE-2016-7168 * Changeset 38524 sanitize filename upload upgrader CVE-2016-7169 * CVE-2016-4029: WordPress before 4.5 does not consider octal and hexadecimal IP address formats when determining an intranet address, which allows remote attackers to bypass an intended SSRF protection mechanism via a crafted address. * CVE-2016-6634: Cross-site scripting (XSS) vulnerability in the network settings page in WordPress before 4.5 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. * CVE-2016-6635: Cross-site request forgery (CSRF) vulnerability in the wp_ajax_wp_compression_test function in wp-admin/includes/ajax-actions.php in WordPress before 4.5 allows remote attackers to hijack the authentication of administrators for requests that change the script compression option. Checksums-Sha1: f092fb1eb33a47380c0ec8ca362c52ebf9906746 2537 wordpress_4.1+dfsg-1+deb8u10.dsc ac437190e0ea392da4ccc5262ef9233c35166ae5 6126040 wordpress_4.1+dfsg-1+deb8u10.debian.tar.xz 184e136386021352b8090b5d25a1460d861e1349 3172420 wordpress_4.1+dfsg-1+deb8u10_all.deb 106fa24dea9a667e2fe2f479e87a19331ca87f59 4236622 wordpress-l10n_4.1+dfsg-1+deb8u10_all.deb 66e6711ced807d7af8771bcdf3211b099ce64ede 502012 wordpress-theme-twentyfifteen_4.1+dfsg-1+deb8u10_all.deb fa5a2d486a3eb707d60651ffca0f7a6a9e207337 801288 wordpress-theme-twentyfourteen_4.1+dfsg-1+deb8u10_all.deb f868dc86ebd32ef10034fe9688b26dd1fcd76e92 320818 wordpress-theme-twentythirteen_4.1+dfsg-1+deb8u10_all.deb Checksums-Sha256: 6ab7fae71273080f38af849cb9cd469f1a77734e882974c77fdf179ea0273513 2537 wordpress_4.1+dfsg-1+deb8u10.dsc f44383ee88b7816a3c488e11dd677a60cdc5411eeaae54ad382d541b48696db9 6126040 wordpress_4.1+dfsg-1+deb8u10.debian.tar.xz f5bf9e0ae17c6b84dbead1cccb17f0a91297d740937c67f88c5f0a16bdf15a58 3172420 wordpress_4.1+dfsg-1+deb8u10_all.deb 4f25747f8aa08812dcfa20741d767dd8fce1ebf8788551258cffd5b4c6c60c02 4236622 wordpress-l10n_4.1+dfsg-1+deb8u10_all.deb ab3ee769d3e1b6687ff19f3dfbfd6fcf41b7778d01e2503cfa0aa8f1d069e34d 502012 wordpress-theme-twentyfifteen_4.1+dfsg-1+deb8u10_all.deb b73dd46064424228517c128f4049bff2433952fe15a154dacea671c41570d622 801288 wordpress-theme-twentyfourteen_4.1+dfsg-1+deb8u10_all.deb 823f8691bad4935579cb9b2268858595b969195ad0b9be1bf677d81c45c6e390 320818 wordpress-theme-twentythirteen_4.1+dfsg-1+deb8u10_all.deb Files: 26fed67c2608fdd016e21c6b053fa5a0 2537 web optional wordpress_4.1+dfsg-1+deb8u10.dsc 41d651a14a8da2b48b35d48f9cf62f4e 6126040 web optional wordpress_4.1+dfsg-1+deb8u10.debian.tar.xz a2a50da05c206e3e0944e8f302a8fc04 3172420 web optional wordpress_4.1+dfsg-1+deb8u10_all.deb 4aa8009cb1635461452bf6d32b8691a6 4236622 localization optional wordpress-l10n_4.1+dfsg-1+deb8u10_all.deb 6586be82424fc8cd5702ae6d96d7f84d 502012 web optional wordpress-theme-twentyfifteen_4.1+dfsg-1+deb8u10_all.deb dbed8d1ee41b97fa711b84dd2206865e 801288 web optional wordpress-theme-twentyfourteen_4.1+dfsg-1+deb8u10_all.deb 079a7a7a65438785127c9c450bfcba54 320818 web optional wordpress-theme-twentythirteen_4.1+dfsg-1+deb8u10_all.deb -BEGIN PGP SIGNATURE- Version: GnuPG v1 iQIcBAEBCgAGBQJX66gXAAoJEDk4+WvfUP6loIUP/2V+lv69Nhy8JfeRgT0ZcMaw IL3ZTpD20NJNVzUP/b2uoR9qjkgH0zVrboUgusDDR8pJH+qFe/NPPA8/lVHb4xt5 j0s8gHuyzXu95Y3rtPskGI2B7CXTaiblteVpBipBGnnHZG1+GS2+ZOLnCfLchrNv 4gO8fl6LbJEsPKGVQ9sNj0Vnywof+YHXNpRV2jXt5mHvH7fUtguNoMHkCRGXeDkU tm5kud3C1h9T3ep52c1pXIPa2zvyXtoLuJeRRwnrSUtFE9ZQ5CYJAVHAjJsSn54c ywD+szuHksKAQoAP4zoU2xNsbOEI1mUg3346WMFyDgYBj43Nz1oB/GZ8VDridSCm LROcqZMQAJfMuuFoUXnKsoqOZrJBVKQq57oyaluqnhNezrRo0WkOGLYkuT2C7gxB byVdN3YC/a0qsYbHWN2YgjEgH+mbaJu25V8j8ExxeGDQ0ta5sCied4npsKY5qsLL hZ19y77lCjDvYzUMnCKH+oBzWNaiBp72iA6U4KQSw67SzhJhVOv8XxtCOiYVmB2T Sco8MuT7YxGQpssRPyRdjf0K6BYKICNVNnbHAcdCY3aXlcgZbOsHFDsCwij6jd8+ majcQptNIXTVt92Vi+wskRBMPDeqCrBffLL3eweZBeLE7huhWiqg9AkSV2mhcZj3 KOP7lnTWqLX0kyYaro7Q =xbRS -END PGP SIGNATURE-
