Accepted optipng 0.7.5-1+deb8u2 (source) into oldstable-proposed-updates->oldstable-new, oldstable-proposed-updates
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Thu, 07 Dec 2017 21:47:21 +0100 Source: optipng Binary: optipng Architecture: source Version: 0.7.5-1+deb8u2 Distribution: jessie-security Urgency: high Maintainer: Debian PhotoTools Maintainers Changed-By: Salvatore Bonaccorso Closes: 878839 882032 Description: optipng- advanced PNG (Portable Network Graphics) optimizer Changes: optipng (0.7.5-1+deb8u2) jessie-security; urgency=high . * Non-maintainer upload by the Security Team. * Prevent integer overflow in minitiff_read_info() (CVE-2017-1000229) (Closes: #882032) * gifread: Detect indirect circular dependencies in LZW tables (CVE-2017-16938) (Closes: #878839) Checksums-Sha1: 50bee18cfab0bda33d1b5ffb7717fb9c27c1199c 2182 optipng_0.7.5-1+deb8u2.dsc 3d0b97ceebb1e21d5f3bf3293b05e5b91b50 6632 optipng_0.7.5-1+deb8u2.debian.tar.bz2 Checksums-Sha256: 5a4487aef6ffd16d4f0827fe88c8b2fcafa1dcc6a2c6b53eda62e5bea4f5a025 2182 optipng_0.7.5-1+deb8u2.dsc 1fe95d163db418b457c6fdf68e705fc7651b8898459f9c86ac4e452ac88da3b4 6632 optipng_0.7.5-1+deb8u2.debian.tar.bz2 Files: 48e2b62cc60888311692fa2aa160a39d 2182 graphics optional optipng_0.7.5-1+deb8u2.dsc 3b090bb10709b155af4d3a00f66030ef 6632 graphics optional optipng_0.7.5-1+deb8u2.debian.tar.bz2 -BEGIN PGP SIGNATURE- iQKmBAEBCgCQFiEERkRAmAjBceBVMd3uBUy48xNDz0QFAlopqUlfFIAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2 NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQSHGNhcm5pbEBk ZWJpYW4ub3JnAAoJEAVMuPMTQ89EaBUP/2IVR5FJRQ0u6M31jfUzfSL9Ajw3EAO6 o8OdNtfLTzNK7D1sPG+zSw5nx2iRNMjMIwA2IGFte4InNYAlniEbsDvYkPSomzyP 53jgbjjHY7Ylt1rUvdxFYl361GtQcGq3jfkFPdQUN0dKsHhtfhrMYwCndN4JuYEG wPXby33841gMDUnnUDsQdpR1fnE6sw7jfk/jylLrmF7Pzn4VMeeiJFL8RSa76i9X vcfVjWlgHtgd6yauacpxGCIBriiApZWEXIVx9iYBMwqz0rfgykU2TXFnThREI4Wj Ofpat9h3+xG4+WK12kxPIeUQvrRcI7f3FPi9tHodXyXfHkauX/0iff8178f+s+BW Xlahy5P8kM/WBFkuCrBRhodAr9MoRt5e5uJqMB1V6n5s39wZiJZhtgBIGqtm0cNj 59fSeq7jHtDXWjI369DTP6JVUgfM9qu/y/6LN5R/KxD3RBPLHfjSOUzHCgI1uSyf aJxZ1suOC48llX+1gEZWSj0oh8GC9jyD8eVyixpaN3f0ngkNFqim/SssMnmlCZY3 uYcfUxRDfqCuZFoOOe8IodwUASnICYhLp7aG3oY1ZVaDRb1igdyyf49naxt2Rmep YqX9aSr9xNTSM1zjsLPGMY5JeDhZqhjoPbWW8JBVrmRb+Z6oTBYw7B+v0ZTSw2p5 hr2jZoPRRBgE =DX9g -END PGP SIGNATURE-
Accepted tor 0.2.5.16-1 (all source) into oldstable-proposed-updates->oldstable-new, oldstable-proposed-updates
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Sat, 2 Dec 2017 16:24:34 CET Source: tor Binary: tor tor-dbg tor-geoipdb Architecture: all source Version: 0.2.5.16-1 Distribution: jessie-security Urgency: medium Maintainer: Peter Palfrader Changed-By: Peter Palfrader Description: tor - anonymizing overlay network for TCP tor-dbg - debugging symbols for Tor tor-geoipdb - GeoIP database for Tor Changes: tor (0.2.5.16-1) jessie-security; urgency=medium . * New upstream version, including among others: - Fix a denial of service bug where an attacker could use a malformed directory object to cause a Tor instance to pause while OpenSSL would try to read a passphrase from the terminal. (Tor instances run without a terminal, which is the case for most Tor packages, are not impacted.) Fixes bug 24246; bugfix on every version of Tor. Also tracked as TROVE-2017-011 and CVE-2017-8821. Found by OSS-Fuzz as testcase 6360145429790720. - When checking for replays in the INTRODUCE1 cell data for a (legacy) onion service, correctly detect replays in the RSA- encrypted part of the cell. We were previously checking for replays on the entire cell, but those can be circumvented due to the malleability of Tor's legacy hybrid encryption. This fix helps prevent a traffic confirmation attack. Fixes bug 24244; bugfix on 0.2.4.1-alpha. This issue is also tracked as TROVE-2017-009 and CVE-2017-8819. - When running as a relay, make sure that we never build a path through ourselves, even in the case where we have somehow lost the version of our descriptor appearing in the consensus. Fixes part of bug 21534; bugfix on 0.2.0.1-alpha. This issue is also tracked as TROVE-2017-012 and CVE-2017-8822. Checksums-Sha256: 822417dea67e2881785a129c1b1ae5cb289fa6ca3b57c07258fa8119486b7aab 1060700 tor-geoipdb_0.2.5.16-1_all.deb e5abd95783b0b58ce077f686bf88dae386d0bd8c11b0367084cbb808a6c2e3c2 1776 tor_0.2.5.16-1.dsc 5a9a28c7ebff6653c346ebaadf95f1fd4b8b47f2c1ceb75f0f60bf64a6ee525f 3796024 tor_0.2.5.16.orig.tar.gz c7c5666bac4157d447876322e692386955f2e989e42359e3596529ad005ed57c 35637 tor_0.2.5.16-1.diff.gz Checksums-Sha1: 0ed84c42b340473d023ea5b11662ab04973e9b10 1060700 tor-geoipdb_0.2.5.16-1_all.deb c3da4880bb6d6d8020927d02c4d8eb87ab5635c7 1776 tor_0.2.5.16-1.dsc 10928f2027e80ebe1083e013ca1e170896dbddef 3796024 tor_0.2.5.16.orig.tar.gz 6f640c70a5b9e7358035b0e0da30bd0f33c34f62 35637 tor_0.2.5.16-1.diff.gz Files: b0e54f177034a05f5f87e4cfa5edcf72 1060700 net extra tor-geoipdb_0.2.5.16-1_all.deb 6f3b3cba93ecf938ca7bb9bc84478706 1776 net optional tor_0.2.5.16-1.dsc 2d0d6da30a06419c307f05210a944ac3 3796024 - - tor_0.2.5.16.orig.tar.gz e6dcf1734be47cd6e9efb487cceb8cbf 35637 - - tor_0.2.5.16-1.diff.gz -BEGIN PGP SIGNATURE- iQEzBAEBCAAdFiEEs4PXhajJL968BgN2hgLIIDhyMx8FAloixdUACgkQhgLIIDhy Mx8ylggAxIYsd8AaJjJoewnHzM7wFH/rSA4nAr3Db2moAzGHOfb7Na+kpwFAg1NQ rWzAxR4edkhW/kNHFcw3u2DdRiXfnXKJfPgQVEb5+UbPyPJ2BXiU2fZ+ZcgBWna2 wHMadl2tEWwM2iu53NENsvNca8H4XiI/i6gyWyk6lY5FOg2UOVfxT/PW93zXF++T ZiKUkD4X3baVYtQNg+IO9A7vhIOPPP3lGJ5VUWy+ptYILM8fv171k1mu0zAKMuir vhJhCI5X2WkPSIRTIzqT1yl4feT7txdkcIPgn21G71jM6VhpJmtiSoNCtfgDuGGu kdS7KuNHkNNd4/JZ00z8T9FVGllGxg== =g2Ox -END PGP SIGNATURE-
Accepted libxcursor 1:1.1.14-1+deb8u1 (source) into oldstable-proposed-updates->oldstable-new, oldstable-proposed-updates
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Thu, 07 Dec 2017 16:41:25 +0100 Source: libxcursor Binary: libxcursor1 libxcursor1-udeb libxcursor1-dbg libxcursor-dev Architecture: source Version: 1:1.1.14-1+deb8u1 Distribution: jessie-security Urgency: high Maintainer: Debian X Strike Force Changed-By: Salvatore Bonaccorso Closes: 883792 Description: libxcursor-dev - X cursor management library (development files) libxcursor1 - X cursor management library libxcursor1-dbg - X cursor management library (unstripped) libxcursor1-udeb - X cursor management library (udeb) Changes: libxcursor (1:1.1.14-1+deb8u1) jessie-security; urgency=high . * Non-maintainer upload by the Security Team. * Fix heap overflows when parsing malicious files (CVE-2017-16612) (Closes: #883792) Package-Type: udeb Checksums-Sha1: f5b40465c76de143ba07b0dd875b0f726c1e7c55 2489 libxcursor_1.1.14-1+deb8u1.dsc 873a91831946cdedc0724b1d048c8041d958807c 374910 libxcursor_1.1.14.orig.tar.gz 5f9c33126ce19bf8fcfc2350ab6e78fdad60139e 19303 libxcursor_1.1.14-1+deb8u1.diff.gz Checksums-Sha256: 7af9f2b539d1fca5fda58ad45597cb748a3bfc60ac40e979264d99354ceefea3 2489 libxcursor_1.1.14-1+deb8u1.dsc be0954faf274969ffa6d95b9606b9c0cfee28c13b6fc014f15606a0c8b05c17b 374910 libxcursor_1.1.14.orig.tar.gz eaeb821b3d4eab91585687533da6bfec45e1195e7f6cf984ced43b221cc4296d 19303 libxcursor_1.1.14-1+deb8u1.diff.gz Files: 7ba0e1b103e6a968b699d0058f99e564 2489 devel optional libxcursor_1.1.14-1+deb8u1.dsc 39c8423de190d64f1c52fbc00022e52c 374910 devel optional libxcursor_1.1.14.orig.tar.gz d3446e44aadefbf91843af6a2ceae6cf 19303 devel optional libxcursor_1.1.14-1+deb8u1.diff.gz -BEGIN PGP SIGNATURE- iQKmBAEBCgCQFiEERkRAmAjBceBVMd3uBUy48xNDz0QFAlopoZRfFIAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2 NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQSHGNhcm5pbEBk ZWJpYW4ub3JnAAoJEAVMuPMTQ89Eu6wP/3/vjAKrdRGIR32KXepIebQvyiNK/quh WpvOYEWQFUuQxUmBC7MECBE9xTOmOEWhC2a0riRLgol7lzu8aVHHNcMxUpGHC3pa ioATVgzQTVRweg65oRbN9q8VLwNx+jEjN4yFBzjiRkdxtlwjdugIwFLG5id/6yfR w3sEKyQFAa1UNAkqtPPtGVqbqwhB8FGvfZFKA8MTiZzFNnqxGZudkga0YOKFBTkI eo206Kyx7P45blnLQm3z2Tb80ygQ11LvS9fYfeK7I83klVCNXmGUnwrhV7a7ffB/ QIr0kpEqKoSNTIJwVfU0xzHfdnOI6PojqBLrc0DVjzl0a6BZZU3vQ35oKkozNlul CDkQS6DEOTnrsIr/5B4ftpZLQcBwfsLhL2pZQlaXQ7s/GVf5hPDTCJYcbqPdKh1h P1r//ouQWQ/HYadCnkFIa5Rqd4gs6wewqtgosrLeiUfxpWN5SFV2jmlnKK/99EHw BoaGu41jJofbRrbKDUH8qAtLHxIHDu/mUcpl8zDiBGKR4YC41MkWzzoUYbwdoDe+ mGvoAhL00Dam6NgXfZTCf63VoD5Xtu2xtijrYiQ+0/HUHse3Lloi1aPFC2RMNAa0 phLagWHhW+Jq77Ry/XQAt4hWN+gtGXQMLvD5k+rGeyxWRIW1Rmq5HSmWYd5kSA+q /MNICxjDIutA =IxDI -END PGP SIGNATURE-
Accepted erlang 1:17.3-dfsg-4+deb8u2 (source all amd64) into oldstable-proposed-updates->oldstable-new, oldstable-proposed-updates
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Wed, 06 Dec 2017 09:50:47 +0300 Source: erlang Binary: erlang-base erlang-base-hipe erlang-asn1 erlang-common-test erlang-corba erlang-crypto erlang-debugger erlang-dialyzer erlang-diameter erlang-doc erlang-edoc erlang-eldap erlang-erl-docgen erlang-et erlang-eunit erlang-gs erlang-ic erlang-ic-java erlang-inets erlang-manpages erlang-megaco erlang-mnesia erlang-observer erlang-odbc erlang-os-mon erlang-parsetools erlang-percept erlang-public-key erlang-reltool erlang-runtime-tools erlang-snmp erlang-ssh erlang-ssl erlang-syntax-tools erlang-test-server erlang-tools erlang-typer erlang-webtool erlang-wx erlang-xmerl erlang-dev erlang-dbg erlang-src erlang-examples erlang-jinterface erlang-mode erlang-nox erlang-x11 erlang Architecture: source all amd64 Version: 1:17.3-dfsg-4+deb8u2 Distribution: jessie-security Urgency: high Maintainer: Debian Erlang Packagers Changed-By: Sergei Golovan Description: erlang - Concurrent, real-time, distributed functional language erlang-asn1 - Erlang/OTP modules for ASN.1 support erlang-base - Erlang/OTP virtual machine and base applications erlang-base-hipe - Erlang/OTP HiPE enabled virtual machine and base applications erlang-common-test - Erlang/OTP application for automated testing erlang-corba - Erlang/OTP applications for CORBA support erlang-crypto - Erlang/OTP cryptographic modules erlang-dbg - Erlang/OTP symbol files erlang-debugger - Erlang/OTP application for debugging and testing erlang-dev - Erlang/OTP development libraries and headers erlang-dialyzer - Erlang/OTP discrepancy analyzer application erlang-diameter - Erlang/OTP implementation of RFC 6733 protocol erlang-doc - Erlang/OTP HTML/PDF documentation erlang-edoc - Erlang/OTP module for generating documentation erlang-eldap - Erlang/OTP LDAP library erlang-erl-docgen - Erlang/OTP documentation stylesheets erlang-et - Erlang/OTP event tracer application erlang-eunit - Erlang/OTP module for unit testing erlang-examples - Erlang/OTP application examples erlang-gs - Erlang/OTP graphics system erlang-ic - Erlang/OTP IDL compiler erlang-ic-java - Erlang/OTP IDL compiler (Java classes) erlang-inets - Erlang/OTP Internet clients and servers erlang-jinterface - Java communication tool to Erlang erlang-manpages - Erlang/OTP manual pages erlang-megaco - Erlang/OTP implementation of Megaco/H.248 protocol erlang-mnesia - Erlang/OTP distributed relational/object hybrid database erlang-mode - Erlang major editing mode for Emacs erlang-nox - Erlang/OTP applications that don't require X Window System erlang-observer - Erlang/OTP application for investigating distributed systems erlang-odbc - Erlang/OTP interface to SQL databases erlang-os-mon - Erlang/OTP operating system monitor erlang-parsetools - Erlang/OTP parsing tools erlang-percept - Erlang/OTP concurrency profiling tool erlang-public-key - Erlang/OTP public key infrastructure erlang-reltool - Erlang/OTP release management tool erlang-runtime-tools - Erlang/OTP runtime tracing/debugging tools erlang-snmp - Erlang/OTP SNMP applications erlang-src - Erlang/OTP applications sources erlang-ssh - Erlang/OTP implementation of SSH protocol erlang-ssl - Erlang/OTP implementation of SSL erlang-syntax-tools - Erlang/OTP modules for handling abstract Erlang syntax trees erlang-test-server - Erlang/OTP server for automated application testing erlang-tools - Erlang/OTP various tools erlang-typer - Erlang/OTP code type annotator erlang-webtool - Erlang/OTP helper for web-based tools erlang-wx - Erlang/OTP bindings to wxWidgets erlang-x11 - Erlang/OTP applications that require X Window System erlang-xmerl - Erlang/OTP XML tools Changes: erlang (1:17.3-dfsg-4+deb8u2) jessie-security; urgency=high . * Applied a patch from the upstream which fixes CVE-2017-1000385 vulnerability (TLS server vunlerable to Adaptive Chosen Ciphertext attack allowing plaintext recovery ot MITM attack). Checksums-Sha1: d5b244e5677c684e0d36108841d9f423546df17b 5499 erlang_17.3-dfsg-4+deb8u2.dsc 0bf1d40767046e57fc8bef0372f43576758e99d7 26122088 erlang_17.3-dfsg.orig.tar.xz f96cdc65e31e69d406f7f95f5d1211ace61fdcd5 73564 erlang_17.3-dfsg-4+deb8u2.debian.tar.xz 3e3fa3c741b0fa4d92f55bf6b51cf05ddd4ddeb5 16384458 erlang-doc_17.3-dfsg-4+deb8u2_all.deb 7dd62294b4d27454a0d7d008d33d293d6fb16464 69464 erlang-ic-java_17.3-dfsg-4+deb8u2_all.deb b755e4f10087942f3c3f7f17adb3dd4d16cef3ff 1674988 erlang-manpages_17.3-dfsg-4+deb8u2_all.deb 8e9b4b3bfa52b245f18d94db9a00ad312f5a2032 5407836 erlang-src_17.3-dfsg-4+deb8u2_all.deb a6f4dd789e2c6aa7e9311a4f02b9f9bef0d270fc 1040336 erlang-examples_17.3-dfsg-4+deb8u2_all.deb 654b60b15af667fad782b337a7b7d8a9632e1203 120334 erlang-jinterface_17.3-dfsg-4+deb8u2_all.deb 556c1d5fc6b06be9e48bc1b679fd602cb0118169 101012 erlang-mode_17.3-dfsg-4+deb8u2_all.deb 129da89e6a2ced3f1deb57fc6d7cc2abd6a0abb0 37952 erlang-nox_17.3-df
Accepted golang-github-go-ldap-ldap 2.4.1-1+deb9u1 (source all) into proposed-updates->stable-new, proposed-updates
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Wed, 29 Nov 2017 23:45:26 +0100 Source: golang-github-go-ldap-ldap Binary: golang-github-go-ldap-ldap-dev Architecture: source all Version: 2.4.1-1+deb9u1 Distribution: stretch Urgency: medium Maintainer: pkg-go Changed-By: Dr. Tobias Quathamer Description: golang-github-go-ldap-ldap-dev - Basic LDAP v3 functionality for the Go programming language Closes: 876404 Changes: golang-github-go-ldap-ldap (2.4.1-1+deb9u1) stretch; urgency=medium . * Team upload. * Require explicit intention for empty password. This is normally used for unauthenticated bind, and https://tools.ietf.org/html/rfc4513#section-5.1.2 recommends: "Clients SHOULD disallow an empty password input to a Name/Password Authentication user interface" This is (mostly) a cherry-pick of 95ede12 from upstream, except the bit in ldap_test.go, which is unrelated to the security issue. This fixes CVE-2017-14623. (Closes: #876404) Checksums-Sha1: ea84eca5b7aa9fee4f9bb3e1a95158d9f2c56b52 2223 golang-github-go-ldap-ldap_2.4.1-1+deb9u1.dsc fff71768d88342f57aabf4d33102950b1755b04b 33674 golang-github-go-ldap-ldap_2.4.1.orig.tar.gz e67aff5db4ddaf4535e747bec504a196a819c3ab 4620 golang-github-go-ldap-ldap_2.4.1-1+deb9u1.debian.tar.xz 71b9526f76fad2fefafaa508d8c41a99b76b641e 30570 golang-github-go-ldap-ldap-dev_2.4.1-1+deb9u1_all.deb e0a332f868ab66f53c947776f76edfe29eceb78e 5883 golang-github-go-ldap-ldap_2.4.1-1+deb9u1_amd64.buildinfo Checksums-Sha256: ef955905738d97ee3e80273012e2646dbbc919f14b1eeb4f8c7d4ca5b9ab0ac5 2223 golang-github-go-ldap-ldap_2.4.1-1+deb9u1.dsc 958d8cd684b0578ca16289bcbdcfa25018e7af4c08eb7adc99a5f5a541b29c29 33674 golang-github-go-ldap-ldap_2.4.1.orig.tar.gz 5ed5655409eddf8b0f9df20689cf67a4fdaeee410955721f59cadd498932f118 4620 golang-github-go-ldap-ldap_2.4.1-1+deb9u1.debian.tar.xz 1bb686072f3b8186c2b917b789f33f59bb2e98c80f551bebbcf5ddc84267435d 30570 golang-github-go-ldap-ldap-dev_2.4.1-1+deb9u1_all.deb 74c44af6ac520976917793b2d08fb7b49cf226d8510ddae3e5370fd923aa681c 5883 golang-github-go-ldap-ldap_2.4.1-1+deb9u1_amd64.buildinfo Files: 416725ba71351016c4827c8493c0a326 2223 devel extra golang-github-go-ldap-ldap_2.4.1-1+deb9u1.dsc 9b92afe3a5658d017c68ade126fdf68e 33674 devel extra golang-github-go-ldap-ldap_2.4.1.orig.tar.gz 0426918d62c841a260b4708ddf1c7b66 4620 devel extra golang-github-go-ldap-ldap_2.4.1-1+deb9u1.debian.tar.xz d9cc19be2c741be84a8a3cc52b7491fb 30570 devel extra golang-github-go-ldap-ldap-dev_2.4.1-1+deb9u1_all.deb f7eadcf8bae23929f7260d80bb49c431 5883 devel extra golang-github-go-ldap-ldap_2.4.1-1+deb9u1_amd64.buildinfo -BEGIN PGP SIGNATURE- iQIzBAEBCAAdFiEE0cuPObxd7STF0seMEwLx8Dbr6xkFAlokSooACgkQEwLx8Dbr 6xm1eQ/+K3IzgqAD65X9G9eFfLdG74ogI3Ey7eifjZJVgp1CyRyje1CeYjufVXu6 AasK8FGddR4KV4t0bWE35/jmlfnCzPYdrR5GYB4Q84l+XIkngt6GNCQcSpHACvzU Wo9hz6BGGf9en/M+tJgwQdvS2M+ixIhVM3efkQmLk61EySa+a9eFtrso0hGLcDnm PLSZVGIMo4rqPhOv+7tIrKXdjiOyPR4KxqJvzjH69WCkhwhKRmhG7jSAd15Rkgv/ v/SVbMSXqZrhrCuAvsGETu/c78ibWs3FbqsBPVx2bON8vo+GhnSf4alBk9CxY6gG bqiHLi1827ddzfWVJCN3V4XUKkmLLFizZGvHJmEP7/CSTRLmn0v5Jn+Uvn6pMrpc 71+f5hWOvfh0RiToD/B+0c32RINhrli7X1Q3Uv2Kh6BXfZk+nP1UBLW3l3zuMKa1 z4GnKwC98qrxtL6/Kz4kYhvs8EszQ6uhGHHVFWGUHOlAyEJ9UqVxiKWNr17ZodWG IDqnIlj4l6czzlbQHUnsBPx1Wx6Wr3gpEFbsN8EJ+0pXg+czyhaxZu8DFfH11HJM 2cb9qZkQlcMGQahT0c8gQFmjb8FzB/MSGgiKa2YLH+ORwMCSvpLqFcupCOSYZg7p 7OlTaEimjZzjamCTIAdOlUf2k/XcRidn9NHf/yz3XL77fKmcPZ8= =8crU -END PGP SIGNATURE-
Accepted dns-root-data 2017072601~deb8u2 (source all) into oldstable-proposed-updates->oldstable-new, oldstable-proposed-updates
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Thu, 19 Oct 2017 18:25:06 -0400 Source: dns-root-data Binary: dns-root-data Architecture: source all Version: 2017072601~deb8u2 Distribution: jessie Urgency: medium Maintainer: Ondřej Surý Changed-By: Daniel Kahn Gillmor Description: dns-root-data - DNS root data including root zone and DNSSEC key Closes: 877683 Changes: dns-root-data (2017072601~deb8u2) jessie; urgency=medium . [ Ondřej Surý ] * Update IANA DNSSEC files to 2017-02-02 versions * Strip the GPG verification (IANA doesn't provide it anymore) * Rewrite DS creation check (Closes: #877683) . [ Daniel Kahn Gillmor ] * added myself to uploaders Checksums-Sha1: 8a7b038c1a308011ff7c02cb481a22a58130d11c 1654 dns-root-data_2017072601~deb8u2.dsc dbf751523d6de81c5540b996c894f4e10cbebf11 29564 dns-root-data_2017072601~deb8u2.tar.xz b7ad9977501470dfab1f582e4df679017749cf62 15542 dns-root-data_2017072601~deb8u2_all.deb Checksums-Sha256: 81d4508c96b680486d3c80943d3e53bae5e14ecfe8db2161a9accbc62989b99e 1654 dns-root-data_2017072601~deb8u2.dsc 51411f6f72b0fe99ac5a9df191a1fe28a8eda9ae30b8d0ba0d5de2faff13fd71 29564 dns-root-data_2017072601~deb8u2.tar.xz 3fb4a385e98104bdadbb62742fe36de242c0245975bf15727c8dd45f58173ed4 15542 dns-root-data_2017072601~deb8u2_all.deb Files: f6cee68355e28460e2989f236f75bf50 1654 misc optional dns-root-data_2017072601~deb8u2.dsc 0435f5822b8385913c7722a7ad7faae2 29564 misc optional dns-root-data_2017072601~deb8u2.tar.xz 3b265c981af4bb53b44386af5d2f276c 15542 misc optional dns-root-data_2017072601~deb8u2_all.deb -BEGIN PGP SIGNATURE- iQIzBAEBCgAdFiEEOCdgUepHf6PklTkyFJitxsGSMjcFAloqMhwACgkQFJitxsGS Mjdn7RAAwKH/GVsKTN5C62JYJqtPbRvsB57CBOiGni6CaLnJOA8KQlcaBMRTpkpj X2tuPvsGGCa/IHVbtW2FGhqvRSmOA8C6kBMwIK/zMZr2low0h4vV5FnlV0egqneA eCLo+lILSbxu2F3zPZ8YNdGTWNnaFi+rz6lhtX1lXuwn9jh61uQzToq88gYcEFsN QG3mDm//WrxRYTV/0BxwjM/06P98tBGlTrgpYTooRPjGM4XKmAf+My5QHGhPQHZH 2FPspYzdVATu7hKXqlJj+DM148Hd/sC/v/VJMdkLP4E0y4gWlomea1BnH4hsYOPV vXqZzAncW7yxG/jcwM1XSUZF6ZwaD/jMIuYzE71TKLjxf9swerG9Qflw6Xkl4vXy vHClK7F964fmT9J3Nc1SlsFU7vebRJGzq/7aLcNT2e/NkfYOJ1nCtRP+lirG7+8j jnCgS7uh8W0vlC7e6Z0pYSkKCCBVhlWmkZCeEyccfZn6UkRm0o5MJ1vNztmB1RqG g9Vbf40X8Z0eHhKUXlFBkfK4k8EWGR8dfGL66RrcWEVHlckKFpaVbAXimLZVI6o+ qw6lF57SUS4NS3A5PFeHUGOTAoVhY9g2HWvecrsUm3w92UQFgS6LTO7KvWvpSxPO rmWU6n6lW3kF1qLk0d4uuwWEmFx5yR8SnJcPA/w0vp7TuLx1JQ4= =skS/ -END PGP SIGNATURE-
Accepted auto-apt-proxy 2+deb9u1 (source all) into proposed-updates->stable-new, proposed-updates
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Mon, 27 Nov 2017 13:55:16 -0200 Source: auto-apt-proxy Binary: auto-apt-proxy Architecture: source all Version: 2+deb9u1 Distribution: stretch Urgency: medium Maintainer: Antonio Terceiro Changed-By: Antonio Terceiro Description: auto-apt-proxy - automatic detector of common APT proxy settings Closes: 881751 Changes: auto-apt-proxy (2+deb9u1) stretch; urgency=medium . * Move apt configuration away on removal, and put it back on reinstalls (Closes: #881751) Checksums-Sha1: b2383841ceb21fc73b0e58d39a0778ed5d9723f8 1794 auto-apt-proxy_2+deb9u1.dsc 51b2851ec2016f712b2a52e8d0388ba53b3e4c75 14032 auto-apt-proxy_2+deb9u1.tar.xz 34d74cd7fb41bb5e85ee3e91acbd0797ce478515 4836 auto-apt-proxy_2+deb9u1_all.deb 702e1f8ba552ccf6a41c85878e72cc178086289b 5645 auto-apt-proxy_2+deb9u1_amd64.buildinfo Checksums-Sha256: 529c4f1257ad05db05094ba4d13297738041b42cf08c208b4f0dd3e2f722f6f2 1794 auto-apt-proxy_2+deb9u1.dsc 6deaf39c0c59889e9195f5f10f212c620a3c6d7e75e89fb91bb1b6defb5a6c80 14032 auto-apt-proxy_2+deb9u1.tar.xz 9954770acb95dad196cae317a553057b916d4fc732b3e843e6abea7677c978c2 4836 auto-apt-proxy_2+deb9u1_all.deb cc6e91a9657d5714856e45cadf728fe7ff78eb64739ac89d5ea0e87c3ec2a57a 5645 auto-apt-proxy_2+deb9u1_amd64.buildinfo Files: 26a4cfe0356b7456e6f47595975ef4a0 1794 net optional auto-apt-proxy_2+deb9u1.dsc 6ed09d9b4b149e34d2a33da80f48cfde 14032 net optional auto-apt-proxy_2+deb9u1.tar.xz 5fb1f50e84e4f87423a021baf0e97553 4836 net optional auto-apt-proxy_2+deb9u1_all.deb 018c8af47e00513bb23e78a0f9ed1c9f 5645 net optional auto-apt-proxy_2+deb9u1_amd64.buildinfo -BEGIN PGP SIGNATURE- iQIzBAEBCAAdFiEEst7mYDbECCn80PEM/A2xu81GC94FAlooTKQACgkQ/A2xu81G C96z3RAApovKqLKmzVwQpZHBR6eRNA7YxCplaWpxzubicRCfnATisO3d7Jl2AfR8 Ue3m9GOIjhMGHGlJpZ/QkooZr7wU8RapWQTDLzgo1zn/b8ELxBnlsXz3xcp0UUwD 1zomEGnbZsxaHJGYSOGN7WOzMxDo4kpgt4olwWWFHmbotAYfrDwflKclpJzYffa6 h7WHMH9gCtUDFWvZgiK65Rt29ybXoBX4/sGXRYwRXmhEKtHrJrZ/u99/pajDEQOe vXby1eq44IwK3d+QANx+9wpV9iM46cPq+z0p/+noh18SulMNyMuJCYh3MNe7DVY1 Cpnate/9EcjN1bP012ZoxBUCcxYaoiArMixoCBhhS+zXUmbbA1x3jwMU/RvljBIE 0USkwmUQd3E7vxfPtW8S1Xm9Be/aerln5PXOalw/fh+iwdtYqMEyVn5mH8ehKK+t p8wztk8tPsYDzjoakvKZpkrCNxKq6HPxb0TVD7PZTYSIsX6Y/x6yXhzK3I67RQIL LDOwOayMdJF/Mgy66e2EYoucWGTH5gPEVS7SPPym7r7uLx7xuJrSAda+TWIj9h2g vjswRXxLdbH/QU9Uz4ClWddfqGYkMPQenLQv+fq5hgwDTTJC0Zse7dUuPLRoN5tK cNFcqPhDNuPsL328uC9bCPaY4S5IKT3sYBNas70+Hy4jIzcJrCc= =FtRQ -END PGP SIGNATURE-
Accepted waagent 2.2.18-3~deb9u1 (source) into proposed-updates->stable-new, proposed-updates
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Mon, 04 Dec 2017 15:21:16 +0100 Source: waagent Binary: waagent Architecture: source Version: 2.2.18-3~deb9u1 Distribution: stretch Urgency: high Maintainer: Bastian Blank Changed-By: Bastian Blank Description: waagent- Windows Azure Linux Agent Changes: waagent (2.2.18-3~deb9u1) stretch; urgency=high . * Upload to stretch. Checksums-Sha1: 343e0e813c478d3bed4a650cbd5c04d0095801a7 1543 waagent_2.2.18-3~deb9u1.dsc 37466760d797a75b639060694cd98cb2e2916d7e 9740 waagent_2.2.18-3~deb9u1.debian.tar.xz 321ca4834afc04c8342c0b40609368eccab4a1aa 5524 waagent_2.2.18-3~deb9u1_source.buildinfo Checksums-Sha256: 6fcbbe54e10f79706ef27ac4838f39d2d78cd33c7d1b0d74d43b81dfe908a0aa 1543 waagent_2.2.18-3~deb9u1.dsc add3e5911f807eca1d0f7ce4723b147c694a5ce8173e45ec20ebe5b666039232 9740 waagent_2.2.18-3~deb9u1.debian.tar.xz 88b921a7882ca756e20fc0371e4f3432410541c2c9a94b97022c9dfe9cea087e 5524 waagent_2.2.18-3~deb9u1_source.buildinfo Files: 5d6df62f283edeb382be38710c053544 1543 admin optional waagent_2.2.18-3~deb9u1.dsc 4441e0db2c0c7957d02380b8722b8bb6 9740 admin optional waagent_2.2.18-3~deb9u1.debian.tar.xz c31788928d41098d41ffccf3ce888d1b 5524 admin optional waagent_2.2.18-3~deb9u1_source.buildinfo -BEGIN PGP SIGNATURE- iQEzBAEBCgAdFiEER3HMN63jdS1rqjxLbZOIhYpp/lEFAlolYtkACgkQbZOIhYpp /lETHwf+IEDxwRDTj+azo6pjBtdscm4ZwEj16bNLq8c+tRLGHfemCusJ8AJ9B+EM W0TFm1D6NiQ8IvhoUpol+Az2rdWzEcjJ0c44SPI7cNXohvHBheHaGwYHpQh7jSiB 9YxrVtHqnlhBf7HMjoBX1CQTI332PetSal2fymNZZp/umDEeSJDGJJwIm/vxNCI+ K4QNlrrcGM5GezgChoTnBhwwdd8R7EFx6qEiSsl9g1EZZI/XDIg1hiUp6g7ZBoqx 4LD4zEBVCWNwD6t6MicEg0W7nZONmfdw23nvwXito7GgX31UUNJ44ELr7LMgCvD2 wFggESyImIdSL9UH5Zen1OGvMw1SSg== =B8lA -END PGP SIGNATURE-
Accepted cron 3.0pl1-128+deb9u1 (source amd64) into proposed-updates->stable-new, proposed-updates
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Sat, 07 Oct 2017 15:38:27 +0200 Source: cron Binary: cron Architecture: source amd64 Version: 3.0pl1-128+deb9u1 Distribution: stretch Urgency: medium Maintainer: Javier Fernández-Sanguino Peña Changed-By: Laurent Bigonville Description: cron - process scheduling daemon Closes: 857662 Changes: cron (3.0pl1-128+deb9u1) stretch; urgency=medium . * Non-maintainer upload. * Properly transition system jobs to system_cronjob_t SELinux context and stop relying on refpolicy specific identifiers (Closes: #857662) Checksums-Sha1: 3d21db0c3a6adb39aba2d7a67658e5a5e81244dd 1640 cron_3.0pl1-128+deb9u1.dsc 04875ed53434d6ad92a764c2b1aad8535a6b718c 99058 cron_3.0pl1-128+deb9u1.diff.gz 8275e9e83ceb9e3f14935a5e5a22ed61c32daacb 87278 cron-dbgsym_3.0pl1-128+deb9u1_amd64.deb 08dd243398c87365d662eeeaab4191d0c49b6d6a 5968 cron_3.0pl1-128+deb9u1_amd64.buildinfo cae44fffe6f8812e471d2f1918f61e8db4edb8e3 95390 cron_3.0pl1-128+deb9u1_amd64.deb Checksums-Sha256: d9ab12fcdeae5ef30cbcfe4a9d21a986d504b589428685760c1e97d5c519ea15 1640 cron_3.0pl1-128+deb9u1.dsc fa55a83b1d0633b356186419fba74c0978984f66c0b99c087fcd42f5d8d37050 99058 cron_3.0pl1-128+deb9u1.diff.gz b71b8df1102a2ede202667d7ea026623233a2eba58605e228a31fddb1b726b11 87278 cron-dbgsym_3.0pl1-128+deb9u1_amd64.deb bc47ea607527038f2451c8b51622b16946943a704c8eeb5fa4b7e7555d66ca00 5968 cron_3.0pl1-128+deb9u1_amd64.buildinfo a79ef1b933979da8f322bc93e42ccd8f9119063a6a6e456d9b74fb4dc7228374 95390 cron_3.0pl1-128+deb9u1_amd64.deb Files: 79020bab9eec56836e48d0273b53b591 1640 admin important cron_3.0pl1-128+deb9u1.dsc a2da78628d5eeaa622c9f2bf793617c2 99058 admin important cron_3.0pl1-128+deb9u1.diff.gz 15e0e136906086e31c027a2d3f29f0cc 87278 debug extra cron-dbgsym_3.0pl1-128+deb9u1_amd64.deb c00ed7c414af385a1b1fb1d8ac9fdd61 5968 admin important cron_3.0pl1-128+deb9u1_amd64.buildinfo 591c4fcb721fc39f29835f6507a19f49 95390 admin important cron_3.0pl1-128+deb9u1_amd64.deb -BEGIN PGP SIGNATURE- iQFFBAEBCAAvFiEEmRrdqQAhuF2x31DwH8WJHrqwQ9UFAlon8DwRHGJpZ29uQGRl Ymlhbi5vcmcACgkQH8WJHrqwQ9USXwf9E4DSPNCFh0soETf71BjEyM1vLG3ws53Z kqocoGL+X5EchFChJLXHScEZU3DmdU0a/nPTnvEQqLOV1RxpJXi66ALWfTmcU6Sf T0TuQHkAeaw29Z8qHjJDKu2xc7cElbW16I7l9aF0RacRA/e0LVmYRJKtkA8QfS94 48rYmKv7mWLpZ+eX7vLU0/69p2kkbOoP93xyFFitzuJchEYrA+cCcRjK7VMr8O0N 6xgH9+ivSV+8YljjdbOORkEXPqb9VmBvFGcpD6T3ZghFd1YSAgrj1PWgUY4DAiH2 say4Uxq21cLoG1ZYL3KJ/B+7++So2JCTlejTFwYaw2j8B59fzsbUqQ== =2Z9S -END PGP SIGNATURE-
Accepted optipng 0.7.6-1+deb9u1 (source) into proposed-updates->stable-new, proposed-updates
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Thu, 07 Dec 2017 21:42:04 +0100 Source: optipng Binary: optipng Architecture: source Version: 0.7.6-1+deb9u1 Distribution: stretch-security Urgency: high Maintainer: Debian PhotoTools Maintainers Changed-By: Salvatore Bonaccorso Closes: 878839 882032 Description: optipng- advanced PNG (Portable Network Graphics) optimizer Changes: optipng (0.7.6-1+deb9u1) stretch-security; urgency=high . * Non-maintainer upload by the Security Team. * Prevent integer overflow in minitiff_read_info() (CVE-2017-1000229) (Closes: #882032) * gifread: Detect indirect circular dependencies in LZW tables (CVE-2017-16938) (Closes: #878839) Checksums-Sha1: 9f1dc801a97f22f995446910d6fac6573da854de 2183 optipng_0.7.6-1+deb9u1.dsc abc480543b85d227db4a84be80ae2dd8a8e53a66 200670 optipng_0.7.6.orig.tar.gz 2ea608a8c694116b801b98268b90c664e6c0361c 5976 optipng_0.7.6-1+deb9u1.debian.tar.bz2 Checksums-Sha256: e283b8af9c96d29fda091b9bc383e3f91c33424698da3e0ca060c4fa3486babc 2183 optipng_0.7.6-1+deb9u1.dsc cd7eccd51f15c789e61041b3e03260e2886e74a274c9a6513a1f6db6cce07dc8 200670 optipng_0.7.6.orig.tar.gz 79c6b09880fe5c2d72f261caac08f297abf2ca267024f2db00316e63eaf83bed 5976 optipng_0.7.6-1+deb9u1.debian.tar.bz2 Files: 952cd81e91d3f9ff2d80af1d6bfa3453 2183 graphics optional optipng_0.7.6-1+deb9u1.dsc c36836166ec3b6a12a75600fdb73e6ce 200670 graphics optional optipng_0.7.6.orig.tar.gz c8c3f9d47a9a0c885d2c9786c83f8ae5 5976 graphics optional optipng_0.7.6-1+deb9u1.debian.tar.bz2 -BEGIN PGP SIGNATURE- iQKmBAEBCgCQFiEERkRAmAjBceBVMd3uBUy48xNDz0QFAlopqC9fFIAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2 NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQSHGNhcm5pbEBk ZWJpYW4ub3JnAAoJEAVMuPMTQ89EiWEP/1ldAZiQVcD/F9w2pcFttzbHmF5o5V+R i+rIh1xHKiepOGxGvBj/Rp0vZJQUHNo/bQuirtBO3drZ+G5QhatFBFEhgiuUpp1Q 1kd8c7wnWCMVq7lza0zacWX6KONABbYOLmO3FLFPjv02HfpCcduP5rV+6U9UgJfB UZWy4+1/k1TnKGmLxU0aN6q41yVFqa6ci8w4qYeJ09oPcE4Cap3ZV1xP7gMFVggf nOUJfRyejDHzeg6AUupMv/7VRR3I4s0qg5m5cPUGR0o3IUOc6hUZFrExHIEXckZD YiXy9/RbEkC7LiaicMRKxEHn6TTB/ftWX+G5xwcajV4wKYvBGikLHd8Jwz5++dBK aeg0fKh+9O1T05Hsc1GxBFD8crAdtIDa3jhSaiVBeqDseBIrNFlZJmcjq1ua2DKe 8wcWtlNucTbF1PSH4LsHr9vPeZwyor5FZdFEdL9rSiBaGso5hRAoYqt04R0HbrwV CHn32Q7CA91dAIgrutwbnTUalZjh61Oab5lO3ZOmTDo3jPZyiE/lkzbSt+bpAiKx pe58/aBWILOKuVzehfxpA69bp002QtNAkGOesCj8suqc2AP4C7WxEczgNsjePYvA qRBVTsKJxw2KMjuoBSzwffAVx7OVQ+zlY57tT1SMw/t108nSEpbe9rdotQZlJ8uF 5Xpl657y9aIY =RNAL -END PGP SIGNATURE-
Accepted tor 0.2.9.14-1 (source) into proposed-updates->stable-new, proposed-updates
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Sat, 02 Dec 2017 15:06:10 +0100 Source: tor Binary: tor tor-dbg tor-geoipdb Architecture: source Version: 0.2.9.14-1 Distribution: stretch-security Urgency: medium Maintainer: Peter Palfrader Changed-By: Peter Palfrader Description: tor- anonymizing overlay network for TCP tor-dbg- debugging symbols for Tor tor-geoipdb - GeoIP database for Tor Changes: tor (0.2.9.14-1) stretch-security; urgency=medium . * New upstream version, including among others: - Fix an issue causing DNS to fail on high-bandwidth exit nodes, making them nearly unusable. Fixes bugs 21394 and 18580; bugfix on 0.1.2.2-alpha, which introduced eventdns. Thanks to Dhalgren for identifying and finding a workaround to this bug and to Moritz, Arthur Edelstein, and Roger for helping to track it down and analyze it. - Fix a denial of service bug where an attacker could use a malformed directory object to cause a Tor instance to pause while OpenSSL would try to read a passphrase from the terminal. (Tor instances run without a terminal, which is the case for most Tor packages, are not impacted.) Fixes bug 24246; bugfix on every version of Tor. Also tracked as TROVE-2017-011 and CVE-2017-8821. Found by OSS-Fuzz as testcase 6360145429790720. - Fix a denial of service issue where an attacker could crash a directory authority using a malformed router descriptor. Fixes bug 24245; bugfix on 0.2.9.4-alpha. Also tracked as TROVE-2017-010 and CVE-2017-8820. - When checking for replays in the INTRODUCE1 cell data for a (legacy) onion service, correctly detect replays in the RSA- encrypted part of the cell. We were previously checking for replays on the entire cell, but those can be circumvented due to the malleability of Tor's legacy hybrid encryption. This fix helps prevent a traffic confirmation attack. Fixes bug 24244; bugfix on 0.2.4.1-alpha. This issue is also tracked as TROVE-2017-009 and CVE-2017-8819. - Fix a use-after-free error that could crash v2 Tor onion services when they failed to open circuits while expiring introduction points. Fixes bug 24313; bugfix on 0.2.7.2-alpha. This issue is also tracked as TROVE-2017-013 and CVE-2017-8823. - When running as a relay, make sure that we never build a path through ourselves, even in the case where we have somehow lost the version of our descriptor appearing in the consensus. Fixes part of bug 21534; bugfix on 0.2.0.1-alpha. This issue is also tracked as TROVE-2017-012 and CVE-2017-8822. Checksums-Sha1: 7b0b6c08d8455c9db109f449aee23c6fb1ab5683 1842 tor_0.2.9.14-1.dsc 3ab4c570b75243be603fa6fcf7a77622b984a0a0 5701086 tor_0.2.9.14.orig.tar.gz 3120329eb3f6089d712c95d7e6281c47bc0e00df 42816 tor_0.2.9.14-1.diff.gz Checksums-Sha256: d216d6970f36c32cd961872144061174b8803ee3cd0cc0d91b2f92d467978d98 1842 tor_0.2.9.14-1.dsc 44d9ddca1479f517b74067fe55e919d8d3643645618d5a1f6a5e033765781979 5701086 tor_0.2.9.14.orig.tar.gz b6b04ae06848b6e5ba726462f0385cd5fb0da6f78c45fd5d3184c6a717a52c12 42816 tor_0.2.9.14-1.diff.gz Files: 84161ab1722670d682b6b84c34a93169 1842 net optional tor_0.2.9.14-1.dsc 6fddd91f5532a51eb929295bfba31e10 5701086 net optional tor_0.2.9.14.orig.tar.gz 7cca436dc29cd523104ab5155943e510 42816 net optional tor_0.2.9.14-1.diff.gz -BEGIN PGP SIGNATURE- iQEzBAEBCAAdFiEEs4PXhajJL968BgN2hgLIIDhyMx8FAloiwKgACgkQhgLIIDhy Mx/kYgf+JmgmxuKt7cVz8amF6uE/lkief9EWFgVZEubeV98WVgy5PJWA4+PZn6vZ tkPMd7x8VcF63cZpt0WXn2+DHfS3yR/AJu/h7lqU/sBXr4PmEbrml6SpOGfz2I3R xPPjOumHjjaASpKSi8mgUvMOCyci1fHdHSv3HR4M/AxxONlG1h4E+COFpXwy1J0a R5RGPjMeC8O/SQdWGshljqoucnhxgfqyF7bBW9nrc7VyqmRb1uCjOy/DJ/GqZ8ua 6vqxRuUZtrV5vge1feRocEXz3HUSpoOLOJOl76WHSNJRdCN5dw/Mq0onKzRbdBnL 3a5roigUmtas7GZNIYDUiQci2F1nyg== =wcMe -END PGP SIGNATURE-
Accepted nova 2:14.0.0-4+deb9u1 (source all) into proposed-updates->stable-new, proposed-updates
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Fri, 17 Nov 2017 15:41:15 + Source: nova Binary: python-nova nova-common nova-compute nova-compute-lxc nova-compute-qemu nova-compute-kvm nova-compute-ironic nova-conductor nova-cert nova-scheduler nova-volume nova-api nova-network nova-console nova-consoleauth nova-doc nova-cells nova-consoleproxy nova-placement-api Architecture: source all Version: 2:14.0.0-4+deb9u1 Distribution: stretch-security Urgency: medium Maintainer: PKG OpenStack Changed-By: Thomas Goirand Description: nova-api - OpenStack Compute - compute API frontend nova-cells - Openstack Compute - cells nova-cert - OpenStack Compute - certificate manager nova-common - OpenStack Compute - common files nova-compute - OpenStack Compute - compute node nova-compute-ironic - OpenStack Compute - compute node (Ironic) nova-compute-kvm - OpenStack Compute - compute node (KVM) nova-compute-lxc - OpenStack Compute - compute node (LXC) nova-compute-qemu - OpenStack Compute - compute node (QEmu) nova-conductor - OpenStack Compute - conductor service nova-console - OpenStack Compute - console nova-consoleauth - OpenStack Compute - Console Authenticator nova-consoleproxy - OpenStack Compute - NoVNC proxy nova-doc - OpenStack Compute - documentation nova-network - OpenStack Compute - network manager nova-placement-api - OpenStack compute - placement API nova-scheduler - OpenStack Compute - virtual machine scheduler nova-volume - OpenStack Compute - storage metapackage python-nova - OpenStack Compute - libraries Closes: 882009 Changes: nova (2:14.0.0-4+deb9u1) stretch-security; urgency=medium . * CVE-2017-16239 / OSSA-2017-005: Nova Filter Scheduler bypass through rebuild action. Applied upstream patch: Validate new image via scheduler during rebuild (Closes: #882009). * Fixed nova-placement-api init to use uwsgi. The old init file was simply not working at all. * Add CVE-2017-17051_Refined_fix_for_validating_image_on_rebuild.patch. Checksums-Sha1: 5e5a53a31522dde266b43d080b39de2ce19bc847 5468 nova_14.0.0-4+deb9u1.dsc 031b2bfd9a88483c9277a36744d0184df690e3e3 3696640 nova_14.0.0.orig.tar.xz d3c62cba6ac2a8ae05de267d0c7da9a707390da1 76312 nova_14.0.0-4+deb9u1.debian.tar.xz 6df08b689a79c2b6f7036a6140e6fc2cd567067a 45750 nova-api_14.0.0-4+deb9u1_all.deb 5d36aa954110004e52fbd440c6655bb728f18fff 21346 nova-cells_14.0.0-4+deb9u1_all.deb f3de46ed09f753adfd041603dbc4b524f44e7944 22356 nova-cert_14.0.0-4+deb9u1_all.deb eb60646b5c2b18b658cd429d81d6582a695dfc4a 118710 nova-common_14.0.0-4+deb9u1_all.deb 3272be16be159c18c8a847bddd953401871ea55a 18710 nova-compute-ironic_14.0.0-4+deb9u1_all.deb 8e966052e860dd9b5891f70e7454982ada3aac00 18810 nova-compute-kvm_14.0.0-4+deb9u1_all.deb b1650fa248d4734ebef59e3c38ef1ffea560972d 18866 nova-compute-lxc_14.0.0-4+deb9u1_all.deb 50655a9c8f5e13935b246bed4f1b7564f0cc27f5 18690 nova-compute-qemu_14.0.0-4+deb9u1_all.deb dc14ce9fbdd282f9d91c526192b75ca310007281 25102 nova-compute_14.0.0-4+deb9u1_all.deb 1a15bbe377e55b630041344104f9e2a724b7aef4 22252 nova-conductor_14.0.0-4+deb9u1_all.deb d88a78e82fa529e8ba309a12d61701a618c0b292 22342 nova-console_14.0.0-4+deb9u1_all.deb e851f28be8acb090e07aab3f7a1d39b0ef963f88 22326 nova-consoleauth_14.0.0-4+deb9u1_all.deb 873bdc3b232c4b09a7f6ae19b0b8c3cca4749af1 26646 nova-consoleproxy_14.0.0-4+deb9u1_all.deb 60b31736626b2d5ef785c092b33af979898db44c 688598 nova-doc_14.0.0-4+deb9u1_all.deb 30916902751c872e324cd739ae42c3cfd133adbb 24406 nova-network_14.0.0-4+deb9u1_all.deb 2f6cd55cd0e2482a868230e9681f2c4643cf09e6 22072 nova-placement-api_14.0.0-4+deb9u1_all.deb 18a331c8426705bf172b17d3899bbe7357eee479 22240 nova-scheduler_14.0.0-4+deb9u1_all.deb 32b303b1a94d5a0037b8c1ac77ef6536f2a859c7 18344 nova-volume_14.0.0-4+deb9u1_all.deb 8a30fd5ce4f478b11d7b8004b482026e1cc0c6a2 23708 nova_14.0.0-4+deb9u1_amd64.buildinfo 170a96c8788aef79eafe05ab38cb4b5f36464474 2544316 python-nova_14.0.0-4+deb9u1_all.deb Checksums-Sha256: da60dacc8827a492611ef61993e7af2ad340a92a65a37d3f609eded4c67c7a70 5468 nova_14.0.0-4+deb9u1.dsc 1d15af8329cc26a39c7971b689b4ab81b834763276689089eca80ccaa55de598 3696640 nova_14.0.0.orig.tar.xz 5b766990de3b13916359bd1b27f07235df525789254c9300afe64ec4c317 76312 nova_14.0.0-4+deb9u1.debian.tar.xz 415a01ecc304db7da63a7dc2f54925cce9b5bc20f23fb5628fc9573eec3a63de 45750 nova-api_14.0.0-4+deb9u1_all.deb 11b5ecf3ce7b126b58f1b957e7704a074c965544ed8fc1d8ea3d9647db9c9bc9 21346 nova-cells_14.0.0-4+deb9u1_all.deb 137da74d9b91c90b0cc4d8b46f0e1c87ad4b0939aa5aa58305d93341125351bf 22356 nova-cert_14.0.0-4+deb9u1_all.deb 85628affb7c5c72a8451fd0b85a7d39556c7cbaada2acd56c720687cf2339f78 118710 nova-common_14.0.0-4+deb9u1_all.deb 45b2ecc5be4118e9dbd8d636cdca9edb671044dbb0a4efd1127939bd1e1f5a1f 18710 nova-compute-ironic_14.0.0-4+deb9u1_all.deb 9603762e8fb5a582d069a590b00b5dab2b2755479308ea4b3a556a4c6a16645b 18810 nova-compute-kvm_14.0.0-
Accepted libxcursor 1:1.1.14-1+deb9u1 (source) into proposed-updates->stable-new, proposed-updates
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Thu, 07 Dec 2017 17:07:35 +0100 Source: libxcursor Binary: libxcursor1 libxcursor1-udeb libxcursor1-dbg libxcursor-dev Architecture: source Version: 1:1.1.14-1+deb9u1 Distribution: stretch-security Urgency: high Maintainer: Debian X Strike Force Changed-By: Salvatore Bonaccorso Closes: 883792 Description: libxcursor-dev - X cursor management library (development files) libxcursor1 - X cursor management library libxcursor1-dbg - X cursor management library (unstripped) libxcursor1-udeb - X cursor management library (udeb) Changes: libxcursor (1:1.1.14-1+deb9u1) stretch-security; urgency=high . * Non-maintainer upload by the Security Team. * Fix heap overflows when parsing malicious files (CVE-2017-16612) (Closes: #883792) Package-Type: udeb Checksums-Sha1: fa523eff12447207cc077d46c5a0eb9da2d87178 2489 libxcursor_1.1.14-1+deb9u1.dsc c33076d4567862854b28fb5fd76888ecd62603c1 19302 libxcursor_1.1.14-1+deb9u1.diff.gz Checksums-Sha256: 81c5372315e4534c07f1bbc05e92927568ae55e84b3609d6f95c11e592890791 2489 libxcursor_1.1.14-1+deb9u1.dsc 7bf662975b685c42ee3125ecf370cefb804afa0c45423d1ff26c690b0b6e5de3 19302 libxcursor_1.1.14-1+deb9u1.diff.gz Files: ac49ec1ce39bd604be57ed8ab59d9cff 2489 devel optional libxcursor_1.1.14-1+deb9u1.dsc 7bc9c086a59ccc7b6d3bd2a77f4fd543 19302 devel optional libxcursor_1.1.14-1+deb9u1.diff.gz -BEGIN PGP SIGNATURE- iQKmBAEBCgCQFiEERkRAmAjBceBVMd3uBUy48xNDz0QFAlopoddfFIAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2 NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQSHGNhcm5pbEBk ZWJpYW4ub3JnAAoJEAVMuPMTQ89EMvsQAJTO9PKdwvRhz/PkCw19737OQQVejPbt KaKsq1Xv5P2pu46aApmWvQb0KG62qcpoqBVfQg9Wc+gqH3HPFCo4V0eCPl9WZhku y9txijhTEgqu4ErT46AFIWc+NdBMkGWoK9O33ElfheDaEVyTC55flf5h6zNzzugi sPVumGC/4xJWPG2uF6jzXrsaxb9n5c6GBVtzgHZb/Vpc/KbYkc+RfpmhoEumf8Jj ZBU91pqyOqlADghdpef4mRzKCFhlCtMjs4krCGbFbELHyTLyV9lDPZBCPC593IFP et8jPUPoQLlHZ3puKEhaIGeYfGTMSfBwMMTtXay8L9SZYXtZXledZ8tugq+f+pDQ zGTzKDFjdOkCcxxzLC6eqqz0olKiBEc/rkwfPSpHIaaMUJRqUJoc6yy5JZfICVsA Fyfih7A+X802H/pwKavmbAUIJmVl/g6H9dkX9zzwK7X83y9dIPodqH2fTN7A4DEg 95tRjUdwDl8ouBGVzhKQcvhUP1DXEyC5mo1xm110dESBN2UgOPnViYdVJN1kB4dC Wc7ecRwa1eZQPNGgrXA2dXkxTZ7HVjrK+yZ3kwEWnQRY6c/8qYMZi8nPLjEfj73f hC0BQTY7J+5kFg7B/bYjx/XbYCTcMjcviv26ADZhVG4HGJSetNipLLpY7X0TB8NA MSYA3umIgLhb =8MLl -END PGP SIGNATURE-
Accepted heimdal 7.1.0+dfsg-13+deb9u2 (source i386 all) into proposed-updates->stable-new, proposed-updates
-BEGIN PGP SIGNED MESSAGE- Hash: SHA384 Format: 1.8 Date: Wed, 06 Dec 2017 13:24:04 +0100 Source: heimdal Binary: heimdal-docs heimdal-kdc heimdal-multidev heimdal-dev heimdal-clients heimdal-kcm heimdal-servers heimdal-dbg libheimbase1-heimdal libasn1-8-heimdal libkrb5-26-heimdal libhdb9-heimdal libkadm5srv8-heimdal libkadm5clnt7-heimdal libgssapi3-heimdal libkafs0-heimdal libroken18-heimdal libotp0-heimdal libsl0-heimdal libkdc2-heimdal libhx509-5-heimdal libheimntlm0-heimdal libwind0-heimdal libhcrypto4-heimdal Architecture: source i386 all Version: 7.1.0+dfsg-13+deb9u2 Distribution: stretch-security Urgency: high Maintainer: Brian May Changed-By: Dominik George Description: heimdal-clients - Heimdal Kerberos - clients heimdal-dbg - Heimdal Kerberos - debugging symbols heimdal-dev - Heimdal Kerberos - development files heimdal-docs - Heimdal Kerberos - documentation heimdal-kcm - Heimdal Kerberos - KCM daemon heimdal-kdc - Heimdal Kerberos - key distribution center (KDC) heimdal-multidev - Heimdal Kerberos - Multi-implementation Development heimdal-servers - Heimdal Kerberos - server programs libasn1-8-heimdal - Heimdal Kerberos - ASN.1 library libgssapi3-heimdal - Heimdal Kerberos - GSSAPI support library libhcrypto4-heimdal - Heimdal Kerberos - crypto library libhdb9-heimdal - Heimdal Kerberos - kadmin server library libheimbase1-heimdal - Heimdal Kerberos - Base library libheimntlm0-heimdal - Heimdal Kerberos - NTLM support library libhx509-5-heimdal - Heimdal Kerberos - X509 support library libkadm5clnt7-heimdal - Heimdal Kerberos - kadmin client library libkadm5srv8-heimdal - Libraries for Heimdal Kerberos libkafs0-heimdal - Heimdal Kerberos - KAFS support library libkdc2-heimdal - Heimdal Kerberos - KDC support library libkrb5-26-heimdal - Heimdal Kerberos - libraries libotp0-heimdal - Heimdal Kerberos - OTP support library libroken18-heimdal - Heimdal Kerberos - roken support library libsl0-heimdal - Heimdal Kerberos - SL support library libwind0-heimdal - Heimdal Kerberos - stringprep implementation Closes: 878144 Changes: heimdal (7.1.0+dfsg-13+deb9u2) stretch-security; urgency=high . * CVE-2017-17439: Remote unauthenticated DoS in Heimdal-KDC 7.1 (Closes: #878144) Checksums-Sha1: 18092e4d898242aa03f4555155050c203de85c08 3743 heimdal_7.1.0+dfsg-13+deb9u2.dsc 7160959e5db2804cc0f94e889d3a90f32dfba19b 70108 heimdal_7.1.0+dfsg-13+deb9u2.debian.tar.xz 30b224320b907cfa5973017a3f81e31ae5c819b8 183232 heimdal-clients_7.1.0+dfsg-13+deb9u2_i386.deb 202df9729e5fb78e0d5d2c16a6ac034ff7d304d8 4749174 heimdal-dbg_7.1.0+dfsg-13+deb9u2_i386.deb 1fd02152a905b1504c7ac683e4f81cc44dbcade9 140908 heimdal-dev_7.1.0+dfsg-13+deb9u2_i386.deb 64b6311faa4ac9a824d937715d91c92c061aff89 104498 heimdal-docs_7.1.0+dfsg-13+deb9u2_all.deb 8bf74125dd547e22b75623bb0849a1dfbb1ee7b8 57650 heimdal-kcm_7.1.0+dfsg-13+deb9u2_i386.deb 1cf1d88b6cebd1f7a06882de90a5004592bbaf67 132630 heimdal-kdc_7.1.0+dfsg-13+deb9u2_i386.deb 6b1353b20575237408318818b181c472944242eb 1275518 heimdal-multidev_7.1.0+dfsg-13+deb9u2_i386.deb 9c9985a848ad13f7e47cdf3f5f35ef5ab9d49097 35526 heimdal-servers_7.1.0+dfsg-13+deb9u2_i386.deb ba11608f9641babb6b5bbf98deb85f588e5aa0ca 14329 heimdal_7.1.0+dfsg-13+deb9u2_i386.buildinfo 3e87c18c6b2e5e0e547ff0e6697872c5bed0840c 217660 libasn1-8-heimdal_7.1.0+dfsg-13+deb9u2_i386.deb 21c968bd6e3f1bbbc6cc4839f7fee68efcf48781 133300 libgssapi3-heimdal_7.1.0+dfsg-13+deb9u2_i386.deb 2a8f6c261b8fbb5f560e274a10716e23d8791ea0 120006 libhcrypto4-heimdal_7.1.0+dfsg-13+deb9u2_i386.deb 21a623ac1dccea4d56c6648a341e1a36467a4610 95530 libhdb9-heimdal_7.1.0+dfsg-13+deb9u2_i386.deb 0835d422abcd73547407ab3dac97c31523caf1fb 56670 libheimbase1-heimdal_7.1.0+dfsg-13+deb9u2_i386.deb 9f995aae3efe287ed7bf32f47ab361d77eeacc71 42026 libheimntlm0-heimdal_7.1.0+dfsg-13+deb9u2_i386.deb 674318dd19b48c487c3e26f7e525bd7e2c22a8db 143848 libhx509-5-heimdal_7.1.0+dfsg-13+deb9u2_i386.deb a75cf753221af2b3cc43df2974ac6e79351b4467 45842 libkadm5clnt7-heimdal_7.1.0+dfsg-13+deb9u2_i386.deb d145f9eb55f19f90eb27e18b48aa9811fa3cc57f 64596 libkadm5srv8-heimdal_7.1.0+dfsg-13+deb9u2_i386.deb c6ae128e9dbe6e13d61b7dfc8ff885a86b596dd5 42450 libkafs0-heimdal_7.1.0+dfsg-13+deb9u2_i386.deb 947a7337a80f27f97acd4a878a4cbd9a1ff39bc7 85408 libkdc2-heimdal_7.1.0+dfsg-13+deb9u2_i386.deb a65eb31dc358dd31c6ad159af5daa25a9d779b33 259294 libkrb5-26-heimdal_7.1.0+dfsg-13+deb9u2_i386.deb bed29de175f8055cc584e25b6951e913ad53eb0d 51006 libotp0-heimdal_7.1.0+dfsg-13+deb9u2_i386.deb 421d4f940a71b302b16c68e82fa4dc3875c98871 69254 libroken18-heimdal_7.1.0+dfsg-13+deb9u2_i386.deb 00a671df2015ba49c0bbe1bb9c244fde19fb632d 38056 libsl0-heimdal_7.1.0+dfsg-13+deb9u2_i386.deb 4e9388c69a7214109f4c7188746e6ca3c680aae9 74166 libwind0-heimdal_7.1.0+dfsg-13+deb9u2_i386.deb Checksums-Sha256: c95b3a693cd33f25c1b927637125826652403ccee860ee2f9b393a0155266393 3743 heimdal_7.1.0+dfsg-13+deb9u2.dsc 677386d6ad1840
Accepted erlang 1:19.2.1+dfsg-2+deb9u1 (source amd64 all) into proposed-updates->stable-new, proposed-updates
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Wed, 22 Mar 2017 15:31:29 +0300 Source: erlang Binary: erlang-base erlang-base-hipe erlang-asn1 erlang-common-test erlang-corba erlang-crypto erlang-debugger erlang-dialyzer erlang-diameter erlang-doc erlang-edoc erlang-eldap erlang-erl-docgen erlang-et erlang-eunit erlang-gs erlang-ic erlang-ic-java erlang-inets erlang-manpages erlang-megaco erlang-mnesia erlang-observer erlang-odbc erlang-os-mon erlang-parsetools erlang-percept erlang-public-key erlang-reltool erlang-runtime-tools erlang-snmp erlang-ssh erlang-ssl erlang-syntax-tools erlang-tools erlang-typer erlang-wx erlang-xmerl erlang-dev erlang-dbg erlang-src erlang-examples erlang-jinterface erlang-mode erlang-nox erlang-x11 erlang Architecture: source amd64 all Version: 1:19.2.1+dfsg-2+deb9u1 Distribution: stretch-security Urgency: high Maintainer: Debian Erlang Packagers Changed-By: Sergei Golovan Description: erlang - Concurrent, real-time, distributed functional language erlang-asn1 - Erlang/OTP modules for ASN.1 support erlang-base - Erlang/OTP virtual machine and base applications erlang-base-hipe - Erlang/OTP HiPE enabled virtual machine and base applications erlang-common-test - Erlang/OTP application for automated testing erlang-corba - Erlang/OTP applications for CORBA support erlang-crypto - Erlang/OTP cryptographic modules erlang-dbg - Erlang/OTP symbol files erlang-debugger - Erlang/OTP application for debugging and testing erlang-dev - Erlang/OTP development libraries and headers erlang-dialyzer - Erlang/OTP discrepancy analyzer application erlang-diameter - Erlang/OTP implementation of RFC 6733 protocol erlang-doc - Erlang/OTP HTML/PDF documentation erlang-edoc - Erlang/OTP module for generating documentation erlang-eldap - Erlang/OTP LDAP library erlang-erl-docgen - Erlang/OTP documentation stylesheets erlang-et - Erlang/OTP event tracer application erlang-eunit - Erlang/OTP module for unit testing erlang-examples - Erlang/OTP application examples erlang-gs - Erlang/OTP graphics system erlang-ic - Erlang/OTP IDL compiler erlang-ic-java - Erlang/OTP IDL compiler (Java classes) erlang-inets - Erlang/OTP Internet clients and servers erlang-jinterface - Java communication tool to Erlang erlang-manpages - Erlang/OTP manual pages erlang-megaco - Erlang/OTP implementation of Megaco/H.248 protocol erlang-mnesia - Erlang/OTP distributed relational/object hybrid database erlang-mode - Erlang major editing mode for Emacs erlang-nox - Erlang/OTP applications that don't require X Window System erlang-observer - Erlang/OTP application for investigating distributed systems erlang-odbc - Erlang/OTP interface to SQL databases erlang-os-mon - Erlang/OTP operating system monitor erlang-parsetools - Erlang/OTP parsing tools erlang-percept - Erlang/OTP concurrency profiling tool erlang-public-key - Erlang/OTP public key infrastructure erlang-reltool - Erlang/OTP release management tool erlang-runtime-tools - Erlang/OTP runtime tracing/debugging tools erlang-snmp - Erlang/OTP SNMP applications erlang-src - Erlang/OTP applications sources erlang-ssh - Erlang/OTP implementation of SSH protocol erlang-ssl - Erlang/OTP implementation of SSL erlang-syntax-tools - Erlang/OTP modules for handling abstract Erlang syntax trees erlang-tools - Erlang/OTP various tools erlang-typer - Erlang/OTP code type annotator erlang-wx - Erlang/OTP bindings to wxWidgets erlang-x11 - Erlang/OTP applications that require X Window System erlang-xmerl - Erlang/OTP XML tools Changes: erlang (1:19.2.1+dfsg-2+deb9u1) stretch-security; urgency=high . * Applied a patch from the upstream which fixes CVE-2017-1000385 vulnerability (TLS server vunlerable to Adaptive Chosen Ciphertext attack allowing plaintext recovery ot MITM attack). Checksums-Sha1: 7b2928f5994d509cf972a8d9c1f4808d265e3b01 5403 erlang_19.2.1+dfsg-2+deb9u1.dsc 479e397efcb36c8f1b9f503468057e105f6c4ea7 23581804 erlang_19.2.1+dfsg.orig.tar.xz 53e7fe7fa6ca24e841cb43156e65563390f48eb7 62660 erlang_19.2.1+dfsg-2+deb9u1.debian.tar.xz 97db752d6b314aec278038f86fcc8828c4129196 739940 erlang-asn1_19.2.1+dfsg-2+deb9u1_amd64.deb 2cb25afcab6ee5565cdb1f1278b41b21e1d1aef1 8008380 erlang-base-hipe-dbgsym_19.2.1+dfsg-2+deb9u1_amd64.deb 4873c4e1dc8aa87a1ae5d69ff1e89b2ffbe6d55d 8712930 erlang-base-hipe_19.2.1+dfsg-2+deb9u1_amd64.deb d9aabe91cbe24ec4a205937b00455a11b1670375 7173044 erlang-base_19.2.1+dfsg-2+deb9u1_amd64.deb 8ced50c3194881cebce6469b8d1ba9a29ced3d46 1039158 erlang-common-test_19.2.1+dfsg-2+deb9u1_amd64.deb 0d22ffc3ab79215913b39b30d74a80dbf4b17425 2257324 erlang-corba_19.2.1+dfsg-2+deb9u1_amd64.deb 1d22b5aa545c3bff87b7354c88a0aec5ed2a212c 124954 erlang-crypto_19.2.1+dfsg-2+deb9u1_amd64.deb fa6ceb5fb2f444bbeee34c71c7c67057c4046e20 7157170 erlang-dbg_19.2.1+dfsg-2+deb9u1_amd64.deb 2e59dac25b3f0db7ee0f41805597ae41aa7a8bc7 409174 erlang-debugger_19.2.1+dfsg-2+deb9u