Accepted gnutls28 3.7.1-5+deb11u5 (source) into oldstable-proposed-updates
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Sat, 20 Jan 2024 07:56:15 +0100 Source: gnutls28 Architecture: source Version: 3.7.1-5+deb11u5 Distribution: bullseye Urgency: medium Maintainer: Debian GnuTLS Maintainers Changed-By: Andreas Metzler Closes: 1061045 1061046 Changes: gnutls28 (3.7.1-5+deb11u5) bullseye; urgency=medium . * Cherrypick two CVE fixes from 3.8.3: Fix assertion failure when verifying a certificate chain with a cycle of cross signatures. CVE-2024-0567 GNUTLS-SA-2024-01-09 Closes: #1061045 Fix more timing side-channel inside RSA-PSK key exchange. CVE-2024-0553 GNUTLS-SA-2024-01-14 Closes: #1061046 Checksums-Sha1: c8b6e8801d4bacdbe58c5e2fcefb58f75b67def3 3522 gnutls28_3.7.1-5+deb11u5.dsc 84ef766db919cac520c54dd4b5c1a80391f480ac 100560 gnutls28_3.7.1-5+deb11u5.debian.tar.xz Checksums-Sha256: 2d36c3fefd269c3f92d6a1f6bbb752e6e9585410dc8bb834a723eaf693cb0082 3522 gnutls28_3.7.1-5+deb11u5.dsc b50f57600d68d03fe88f116db6a103647d4f361c7f1909c23ce75cf4454567ec 100560 gnutls28_3.7.1-5+deb11u5.debian.tar.xz Files: 12af45fa6fa6bdca1544ac33a2bcbd71 3522 libs optional gnutls28_3.7.1-5+deb11u5.dsc 065ebd3f5c3e47d873d0984dc6bea098 100560 libs optional gnutls28_3.7.1-5+deb11u5.debian.tar.xz -BEGIN PGP SIGNATURE- iQIzBAEBCgAdFiEE0uCSA5741Jbt9PpepU8BhUOCFIQFAmWrqCwACgkQpU8BhUOC FITn6w//X38NGiMrDu+XHdm57HAd8KxoZKq2uG9EhB11rYAiR6EUNP14QXNsl22S pFwPDGDbszSqBlmyCaqNVj7SxLnqUkO+X7DgwdgfqV5GnTpDf5GwMMPx4ISMMU5X DB/IyBN1v1VcHG0iwJ1jHNp7Om56U1hZAOkQBzhh2liWtgc3wnwx2akXTzLzahef 6oNbcLr84lSjCmyF2s2LbWhE7KeSQEYQACTyNpIdX3/vM8ZZz5eXoM8cug7f00Nm S2fD8YLNbrpDs7EGs2pVcatEQK6T8R6kxXpX+SDDMiESobCxXAzA/DTFN4ECEfhP 744xviXO62t5mJEkA4lnIlTyJUU4BZLCPTxz261ZxClixPdldvuapScfrPMH2N9t OEoGYQFFC3jqzUaBC4CSTGo04FUhfn0KTB1kK+OG2qdxlqDOdndxZynG6x/wCSsJ dCWEAtcQJtSni1Tkur+J8lpOOqRiSz9ZUCLurtqs0qRKxlN+a46aJeS3LU/0jg1L SwouSOr+xb8HAE6zEMM7d1nBhVdW+bTK7J2BQxKDiHl9OJfwmZBySmi5L/TIa6PX MDNkZ2Zu7FXUWntqqlrl+lEOnKV7iJ3X9rB3QVX5jBE6OPE12os9TsNZLcIxulD5 40Lg/qGQIOqlTVHd4rJDI7n/QGgSf9guTsBxj66zHNa+l3IcM44= =ZNvJ -END PGP SIGNATURE- pgptCpE5O96bB.pgp Description: PGP signature
Accepted gross 1.0.2-4.1~deb11u1 (source) into oldstable-proposed-updates
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Fri, 29 Mar 2024 23:02:44 +0200 Source: gross Architecture: source Version: 1.0.2-4.1~deb11u1 Distribution: bullseye Urgency: high Maintainer: Antonio Radici Changed-By: Adrian Bunk Closes: 1067115 Changes: gross (1.0.2-4.1~deb11u1) bullseye; urgency=medium . * Non-maintainer upload. * Rebuild for bullseye. . gross (1.0.2-4.1) unstable; urgency=high . * Non-maintainer upload. * CVE-2023-52159: Stack-based buffer overflow (Closes: #1067115) Checksums-Sha1: 87933f0fd7c19768ef9a378e0b288cd25ef121b0 1869 gross_1.0.2-4.1~deb11u1.dsc 00961feb7b9c8330bb6db2a33b8d5c378c1eaee2 317461 gross_1.0.2.orig.tar.gz 4098437e9f84970f1c43c3df2699f78eebe68915 7024 gross_1.0.2-4.1~deb11u1.debian.tar.xz Checksums-Sha256: 1ce55dfb6b85c0710c374db83ec40a5300dc3488b4a6f43a7f5e267a92f71c3c 1869 gross_1.0.2-4.1~deb11u1.dsc 8443b9ba46537ed6470bda60109df68d40d3dd11b9f5a07c9180cb01af7147f9 317461 gross_1.0.2.orig.tar.gz d9eec296a55d140deb5b525ed9e93d9bf767239b23e8828fe961b5d07f37a948 7024 gross_1.0.2-4.1~deb11u1.debian.tar.xz Files: 9ce1eaa1da132e4eb44634cc16e9a69a 1869 mail extra gross_1.0.2-4.1~deb11u1.dsc cb88d88553161c01e9bed7a74c3e9263 317461 mail extra gross_1.0.2.orig.tar.gz 8c360f13264f1d8098dc51c01a4d779c 7024 mail extra gross_1.0.2-4.1~deb11u1.debian.tar.xz -BEGIN PGP SIGNATURE- iQIzBAEBCgAdFiEEOvp1f6xuoR0v9F3wiNJCh6LYmLEFAmYHLWAACgkQiNJCh6LY mLGTexAAjVy3+rghJcTR26UweRS+P1/NuUIwTHqLfAAoSYmZQMLHnVQdodxabwzW No7F+tmVkUvr1oNCkjmXUnSSKG2BPki2w5lb4oBoDrZxZ0wwOLw8Xg6r5HEVpTev 4UxjOeKZFrJiHPtmBfSDEADlC3CqcuEnE19E6P0LFdiOgvvVflqpWaDb6Yyik0X7 jST6OnbxuTNuQJhSS8pXfqOuqE5KapUjIzkeMK3ljoe+zNblY32QCQL6+IMAyJBN fGEqV6wYrcfr6SeF2XMCia2se7eyRyQCrigyVrMUSPjMg+4PowvTL/Etb2J9edR5 J5J/qSMf3WxSuW6a9O15+paM7Hfe259Z/BfzYxwi8bU9FW9BPijiXLAfSB3uMDWM cX78hla2UDll/B1yhUkN1gUR2CLcQUGGBKXirExGYROfPbWlQwSgcJuIgKrvi+az lGbYJEX2orrOVgPBXYDN8goDLRey9tCi+ZX5IpqNiUFjiF2oQBykVMdyRmdKpLA6 twujVx6uC7uiodXsUJHghLq+N5RV3CeopB+7S7GEvfvNRG0ZM9qeitnLK9CJtVDs WS1tAzUR+JqwOULK0savfzVbDpsOKyfbmYH9PfOVbh2NxNn96aP/KspmGnMFFxxJ fdsCcRIqE+cdbdD7dmIW6BVV+KUTLezUoC2IOKmd4p6lfNJRxoo= =Lcwv -END PGP SIGNATURE- pgpVF3scPkPvT.pgp Description: PGP signature
Accepted py7zr 0.11.3+dfsg-1+deb11u1 (source) into oldstable-proposed-updates
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Wed, 27 Mar 2024 23:38:18 -0300 Source: py7zr Architecture: source Version: 0.11.3+dfsg-1+deb11u1 Distribution: bullseye-security Urgency: medium Maintainer: Sandro Tosi Changed-By: Santiago Ruano Rincón Closes: 1032091 Changes: py7zr (0.11.3+dfsg-1+deb11u1) bullseye-security; urgency=medium . [ YOKOTA Hiroshi ] * Fix sanity check for path traversal attack (Closes: #1032091, CVE-2022-44900) Checksums-Sha1: d2c4194428a44c1c253fdb85bdd28ad29a949f48 1779 py7zr_0.11.3+dfsg-1+deb11u1.dsc b2a30d461a721f34b3314de67e26b727a1e15746 2263144 py7zr_0.11.3+dfsg.orig.tar.xz a2d28da7c607996c24489172aeefe3fa83883e7e 9412 py7zr_0.11.3+dfsg-1+deb11u1.debian.tar.xz c0dda062868d19187ccb5eb5ffee88dbfe900067 8809 py7zr_0.11.3+dfsg-1+deb11u1_amd64.buildinfo Checksums-Sha256: ef95d95692a93c68cc487e6c6e02037f2f0d8ac3916c500b58a69d3b894611da 1779 py7zr_0.11.3+dfsg-1+deb11u1.dsc dc2533036ef3238277515d0468bc725a9982d9f3dac40c95b2ec80aacae23f3d 2263144 py7zr_0.11.3+dfsg.orig.tar.xz a5a5cee00b31512dfca4af2d836818506c49690c082e5e83bc216170723a141f 9412 py7zr_0.11.3+dfsg-1+deb11u1.debian.tar.xz 363fc954c6e958a7d73d3f62b3bd9ec9e306ad2fafe4836849894e2336453a42 8809 py7zr_0.11.3+dfsg-1+deb11u1_amd64.buildinfo Files: 26bdb663034e8568fa113954a7a3e563 1779 python optional py7zr_0.11.3+dfsg-1+deb11u1.dsc 26304011ac136641fcbf94cc65cf4031 2263144 python optional py7zr_0.11.3+dfsg.orig.tar.xz 05c2f7d78b01d73dae0606f2ab033a48 9412 python optional py7zr_0.11.3+dfsg-1+deb11u1.debian.tar.xz d5e53cb2d612f5ee3108a25fcdbb995e 8809 python optional py7zr_0.11.3+dfsg-1+deb11u1_amd64.buildinfo -BEGIN PGP SIGNATURE- iHUEARYIAB0WIQRZVjztY8b+Ty43oH1itBCJKh26HQUCZgrfswAKCRBitBCJKh26 HQjLAQC2vew3emYdj4cgTieGOQxUo99lD0HBQ1ehlOjcagc5vgEAva9X9qD8Dlo9 5om+77xgFRCxDCBb3TBcJsT9GiSPqwo= =jbGe -END PGP SIGNATURE- pgpRTElUJSxt1.pgp Description: PGP signature
Accepted mediawiki 1:1.35.13-1+deb11u2 (source) into oldstable-proposed-updates
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Fri, 29 Mar 2024 14:48:41 +0200 Source: mediawiki Architecture: source Version: 1:1.35.13-1+deb11u2 Distribution: bullseye-security Urgency: medium Maintainer: Kunal Mehta Changed-By: Taavi Väänänen Changes: mediawiki (1:1.35.13-1+deb11u2) bullseye-security; urgency=medium . * Cherry-pick upstream patch fixing T357760 (DoS in Special:MovePage, CVE pending). Checksums-Sha1: c5a38e0ac199dc560e004d3bd945c99d4568e358 2419 mediawiki_1.35.13-1+deb11u2.dsc 7a8faec044706a1917c25c850a035e13af7bd648 102368 mediawiki_1.35.13-1+deb11u2.debian.tar.xz 9373b5d62a1c44a647b596567ecc1911ec7ccca6 7686 mediawiki_1.35.13-1+deb11u2_amd64.buildinfo Checksums-Sha256: 1c91a685210445de0339051c7e5559639b1a226e68d55e16f1a61a3a79bc007e 2419 mediawiki_1.35.13-1+deb11u2.dsc 9b7a84670ce42e7b424bf31fdc2cd4481f410b49c1cab2cf92952eb7af526de7 102368 mediawiki_1.35.13-1+deb11u2.debian.tar.xz 9c74ab6bc8538663cd4cfb1800739ffabd60e989f0de1b5b069c38037a44f6ef 7686 mediawiki_1.35.13-1+deb11u2_amd64.buildinfo Files: d7a57a79388f8f5c5c6d166742a1cdc5 2419 web optional mediawiki_1.35.13-1+deb11u2.dsc 3087569a0e164b165479527564ac314d 102368 web optional mediawiki_1.35.13-1+deb11u2.debian.tar.xz e6f2e409514123bd6dd87ec1edc78579 7686 web optional mediawiki_1.35.13-1+deb11u2_amd64.buildinfo -BEGIN PGP SIGNATURE- iQJHBAEBCAAxFiEE2MtZ8F27ngU4xIGd8QX4EBsFJpsFAmYI2/ETHGxlZ29rdG1A cmlzZXVwLm5ldAAKCRDxBfgQGwUmm7YcD/0RRgywy/twuq5pjEUR+z82rL+5kvH7 mMXiJgtXf00QQAWWGJoLWQyz2KtSTTYTPfqnQqgoAQUdj0AiEGevg1bj3tOLN73C JiCzKD4JLzUUwfTBzsFPcnMs59WoT/I35Gt1Fg76KM4PaCjMD//65xagoZssgjPi dTwrbFrwEi9N7qqzh9JyxjTLgUYCGp91IujPgAHWKJfeF5Z9KNYo7h9woNEw8HOU 5L9Gv2ATXVo9mcaqGj9/JaLmeYrP/apBWtRzgCkrWVR0IqoDASmeIKt76CCHcMmr Bu9BVom4wEpDD+ZulN1DzJjwhTeRBakDbJB9K9lUOSiEY+FDteVD76wsVCuHhKyD 44Q7F7gUxltugLa1TlIS88c5YuLiWhMJW0XHb2H1kU2MSryJuSMyKEOKaT9dMMm8 Ta2GJzNhX2mV/9a4I6OBrTXglShtQDrizRIp7ny4w/UiB5KcabVU7dP6kmgOV8o5 AQ+nI/2k+BTcnKMyOjwCDfgT63iXfjyiJiZGKrEgYKt2R4XKhRMyF8/xRhvsHgP4 TmKJZcFYv3Widh9r7HufbzOzQVyPzvJSmwYXEI5BTAZAOJTVeb8yQLT5f8d0A2v4 c1Aom5uh5uhcPmPciVgQoF0vnMYuRbghMxpUcMEIhSyFJyEXox5YpPkBsYJ0m/X3 8+eTZvDRG6Iwyg== =e5sY -END PGP SIGNATURE- pgpLVsDXZaUWv.pgp Description: PGP signature
Accepted samba 2:4.13.13+dfsg-1~deb11u6 (source) into oldstable-proposed-updates
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Tue, 19 Mar 2024 18:00:18 -0300 Source: samba Architecture: source Version: 2:4.13.13+dfsg-1~deb11u6 Distribution: bullseye-security Urgency: medium Maintainer: Debian Samba Maintainers Changed-By: Santiago Ruano Rincón Changes: samba (2:4.13.13+dfsg-1~deb11u6) bullseye-security; urgency=medium . * CVE-2022-2127: Out-of-bounds read in winbind AUTH_CRAP * CVE-2022-3437: Heimdal des/des3 heap-based buffer overflow * CVE-2023-4091: Client can truncate files even with read-only permissions * CVE-2023-34966: Spotlight mdssvc RPC Request Infinite Loop Denial-of-Service Vulnerability * CVE-2023-34967: Spotlight mdssvc RPC Request Type Confusion Denial-of-Service Vulnerability * CVE-2023-34968: Spotlight server-side Share Path Disclosure Checksums-Sha1: 77a0fbc3f6d111d21269984ddf28331261a835e8 3764 samba_4.13.13+dfsg-1~deb11u6.dsc cc02d6a311e34e6e5f9f0e5e74a1f2871f06b25f 552112 samba_4.13.13+dfsg-1~deb11u6.debian.tar.xz 22c44ccd8e9262dac1198fab394c855f57695d77 22427 samba_4.13.13+dfsg-1~deb11u6_amd64.buildinfo Checksums-Sha256: 72f74fee9adf0b7e552abb5c7b963c47bcb963531428e18e8baa7c3c21b83a66 3764 samba_4.13.13+dfsg-1~deb11u6.dsc 2c8ea1a78096eb431e2f458dd58054a1b428a42003e2088845e40dc2f553018e 552112 samba_4.13.13+dfsg-1~deb11u6.debian.tar.xz b80c608af011d0b72f2482b2fa2bc5e8f2b3872cc764b024aaa7ff7e62c4d8a8 22427 samba_4.13.13+dfsg-1~deb11u6_amd64.buildinfo Files: 51eb53c5c1e1f160e80cf2bb856251af 3764 net optional samba_4.13.13+dfsg-1~deb11u6.dsc bd5c01f0cda8f5f328026c07713f41fa 552112 net optional samba_4.13.13+dfsg-1~deb11u6.debian.tar.xz 3ded4e3bab5c8ba8bf8c9d7b114d0f64 22427 net optional samba_4.13.13+dfsg-1~deb11u6_amd64.buildinfo -BEGIN PGP SIGNATURE- iHUEARYIAB0WIQRZVjztY8b+Ty43oH1itBCJKh26HQUCZf2f2wAKCRBitBCJKh26 Hcn9AQCkEYcTDpmaIbUd7eetfTtLnS2Lxj/TMFWy7Itqci/uwwEAgScTWr/BdJv3 swWBcfJLhh728rku4thflD99fNE8MAs= =5+Ur -END PGP SIGNATURE- pgpn2RFlSufre.pgp Description: PGP signature
Accepted util-linux 2.36.1-8+deb11u2 (source) into oldstable-proposed-updates
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Thu, 28 Mar 2024 11:09:40 +0100 Source: util-linux Architecture: source Version: 2.36.1-8+deb11u2 Distribution: bullseye-security Urgency: high Maintainer: util-linux packagers Changed-By: Chris Hofstaedtler Closes: 1067849 Changes: util-linux (2.36.1-8+deb11u2) bullseye-security; urgency=high . * d/gbp.conf: update for stable release * Add upstream patches to fix CVE-2024-28085 (Closes: #1067849) * No longer install wall, write setgid tty to address CVE-2024-28085 Checksums-Sha1: f810388ed84976999fabbf49173bbec13f151e66 4306 util-linux_2.36.1-8+deb11u2.dsc 472c45dcb65e1ddc4687e808e3ebe5a308f8fbae 106524 util-linux_2.36.1-8+deb11u2.debian.tar.xz 5fe5251010b33fa2b9216461a891ef47f7779e2f 18966 util-linux_2.36.1-8+deb11u2_arm64.buildinfo Checksums-Sha256: 16cfb1bc4d0a52f5edf2c78b5e022bb1fc180f03b93a5094b5c420a0d8d4431a 4306 util-linux_2.36.1-8+deb11u2.dsc 0b07fbb79e1dab3be2568295664af950a7c3e589ce7821febf2ab0a3ccbe4862 106524 util-linux_2.36.1-8+deb11u2.debian.tar.xz 4f03b0edcb15aec39bca17f9fdd9a668af59bbf3b51d0a61d6f8f3b896c0de57 18966 util-linux_2.36.1-8+deb11u2_arm64.buildinfo Files: 1e70bcd412d9ad7ff8bb1f2458782fec 4306 base required util-linux_2.36.1-8+deb11u2.dsc b88fa53fa6422a3a64743166a23384e5 106524 base required util-linux_2.36.1-8+deb11u2.debian.tar.xz 47b9a361c456edbf3d95a6f5e395e5ed 18966 base required util-linux_2.36.1-8+deb11u2_arm64.buildinfo -BEGIN PGP SIGNATURE- iQIzBAEBCAAdFiEEfRrP+tnggGycTNOSXBPW25MFLgMFAmYFQ5YACgkQXBPW25MF LgPaPA//TpX7f7WxWEGgyvWlBDt8KTuBM6uzvkOJ+od+1/tiAMSHM8f9kNmK8uA1 KLkmh1owP9j24wdfu9BMXwMF1jwQkbBh9WPaADRGvG6biIWR0O3VdMTlJZFNgzYI 0RwPvLw9D9L9urbqqoK2/kOarApjKb93+GhQiMfX/ejBcvQV9BObik+OvX2ONFkS STW9bomWRq8UOsK97mdR/sdplgc6lSUzakd7WWhixjlMAG/uuX+5m/JAeDyNt28B F2byGErcP+0BlqO9xD7NyOQmhcx7Alak8wMTsDTw4aBu2PSAdPZ/d4cJpQ7U80RN zrEH1Lm2JDm3relIJxCQutY3cf+o94w73dE1JR9C2y2h9VMLF8v/gSG7hzIlyI46 oqhSrxCcQadn4wk+etYV1ho4fopPKcMZUuf7e5AENpAaCxYiVQvw4UIFrlm6d4WB TvIf+Zwb+P2NumWB4nv+KH/hwZgfyfCw9OhSwleCKZY9X3Khm/Wm5YSV/m3vrHQ/ VItUVIpvhzO0fMmK+X7fu16DX4yJfHXVgoRIGRNf0gwnCa3HwAEZQMelRHwWFnj0 5tPD1R0uAD/WYSehLdOayK5PsT8yClj1Uj5g+cq8d9nopWPQYVCROKnJPGzVGD9N 9I/us6FoxVF8aRrn79gnqaKCk29T9VzUYMXULVkZ+bN6JiFcfJA= =iZeC -END PGP SIGNATURE- pgpWLS8H7VLtD.pgp Description: PGP signature