Bug#963225: ITP: prince-of-persia -- SDL port of the classic Prince of Persia game
Package: wnpp Severity: wishlist Owner: Kees Cook * Package name: prince-of-persia Version : 1.20 Upstream Author : Dávid Nagy * URL : https://github.com/NagyD/SDLPoP * License : GPL-3+ Programming Lang: C Description : SDL port of the classic Prince of Persia game Prince of Persia is a fantasy cinematic platformer designed and implemented by Jordan Mechner for the Apple II in 1989. Taking place in ancient Persia, players control an unnamed protagonist who must venture through a series of dungeons to defeat the Grand Vizier Jaffar and save an imprisoned princess. - why is this package useful/relevant? There is a active community of people dedicated to preserving and improving this classic video game. - is it a dependency for another package? No, it is a game, and only depends on SDL2. - do you use it? Yes. - if there are other packages providing similar functionality, how does it compare? This is one of a kind. :) - how do you plan to maintain it? I intend to be a single maintainer. I am an upstream contributor. - are you looking for co-maintainers? I am not actively looking, but I wouldn't turn down help. :) - do you need a sponsor? Nope.
Accepted scantool 2.0-1 (source amd64) into unstable
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Sun, 10 Mar 2019 15:31:25 -0700 Source: scantool Binary: scantool scantool-dbgsym Architecture: source amd64 Version: 2.0-1 Distribution: unstable Urgency: medium Maintainer: Kees Cook Changed-By: Kees Cook Description: scantool - OBD-II vehicle diagnostic scanner Closes: 919201 920787 Changes: scantool (2.0-1) unstable; urgency=medium . * Update to latest "upstream" release, which incorporates all debian patches. Most notable change is the new serial port code (Closes: #919201), and improved trouble code text. * debian/control: - bump standards version: compat to 12. - update homepage * debian/rules: - clean up redundant comments - remove dzcomm entirely (Closes: 920787) * debian/watch: aim at github Checksums-Sha1: 72b587589e8f869c8e764203fa545bbd00f0978d 1754 scantool_2.0-1.dsc 0b7c4b8c9e0251a83bd0158a89efbde21956a7fe 203767 scantool_2.0.orig.tar.bz2 f0501b280be4a18a6afbb6becc4241c068be9dbf 4200 scantool_2.0-1.debian.tar.xz e18be44a2dc5b65500a7055d864a0d2f57c5f5ce 72624 scantool-dbgsym_2.0-1_amd64.deb 8e7b453145e8320aff7f84ca7b177614ca507ff5 7695 scantool_2.0-1_amd64.buildinfo 800c89ff1f98c500941a1fa59cc78137b31b75ec 157384 scantool_2.0-1_amd64.deb Checksums-Sha256: 1224f29ad806194fb8b3acc4ecfa3e8b35318cbf668db30bd3df93c9d635a3cf 1754 scantool_2.0-1.dsc 824fe321004ecc5568ef7caac1fc01b1a7748fbb900ecf7c6eabd4f49590fe5e 203767 scantool_2.0.orig.tar.bz2 72ad229293539900fc4ba82e9dc2f5f82c243e8bd9167479ab06889d7db390c0 4200 scantool_2.0-1.debian.tar.xz 3d095063c207b06cc1433b9e05057757bfeab0d53cca6a6dc95c0aeaed6fdefd 72624 scantool-dbgsym_2.0-1_amd64.deb 7a9e674ea91b4cb945b69cebaf34f64037ce0c903c9e8efcfdb13e4d918add2c 7695 scantool_2.0-1_amd64.buildinfo 5cd9bacff9e5ee0027286686f2f8b71b0336ddda485092fac80604fede6094b9 157384 scantool_2.0-1_amd64.deb Files: a50c41ade91acaae8b58d1e8d3bb627d 1754 electronics optional scantool_2.0-1.dsc f02885884b50a00057143f7306f395a3 203767 electronics optional scantool_2.0.orig.tar.bz2 c0373b183b27c79c6449557f854e1580 4200 electronics optional scantool_2.0-1.debian.tar.xz 00b7124a7660f6831193bd108ee8da11 72624 debug optional scantool-dbgsym_2.0-1_amd64.deb ae772597df19f655fd8ec2ab1fdd5548 7695 electronics optional scantool_2.0-1_amd64.buildinfo fcbb8672accdfcf1edb14607f8d39af7 157384 electronics optional scantool_2.0-1_amd64.deb -BEGIN PGP SIGNATURE- Comment: Kees Cook iQIzBAEBCgAdFiEEpcP2jyKd1g9yPm4TiXL039xtwCYFAlyIA9wACgkQiXL039xt wCYJJw/+Lo02UENmshHAUDPQlGn85FGjFWJC1UL/U6zVaAPlTVMQJHhm/Lm526Dv XbZdHZ8Fv7XxoCBa/sF0omooN/nXuzE//UWRHNCknSokMenrL7MMcCA1SX8Jwzlz ylPuk67eI6zKfgqrP/YA/b82ok3+HJwujuXNsB/lAd3wmWdj0anESuGUKwNTKQ2v 8TcEf1NDzMPRqGyLR4ZGGaToGTlshs0wU+3IB0S2Am3SrcnCLt6nyo43bACvF2bk mA4E5Kb40QnoiTQ6EASK8aS75y2ynTskIIo9JnCiM/bY3hTNicmlK9CC2UMEyvKT N+0SJQHu2KDvRjEBHj8jm9Tq/sjGL/iRk5uX8Q7GIzDEjl9HSDYG4Shu0cdeDLlj Pgbe7BuWXkmc6g6eDxC/jXO2DPE2RpMYvYne9LuMWM9WHAI5r3T+1WFkGgvh7hyV oG+eeCk6Kv5ztGzpGr3/f2AYZuNohIi8lqHsonBK/3FPqoGYSkFt8vWYFKNt0H8P zBcK6PZORub9V4Hma+7508FvUmilUn7GxKhejMpqaUM4B5TNyN+fadvtDR0v2qAK Jz4CDhPsIaO1W9QZ8JaVo9KFDQEm/ROe/D6DSTmJ1lsLmB0VR7mMnxphjh4lZDvE MgkQf36n/hFAl/1aM8i0MVDLXu94t+85RXDhowjxArhT4fUYetI= =spNK -END PGP SIGNATURE-
Accepted mp3cd 1.27.0-4 (source all) into unstable
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Sun, 10 Mar 2019 13:32:47 -0700 Source: mp3cd Binary: mp3cd Architecture: source all Version: 1.27.0-4 Distribution: unstable Urgency: medium Maintainer: Kees Cook Changed-By: Kees Cook Description: mp3cd - Burns normalized audio CDs from lists of MP3s/WAVs/Oggs/FLACs Changes: mp3cd (1.27.0-4) unstable; urgency=medium . * debian/control: - update standards version: priority to "optional" - update source URL - raise dh compat to 12 Checksums-Sha1: 48223c835012bf333af041c7e8a2f4c1aba6859e 1789 mp3cd_1.27.0-4.dsc c98022bad0fd529faa324e4a2143a5ef3e3b9f16 3988 mp3cd_1.27.0-4.debian.tar.xz e6c9c99af4778ffa59b1996aa7b4c9142e6e796e 20216 mp3cd_1.27.0-4_all.deb f077a098284eabee2e1af39b2d685a5a00770a58 6416 mp3cd_1.27.0-4_amd64.buildinfo Checksums-Sha256: 379844e51dd2076ec2c655166e897ba53f103ce24a5ef90d42dc3aced2aff173 1789 mp3cd_1.27.0-4.dsc 3e20cbecdbd95aea5f438b40e23be39ca9cea4ed69e5c5168038988bf221124c 3988 mp3cd_1.27.0-4.debian.tar.xz 629ccbaaa4644fe826cb63ff2b9215b51042c9cc6bdc1126d3a562b41f28b8c8 20216 mp3cd_1.27.0-4_all.deb d20cded06bbb9af1a4cf16dc94533b95268a32107297f868d5f9911bae8463a8 6416 mp3cd_1.27.0-4_amd64.buildinfo Files: 7fc885bdb5469f90c9589df7a173b9e9 1789 sound optional mp3cd_1.27.0-4.dsc 1d89e333fff04142b32c0ad4439167f4 3988 sound optional mp3cd_1.27.0-4.debian.tar.xz 292e1908bb3f8d05ced626447db4a388 20216 sound optional mp3cd_1.27.0-4_all.deb 42610e58bafc576f58f883d14c71bbf0 6416 sound optional mp3cd_1.27.0-4_amd64.buildinfo -BEGIN PGP SIGNATURE- Comment: Kees Cook iQIzBAEBCgAdFiEEpcP2jyKd1g9yPm4TiXL039xtwCYFAlyFew8ACgkQiXL039xt wCa28w/+L0WoW9p4O3y9tIGQx0g8p0Ii7YEOy8YC5TuEaYaXZDzoovHtYoHbBOcK m7pjdtxn1R5+v+OWhMrVP6hF8B6qBzT/SQ+xSub3bsSn+Wi+COh4W/cZTEspxNSQ pZ9nf3bdqgfCOZBQsxBG2oFg72OUw8GcLGXYyQo35Q95GSlDHtorLb/J+P8RLsAa pfqVxTKQjEL+doCOz+ak7YTF6vsl5XYPFxgTO2uhAQSX27FFVLypD51zaPEd7fjw 6WGenB1FpLwkqqwa7Ye1GrrGszy5A+LxJ+JRlf2nY7fDwPTGjbei+6VlXpCLPi/G eh2b8tVFWQTXUu9yw1yadO6YjhVi+vnMSuV0kjbYG6en+v7i5qHP+gOhAxf3EHh7 gg27D7oB21t99fF2Lmw9YMo9G/BWBUyxGGuwzszknMfIzg50PvlfDUoe9lkyKudF uMTcIizM/bnGxO4GHaYtQTi5VdjG9dPKPe4qbLnoAzxC68WgHmmlD5Qjw/qyMC0/ krClYEUWv1o66DMmU5kf1kc+4t+zff6yXh7LBg9r+mD5mkING1wWBt7OQnsNIeAe 4/T/rpENUEL1Mkj7kM9XjgeEUbTNXieRnHgwhZPak3UTS9v/k9HK2ddW2oJ9DW0r AbqNdQBDle2LZBFWRnHcjY6xnEpfbBt62PSSKP6uitocEo5+2ak= =HSiJ -END PGP SIGNATURE-
Accepted scantool 1.21+dfsg-7 (source amd64) into unstable
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Sun, 13 Jan 2019 09:30:59 -0800 Source: scantool Binary: scantool Architecture: source amd64 Version: 1.21+dfsg-7 Distribution: unstable Urgency: low Maintainer: Kees Cook Changed-By: Kees Cook Description: scantool - OBD-II vehicle diagnostic scanner Closes: 915275 Changes: scantool (1.21+dfsg-7) unstable; urgency=low . * Fix FTCBFS: Let dh_auto_configure pass --host to ./configure, thanks to Helmut Grohne. (Closes: #915275) Checksums-Sha1: 709a21bd42247774c437d04dea81103adeb72490 2116 scantool_1.21+dfsg-7.dsc 18369f7c5fd0619fc31a5920a47a5e1ee840c767 43608 scantool_1.21+dfsg-7.debian.tar.xz b4b630e173b564d218a51ccab9d84c511a87cb00 169644 scantool-dbgsym_1.21+dfsg-7_amd64.deb 3cb51f371f94415f4cc932b5273f40bad42a04da 7804 scantool_1.21+dfsg-7_amd64.buildinfo 45a71d0b275c936a1c5f4f8b51398677d866fde6 166596 scantool_1.21+dfsg-7_amd64.deb Checksums-Sha256: 04aa7e9ca792e7bcfd6943dc8e9ec11329f4d1b719215b94cdaa11a9fbb9f07a 2116 scantool_1.21+dfsg-7.dsc edb333c49b3c1a6066c1af859e30ae82ec4091db7aea54d39a21bba839464db0 43608 scantool_1.21+dfsg-7.debian.tar.xz 93a25cce7e9a6f26ec0918b6b3aeb5e768b95d0c0be16244c39be3c980e08227 169644 scantool-dbgsym_1.21+dfsg-7_amd64.deb 1cc2ff732674c29552e95509764199a821ff807032dd6589c42f6196d490bfbb 7804 scantool_1.21+dfsg-7_amd64.buildinfo 460e2bc7bef9c0d0c862d851446a54c9af1cded9b0d9a01efdf87644fc294090 166596 scantool_1.21+dfsg-7_amd64.deb Files: 032ef46f5ab598fa2b4e70bfd66239ef 2116 electronics extra scantool_1.21+dfsg-7.dsc 603a670dd2c3e57b5107a8fcf5e0f563 43608 electronics extra scantool_1.21+dfsg-7.debian.tar.xz 69c8c3b012dca5f39386962470eb2225 169644 debug optional scantool-dbgsym_1.21+dfsg-7_amd64.deb 16d9d756e80cbc39754595d8c67d43b2 7804 electronics extra scantool_1.21+dfsg-7_amd64.buildinfo 974ebe519ad60ae1db714b97b20db42d 166596 electronics extra scantool_1.21+dfsg-7_amd64.deb -BEGIN PGP SIGNATURE- Comment: Kees Cook iQIzBAEBCgAdFiEEpcP2jyKd1g9yPm4TiXL039xtwCYFAlw7f/4ACgkQiXL039xt wCbAsw/+L+VbSKsLm75OunLWmJ3em0ZReuETgGbDsqaWr71ASHKOyV+nfd9thCnp HLyUAOorwl2ydX4qFyfuyDbv4gQiTyL7/dEGsSLSaeBSlaQ7Nf7Tgh5w0Ox+Vk00 IEh0WvZNyJ0UGg/T/Ldm3SGySRZu09ssfMqo82bcutbhtI2wBzx7Kb4RaxX5IcsB Tl8I/jqViaX1d9joiEsTvkd/rbyJhS/uKyc16mPyCbzRw5rjYZssHrpFuT38j7HE S/bayPycMvAUcQ6IO3L7MCFiVKYYdW/HqoI4tD2ZAwhQBlosFJABN/VteG6DRDA2 UJQ7AfcVVNltmk7ubTBbDGlpS5yXp1cAUJq7N/kMBL272e1TCor1S00Zbhhtjmav YoVSjBJgDu47OSUOsJfHZS0dZ6sCrDpFj2Fbj2eF7DUmEEvs32wuSs1Xd5RTEbWF ap1cBuPXhs6LNAnHTT6pixxavzgqPws95KjLZyDM9hIr6H6MdfbKDrwpYMBZnwNa 2Z8EwQgKYZgvHI2czmLRQpWsEZ4oYEcanJ+9McPoPeWXafjOrDHUfhyM7401n7Dx LYobb577BY/Kwi1IwaV2C/gbwNuD4kOqogZwxMaT/CtwzlwrcVDDwnLrMrepI3zr c7Lg2defHl8XmAAGUYxucFkvoYQE2/DHooeIE1xXM5dbiLJ5LSI= =1Gnu -END PGP SIGNATURE-
Accepted cpu-checker 0.7-1 (source amd64) into unstable, unstable
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Thu, 10 Jan 2019 23:13:19 +0100 Source: cpu-checker Binary: cpu-checker Architecture: source amd64 Version: 0.7-1 Distribution: unstable Urgency: medium Maintainer: Kees Cook Changed-By: Kees Cook Description: cpu-checker - tools to help evaluate certain CPU (or BIOS) features Changes: cpu-checker (0.7-1) unstable; urgency=medium . [ Hans-Christoph Steiner ] * Upload to Debian, after approval from Kees Cook Checksums-Sha1: cbb339d85ab23b49f1f6b90cf613ec2847980bba 1625 cpu-checker_0.7-1.dsc 72614965511a01524fb02ff01aa9a139bfad3901 652528 cpu-checker_0.7.orig.tar.gz 9f18e652599500fb6cc911b92d2a6376bfa1ac97 4332 cpu-checker_0.7-1.debian.tar.xz b8c2ea52e9d36aa132c44c0850edbe4851459708 5488 cpu-checker_0.7-1_amd64.buildinfo 2ce32205ed64b2890c1a9403498d841e11e7fba6 8216 cpu-checker_0.7-1_amd64.deb Checksums-Sha256: 45016a0d0875f7e6d080ba659c234a31549ba487c58b88c8dcb42cc7f6a79017 1625 cpu-checker_0.7-1.dsc 7e8cafe3c1a87650d128b41916a969885e2354be1daf5d041b4f185ba7b8bf7d 652528 cpu-checker_0.7.orig.tar.gz a695526aa7258499e311f4c335485b2bab1a341d14386425cdb1333601f5ebb0 4332 cpu-checker_0.7-1.debian.tar.xz d762287d24a6ec7882500d7b9a448edd97a960b8d80aba3f08b351756fa79ffa 5488 cpu-checker_0.7-1_amd64.buildinfo 96cf97983cb6c955b56e451afd18e99d341afeeea5a7a473839248d2ac3dc640 8216 cpu-checker_0.7-1_amd64.deb Files: 9279290c90ba8ecc25871fb3ff426cf8 1625 utils optional cpu-checker_0.7-1.dsc 8ed6057b4ad6219d59e3495393f50b2c 652528 utils optional cpu-checker_0.7.orig.tar.gz 6ca9effed7a8ff67a885aff98516343a 4332 utils optional cpu-checker_0.7-1.debian.tar.xz 68ed17e6801fcdda47407da75c4e25c8 5488 utils optional cpu-checker_0.7-1_amd64.buildinfo 6cd811cc9f5d29534ae0ca224c840d07 8216 utils optional cpu-checker_0.7-1_amd64.deb -BEGIN PGP SIGNATURE- Version: GnuPG v1 Comment: GPG for Android - https://guardianproject.info/code/gnupg/ iQEcBAEBCAAGBQJcOGrIAAoJED4XeBe6G5v6E5wIAJlRzhZcL814EHBiHI4wjxS3 DJF2sGzIW16BLXybd+rCwCwR8yktUJ41110wEgJyrXPbekeGQ38Fam/+FJ7kCKxI P0ESTuQX5utVp8gKyL0/numHuIvONwyb14F+A278/rZV/E57zFm6KgAMugxazEwb CRCL2r86tE4PpOXsree8vV0gkeSn1inBJXA8C6FvfHoBxyvUV2QEImqtFOHRnvhl hce1XvotGpg4DdpIYk6gCY52olBWFC9tI7bmAzRp0MUB5u7xSHtWaGwcDyaZeNS/ tzLCnOPOTqSVSv6FL7o0HV9Lzk0JUxOH1J2RcX+CA9FRtNdZoFZKZNet0ueFUoI= =MgZy -END PGP SIGNATURE-
Accepted duo-unix 1.9.21-1 (source amd64) into unstable
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Wed, 31 May 2017 11:16:05 -0700 Source: duo-unix Binary: libpam-duo login-duo libduo3 libduo-dev Architecture: source amd64 Version: 1.9.21-1 Distribution: unstable Urgency: medium Maintainer: Kees Cook <k...@debian.org> Changed-By: Kees Cook <k...@debian.org> Description: libduo-dev - Duo Security development libraries and header files libduo3- Duo Security library libpam-duo - PAM module for Duo Security two-factor authentication login-duo - login wrapper for Duo Security two-factor authentication Closes: 863831 Changes: duo-unix (1.9.21-1) unstable; urgency=medium . * New upstream release (Closes: 863831). * patches: - drop openssl.patch (taken upstream). - add libduo-install.patch (revert upstream removal). Checksums-Sha1: 6a3112493697327c0af54a6876a19ec33795159b 1956 duo-unix_1.9.21-1.dsc d4833325edf8f40c4387c2350f6337d9a9c27e4d 470168 duo-unix_1.9.21.orig.tar.gz d892774085815cb8404f57b1834172f37decb074 8112 duo-unix_1.9.21-1.debian.tar.xz b42830ae93e3d73a0e1c654db080c6ba33d5c2ba 8008 duo-unix_1.9.21-1_amd64.buildinfo 96937bdd6cd3b780fc7655e9ead8a4c850bb0556 8724 libduo-dev_1.9.21-1_amd64.deb 5931fa5e19cbf4eb3ef13b08147aebc6b29bde2b 64966 libduo3-dbgsym_1.9.21-1_amd64.deb 5461a3eb0c95feac86e3f1c78d9f7175d3083805 35578 libduo3_1.9.21-1_amd64.deb 38c8282bd71a1e1e5145a6e6280ef312479c9b21 13564 libpam-duo-dbgsym_1.9.21-1_amd64.deb a93b40f5b8ec853cf0776ee10f4e79bc660d1c44 14910 libpam-duo_1.9.21-1_amd64.deb 06c31729509d9356115f26060ae35269ddf5174a 11918 login-duo-dbgsym_1.9.21-1_amd64.deb 04034093654066884f4a48a5166cf8a62cc6e458 15870 login-duo_1.9.21-1_amd64.deb Checksums-Sha256: 4d6c70555b88209a09977d577caf9b783ddf47e9ace029d728a6b595f630030e 1956 duo-unix_1.9.21-1.dsc 582ea3b533dea7b95c9be24c2be2e879288e2f315f956228d504b9a9315c8b50 470168 duo-unix_1.9.21.orig.tar.gz 309476c7fc813f165072d5e9abeb30d38c287985cafcedd8a3fdb7fc959be96a 8112 duo-unix_1.9.21-1.debian.tar.xz 9341d1ba8f981278200afe0cf0fc0ddafa28cba36386aa0e32db0eb346946cce 8008 duo-unix_1.9.21-1_amd64.buildinfo f4abdbbe67b27255cac57d2fd389b4fe788af5da5d1cced8cb15c4cc0d597f85 8724 libduo-dev_1.9.21-1_amd64.deb 54936a82ac4bda57a20bca238e3f8738f4da138f0e0e43cc0cfe5ce70e6a6826 64966 libduo3-dbgsym_1.9.21-1_amd64.deb 96cc7dd9181410a2466ac324d3b1cf499b32d8df73348067edde59a156ba9258 35578 libduo3_1.9.21-1_amd64.deb 45e82385cc0876f568de9ea05abd3df62c8b01f4c0f7ce0ae6fa4cad5e515676 13564 libpam-duo-dbgsym_1.9.21-1_amd64.deb 971a51d08770f03a56f98f9a8db3b16af41378d64c561d7feb11ae4469fb591a 14910 libpam-duo_1.9.21-1_amd64.deb 6a300b9afa000bc52d3471396965516d35a5b28d47f19a7bfbac10f5a670ffcc 11918 login-duo-dbgsym_1.9.21-1_amd64.deb 69f6a9e453300d039784f27d16b906d4cf1141f23a47b6053896dc2c92475f0a 15870 login-duo_1.9.21-1_amd64.deb Files: 1e43be21a0c41aec5f4659635d16f14f 1956 libs extra duo-unix_1.9.21-1.dsc 148e0d9c6beb8bbfe099ba85e0a0c3ce 470168 libs extra duo-unix_1.9.21.orig.tar.gz 22e1c4ffed77c114dd00d4377a37f070 8112 libs extra duo-unix_1.9.21-1.debian.tar.xz a363c8dbd043f9fb4efa416f36971cbb 8008 libs extra duo-unix_1.9.21-1_amd64.buildinfo e9eb77b77764b696689bcfe49300fc42 8724 libdevel extra libduo-dev_1.9.21-1_amd64.deb 89894e76db8a5fba2d53a12d51de6007 64966 debug extra libduo3-dbgsym_1.9.21-1_amd64.deb 3184cdc387f71d74e2cb2e900c61a715 35578 libs extra libduo3_1.9.21-1_amd64.deb c2ccddd71bf60f4cfe801d644c4a3f6a 13564 debug extra libpam-duo-dbgsym_1.9.21-1_amd64.deb 3a945088426106790680d8b2436f6e86 14910 libs extra libpam-duo_1.9.21-1_amd64.deb 70cbdf7df3eab961b011e716578495d5 11918 debug extra login-duo-dbgsym_1.9.21-1_amd64.deb 4b67a4e70a290a7b420b6104b107eaed 15870 admin extra login-duo_1.9.21-1_amd64.deb -BEGIN PGP SIGNATURE- Version: GnuPG v1 Comment: Kees Cook <k...@outflux.net> iQIcBAEBCgAGBQJZLxPtAAoJEIly9N/cbcAmnQgP/ihxKP00nxNBBnqqvgBzGvUV TntTmoRzMgMIS4FNWecFF5kkPDG7WDScwdlHMoE1S7ScjGLupAY6WdrJ+oHuXsxm aL8Ytn63xcV/k5X4K1pXPyRNiY15g7JXiGwy9yAJy2gOnG/6Z7IYmNsDoU0aMFb+ mbzj/ZD0rp5cIE7S5IehRaU89y+MfC8xcqxM1gdQMdAG66s9LTisETMJO/Pk2R97 P5I1IgmBJOTw/VkIDNIEtuj8I6zR4aoxef82zSDPknBS8cwhWJ0GAlGXLWD0USa8 Li15ixGEzpKwQKol1/GwyeOpeqiXFfaue5ruLfMHAyu5vKotnGdeUS0XQ4UsoLzj fqt4V8W/A+YbIGroIcly2lBil4syv2hz4S91LTx7OcZguzhBEVdLnZBN0D4Y/XTl 5bqod2BbER9DXTCJ+FGnY/AplI53ZvN96dy6nkOd2w5VrG90hka1fqemakpS1c3F VqbVhhh/ODf9g3YK0XY55Wcl3yImctdJQAtM41uBjHw3dEFn+uUk2Uq7W4VkzFWU s3kZzgcVkkCIhI5LnVvKAP+NH+lCiwDWYoYZkrm+vWW3ne0T0hcUYAtyNpBSBTBQ oZPFBG3/HEohisvcOkHi0m26aSxYF+tBbluQySMg9juXBKzuxMZQ8Bzf9I4vbWJY di71Eh6rn6Zqszq3sYhv =Y6pd -END PGP SIGNATURE-
Accepted duo-unix 1.9.19-1 (source amd64) into unstable
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Wed, 16 Nov 2016 21:25:57 -0800 Source: duo-unix Binary: libpam-duo login-duo libduo3 libduo-dev Architecture: source amd64 Version: 1.9.19-1 Distribution: unstable Urgency: medium Maintainer: Kees Cook <k...@debian.org> Changed-By: Kees Cook <k...@debian.org> Description: libduo-dev - Duo Security development libraries and header files libduo3- Duo Security library libpam-duo - PAM module for Duo Security two-factor authentication login-duo - login wrapper for Duo Security two-factor authentication Closes: 748895 826553 828288 Changes: duo-unix (1.9.19-1) unstable; urgency=medium . * New upstream release (Closes: 826553). * control: fixed typos (Closes: 748895). * patches/openssl.patch: add openssl 1.1.0 support (Closes: 828288). * copyright: fix filename globs to use .? since .[ch] isn't supported. * control: bump standards version; no changes needed. * rules: - enable full hardening - strip rpath Checksums-Sha1: 3992b4cfbd5ae75df4c398e5deabb3d00fe34ad3 1956 duo-unix_1.9.19-1.dsc d095f005ae42703d338f9002b13f12d5a2160fcb 470432 duo-unix_1.9.19.orig.tar.gz 157bb7d648aa4e311bebe9c736d65ca2830e2abc 8436 duo-unix_1.9.19-1.debian.tar.xz 4246c9df64e87efd03ab2787057d13f122241d17 7772 duo-unix_1.9.19-1_amd64.buildinfo 4cb6fc5e960272f46b87dfef01e29a1f40a702d8 8554 libduo-dev_1.9.19-1_amd64.deb c15b58fd20ea98e142bfffb68cc0d93c12d622b3 65030 libduo3-dbgsym_1.9.19-1_amd64.deb c189078e1c2bf217b7a05ed5bbba39e00520939f 35398 libduo3_1.9.19-1_amd64.deb 0ea95d7803d89c641045aa0b59b7ebe133214f40 13844 libpam-duo-dbgsym_1.9.19-1_amd64.deb f321b624497a561e583cdeedbf2dd926df10011a 14814 libpam-duo_1.9.19-1_amd64.deb 41690436797a0e4778fa31822425b07034f96465 12090 login-duo-dbgsym_1.9.19-1_amd64.deb 07f50402477747ba8b20d58f314f9f1228f597f6 15704 login-duo_1.9.19-1_amd64.deb Checksums-Sha256: c8b99832a29a6a574c6212c42391ed1ff7b49fec6cf12ab34f8eceeedefb6b33 1956 duo-unix_1.9.19-1.dsc 2d23f9700f091da1c9113b45919203b37fac6392a9e24a666c7b0269a7571b0a 470432 duo-unix_1.9.19.orig.tar.gz e12a76716d26fa7b8b882b9573058f166561da5947a31479d7f80efe403121f9 8436 duo-unix_1.9.19-1.debian.tar.xz 59e036ce17258b573d01ca2d020a262c68eb6eb433f652726528e367b88a0af3 7772 duo-unix_1.9.19-1_amd64.buildinfo e8872e3bb7c019ce96af12d778e2cc15f0569e9a60f000a7ed9b8e487c04240b 8554 libduo-dev_1.9.19-1_amd64.deb 60dd4209a334ab0bcadeb3e0acedf4b0c4f2742bf8a07fdb5d7355f686a4 65030 libduo3-dbgsym_1.9.19-1_amd64.deb 9cecb44181b9ac1845f85389d25b23abba1b508ce3cb235eedf11c412847f031 35398 libduo3_1.9.19-1_amd64.deb 5fcd109f05e803239cf43766e9d7ea8eb0a320fad08e361293855229f689616a 13844 libpam-duo-dbgsym_1.9.19-1_amd64.deb 6b899a57dc4819ab6e7b10be675e478831152f538df3d781234733b6d582558a 14814 libpam-duo_1.9.19-1_amd64.deb b6440344b7a45a923018cdad5b7359aacdd55b6cc37099348cfd8c66369c7a79 12090 login-duo-dbgsym_1.9.19-1_amd64.deb a5ac099c7c2dd57dc14dfb33d790854ebeb9e888f6bb10a44edb6fea0bbc802b 15704 login-duo_1.9.19-1_amd64.deb Files: 240cae3b76fb85648935bb68d66b1019 1956 libs extra duo-unix_1.9.19-1.dsc 2df21908cb1f8b58823291b4673289cd 470432 libs extra duo-unix_1.9.19.orig.tar.gz 5c76b6badf2097f84b82813ba243b5de 8436 libs extra duo-unix_1.9.19-1.debian.tar.xz 0dd2c3313b8cfb883633b2f25f0211a0 7772 libs extra duo-unix_1.9.19-1_amd64.buildinfo 0ac06ad3d81494b662fb8dbf22b74522 8554 libdevel extra libduo-dev_1.9.19-1_amd64.deb 0df3869cfad2a3d7a960e9c1f8828991 65030 debug extra libduo3-dbgsym_1.9.19-1_amd64.deb 462350850c7f3c298df37ceb1a63a328 35398 libs extra libduo3_1.9.19-1_amd64.deb 240cf97c25408abe39225323730307db 13844 debug extra libpam-duo-dbgsym_1.9.19-1_amd64.deb 8680f7a021887381cd2d62f4a7311c86 14814 libs extra libpam-duo_1.9.19-1_amd64.deb e7926059988451a80a41774e36217472 12090 debug extra login-duo-dbgsym_1.9.19-1_amd64.deb de726f4150e59f30dbfc96deb538641b 15704 admin extra login-duo_1.9.19-1_amd64.deb -BEGIN PGP SIGNATURE- Version: GnuPG v1 Comment: Kees Cook <k...@outflux.net> iQIbBAEBCgAGBQJYLVqbAAoJEIly9N/cbcAmnLwP+Ky6z+JAYxySz5yvUh221qBd pmtS6O75BybN0P/nUYSBIuXWDbvBQSnsd9LWGjNMqQrBBv7zuXPqUZWnNwfRYQcb hsaZafWfvprLBoZInMJbe2nvzEWDnCZU6joiqpYHDEDssj3c9YYPWkbfPi0CLDTo Yc3d461F9yqVm9NFLEsp+NXgoxdWgf9DYfiI4xgLigZjonOZ9Fb4Gd6So7gnFbPW M9HAbfkNhevtXT4O2jnATiKeGWtM5NfjzbEcSG0weF1OxRa7iRVHAAvwkndo5KRu bjsnpBp1Y27CSPsixdK+vk/e54mPliM8GWqGxzwMgWwWtrLuypjnTX3HwHOVzxLj V0llQf8w/MdJO7QLv8KWQGzF9cUWdg/Yvmab7uvdGzfk+JMcRY6lk3kWf4tkU5n1 jrpjaMdv5xyHYGXJpAdCnkOL+F7Cq2zSfvvJgwvLxJ+Vx6evgIf+NbY0rKWmDsT1 9BdfCuqeFBJ7uJT4q1jl9zwl7V7Lon8OiZ5MauTqmyLe3T1ak2ihPyrK4xQGAybY VeQE7ThJdvlQWsY/bd4VfY1qq7mmiCiovxfB+CEDGe2fEWVLJvs3ZQdKuUDiyHl7 r4hREQ5mnowl1U21gUeb/T9UQL/2g16a20DMUFSqw38FxryNaAWQhlPZ55n5Ld4m A7J1VtFCcvfKBkfydBc= =B2pX -END PGP SIGNATURE-
Accepted mp3cd 1.27.0-3 (source all) into unstable
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Fri, 15 Apr 2016 21:51:09 -0700 Source: mp3cd Binary: mp3cd Architecture: source all Version: 1.27.0-3 Distribution: unstable Urgency: medium Maintainer: Kees Cook <k...@debian.org> Changed-By: Kees Cook <k...@debian.org> Description: mp3cd - Burns normalized audio CDs from lists of MP3s/WAVs/Oggs/FLACs Closes: 816013 Changes: mp3cd (1.27.0-3) unstable; urgency=medium . * Switch to gstreamer 1.0 tools (Closes: 816013). - debian/control: Depends on gstreamer1.0-tools - debian/patches/gstreamer.patch: check/use available gstreamer. * debian/control: update standards version, no changes needed. Checksums-Sha1: 11a5caf6624ff23c734a81835fc6f98bc0b37ec5 1768 mp3cd_1.27.0-3.dsc 5da482693ac942b74f86a1afc971b5452364589c 4016 mp3cd_1.27.0-3.debian.tar.xz 867dfe53cb5340a36b7220d806c3a855d0e76f20 20060 mp3cd_1.27.0-3_all.deb Checksums-Sha256: c4189937fd0bb1f7a1eea19e22abf89d1f7aea6f1330fb5ec039cafe9776707f 1768 mp3cd_1.27.0-3.dsc 5000d4373f42004c02d54b4966c9d5493179dc0ccf710da8067aff2f1cecdd9b 4016 mp3cd_1.27.0-3.debian.tar.xz d8d0501235be8c4e37250507ff1486d741d1845f652927e87e25efc25fa12d2a 20060 mp3cd_1.27.0-3_all.deb Files: 7b959f6b16852275fe49d9e1cb45b0c3 1768 sound extra mp3cd_1.27.0-3.dsc 6e1af5a10d60b8d6b27fb704209faa97 4016 sound extra mp3cd_1.27.0-3.debian.tar.xz b9a6190669f6c1473351d65e0a3b84bc 20060 sound extra mp3cd_1.27.0-3_all.deb -BEGIN PGP SIGNATURE- Version: GnuPG v1 Comment: Kees Cook <k...@outflux.net> iQIcBAEBCgAGBQJXEcifAAoJEIly9N/cbcAm2dUP/24QCLOrRijvGfgZ9LZ3e0im hn/0pDhuKIlgNu1YM4HooL2Oa8CmDRr7JCd5O/QKAwoDrKlGdQrf0vvkP66g0A7d b/LO/VF8qH+X77BSYYnh2Hbev3ajHLpC5mPYQQOlPk948ANgoPLVT+BEkUieLERZ 7MuORkX+tWYJbRxfBOxQ3oBvEYsMDdsuhw+XC0pUqKbh09ADKdo+YL5bMI6gbQXe COts0W7HUCel61rKT6aslP+xmdq9tlz4w6WFhrY+EKj4XIFzTgNHDtCPK2PjG0+/ YwKXyoklNkQJIsCRO456BTWJem3Ex3XFQw6v3zFmfuyL2WC0TSMrkAhXG7SccM94 XFb+bqRGeVQKESTwR6HCf7M6x+uUada3HhierUfOF6VVTzDA9UD7lk+z2tNhCGOe f9alXt2yw+8aK/Hpzyf1geGfHtGWMdZE9quPMg8tJynkVignoQbrXVVW2AfobfwV Fu/KAl/CfHzwOKBK2bCo9bd4+L/NInbSjUaP5PnO8NMBu/2GGPzb8wnTx1YOBmtb ZwvhsLhwUxYfKqYYsD4wEEvwKGD1CdLqhz2qn8vZ0JJjU1/bFCZ4syKrso3HSAm8 hFFqqaO3OhAz/bIscTBoy1uQAttwJ2rJpKLevJezjBY34YBh8rSDCZcja8of7p0K tpXiwlLvd/5dYJPFM/q6 =Cl0g -END PGP SIGNATURE-
Accepted libseccomp 2.2.3-3 (source amd64) into unstable
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Tue, 01 Sep 2015 15:37:31 -0700 Source: libseccomp Binary: libseccomp-dev libseccomp2 seccomp Architecture: source amd64 Version: 2.2.3-3 Distribution: unstable Urgency: medium Maintainer: Kees Cook <k...@debian.org> Changed-By: Kees Cook <k...@debian.org> Description: libseccomp-dev - high level interface to Linux seccomp filter (development files) libseccomp2 - high level interface to Linux seccomp filter seccomp- helper tools for high level interface to Linux seccomp filter Closes: 800818 809556 Changes: libseccomp (2.2.3-3) unstable; urgency=medium . [ Martin Pitt ] * debian/patches/add-x86-32bit-socket-calls.patch: add the newly connected direct socket calls. (Closes: #809556) * debian/add-membarrier.patch: add membarrier syscall. * Backport patches for ppc/ppc64 and s390x. (Closes: #800818) Checksums-Sha1: 07b426b782c461fbfb9d11e19412be12bb4b7863 1914 libseccomp_2.2.3-3.dsc 1fe41aaca51a191c41d2adf6ff70f0c25c9f035c 19208 libseccomp_2.2.3-3.debian.tar.xz 7ea546fa1bc0898bd1d32a353abc80802266ca27 55040 libseccomp-dev_2.2.3-3_amd64.deb 7763c5b658b0c473fdb6464aa72770d45eff7b04 50562 libseccomp2-dbgsym_2.2.3-3_amd64.deb 9947d8bed08c814b2bc009bd2b5ce5f23db5df3c 36150 libseccomp2_2.2.3-3_amd64.deb 52db1bd5d860bbd938de2ca03117f1cc35586ddf 52304 seccomp-dbgsym_2.2.3-3_amd64.deb 6c6429edf379478de52d946e4b4478cedf3f89fa 31578 seccomp_2.2.3-3_amd64.deb Checksums-Sha256: a0badc7011cc6c2a549b3eda4299682645d83dec182f5346cbedaaff800ed0a8 1914 libseccomp_2.2.3-3.dsc 2a2a2d1ec04875b45c65a67e34b45c3e0391e4e2a1e34396c583e25a1793978a 19208 libseccomp_2.2.3-3.debian.tar.xz 869fd12f467e08cb90184f93dec2927ff49e801fd1e8553506d19a613a1e2f42 55040 libseccomp-dev_2.2.3-3_amd64.deb 4c2624b37e4f9895d00e945adedd1acc14171eed5d08cafa8f1b74ba7683 50562 libseccomp2-dbgsym_2.2.3-3_amd64.deb 1f155248856fe14aeee4c4625d5d6dffcd42ddf1161e65c31f87b8a2217f72a8 36150 libseccomp2_2.2.3-3_amd64.deb 04e88cf52015482339d833fca8c88d281bd57770839c89b0d0bf2cffd1dffa7a 52304 seccomp-dbgsym_2.2.3-3_amd64.deb 9531c76e05e5b6dfc465aa2542e9bf685da3270feffed53c97c93890fac08cab 31578 seccomp_2.2.3-3_amd64.deb Files: 5aace227460b3a7aed91c9c405e9d578 1914 libs optional libseccomp_2.2.3-3.dsc 9b2c4bf0c8d60e0badfcb1eb49a02606 19208 libs optional libseccomp_2.2.3-3.debian.tar.xz eb022a44f6e80a0eda844c14211619c1 55040 libdevel optional libseccomp-dev_2.2.3-3_amd64.deb 564e071003a338fb86c7327d162e9ab0 50562 debug extra libseccomp2-dbgsym_2.2.3-3_amd64.deb 6408518f1742c270b9346e4e666f1c71 36150 libs optional libseccomp2_2.2.3-3_amd64.deb 122b98c583a0e11ee9eb021bce9e150e 52304 debug extra seccomp-dbgsym_2.2.3-3_amd64.deb 99f69c726e8fafd08960f0937398c066 31578 utils optional seccomp_2.2.3-3_amd64.deb -BEGIN PGP SIGNATURE- Version: GnuPG v1 Comment: Kees Cook <k...@outflux.net> iQIcBAEBCgAGBQJWu8gEAAoJEIly9N/cbcAmIK0P/02EtZJi2m782pEU0lZ18UPs N6yF4Z7VAVQn3r3ESLwkKGsEAYAcy1c5S1ka5vGbUMpFFs3GI4Hiw0AWq1KMRbc7 vOfVG3oxprQOM3fiCGW/T9VCsIe3vARuvCiWgWDwKUSRFFH9Z4CbYq4pdH/5jWau 8juSnCYwl1DqyGsF7GSpmSS0YMlMhjMQq6YlKSTe1KuM67PP3jcG0pvUDaFFZZH2 xc4Q6JRZiAahUMZxaE5BX54diZuEvi+5wbFcekTgphErHqCa++7MUw+OTpt3aOhy JuxwOpmW5yIpS/dawd4umxj2RmJ5u2A2iL646zpOSb+MpZdQOzTLptlANcdja6/v 13vUnGKh/ybCTei0YgtMin5FcdMTQKjRusEI0ltfQuNZSecd0JdB3hRRqE/Ed0Kp sj3h89Xfupo5Rz18mg/JoUuYJqanSrnKEZMhzfCQoE1vbYotLNUuFXm3VbEnUfAk t1c/KMqF5ZUx3OVReR6bkgpwkFBubCqSPu2rEzurZV5QZ64veJ4zLIgNMSXMV8tO 5369PrrRrltTcL1dg5Fa+mOGsqJwln02q5r1xkRHfa1ckYgw/3YMhknKO3r91JLo NLtCIdPC2guRjHQLTUjTsldin0CZAVRi65gTfJqCrM23fcs1Aw8Jr9MVQjzjTTQD CRwtDyRZrHZC22zyunLJ =I5VR -END PGP SIGNATURE-
Accepted libseccomp 2.2.3-2 (source amd64) into unstable
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Tue, 01 Sep 2015 15:37:31 -0700 Source: libseccomp Binary: libseccomp-dev libseccomp2 seccomp Architecture: source amd64 Version: 2.2.3-2 Distribution: unstable Urgency: medium Maintainer: Kees Cook <k...@debian.org> Changed-By: Kees Cook <k...@debian.org> Description: libseccomp-dev - high level interface to Linux seccomp filter (development files) libseccomp2 - high level interface to Linux seccomp filter seccomp- helper tools for high level interface to Linux seccomp filter Closes: 797383 Changes: libseccomp (2.2.3-2) unstable; urgency=medium . * debian/control: enable mips64, mips64el, and x32 architectures, thanks to Helmut Grohne (Closes: 797383). Checksums-Sha1: a06f28e3b468c491dab8d15c1535fe08dae2fb10 2111 libseccomp_2.2.3-2.dsc e2ef4957f7669cd5b75def2a4b40020edd8c37ab 3652 libseccomp_2.2.3-2.debian.tar.xz b3bf59822ff943b730c94dacef7831de7fac8e49 52980 libseccomp-dev_2.2.3-2_amd64.deb ed3e7d3e2bfc45a9e6d8427e33c716f06a0d5ebb 33706 libseccomp2_2.2.3-2_amd64.deb 1722788d73de75032e09cc750f0e86b02cf3c792 30018 seccomp_2.2.3-2_amd64.deb Checksums-Sha256: d2d48eca9f25c18d50199f9e816e50dcda03a98bf4103359e0df4501f39a33c3 2111 libseccomp_2.2.3-2.dsc 30b1d735499f29c7bcdf662e3bbb2e8c3615af1b17951d6e8f235933c0cb9d83 3652 libseccomp_2.2.3-2.debian.tar.xz 8adcf5c897ad8d4a31edbedf7c314c10bff85ff703abc938d23fd12493e5e2e8 52980 libseccomp-dev_2.2.3-2_amd64.deb 13c84099a766e1b8f2f7286d7a10f37b433a199bf7a316c2118ba3db9ee7dd0d 33706 libseccomp2_2.2.3-2_amd64.deb 90061722a353f5c16ebcf2b186665b4048c3fea4ec0443c655a1969ac0b7e835 30018 seccomp_2.2.3-2_amd64.deb Files: acbcac4dd3eac271aef4328964af58f9 2111 libs optional libseccomp_2.2.3-2.dsc 72e73bc15747828e02f83d3c2a4f2084 3652 libs optional libseccomp_2.2.3-2.debian.tar.xz 33579fcb630c2d0b0d3681447317fb07 52980 libdevel optional libseccomp-dev_2.2.3-2_amd64.deb f10f5ef46eb41323ae9bc3228c76d2b5 33706 libs optional libseccomp2_2.2.3-2_amd64.deb cdbdb6e1f7616274256bb47ca1ef7339 30018 utils optional seccomp_2.2.3-2_amd64.deb -BEGIN PGP SIGNATURE- Version: GnuPG v1 Comment: Kees Cook <k...@outflux.net> iQIcBAEBCgAGBQJV5iy8AAoJEIly9N/cbcAmtgwP/j07uaVdJ4OF8IVJTlV27GXX UoPsv9ZvZK41YKcf8A8FfJThmJayK6myhyQ1BsZ+96Dw/LakN3eBKT9kAoPYPOrl o/iRKPCttZUnk3if/trqAId36X5IfWL40DyO5Rr+LsgFYhY+G7IsV9w1oeYOU3vm jYUzupywKewMFpvmntrs+ZC6ajSpnvZ/WlPUmpJjYJxKxyDJhrY84kc6Dl8oK8Nu TfAzj4nwDslNnrCZlG0yMe1rFD7XYycNfK0DO+KmNnDhulqhuINsp0mT7a/QNT5Q +37rXwIzEE0qMwEH4R/fEzdyeIiz3dn7e1CI+8O+jWaDjC/dE6QBYU3jEJekhGjz WkvRMfSvYL1x3NQ+k/vTV2XGsVxF7RhIjAyDeI16WHqW2qLWnFVIYfaLxc/E7Al0 wXxx9Cd5tKLNlmKy9pO3SD/NGdp93QLvHO7h9kMT4dwZhEDz9+A2H8MVQtUnfLLf 8699uKKc7umG2ByKQnpebr2EcVryy15Vae+rvAaCTPpwrj2UYGFsTkC++mLsBfPs ZY6sMXDJMZIoHwFUsqyx8uX5A8md0DdKogL13e+VhAkuB1Du7fcX5anwc5Oq02BR HXEWiU0escIBgLc1o/wF/70PdbH8D/3Xkm1SQonGSMUYLTmQfXcsWv8v48igKom2 XFcFKOcf8HGhtjYpf9fU =mAnN -END PGP SIGNATURE-
Accepted scantool 1.21+dfsg-6 (source amd64) into unstable
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Mon, 24 Aug 2015 16:29:13 -0700 Source: scantool Binary: scantool Architecture: source amd64 Version: 1.21+dfsg-6 Distribution: unstable Urgency: medium Maintainer: Kees Cook k...@debian.org Changed-By: Kees Cook k...@debian.org Description: scantool - OBD-II vehicle diagnostic scanner Changes: scantool (1.21+dfsg-6) unstable; urgency=medium . * debian/control: Build-depend on liballegro4-dev, thanks to Adam Conrad. * debian/rules: handle already-cleaned tree more gracefully. Checksums-Sha1: dd35f7511da740d279c3c9f6cab499962f9aa2c9 2102 scantool_1.21+dfsg-6.dsc 09752477398f6e71d5d3f854b0ecdf1899494f4d 43496 scantool_1.21+dfsg-6.debian.tar.xz 6d0496b7647bfa0119a062d3a29a3673b437e71c 166182 scantool_1.21+dfsg-6_amd64.deb Checksums-Sha256: 76d88d4e458eb2386e8b61fbdc1593f615aec64a6d61e7d46cc621aa5cfb9033 2102 scantool_1.21+dfsg-6.dsc fb2d2387832165819759f569097c95b874435091012c5e329b2639fce78f1481 43496 scantool_1.21+dfsg-6.debian.tar.xz 3387a08072a64ffbe547f42b3ecbc48eae278a6dc9a4346e8686e5b178bb8516 166182 scantool_1.21+dfsg-6_amd64.deb Files: 26fdacbdea63bbb923dcc00f1e515cc0 2102 electronics extra scantool_1.21+dfsg-6.dsc 99290342f5ede16b3a036ccf176718cb 43496 electronics extra scantool_1.21+dfsg-6.debian.tar.xz f27e3898781975668a88ce97c5a4339d 166182 electronics extra scantool_1.21+dfsg-6_amd64.deb -BEGIN PGP SIGNATURE- Version: GnuPG v1 Comment: Kees Cook k...@outflux.net iQIcBAEBCgAGBQJV262RAAoJEIly9N/cbcAmAc8P/ijyAqS8y0DHVLofKUs1dyto tJjn2r6bPlit82JRywCyQ3mmdJrL37bqpe7hwtceqDsAkEWYvnBv3CjgbKJkK0d1 gg3IbgW8t4f52vHnDXJHmA/w9A0PEDsuLx70PEXmtgZcK9ihggcUb7cJ3ybSmY5+ uWFdD2dGuOKdX/X7EX2gsD96Hp1/FAgc09oYMomf3faWZvgcjS0u/oaWEruijpvp 7iLgUrCIPAzPq1wF6W1o2qEhz0/YOH4ctFiK1fpbrSRXXBweWEfp9Lf5Jz5swWns x3SqDBkPa2Y99laJMWSrJiDfYkf6fUM8xn2qcHjDldlS5WlrSC051+zkCLlREbC4 wnbbj/MTNDL384wlsrq7gV6RlOrMrGB3guV0uQAIlYaaIL24freAM3n+kEQBXEqN yVT8Fv/e6MnGAaEDU34X8LB5lgu1zU9nkvV/wTAjBZlhXG6hgThy8aRUbaHM0pgs REnpaHnZGZcJ1bX+u5rAM70Jd2HIqZlq7iZTIFYwfLskgpvQMGSPol34JonVSF/I SMZPzWcSxWwCFS0nwCcXtWD6QhqloFxMTSsXs1eltfVUdAYMSCbxxF3zSAuB/A4I qTnjxrBkVoysXuohSo0CLAjIqrkqW12LleOGcqHDdwQhOH12JeXeFNHirRgesjW2 oNoV5NxQK98rfs/fq9Zq =JpDZ -END PGP SIGNATURE-
Accepted libseccomp 2.2.3-1 (source amd64) into unstable
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Mon, 03 Aug 2015 15:06:08 -0700 Source: libseccomp Binary: libseccomp-dev libseccomp2 seccomp Architecture: source amd64 Version: 2.2.3-1 Distribution: unstable Urgency: medium Maintainer: Kees Cook k...@debian.org Changed-By: Kees Cook k...@debian.org Description: libseccomp-dev - high level interface to Linux seccomp filter (development files) libseccomp2 - high level interface to Linux seccomp filter seccomp- helper tools for high level interface to Linux seccomp filter Closes: 793032 793033 Changes: libseccomp (2.2.3-1) unstable; urgency=medium . * New upstream release (Closes: 793032). * debian/control: update Homepage (Closes: 793033). Checksums-Sha1: 4c3127f590775d61cb92e285529c120634fa0173 2035 libseccomp_2.2.3-1.dsc a2abb98d506d6a2b8a5fadc35496905e98d999ee 522755 libseccomp_2.2.3.orig.tar.gz 7587ef8d23b98eb003f93097e88f8fc8795b68fb 3596 libseccomp_2.2.3-1.debian.tar.xz de34a48a0a92c1e01c93a118c405ce6ad7bb2102 53054 libseccomp-dev_2.2.3-1_amd64.deb 0916ecc00dae7625a079165046e0419f14551e47 33642 libseccomp2_2.2.3-1_amd64.deb 014dee9ebe062e69b13eefa9526bb841a49779cf 29904 seccomp_2.2.3-1_amd64.deb Checksums-Sha256: 06e638f17230cffb9badb667f8e42902a6ec243825af39bd4029ecb86171ee73 2035 libseccomp_2.2.3-1.dsc d9b400b703cab7bb04b84b9b6e52076a630b673819d7541757bcc16467b6d49e 522755 libseccomp_2.2.3.orig.tar.gz b7657ddfd4b2ae33b70ee1b2e5b4188b0cb5341c01d7a4a2300f515ba40d190c 3596 libseccomp_2.2.3-1.debian.tar.xz ae16eccb0b7135e1d2ee10e54900399206ad18321ef73980bf0268a128ebdc5c 53054 libseccomp-dev_2.2.3-1_amd64.deb eb6864ca13c9ed2a9fd6ce3356f51ce937d28cee4cbf93ab0391683161cfba20 33642 libseccomp2_2.2.3-1_amd64.deb 13b1c082487c5ea8ece80485ca830907131f126b5bfc7d8a5a7e7032067563c1 29904 seccomp_2.2.3-1_amd64.deb Files: a5003bf90bc641b43b5c842b13489d74 2035 libs optional libseccomp_2.2.3-1.dsc 7db418d35d7a6168400bf6b05502f8bf 522755 libs optional libseccomp_2.2.3.orig.tar.gz 21fa75e6698870d2577b764ab94952fe 3596 libs optional libseccomp_2.2.3-1.debian.tar.xz de03eed2b7990d2d7075b10d7d4f98ba 53054 libdevel optional libseccomp-dev_2.2.3-1_amd64.deb e1090aa9cc22f48b2daf72793d11540c 33642 libs optional libseccomp2_2.2.3-1_amd64.deb d5b899fbb6c7961f4ae3d295fb0e0a42 29904 utils optional seccomp_2.2.3-1_amd64.deb -BEGIN PGP SIGNATURE- Version: GnuPG v1 Comment: Kees Cook k...@outflux.net iQIcBAEBCgAGBQJVv+ifAAoJEIly9N/cbcAm5O8P/1MPUCMD/u1bBm20gGb34pHY 0duyJPfDy5/iWTSz3qC4m1gWh8HoBGXJiS/JD2Cg5i7AoFdoXz42zCjRubT+dKBx 7ykbau0ZXp1PhZSbru4ldBjHuDhlS8GblrAITUeZ0LWvrX1mZ/vvDdZqr8dLo8We wvT+LKYqYZHPI48vL2YhHzhm6XwhuQANYa3oseke1wu8wzZi1iMSnKw5SapXJjQt BgBKR6cgOjdwlyJb9T3k9AigrddUaOGp5QWCzai1LbvtYBDHdtsVBIcXb4pbD25j TZlRfL9wuPngMyxAnVS9CNuVV9I/ipbrww47XoH5lpsrKL/X5BwPhlzOknxkwbiQ J3QNI75yuT/jnfqbRCj7ybZIzBSwwcgKR79BcGBtr76iQu9bT0aJfLxZshE1V/6D wCFdSixVE7N02aHUJhhGBnD0qlsXiBnpzXZ7ifqhfhBkyKfG5+VNGN+ljmbuxCCW bAHgMvuOvMREsGK7a2AeJpQuGLc8ul8IXXene+MTbUbs7F/u2ywMcFdGH4EpxP2z Cf4jw0sxPddomz1ZyePM0JdtW6gbkRww48PseX24sQ1S79+NWqMPXydnAlbLkObT X/bwf8EDZwQtc97QnGH8r+AG7y/yj6KiuRpL0zniyGiJDUGMB6BqnsYt41vYCQVb qrcvdv8HZPZUOCmh0X3I =eHIx -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to debian-devel-changes-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/e1zmokp-0003wp...@franck.debian.org
Accepted dosemu 1.4.0.7+20130105+b028d3f-2 (source amd64) into unstable
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Thu, 18 Jun 2015 11:18:58 -0700 Source: dosemu Binary: dosemu Architecture: source amd64 Version: 1.4.0.7+20130105+b028d3f-2 Distribution: unstable Urgency: medium Maintainer: Kees Cook k...@debian.org Changed-By: Kees Cook k...@debian.org Description: dosemu - DOS Emulator for Linux Changes: dosemu (1.4.0.7+20130105+b028d3f-2) unstable; urgency=medium . * Add debian/patches/pc-tcp-pad.patch: add packet padding needed by PC/TCP DOS network stack to avoid dropping small but valid packets, thanks to Frank Hintsch and Mauro Flores. Checksums-Sha1: 90e116e764b3606a811e013850ecae50af9bbb7a 2414 dosemu_1.4.0.7+20130105+b028d3f-2.dsc f6df79bd0ff63c3e1a2716b3df28f737f72acad1 20032 dosemu_1.4.0.7+20130105+b028d3f-2.debian.tar.xz 8e40d69dd40161ff07f09f1a45c6f946e32d5c1b 2218040 dosemu_1.4.0.7+20130105+b028d3f-2_amd64.deb Checksums-Sha256: f38836f91821e46bd62040907faf54e81ade455b28fe6376b0f6eefde3781773 2414 dosemu_1.4.0.7+20130105+b028d3f-2.dsc e08140e1772eee494760afa73a851d86d2a21f024f117d532914e769b7065d08 20032 dosemu_1.4.0.7+20130105+b028d3f-2.debian.tar.xz 8aeeb10475d4c43fe79cbe4e7c58e2fb305b260794d82da2f092e2dbb34ad652 2218040 dosemu_1.4.0.7+20130105+b028d3f-2_amd64.deb Files: f7d0c98ec836d9d6c00a0917a3b01686 2414 contrib/otherosfs optional dosemu_1.4.0.7+20130105+b028d3f-2.dsc c010b250e0df0ff6a823f8fa2a6d2ce5 20032 contrib/otherosfs optional dosemu_1.4.0.7+20130105+b028d3f-2.debian.tar.xz bf0265d188a89f36deff2b7eccc0aac7 2218040 contrib/otherosfs optional dosemu_1.4.0.7+20130105+b028d3f-2_amd64.deb -BEGIN PGP SIGNATURE- Version: GnuPG v1 Comment: Kees Cook k...@outflux.net iQIcBAEBCgAGBQJVhw2TAAoJEIly9N/cbcAmux4QAIYU9S6PlZ9yD6Hd6oMDotka U/neQIun9n2ixhz/4986OoIH37Jx3dMq7JFjJtLuuFjlv7y89gmaNDgjQJyUstCb 1lLVhDAnb+IB508+G1E0KvZw7tkmQmBd4E8wRc7g1/RVFQwK1Q8nSrkpmyZiwcfT 87xa3vrVAVwLTyt8K60Lz+GlI8kdcW1y8VcuwYetzuDCRl/xYOXGVRMzi1XEz/41 KVz5HbPgG30MS8beRMErGC9FrxkbOW2Gt/bfkvfrQWEqfkzZoGwHI21BrqafHyPx 8NLUruVihATrkGl11x2aR8NmcH7oROsm4JOgIFfEjAHuWoqVRe/jRMruqj/qp/mF a/URA8ukHCP2tiPsQ+JcIlUxOPuLOgGgyBpa7Yq6m1Wi6C/q9LJxPYnIHDb7+Weu F+ltmbCygz+I1eeL3sTVX6OiiG6i62Q1rrONDoH0J2YYP40S7kQ06zX8gsLFL0pI f1DKSdnozvFRZihsuEs9SQyVTzI8s+A3IYF3Cl95i3MDD6dn8gAJkkKDBUiUFWRw S3yUGuZ91bDJ8OJEJ9zpPjCZJD/AQHr7w+lsS3Zu9JQwWHQTb3+CMd15KBOArVc2 nKFB/lMIyLSjmYnCkxO7m0g8WJy1lUcUmkaINvX6UIRbPfpOcS1Af05vr11YY3fP wiQ8B8Ri0kgxUM/F7bO7 =9zJ+ -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to debian-devel-changes-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/e1z6l0e-0008cd...@franck.debian.org
Accepted libseccomp 2.2.1-2 (source amd64) into unstable
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Format: 1.8
Date: Tue, 16 Jun 2015 12:45:08 -0700
Source: libseccomp
Binary: libseccomp-dev libseccomp2 seccomp
Architecture: source amd64
Version: 2.2.1-2
Distribution: unstable
Urgency: medium
Maintainer: Kees Cook k...@debian.org
Changed-By: Kees Cook k...@debian.org
Description:
libseccomp-dev - high level interface to Linux seccomp filter (development
files)
libseccomp2 - high level interface to Linux seccomp filter
seccomp- helper tools for high level interface to Linux seccomp filter
Closes: 788923
Changes:
libseccomp (2.2.1-2) unstable; urgency=medium
.
* debian/{rules,*.install}: move to /lib, thanks to Michael Biebl
(Closes: 788923).
Checksums-Sha1:
6a9f0cbadc5de09a14a9bc59d2befd30949603c6 2042 libseccomp_2.2.1-2.dsc
8cf44628a85f88e5eec44389918b2317578fcc55 3564 libseccomp_2.2.1-2.debian.tar.xz
ab4e57fe1e3dca88e84283641bb07ac384c077fd 52706 libseccomp-dev_2.2.1-2_amd64.deb
f70cd389482e971e6a3eb4d9e5fd107027c90d2c 33232 libseccomp2_2.2.1-2_amd64.deb
bc2557713e6afb67b5786311974d27b40a977706 29612 seccomp_2.2.1-2_amd64.deb
Checksums-Sha256:
718d3fff1e8870c88e21db243a6f480a5541547ea22d803b5375c25ebaf85836 2042
libseccomp_2.2.1-2.dsc
564eb6509da6dcb0c55292847b5fb3fe575085203d67d7326d28595adf343d50 3564
libseccomp_2.2.1-2.debian.tar.xz
305d3743136c60b6f0c63d087646e2e97b43f903aa24052798b9b002ef824d4e 52706
libseccomp-dev_2.2.1-2_amd64.deb
acd21c8dc961f189d79dc5fa26b341bcae67bb303f4c4446d04fd6bffa13b2f1 33232
libseccomp2_2.2.1-2_amd64.deb
95b7afc9f6f1aa71f5b585a06fdff0ba9e777121a1064bba96edf9754d0a205a 29612
seccomp_2.2.1-2_amd64.deb
Files:
c2825d992164613ec4ba3e573f4d0abe 2042 libs optional libseccomp_2.2.1-2.dsc
f2419df15857e76a56a652ae381c165f 3564 libs optional
libseccomp_2.2.1-2.debian.tar.xz
4b00a9892772bec9aee9714a45a0cb9d 52706 libdevel optional
libseccomp-dev_2.2.1-2_amd64.deb
e299170bddcd5c2490440137793245ab 33232 libs optional
libseccomp2_2.2.1-2_amd64.deb
0f091e659e5623967b023774b5e92529 29612 utils optional seccomp_2.2.1-2_amd64.deb
-BEGIN PGP SIGNATURE-
Version: GnuPG v1
Comment: Kees Cook k...@outflux.net
iQIcBAEBCgAGBQJVgI+aAAoJEIly9N/cbcAm7MMP/1YobaTflY+9ptJD1jpyxriw
AcItoTw6woNXXR49u9jnQ/j78yIHKlVA9xWXdE/2PAWDq1aupZdr/CQqz72F6oj2
2uXwYGjNXYqqR7UqTshF+v8hRdh8L8XhDHO0aO6lbi4G7AI5LeUZqSqwSoyh2VVu
ZQiAw8lIoPu8qxlfvNt7xQmwDRPdUOn2uu864Op8vnmwj/zEmCIPE85Jf6u8b2Yc
I4zLUCTD1Q4BwuTDuGawUthLyqrAb6pX9PZEKW9/ysKMApKJ3WTGPMbzscaf3b2K
7riJkDkP1c00BE/6aVSsmk03CHj0lTh3/v1+g9BI0i7QN/Psdgf+YAEMOOkxO/3j
pFKN7LPri8Z57i4zz9SCOYDab4b0jbNqt9zrHaIIwXoS++hx2ECaBfjPghiW3ZI2
/HTplCC1XFEhwpJVfROTAZ3RK/OQyQHRaVK7JG1zPmy6Fa3/X9LFywcOqHSDu7Mk
pUaxotuEcLkUqBO0osyeDOETdMozM8D5Y1+H9LIGTVPBAPzC0YlhP6R2G0+wvLsQ
RyJi9Awl8OG4HQSYeAOeFmhyl762Svv+iKLG683Z/igkHOzKSGR5gD6RKjnPrH0E
9iEwZJcM4/41mxJi3cTzIKYtb6Sq4gSqZGHnz/Td+sl1uEGwX6a5NtEG8lwc6JrE
wYM6opRsqHFgr1ZVimMp
=PaKE
-END PGP SIGNATURE-
--
To UNSUBSCRIBE, email to debian-devel-changes-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: https://lists.debian.org/e1z4z8q-0008hr...@franck.debian.org
Accepted libseccomp 2.2.1-1 (source amd64) into unstable
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Sat, 16 May 2015 08:15:26 -0700 Source: libseccomp Binary: libseccomp-dev libseccomp2 seccomp Architecture: source amd64 Version: 2.2.1-1 Distribution: unstable Urgency: medium Maintainer: Kees Cook k...@debian.org Changed-By: Kees Cook k...@debian.org Description: libseccomp-dev - high level interface to Linux seccomp filter (development files) libseccomp2 - high level interface to Linux seccomp filter seccomp- helper tools for high level interface to Linux seccomp filter Closes: 698508 785428 Changes: libseccomp (2.2.1-1) unstable; urgency=medium . * New upstream release (Closes: 785428). - debian/patches dropped: incorporated upstream. * debian/libseccomp2.symbols: include only documented symbols. * debian/libseccomp-dev.install: include static library (Closes: 698508). * debian/control: - add newly supported arm64, mips, and mipsel. - bump standards version, no changes needed. Checksums-Sha1: 1a01cf7629df9b36d82245540bd524b505816940 2042 libseccomp_2.2.1-1.dsc 5a120046d1c82462818e6c1c59ab807fdc900f7d 520471 libseccomp_2.2.1.orig.tar.gz e920f5eae8d4d892110a476c6734890effb1a3a9 3460 libseccomp_2.2.1-1.debian.tar.xz 7ecd7321488ab30586cea0a2827df2d3fc2f3e7f 52750 libseccomp-dev_2.2.1-1_amd64.deb 8fa06e2b3e7aaa26d903d64383685e12837ae60f 33270 libseccomp2_2.2.1-1_amd64.deb 8f3a7c474be507f2f26c19f8825f21ba171396e0 29698 seccomp_2.2.1-1_amd64.deb Checksums-Sha256: 869a227055042a190d46cdf6fee0c7ef6bc4f4e6b63433fc2a7c7499fae440fa 2042 libseccomp_2.2.1-1.dsc 0ba1789f54786c644af54cdffc9fd0dd0a8bb2b2ee153933f658855d2851a740 520471 libseccomp_2.2.1.orig.tar.gz ad64e36b8c867ca476d6c7e2c6de09d351e483dc4e16b318da4dcffaae579940 3460 libseccomp_2.2.1-1.debian.tar.xz 4220eb2df75c7fd98b1166e65238575e27d7d2dfa9475cf61c2e1ca020aeb0f9 52750 libseccomp-dev_2.2.1-1_amd64.deb 1db48e9dacb853bc93db64cc2134fc8ed96f6f486e7220c451d3be68ae01a7f9 33270 libseccomp2_2.2.1-1_amd64.deb 9a767505e2cf3a618ff0eb8a5c041ac3502bfa83546881d5d7da3829c1c71722 29698 seccomp_2.2.1-1_amd64.deb Files: c729aa07a0d324538796bfa36f2fb53c 2042 libs optional libseccomp_2.2.1-1.dsc 068af8e1bc36fcd4b326ee83875ab4fd 520471 libs optional libseccomp_2.2.1.orig.tar.gz a57853f8078175e60bfad9f757910cad 3460 libs optional libseccomp_2.2.1-1.debian.tar.xz 2558dd2ba70da3f5fb6bcaff1f296728 52750 libdevel optional libseccomp-dev_2.2.1-1_amd64.deb d9b1041517d8564a0a009022dded29f9 33270 libs optional libseccomp2_2.2.1-1_amd64.deb c6a47c3bcd62729f0927448647e40814 29698 utils optional seccomp_2.2.1-1_amd64.deb -BEGIN PGP SIGNATURE- Version: GnuPG v1 Comment: Kees Cook k...@outflux.net iQIcBAEBCgAGBQJVWSLPAAoJEIly9N/cbcAmqzAP/3eXKCNpCXC9CySb7v8w0xVp BJUqGoO3ZF1rXr9wBbsg3/ip4DgnbSFrso8kcD+NDxR7cFMryo960yTzUn4XMfIt nAaSlolUVZ8+rNEuha0z3XgnsNHEm42hlcWoJDL2MixYjk9CSWS11yuw5SPnOP2/ yKtkJiIyetmuLh4CsrL2iBatBOWGk7rgRDOV5Jekbt/0beEESL262NcXrSGxpVhQ 9xj8bBa2CGw+TIUkK0eD4k/V6Kt2ZlPV2Pg65QcgW8+cGa7uZHK4ji21M+JVfXlF FFpXLfJlZQ0Gm7JVswe2xIfnITKvhdZeZFbhU2GvdPxuSBjn4WmlFJmXOestldZ9 RtyRoEW5Zs6xeIVNz6KAJxXpIa1wBpuf7jHJtwf1fcrzKLw+WyLorOvqWLX8FynP 2Gi1syWv+b4pSoxFI1DKy1DLkICKU5uSa7pgySrp1+mZQfPuyL6LBT+nOHfJei6f in8j7XaSVMMSJ5qPNJBLGwc5n15KhGYy8qh7nrTzd4hQnAJhsvwyui5HbI73eRfG 0T6JMcjxqZeG2pzRoZJ8tAjvRDUOVzxhbRqgauJ/AgkTolouPqqSrZsKSfA+dkVp A6l4SZOPTnkwxC5if0rWIcv6O0d47tVmD02qS93BFXqKiiMJVPvC3n0haEXiATC6 SkJ4Pf7T/Tkvv4h6cheJ =/9eJ -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to debian-devel-changes-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/e1yu84b-0003d1...@franck.debian.org
Accepted scantool 1.21+dfsg-5 (source amd64) into unstable
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Sat, 14 Mar 2015 10:53:58 -0700 Source: scantool Binary: scantool Architecture: source amd64 Version: 1.21+dfsg-5 Distribution: unstable Urgency: low Maintainer: Kees Cook k...@debian.org Changed-By: Kees Cook k...@debian.org Description: scantool - OBD-II vehicle diagnostic scanner Closes: 778110 Changes: scantool (1.21+dfsg-5) unstable; urgency=low . * Solved FTBFS with gcc-5 (Closes: 778110): - explicitly use static inlines: - debian/patches/dzcomm-usb-serial.patch - fix asprintf declaration and usage: - debian/patches/multi-code.patch - debian/patches/scantool-linux-build.patch * Fixed lintian issues: - debian/copyright: add missing license short name. - debian/control: bump standards version, no changes needed. Checksums-Sha1: e8acade6504b64ae2ab632a17acb10bf8c51ae44 2104 scantool_1.21+dfsg-5.dsc 326d8eed7003f19927c8d84702378ba04a762827 43412 scantool_1.21+dfsg-5.debian.tar.xz 08c16d342d9cf3614a680d0d7b32a558fe4959e9 166108 scantool_1.21+dfsg-5_amd64.deb Checksums-Sha256: 9d72c685d1318ffbf0d2fb05b82f7c43967381e078b7a82ddc893d06405b3c42 2104 scantool_1.21+dfsg-5.dsc 72d7fda3e135b7a618221fb1cf917796a950f7d1281094ea5058e5c93ba860b0 43412 scantool_1.21+dfsg-5.debian.tar.xz 845670c6036cb4b302ce1d5d667382229e46d4b40533d68d6f1eb2cf6a23e5b0 166108 scantool_1.21+dfsg-5_amd64.deb Files: f284e1264186ec9286bc84acafd3d545 2104 electronics extra scantool_1.21+dfsg-5.dsc 8ff409e7e83aebc8af66249e2eb30577 43412 electronics extra scantool_1.21+dfsg-5.debian.tar.xz b02c6a28cd400f03ffd233fc58245abb 166108 electronics extra scantool_1.21+dfsg-5_amd64.deb -BEGIN PGP SIGNATURE- Version: GnuPG v1 Comment: Kees Cook k...@outflux.net iQIcBAEBCgAGBQJVPRQdAAoJEIly9N/cbcAmDwkP/irLpybx/SbOqUi1MGfaswOD 3metGjkWDLQ79362Emy30GniyeldWpGdVXhoYkOME8OWGKbha9EJ/aJXIa2FFgdf V6Z6bZRG1NVO+y/dJqzOscIFng4tc5wFhshgg39mxz4gXQtKZsyc2x+FxL6vcGMg loFWWFxMdqMBjAtYPzwcLxUxpGC+COrNDL/pGSk+JfbemJxnBV97FwHkoiRUIar+ LKkobgTWgwzPD7Yb2NPIibTwT4Rh5H4GENfiKc04uV0uW8z8IoVzajnbU4T48Vou xYymitvgjOhMk/cGtPWzhvqeYA/mb7QEvLeTmetb3A5Z5TT3aio4+2qUBclH6gJo ZsmcgRTZXr5AqgMv7kGOTLnrRwcE1n7v1PqKNziSNkPNPzNc8kAGlwTye2fOtvT0 xIBssfvSKxTTIEIg0TZfypCdmEc9gHmw6mE+lK665W/JMau6J1s80wE+QgfO8rpJ AAw3L9J+7VTKKd6dwWvpZG3la6kplaGpYkz/JvQ/piH/QPYerZjbQBAKBeYPCc0z Fhqy80t975bf18Js70CSIlrkh9oe5M/3NtrpeTXC2p2VMs2Y0LI6BYTrvh3qm89b 37CGsBW4Ihb58D6UOVE+U6Wf+Vl6Qua/ZgvcTZzBwTfggY31NZS34CEPvCHf7YbI 8e65gDMGlR8W6RF4IlGt =ZGzb -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to debian-devel-changes-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/e1ymqah-000369...@franck.debian.org
Accepted hardening-wrapper 2.7 (source amd64 all) into unstable
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Fri, 14 Nov 2014 10:27:04 -0800 Source: hardening-wrapper Binary: hardening-wrapper hardening-includes Architecture: source amd64 all Version: 2.7 Distribution: unstable Urgency: medium Maintainer: Package Hardening hardening-disc...@lists.alioth.debian.org Changed-By: Kees Cook k...@debian.org Description: hardening-includes - Makefile for enabling compiler flags for security hardening hardening-wrapper - Compiler wrapper to enable security hardening flags Closes: 767269 Changes: hardening-wrapper (2.7) unstable; urgency=medium . * hardening.make: drop mips restriction on building PIE. * hardened-cc: fix comment typo, thanks to Steven Honeyman. * hardened-cc: disable format-security when related arguments are already present, thanks to Steve Beattie (Closes: 767269). * tests/Makefile.common: include tests for new format-security disabling abilities. Checksums-Sha1: d10c552ea37797bf41f4ba4dc1d75e63b6f81997 1857 hardening-wrapper_2.7.dsc cea33aec30197bf6489906418ebdea3ec7d7e93e 19604 hardening-wrapper_2.7.tar.xz e572f29e0237cdde55998363c058756f28c318e6 14250 hardening-wrapper_2.7_amd64.deb 3df2313dbcfcd432c12d3a90a17b72b5629083b3 17540 hardening-includes_2.7_all.deb Checksums-Sha256: a41080316928a0e086a622dcdae12fefb45abbaec6c435fa98e39754dfe64d79 1857 hardening-wrapper_2.7.dsc 20c601c6ccac7534d17d4be9442a4ad8f02b8461c2c50dee8b45d596cd6cf8e7 19604 hardening-wrapper_2.7.tar.xz 1600a186ac38ff8a4334103cff2e5d1f65bb6fab095749aa751cc12ce6aa0bab 14250 hardening-wrapper_2.7_amd64.deb 179cf6831beef70f9b20d5aeb5166aa6ed9163194828b4af0ccc920dae887774 17540 hardening-includes_2.7_all.deb Files: e52dd46aae4bef3fff5bec296408d8da 1857 devel optional hardening-wrapper_2.7.dsc 54d8d8de9bb496a4ea14e30b6e033a4a 19604 devel optional hardening-wrapper_2.7.tar.xz 63475fbdf477890667ad43a92c5b5026 14250 devel optional hardening-wrapper_2.7_amd64.deb 971410956e50f854159130809f677243 17540 devel optional hardening-includes_2.7_all.deb -BEGIN PGP SIGNATURE- Version: GnuPG v1 Comment: Kees Cook k...@outflux.net iQIcBAEBCgAGBQJUZknAAAoJEIly9N/cbcAmBRgP/jNML4U3LRzPEgcGj0ocd+ID /Ysfp+5zhr4hk65uMEEUdFAf5+W3BrzkMeEs0YqKH4DRr8pHaIXjGqC09OtpZQnM rS3ZxOZ9idwwe+W2T9wz90NJF/4ZHNdUtD1nul247k6Cl7U33QWwWJEjsFa0OuX0 Jh6BFrHb3thWr2sKXdFDGc9Ow1WF2zZ0lYpVjdS+4ZEMXYgyL2yr9K+coMRCMlAX Y+gIDHCaTEOMMzbRDIw6FfyGsvhSKiD+YRtV6bgFrtYDAlNK7/r/xGxyL/xKHFDY Ct9FhXJdJYb3XrCBcGLCfYEBlN40V2ao4aau6R286/XmzQUg9h66UYXQfVKUljt8 H2uWBM+Xsh057+8Lt6R2vHaNNAM3oFGPLpIuJHo1J2EsxYmTVHL3CXTj1eYQbl+7 mDWba0NPx/1ItT2NvTqbuvSqiKLErp3JQXvW4OyCvCHg6GF7MtOJw+4WOe00uMoi VUcKzd6DnRswWl8aO2tKADceaa7y4eV7VE9dU27kINn5EgjogAfxx9O+3NgDa3tE vw+4h76mLCDP5129cOXYpy/I8mwzmepPyoqwuax6NtGkM5T1UNKAQLnuYjkozwYF ZukcstDVBOhF/y42jKUV5/Yq9tpWk+p/nM4DIOIMHwOvw14r9ct/PNWhyiFThEI9 R4E4Tz7KRWk3uNyRHVuR =m8IP -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to debian-devel-changes-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/e1xplgk-0004ua...@franck.debian.org
Accepted hardening-wrapper 2.6 (source amd64 all) into unstable
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Wed, 24 Sep 2014 07:51:25 -0700 Source: hardening-wrapper Binary: hardening-wrapper hardening-includes Architecture: source amd64 all Version: 2.6 Distribution: unstable Urgency: medium Maintainer: Package Hardening hardening-disc...@lists.alioth.debian.org Changed-By: Kees Cook k...@debian.org Description: hardening-includes - Makefile for enabling compiler flags for security hardening hardening-wrapper - Compiler wrapper to enable security hardening flags Closes: 762662 Changes: hardening-wrapper (2.6) unstable; urgency=medium . * Acknowledge NMU, thanks Aurelien Jarno! * debian/rules: add clarifying comment about dpkg-buildflags. * hardening.make, debian/README.Debian: - switch to -fstack-protector-strong, thanks to Romain Francoise (Closes: 762662). - enable stack protector on mips*, arm64. * hardened-cc: use -fstack-protector-strong when old GCC not found. * tests/ - Makefile: add -fstack-protector-strong to logs - Makefile.common, ssp-buffer-type-protect.c: check for -strong behavior Checksums-Sha1: 506ea7731f601691aa23b860027de3be6d3bb922 1857 hardening-wrapper_2.6.dsc 25be7ce2fc5ec1359c56050549b62e8e691d7fc0 19436 hardening-wrapper_2.6.tar.xz e714ea3817a7bb2e5862e8a7c99cb2e5477ddf7d 14108 hardening-wrapper_2.6_amd64.deb 3c2fd5c60270c3b6ad5b5f5ea61b03691a45e266 17438 hardening-includes_2.6_all.deb Checksums-Sha256: 5fc4e3a3905703c2044798edeb8a754c54b05f4179bfff9abd40deb2333dedfb 1857 hardening-wrapper_2.6.dsc c5fc46439646d0929a0605e4f3db67e57eefbbf5ceec5a2888440dbdf4450224 19436 hardening-wrapper_2.6.tar.xz 96f3d70752429ec4978d62d2a3e8739bdd70286d7f123658337355086552835e 14108 hardening-wrapper_2.6_amd64.deb 3c77d296ead148bf755d43289d4b86b2efe266a23ad1842e9d65350d31f80716 17438 hardening-includes_2.6_all.deb Files: 61dd40be60a8a86c9d59683b1ccd5214 14108 devel optional hardening-wrapper_2.6_amd64.deb b601ab0e8273fabb6c8a90399ec8b99e 17438 devel optional hardening-includes_2.6_all.deb 76d2e2c19d41ecc9dced5ec96a62b50e 1857 devel optional hardening-wrapper_2.6.dsc 47c93c05b4d0199be8df0d35dbd68192 19436 devel optional hardening-wrapper_2.6.tar.xz -BEGIN PGP SIGNATURE- Version: GnuPG v1 Comment: Kees Cook k...@outflux.net iQIcBAEBCgAGBQJUIyXZAAoJEIly9N/cbcAm5W4P/A9F47jvxHH6nk0XcHz/d23u VldkiENre8CHDDdwYF1gjvph15ocE0g/fDF3rTKHJJLQPr0XC2Sr0Adsa0ECrvsF /scQyEaZ8+wKsn58cvLDDg2qKnjm1WCljdpFNTnnzN6TpchlS3rqlnfOd8yTj83c OITeJrIZh8vfSZ9mbvim3gWRk5OOJz+HF0zZWRtgPQAHJURnOkI3J8bCF5JORiVW y1y9EhUr4hMNXTRfySVQCCt9g4VUzJ0VaW7+4jasQ3mYDsSfuLYs9MT7mI2phXVZ L+K1c7FWZDUPHyjlaGIdizAiNHhlEbI+5UtdwPR+zrJOIgJG4gn7OSMlfivTpLBP y6TXa4KA81JFA0nKAvk0st8rM4dueiiw35Z9oqAMIZ6J0u/gaS6kytHxFXjZrfkr KCKTviei+Lv0pd2iDGnDPflIUxrXrGUWCfjET+spEI5iA7YTcset7aQs5jZ51M/0 1uetcx5IOavkBaWDhd2uI/1Sat23KY91lw01cKsUkfIkwFfTS0WEg5EQQrWQnzV2 bbQ6IXsjvqVZWHkShM5vOBni2JSkgzDu6B+G5SFwfOXpELFPelakAWGKQ1BHLBiZ qnf+iADwbKx+dnjpbFTev1AcD6mmMKA6BZGq56pe7hopRpCaSsXsYi1y/3Vo4sGv /AlpoVgO4B7QqayUK20J =bFmI -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to debian-devel-changes-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/e1xwu04-0006te...@franck.debian.org
Accepted duo-unix 1.9.11-1 (source amd64)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Thu, 29 May 2014 13:07:22 -0700 Source: duo-unix Binary: libpam-duo login-duo libduo3 libduo-dev Architecture: source amd64 Version: 1.9.11-1 Distribution: unstable Urgency: medium Maintainer: Kees Cook k...@debian.org Changed-By: Kees Cook k...@debian.org Description: libduo-dev - Duo Security development libraries and header files libduo3- Duo Security library libpam-duo - PAM module for Duo Security two-factor authentication login-duo - login wrapper for Duo Security two-factor authentication Closes: 747805 Changes: duo-unix (1.9.11-1) unstable; urgency=medium . * New upstream release * control: explicitly add libssl-dev to Build-Depends (Closes: 747805). * patches: drop patches taken upstream: - fix-manpage-dashes.patch - fix-test-preload.patch - fix-configure-privsep-user.patch Checksums-Sha1: 99ca68e149d32073c0fddd58a0e56c2d37d19ca5 1951 duo-unix_1.9.11-1.dsc 4cb4e585b69fbc6a0a3635bc241fa22653c2f9c4 463086 duo-unix_1.9.11.orig.tar.gz c49ee60b56eb1d6518a5d17b078f2d7d6a137345 7080 duo-unix_1.9.11-1.debian.tar.xz 3ed0073c9703c34777a423bb012e1d701d9e738f 16478 libpam-duo_1.9.11-1_amd64.deb 3cce439f5cc2d8426103f64c4acbba6007cc82d0 17298 login-duo_1.9.11-1_amd64.deb 077f6a240f2ae6ddbe5b290724478f319280f1e3 36168 libduo3_1.9.11-1_amd64.deb 8f7f95bd11fed50aa4bec29089c590ba00f84f98 8000 libduo-dev_1.9.11-1_amd64.deb Checksums-Sha256: 510f246968efef84e9881728b945a6e01628d835b69776f827c97c0bbd2a969d 1951 duo-unix_1.9.11-1.dsc f5c9a44c179727e9284837d6c009b079f5eefba5f241a5a37ae1ff5fff56871c 463086 duo-unix_1.9.11.orig.tar.gz c21c0bb215f36870270499649f48c9a765a9a47d01f794251d321c718e5a8c15 7080 duo-unix_1.9.11-1.debian.tar.xz 519d893f85b4a3e7ac575fb09ecdc9893e4ec688ac508b6ceefb1637fd066ee1 16478 libpam-duo_1.9.11-1_amd64.deb 42b9df75650e8e1a56bd351ac24be84358d19f4c9b3e5b22e1f2acad0dbb9b4a 17298 login-duo_1.9.11-1_amd64.deb 0d893800fc934eb28d63ffcce1bf0b1de63cac983e9655ab2c5dbcaad4e2bea8 36168 libduo3_1.9.11-1_amd64.deb 6fde070aabee029de60564907610ef761962ca62319d4d8ba6d2299aa395ba38 8000 libduo-dev_1.9.11-1_amd64.deb Files: b1cf41cf94dfd8d60135108560a8bf47 16478 libs extra libpam-duo_1.9.11-1_amd64.deb cd1187a9ded4f8caefc092252eee71a0 17298 admin extra login-duo_1.9.11-1_amd64.deb 06573849b6512e9d1939e51d6d76426f 36168 libs extra libduo3_1.9.11-1_amd64.deb 88e35be039869a6686dd6e6d09c2e0ef 8000 libdevel extra libduo-dev_1.9.11-1_amd64.deb 38a34289ae8d25df0c645fb607b76047 1951 libs extra duo-unix_1.9.11-1.dsc f9e252cccb850d27343e926a802c5602 463086 libs extra duo-unix_1.9.11.orig.tar.gz 54780ac8bb7ef66b218b4a1ca01d3337 7080 libs extra duo-unix_1.9.11-1.debian.tar.xz -BEGIN PGP SIGNATURE- Version: GnuPG v1 Comment: Kees Cook k...@outflux.net iQIcBAEBCgAGBQJTh5eSAAoJEIly9N/cbcAmUxMP/1BE82ySi5fC55Jx2nZpXmkW Gy6tDOS2c3CAW+9shpDTozv/3p5w4hIn8M5Hv66FcgHDafOJyCPMBTBGcDth9e8p POLAlU1dB1dmWDYFZADeGcRu0d/B4bvLUrTgQCwO/tnT2jEL7CQbbWIkiGKKMRzX QZhn33B3pKp7p1mgXE1JQBblez1ekfZErJmQW61v5WaZoIEjxtKI/o6wTsfDqsQG ndLBV/8/2mSHn+d+u1J9laRPGsYnqHlCV/w4e5v54Zg0hKsNFsF6OgqLxBvxOKGE vGzUmGJS6Yy5k7W/28KM+n6jmacKw4fIFN9X06b1vNwSVZ8eIBmq1Le730sH1+jx XNFuGJPrQLpIU7eti0u/0elfPTFc/NmXofYG3/bsDiHnlm9bLWBFpC4+GODpRgpy WwrysTnTIo+kpsOfgiGLHgP7idewKOdaWzAf/VCU4mbtrEYunYAnZasK6AEUlWNj fuNzpJEeKrqBo2usKLe/SHzLD+CYB7oUbVeRM4QZo/iNeV3SfxSio0LdqRGp63c1 3A6mmfYEce2f/ISXJCvwc5NQL6M0CR2AbUNO1QBkWlNuAjkag1ODrglea/FZeANV JMdH5m8vBy8OYDWZB4avIHMJ4C4/Xxsxo1nhImJR7VT5abz8yS/uDQ4AmfQRFzs3 zykOS2wEPPaBrsfE4KPr =F0eN -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to debian-devel-changes-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/e1wq81t-000101...@franck.debian.org
Accepted libseccomp 2.1.1-1 (source amd64)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Sat, 12 Apr 2014 10:44:22 -0700 Source: libseccomp Binary: libseccomp-dev libseccomp2 seccomp Architecture: source amd64 Version: 2.1.1-1 Distribution: unstable Urgency: low Maintainer: Kees Cook k...@debian.org Changed-By: Kees Cook k...@debian.org Description: libseccomp-dev - high level interface to Linux seccomp filter (development files) libseccomp2 - high level interface to Linux seccomp filter seccomp- helper tools for high level interface to Linux seccomp filter Closes: 733293 Changes: libseccomp (2.1.1-1) unstable; urgency=low . * New upstream release (Closes: 733293). * copyright: add a few missed people. * rules: adjusted for new test target. * libseccomp2.symbols: drop accidentally exported functions. * control: - bump standards, no changes needed. - add armel target Checksums-Sha1: bc8a7aee92f034e5acc0e80e5e215937739a139f 1892 libseccomp_2.1.1-1.dsc cc135ab6c95723cfbba034feb9630446de475341 113133 libseccomp_2.1.1.orig.tar.gz 5692cbe0353a329f21fe914589437eb2aba62e41 4536 libseccomp_2.1.1-1.debian.tar.xz c328cb1cb0fb41fc4f15d9502eb9819d05b998ce 23714 libseccomp-dev_2.1.1-1_amd64.deb 4ebdab7df101205ef2259b2f5dd5b9d58e6cc86d 27634 libseccomp2_2.1.1-1_amd64.deb 4ec03cc65ac4fa2fceff2983676858d3f166fd56 11638 seccomp_2.1.1-1_amd64.deb Checksums-Sha256: 5f75abc2567221b3dc47d417f18f66bbf32abd4231965fcd77878150b69e6016 1892 libseccomp_2.1.1-1.dsc 8812c11e407c383f5ad6afb84a88e5a0224477bcfe8ff03f0c548e5abaac841c 113133 libseccomp_2.1.1.orig.tar.gz fdc20046cc4d5c760810ee39a9a09091cab937247a6ee6d10148fb6d4dd135f6 4536 libseccomp_2.1.1-1.debian.tar.xz 3ff11f445016a8aa96c16cc86648a037383609b612fe278c1b4e31946b68cdf0 23714 libseccomp-dev_2.1.1-1_amd64.deb 2ce5987a1afc6fe5c945abcdd696a8575d2015e231cd8fd165e1311954c3aeec 27634 libseccomp2_2.1.1-1_amd64.deb 88837a07217888654d27b2aa595183b55602284a8d434862059944c28a17e259 11638 seccomp_2.1.1-1_amd64.deb Files: b4deecbe94d17ad5fb161f6916d15694 1892 libs optional libseccomp_2.1.1-1.dsc 1f41207b29e66a7e5e375dd48a64de85 113133 libs optional libseccomp_2.1.1.orig.tar.gz 0741a2633c828fc9237fa1ef0df0851b 4536 libs optional libseccomp_2.1.1-1.debian.tar.xz 1decb0f9c5bad4313315223821918073 23714 libdevel optional libseccomp-dev_2.1.1-1_amd64.deb e7cb81eaeb3925e2d408179e22f6e0cc 27634 libs optional libseccomp2_2.1.1-1_amd64.deb 111fb35b2018b8a44e5b2309f242cc29 11638 utils optional seccomp_2.1.1-1_amd64.deb -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.14 (GNU/Linux) Comment: Kees Cook k...@outflux.net iQIcBAEBCgAGBQJTSX13AAoJEIly9N/cbcAmt7QP+weESmur/c9hqqoBzXUlxH+B 54qTebmNak0NxXmI7SXfMjDVqYc0UFWypXVvsDEBQopPU52NE4/OAC1ELtjrSSke s0FkQAM6u4PiLheBfcK9FtGjVS+Ng26nk0KIEd5RpWLNzekzHqNsp+fvst5QCJlX Jv+vyrVVCNmEuSrhYOjl8ClLlcJWIHC7uMIxIIRx8fg5i6ZCCkB9SlaHQJOx3bk1 DA2MsY+QI3AkkAAUz737u5h1cb3uuvmoaYMtCN4XwtpcwRkLLUkyB/bUw0vXgbus 0BxGqFkVDujVkmWEwp0eqy5UYbi68uSdA6QqCR7qbI38QIKPiqLvCK1aLe5EpjZs cDrNQrfqHLZ8gXocMXFh+6nexALN6SMI6eAt8EJEryiJKWKHuF3J18Pr2GE9hyNg BhkcPi1q/DLvIypXKuA4FbUscVxz6rzamNm6BK1LQl8RG8RCI+SZgqmSkoGgtL6q ACVxYg6FJw8MZeule8rmlfRpdJV6sJsPsQTd211hdoXx34Bgm+7E+WiVokoMwxB/ bE2eR9Gp2X+HWXjOpM85rugHA/6J7Pi+Mmm7T1SkfTXEzAJlJPRbwAzcqrCvZ0vn cYgfNfgre22tgIIG2pnrLRsVZeOsNmjOqA4lDt9s1R7gSx2zgc+vlhzpwHGDUTaH PblUH96Y722DKLLXsZsr =6ssT -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to debian-devel-changes-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/e1wz2hc-0007bk...@franck.debian.org
Accepted orbital-eunuchs-sniper 1.30+svn20070601-4 (source amd64 all)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Tue, 21 Jan 2014 11:09:48 -0800 Source: orbital-eunuchs-sniper Binary: orbital-eunuchs-sniper orbital-eunuchs-sniper-data Architecture: source amd64 all Version: 1.30+svn20070601-4 Distribution: unstable Urgency: low Maintainer: Kees Cook k...@debian.org Changed-By: Kees Cook k...@debian.org Description: orbital-eunuchs-sniper - anti-terrorist, pro-Eunuchs, satellite sniping game orbital-eunuchs-sniper-data - game data files for the game Orbital Eunuchs Sniper Closes: 727482 Changes: orbital-eunuchs-sniper (1.30+svn20070601-4) unstable; urgency=low . * control, rules: swap autotools-dev to autoreconf (Closes: 727482). Checksums-Sha1: 72de47862cf5f553fac89ab98cea10e54f0ae1af 2186 orbital-eunuchs-sniper_1.30+svn20070601-4.dsc 4bd92056657f6d9ef01588911a6d0dc148dd4313 18408 orbital-eunuchs-sniper_1.30+svn20070601-4.debian.tar.xz 50c589d6e6416f83c2ec0e45e2661d8aad4eb5b2 60142 orbital-eunuchs-sniper_1.30+svn20070601-4_amd64.deb 6a978f0ce810f704d053bcc1b63be75ea130c86a 3870292 orbital-eunuchs-sniper-data_1.30+svn20070601-4_all.deb Checksums-Sha256: 6e9f72e35fe4cdd2d3932625286cda2e27bb0828327f8274c8a79b3360b755a1 2186 orbital-eunuchs-sniper_1.30+svn20070601-4.dsc 4183955c46a25c08b50d5eee2ded00503fc7a765886049687a2b5f71cc023bf9 18408 orbital-eunuchs-sniper_1.30+svn20070601-4.debian.tar.xz c43aafa224c1fdd5ed1ad33c006733c6423dcd280bfe25b83d7080e614bf3060 60142 orbital-eunuchs-sniper_1.30+svn20070601-4_amd64.deb fd50cade00201540853f76b898c84105b6bd6028c8a3e6c584b71f42877907dc 3870292 orbital-eunuchs-sniper-data_1.30+svn20070601-4_all.deb Files: 54ef6233d750e81563290bb0ce57f2c5 2186 games extra orbital-eunuchs-sniper_1.30+svn20070601-4.dsc 1f51c57ccc5673c751344ddfd9c5335f 18408 games extra orbital-eunuchs-sniper_1.30+svn20070601-4.debian.tar.xz 027127c16074bf5059e451f5d106325a 60142 games extra orbital-eunuchs-sniper_1.30+svn20070601-4_amd64.deb ffdf270024503ae32d9c75405b728b7d 3870292 games extra orbital-eunuchs-sniper-data_1.30+svn20070601-4_all.deb -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.14 (GNU/Linux) Comment: Kees Cook k...@outflux.net iQIcBAEBCgAGBQJS3smdAAoJEIly9N/cbcAmp2IP/2ThZQKqvCAAlFUfy6E15Jkf XfeZSnua804lnbcOLFP2zN/AyyuE4FaSB2DqUhYh5vvEG7p5g92yZ5/JYvuPuzaW 7tov7wp0LYyxDAaZM4T14f47raHZTLnrI8ubMQGA9Vlnl4967vp3g4FBHlgjrahu 4bHT1fqkiFt7irK2X7rnDUhyk8gUtVVsXdo31MeLkm/GY32OB4ChyNZNQGlXvQpR jkP9wef00hZRxJAu1PqYaLlf1at2EUs1ayL3jLnW/BNVvU5MOdqz8jlmq+TCBiFn gM5e3999G6PMoD2Aa5sXSrC/QfxUNPpL0FrNnCTGKRysL2xQeFwQvaQYTpUJBE64 Tw4Zb8DvbIv6VWrkzuVZCvLRcUDbMkO15xOvt3jbzFwtUigKiwZwl1bLAMYUM4SN 7+1rBKpjlwflTyQh4zB8o90v3YxMJwlm/eW0cMgo8To55sI2ux0Ra0dhTZ95adMh IAon8g5jWUmZpSOmfY7f5yAS7WEFuwS01yqYAivdYRY2oYYHL89og0fDLNx/aTiY 7CR09C/4HceQfXDP0drHLBTF/iEcG0vxHAPo4XfbGmZOkT/zI4NZVyKbUZv5Y0YB fHAbRdxSEgS5oEYR+VYg0BJTZ5qE+x79pys/B0GWhmUhoEQbUfW+fLtd1diA4toD mu9CU+r5jbbga9fL6228 =uX0S -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to debian-devel-changes-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/e1w5h53-0006ls...@franck.debian.org
Accepted apparmor 2.8.0-5 (source i386 all)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Fri, 03 Jan 2014 13:41:43 -0800 Source: apparmor Binary: apparmor apparmor-utils apparmor-profiles apparmor-docs libapparmor-dev libapparmor1 libapparmor-perl libapache2-mod-apparmor libpam-apparmor apparmor-notify python-libapparmor python3-libapparmor dh-apparmor apparmor-easyprof Architecture: source i386 all Version: 2.8.0-5 Distribution: unstable Urgency: low Maintainer: Kees Cook k...@debian.org Changed-By: Kees Cook k...@debian.org Description: apparmor - User-space parser utility for AppArmor apparmor-docs - Documentation for AppArmor apparmor-easyprof - AppArmor easyprof profiling tool apparmor-notify - AppArmor notification system apparmor-profiles - Profiles for AppArmor Security policies apparmor-utils - Utilities for controlling AppArmor dh-apparmor - AppArmor debhelper routines libapache2-mod-apparmor - changehat AppArmor library as an Apache module libapparmor-dev - AppArmor development libraries and header files libapparmor-perl - AppArmor library Perl bindings libapparmor1 - changehat AppArmor library libpam-apparmor - changehat AppArmor library as a PAM module python-libapparmor - AppArmor library Python bindings python3-libapparmor - AppArmor library Python3 bindings Closes: 732578 Changes: apparmor (2.8.0-5) unstable; urgency=low . * rules: drop --parallel, since it seems the upstream build is fragile when running in parallel mode. Thanks to intrigeri for tracking this down! (Closes: 732578) Checksums-Sha1: 10b9b6a4ec003e7f8dc6d267fbd03ef3a94f028d 2768 apparmor_2.8.0-5.dsc d4ee1a5c4c6c183bd7ee859f0af36cdda613f14d 114416 apparmor_2.8.0-5.debian.tar.gz 47dcff4d8c0c7ffcbbdd4fafca71b9c6ab1b33cd 332590 apparmor_2.8.0-5_i386.deb 1c98503404db99e118bdb164d929a949f16bfe8a 114066 apparmor-utils_2.8.0-5_i386.deb c051ff102b966cc61f10f4de17fbae4c610b5571 56726 apparmor-profiles_2.8.0-5_all.deb 51d89e8f8fd55e7181dcdc166b82ac7aeda9fee9 279372 apparmor-docs_2.8.0-5_all.deb fa9c9daf8ac0e68ddbeecc514611289af165e0e6 47704 libapparmor-dev_2.8.0-5_i386.deb 89cb9657640761418008baf05291ed5d7d6ca892 45502 libapparmor1_2.8.0-5_i386.deb f9eeadb24e16f8dc6265dc219d65570c27dad747 50704 libapparmor-perl_2.8.0-5_i386.deb 6ff7559426ad4595e552d61ec9e6079ca6b90be5 40430 libapache2-mod-apparmor_2.8.0-5_i386.deb 3bd383e2d2e4ec433cec92d607aa3ee24482748e 35522 libpam-apparmor_2.8.0-5_i386.deb 9027a2f91a1c489c30ec64f963e9b2cc35900ffc 39788 apparmor-notify_2.8.0-5_all.deb 75d9967834ace4ae2f20fd895e40215dd843dd61 49966 python-libapparmor_2.8.0-5_i386.deb 27ea9b3a493c3d09d90b51992090164d3ae7f655 49568 python3-libapparmor_2.8.0-5_i386.deb 3609e6cfb1a2cc085282b13f9f09ef377d0e6736 35812 dh-apparmor_2.8.0-5_all.deb cbacd794ac1208fa6329945f83214073ec1b9081 46170 apparmor-easyprof_2.8.0-5_all.deb Checksums-Sha256: 5a8a13108063424194aa4c0c8226dc1a757f58427969a6127ad3e20f62a4ddbe 2768 apparmor_2.8.0-5.dsc ee42a8f310aaf4229702b8d476eb42cd79aaf14187f261051c094cf241fcda73 114416 apparmor_2.8.0-5.debian.tar.gz 0e555c2cd05fb7f2bdb86bde495cb81a8b84f26720ab330d76f41b633264bc4d 332590 apparmor_2.8.0-5_i386.deb 95134a3c97ddd0f3a57db7a4cc247de9e597e1c0b6111b3bd220e28b900d2f77 114066 apparmor-utils_2.8.0-5_i386.deb b209e38919c7a64cad93edaa39d90bd963f0800cd395277d43717841b6dc1df3 56726 apparmor-profiles_2.8.0-5_all.deb 291b384dff624c2f70fcab156e6188e5e5480c726b394be0bd1b61d79170d943 279372 apparmor-docs_2.8.0-5_all.deb 673268c4b6c624a39c52a367e31f5c69fa5f1d574b2feb65eec1d5e5c3c939e6 47704 libapparmor-dev_2.8.0-5_i386.deb 6dcdd21a6bca1d460f27be7ddd0df1640b02e0fcb40b743b8ed3db7b607918f4 45502 libapparmor1_2.8.0-5_i386.deb 4b20b0d7377a8f8f39b93718da109648b77caa924fc2acdbc0e0060db6af6e2b 50704 libapparmor-perl_2.8.0-5_i386.deb 3e4e99e809af16be78ae8b386f8c4c3ab2ccb0c28f5154da9f3c612b1b687b56 40430 libapache2-mod-apparmor_2.8.0-5_i386.deb 56ae051959011ee040bce0a887618838948126d7fd0c186ac43882b035c3703b 35522 libpam-apparmor_2.8.0-5_i386.deb 67bd60f810ff982c01214b7a13a9482f8df452c04ef56944a631b9645d4c5ed6 39788 apparmor-notify_2.8.0-5_all.deb 6f537e5e3c8bf548627055bdb1346b414115284053ec7b06763c070b6e234a5f 49966 python-libapparmor_2.8.0-5_i386.deb e650151f9148559c04c8dced6985dfcb3b85c773831f397885563206b413d073 49568 python3-libapparmor_2.8.0-5_i386.deb ade4877dba617026a707e049278548283339c784e8f3919e2903902ef2a5123b 35812 dh-apparmor_2.8.0-5_all.deb 72d2e22820afaa734e80774a8bccc0f3bf3f025a36a414bf459414f86ae1ebad 46170 apparmor-easyprof_2.8.0-5_all.deb Files: e366e21008466a412ca7ae94cfb04f09 2768 admin extra apparmor_2.8.0-5.dsc 6c53e91226cf0a14b3e16e8a89d0ff8b 114416 admin extra apparmor_2.8.0-5.debian.tar.gz 66b809254b27610cefcd727f6a63d575 332590 admin extra apparmor_2.8.0-5_i386.deb 235697e22ac50a24825bd513c4174977 114066 admin extra apparmor-utils_2.8.0-5_i386.deb 62c67bc71f8fc7be7d2f4d427d48c02f 56726 admin extra apparmor-profiles_2.8.0-5_all.deb b961618db0fd4a8a3b3f2ba5b5813e15
Accepted apparmor 2.8.0-4 (source amd64 all)
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Format: 1.8
Date: Thu, 26 Dec 2013 14:42:03 -0800
Source: apparmor
Binary: apparmor apparmor-utils apparmor-profiles apparmor-docs libapparmor-dev
libapparmor1 libapparmor-perl libapache2-mod-apparmor libpam-apparmor
apparmor-notify python-libapparmor python3-libapparmor dh-apparmor
apparmor-easyprof
Architecture: source amd64 all
Version: 2.8.0-4
Distribution: unstable
Urgency: low
Maintainer: Kees Cook k...@debian.org
Changed-By: Kees Cook k...@debian.org
Description:
apparmor - User-space parser utility for AppArmor
apparmor-docs - Documentation for AppArmor
apparmor-easyprof - AppArmor easyprof profiling tool
apparmor-notify - AppArmor notification system
apparmor-profiles - Profiles for AppArmor Security policies
apparmor-utils - Utilities for controlling AppArmor
dh-apparmor - AppArmor debhelper routines
libapache2-mod-apparmor - changehat AppArmor library as an Apache module
libapparmor-dev - AppArmor development libraries and header files
libapparmor-perl - AppArmor library Perl bindings
libapparmor1 - changehat AppArmor library
libpam-apparmor - changehat AppArmor library as a PAM module
python-libapparmor - AppArmor library Python bindings
python3-libapparmor - AppArmor library Python3 bindings
Closes: 731358 732695
Changes:
apparmor (2.8.0-4) unstable; urgency=low
.
* control, {libapparmor1,apparmor-docs}.manpages: move man pages into
apparmor-docs to avoid multi-arch duplication and hilarity with file
dates vs buildd timezones (Closes: 731358).
* patches/r2247-fix-bison3.patch: fix build for bison 3 (Closes: 732695).
* control: bump standards version, no changes needed.
Checksums-Sha1:
ceff256f573298923161fcceb0c2f28af981c84d 2768 apparmor_2.8.0-4.dsc
162c56d90f01347dda4efb1084a1673271ecae47 114321 apparmor_2.8.0-4.debian.tar.gz
64a4d4b48b2158be4b1ebd137fe8e441c94d1698 321554 apparmor_2.8.0-4_amd64.deb
5b0313e75f5b0754d14f8acfdd6b6404335cc468 113970
apparmor-utils_2.8.0-4_amd64.deb
2cbc6d1bd004b1472aa80eef9c5caef41be8feba 56640
apparmor-profiles_2.8.0-4_all.deb
b1feb02a5fb50d5bb26d4a1e16a466a3ac8a72cb 279280 apparmor-docs_2.8.0-4_all.deb
01ff13a00b20a0d27e434c9c1555fb65194c2de7 48664
libapparmor-dev_2.8.0-4_amd64.deb
51d9a5b8b37502d76322aef2e7b24a3e9d1c7942 46118 libapparmor1_2.8.0-4_amd64.deb
c7a57e3bae33f5719ab5a65210a80ec67351d962 52838
libapparmor-perl_2.8.0-4_amd64.deb
f51503a441b5a0fe518180c427d06d40dcc6519f 40326
libapache2-mod-apparmor_2.8.0-4_amd64.deb
033d36856599618bee78671b39ff694902ba3894 35510
libpam-apparmor_2.8.0-4_amd64.deb
fda3b9107460e2df93cbc6f30f43193e77dbcea7 39712 apparmor-notify_2.8.0-4_all.deb
b18d72cc93ffe092729ab8b4097b563851101507 50770
python-libapparmor_2.8.0-4_amd64.deb
09eb2ffa6c90760c40219ea0a6f4421da9239606 50462
python3-libapparmor_2.8.0-4_amd64.deb
24ee6345197592bc5cc74358ca4358b85d8ad888 35728 dh-apparmor_2.8.0-4_all.deb
7fa53544c100cc30d4076db6a373b7709e18ee1a 46084
apparmor-easyprof_2.8.0-4_all.deb
Checksums-Sha256:
8197e9a4951a43b169eb16a91c05846725a447c49f836fb0859a7d0173ba47bf 2768
apparmor_2.8.0-4.dsc
264ad24db2cd6e3f90348642296d21920040910d6fb142cd86827531960252e2 114321
apparmor_2.8.0-4.debian.tar.gz
dbd81d56ad96f67bf173328d5fdfa4e0f428a8e8e5aa5469b80f32ee9ac5fb73 321554
apparmor_2.8.0-4_amd64.deb
144050168eb66f3d50e4481ade1e9acfe5c2aef54535a85294604278aa96296c 113970
apparmor-utils_2.8.0-4_amd64.deb
c89e72a52241f19b3cd2d2059f20c6d11d3a066de7122bcbece9d5d064b184ac 56640
apparmor-profiles_2.8.0-4_all.deb
949469e228e8b87dcf9116bd959b406aa1fc6c50cb0cffc5861736d5b3daa1f7 279280
apparmor-docs_2.8.0-4_all.deb
be13a799dd71fd767d966ea0b410288a911935ea3bfe4bfdb21f9f920f07522b 48664
libapparmor-dev_2.8.0-4_amd64.deb
2ce08cbdfb1f9e4b684d7ace25196d7ab2d8894fea3a5372477482cf5dbb 46118
libapparmor1_2.8.0-4_amd64.deb
a02d82928526dcbe7bf48120c1c30228e409d6ab20dd208d7019460dc43e8417 52838
libapparmor-perl_2.8.0-4_amd64.deb
87141b96d31d5af017530e5b343b9f379e7486a160a13d071430412560153a57 40326
libapache2-mod-apparmor_2.8.0-4_amd64.deb
9e1844e447a1bc279e5eda9bed58537ef1abf8c6f4b8561db254b7703b2290b7 35510
libpam-apparmor_2.8.0-4_amd64.deb
3a8ca2d6ddd8a5ff7601109181429c011beb8156993b7cc13b0a9da5f331d030 39712
apparmor-notify_2.8.0-4_all.deb
9a7d41a924c05d65de679392f2f36ce799e7665dc3d93d73c92895de24cee9b1 50770
python-libapparmor_2.8.0-4_amd64.deb
b22f8e599ed2e0acdab666ab23eca73c52316ae21a6b295d58a3958866b13f6f 50462
python3-libapparmor_2.8.0-4_amd64.deb
51055cb83184234b2a4ed2abe4e37aa34dbe3d3ff1c0e1ea146980bbfea8ffa1 35728
dh-apparmor_2.8.0-4_all.deb
8e9ffc7cfa7f5ff95dba935eea25d09f247aff0067f0b4d2daa99827f1199b1c 46084
apparmor-easyprof_2.8.0-4_all.deb
Files:
9fa7418ee3a952f79bae31f0ba865047 2768 admin extra apparmor_2.8.0-4.dsc
4f35b88c5be458e263043ed308a6e82b 114321 admin extra
apparmor_2.8.0-4.debian.tar.gz
eac0ced8b7eae5478fd7c3628255a50c 321554 admin extra apparmor_2.8.0-4_amd64.deb
Accepted hardening-wrapper 2.5 (source amd64 all)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Tue, 17 Dec 2013 10:01:21 -0700 Source: hardening-wrapper Binary: hardening-wrapper hardening-includes Architecture: source amd64 all Version: 2.5 Distribution: unstable Urgency: low Maintainer: Package Hardening hardening-disc...@lists.alioth.debian.org Changed-By: Kees Cook k...@debian.org Description: hardening-includes - Makefile for enabling compiler flags for security hardening hardening-wrapper - Compiler wrapper to enable security hardening flags Closes: 732403 Changes: hardening-wrapper (2.5) unstable; urgency=low . * hardened-ld: detect symlink loops, like done for hardened-cc already (Closes: 732403). * hardening.make: disable stack protector on arm64 (glibc support needed). * debian/control: bump standards, no changes needed. Checksums-Sha1: 76e9511a0f79b65e8b8963da1016d66c588780ef 1860 hardening-wrapper_2.5.dsc 4fa15224048c7f6230a3a18b46e48855f8ca54a1 21157 hardening-wrapper_2.5.tar.gz d19ca49854dfd5bd12c5169a602c51103ee8bde3 13532 hardening-wrapper_2.5_amd64.deb 7c9674a19e56f0b7a8c0e3d69dc361fec580bc41 17104 hardening-includes_2.5_all.deb Checksums-Sha256: f887d138a0b983ff5c26109e0de7f670f4f1dd466ea46ab2cc89f3f11dbc8ac9 1860 hardening-wrapper_2.5.dsc 9ae2cc44d9543476b5b8655b4699af5421218dce44ce0d4a89cf5d81ba12b9bf 21157 hardening-wrapper_2.5.tar.gz fb2e3ee9de86c942fc9a5099defd3303acfffa046419f576420fbcb372640db3 13532 hardening-wrapper_2.5_amd64.deb d6f794890a24c9528f21cce5faf56aee3a9e6442841b8874abaed93c6eae 17104 hardening-includes_2.5_all.deb Files: 2635f8eb463546b1afafdb58ac27fa06 1860 devel optional hardening-wrapper_2.5.dsc fdd3a00dc7363031d203963d190b5c6c 21157 devel optional hardening-wrapper_2.5.tar.gz a9fd5ad91fa43e415cf69e839d9dfe48 13532 devel optional hardening-wrapper_2.5_amd64.deb 18c688a57fff863081924e2964ccf45f 17104 devel optional hardening-includes_2.5_all.deb -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.14 (GNU/Linux) Comment: Kees Cook k...@outflux.net iQIcBAEBCgAGBQJSsJTaAAoJEIly9N/cbcAmDz0QAKOhAFIuvYFlBxDqZE7dO63T lm2A2PY8chhPygoHgYgu82/GALd0WpVzlf7w/3Fh2yXo4W1EYyuF5iG/PFJImttu +n2AcrzFE8DyW41zeslMK3//ZsSRK6qqk8E9H8p/l9FhUUdwj/MuLiG0bS2Fsa+h g9U5U9214/sl24mM0E7QA8gYgeycSZYPBGPR2iE7axfbTLogJjmseGaKy+iV4JIs 7lhw0YQQjK1zANR5P+L+Y7v5U6Udhg2hdP4zOWLA79AALosbWz2I9Ib5I8N2YhIq Hcz7e9ZOSUvA3iS+6MQ48EBnjx3s2j6Q1/CVGhv1SlwV9/6bmk0nX33OJWsbsA9J dhQHsyNhS5R/Uiuni73cV1iWFcgbUINaBfEgJs11XWEITLkxJZaSPhv1HCdDYy14 udGxZreUiJbdDvXORWN+NHT0s4YnFfHc4GBGnREkQxisNEqE0P3BjgVP8CmAWuaW EZBSNWq2Xd8vIY3JrTajz87nJt97fp6aMZlcp/AIoaRhn7DWwTk0LZpsQfI2awk2 wGwRcl+MS9WpGDTUfE+mUoEmW3zuODmvRVa74mLIcRmWlcyU+3/UHAHwZU4QQmn1 9zxOqzUoCsbIj1lSdYAL+GVpvkmTa2EqqZ+PoRT45N3+Zv9TOgn3pkD0lpj8WQ7E oqlwchkGaChzHIjRUaKd =ptXU -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to debian-devel-changes-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/e1vsze6-0004te...@franck.debian.org
Accepted duo-unix 1.9.6-1 (source amd64)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Mon, 16 Dec 2013 12:03:08 -0800 Source: duo-unix Binary: libpam-duo login-duo libduo3 libduo-dev Architecture: source amd64 Version: 1.9.6-1 Distribution: unstable Urgency: low Maintainer: Kees Cook k...@debian.org Changed-By: Kees Cook k...@debian.org Description: libduo-dev - Duo Security development libraries and header files libduo3- Duo Security library libpam-duo - PAM module for Duo Security two-factor authentication login-duo - login wrapper for Duo Security two-factor authentication Closes: 727363 Changes: duo-unix (1.9.6-1) unstable; urgency=low . * New upstream release. * watch: updated for new upstream location. * control, rules: enable autoreconf (Closes: 727363). * control: bump standards version, no changes needed. Checksums-Sha1: 2016edc9edb0ce060d34a0b4a7e109ea095d4480 1913 duo-unix_1.9.6-1.dsc 02f2d28af55872c278df8b99d2e8503098504583 456882 duo-unix_1.9.6.orig.tar.gz 22f29272a4311f58b27ea6fd24e24d1e16d238bf 8617 duo-unix_1.9.6-1.debian.tar.gz 8834967abb1fc93759f8a2a148ebf2d992b0157c 16028 libpam-duo_1.9.6-1_amd64.deb d5c9f9aea6fd1a884475157b462a4d359fdb88be 16856 login-duo_1.9.6-1_amd64.deb 519a48b87883f530206dc1280dcea84475a43d49 35764 libduo3_1.9.6-1_amd64.deb acb9d097977a061f205bb232c52c36f6ad4394dc 7650 libduo-dev_1.9.6-1_amd64.deb Checksums-Sha256: 847e31df3157248fa923610e0d1637e36ec07a79ab8403c2ca619fb9a3472341 1913 duo-unix_1.9.6-1.dsc 9909a250a7a7db1008ed4eefddb705d35ee86fa9e040e618946e6256a956b20b 456882 duo-unix_1.9.6.orig.tar.gz e32b4cead919d19f95164e4d22362a452bac45c1f3022b7128a3286921563a94 8617 duo-unix_1.9.6-1.debian.tar.gz dfb716eab835d95aace0e64eb99dfe9142ac984f796f8af3736920a93eec6487 16028 libpam-duo_1.9.6-1_amd64.deb 23af7a494caff4b24b45335024224f86f0c0d185339b3a311644bd10184f5fa3 16856 login-duo_1.9.6-1_amd64.deb 716ac3e6e7a0cdd8bb4f6bb79f7841eded5ab478dd1524059764d1451f61f8f8 35764 libduo3_1.9.6-1_amd64.deb 30dff71b52c31dba87ea6a9da2acdd2a6da1662e56d72bb383270fd4d39847a0 7650 libduo-dev_1.9.6-1_amd64.deb Files: 419b3c60a664be4ccf5a0de103bf980e 1913 libs extra duo-unix_1.9.6-1.dsc 5aba06a07bac30c202822f7b8ef8b300 456882 libs extra duo-unix_1.9.6.orig.tar.gz 1df3b23da99b31ea43b07a2fad93abf5 8617 libs extra duo-unix_1.9.6-1.debian.tar.gz 2fd6468c4dfb0a335bfb356ffe9c985b 16028 libs extra libpam-duo_1.9.6-1_amd64.deb 030087b5739b34866d60d6f4fb42a678 16856 admin extra login-duo_1.9.6-1_amd64.deb c3b6a6fb22294bb23ecc23467df41170 35764 libs extra libduo3_1.9.6-1_amd64.deb 0f8a4e7b75d7c0f636bf1b5e11743796 7650 libdevel extra libduo-dev_1.9.6-1_amd64.deb -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.14 (GNU/Linux) Comment: Kees Cook k...@outflux.net iQIcBAEBCgAGBQJSr3HRAAoJEIly9N/cbcAmjxMP/jyT2YuCmuPGlqPiyKDidh3M b9BXDETmPIkEvno49gi5XX90qUHxXm9rZYTzha11SRybRdN3z5TDNl22eB9LD5A9 4epkpaxbgyBSPVoKu135sLJsTGM1NMCr42ynpqYvFtYEVOxPcPAnHOuqmLYTMiCl a0n6P/NdgRKG9nTbf3ARm7eMpu9g0uyRD4u3jIdC/u+GiJY5TEvKzt+Qb8UKdUGh gs5pedWkAr7xdViliWvCq622hNODGM68zsAXUpJe8oWeI4zeR5jkHTLsowgQ872/ rHRlJeHkAoaE3MQweoFOO3mFBiJB7iAfl4SARRAo6A5ESSv618oIgt5GsGGRT9h5 Muz6Ka+iY8S5WtB07i1Q9Ruw2cL73l+ge1jcp64tpz7T5Uajd9MRAyB1zRlbLVRp fWXM1ub5vA8AihFBr+jVZxfOZ4/sPO+esaP5cjN6cz17+LgbOgNya8Y5EF6TFXlH oeyIqAIP7ChHB/LSN/12l4zW4N1I/1VZf39eyz8W/ZLyD3pJlWUMfS4O6eS0gRAa TCKlzZr/ngUYEoRIpcF/i9UNqayAjYkeSr8nOP+Z5AMhFAnGiCvDOCVuuMTTmKLy Ur9J5f7IFI9p0CQwp66/7qUt/uOvFPQsvY3ptT/FzmJVIjoiUloFhbP52VAaFKGQ w3VW0OUE6NleFdQrV5Pv =NMfw -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to debian-devel-changes-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/e1vsg2o-0008re...@franck.debian.org
Accepted apparmor 2.8.0-3 (source amd64 all)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Fri, 13 Dec 2013 11:14:54 -0800 Source: apparmor Binary: apparmor apparmor-utils apparmor-profiles apparmor-docs libapparmor-dev libapparmor1 libapparmor-perl libapache2-mod-apparmor libpam-apparmor apparmor-notify python-libapparmor python3-libapparmor dh-apparmor apparmor-easyprof Architecture: source amd64 all Version: 2.8.0-3 Distribution: unstable Urgency: low Maintainer: Kees Cook k...@debian.org Changed-By: Kees Cook k...@debian.org Description: apparmor - User-space parser utility for AppArmor apparmor-docs - Documentation for AppArmor apparmor-easyprof - AppArmor easyprof profiling tool apparmor-notify - AppArmor notification system apparmor-profiles - Profiles for AppArmor Security policies apparmor-utils - Utilities for controlling AppArmor dh-apparmor - AppArmor debhelper routines libapache2-mod-apparmor - changehat AppArmor library as an Apache module libapparmor-dev - AppArmor development libraries and header files libapparmor-perl - AppArmor library Perl bindings libapparmor1 - changehat AppArmor library libpam-apparmor - changehat AppArmor library as a PAM module python-libapparmor - AppArmor library Python bindings python3-libapparmor - AppArmor library Python3 bindings Closes: 731358 Changes: apparmor (2.8.0-3) unstable; urgency=low . * Rebuild with pristine tree to avoid date skew in generated manpages (Closes: 731358) Checksums-Sha1: c40523011b897947fde675672834347aee639535 2768 apparmor_2.8.0-3.dsc 6f37e242cb427c85f5a7a126a22ff908e0d4b960 113571 apparmor_2.8.0-3.debian.tar.gz 2d3cc24a2b7142242da270e349635efb2756a976 321464 apparmor_2.8.0-3_amd64.deb 4e7f8c31b57e60364f6cd3045c09acea36c9eb42 113882 apparmor-utils_2.8.0-3_amd64.deb 6c3f35ed8efa8534a79f0ddcddf87426d26c2bf3 56530 apparmor-profiles_2.8.0-3_all.deb 71abc338310a135ed4c441a536a00c3bf46cf359 264636 apparmor-docs_2.8.0-3_all.deb 1176eb6d36d62cb3204aa7cccf81211d0a6cdee0 48532 libapparmor-dev_2.8.0-3_amd64.deb 353e8a202ccf41265019f47ac87327ed93547ea9 60424 libapparmor1_2.8.0-3_amd64.deb 778be22296e6eef1c22c27fbb751f64c212d4a6e 52774 libapparmor-perl_2.8.0-3_amd64.deb bf08e33cf8f01f7ae26c9fb59080828931bb02bf 40202 libapache2-mod-apparmor_2.8.0-3_amd64.deb 60195b0f60649d4a6fab5d017f094c7b4800c876 35390 libpam-apparmor_2.8.0-3_amd64.deb 5e4785650dfaffbf38f769f5c1be40771655b4be 39574 apparmor-notify_2.8.0-3_all.deb 05fb575253471b6593c26f06747404e72b4007a3 50544 python-libapparmor_2.8.0-3_amd64.deb ff755277d2f0395ce2f53c5c7985cbb5f04e8f9c 50284 python3-libapparmor_2.8.0-3_amd64.deb f57d0b2d42ab5199c93d45a7faa1af8b0e99fd12 35596 dh-apparmor_2.8.0-3_all.deb de564069a7ae7f1f879d9f8c93c06607f0879b89 45968 apparmor-easyprof_2.8.0-3_all.deb Checksums-Sha256: 37e0fe030e07d3a8387fa59d50f7505c86c4204d07030d3f4ac3d1fd7c409d6e 2768 apparmor_2.8.0-3.dsc ffb058b8c8f79423cec209f6ef8e6d8efbae878cfcbefc9b5bccaf807fb0398b 113571 apparmor_2.8.0-3.debian.tar.gz df8004eafb7ccf824ff092c8bbec583166784f2e848486e5331eba658713e436 321464 apparmor_2.8.0-3_amd64.deb 1ef26c3f1c78be9b5f5386070f3436a59d7a3feecd9582e8d9a3c994b2e44d59 113882 apparmor-utils_2.8.0-3_amd64.deb aa0a5003eab435a8862237900fa9f87f26cef0e4d09d5cc9eed01b2e8ddede68 56530 apparmor-profiles_2.8.0-3_all.deb 73df5d72d79d1fe004e47dc0e6cd7eb1dbc9d05c6c25295edfede59d9bcf35e6 264636 apparmor-docs_2.8.0-3_all.deb 7b04b51ccfe1fe3a8638f17d72da61851ee78487adf05cfc8615c212311099c7 48532 libapparmor-dev_2.8.0-3_amd64.deb 2502c527e4028c6f8c503d3d45e8ad3008956cde01babe4b55a11a4ea663f962 60424 libapparmor1_2.8.0-3_amd64.deb d9ae09f76a4c54499164c8d61ca9d11c0d756df8cd3c8f6e4e773d3a7ee3719e 52774 libapparmor-perl_2.8.0-3_amd64.deb 6f7ecbea1bbb50870578b4b8cec4842ae5a463f40ba78c28b60606385655f510 40202 libapache2-mod-apparmor_2.8.0-3_amd64.deb 70716d8b46798b504276332c8e5c4e59fa9a7822e18122fb3f1206e5a6aed41b 35390 libpam-apparmor_2.8.0-3_amd64.deb 8fb02cc50ab3065734bd48b247794f7adeb92c9dca8c9d4ea45a731c608774bb 39574 apparmor-notify_2.8.0-3_all.deb f8873e4845cf85bfe260d435d564ac9549a9b6bd19179a48a3a4bb2fb0a5 50544 python-libapparmor_2.8.0-3_amd64.deb d95ba17a63ff37606fed4a4d37f698b7c4b02decf40c683bdf7cf2eae662c582 50284 python3-libapparmor_2.8.0-3_amd64.deb f262fe1f4fc8c0197264540830d8b38900ff5d29e85ea11caf320ba88d275993 35596 dh-apparmor_2.8.0-3_all.deb aaadd9fdea836817f20c380a63326a6ea23302bf5cf78f73119672ee8227dd66 45968 apparmor-easyprof_2.8.0-3_all.deb Files: a15dee90a48c744bbf9496333760ebcf 2768 admin extra apparmor_2.8.0-3.dsc f03d24418f6b7e4835f6f833439e55d8 113571 admin extra apparmor_2.8.0-3.debian.tar.gz 5d0169ba212c19275857dbb719daffde 321464 admin extra apparmor_2.8.0-3_amd64.deb 682b1784f4ec323c9d90f1fbdb2a8f5c 113882 admin extra apparmor-utils_2.8.0-3_amd64.deb 7e6159913f2247b667ed44f5f6e27a95 56530 admin extra apparmor-profiles_2.8.0-3_all.deb 824d58ef4b253b4ec01fe4cb649f28a2 264636 doc extra apparmor-docs_2.8.0-3_all.deb
Accepted orbital-eunuchs-sniper 1.30+svn20070601-3 (source amd64 all)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Fri, 13 Dec 2013 15:07:10 -0800 Source: orbital-eunuchs-sniper Binary: orbital-eunuchs-sniper orbital-eunuchs-sniper-data Architecture: source amd64 all Version: 1.30+svn20070601-3 Distribution: unstable Urgency: low Maintainer: Kees Cook k...@debian.org Changed-By: Kees Cook k...@debian.org Description: orbital-eunuchs-sniper - anti-terrorist, pro-Eunuchs, satellite sniping game orbital-eunuchs-sniper-data - game data files for the game Orbital Eunuchs Sniper Closes: 727482 Changes: orbital-eunuchs-sniper (1.30+svn20070601-3) unstable; urgency=low . * control, rules: handle automatic autoconf updates (Closes: 727482). * Fix various lintian warnings: - copyright: fix GPL typo. - control: updated to standards version 3.9.5 (added Vcs fields). - control: switch from Conflicts to Breaks for file move. - control: drop leading article from Description. - snipe2d.sgml: fix spelling error. - orbital-eunuchs-sniper.desktop: add Keywords field. - control, compat: raise to dh to 9 for hardening options. - watch: created, though unlikely to ever trigger. Checksums-Sha1: 74b582699960756efb3b9f7f5b765254944f3640 2186 orbital-eunuchs-sniper_1.30+svn20070601-3.dsc beed4870fdefdafeb0f77822c9a1f4e1e402a028 21727 orbital-eunuchs-sniper_1.30+svn20070601-3.debian.tar.gz bb63f5a5d309e557d6928793e5166d2e1477e531 60032 orbital-eunuchs-sniper_1.30+svn20070601-3_amd64.deb 06c70d8b09cd6e36e8caae5117624afd9c5765e6 3870338 orbital-eunuchs-sniper-data_1.30+svn20070601-3_all.deb Checksums-Sha256: 5ee80427a5df030dec74f4e33cc5b50de031c25ddf8acd9ab8f040a159a7843f 2186 orbital-eunuchs-sniper_1.30+svn20070601-3.dsc 1c3ef7f75e7e968c5cb80606c43e29101272b31729dc7f8212d2667890b47f02 21727 orbital-eunuchs-sniper_1.30+svn20070601-3.debian.tar.gz d067cf15244f6ee8cab6270ebf09b10dafb11f4e0de237e8644546f39ce1cd05 60032 orbital-eunuchs-sniper_1.30+svn20070601-3_amd64.deb a1f00e99c3fac4d1fed1296c963261eb61381cdc797e5ebc9992a3f5d25622aa 3870338 orbital-eunuchs-sniper-data_1.30+svn20070601-3_all.deb Files: 4dd7a66f338245295dd89f776b45baac 2186 games extra orbital-eunuchs-sniper_1.30+svn20070601-3.dsc 395f6afd960ec5125104418b36c85ec0 21727 games extra orbital-eunuchs-sniper_1.30+svn20070601-3.debian.tar.gz fa11587d2f8b2e0d05b237ca45e3f711 60032 games extra orbital-eunuchs-sniper_1.30+svn20070601-3_amd64.deb b751e62cb425217022f9d864d627a966 3870338 games extra orbital-eunuchs-sniper-data_1.30+svn20070601-3_all.deb -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.12 (GNU/Linux) Comment: Kees Cook k...@outflux.net iQIcBAEBCgAGBQJSq6WiAAoJEIly9N/cbcAmiTcP/3Y0IYEY9zYdgmVg0aEXyfjB 4+aiDkQpyH1JpzESbB0YXFWu2AYiJRsp46EOC30s+2caWmSnD3Th1Uc2Tqeh7uji WWavrK1VMEapLVoym81k5cbQp0tQI56EKxzAp3j5ui8zpAcoKE2+GRG+0aGKhh04 0oBUC657l9eCm8DMK9q3gRBk8hWelt15iFBBlTdGqpm0JiDxWnPWblHH/kYzg+Fy 5f5oMVGwK/xDAc1Q27SbCiGLCm5q81/VNda+jXCAgUJYtgkW7GvadAk6ZADYeipf tSOYZxTMP/4/dMzJbn3bwCDatf0l8St93kGpmqyH/iEalzskyQmR/BVj8yPOj4Z3 E6aQ0IJlDjRytK4g500MvisQr7k1xARMhwpTaAU9CAox5X0B84yXftNvr7geiEHV TEvB0+zTiBHVW9l9qAtGiZ3mpJ48E4IHNewgGgRBc97xA7kOb5MfJBxNIwDBKSLz zT2seP2ct9N/Y8ibVkQvhApu7qkggwwmcUN7qB+CQZjs1PJTG0f75AnUX6U4Frhw zYswAvkPS9jUPC7gEEo30FyfjyfmKSkiVaYx890/Edk0Cus7CF5SX+rVvs3PyAxZ nMZTnM+vwHq/XCPiBbuOF6TCwe/p/IQS5+/m8TMrmo3HGySfV0BFu/OWygZTwTH5 j87R8KQYSlNQ68cR1GZC =nWph -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to debian-devel-changes-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/e1vrdbv-0008dl...@franck.debian.org
Accepted libdisasm 0.23-6 (source amd64)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Fri, 13 Dec 2013 16:32:29 -0800 Source: libdisasm Binary: libdisasm-dev libdisasm0 x86dis Architecture: source amd64 Version: 0.23-6 Distribution: unstable Urgency: low Maintainer: Kees Cook k...@debian.org Changed-By: Kees Cook k...@debian.org Description: libdisasm-dev - disassembler library for x86 code (development files) libdisasm0 - disassembler library for x86 code x86dis - Frontend to libdisasm Closes: 702262 727402 Changes: libdisasm (0.23-6) unstable; urgency=low . * control, rules: support autoreconf (Closes: #702262, #727402), thanks to Daniel Schepler. * control: bump standards, no changes needed. Checksums-Sha1: 1132489bc821f20d46d59821d854f8039b3c2f80 2002 libdisasm_0.23-6.dsc 6dc6aa018f42a39754574b2514e388025c22d22a 5062 libdisasm_0.23-6.debian.tar.gz 62b3fa77e3461d9b9ceaa10bb1c52f2c6e03cd09 67232 libdisasm-dev_0.23-6_amd64.deb 56e4959be8015ca7605298fb6efcfa9c10a1ff28 36372 libdisasm0_0.23-6_amd64.deb c5d4deb11ff7a8c7dcf68f294554d45134d7cb71 12686 x86dis_0.23-6_amd64.deb Checksums-Sha256: 576c7288395653bf3082e4a08db5215509eeaeae71b2de9099590a1224535981 2002 libdisasm_0.23-6.dsc 787deebb9026378ed6906a42f18bb83b85e9e3e469178e68d4d83522d11c4d87 5062 libdisasm_0.23-6.debian.tar.gz 9e80c094f62c12d300c544664b7f4c3d7ed46747f3e5f8c4b64a8df287020987 67232 libdisasm-dev_0.23-6_amd64.deb dc53bbe25618bd2dcbc6ab8a64be39e4bcff92f43b300930f6f632f6db7ad870 36372 libdisasm0_0.23-6_amd64.deb 4ba53ad5fb96a698a72098c9b95062ed26bcbee7be7ee56b240b8187abbe7980 12686 x86dis_0.23-6_amd64.deb Files: 194a50492b6f05b82e0f703aeda4b7a6 2002 libs optional libdisasm_0.23-6.dsc c866055aeeed719e246cf70bdc2efcf5 5062 libs optional libdisasm_0.23-6.debian.tar.gz b86e8edc0681f3245471b2a904566158 67232 libdevel optional libdisasm-dev_0.23-6_amd64.deb 683af710f334a21c5c3e10fa567a5352 36372 libs optional libdisasm0_0.23-6_amd64.deb 9c9b194b0e6d43c0e982bce0d2891d5a 12686 utils optional x86dis_0.23-6_amd64.deb -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.12 (GNU/Linux) Comment: Kees Cook k...@outflux.net iQIcBAEBCgAGBQJSq7D1AAoJEIly9N/cbcAmm6IP/jn3gRG1eH3PdyEfg25wAWzj 57blmz3/+b9Qh+KSKTQ1eb7Xeyw06jNg6Rsu/veP8kDQrHegM3pcNgNaAoi63lc2 fVvOpBCd7SluovGA5OmSC7+DL959xX+UKgNpuMh5Kx1mFBUSGcxevcp8ww4qGUrD LR4c0VqGJRmQZ8K4v7NA/ttiXy/Xp3r1q0twVbq6Bp2fjLvICZlg1nGv4MQ4cSfH fFcAyKUIeIQmEJQEc7d6D6LXv9AfXfR0UGOBIc4j0ObUg5okWDd51fAwzF4/2LS7 ye5Lfq7USJD/i5mUY8vz7pu8BoPy4oxpUE2Wa0zDj01gJaHT/uwOLICE4saLiLn5 JBGUAiSLUbaz5Tb3Nhsxa6FsLfIN6Mcg7FGvuJ/6OI/5Fv1dVn+VHrQbGBAFz+7N URqv+oLf2ZyMkOzUEK7FPom7qkPsKyOi53Xpi/6IB3T23usgu/Bc23GfzDNjX+4h +Zc0+LPE7jA53bAE1HHXcVHDSzT/Gv7QEadqUJ+D7QXyfMF6FMK8lmDK52SRI43y WmfFybgJ+U2g8YgOgssm5o1WUCfNpO9k+VFEVEHvvYG39of/iAuJNG0C6fgoTXi5 KdN5YkgRbpPJzWIAZQGzF0qaLmRuYgzJgUn3oBsYUPFOp0ou3bcHUNnTFBnRl8cg qCbr8prxEW1XRaaYAzW0 =HlOe -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to debian-devel-changes-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/e1vrdsb-00014i...@franck.debian.org
Accepted apparmor 2.8.0-2 (source amd64 all)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Mon, 02 Dec 2013 10:13:34 -0800 Source: apparmor Binary: apparmor apparmor-utils apparmor-profiles apparmor-docs libapparmor-dev libapparmor1 libapparmor-perl libapache2-mod-apparmor libpam-apparmor apparmor-notify python-libapparmor python3-libapparmor dh-apparmor apparmor-easyprof Architecture: source amd64 all Version: 2.8.0-2 Distribution: unstable Urgency: low Maintainer: Kees Cook k...@debian.org Changed-By: Kees Cook k...@debian.org Description: apparmor - User-space parser utility for AppArmor apparmor-docs - Documentation for AppArmor apparmor-easyprof - AppArmor easyprof profiling tool apparmor-notify - AppArmor notification system apparmor-profiles - Profiles for AppArmor Security policies apparmor-utils - Utilities for controlling AppArmor dh-apparmor - AppArmor debhelper routines libapache2-mod-apparmor - changehat AppArmor library as an Apache module libapparmor-dev - AppArmor development libraries and header files libapparmor-perl - AppArmor library Perl bindings libapparmor1 - changehat AppArmor library libpam-apparmor - changehat AppArmor library as a PAM module python-libapparmor - AppArmor library Python bindings python3-libapparmor - AppArmor library Python3 bindings Changes: apparmor (2.8.0-2) unstable; urgency=low . * Convert to dh(1) and Multi-Arch, thanks to Steve Langasek. - add r2240-find-libs.patch to find libraries during tests. Checksums-Sha1: 81db5918032626bd209eb47921e10072ab3659b8 2768 apparmor_2.8.0-2.dsc e358c75b326db03b3f6b9c4cbe14ea2880ccbc1b 113512 apparmor_2.8.0-2.debian.tar.gz 3abfb7730db538a3cc06d6c61908c61734f248eb 321544 apparmor_2.8.0-2_amd64.deb deed5553e158f7154c7dd508634525f76d4a84af 113610 apparmor-utils_2.8.0-2_amd64.deb a6c0040f8465810301c334cd114ca47887642ad3 56444 apparmor-profiles_2.8.0-2_all.deb 070920ad1d7e81751cd97e9ca22010597755d705 264542 apparmor-docs_2.8.0-2_all.deb c333e4d628b229f0df8a2d71043ef412b78659e5 48438 libapparmor-dev_2.8.0-2_amd64.deb 637fff0f864a36d576f01ca4547f1a6733b49db0 60380 libapparmor1_2.8.0-2_amd64.deb 8bbb18364b643d3483194d133600a928b8ab110f 52640 libapparmor-perl_2.8.0-2_amd64.deb 287864f856dedadb74fb99193742c586e328b78c 40112 libapache2-mod-apparmor_2.8.0-2_amd64.deb 0fc28f91ac341d3f6dd22de0acff857d4c1b29c3 35310 libpam-apparmor_2.8.0-2_amd64.deb 67057b5844d4115c7f78b97a130a2658a6e894d4 39518 apparmor-notify_2.8.0-2_all.deb db303a32fa8f0e0630193b48b47bfd6546ac84d2 50482 python-libapparmor_2.8.0-2_amd64.deb 7fc672d201afda15b55a1d8b96663c99efce7b5d 50190 python3-libapparmor_2.8.0-2_amd64.deb 35736037c72dc794711284e469ed40bbd80969fc 35532 dh-apparmor_2.8.0-2_all.deb f0ec692716764a9c27148595e80872afd61d009d 45882 apparmor-easyprof_2.8.0-2_all.deb Checksums-Sha256: 219f25bcebdfba5ebd600acc56689ced8da61d98eee589576e015e4fa38e29bb 2768 apparmor_2.8.0-2.dsc 9d2cfc8c6e223adb0b5aa38feb50f80cab91c75a8e365d48f64fd11595c47472 113512 apparmor_2.8.0-2.debian.tar.gz 6b01f6662abca4d96159493d621b27596854aa474969c6933b680540e0f9d74f 321544 apparmor_2.8.0-2_amd64.deb cc0a55f58caaa584c088e95c8b8bae4295c1cade290d7778973196978845201e 113610 apparmor-utils_2.8.0-2_amd64.deb a71f95258f319cc8d6b0b0ef8e37be7bc7b8577f6dcefa0a0fc2fe82605fc575 56444 apparmor-profiles_2.8.0-2_all.deb 6983023ac0a5201502d616b2bb92d56c1abd667a6f981f6088749a2a1d16c60c 264542 apparmor-docs_2.8.0-2_all.deb 93f4702f4e1e62ab638b134caa8fed7b5d0205e51cdeacba450b592fb97eea1c 48438 libapparmor-dev_2.8.0-2_amd64.deb 1f25e89d4ff32128e7488110aedb9e00ff63a3e5ca7453596a9bb8c4ae4971cf 60380 libapparmor1_2.8.0-2_amd64.deb 2787072377fea93aca0db03317c8e753f9e168fe1cb0794d22ed718e0b4deffe 52640 libapparmor-perl_2.8.0-2_amd64.deb f14c6ebc7092be8814d206aa484a12b61cbdfb53a6dd88659e4164ffd6f3335a 40112 libapache2-mod-apparmor_2.8.0-2_amd64.deb e768e6b0d2415b0fa9ca54d178d2ab439b42017b75013959645bf1c8f495b7dc 35310 libpam-apparmor_2.8.0-2_amd64.deb 0f69330f5b119ec7ce00e87560cda219178f8cf734c6d4b3c5b0dba0522e0b15 39518 apparmor-notify_2.8.0-2_all.deb 80e3738dfd1cc0fea1f7e96fb5bc4c86a3fb4cadc3f0e7398452149a63ce1ae6 50482 python-libapparmor_2.8.0-2_amd64.deb bb6e3f684c7401e2fd7b3d99fe4880f6bed8dcf5dac291949042c2f4a8576926 50190 python3-libapparmor_2.8.0-2_amd64.deb 73f964e9d663887d3e6955b8c5896ea4380dd21be37852bfa012b741d01900b1 35532 dh-apparmor_2.8.0-2_all.deb 51bbaefbd17aa2d8d980502b92e8d308d489679ce6897f75711281ab9c5fb527 45882 apparmor-easyprof_2.8.0-2_all.deb Files: dcd3c44c26200b9922e46f9ff99df290 2768 admin extra apparmor_2.8.0-2.dsc 2c306106e9997e5fa1fb9abb0d0a80f5 113512 admin extra apparmor_2.8.0-2.debian.tar.gz a25c6a0d40a9f3787ae0130cf939a862 321544 admin extra apparmor_2.8.0-2_amd64.deb b2a97a47ffef8d4eba1c036d35f82354 113610 admin extra apparmor-utils_2.8.0-2_amd64.deb 5e15f7f7317453212d19b6fc2e6713bd 56444 admin extra apparmor-profiles_2.8.0-2_all.deb 6fbbe3690eae1e7864f5c4b9f120da8b 264542 doc extra apparmor-docs_2.8.0
Accepted libseccomp 2.1.0+dfsg-1 (source amd64)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Sun, 06 Oct 2013 15:05:51 -0700 Source: libseccomp Binary: libseccomp-dev libseccomp2 seccomp Architecture: source amd64 Version: 2.1.0+dfsg-1 Distribution: unstable Urgency: low Maintainer: Kees Cook k...@debian.org Changed-By: Kees Cook k...@debian.org Description: libseccomp-dev - high level interface to Linux seccomp filter (development files) libseccomp2 - high level interface to Linux seccomp filter seccomp- helper tools for high level interface to Linux seccomp filter Closes: 721292 725617 Changes: libseccomp (2.1.0+dfsg-1) unstable; urgency=low . * Rebuild source package without accidental binaries (Closes: 725617). - debian/watch: mangle upstream version check. * debian/rules: make tests non-fatal while upstream fixes them (Closes: 721292). Checksums-Sha1: 4fa22ec29dc09f921438d5b1e445bcf46238396f 1921 libseccomp_2.1.0+dfsg-1.dsc 4c9211495e4385c8a1f43d7798a1b65d207675af 135060 libseccomp_2.1.0+dfsg.orig.tar.gz 1f65560cd568b843be9aefe54462ce798bcab0ea 4559 libseccomp_2.1.0+dfsg-1.debian.tar.gz 9c6309db52b5238cb580b639fa15c1a22677c0a1 23272 libseccomp-dev_2.1.0+dfsg-1_amd64.deb 0ce36a1dc7d928de7335761d7b53717284cb2f69 27200 libseccomp2_2.1.0+dfsg-1_amd64.deb be12ea9624b5d00c95cb1c43a18f58b6b2ac4e38 11184 seccomp_2.1.0+dfsg-1_amd64.deb Checksums-Sha256: 7d7ed9660a96b6e10ae879db9a18bb4997bfcca04e9d276e4b0606dd83ce5913 1921 libseccomp_2.1.0+dfsg-1.dsc b4dfc9f9a1638a4198410a20c4f6e6be1b830a64379ad921cb132fc0f0d0f7c1 135060 libseccomp_2.1.0+dfsg.orig.tar.gz fa0125c766e397b2cd4d25164472c0e09bfaf1a49e102d7f0a3aa16ae3f3459b 4559 libseccomp_2.1.0+dfsg-1.debian.tar.gz 6c6ed6fbaec76a1e99636b37a63be3e6c33f7470aba57f3a820ec45920545954 23272 libseccomp-dev_2.1.0+dfsg-1_amd64.deb 2fa15d26f48f0c38d17a8087aa78348dd4935135c09e7bfae4ae4e120ebd3968 27200 libseccomp2_2.1.0+dfsg-1_amd64.deb 18e81749b4e71666917c34d7f79c62d25854d0cb2dc3119c6a1adb8fe67ff5e1 11184 seccomp_2.1.0+dfsg-1_amd64.deb Files: 6bcd40be0cb2391440c248436432c8fd 1921 libs optional libseccomp_2.1.0+dfsg-1.dsc 2a5cb3273b1011030b06d7ab11c16baa 135060 libs optional libseccomp_2.1.0+dfsg.orig.tar.gz 6ec2d6dba9204a00c9e1f2d061483bbc 4559 libs optional libseccomp_2.1.0+dfsg-1.debian.tar.gz d6e9ff3c74ccdd435fe000f13f3d5ce2 23272 libdevel optional libseccomp-dev_2.1.0+dfsg-1_amd64.deb 616b9600aa3b8441609b4b49481849ab 27200 libs optional libseccomp2_2.1.0+dfsg-1_amd64.deb ff7e24b6f979ee2fead65ea055934be1 11184 utils optional seccomp_2.1.0+dfsg-1_amd64.deb -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.12 (GNU/Linux) Comment: Kees Cook k...@outflux.net iQIcBAEBCgAGBQJSUeiMAAoJEIly9N/cbcAmbQYP/ivEt7UKODz+Fe6D6PQCp1QD yH1owXUwskxKGGALk4jmWv8O08ad0mvqpPxF0XxN5AhsH9g8vTUkSHRq2ktbykoz t/0vrFO/5UA/IXY5zhyMZvfTObKBUAVz2ra0KRojMepdroM+N7J9xRqGb/EKWoBi TLA4klm/0GGQPezqpH2emveltW5T2knKTZacMC8y55dJQoc613sjukixFF/kInq2 nUvNl4QLzQGNfoMM6XNyMS/4YWx3K54LpDCIlJubBKddfBpmxOv+ityx5U/g6u7H AiBZfd9ASUa876XfkvOEXhGbUSz0bvsVgpLvv+x+C4rmYraStWk1js/6ipKzsacS u08YncBWySW9d5V6XgGLrh87VrCvagSSvuFpL/snIGX8oHcYbMGNcB/EeyUQdHPF OGvrJe9RFg3+NYeIvB/q02uIe1ixAaw1i39i3E6INXzYHVXLDoCMRDJIp7QCAqme 0TOOHGB0rOb5YGZTxu+/nuqdf50peL7I6/+1P17SJwDoN/G4HUjoFwiCf5Ehu6Nw rT7Ff2EjS4hL28ENnxLjJvN4ceJBnVpD/YY6a3omaJo03cv2AWe6Eay0y42j0RK8 vjgD+2R/340dWNoaat2zYH8woXODm4+lzuD5kaFKTqqaI0afo66aY0yptqzbjQD6 DIHRPI5m3fC/p072gHct =u02r -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to debian-devel-changes-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/e1vsxm1-00080l...@franck.debian.org
Re: think twice before enabling -D_FORTIFY_SOURCE=2 for C projects without thorough build-time testing
On Sat, Sep 21, 2013 at 02:46:34PM +0200, Bas Wijnen wrote: On Fri, Sep 20, 2013 at 10:12:16PM -0700, Kees Cook wrote: This is absolutely a bug in glibc. While the spec can say undefined, it is, in fact, not undefined. It worked in a very specific way for over a decade, so that's pretty well defined. ;) The fortify function has no need to change it. I strongly disagree. If I write a specification for something and an implementation of it, then the specification is what defines the behavior. If something is not defined, or even explicitly undefined, then that doesn't mean I have to make sure the implementation regularly changes just to make sure that I don't give users the right to use undefined features. Code that does undefined things is buggy, even if it works on some implementation, and no matter how long it has worked. In a theoretical sense, sure. In this particular case, why bother breaking it when it's a trivial 1 line fix? My original approach was to fix it in libc and do a mass bug filing. Everyone wins. If we want to reject the undefined behavior, we should modify the compiler to reject it. Seems to me it's a bug to even allow undefined behavior. -Kees -- Kees Cook@debian.org -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20130921150813.ga21...@outflux.net
Re: think twice before enabling -D_FORTIFY_SOURCE=2 for C projects without thorough build-time testing
On Fri, Sep 20, 2013 at 03:05:37PM -0400, Yaroslav Halchenko wrote: + -D_FORTIFY_SOURCE=2 to fall into the undefined darkness of C standard(s) in s*printf() functions (man 3 sprintf, search for undefined or NOTES). Original report https://sourceware.org/bugzilla/show_bug.cgi?id=7075 Yeah. It's disappointing. The fix for this was not ever integrated into Debian's eglibc. I asked to have it added almost 4 years ago: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=563637 Here's the list I produced of all the packages affected by this in 2008: http://lists.debian.org/debian-devel/2008/12/msg01079.html http://lists.debian.org/debian-devel/2009/01/msg00062.html Here are two patches in Ubuntu's eglibc that should still be in Debian: submitted-no-sprintf-pre-truncate.diff http://bazaar.launchpad.net/~ubuntu-branches/ubuntu/saucy/eglibc/saucy/view/head:/debian/patches/ubuntu/submitted-no-sprintf-pre-truncate.diff submitted-no-stack-backtrace.diff http://bazaar.launchpad.net/~ubuntu-branches/ubuntu/saucy/eglibc/saucy/view/head:/debian/patches/ubuntu/submitted-no-stack-backtrace.diff This is absolutely a bug in glibc. While the spec can say undefined, it is, in fact, not undefined. It worked in a very specific way for over a decade, so that's pretty well defined. ;) The fortify function has no need to change it. To mitigate this issue, besides reporting upstream, for now I had to disable this fortification with DEB_BUILD_HARDENING_FORTIFY := 0 preceding inclusion of /usr/share/hardening-includes/hardening.make Instead, if eglibc continues to remain unfixed, you can replace the buggy sprintf calls with the suggestions listed in my original mass bug-filing email above. -Kees -- Kees Cook@debian.org -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20130921051216.gn5...@outflux.net
Accepted hardening-wrapper 2.4 (source amd64 all)
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Format: 1.8
Date: Fri, 13 Sep 2013 12:46:03 -0700
Source: hardening-wrapper
Binary: hardening-wrapper hardening-includes
Architecture: source amd64 all
Version: 2.4
Distribution: unstable
Urgency: low
Maintainer: Package Hardening hardening-disc...@lists.alioth.debian.org
Changed-By: Kees Cook k...@debian.org
Description:
hardening-includes - Makefile for enabling compiler flags for security
hardening
hardening-wrapper - Compiler wrapper to enable security hardening flags
Closes: 679773 709105 709582
Changes:
hardening-wrapper (2.4) unstable; urgency=low
.
* debian/hardening-wrapper.{links,preinst,postrm}: add gcc 4.9 to
the diversion list.
* improve compiler not installed message (Closes: 709582).
* Added short option aliasas and stopped using $PAGER for man page
spewing, thanks to Jari Aalto (Closes: 709105). Left option ordering
how I prefer: grouped by function and long options first.
* hardened-{cc,ld,cc.1}: add new DEB_BUILD_HARDENING_DEBUG_OUTPUT for
redirecting STDERR debug output, if needed (Closes: 679773).
* debian/control: bump standards, no changes needed.
Checksums-Sha1:
458f5c537583bd6d2763d1da7eae778580307bd3 1860 hardening-wrapper_2.4.dsc
51a82e58fc5cb5e395a01791a4e0b04a1fcf72be 21082 hardening-wrapper_2.4.tar.gz
73a6384b860beb0035aa88a0432c83ac8b7e02ca 13440 hardening-wrapper_2.4_amd64.deb
84d6b6c5df901b5fa6395d0389a8eb51f6ea2443 17000 hardening-includes_2.4_all.deb
Checksums-Sha256:
b6e1686a2bf15801e7c4d70fb8ee05111ee7105a530680b2bde9befcd76555be 1860
hardening-wrapper_2.4.dsc
411248b1f89e512bd27f96cfaef2aac4fe5c50884ca0769ba94dd2b90bea5d5a 21082
hardening-wrapper_2.4.tar.gz
5b7ad4d8b43e250d33a5038f22bd4b65891673a2762bcab815f4f62cfc31fe89 13440
hardening-wrapper_2.4_amd64.deb
261aef7a816a05076905dc52d7bce105bea9566c88e3c4d77cdd23ba1a941aa6 17000
hardening-includes_2.4_all.deb
Files:
4c12d89568330bfe13de1d00895a106b 1860 devel optional hardening-wrapper_2.4.dsc
010fa131ab22022332998c2d2906ce5c 21082 devel optional
hardening-wrapper_2.4.tar.gz
b8d99207879bd98090696863722d341f 13440 devel optional
hardening-wrapper_2.4_amd64.deb
45d9fb6c78e623ecd38959c31b009149 17000 devel optional
hardening-includes_2.4_all.deb
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.12 (GNU/Linux)
Comment: Kees Cook k...@outflux.net
iQIcBAEBCgAGBQJSM3b6AAoJEIly9N/cbcAmXeoP+gL4CZg8gOH+IE59bQMa/KuE
/m9DomuCAkcZf/4iE6LeCh30fXCCx7Ei2eq4p4lgKACqFLhRVJSBopagSrmhzmSG
T0KkrILFPwWd+YgxVdTqe3yOQKxqwhGusoHQq8Vm/EoBkQROQO1doJ+0k1wUmttu
wOul6SHLuiR14QwEl36fSvGaRdqWTeeMBCEukurcQ5JMxuh93SejEyi/3mFArIle
8sPtbVya/bowBPSHbr7q7gL3xXiENG4n8NLfNf/Lb6/xcBVM+yM8ORFg/HvqZRML
vAe7rUmx75WlXkU5KxNLrDFY5h15r8azwZTe8xNNnrruE1+PcD+dDiJZuR1AGmPn
XiHJRnAMla8+ki+nbjh4XiH46euGdVTijhEYeLEe1Fqu2/AzyFwb3cvptflWUB0X
YAtwrptKaK7fm9dMdxxgJqBWy95u7Rfhm05uY5RISLfOa2wzCHGe2hcFirt6jFY/
aMaK8qbShaeisRqdF2DxGRYVJlxRDFiLsk6EqdtNKR5rismwlnZIhC11PbToDx22
aKo1334M8+l+NaQhaIlT+vun2/7HLBygPCUkJVHdQZAHLv0MNmQjDTo3gjo6u1rM
a/Z5FOjjy2QVmPSDQ2XlGyJjXCr5doXm2r6mtAC420nUzKDeKkTuDeaVBVQQzK6I
fzTsVn7TW64K058s0pqL
=vRNp
-END PGP SIGNATURE-
--
To UNSUBSCRIBE, email to debian-devel-changes-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/e1vkalh-0005ln...@franck.debian.org
Accepted libseccomp 2.1.0-1 (source amd64)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Tue, 13 Aug 2013 00:02:01 -0700 Source: libseccomp Binary: libseccomp-dev libseccomp2 seccomp Architecture: source amd64 Version: 2.1.0-1 Distribution: unstable Urgency: low Maintainer: Kees Cook k...@debian.org Changed-By: Kees Cook k...@debian.org Description: libseccomp-dev - high level interface to Linux seccomp filter (development files) libseccomp2 - high level interface to Linux seccomp filter seccomp- helper tools for high level interface to Linux seccomp filter Closes: 718398 Changes: libseccomp (2.1.0-1) unstable; urgency=low . * New upstream release (Closes: 718398): - dropped debian/patches/manpage-dashes.patch: taken upstream. - dropped debian/patches/include-unistd.patch: not needed. - debian/patches/testsuite-x86-write.patch: taken upstream. - ABI bump: moved from libseccomp1 to libseccomp2. * debian/control: - added Arch: armhf, now supported upstream. - added seccomp binary package for helper tools. * Added debian/patches/manpage-typo.patch: spelling fix. * Added debian/patches/build-ldflags.patch: fix LDFLAGS handling. Checksums-Sha1: 363d2b81eb69a8e7f900f14f3691860a23d9149b 1886 libseccomp_2.1.0-1.dsc 1e6c34ea7c89c3d9136f62379e317e9cf97870a7 216834 libseccomp_2.1.0.orig.tar.gz 3c1404683168d8f41c2c0677e0c0bb94bacfda17 4458 libseccomp_2.1.0-1.debian.tar.gz 6750bbb299656ef677db06a833b974d6bcebdfd3 23138 libseccomp-dev_2.1.0-1_amd64.deb f35cf5bef56ecea3a3e371c5ffa87a001c2c9ab6 27314 libseccomp2_2.1.0-1_amd64.deb b30b727d3ac2979226d7e76371453c83268a0dd2 11044 seccomp_2.1.0-1_amd64.deb Checksums-Sha256: 75146a438401f0c819ee25185590278c9705cbee80222b53ecfe0b2858a283ed 1886 libseccomp_2.1.0-1.dsc b0d6e4f0984e6632a04f0cf33c6babdb011674ba15ff208e196f037e0e09905e 216834 libseccomp_2.1.0.orig.tar.gz 81561ad145b40896171a8e822b88d73013aaf0bf8167b7c1a16d7be09b03b63c 4458 libseccomp_2.1.0-1.debian.tar.gz b089b3c384b90272cc87c60aececb2ec6e00c768671853680a3085cd67dcbd14 23138 libseccomp-dev_2.1.0-1_amd64.deb 2f38cd9e49343b5880a48a8eabd19acd1d50066ca1f7e48827b8d626ac129b25 27314 libseccomp2_2.1.0-1_amd64.deb b18c4d57d80f26b46cd29bb78ea5d070216605dfdde6c190d79a09eb95c50143 11044 seccomp_2.1.0-1_amd64.deb Files: ff31e87f02d4aa807af7f43e359709d5 1886 libs optional libseccomp_2.1.0-1.dsc 3961103c1234c13a810f6a12e60c797f 216834 libs optional libseccomp_2.1.0.orig.tar.gz 7ed0f1d9ff2f5ec8140df28ca1b8d87e 4458 libs optional libseccomp_2.1.0-1.debian.tar.gz cde257c073bdabc84a5164fb844377cb 23138 libdevel optional libseccomp-dev_2.1.0-1_amd64.deb 2df592c4a56b1105ae4facc0204fa69e 27314 libs optional libseccomp2_2.1.0-1_amd64.deb 1d1f2adf036c99c46df11579838da513 11044 utils optional seccomp_2.1.0-1_amd64.deb -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.12 (GNU/Linux) Comment: Kees Cook k...@outflux.net iQIcBAEBCgAGBQJSCetoAAoJEIly9N/cbcAm1UsP/3fMXOwVNBD6PThl+mrOsRb5 tpYP4BKefWQV+3MFkH5vqR+K0hhaVwBZPQ14ZQan5hktABICYEZqbMZJgZ7sI+Es LuXlM2VDb3HovewV3SY9V6K9cGonz7MuuG9ntL34L0BdeZpwqqowd7lGH5r7FhlG ZvhrM1Z5zI/oK8Z1xDAJKv2Nc+bcnxT8ZWA1myV/ggGZ2oTH+8/ra46K4Yl6A/Kl xqltr2KPfdBQHlxY3xGX66Dt+pncmvVHbKRNcRVUMe/3KE3NDUV3wu6+SP+lz/Bb zfavZIabTtaNYnGjDx/RDFYRfHza64wQXc8Ro5+EuAY8bxvpJeAXrQfCKkC/Xd2x c0pkAGk+hLqUbPZQQyg4olUq4U0e+U1ec5pcm+ezj4Rh9FUd7cDwl9GCs1CTS2xi Hx0mg9I57mKF2ky1nKSOxdOU6eYvyzgdKzdKvlxJNaP5PuPW0lP90vKLpv69Z7HR xRXTlzUUGGtzdS0it1Y8sWmLiPXcOK9nowlE+EZ+j+w2O4eXoVANOEXLRPRQb6gA DcLYR9azM0sLoN68qjYvFuK2EutH3duiuPDcQI7fQ42VSBpuCIOvvHEYbK8+NgJX ARTAimFgOLrKuvZYd6w5VIPMG4bJcQanN9w6rZCjXRUcvT5U7TFvzK5y+rDRg1yZ GNWeEJOhrc75zMMa0j6c =IFVt -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to debian-devel-changes-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/e1vat08-0008ay...@franck.debian.org
Accepted apparmor 2.8.0-1 (source amd64 all)
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Format: 1.8
Date: Mon, 08 Jul 2013 17:51:40 -0700
Source: apparmor
Binary: apparmor apparmor-utils apparmor-profiles apparmor-docs libapparmor-dev
libapparmor1 libapparmor-perl libapache2-mod-apparmor libpam-apparmor
apparmor-notify python-libapparmor python3-libapparmor dh-apparmor
apparmor-easyprof
Architecture: source amd64 all
Version: 2.8.0-1
Distribution: unstable
Urgency: low
Maintainer: Kees Cook k...@debian.org
Changed-By: Kees Cook k...@debian.org
Description:
apparmor - User-space parser utility for AppArmor
apparmor-docs - Documentation for AppArmor
apparmor-easyprof - AppArmor easyprof profiling tool
apparmor-notify - AppArmor notification system
apparmor-profiles - Profiles for AppArmor Security policies
apparmor-utils - Utilities for controlling AppArmor
dh-apparmor - AppArmor debhelper routines
libapache2-mod-apparmor - changehat AppArmor library as an Apache module
libapparmor-dev - AppArmor development libraries and header files
libapparmor-perl - AppArmor library Perl bindings
libapparmor1 - changehat AppArmor library
libpam-apparmor - changehat AppArmor library as a PAM module
python-libapparmor - AppArmor library Python bindings
python3-libapparmor - AppArmor library Python3 bindings
Closes: 666808 699774 711398 712370 714843
Changes:
apparmor (2.8.0-1) unstable; urgency=low
.
* Merge with Ubuntu changes.
- update to 2.8.0 release (Closes: 712370).
- handle Apache 2.4 transition (Closes: 666808).
- drop debian/patches/abstractions-X.patch (taken upstream)
- drop debian/patches/fix-network-rule-support.patch (taken upstream)
- updated debian/patches/pass-compiler-flags.patch (partially upstream)
* debian/control:
- fix typo in long description (Closes: 711398).
- removed duplicated Section entry for apparmor-easyprof.
- add missing python Depends.
* debian/rules:
- dh_apache2 must execute before dh_strip and dh_fixperms.
- improved repeat-build cleanup logic.
- dh_python needs to be called on all packages installing scripts.
- do not force python version 3.
* Add debian/patches/fix-font-abstractions.patch (Closes: 714843).
* Add debian/patches/raise-time-timeout.patch (Closes: 699774).
* Drop debian/libapache2-mod-apparmor.lintian-overrides (not needed).
* debian/*.manpages: move aa-exec.8 to apparmor from apparmor-utils.
* debian/apparmor-utils.dirs: drop unused directories from aa-easyprof.
.
apparmor (2.8.0-0ubuntu22) saucy; urgency=low
.
* Refresh easyprof
- drop 0034-easyprof-dont-add-vendor-dir.patch
- drop 0035-easyprof-update-manpage-for-sdk-base.patch
* debian/patches/0037-easyprof-sdk-pt2.patch: update easyprof for the
following:
- don't add vendor directory to self.templates and self.policy_groups
- utils/aa-easyprof: adjust error message for manifest read failure
- utils/aa-easyprof: adjust to use EnvironmentError on failed read of the
manifest
- utils/apparmor/easyprof.py: clean up set_template()
- utils/apparmor/easyprof.py: read_paths should use 'rk'
- utils/test/test-aa-easyprof.py: adjust tests for above
- utils/apparmor/easyprof.py
+ valid_path should verify os.path.normpath(path) == (path)
+ adjust valid_profile_name() to start with alpha-numeric and allow
Debian source package names and version, plus '_'
+ adjust tests for above
- update valid_variable() to check for valid_path if '/' is in the value
- adjust valid_path() to have a relative_ok flag (default to False)
- adjust valid_path() to verify path is same as normalized path
- add some valid_path() test cases
- adjust to always quote template vars in policy output
- add a couple tests that have spaces in the binary and template var
- update manifest JSON structure to use
m['security']['profiles']['profile_name'] instead of
m['security']['profile_name']
.
apparmor (2.8.0-0ubuntu21) saucy; urgency=low
.
* Apache 2.4 transition (LP: #1197617, Closes: 666808). Based on patch from
intrigeri
- debian/control:
+ Build-Depends on apache2-dev and dh-apache2 instead of
apache2-prefork-dev
+ adjust libapache2-mod-apparmor to not Depends on apache2.2-common
+ adjust libapache2-mod-apparmor to Pre-Depends: ${misc:Pre-Depends}
- create debian/libapache2-mod-apparmor.apache2
- debian/rules: adjust to use dh_apache2 --noenable
- debian/libapache2-mod-apparmor.maintscript: remove old prefork profile
- debian/libapache2-mod-apparmor.install: install new usr.sbin.apache2
profile
- debian/libapache2-mod-apparmor.{preinst,postinst,postrm}: update to use
usr.sbin.apache2
- debian/libapache2-mod-apparmor.postinst: remove the disable symlink for
old prefork profile
- debian/patches/0036-libapache2-mod-apparmor-profile-2.4.patch: update
Accepted libseccomp 1.0.1-2 (source amd64)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Wed, 23 Jan 2013 13:11:53 -0800 Source: libseccomp Binary: libseccomp-dev libseccomp1 Architecture: source amd64 Version: 1.0.1-2 Distribution: unstable Urgency: low Maintainer: Kees Cook k...@debian.org Changed-By: Kees Cook k...@debian.org Description: libseccomp-dev - high level interface to Linux seccomp filter (development files) libseccomp1 - high level interface to Linux seccomp filter Closes: 698803 Changes: libseccomp (1.0.1-2) unstable; urgency=low . * debian/rules: enable testsuite at build time, thanks to Stéphane Graber (Closes: 698803). * Added debian/patches/include-unistd.patch: detect location of asm/unistd.h correctly. * Added debian/patches/testsuite-x86-write.patch: skip the write syscall correctly on x86. * debian/control: bump standards to 3.9.4, no changes needed. Checksums-Sha1: 60e4ff37f9e7acd0413568e8feb32513949adb72 1843 libseccomp_1.0.1-2.dsc 59d32c1382a25590bec7cc975b689b81e560cae7 4837 libseccomp_1.0.1-2.debian.tar.gz ba4de201f6cd169a4ef2d5edcdf549310f42ce27 17204 libseccomp-dev_1.0.1-2_amd64.deb 86bc9080ce147eefda0a32f32cd403f1bb047276 30458 libseccomp1_1.0.1-2_amd64.deb Checksums-Sha256: 7c277a6e93ca4db8cdb070fad23fae2751c555ee2d515048470717ddc7197475 1843 libseccomp_1.0.1-2.dsc 362acbfdc6bfd7fef3347235dbf82cbc11fa26b8a00f29cb941ab1322ea1b97c 4837 libseccomp_1.0.1-2.debian.tar.gz 13d447d5efb1d01e47c4ec44adb49a89334720a8c029795157fd3ff316eeb9ee 17204 libseccomp-dev_1.0.1-2_amd64.deb f93cf5971ab57809a50e60832674924763ce6e7cd9360570bd89a5eaf3af1e98 30458 libseccomp1_1.0.1-2_amd64.deb Files: 738f167a4d527246b5d4b71187d83b31 1843 libs optional libseccomp_1.0.1-2.dsc 0299cedf9c0dcbc380340d93abc60c5c 4837 libs optional libseccomp_1.0.1-2.debian.tar.gz 5c4cb8a6782b34dbc932f058a1321722 17204 libdevel optional libseccomp-dev_1.0.1-2_amd64.deb 754fa80ea5942945001553df58a089c6 30458 libs optional libseccomp1_1.0.1-2_amd64.deb -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.11 (GNU/Linux) Comment: Kees Cook k...@outflux.net iQIcBAEBCgAGBQJRAZuRAAoJEIly9N/cbcAmUawP/iO2Fmdd4NaPOc6APHlNQ/82 x7JF+UrN4ndUVvVgqnXGUEY3VO94qiIKYyOh5bmgNt7Ek69nu2gW719wV9PEXEZy vEv2a90Y//twlslTkpkMPusLjwoUC4tm2UnI2yFRXllwuCEfPy1D48M89oegX/5F E0wW33NYsGAnrCiTO3eaByLAMpaJ/X3Elmy4SRDj/uEd/S6ayhvb+1YN08NjdNCf tL+8TFP+pxoQ+g20YoHO2y1TygemStF2uF3gFEz/T2VS5Ns+jrdsZ2le7wEDacDw SG1NSQM8VXsqDMKEOfGVLrLn5YTcjt/rAywFNWfv52k5IswQjDnrIPV4nPXSRgWe xsCxJ9qM5rK9gcXWsBcpf4lIw3PwN7aKA0UZkfbfDbU1eW+FaTRUQx78hkhbr/jF j2lCkOT2EaHxhgZbZLgGKSAeZocYmTvJWCiKRxkRxVRgYSsapvU36IKlb0KfF13T rRoKybQUvhp+1asQr94a8lKPH5+OJm3KoLEt+tZ1Tq3ltXWStOHaI0knEj0QK9uI xVUW7tuOFQYp3Mz6cBl5FYhBWKNLPRMCJ+zHMj+/tuo8us9ZELDLa1pCDwk245lw dM6WEHyZ6i/8IajZtd96U5elia7lMtkz4J4nj+nv+L8qmOl6bujCLT1uTZqb/UnA 06rPbE/cqny6T8hl8KUM =CS8O -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to debian-devel-changes-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/e1tythp-0003pi...@franck.debian.org
Accepted dosemu 1.4.0.7+20130105+b028d3f-1 (source amd64)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Sat, 05 Jan 2013 08:54:42 -0800 Source: dosemu Binary: dosemu Architecture: source amd64 Version: 1.4.0.7+20130105+b028d3f-1 Distribution: unstable Urgency: low Maintainer: Kees Cook k...@debian.org Changed-By: Kees Cook k...@debian.org Description: dosemu - DOS Emulator for Linux Closes: 691277 Changes: dosemu (1.4.0.7+20130105+b028d3f-1) unstable; urgency=low . * New upstream version, export from git b028d3f: - drop debian/patches/spelling-fixes.patch: taken upstream. - drop debian/patches/manpage-dashes.patch: taken upstream. * debian/copyright: add a note about why dosemu is in contrib (Closes: 691277). Checksums-Sha1: 85342ef86e29e172bad4d0369f7faa52b4cb11b7 2419 dosemu_1.4.0.7+20130105+b028d3f-1.dsc 00fa89149d7fd7925f294bcc73c1662849d07842 4471840 dosemu_1.4.0.7+20130105+b028d3f.orig-freedos.tar.bz2 e09770b8a1c50ec8a215cd78319c149313aab6ba 1976473 dosemu_1.4.0.7+20130105+b028d3f.orig.tar.bz2 63efe22a96e9ed30afcb0067b7c2e93122aa7565 21432 dosemu_1.4.0.7+20130105+b028d3f-1.debian.tar.gz 6e42f9253c75b0b21e6756bde71f8c246f531d2a 2548958 dosemu_1.4.0.7+20130105+b028d3f-1_amd64.deb Checksums-Sha256: 3eecd93a898c61126685d2d5e3dca4e7132db5a4d157388b40ef6fd9b1f9c080 2419 dosemu_1.4.0.7+20130105+b028d3f-1.dsc 1a5ffdd7f061bf4641e078c96ab9d1b388efe7ddcbe0f050e82e75d53f72cee7 4471840 dosemu_1.4.0.7+20130105+b028d3f.orig-freedos.tar.bz2 30dec5ae8aa601de604027b035b0441c7262d1bddd9bfd046566743b058923dd 1976473 dosemu_1.4.0.7+20130105+b028d3f.orig.tar.bz2 7eb1de9a0950f563aaf84cd82dafb3533ae5e0ee28c83bbd9d255462416b012d 21432 dosemu_1.4.0.7+20130105+b028d3f-1.debian.tar.gz 89967ef09c09738f0eb20866113f434152a583a3f26fddf422a42474769e8658 2548958 dosemu_1.4.0.7+20130105+b028d3f-1_amd64.deb Files: 6d265543135350107cb3dfca993b84e9 2419 contrib/otherosfs optional dosemu_1.4.0.7+20130105+b028d3f-1.dsc c5f0895fbcd57b1682ee623694d74eba 4471840 contrib/otherosfs optional dosemu_1.4.0.7+20130105+b028d3f.orig-freedos.tar.bz2 fbf187f0a8f149135a4b9f4727ad01d2 1976473 contrib/otherosfs optional dosemu_1.4.0.7+20130105+b028d3f.orig.tar.bz2 7fd2c2c8920ca572e33206c3b3497178 21432 contrib/otherosfs optional dosemu_1.4.0.7+20130105+b028d3f-1.debian.tar.gz 0722f3593039ed9dea8f2726469ebbea 2548958 contrib/otherosfs optional dosemu_1.4.0.7+20130105+b028d3f-1_amd64.deb -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.11 (GNU/Linux) Comment: Kees Cook k...@outflux.net iQIcBAEBCgAGBQJQ6MvfAAoJEIly9N/cbcAmZYEP/2mpeHq1MsWyhhOFL5UwhtOr JH4jZ4vrvhRCOVj5NlLPYRV+XS+h6Ws2TTWKgiQcPnMNXprA6Sav1Msw7jGNWpq4 Nx8hMfy/M51RsPGtE2uaZ36qpbRkGX43uQX+u7g7fPBKwDKtc8+U2FFDSDM0sjOU hbt2wHyeAlYXrk6yzHsZUfuUeTGUNoNKkTKILrbzzPkyzHnsh9yuQVmttyu5j6oU eXgWAjhA5p/cC1t83T/YpxYC0A8E7zM9JdHrJ+A13C1M0sma1RZRsj7+fGSxPyY8 z97Ui5oJP9Zjks58UWDGe3qDmFrqqY7+j8cVOtX2Tv+0gGXmyyDfsT7LFwowC1M0 8awZYZ559WW0GRXjWbmRp65sz4+itWKBu8ijzDn2kVQ0b9TBGnlG3uLqtjHUYxrQ VN0zrbgpJcfykJcDOUZ0TnczvzidGBvR2mSslMuB0U+KHo5ho4Lx6DseE6Hh9SgP h1aK7ACSGY0X0GJRaBiUiQi+3MrrNK5PyohTbdgEJP0QAnbeHB/2rebzgG89vQWB tsCQxYJ7Sn7/Jdwq4UCUHWPWiaZNdtx7IgiV18iJb5ZRujO41buGvgntC6Us82Ta BvBlNg8+gf4uiwhvhbeNAC0wixZiyXGJwmhwo/QSDEDdxBw5RKEnY/NSj0T73Srt HOtWIg11ENoKQidRd24X =9EMx -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to debian-devel-changes-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/e1trerp-0003zr...@franck.debian.org
Accepted scantool 1.21+dfsg-4 (source amd64)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Sun, 23 Dec 2012 10:15:51 -0800 Source: scantool Binary: scantool Architecture: source amd64 Version: 1.21+dfsg-4 Distribution: unstable Urgency: low Maintainer: Kees Cook k...@debian.org Changed-By: Kees Cook k...@debian.org Description: scantool - OBD-II vehicle diagnostic scanner Changes: scantool (1.21+dfsg-4) unstable; urgency=low . * debian/patches/scantool-linux-build.patch: update to include path to codes file, which should not be static. * debian/codes: add vendor-specific DTC code lists to available codes. * debian/patches/multi-code.patch: handle duplicate codes and report code origin as a prefix. Checksums-Sha1: 272599d82ebe6ed8d93c389a1fc68b42d88c6e8e 2116 scantool_1.21+dfsg-4.dsc 51f40d0e1ef5e0072ff6abe93601dadf25586b57 53591 scantool_1.21+dfsg-4.debian.tar.gz 0c11435d79f657c5ae46d96bcfdf8ae7741c20d5 188536 scantool_1.21+dfsg-4_amd64.deb Checksums-Sha256: 7688d6a316840ffedbb18d8f627566483871b07dbb17bb72db6e570bb9e06f7c 2116 scantool_1.21+dfsg-4.dsc e4fe79c7747a8700b6aed16edb1ff957914caf61e130242c63c66fcee765651b 53591 scantool_1.21+dfsg-4.debian.tar.gz b4c5b40ffa965904ac2d9bb5637e7d4a6b74abd9fc95bc06c3aee68b7c4c54ec 188536 scantool_1.21+dfsg-4_amd64.deb Files: 9f0aacb512f48edfa290e98325d23610 2116 electronics extra scantool_1.21+dfsg-4.dsc 24042997eaf6a7cdfcc951ac85bb1b3b 53591 electronics extra scantool_1.21+dfsg-4.debian.tar.gz 09759733c060ab61100302c39f1305a2 188536 electronics extra scantool_1.21+dfsg-4_amd64.deb -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.11 (GNU/Linux) Comment: Kees Cook k...@outflux.net iQIcBAEBCgAGBQJQ2KXhAAoJEIly9N/cbcAmBowP+QF9zMbyDFCCfvANJhUT3/vQ GpIRnIFIbZrQa/4oemVUOzgT6c2G7LOGXzCS3iH638aogtBEyXUP+Ivzyle/1MKk rDBmkEd1sEJj0izx1N+j0pyDA3xDwgoEcJIQQLIUT8gK9zyzz+4ETQ3Gql395Ear RNPqsTW3lbVIgbmSKlPJ6jvaFmLvEnn2J8xM6TERvbB/jTkfANqJ+XpqL7CmDsr5 8TCc7hNmyraa4+mxge8rXj7cwPc0pvLaH70bUs8ZrXDu6i0Fp7Io6w9wDAYR/T/J 5DgBwH+TN7tYixgTRJdVOdvvZTwaww9ksuGYmOYHLwuVs0/B4bI/WcZbQ5umjM3N OQT9QCf0lFMI+8pZeX2agw/ZD7frU2TTw0NYXy6qzhZjy4VmaXlkPKJ2dEAtFBn+ FfynOFdT6UdpaB6ckKkp+Ku4GL85JkpIBeEW63Qciv/87mfdtACPU82e5dkP9MCV qZ8dMdkc7/4/DBKQa/RGTOUCFfuQ/O/PoC5dFu/6RegN3/lDNeWv9D+NyV8dG1j3 7LpOdYC8v5YSF3HkC9wHg3ufp/AzSNFE0GjsUVtpCJdO66cmrT34Vz5BKMOfik8x 2bVubbXz5w90eahOapnnsJdT7jV9OB7KNrpI2oE/TZHM0KC7rhU6WixLIy85CUU7 0e7OENMp3va+tDnLRgaq =En67 -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to debian-devel-changes-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/e1tndwl-0005jr...@franck.debian.org
Accepted freeradius 2.1.12+dfsg-1.2 (source amd64 all)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Sun, 16 Dec 2012 12:44:35 -0800 Source: freeradius Binary: freeradius freeradius-common freeradius-utils libfreeradius2 libfreeradius-dev freeradius-krb5 freeradius-ldap freeradius-postgresql freeradius-mysql freeradius-iodbc freeradius-dialupadmin freeradius-dbg Architecture: source amd64 all Version: 2.1.12+dfsg-1.2 Distribution: unstable Urgency: high Maintainer: Josip Rodin joy-packa...@debian.org Changed-By: Kees Cook k...@debian.org Description: freeradius - high-performance and highly configurable RADIUS server freeradius-common - FreeRADIUS common files freeradius-dbg - debug symbols for the FreeRADIUS packages freeradius-dialupadmin - set of PHP scripts for administering a FreeRADIUS server freeradius-iodbc - iODBC module for FreeRADIUS server freeradius-krb5 - kerberos module for FreeRADIUS server freeradius-ldap - LDAP module for FreeRADIUS server freeradius-mysql - MySQL module for FreeRADIUS server freeradius-postgresql - PostgreSQL module for FreeRADIUS server freeradius-utils - FreeRADIUS client utilities libfreeradius-dev - FreeRADIUS shared library development files libfreeradius2 - FreeRADIUS shared library Closes: 694407 Changes: freeradius (2.1.12+dfsg-1.2) unstable; urgency=high . * Non-maintainer upload. * Fix expired passwords when using the unix module (CVE-2011-4966, Closes: #694407). Checksums-Sha1: 4b889f7708699b6d332515d05e2a71e79269f4c9 2753 freeradius_2.1.12+dfsg-1.2.dsc c8ccd34d4f69cb1cc5514a9b41275742d6d27147 32431 freeradius_2.1.12+dfsg-1.2.debian.tar.gz 26f52e1238eae32d23084ff3dfd5185e75d112a2 720186 freeradius_2.1.12+dfsg-1.2_amd64.deb 50dc6812617ee5f4828ac39918b4c2b0576e2f39 103716 freeradius-utils_2.1.12+dfsg-1.2_amd64.deb 72f5baf3fadaa4948d04d6c44a848a635992d57f 120460 libfreeradius2_2.1.12+dfsg-1.2_amd64.deb 065f4ed0ae6faa91cc727d0ce18e9e4213219b95 161422 libfreeradius-dev_2.1.12+dfsg-1.2_amd64.deb a07c1b7632f109b856ab9ef1b45f164f5834bfac 39280 freeradius-krb5_2.1.12+dfsg-1.2_amd64.deb 1e16997ffcf84f78889cab8e803ccf41ecb522fa 58612 freeradius-ldap_2.1.12+dfsg-1.2_amd64.deb 8c9d21b6ff974a37b630dd661f31d5c0868bd09c 58618 freeradius-postgresql_2.1.12+dfsg-1.2_amd64.deb 5e1c62bd50d2d5b487820d742ea9a2698ec010e4 47588 freeradius-mysql_2.1.12+dfsg-1.2_amd64.deb 638cd456a949bcc5b364efdeec7723ec310e32de 38614 freeradius-iodbc_2.1.12+dfsg-1.2_amd64.deb 7c2df1d833b2fb44d89485c409fdb99c2f93d38e 1725182 freeradius-dbg_2.1.12+dfsg-1.2_amd64.deb 39bd96a8ad42706e8109f678e95da91369256f5f 273376 freeradius-common_2.1.12+dfsg-1.2_all.deb 4977b74bc5b9b269cc2fb374e2f0055f6b65330a 138946 freeradius-dialupadmin_2.1.12+dfsg-1.2_all.deb Checksums-Sha256: edd76a58e14b5e11bf2a4c79906c4a26b52ca6b35f8feb722fd2919d8976950f 2753 freeradius_2.1.12+dfsg-1.2.dsc 14bf0ba884c85cc71d20eb88f3491212f998c8f9bb2b7db14917a7501f329d87 32431 freeradius_2.1.12+dfsg-1.2.debian.tar.gz 8cf6f1e98e10d044474214485ad9d610afe55709b7042916bcc07e5706c1a948 720186 freeradius_2.1.12+dfsg-1.2_amd64.deb d01bf68e904efdd83621d9b26896355204d109737c48bcd69430cdcbd465f99a 103716 freeradius-utils_2.1.12+dfsg-1.2_amd64.deb cd1057e174d4c82031f223e139a9d40592b0f83d3a4c7c03f85071a2051f3aa0 120460 libfreeradius2_2.1.12+dfsg-1.2_amd64.deb a1de3213e36af4c049bf7e5c089154f31d2b05e9570cd4226623bbd6b3bbd817 161422 libfreeradius-dev_2.1.12+dfsg-1.2_amd64.deb 448f76ff7d7ab4d782edb39d2d145c4bc95511db75879c5696ffcce42b46851d 39280 freeradius-krb5_2.1.12+dfsg-1.2_amd64.deb a4edeabf61bf872e2b43d99120a413063e09c4f0a17af914a13267400c6b8ccf 58612 freeradius-ldap_2.1.12+dfsg-1.2_amd64.deb 6912084229b7f0123186ce4a0e68f0a53e5793d64dccbad55f2d02304ef407ae 58618 freeradius-postgresql_2.1.12+dfsg-1.2_amd64.deb de6c4f3512b7023ea0825ca99e7acb9b429aa9b61fac2d621545ad47f0d14442 47588 freeradius-mysql_2.1.12+dfsg-1.2_amd64.deb f5d7a59452c370d39bca8ab78a5077a2c30bc3214a7adb8c06fa8d8929f46b9b 38614 freeradius-iodbc_2.1.12+dfsg-1.2_amd64.deb cb09cec62160d4d1276cc25777d733563e6584dfbcf168085d2eace0c28c5bc5 1725182 freeradius-dbg_2.1.12+dfsg-1.2_amd64.deb b8d31bc82861232296792d0976026c7f46df1683c8ff2c14f24904ea0e96b617 273376 freeradius-common_2.1.12+dfsg-1.2_all.deb 4cacd8e6d3c81380f953c6cd3bc56e570bf58aef1d1a31de1bf77b9f6ff4cac0 138946 freeradius-dialupadmin_2.1.12+dfsg-1.2_all.deb Files: 956430d7333e68cacd7c38c1457236f8 2753 net optional freeradius_2.1.12+dfsg-1.2.dsc 7bd372402aff1dc9ed8542d9db92e7c5 32431 net optional freeradius_2.1.12+dfsg-1.2.debian.tar.gz c8c9c6d0d4b2aaecb772d1f822ea5e3a 720186 net optional freeradius_2.1.12+dfsg-1.2_amd64.deb 09504c8ed58d8eb7bf3bdcad9f217683 103716 net optional freeradius-utils_2.1.12+dfsg-1.2_amd64.deb deaf904633984a84dec3a09ab8942b49 120460 net optional libfreeradius2_2.1.12+dfsg-1.2_amd64.deb 948f6a6e3320cd1d039f4c091fe080d7 161422 libdevel optional libfreeradius-dev_2.1.12+dfsg-1.2_amd64.deb e8732397140edf5892f1669a6f16a701 39280 net optional freeradius
Accepted hardening-wrapper 2.3 (source amd64 all)
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Format: 1.8
Date: Sun, 16 Dec 2012 14:56:48 -0800
Source: hardening-wrapper
Binary: hardening-wrapper hardening-includes
Architecture: source amd64 all
Version: 2.3
Distribution: unstable
Urgency: low
Maintainer: Package Hardening hardening-disc...@lists.alioth.debian.org
Changed-By: Kees Cook k...@debian.org
Description:
hardening-includes - Makefile for enabling compiler flags for security
hardening
hardening-wrapper - Compiler wrapper to enable security hardening flags
Closes: 681799 682451
Changes:
hardening-wrapper (2.3) unstable; urgency=low
.
* debian/hardening-wrapper.{prerm,postinst,links}, debian/README.Debian:
add gcc-4.8 to the diversion list, and sync list of compiler versions
(Closes: 681799).
* hardening-check: fix hash size check syntax (Closes: 682451).
Checksums-Sha1:
622f6e7408b3fa44cf474caa5bf99fe0cb7dfa6b 1860 hardening-wrapper_2.3.dsc
b24524189039c095b928c7b6f88d61706d8f8b6f 20507 hardening-wrapper_2.3.tar.gz
80deba7b51a8fcb28e9b3aaf363a7588ada1 13628 hardening-wrapper_2.3_amd64.deb
9c1b20e9222d3926c2edc2c615531bba4793b92e 17756 hardening-includes_2.3_all.deb
Checksums-Sha256:
28b1310834fe14ea6b45e1b6cb78d2e7f1c550ced04f12a0674e45a551266102 1860
hardening-wrapper_2.3.dsc
8bd0ea0010465e42f1a9fb51d52f09b91792c8fdfb2ad299ec8cc25ce9597d20 20507
hardening-wrapper_2.3.tar.gz
a8f84a8da5ac044ea56cb155a637ad339f48d10e2fa1d9bb2958a2c035307277 13628
hardening-wrapper_2.3_amd64.deb
17a46da640c6ad2ec861a90beee1ed93cb1db4572bfad07ad884e18dac013fbf 17756
hardening-includes_2.3_all.deb
Files:
322078300d45df03f61b6073bb54d65f 1860 devel optional hardening-wrapper_2.3.dsc
a4330dfb5f41ba00f61cf68dbfcbc26d 20507 devel optional
hardening-wrapper_2.3.tar.gz
cd9627cbaf70094a21318383117308a9 13628 devel optional
hardening-wrapper_2.3_amd64.deb
f185e1a9dc38237753a7a087316fb970 17756 devel optional
hardening-includes_2.3_all.deb
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Kees Cook k...@outflux.net
iQIcBAEBCgAGBQJQzmVYAAoJEIly9N/cbcAmGOkP/jZjbRCg2LBB+/Loe2ZqsGC0
SGJSEbxeGjZZBBbXSdUJvU3cLeYg424JwLBr6MezWlV/QLPEbZm+OxC7NXlfm+5u
+wG2nxtb1ZYWknscpfy7VM/IjPir9Z+X/soLyXeGs+JEzXJK3g+oCNfb8LiYB55R
GzSeVsora0DbSVaJPKShf8mNqWWDBtOxQ0yYXfdyeukuExf3gOyxTunh0EtNu85v
CDsVzfDuXbgXdBbORao4e/WmpG3aD3FPcrEt3vqjKmI29bUhpviNor5SmG+MiwTx
+cj3hdWE4tCL/uPF540KFWfZ/VT6SqO8GTtGwnu14CTMm0Aa0/LRMTyFPKRSCUEb
w96FnYbkTaxL1rO79l53C7tu3lcyPVNG3+LaR34oR0l5bmkadqdzId5d0CF8xKqP
K+QFgGVb075W+JIK40cOvWdncgfG5obZcHBe4Q9BIUTKdxjbWK/JG2UTPDcAaUw4
/lgxrmZZ6UpiAUd7J/P1yNFeJIK4uVcWHyFDcmEEPUB9NgfLKpYL4fNtEr3BA5zj
0HAIS3sH0ztU7uhGMS0WCUbjU+LLctPLQ72eoxi8R890tBDs+PeKNOYTzxV08fsB
GWuEj/1d7guuZFxrDkE1y+ziW6eLPKHRkTbFlSsPRLkyGYAbP522QNmSk8F4i1iZ
5/nEbMilEoSw83YznlEr
=z5t+
-END PGP SIGNATURE-
--
To UNSUBSCRIBE, email to debian-devel-changes-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/e1tkods-0001zb...@franck.debian.org
Accepted libseccomp 1.0.0-1 (source amd64)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Fri, 03 Aug 2012 16:59:41 -0700 Source: libseccomp Binary: libseccomp-dev libseccomp1 Architecture: source amd64 Version: 1.0.0-1 Distribution: unstable Urgency: low Maintainer: Kees Cook k...@debian.org Changed-By: Kees Cook k...@debian.org Description: libseccomp-dev - high level interface to Linux seccomp filter (development files) libseccomp1 - high level interface to Linux seccomp filter Closes: 682152 682471 Changes: libseccomp (1.0.0-1) unstable; urgency=low . * New upstream release. - bump ABI. - drop build verbosity patch, use upstream V=1 instead. * libseccomp-dev.manpages: fix build location (Closes: 682152, 682471). * debian/patches/pkgconfig-macro.patch: use literals for macro. Checksums-Sha1: 7f71cc9b52b6a048404f7e2abb7d03587e458455 1839 libseccomp_1.0.0-1.dsc 8d76547286992502665a945d83cd262325d553f7 70172 libseccomp_1.0.0.orig.tar.gz 2d9a885f9d3d7c5c1624c81d23967c95d842ec0a 2980 libseccomp_1.0.0-1.debian.tar.gz e73a4f23c606622089b245d5e8ff1f69e236245d 16532 libseccomp-dev_1.0.0-1_amd64.deb 99bb3d7930f4bdfb06309f55fea348d0b618f852 19074 libseccomp1_1.0.0-1_amd64.deb Checksums-Sha256: cf3f09ee57682a220ef5a27df80fdd484a8c4c559883957719faed626719550b 1839 libseccomp_1.0.0-1.dsc 7c35493c890af509955397ea1f5d3c1a8e84a3002a64fa8c716de395e117cc4c 70172 libseccomp_1.0.0.orig.tar.gz d88cdd3fcc53dcf5a92134cebb790a80c71f83823088ac8ba0ed814bdbe08703 2980 libseccomp_1.0.0-1.debian.tar.gz e1b87cf4ef65b6cc8a17126772bcd156a71a9be7cf1a2630b2d8a55263cc818a 16532 libseccomp-dev_1.0.0-1_amd64.deb a494c5c37473a222df7f582579b5e108d7737b8dbeef6f23f73cfb2ac24b1078 19074 libseccomp1_1.0.0-1_amd64.deb Files: 00bbd529fdef784008456e500f936e0a 1839 libs optional libseccomp_1.0.0-1.dsc e9796bce21fab55fd661be4ee618211d 70172 libs optional libseccomp_1.0.0.orig.tar.gz ece889065db19d47e87bda72d8b8c417 2980 libs optional libseccomp_1.0.0-1.debian.tar.gz 4390b191b0094457ce3403af27080e3b 16532 libdevel optional libseccomp-dev_1.0.0-1_amd64.deb 1b4afa5f6adeba936deb4c3e15f9011f 19074 libs optional libseccomp1_1.0.0-1_amd64.deb -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.11 (GNU/Linux) Comment: Kees Cook k...@outflux.net iQIcBAEBCgAGBQJQHG2UAAoJEIly9N/cbcAmnsgP/iMoRo8L6jcEmJm3HwT2qtFZ TfzCTJ5ssvUypCNCILvDLiL4ZMxb5Gc4YXCMBvePtXnmSFYPAGg9/R/cj2GFWm08 8mCT9UZ/8fprxkXaWTlgFKP7p76JqYlm2TsCyyrp286VfBlcASTfuUs1QveoPZ98 RgLMwlXWjSE62/QSHlah2mOB3y9ZTGnVZX1ljypFxHSucrvNTKMdOSvbbWkpBoX4 Hhgr8zLVMGA/oreNnm5EIQnvfz72eh4PmoGOBB/YFhrRM/pFq7ewoT6gRdzr5qV8 tsJPOhCE4t37y7NEpZ+qMsuzjqJC3YDoXOGP/41qIytQE3N3fLytFMk1cCUhoW2s PNfYc1FAX5fub6UjU/0pJpH5d0SFBf4QxX2VSM0fCJSaNaVbUKqZkqPniHd0cRZn b/dy8vqzPEimGJKpkz1mn0+5jBQ9FqYKIuxrPD1R95qhJipBrmxBUwO0JN2FOq+G rI1RCysfs5acL9Rl1rQ9HXqgryKxeH3OE5tf23G9Hn/lfqHIictpqo3TcfkLbFBF 1WamE0MkdDsoeo5+Mgn0WEcCjEPdh0Efw7MciwxlThR5IzZLJMmU1t3Ddp7tR/kP 1PlsYCHctAt5N/svHH186mcmhSgDEleDqxo95enf8isKXO/DzaQTWk/5hot/xwFE oUImAmNgyM4cm1fHQZYE =swtW -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to debian-devel-changes-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/e1thic1-0002df...@franck.debian.org
Accepted libseccomp 1.0.1-1 (source amd64)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Fri, 07 Dec 2012 11:38:03 -0800 Source: libseccomp Binary: libseccomp-dev libseccomp1 Architecture: source amd64 Version: 1.0.1-1 Distribution: unstable Urgency: low Maintainer: Kees Cook k...@debian.org Changed-By: Kees Cook k...@debian.org Description: libseccomp-dev - high level interface to Linux seccomp filter (development files) libseccomp1 - high level interface to Linux seccomp filter Closes: 682152 682471 687368 Changes: libseccomp (1.0.1-1) unstable; urgency=low . * New upstream release. * debian/control: only build on amd64 and i386 (Closes: 687368). . libseccomp (1.0.0-1) unstable; urgency=low . * New upstream release. - bump ABI. - drop build verbosity patch, use upstream V=1 instead. * libseccomp-dev.manpages: fix build location (Closes: 682152, 682471). * debian/patches/pkgconfig-macro.patch: use literals for macro. Checksums-Sha1: 0c1fbfc116f8fc404c40cce08c4151cbd6f6d503 1843 libseccomp_1.0.1-1.dsc f7d533ff3a75b8c4770ceb0f91fe6bdec89b08d8 129602 libseccomp_1.0.1.orig.tar.gz 35eca92cefeb8638a676ccd17a36de9124c6baeb 3798 libseccomp_1.0.1-1.debian.tar.gz 905172f59aa7cf094cb41e655d74bc10b119f23c 17000 libseccomp-dev_1.0.1-1_amd64.deb c34f8335f0f931d431580a93ad595902ee2bb567 30196 libseccomp1_1.0.1-1_amd64.deb Checksums-Sha256: 1e30650d78ae3e6df6b6aa7a815eb0fcee095ebda3775ea1933d770a119af570 1843 libseccomp_1.0.1-1.dsc 7c38fa4bcb92ec48179132e9532feee65f9dc3a00b733328a21551f028b62966 129602 libseccomp_1.0.1.orig.tar.gz 4a2902a0675aa4c6bd759362c24bd18b481fc1a8bdf5bf56379bd894f0f1e558 3798 libseccomp_1.0.1-1.debian.tar.gz 396dd2ea609a485a5eceba60864c74fd4ddf333f028679cc52ba5212953ad4c4 17000 libseccomp-dev_1.0.1-1_amd64.deb 92908ba3314a558ceb9daabb0e213d8b393e3f81534f4462abc8198c47dd57c7 30196 libseccomp1_1.0.1-1_amd64.deb Files: 80925a7d5690d610d72fe8ac6b755818 1843 libs optional libseccomp_1.0.1-1.dsc bbd85c2e6755fe7dcaca2576655bf289 129602 libs optional libseccomp_1.0.1.orig.tar.gz cf7a7fe9aa3020ee702fbfe6289ed8ca 3798 libs optional libseccomp_1.0.1-1.debian.tar.gz 785475b2b72a835b12483bea5bf5d550 17000 libdevel optional libseccomp-dev_1.0.1-1_amd64.deb 4c123f42c71f4ed6880b1b75dfcc576f 30196 libs optional libseccomp1_1.0.1-1_amd64.deb -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.11 (GNU/Linux) Comment: Kees Cook k...@outflux.net iQIcBAEBCgAGBQJQwlKLAAoJEIly9N/cbcAmpngQALKGt5+spxNXZ1o2Z3ZFa6QK Bd59tw7nkhF7yykOoPx5X7XP79vbt/MoahjkQh9O55SdMlp6V7ePgbOCRfZXOBbw ZUAy+q/htwwj9oZbsbvLh7mbgu66zi4LcppIi1CKbxPyNZCqIc3jwzp/T8NNn4fg vobb1IB4natAmPVSk0vOuEujQLXHEEkvkQtyFcw+WFxAPM1CcuSdBKwGYfqsbplo RxJCvuwg/GoNks8uh9XgiXpUuO0J3NfEc0MUkPlCPAL1HDMBfq1SoykPRElsvapI GHbOHGdmu9dGjB7a6EufnW7SzS+Xm/hnD30OWUji2UHaRwBpkknyqDuOTewegfFc ixG8oTScgU55E3RvBp1Etqd1vygUa7arIImRg1uVL2VBbVZtg0MPen1pGCO/naul Rq27GTEhroE7YD7wXK6i49ZfZQGEW6NMKNr9dpoCOIntzxMuDEKk84+9un9tolDE r1+imhMXBcCLbvM6Dn3SL5M641BvH4ndJrhEI0PapDwGXxeayP/icjxJ9LT754JA g7yte6g0NotSk9wcbDmbm4YNamVMg3YChZraDH3YHPKZe308fB1pXbMw/V5DD2hw MXiaqd8uaWvz8YSe7bwa0lwq3W5iT0GAQLLZI30DKdsAqIDQD/iOWPFB386Ge1XL vCr4SWv/qwOOSs7VZUwh =VRwR -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to debian-devel-changes-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/e1thic3-0002ds...@franck.debian.org
Accepted apparmor 2.7.103-4 (source all amd64)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Mon, 16 Jul 2012 11:52:42 -0700 Source: apparmor Binary: apparmor apparmor-utils apparmor-profiles apparmor-docs libapparmor-dev libapparmor1 libapparmor-perl libapache2-mod-apparmor libpam-apparmor apparmor-notify python-libapparmor dh-apparmor Architecture: source amd64 all Version: 2.7.103-4 Distribution: unstable Urgency: low Maintainer: Kees Cook k...@debian.org Changed-By: Kees Cook k...@debian.org Description: apparmor - User-space parser utility for AppArmor apparmor-docs - Documentation for AppArmor apparmor-notify - AppArmor notification system apparmor-profiles - Profiles for AppArmor Security policies apparmor-utils - Utilities for controlling AppArmor dh-apparmor - AppArmor debhelper routines libapache2-mod-apparmor - changehat AppArmor library as an Apache module libapparmor-dev - AppArmor development libraries and header files libapparmor-perl - AppArmor library Perl bindings libapparmor1 - changehat AppArmor library libpam-apparmor - changehat AppArmor library as a PAM module python-libapparmor - AppArmor library Python bindings Closes: 679597 Changes: apparmor (2.7.103-4) unstable; urgency=low . * debian/apparmor-profiles.dirs: add directories we might collide with apparmor on during purge. * debian/patches/fix-network-rule-support.patch: handle lack of networking features correctly (Closes: 679597). Checksums-Sha1: cad3000b8d25ed9191512159024f10e3d9afd67b 2636 apparmor_2.7.103-4.dsc 41e418b293892870a2d465dca5e030f241d159de 68803 apparmor_2.7.103-4.debian.tar.gz bf28a3a738f12e93865cc3967c964ffcdc505971 390832 apparmor_2.7.103-4_amd64.deb 3badab684a159aad6bbbdb384ab553f7041b5c92 136240 apparmor-utils_2.7.103-4_amd64.deb 26870cf473d24d363bd844a4e32febb4aedb84d0 48436 libapparmor-dev_2.7.103-4_amd64.deb f57c0f309148c4320b5fba0f8923b72858cc10df 58748 libapparmor1_2.7.103-4_amd64.deb 77e7fd52523722c19e3acf84c37e0a3c63438b0b 57446 libapparmor-perl_2.7.103-4_amd64.deb a163a6ea8a3bea9f0ad51d1723ec8135793c1424 36452 libapache2-mod-apparmor_2.7.103-4_amd64.deb acc5f65963bba3ce42542bcbb4c3e987a3694ef3 32200 libpam-apparmor_2.7.103-4_amd64.deb 44f865a2f2cb655bcf17fced738cb4e48869435e 52104 python-libapparmor_2.7.103-4_amd64.deb a04fa5b1ab90601e0ef04dadae926962ae6eddee 58128 apparmor-profiles_2.7.103-4_all.deb 9b7e563fa42571c5cb8ef6e8a0d20c08e5f2f9cc 254726 apparmor-docs_2.7.103-4_all.deb 0e878fb618c797c8fb5bdfc24108ed51201e 36536 apparmor-notify_2.7.103-4_all.deb 8fac42c261479d07d41cc80f0c52095425f02cd2 30314 dh-apparmor_2.7.103-4_all.deb Checksums-Sha256: 863fcc923d7c49a2ed171ea879e3020a4e1396019a347c700bd90f3c1211412c 2636 apparmor_2.7.103-4.dsc e2f4cfc1fb496b11c1b1b4ca297444a5ccafce1d19dde8ce2ba072689b632442 68803 apparmor_2.7.103-4.debian.tar.gz 9b05a22f70381185a9fdd8f6c9c23eaea0e08ee9423b88122bb5d07d451cbe61 390832 apparmor_2.7.103-4_amd64.deb 9d3af4a24113bd9f5828f40bf9686aba868f1fde79a69300476ee21331e8397b 136240 apparmor-utils_2.7.103-4_amd64.deb 539c8b546416f85ce5b701a87519953321c71791f337614483773e0a9cda8d10 48436 libapparmor-dev_2.7.103-4_amd64.deb b26dec6903586ca118b8006b1dcb43745ec084055042de172d31be86573288a7 58748 libapparmor1_2.7.103-4_amd64.deb f1eb5fcfe6b68efd7b4f0337a773c2ced56b188c75f90c950f816ea2ab566fde 57446 libapparmor-perl_2.7.103-4_amd64.deb 54801091bce316950d191436856a946faba8a2e84fbc21380507f4049cdd4548 36452 libapache2-mod-apparmor_2.7.103-4_amd64.deb 1c336f69b9e0ea032434308e1d359eb1fb440c904e565d14d243104e5f4f318e 32200 libpam-apparmor_2.7.103-4_amd64.deb f5a083741f4c817659ef4486ac220e748ee7b26468b59f0edf0dca9956e58f58 52104 python-libapparmor_2.7.103-4_amd64.deb 4279eaa352518d120dcc83bf48cdc91d4895906dfe530c74c00d3ab274b536f3 58128 apparmor-profiles_2.7.103-4_all.deb 711417a03af5a247ef6446c74d0c1797a243f12f23822afcce64d1c8e1a39409 254726 apparmor-docs_2.7.103-4_all.deb 0972314d5a70ef99a1ca36e254f9ba918cabd213b6c3b5a3e99801ce461556f0 36536 apparmor-notify_2.7.103-4_all.deb df238d4d4f11f3584c4108b0ba833135b46a7acfccbb7c0f2ae8d84714ac55e8 30314 dh-apparmor_2.7.103-4_all.deb Files: 8acfa27f57c1824fa9de0d38ceb8674b 2636 admin extra apparmor_2.7.103-4.dsc 842c87b5a813485f4545805e586a5a91 68803 admin extra apparmor_2.7.103-4.debian.tar.gz 52c5066f9655cdcbf9e5937679e591c1 390832 admin extra apparmor_2.7.103-4_amd64.deb 023e869a647802b0dc7264b14c29f450 136240 admin extra apparmor-utils_2.7.103-4_amd64.deb 771f789f2f659c2abefab569e6050747 48436 libdevel extra libapparmor-dev_2.7.103-4_amd64.deb fd03e6b1e46d2ce40c2858f27f00784b 58748 libs extra libapparmor1_2.7.103-4_amd64.deb 27a1d1fa47e27f79d0702607e37f0a18 57446 perl extra libapparmor-perl_2.7.103-4_amd64.deb 093f56cdae949b16df4e0db7b4a69f24 36452 libs extra libapache2-mod-apparmor_2.7.103-4_amd64.deb 03630ba54e8499f76fd8182a7c8cf03d 32200 libs extra libpam-apparmor_2.7.103-4_amd64.deb 8f81e7cfd43e1ba8fbd29b958bc170ec 52104 python extra python
Accepted apparmor 2.7.103-3 (source all amd64)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Thu, 28 Jun 2012 23:23:27 -0700 Source: apparmor Binary: apparmor apparmor-utils apparmor-profiles apparmor-docs libapparmor-dev libapparmor1 libapparmor-perl libapache2-mod-apparmor libpam-apparmor apparmor-notify python-libapparmor dh-apparmor Architecture: source amd64 all Version: 2.7.103-3 Distribution: unstable Urgency: low Maintainer: Kees Cook k...@debian.org Changed-By: Kees Cook k...@debian.org Description: apparmor - User-space parser utility for AppArmor apparmor-docs - Documentation for AppArmor apparmor-notify - AppArmor notification system apparmor-profiles - Profiles for AppArmor Security policies apparmor-utils - Utilities for controlling AppArmor dh-apparmor - AppArmor debhelper routines libapache2-mod-apparmor - changehat AppArmor library as an Apache module libapparmor-dev - AppArmor development libraries and header files libapparmor-perl - AppArmor library Perl bindings libapparmor1 - changehat AppArmor library libpam-apparmor - changehat AppArmor library as a PAM module python-libapparmor - AppArmor library Python bindings Closes: 673062 678526 Changes: apparmor (2.7.103-3) unstable; urgency=low . * debian/control: drop deprecated XS-Python-Version (Closes: 673062). * debian/debhelper/postinst-apparmor: remove bashism (Closes: 678526). * debian/patches/pass-compiler-flags.patch: add LDFLAGS where needed. * debian/libapache2-mod-apparmor.lintian-overrides: verified safe glibc function use at compile-time. * debian/rules: call dh_lintian. Checksums-Sha1: 09976fbc90ebeffbf343ec9aee1849cbbd1e9a3f 2636 apparmor_2.7.103-3.dsc 449e8f7b66d0650f7d0138f6653b9fe736cc2b08 68481 apparmor_2.7.103-3.debian.tar.gz 3ce598dfcf5d8ece0b2252e9fc19470951d2bc67 390598 apparmor_2.7.103-3_amd64.deb effa78221d26a76903bfd3a4efe002ced7a16e39 136176 apparmor-utils_2.7.103-3_amd64.deb 733e1dda65e15982481b261af0fb78f1396b6eea 48358 libapparmor-dev_2.7.103-3_amd64.deb 13ee8c19d04b0a6c8f22721fad287c3c86272f29 58652 libapparmor1_2.7.103-3_amd64.deb 2764e7473a23576482447e8f20a80109b2a77aec 57362 libapparmor-perl_2.7.103-3_amd64.deb e67e744c6f7591d40a4f4622d7702a4f9e57d7c1 36360 libapache2-mod-apparmor_2.7.103-3_amd64.deb f4fd27802d0f48e9da81eb60d81e2c7eb4f51241 32116 libpam-apparmor_2.7.103-3_amd64.deb 13a9fbfa331906f72adf90261bacfa0b91e29d1c 52022 python-libapparmor_2.7.103-3_amd64.deb 47b215af1ca83c18cd3498704d4193c91f2c5809 58024 apparmor-profiles_2.7.103-3_all.deb 86ae60dde3ed1d194c48af237a70015a39bb77e2 254384 apparmor-docs_2.7.103-3_all.deb be683e09e345fc014d4ab73529d150211f258c16 36448 apparmor-notify_2.7.103-3_all.deb 2d319671184e428b4521ec9ce238dd575579d982 30212 dh-apparmor_2.7.103-3_all.deb Checksums-Sha256: c29fa8915688773b8e133842b9face6c5d6b575c6577698123d2f23134371823 2636 apparmor_2.7.103-3.dsc 9b3e60e0e08e3610d8dd0b80c84f12763c0a53181eaa38067f52b258af366c86 68481 apparmor_2.7.103-3.debian.tar.gz f5d6cf6b85c05cd802fed399120d6f777facfef8f5c28099541b6db5e878aefa 390598 apparmor_2.7.103-3_amd64.deb c26b6afe1fda0aaf5b2542fcbb4b59f4ae1b08050953694307c9efe555eca239 136176 apparmor-utils_2.7.103-3_amd64.deb 5020d58c6632e4f41cfc0aa1836fa7ce6fc09600886e2ac67a49f73eb5209506 48358 libapparmor-dev_2.7.103-3_amd64.deb 9bcd3e9e10f0a2d693823150010a2373e2cd508a2b3ce0ab4e29f669f93f9848 58652 libapparmor1_2.7.103-3_amd64.deb 995b83feca173f83996c813d843fd200e19077d4507dd567cf82c33b6a47bddf 57362 libapparmor-perl_2.7.103-3_amd64.deb 84cec48c7aad9288d8440d275bd209effeac4590746788f13cc0c8dd972642dd 36360 libapache2-mod-apparmor_2.7.103-3_amd64.deb 50052715b1b16ba41590a9e390d92ec4237fe5c50ee2218cbb59d04f71f2014d 32116 libpam-apparmor_2.7.103-3_amd64.deb 5fe3228b50cf98fb0c47a7f92c885e62631829651e1956370a042285148f5c55 52022 python-libapparmor_2.7.103-3_amd64.deb c97c39796ce5ee70eda9ce483d9922426203f039dd6ce763d9ca1135a622bcd1 58024 apparmor-profiles_2.7.103-3_all.deb 3cc7f7272149540e913d7a763710a2ac30917f8cec9d8e026351cfa4a36d4926 254384 apparmor-docs_2.7.103-3_all.deb bb04b6e8d4d311da266e27d545db36d211c9a1a2ba7405b0a6b4efdc109d7e99 36448 apparmor-notify_2.7.103-3_all.deb da87822196ac354186b4e537ed68d5ea45f81bd05fe1b27c4365ce9278398596 30212 dh-apparmor_2.7.103-3_all.deb Files: b24c187970dd6ad7f6cb03c849d7b5db 2636 admin extra apparmor_2.7.103-3.dsc 8619d4abee4266762594cc26e45c98f0 68481 admin extra apparmor_2.7.103-3.debian.tar.gz 729773aac84c94aa2c0b5f8744ecb85a 390598 admin extra apparmor_2.7.103-3_amd64.deb 15ce2682ce2e7f20d2100acb1ad81f19 136176 admin extra apparmor-utils_2.7.103-3_amd64.deb 3679c536f08c9501804af8a319f590d1 48358 libdevel extra libapparmor-dev_2.7.103-3_amd64.deb b3835ae7c04fa39226f8c3ec202b5672 58652 libs extra libapparmor1_2.7.103-3_amd64.deb 5d9da1fe53709f37eab195737fffb3c7 57362 perl extra libapparmor-perl_2.7.103-3_amd64.deb 46ea10c28ec96a5781f784b1a8932e4e 36360 libs extra libapache2-mod-apparmor_2.7.103-3_amd64.deb
Re: [hardening-discuss] Using hardening-wrapper but lintian warning still present
Hi José, On Wed, Jun 20, 2012 at 12:21:15PM +0200, José Luis Segura Lucas wrote: I'm intending to package a software for Debian. I have a Debian package with some lintian warning about hardening, but I removed most of them using hardening-wrapper and the env DEB_BUILD_HARDENING=1 in my debian/rules. If you're using debhelper compat level 9, you don't have to worry about including hardening-wrapper and using DEB_BUILD_HARDENING=1. You'll get the defaults automatically through debhelper. This is the preferred way to get build flags now. I only have one lintian warning now: hardening-no-fortify-functions I see that the -D_FORTIFY_SOURCE=2 is included in each compiler execution. This is the output of hardening-check: $ hardening-check --verbose /usr/bin/grive /usr/bin/grive: Position Independent Executable: yes Stack protected: yes Fortify Source functions: no, only unprotected functions found! unprotected: memmove unprotected: read unprotected: memcpy Read-only relocations: yes Immediate binding: yes I asked on debian-devel and they told me that I can add an override if only memmove ormemcpy is shown, but I have an unprotected read too. How can I avoid this warning? It is my last problem after doing the RFS... It is possible that the read() was checked at compile-time to be safe which is why it was not linked with the protected version (__read_chk). For example, this will always be safe: char buf[100]; ... read(fd, buf, 50); In this case, the compiler can see that the read() can never overflow the buf (50 is less than 100), so there is no reason to use the protected function. If you're building with -O1 (or higher) and -D_FORTIFY_SOURCE=2, the compiler is always always going to be doing the right thing. :) If you really want to, you can test that this is the case by finding the uses of read() and using a volatile global variable to replace the length argument. (Don't leave the code like this, since it's not a useful change, but it can be used to make sure the compiler is doing the right thing.) volatile size_t read_length; ... char buf[100]; ... read_length = 50; read(fd, buf, read_length); If making that change causes hardening-check to see the __read_chk call, then the compiler is being smart and noticed that it doesn't need to do extra work at run time to verify the arguments, and you're clear to put in a lintian override. -Kees -- Kees Cook@outflux.net -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20120620195621.ge5...@outflux.net
Re: [hardening-discuss] Using hardening-wrapper but lintian warning still present
On Wed, Jun 20, 2012 at 12:56:21PM -0700, Kees Cook wrote: If you're building with -O1 (or higher) and -D_FORTIFY_SOURCE=2, the compiler is always always going to be doing the right thing. :) Heh, this was supposed to read almost always. :P -- Kees Cook@debian.org -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20120620200125.gg5...@outflux.net
Accepted duo-unix 1.8-1 (source amd64)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Sat, 16 Jun 2012 10:55:55 -0700 Source: duo-unix Binary: libpam-duo login-duo libduo3 libduo-dev Architecture: source amd64 Version: 1.8-1 Distribution: unstable Urgency: low Maintainer: Kees Cook k...@debian.org Changed-By: Kees Cook k...@debian.org Description: libduo-dev - Duo Security development libraries and header files libduo3- Duo Security library libpam-duo - PAM module for Duo Security two-factor authentication login-duo - login wrapper for Duo Security two-factor authentication Closes: 670302 Changes: duo-unix (1.8-1) unstable; urgency=low . * New upstream release. * debian/watch: fix uupdate typo. * debian/pam_duo.conf: remove minuid (Closes: 670302). * debian/control: bump standards version to 3.9.3, no changes needed. Checksums-Sha1: 4e369f96c87a50edfdbf597fad9a65ed2bfc0715 1904 duo-unix_1.8-1.dsc a474dbf89e5e7062351b389be761d871f89a8f1f 436266 duo-unix_1.8.orig.tar.gz 10ebd3bfa9e714d8113d96729e059421e10010d1 9417 duo-unix_1.8-1.debian.tar.gz 99942af14c895d6feaa0e67d0b4337e56fc191c5 16100 libpam-duo_1.8-1_amd64.deb 5600eb967a9c075ea3a1aeb2519c2cbf0a02a6c0 17938 login-duo_1.8-1_amd64.deb f6bd8233eaf2c3b1e96065c81decba5d8c7bfc91 38600 libduo3_1.8-1_amd64.deb 8e873e8c2dc086c32710e58e712b24f4718c4512 7136 libduo-dev_1.8-1_amd64.deb Checksums-Sha256: 922f4c83efad2725496e46dccbe759d1d68ca0f6296a8f67604e42c3b2fdc226 1904 duo-unix_1.8-1.dsc 6a7d8afb81cc767ae2db97347d3e95e639638bade95aded9772217eaf2c4501e 436266 duo-unix_1.8.orig.tar.gz 0ce48780e58c7fc1228b19e3dd3ade24529e1d3ca195a29777ce8d60d56d10e9 9417 duo-unix_1.8-1.debian.tar.gz 1f6ce8f5a9212f9d55b850dd50d9b3b632c80688ba344dd05ee4d2fec00c6dfb 16100 libpam-duo_1.8-1_amd64.deb 7ea6d89a64d819ef6ead485ea98c8da6d0a6b348e6a405de6ba4b349a5996d09 17938 login-duo_1.8-1_amd64.deb 96c7c7ad640fafbcd316a0068a6031fa8dfd39aaa696e001b8b9a2bec5ef4f59 38600 libduo3_1.8-1_amd64.deb 1cb433b6a36cb3c065e717a94490402eb4e3a41d042184e13ae81789e2ee47b4 7136 libduo-dev_1.8-1_amd64.deb Files: 46e0256a72e057dc594c137e8be12c54 1904 libs extra duo-unix_1.8-1.dsc f84662a40875eef8ff08c8a3b7c5fbfa 436266 libs extra duo-unix_1.8.orig.tar.gz 250e12e0ed47a0ab6b71959e8a857f7d 9417 libs extra duo-unix_1.8-1.debian.tar.gz 7bfb28ca08c3dec4d6630e59211277ba 16100 libs extra libpam-duo_1.8-1_amd64.deb 9c1f636d6aa09cf54d45aceabeb73db2 17938 admin extra login-duo_1.8-1_amd64.deb 17771a3c92dbb58bed45acad50d2351c 38600 libs extra libduo3_1.8-1_amd64.deb aec17e5eabcd28287ed2ce6023669472 7136 libdevel extra libduo-dev_1.8-1_amd64.deb -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.11 (GNU/Linux) Comment: Kees Cook k...@outflux.net iQIcBAEBCgAGBQJP3NDJAAoJEIly9N/cbcAmtmEP/Rd97B6TGFMEfvGRu6Z3miHL JBpem4JUNAvvi0Ax2S1ysaczXTBy5f7z/xKvldgDg0KuZqYJQW/DgHvdrL8fiGKy k7RDeTCrQyv8Xpg0cgbDZRaD3PtCbm9cedSRf5rDRILfFxgsvxwMnq+tVCTzPToO +NNPdEDVHtn8csfD1Lrl4//18bhgh1ZWzLkvb43nQ7r8pdiKiFwS8MFK+CfD/lvj j2/fcSeRACXXcqxqa5SkwvZRELev/nt5Q77VxqjpIAl3L9Z+fPov8dgwTFoIAvjA KBfqGolbA6NkLKbfitaNHIf98huBH5UoTNir+X5MZWT/+bZqZ5q+fOwklmv6gYVU eBp2xjOh1ekJiQ1qkHLRQ9OEK+X3vVXRDPJEzJMToNMBmTiZ82zmYGFlQMJ+xaSw v3f1X0AOS763ekMgze78mhj1goYaxMV2AaNInVelEuUs4XBc03AJnhOyhlbGG8hD RxRn7OojpfrWhbEpPubmdAJ1KfnJsR7xn2j9N6e9Hf+dQfZkHEV5+qlud5928Jn7 ks1Dk5WIg/DvQnFvZqM/26mhky/XkU8iK0L7L1kLH17nLEKkj58h6K3Kz4REF802 3DHFijth1vgYzuxkzSsjxWo91MLefP6hG8HNLcjiSJgvIEG43LX6BMfmZZmyRgPC 0S04oH5+3az14+7XxJr7 =6NRp -END PGP SIGNATURE- Accepted: duo-unix_1.8-1.debian.tar.gz to main/d/duo-unix/duo-unix_1.8-1.debian.tar.gz duo-unix_1.8-1.dsc to main/d/duo-unix/duo-unix_1.8-1.dsc duo-unix_1.8.orig.tar.gz to main/d/duo-unix/duo-unix_1.8.orig.tar.gz libduo-dev_1.8-1_amd64.deb to main/d/duo-unix/libduo-dev_1.8-1_amd64.deb libduo3_1.8-1_amd64.deb to main/d/duo-unix/libduo3_1.8-1_amd64.deb libpam-duo_1.8-1_amd64.deb to main/d/duo-unix/libpam-duo_1.8-1_amd64.deb login-duo_1.8-1_amd64.deb to main/d/duo-unix/login-duo_1.8-1_amd64.deb -- To UNSUBSCRIBE, email to debian-devel-changes-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/e1sfy1e-0004gg...@franck.debian.org
Accepted dosemu 1.4.0+svn.2080-1 (source amd64)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Sat, 16 Jun 2012 11:50:59 -0700 Source: dosemu Binary: dosemu Architecture: source amd64 Version: 1.4.0+svn.2080-1 Distribution: unstable Urgency: low Maintainer: Kees Cook k...@debian.org Changed-By: Kees Cook k...@debian.org Description: dosemu - DOS Emulator for Linux Closes: 676651 Changes: dosemu (1.4.0+svn.2080-1) unstable; urgency=low . * New upstream version, exported from svn r2080: - drop debian/patches/force-vm86-emu.patch, now detected upstream. * debian/control: update deps for libgpm-dev (Closes: 676651). * debian/control: bump standards version to 3.9.3; no changes. * debian/rules: corrected clean target. * debian/control, debian/compat: switch to compat 9 to gain default build flags. * debian/dosemu.lintian-overrides: verify hardening warnings as safe and add to overrides. Checksums-Sha1: 96c2739ad22ff7b720972399e3ec4af655934a80 2319 dosemu_1.4.0+svn.2080-1.dsc 00fa89149d7fd7925f294bcc73c1662849d07842 4471840 dosemu_1.4.0+svn.2080.orig-freedos.tar.bz2 e61887ff476b25238f39bfb8aeef5b9766719013 1976410 dosemu_1.4.0+svn.2080.orig.tar.bz2 d8533e51e0fb9fbeef0a613eabc639cd8d00fe74 26570 dosemu_1.4.0+svn.2080-1.debian.tar.gz 1b3b5765110f78941eba27f24a8e739f3f1eaa97 2547166 dosemu_1.4.0+svn.2080-1_amd64.deb Checksums-Sha256: 462e3005c6cd9e70ea5d08722636f1f2a924336696f29c3de5e6627ae3c230e8 2319 dosemu_1.4.0+svn.2080-1.dsc 1a5ffdd7f061bf4641e078c96ab9d1b388efe7ddcbe0f050e82e75d53f72cee7 4471840 dosemu_1.4.0+svn.2080.orig-freedos.tar.bz2 a08bcde78ed483010761fb9ce501ce240b836a9b09d27ff3f4ba811372f732f7 1976410 dosemu_1.4.0+svn.2080.orig.tar.bz2 2bc26bc791bc304221f5a40ce207257b412316c892c59bdaa0d49ac1ef9c6a5e 26570 dosemu_1.4.0+svn.2080-1.debian.tar.gz d9ffd6016df22ab9e0b202695dcdd76749e37f6b071243ebb8c5b7992a3242c1 2547166 dosemu_1.4.0+svn.2080-1_amd64.deb Files: a8f1e4ef2a0fded47e9371d169102af8 2319 contrib/otherosfs optional dosemu_1.4.0+svn.2080-1.dsc c5f0895fbcd57b1682ee623694d74eba 4471840 contrib/otherosfs optional dosemu_1.4.0+svn.2080.orig-freedos.tar.bz2 dba6f0f7f83081840f0728e962277ff4 1976410 contrib/otherosfs optional dosemu_1.4.0+svn.2080.orig.tar.bz2 c90600c00c31b58ef4e9310009c8d16d 26570 contrib/otherosfs optional dosemu_1.4.0+svn.2080-1.debian.tar.gz 61d114fc5819a2595503426b0f7a353d 2547166 contrib/otherosfs optional dosemu_1.4.0+svn.2080-1_amd64.deb -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.11 (GNU/Linux) Comment: Kees Cook k...@outflux.net iQIcBAEBCgAGBQJP3OXIAAoJEIly9N/cbcAm4WkP/il0uSCpkGVmVyRk1N1LuHcv h3n6Mz5yRITGSx9AzLZb9VUmMcOvj+yWMSBr4BVCuXkaSdh72/1/CXxGrJGBNean Z+DIXFSwD5qqeE+Gx1w28rrOYItYoMBuxu5LZLPiAhdQnWV75pf2mFznRANopU2y ZLR7oarbxkJ7zUWTIFvSMD6SLzRtYHj1vTJmz0LiZwsgs8bRnbYaMwOdcIBAGXuo lxfOLBrqn05FohTLCoVEPrjebXjpF+hRC6p2Ve9AICojo6sqrsg5VOc1hHrgR/lQ VN71Go/QlI5OD5x0JBvhuGzLuLCKdw9QTnH2yVSQ23Oweh3cbR0YPL1Jt4j6AkCS tyASRFRe1nyO5XUs8UjFHFxBlXDLjrBPArRn+U1x//njdScDzMBc9AVAMuy/5Iaa A4UVzMP09sQZWRsKnj1lQTVqpF/IqeuV7UI/Tk9BpG6NZBvHLtnqhMbCzUGRaC3J XF5laviotBLESZssSRjc+cspwTEYM0e8C/Nth7sgN1pzctzP+tqy/o8SFgcFrTaF w5XR3if3bfCKW/10SzbmYHsiBbXx5/aL0a9Ia82lE16n9XnOgfvMqASd5ch+naxY KbXe1xIEFMmyJzg2SskYQFbmZlaEfVC/cUzIVsP2tSPyznObKEE//Sc3X9MOxY+B e+H5tJ3d4P0KpeUcb2UR =nWAT -END PGP SIGNATURE- Accepted: dosemu_1.4.0+svn.2080-1.debian.tar.gz to contrib/d/dosemu/dosemu_1.4.0+svn.2080-1.debian.tar.gz dosemu_1.4.0+svn.2080-1.dsc to contrib/d/dosemu/dosemu_1.4.0+svn.2080-1.dsc dosemu_1.4.0+svn.2080-1_amd64.deb to contrib/d/dosemu/dosemu_1.4.0+svn.2080-1_amd64.deb dosemu_1.4.0+svn.2080.orig-freedos.tar.bz2 to contrib/d/dosemu/dosemu_1.4.0+svn.2080.orig-freedos.tar.bz2 dosemu_1.4.0+svn.2080.orig.tar.bz2 to contrib/d/dosemu/dosemu_1.4.0+svn.2080.orig.tar.bz2 -- To UNSUBSCRIBE, email to debian-devel-changes-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/e1sg09u-0004l6...@franck.debian.org
Accepted hardening-wrapper 2.2 (source all amd64)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Thu, 14 Jun 2012 09:40:03 -0700 Source: hardening-wrapper Binary: hardening-wrapper hardening-includes Architecture: source amd64 all Version: 2.2 Distribution: unstable Urgency: low Maintainer: Package Hardening hardening-disc...@lists.alioth.debian.org Changed-By: Kees Cook k...@debian.org Description: hardening-includes - Makefile for enabling compiler flags for security hardening hardening-wrapper - Compiler wrapper to enable security hardening flags Closes: 677530 Changes: hardening-wrapper (2.2) unstable; urgency=low . * debian/control: add missing Dep on binutils, thanks to Stéphane Graber. * hardened-cc: use = as argument separator for better interoperability with dpkg-buildflags. * hardening-check: reset tag list for each argument (Closes: 677530). Checksums-Sha1: 7b99e1b04a1d9de0661dbacbf6ae5eacbcd74a7b 1860 hardening-wrapper_2.2.dsc 932ad97a9badbbe6dac1dfb87e9eed2f4d500947 20431 hardening-wrapper_2.2.tar.gz 0f79a7f896359f3b88ac7cf37e3e6bbb7219ef17 13500 hardening-wrapper_2.2_amd64.deb f223e93d7893a0337dc1f18f8e9c768b16009e4e 17624 hardening-includes_2.2_all.deb Checksums-Sha256: a06f502003be69b32aa3a40fe4a1d9b18d67e49f9e740027c4d60d32df476818 1860 hardening-wrapper_2.2.dsc 3944f79ac19e23a9e7e755a7ed2810dffade58533dec800e39a0e8491324deaa 20431 hardening-wrapper_2.2.tar.gz 40fffae894d5e811cbd72b7fc1b1195b8cda146874a94695e7d30b1ce4eab232 13500 hardening-wrapper_2.2_amd64.deb 66f24a5a74bbbcdd9175a9e85a9759481801165b1b3f803273f25b2708676736 17624 hardening-includes_2.2_all.deb Files: de73fee316cdfcb0758047f93dc41dff 1860 devel optional hardening-wrapper_2.2.dsc 230793a0e0670ae04e60c3437a217ab6 20431 devel optional hardening-wrapper_2.2.tar.gz 2506044cad0fc15d41cfc03f2dd4dd2f 13500 devel optional hardening-wrapper_2.2_amd64.deb aeab963606a6e60378e858e2f10ec15f 17624 devel optional hardening-includes_2.2_all.deb -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.11 (GNU/Linux) Comment: Kees Cook k...@outflux.net iQIcBAEBCgAGBQJP2hSRAAoJEIly9N/cbcAm4EkP/0a8XoZxAYWOvymeIzoyjW5Y ++/ZhXb1DAXjmMdyRjy53aiv8NElN0CzAzzTFprx4JW8cPfylm+F8haIpJK43S8g VBS5ItRhsvJq+aSuXHXNr9opNr2W5hxnsAEn57gN7PBtDYBkMY9EqkZhy4a+dOXQ 359FlgGS1iunhHC9ztnutXPSGg5y5DCH8biZNHbgWL+xbNHlDSwtxj7Yzw7UdO3N dfVqOuLTRWpwMsq02rO7X1tFn/6ChPrehllUjC7UlKrXCwQBeupEovmW8zQ4ya74 wxJg7yAf508jcTiSqZEi7uI4j+4ACI9nglJI+75RgU6uI6kQB2KzskZv2RnR6LYR 7KTsRzEV5P83JdPwI4pQKgt8/RQICYyNDFtM3Nn+CdfkJhninG2/JFO8jQX4R+wA HirZNyE5ip0YkyomPUiWzoaPaxQlNIApCKaKoHk3ugiDPOcE0HWnNXikxJ7NfXTo YmzRF0sQofHmEQ61NKeSF4PaeXXimShUOXEsFDJ+m87KaIpzyNVlcIuk5kF/3ntH oAWNnv2g+KAjgJ0Ix9PubwKtPs33523xvZ2A5XWVZsNSCh8vDsLkgTwJ0V4DUv8g PWln25aqYhZyFyTs3ab8cmOz8emwg8QzqlooCRmMoVimLnafFfa80e+5JAQK4p61 ZYFD+hel1dXvIGyjVOfo =T3i2 -END PGP SIGNATURE- Accepted: hardening-includes_2.2_all.deb to main/h/hardening-wrapper/hardening-includes_2.2_all.deb hardening-wrapper_2.2.dsc to main/h/hardening-wrapper/hardening-wrapper_2.2.dsc hardening-wrapper_2.2.tar.gz to main/h/hardening-wrapper/hardening-wrapper_2.2.tar.gz hardening-wrapper_2.2_amd64.deb to main/h/hardening-wrapper/hardening-wrapper_2.2_amd64.deb -- To UNSUBSCRIBE, email to debian-devel-changes-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/e1sfdca-0005pm...@franck.debian.org
Accepted libseccomp 0.1.0-1 (source amd64)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Fri, 08 Jun 2012 12:32:22 -0700 Source: libseccomp Binary: libseccomp-dev libseccomp0 Architecture: source amd64 Version: 0.1.0-1 Distribution: unstable Urgency: low Maintainer: Kees Cook k...@debian.org Changed-By: Kees Cook k...@debian.org Description: libseccomp-dev - high level interface to Linux seccomp filter (development files) libseccomp0 - high level interface to Linux seccomp filter Changes: libseccomp (0.1.0-1) unstable; urgency=low . * New upstream release. - drop patches taken upstream: - libexecdir.patch - pass-flags.patch Checksums-Sha1: 5688db07a1d54ee6f52f3875282813c2ee9235e6 1839 libseccomp_0.1.0-1.dsc d7029ead149cbd322d25b3fc2d234498160d7dd2 62837 libseccomp_0.1.0.orig.tar.gz 72bf038f8a72d8d23c408d81590f4abb537011a7 4738 libseccomp_0.1.0-1.debian.tar.gz 40639a5cc4bef0bd6a1e071311e874db393553ea 6110 libseccomp-dev_0.1.0-1_amd64.deb 647d2225fd1a0b144c88d53538bcc4df2b660e2b 18358 libseccomp0_0.1.0-1_amd64.deb Checksums-Sha256: 2fd4700233ded9b3567f41836871451ec60785bbd3db3fb934984046b00301a9 1839 libseccomp_0.1.0-1.dsc e940989c093c9c057aca4e1a878be48bdcdb027f876a8d4bdcd9a1405a3d7f6f 62837 libseccomp_0.1.0.orig.tar.gz fdd4087887669f105ff0aca9bb000b075c7d73616c338191355e0fa4ac32c788 4738 libseccomp_0.1.0-1.debian.tar.gz c5a8781a0e005ee354fd5eee2de15230e24bd11e7472e34c3c0122c9b1abddae 6110 libseccomp-dev_0.1.0-1_amd64.deb e7576b0179f82e093079d6ac1dcd4f8b55c5e5c1f29d062275bdd4bf3f789108 18358 libseccomp0_0.1.0-1_amd64.deb Files: 029329faad9fe89d9d9a6375a570aaaf 1839 libs optional libseccomp_0.1.0-1.dsc 60c1c9b94fa46597800652131f5ebe97 62837 libs optional libseccomp_0.1.0.orig.tar.gz 723b2c5c4c53ad7e8d6b9f520cd896c1 4738 libs optional libseccomp_0.1.0-1.debian.tar.gz 46f3b7951674695666533b66130934f6 6110 libdevel optional libseccomp-dev_0.1.0-1_amd64.deb b46ce45261423d06252040bf76d0bc11 18358 libs optional libseccomp0_0.1.0-1_amd64.deb -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.11 (GNU/Linux) Comment: Kees Cook k...@outflux.net iQIcBAEBCgAGBQJP0lXTAAoJEIly9N/cbcAm1zkQALVq1O61rqhtww495KU62g4S 4i6ePejSSS3+f1VJut6PKWm3ZxYBTN9vsk2ryFYOc9kkTw46KLR3E/IUMHVVH5tA y+fdjTlpTyIxVDyfhOWXeYTbt8hvOn/nLSLzwK0a7lXQU+TiYXgviCPNg21PMYpj E02b40TohVloQ4MSHbXJP1KVwFXt7Cy45OvlBhiNLcMV8z1J2KJIbQcRXRxPmAeg ZLZJITFxSMtGBByURMTFsNdDQjLORXPc8IOfOxg87msr+dd2nxv9xdEsr/Jz1TyG MfTnaNVcs8kS5De7l8gXNuaTZp6NpehPpsHflujy7QLvDpPAqw583Z6VePaEBLH2 ZcbA/1ivJJ2fBo+UWwshdemZBZR+1e2LZQM7tffdQmUtztNF6nbOqhMsgotTwXxL ilt1Si2uNRstl0A/eJtuDlfbONoZ5XEHGbY3s4xd67QEc8q6qTJTd3czNWeCXj6d aX7wL7xRYSZ7HZ3UFxlYB0qCMNrxhRp4lxIZNbFOmarnPPA07Mz6Er13DpKKyZHe s9C82AA9igNCaV1cRt6cQQvxkQw6GbF5qoWnDqpRTRKcTJuXD8uVu2k6qdoFqRKS YbOk6oPmMdNOTwUUUPyZi/zR4iuZ8AlwTZnYexOpRxd3SCoWW7bAOclpsnS+VkBv m225Wl8Q5xccLBRUJGI/ =HIXC -END PGP SIGNATURE- Accepted: libseccomp-dev_0.1.0-1_amd64.deb to main/libs/libseccomp/libseccomp-dev_0.1.0-1_amd64.deb libseccomp0_0.1.0-1_amd64.deb to main/libs/libseccomp/libseccomp0_0.1.0-1_amd64.deb libseccomp_0.1.0-1.debian.tar.gz to main/libs/libseccomp/libseccomp_0.1.0-1.debian.tar.gz libseccomp_0.1.0-1.dsc to main/libs/libseccomp/libseccomp_0.1.0-1.dsc libseccomp_0.1.0.orig.tar.gz to main/libs/libseccomp/libseccomp_0.1.0.orig.tar.gz -- To UNSUBSCRIBE, email to debian-devel-changes-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/e1sd5bu-0004wk...@franck.debian.org
Accepted libseccomp 0.0.0~20120605-1 (source amd64)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Tue, 05 Jun 2012 11:28:07 -0700 Source: libseccomp Binary: libseccomp-dev libseccomp0 Architecture: source amd64 Version: 0.0.0~20120605-1 Distribution: unstable Urgency: low Maintainer: Kees Cook k...@debian.org Changed-By: Kees Cook k...@debian.org Description: libseccomp-dev - high level interface to Linux seccomp filter (development files) libseccomp0 - high level interface to Linux seccomp filter Closes: 676257 Changes: libseccomp (0.0.0~20120605-1) unstable; urgency=low . * Initial release (Closes: #676257). Checksums-Sha1: 298c2ce5a8521503b377deb1c0a553870416a322 1902 libseccomp_0.0.0~20120605-1.dsc 1e8f9301590f365414839e9211086187a8952c42 63261 libseccomp_0.0.0~20120605.orig.tar.gz 6c1acace64e13c7eb44c50e99273b184c39529e5 4760 libseccomp_0.0.0~20120605-1.debian.tar.gz fedc95c26f3a86273920d44f6a97da9b10cfedb1 5994 libseccomp-dev_0.0.0~20120605-1_amd64.deb 592b2f05ae2aa6392d485da7d5768f0fe4ae44b7 18252 libseccomp0_0.0.0~20120605-1_amd64.deb Checksums-Sha256: 55f745773f4722423493c2ea261c2dda96673d0d0e04b633e8ea28659472de71 1902 libseccomp_0.0.0~20120605-1.dsc d76373d61a561b4a03b30432215bc0a466a68b0671decc70bb59699cca62eae0 63261 libseccomp_0.0.0~20120605.orig.tar.gz 8e8ebe6f9941f768aae5485c0cbd914b884535eb385f7c1ccfcee4861816c339 4760 libseccomp_0.0.0~20120605-1.debian.tar.gz b751f582e50b8c6746b4857c7c43169c8527edade57fb48d90a3f26021ea16ca 5994 libseccomp-dev_0.0.0~20120605-1_amd64.deb d1e7e28fa6660b2b2c91c12dab46e1b48b926e0c101f480c9854d8799021f740 18252 libseccomp0_0.0.0~20120605-1_amd64.deb Files: 0623eeaddec58fe924e8444e02037140 1902 libs optional libseccomp_0.0.0~20120605-1.dsc 319ff91314a9278ddef7d0326ece749e 63261 libs optional libseccomp_0.0.0~20120605.orig.tar.gz 20bf1b1a049ebd7daa6772e3b3bef013 4760 libs optional libseccomp_0.0.0~20120605-1.debian.tar.gz 153bc1990fd02b7fa90180e2106bd8d7 5994 libdevel optional libseccomp-dev_0.0.0~20120605-1_amd64.deb 6f7f5a448fc90dd6ca8520beae8cb3f8 18252 libs optional libseccomp0_0.0.0~20120605-1_amd64.deb -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.11 (GNU/Linux) Comment: Kees Cook k...@outflux.net iQIcBAEBCgAGBQJPznTZAAoJEIly9N/cbcAmBF8P/R/aI5QRu8vH7gfiZQrNV93L IquI1vwM3LIzmHgRd7kmQdcyV59Blbm7zaf269e1Fx6I1eZ+ERVkavH7oEMoaha4 rC3MfFZu+pC500OAkFLO/7Vv4ksujBgKlnjKXS8MRVrorhXZZUF/lAncqWhyXAmg 7ZT8Nk3mU5aZKcM6+QfsP7CBy5HyYNz/wieeSo8kmbObw4kLCQXzYXKLpr5nabqD tAhqzONQkB8UjTZ8xWOKM7NgIHFMvRIp5z3ROCwE5oF+bAa0qtFtJGvHV0gAnLpj b7gdYc5vA3peUrD/FAV0r1FfoCDLtpRmJ0saElQ5+t5CnpuTnSbmfy8qCaoX/x/9 RkYzhrR7HpP+3imSrSG/dmgw3wMGJvLv6lR4UY5QJbZzqDFGG7u7bIZ1IZo993Fy NAScH9Gy1UqZ4Sn9z7wNuW32wDMK10P7Ys2YxF4B1p0QEwkYojd2johp0kV2AXkw p1SgZRIGszIQiZzJPIaznSEBCZWhuSKz8Pwj/C4iW1ryonbbQZdfN6rxtTN8x+y4 TkKP6JwQUMWIjGgv4VPpkN553tP46B9sGzdJ1UvuvGszYwikkIdrC6j5WmIl4dLQ Lnt4x/fpVObDsAXrqAkgrmLOkl1pryNqAzp6rvhp27QkrCjFba2qczr3kaeAmweh QhuhILGv8N9a4cNVZTgN =yvrX -END PGP SIGNATURE- Accepted: libseccomp-dev_0.0.0~20120605-1_amd64.deb to main/libs/libseccomp/libseccomp-dev_0.0.0~20120605-1_amd64.deb libseccomp0_0.0.0~20120605-1_amd64.deb to main/libs/libseccomp/libseccomp0_0.0.0~20120605-1_amd64.deb libseccomp_0.0.0~20120605-1.debian.tar.gz to main/libs/libseccomp/libseccomp_0.0.0~20120605-1.debian.tar.gz libseccomp_0.0.0~20120605-1.dsc to main/libs/libseccomp/libseccomp_0.0.0~20120605-1.dsc libseccomp_0.0.0~20120605.orig.tar.gz to main/libs/libseccomp/libseccomp_0.0.0~20120605.orig.tar.gz -- To UNSUBSCRIBE, email to debian-devel-changes-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/e1sck79-m1...@franck.debian.org
Bug#676257: ITP: libseccomp -- High level interface to the Linux Kernel's seccomp filter
Package: wnpp Severity: wishlist Owner: Kees Cook k...@debian.org * Package name: libseccomp Version : 0.1.0 Upstream Author : Paul Moore pmo...@redhat.com * URL : https://sourceforge.net/projects/libseccomp/ * License : LGPLv2 Programming Lang: C Description : High level interface to the Linux Kernel's seccomp filter This library provides a high level interface to constructing, analyzing and installing seccomp filters via a BPF passed to the Linux Kernel's prctl() syscall. -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20120605180741.17371.60183.reportbug@localhost6.localdomain6
Accepted scantool 1.21+dfsg-3 (source amd64)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Fri, 01 Jun 2012 11:07:05 -0700 Source: scantool Binary: scantool Architecture: source amd64 Version: 1.21+dfsg-3 Distribution: unstable Urgency: low Maintainer: Kees Cook k...@debian.org Changed-By: Kees Cook k...@debian.org Description: scantool - OBD-II vehicle diagnostic scanner Closes: 674179 Changes: scantool (1.21+dfsg-3) unstable; urgency=low . * Add debian/patches/kfreebsd-build-fixes.patch: fix up source for kfreebsd builds. * debian/rules, debian/patches/build-flags.patch: pass compiler flags to build correctly. * debian/control, debian/compat: bump compat level to 9. * debian/control: bump standards version; no changes needed. * debian/patches/drop-report-request.patch: do not report to scantool.net since they don't want reports on this ancient software any more. :) * debian/patches/allow-elm327-clones.patch: fix clones harder (Closes: 674179). Checksums-Sha1: f92e6c2f1c1ecf0a6750af53c3e7c32e33eba018 2116 scantool_1.21+dfsg-3.dsc 85a470fa78c7bae91950e7ba2d1098274653d7b9 11856 scantool_1.21+dfsg-3.debian.tar.gz b3d33db8d9a9cb5e90feb9555e40484affa6ad4d 578426 scantool_1.21+dfsg-3_amd64.deb Checksums-Sha256: 5b971537c3c78e5764b7b4f541931752964cc9cd62c88028cc6aeb9d97764cb7 2116 scantool_1.21+dfsg-3.dsc ae84406060d7f29cf6fcf097ce2ac22a6563b437e36940de6c4862221c90ef4e 11856 scantool_1.21+dfsg-3.debian.tar.gz c80dfbc01a03b8a232aeea355a28fbb58787b6032cfa85d53af95be5d3bdd25c 578426 scantool_1.21+dfsg-3_amd64.deb Files: 869719ad835e0c002683d3c88d90701d 2116 electronics extra scantool_1.21+dfsg-3.dsc cb66f1041e383d9bc94ffc0d433e11d0 11856 electronics extra scantool_1.21+dfsg-3.debian.tar.gz b976b276037e780a8f17cf1b4b99d44b 578426 electronics extra scantool_1.21+dfsg-3_amd64.deb -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.11 (GNU/Linux) Comment: Kees Cook k...@outflux.net iQIcBAEBCgAGBQJPyRcBAAoJEIly9N/cbcAmvMkQAJKbO4vh0LWm6MDgCQQjkl9i cE+S9PHj/UWZlhQ65trijREl76p5/0W662aH05sPJ0fC+vGnbCi3Vv2ytNrsOKSN PvN+WQdJpSFywkv/3w+xVmiw5a8surwzF94ZZh+ZrjG7F63IX5get//abw9c5r2I DZO7n7ZqYR8CEi+yUKJC5kDeASPjvNKNtHwzY5S3QWkkuO91+2qqS8x+VYxwV8Ib Q31idyyrA9ruDcwuxx9JIzf5s44uE0qOPLqw096/BDk5sScKDNCV2ZsnpyRZYUkY GSPRcwPVaqNqeBlstuOxBlDtlnNc+Ix1+fiYO0WDf2l81pVyFaALvC0fSCdN7Y3U Rjx6JF75vPy56eJdWVY94bWlkOJSXla0WJ3adicUc0zWURE5AY3+4e04vDWqQYF7 QCHQJADgGYsmU7pxJ1pklfdvWwQfJr8wgnCGY0xbIcvlu0eMlwaUQrwXs3fAA5Y8 ix/bNl3dGi1goTKSnUVmNH0TRqkLftEuCpgh39PyJWWYHkgv0nNLq+eYHUYwpnq0 p1bXdk2TWuyXZFj7cOFlAA1qb9NKprjJuxl0cfFz4MshWkcSWMGnf6Sc/y+DGK/S 9SZg4C0pO5T9IR0Xho+nrYfIcS0+dUKRFELh1lcasswDf6kxXE73dkB1vofDe0pd hoRCzd6pFyo8LjVsymz8 =T+PC -END PGP SIGNATURE- Accepted: scantool_1.21+dfsg-3.debian.tar.gz to main/s/scantool/scantool_1.21+dfsg-3.debian.tar.gz scantool_1.21+dfsg-3.dsc to main/s/scantool/scantool_1.21+dfsg-3.dsc scantool_1.21+dfsg-3_amd64.deb to main/s/scantool/scantool_1.21+dfsg-3_amd64.deb -- To UNSUBSCRIBE, email to debian-devel-changes-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/e1saxck-0006rf...@franck.debian.org
Accepted apparmor 2.7.103-2 (source all amd64)
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Format: 1.8
Date: Sat, 05 May 2012 09:57:10 -0700
Source: apparmor
Binary: apparmor apparmor-utils apparmor-profiles apparmor-docs libapparmor-dev
libapparmor1 libapparmor-perl libapache2-mod-apparmor libpam-apparmor
apparmor-notify python-libapparmor dh-apparmor
Architecture: source amd64 all
Version: 2.7.103-2
Distribution: unstable
Urgency: low
Maintainer: Kees Cook k...@debian.org
Changed-By: Kees Cook k...@debian.org
Description:
apparmor - User-space parser utility for AppArmor
apparmor-docs - Documentation for AppArmor
apparmor-notify - AppArmor notification system
apparmor-profiles - Profiles for AppArmor Security policies
apparmor-utils - Utilities for controlling AppArmor
dh-apparmor - AppArmor debhelper routines
libapache2-mod-apparmor - changehat AppArmor library as an Apache module
libapparmor-dev - AppArmor development libraries and header files
libapparmor-perl - AppArmor library Perl bindings
libapparmor1 - changehat AppArmor library
libpam-apparmor - changehat AppArmor library as a PAM module
python-libapparmor - AppArmor library Python bindings
Closes: 656451 670431 671040
Changes:
apparmor (2.7.103-2) unstable; urgency=low
.
* debian/patches/non-linux.patch: fix up build failures on non-Linux
systems (Closes: 671040).
* debian/control: require apparmor for apparmor-profiles, since abstraction
tree needs to be created already.
* debian/lib/apparmor/functions: silently handle lack of interface compat
patch.
* debian/apparmor-profiles.postrm: retain conffile list for purge logic
(Closes: 656451).
* debian/libapache2-mod-apparmor.{dirs,preinst}: add disabled directory
to package file list correctly (Closes: 670431).
* debian/control: bump standards version, no changes needed.
Checksums-Sha1:
d331f95c084bb54eed3e0b1b0393c3eef1d62d9f 2636 apparmor_2.7.103-2.dsc
60d87eccf53db07868bb6b74bea0ce44e62a9f1d 70224 apparmor_2.7.103-2.debian.tar.gz
e13f4cf3f2e6f19be49323fbd662571c537dad2a 376520 apparmor_2.7.103-2_amd64.deb
763bab76cca37a7659da436cb2369f3e06d85e7b 136098
apparmor-utils_2.7.103-2_amd64.deb
bb9e5f4f75e4b824f4f8b069bc3e0808b8ceebb1 48414
libapparmor-dev_2.7.103-2_amd64.deb
ff6a359dc125c1cd1783f09d1a54e42cb6473f82 58514 libapparmor1_2.7.103-2_amd64.deb
1601d603041cb4f129a7cc4bcb509fab093b4f40 56690
libapparmor-perl_2.7.103-2_amd64.deb
dcefc88e79c4ab6bd311c10fca73704550307fff 35912
libapache2-mod-apparmor_2.7.103-2_amd64.deb
f8e7eeea1639221d9ddfc07fcdd1247dceaa4abf 31978
libpam-apparmor_2.7.103-2_amd64.deb
9e7ebd3bea2c8fa64aedd2b12664f90b1fca27c3 52024
python-libapparmor_2.7.103-2_amd64.deb
46ad18d4b6b20047e894196541c78c0b1077d188 57916
apparmor-profiles_2.7.103-2_all.deb
f22c7b713cf90c1173422e540a92f3ac046c7d2a 254660 apparmor-docs_2.7.103-2_all.deb
17be845029390062c5dea059365b6e3a5d6c0c11 36330
apparmor-notify_2.7.103-2_all.deb
6398ae9286ec204d2d86e9e1960cfda4d9fdb669 30096 dh-apparmor_2.7.103-2_all.deb
Checksums-Sha256:
bb43b4f55fad76684713d2d218a163b8c67d07bbfd998a00f50faf1037c27051 2636
apparmor_2.7.103-2.dsc
cf5278ee75e855c67871a39bae6032b56042e351158f1edc0ba16f4746f193b7 70224
apparmor_2.7.103-2.debian.tar.gz
8814315184b12bde4daf8b9a261d33f370ce0e33f5394fa79bc024900e6e0557 376520
apparmor_2.7.103-2_amd64.deb
6f823279e75d4f4e8a06acebc4be56e91ff40c834a6fe2263df3922ef4aa40d8 136098
apparmor-utils_2.7.103-2_amd64.deb
b17617629dad629968383a06c488f1490474eea2ebd70508830f34c900109283 48414
libapparmor-dev_2.7.103-2_amd64.deb
fec1d9455c01931663f77ce09716a17c35a1c134ecc6b161c46fb6c1be5b7021 58514
libapparmor1_2.7.103-2_amd64.deb
3713b52d8a50fcaf55fa32bcfa583ccb2f467574434d7fe40f958edf02f1b3b4 56690
libapparmor-perl_2.7.103-2_amd64.deb
5b94f9e9259d052e1e258bb3b85793fa8877156ee5d625c43caa75e54e6ad191 35912
libapache2-mod-apparmor_2.7.103-2_amd64.deb
8e563175829bc31aca8ba27bc11e57e905f0ee9fc934ebbd5f692cbbc14bf031 31978
libpam-apparmor_2.7.103-2_amd64.deb
b90f49f57322acc5aa6b359dc4482e80965a35a7abeb8dea3bb0f74db1f3be02 52024
python-libapparmor_2.7.103-2_amd64.deb
ddc09a0c931d5b98b233af590bada6c6b742c8ae6bb6233e7a93974a5076cfed 57916
apparmor-profiles_2.7.103-2_all.deb
fdc3add99736607d1aff0fdad78ad9167a3660780a4bb53a6f1d99ee454964ef 254660
apparmor-docs_2.7.103-2_all.deb
6a7aab18785acc1783e6c7cb88b28afcf98ef6a19aeaaad1c82208f9ec0b5978 36330
apparmor-notify_2.7.103-2_all.deb
f1c862c1e7e399043153a046ff2393d7d08c26e7e5f100529de5238f7903e8d9 30096
dh-apparmor_2.7.103-2_all.deb
Files:
1fd45c19e0e237d5f69f0c2d4b175f1f 2636 admin extra apparmor_2.7.103-2.dsc
42a57b5bd0d45cb03ab58c5e7443cbef 70224 admin extra
apparmor_2.7.103-2.debian.tar.gz
5d1931ae060ce44de1de282908808380 376520 admin extra
apparmor_2.7.103-2_amd64.deb
0684d930030ebec3bd8cbb04c120e98b 136098 admin extra
apparmor-utils_2.7.103-2_amd64.deb
8cd968e604f5f30ba29e4ede1b6edc58 48414 libdevel extra
libapparmor-dev_2.7.103-2_amd64.deb
d9d562682694e16523e7e5c7c06a0c9b
Accepted apparmor 2.7.103-3~0apache24.1 (source all amd64)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Sat, 05 May 2012 15:14:47 -0700 Source: apparmor Binary: apparmor apparmor-utils apparmor-profiles apparmor-docs libapparmor-dev libapparmor1 libapparmor-perl libapache2-mod-apparmor libpam-apparmor apparmor-notify python-libapparmor dh-apparmor Architecture: source amd64 all Version: 2.7.103-3~0apache24.1 Distribution: experimental Urgency: low Maintainer: Kees Cook k...@debian.org Changed-By: Kees Cook k...@debian.org Description: apparmor - User-space parser utility for AppArmor apparmor-docs - Documentation for AppArmor apparmor-notify - AppArmor notification system apparmor-profiles - Profiles for AppArmor Security policies apparmor-utils - Utilities for controlling AppArmor dh-apparmor - AppArmor debhelper routines libapache2-mod-apparmor - changehat AppArmor library as an Apache module libapparmor-dev - AppArmor development libraries and header files libapparmor-perl - AppArmor library Perl bindings libapparmor1 - changehat AppArmor library libpam-apparmor - changehat AppArmor library as a PAM module python-libapparmor - AppArmor library Python bindings Changes: apparmor (2.7.103-3~0apache24.1) experimental; urgency=low . * Apache 2.4 transition. Checksums-Sha1: e9178ce450fff1f3f644a4c1424d99513141dbf8 2688 apparmor_2.7.103-3~0apache24.1.dsc ef00de055ef59bdced7e19561b29cd089f7601b4 70252 apparmor_2.7.103-3~0apache24.1.debian.tar.gz bc99adfe471475f0e7948fbe463046b9c6c65955 376552 apparmor_2.7.103-3~0apache24.1_amd64.deb 516bda0481c52bffc0ebae30f4bc55541a502ce5 136132 apparmor-utils_2.7.103-3~0apache24.1_amd64.deb 9f831f3844a5bf20e6e898147e4ddc1904a61246 48484 libapparmor-dev_2.7.103-3~0apache24.1_amd64.deb c300b40835d5ccee33c76d14baed75b0e2f4ca83 58578 libapparmor1_2.7.103-3~0apache24.1_amd64.deb 3a6cdf8d7d67b81814a87123ea36339821eeec07 56754 libapparmor-perl_2.7.103-3~0apache24.1_amd64.deb 3f3f2e8668132ee56049780d06d92bf31eb800f9 47512 libapache2-mod-apparmor_2.7.103-3~0apache24.1_amd64.deb 65a13af56558bd6b418e7a2c2314426fb83dce97 32038 libpam-apparmor_2.7.103-3~0apache24.1_amd64.deb 359a50d2e03bff70b96dfb83405f61a5ba1a76c0 52084 python-libapparmor_2.7.103-3~0apache24.1_amd64.deb 46daa79c97420906df9ffdb0cf9f62e0dcf19c93 57974 apparmor-profiles_2.7.103-3~0apache24.1_all.deb 5f750ece1b0fb6344637e5d3d5ac4fcbe70aaa69 254714 apparmor-docs_2.7.103-3~0apache24.1_all.deb d3fa25ad0f7a68f163c6fd857d5d0a45b1f26d0d 36398 apparmor-notify_2.7.103-3~0apache24.1_all.deb 4008608b145d2348614d63d3f6b86e205250b7fd 30158 dh-apparmor_2.7.103-3~0apache24.1_all.deb Checksums-Sha256: 3b2e98fb694e258bd50e4b0fcf7d699ab34ff7cbe1dd3ce498d5f5362d00211b 2688 apparmor_2.7.103-3~0apache24.1.dsc a113a9fbd8f412d070d4222499c00cd7434d4f193de0b000e2d7dfde0a14fadf 70252 apparmor_2.7.103-3~0apache24.1.debian.tar.gz 1f6ab36314de9bd57d5ca68df33dd3207065cbf7781b3a0eaf73f5b14f57d96b 376552 apparmor_2.7.103-3~0apache24.1_amd64.deb 755cfc852060ae12a8323c415b62df26074532bc9114fd96aa3319988060bb3d 136132 apparmor-utils_2.7.103-3~0apache24.1_amd64.deb 73426cf77f2b4ba881b60839d4beb69169d7566c72664cb51c954372db2d702e 48484 libapparmor-dev_2.7.103-3~0apache24.1_amd64.deb e8797e3b2975c8f86b03e7bb6aae1168b1c4b65228f779ab58972a201328235b 58578 libapparmor1_2.7.103-3~0apache24.1_amd64.deb fe58b5e823ba9e9f24288d38c06d922f024e54690152b9256139572c634f5f4b 56754 libapparmor-perl_2.7.103-3~0apache24.1_amd64.deb e280c755c42e71c0b8565330c40229876a3561ad2287bb009484ddfbbd4a3f57 47512 libapache2-mod-apparmor_2.7.103-3~0apache24.1_amd64.deb 08674e5a7fc125fe51b860df82486df1237e04dc1fd61eb547af1292d679d33d 32038 libpam-apparmor_2.7.103-3~0apache24.1_amd64.deb c04a8712b7e9300184777965c52582b19fe244e422a3fa66709401db1f0a9b3e 52084 python-libapparmor_2.7.103-3~0apache24.1_amd64.deb 529c8373b73e3fbacb5adb85e317bb892829595a948bdedd791979bde1e9ee90 57974 apparmor-profiles_2.7.103-3~0apache24.1_all.deb 6415675a2f83fcf761a24a8fcf4f36f79ad437d58a1fa9ab3a8d74ed911f101f 254714 apparmor-docs_2.7.103-3~0apache24.1_all.deb 5881befeb4f78fb56eb846e52a735b1bd70a7a4c1f197e0c7ce74874ba23406d 36398 apparmor-notify_2.7.103-3~0apache24.1_all.deb 5f3d1b6be51b7aadb9151369e2ba892a9b4332488ed1dd05ebb8147ab0101fdf 30158 dh-apparmor_2.7.103-3~0apache24.1_all.deb Files: ebda3defe91f16c1cef98ba6ed352f32 2688 admin extra apparmor_2.7.103-3~0apache24.1.dsc 94e072c0216d5d2f0e987482db190de5 70252 admin extra apparmor_2.7.103-3~0apache24.1.debian.tar.gz 5c697a6fdb0ed9aa5c4c794f6933add3 376552 admin extra apparmor_2.7.103-3~0apache24.1_amd64.deb 6add024171d1b48941b1e3a46adb9900 136132 admin extra apparmor-utils_2.7.103-3~0apache24.1_amd64.deb 50605bb254590c0b292655271b491945 48484 libdevel extra libapparmor-dev_2.7.103-3~0apache24.1_amd64.deb d76b8155f43846c93fdc845b3a069750 58578 libs extra libapparmor1_2.7.103-3~0apache24.1_amd64.deb 40925a07df6f50f228c9fc2e302cbf73 56754 perl extra libapparmor-perl_2.7.103-3~0apache24.1_amd64.deb
Accepted apparmor 2.7.103-1 (source all amd64)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Tue, 24 Apr 2012 17:20:41 -0700 Source: apparmor Binary: apparmor apparmor-utils apparmor-profiles apparmor-docs libapparmor-dev libapparmor1 libapparmor-perl libapache2-mod-apparmor libpam-apparmor apparmor-notify python-libapparmor dh-apparmor Architecture: source amd64 all Version: 2.7.103-1 Distribution: unstable Urgency: low Maintainer: Kees Cook k...@debian.org Changed-By: Kees Cook k...@debian.org Description: apparmor - User-space parser utility for AppArmor apparmor-docs - Documentation for AppArmor apparmor-notify - AppArmor notification system apparmor-profiles - Profiles for AppArmor Security policies apparmor-utils - Utilities for controlling AppArmor dh-apparmor - AppArmor debhelper routines libapache2-mod-apparmor - changehat AppArmor library as an Apache module libapparmor-dev - AppArmor development libraries and header files libapparmor-perl - AppArmor library Perl bindings libapparmor1 - changehat AppArmor library libpam-apparmor - changehat AppArmor library as a PAM module python-libapparmor - AppArmor library Python bindings Closes: 656451 660078 660079 661153 661176 668010 669537 Changes: apparmor (2.7.103-1) unstable; urgency=low . * New upstream release, merge with Ubuntu, drop included patches: - 0005-clean-common-from-vim.patch - 0006-use-linux-capability-h.patch - 0008-apparmor-lp963756.patch - 0009-apparmor-lp959560-part1.patch - 0010-apparmor-lp959560-part2.patch - 0011-apparmor-lp872446.patch - 0012-apparmor-lp978584.patch - 0013-apparmor-lp800826.patch - 0014-apparmor-lp979095.patch - 0015-apparmor-lp963756.patch - 0016-apparmor-lp968956.patch - 0017-apparmor-lp979135.patch - Closes: 656451 * debian/control: url.sty has moved, add texlive-latex-recommended Build-Dep (Closes: 669537). * debian/patches/notify-group.patch, debian/apparmor-notify.install, debian/notify/notify.conf: Remove custom notify.conf file, and modify the upstream one instead, adjusting the group to adm, thanks to Intrigeri (Closes: 660078). * debian/patches/aa-status-smarter.patch: fix up the logic for determining the enabled state of AppArmor, based on patch from Intrigeri (Closes: 661153). * debian/debhelper/postinst-apparmor: do not fail if AppArmor is not installed, thanks to Intrigeri (Closes: 668010). * debian/patches/abstractions-X.patch: add missing gdm3 path to X abstraction, thanks to Intrigeri (Closes: 660079). * debian/patches/abstractions-ubuntu-browsers.patch: include iceweasl in browser abstraction, thanks to Intrigeri (Closes: 661176). * debian/rules, debian/compat, debian/patches/pass-compiler-flags.patch, debian/control: bump to compat 9, export build flags, and make get them passed into the build. Checksums-Sha1: 69c1c1186637f24e022a2fd5795148bd1465104d 2636 apparmor_2.7.103-1.dsc 34fab602988c931ce34f219464777f65b464b091 1452366 apparmor_2.7.103.orig.tar.gz 9e512aeb124af15f4b09f5c5b21a08b24c5b3b7a 69485 apparmor_2.7.103-1.debian.tar.gz 8fd84df477db27d471463229288a583d8ca3b01c 376288 apparmor_2.7.103-1_amd64.deb a3733f62b5d5b238c6587031541034b06c296c5e 135970 apparmor-utils_2.7.103-1_amd64.deb 7c339a94e9c855e80491858aa925cd9790c25d4e 48212 libapparmor-dev_2.7.103-1_amd64.deb d19e9724167e97af6643e8a8a022c3d54ace8507 58256 libapparmor1_2.7.103-1_amd64.deb e45399d2e22c167f8850bbf4436e3b17c54f9236 54190 libapparmor-perl_2.7.103-1_amd64.deb cc4f8714bd081fb68f25c0faed71dd79bd1e56bc 35668 libapache2-mod-apparmor_2.7.103-1_amd64.deb 763e36e1d8545aa5455f472bc43b04b403c65f6e 31770 libpam-apparmor_2.7.103-1_amd64.deb 229220cd4a3e51c17fc8247e7ffd46562c155a23 51774 python-libapparmor_2.7.103-1_amd64.deb 58d980bdf366c0ddfdf99734013f48c6564503c9 57624 apparmor-profiles_2.7.103-1_all.deb 05a56d951034df73a225be0753782faa25f2f020 254242 apparmor-docs_2.7.103-1_all.deb 3a1a2464948d8826397bf02dc6e2a8a851f6500c 36116 apparmor-notify_2.7.103-1_all.deb 49158a2f695ae02fcd3f72460fbef4c4389f02b0 29902 dh-apparmor_2.7.103-1_all.deb Checksums-Sha256: 0db7545d5fc271bdbb8fa7b1cb051432abc7c21b30da3cbec87a8adc4573a90e 2636 apparmor_2.7.103-1.dsc 8157ed9aed68db66318e424aa95644b28294876df2672d6c450600b84bafe315 1452366 apparmor_2.7.103.orig.tar.gz d8034dc2a6a5faf03ed0d974a5016785042a0b846e7298dbb670848acaeed60f 69485 apparmor_2.7.103-1.debian.tar.gz ec7b7025719ad38e4727de33e6f9e582bde6d4d968da606125445d99568db09e 376288 apparmor_2.7.103-1_amd64.deb 062e9fa225ae91868ab481184bd83c422ca59494fab4cf7a7a8cada4bf7d9fcb 135970 apparmor-utils_2.7.103-1_amd64.deb f1849d01418aef417cfc57f33696989880e1bc7af9002f6966c9d7d52b77f17f 48212 libapparmor-dev_2.7.103-1_amd64.deb 968efccaefed0a49877bb7a6824b0c88a4a9360ce09a01b17defd1c25cbcbcda 58256 libapparmor1_2.7.103-1_amd64.deb ed0ab9db7d5b3430951fe82a8853a5646d4bb294087f81342056b6cc2f471262 54190 libapparmor-perl_2.7.103
Re: state of security hardening build flag efforts
On Sun, Apr 01, 2012 at 12:49:37AM -0700, Kees Cook wrote: I'm going to work on getting this graphed daily I've now added[1] the graphs[2]. In a few weeks, it'll be easier to see the slopes. :) -Kees [1] http://wiki.debian.org/Statistics [2] http://outflux.net/debian/hardening/ -- Kees Cook@debian.org -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20120406230040.gd8...@outflux.net
Accepted hardening-wrapper 2.1 (source i386 all)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Mon, 02 Apr 2012 08:18:52 -0700 Source: hardening-wrapper Binary: hardening-wrapper hardening-includes Architecture: source i386 all Version: 2.1 Distribution: unstable Urgency: low Maintainer: Package Hardening hardening-disc...@lists.alioth.debian.org Changed-By: Kees Cook k...@debian.org Description: hardening-includes - Makefile for enabling compiler flags for security hardening hardening-wrapper - Compiler wrapper to enable security hardening flags Closes: 666895 Changes: hardening-wrapper (2.1) unstable; urgency=low . * hardening-check: - handle _local suffix for non-ELF i386 objects (Closes: 666895). - add -h for --help. - sort and indent libc function list for easier review. * Makefile: retain newlines when generating libc function list. Checksums-Sha1: 25b3c9d62b31d780553a7640cd327ec68697f3d4 1860 hardening-wrapper_2.1.dsc b1afd045a15d64006821e9b69a180cee7df46f6a 20111 hardening-wrapper_2.1.tar.gz aca6253c8e7fd1006257324049bbe8b98747d42e 13398 hardening-wrapper_2.1_i386.deb 9804e1bfc3b8f364694cde436d2dd76513ea5a9c 17508 hardening-includes_2.1_all.deb Checksums-Sha256: 92a4c4bbc6b7fe254cec22912e7189188a9e990b436a82aaf05ebfddd2cdc88b 1860 hardening-wrapper_2.1.dsc c70c53e4037a334030b4c024d76cb9bacc00f86a71d1c31c6bce56097167729e 20111 hardening-wrapper_2.1.tar.gz 0a9605535ea5ce37a36b47c699189139e0ba950a00468e2bb5475f4532632ecd 13398 hardening-wrapper_2.1_i386.deb 9fe93041f464f72000c87e3c2e8052d3330f7689a8a60645e140796f2f1ca764 17508 hardening-includes_2.1_all.deb Files: 54efa7786a180f9075e704303b0071fd 1860 devel optional hardening-wrapper_2.1.dsc bd381f7d1e0c3c489b4994839ed19fda 20111 devel optional hardening-wrapper_2.1.tar.gz 8edf59f3f83c24ff9de83f5dbdbcf373 13398 devel optional hardening-wrapper_2.1_i386.deb 9c36fcb32b49f2d5b2508318de3d3e9b 17508 devel optional hardening-includes_2.1_all.deb -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.11 (GNU/Linux) Comment: Kees Cook k...@outflux.net iQIcBAEBCgAGBQJPecqJAAoJEIly9N/cbcAmczAP/jN0tmAE3UvSX3Zg4qetKwiC rfQHjANT2vASlV0FHysRNXrNdEbT/HGnkoQpHkA+6Y8YNkXdj/fRRHYWxXHHAU6D 5dQvmqppJSjAYUsbdAeAU3idZXJCvHz4M1OKhYEsC31hjFO2SbdUr1BNxAhYn3KM fboKL/GtJSoCm2qi+m6lFPSzNRBEUH1WzHu0A4LNizRpejworjXU4IG1j4mccMqK VEFK1ZVcKB2vNyMBNn5TzUaDfTEndBFw03pvcmyiwnbjobLsxHVoq5h9v6VpPJ1x RQs6IG5XVAs8DabrYjCGOPKvVsKixmngj+ErU4jS/OMOa7CDjuxZAu62Y9Nx3wvD 7qodrj2Lzw0fjxFulLNozCfsh0tMaK8AN1x3+MND5fAjXaXBiFRqwBtW5NrvIEVm cTrCdDCymsBH/x44UBhTerUfUjAWdn0DhBONp9nM/ZSj2kf2kkbnSRK55TIyXka8 DhivHR+4hD+OKTVaib5FTPWDivsPQgsQdlTuMIowV6FDHaDRXv8NfPYTCdwJZZHB lyX1YrrDbrvKJf+jswPaaRHXraNHH8RHO4ikSs4Gpl3nooYBxA5SCZN/O1fAJifr SagRpzpX1ZMtMYZUxzoaQ7Z/ei5TnYCAkfds3yAdjzPp70NuEm3svZyXcbek3B+I HWO1e9AnRye64m3z60y4 =FT4a -END PGP SIGNATURE- Accepted: hardening-includes_2.1_all.deb to main/h/hardening-wrapper/hardening-includes_2.1_all.deb hardening-wrapper_2.1.dsc to main/h/hardening-wrapper/hardening-wrapper_2.1.dsc hardening-wrapper_2.1.tar.gz to main/h/hardening-wrapper/hardening-wrapper_2.1.tar.gz hardening-wrapper_2.1_i386.deb to main/h/hardening-wrapper/hardening-wrapper_2.1_i386.deb -- To UNSUBSCRIBE, email to debian-devel-changes-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/e1sejj5-0001f1...@franck.debian.org
state of security hardening build flag efforts
Hi, With so many maintainers working to make sure that dpkg-buildflags defaults are getting into their packages, I thought it might be fun to see what sort of progress has been on security hardening build flags[1]. I took an optimistic approach to the data, since there are situations where lacking stack-protector and fortify isn't a mistake[2]. I assume that if any hardening features is found in any binary package, then the source package was built with that feature intentionally enabled. For collection, I used the amd64 architecture, and my approach was: - report count of all source packages that produce at least 1 binary package that contains at least 1 ELF. - report count of all source packages that produce at least 1 binary package that contains at least 1 ELF that is built with stack-protector. - same again for fortify, relro, bindnow, and pie. sources building ELFs: 9429 built with stackprotector: 1845 (19.6%) built with fortify:1058 (11.2%) built with relro: 1521 (16.1%) built with bindnow: 385 (4.1%) built with pie: 363 (3.4%) This is very exciting! It was only a short time ago when just a handful of packages were building with hardening options. Now we're almost to 20% on stack-protector. :) Thank you everyone for your great work! I'm going to work on getting this graphed daily, like the debhelper statistics[3]. -Kees [1] http://wiki.debian.org/ReleaseGoals/SecurityHardeningBuildFlags [2] http://wiki.debian.org/Hardening#Validation [3] http://www.chiark.greenend.org.uk/ucgi/~cjwatson/blosxom/debian/2010-07-10-debhelper-statistics-redux.html -- Kees Cook@debian.org -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20120401074937.gj8...@outflux.net
Re: state of security hardening build flag efforts
On Sun, Apr 01, 2012 at 05:24:00PM +0800, Paul Wise wrote: On Sun, Apr 1, 2012 at 3:49 PM, Kees Cook wrote: I'm going to work on getting this graphed daily, like the debhelper statistics[3]. If you do, please add that to the statistics wiki page: http://wiki.debian.org/Statistics Ah-ha, yes. I will do that. :) Under what circumstances do you think GCC upstream should be enabling these options by default (as several distributions other than Debian do)? I haven't attempted to push these things to upstream yet, but I still think it would be a great idea. Magnus Granberg from Gentoo maintains a patch against gcc for Gentoo, and has made attempts to upstream it, but I'm not sure where it stands: http://git.overlays.gentoo.org/gitweb/?p=proj/hardened-gccpatchset.git;a=tree;f=gcc-4.7.0/piepatch;hb=HEAD Do you have any stats about where packages had to avoid enabling these options? I have tried to encourage Ubuntu developers to keep track of stuff that couldn't be trivially fixed here: https://wiki.ubuntu.com/ToolChain/CompilerFlags#Problems For everything else, I've tried to get patches either to the upstream directly, or to Debian. The vast majority of those have been taken. It was, honestly, a pretty short list since Gentoo did a ton of this upstreaming of fixes when they started their hardening initiative. (RedHat did a lot of work on hardening fixes too, but didn't tend to be very effective at getting them upstreamed.) I'm not sure how up to date that list, is though. I strongly suspect there are things missing from it. :) But it's really just a handful of more difficult problems vs the tens of thousands of packages in the archive. Frankly, probably the most disruptive change was -Werror=format-security, which wasn't enabled in Ubuntu (since fighting all the errors at once seemed extremely daunting). Instead, I turned it on in hardening-wrapper, and then via dpkg-buildflags to slowly ease it into the archive. Do you feel the frequency of that is low enough to enable these options by default (in upstream or in distros)? Take my opinion with a grain of salt, as even I recognize that I'm a bit of an extremist about this, but yes, absolutely. I succeeded in making this happen in Ubuntu, and while the path is very different in Debian, for package builds it is effectively by default now too (assuming the package's build system is modern and the flags are passed into the build correctly). As for the upstream compiler, I recognize they have more users than just distro builders, but it seems to me that it is irresponsible to not enable these features by default in the compiler. :) Note that the default flags in both Ubuntu and Debian lack PIE (where as Gentoo's hardening patchset includes PIE by default). The Debian hardening documentation has encouraged maintainers to enable PIE too if they have a sensitive package (daemons, media processors, browsers, interpreters, etc), so it's not totally absent. I'd like to see the default on architectures with enough general registers (e.g. amd64) include PIE. The other archs, like i386, suffer quite a bit (15% performance hit) in some cases, so while I think it should still be the default there, it's not a decision I'm likely to be able to convince more performance-sensitive people about. I'd like to push for it on amd64 once more packages are building with the default flags. We'd need the entire base system converted, though, to deal with some of the build ordering problems with switching to PIE. The problem is with shipped .a files: those object files must all be built with -fPIE for them to link into a -pie binary. (i.e. all static users of the .a need to be rebuilt after the .a is built.) It's doable, it just needs to be done careful attention given to dependency ordering. I don't think a specific flag-day would be needed. If you think that enabling them by default in GCC upstream is doable, what kind of blockers and timeframe would we expect for that? I think the blockers are mostly political. There are no serious technical blockers that I see (e.g. it _is_ enabled in the Ubuntu compiler). Getting it into a form that upstream gcc would be happy about is the trick. I have no sense of timeframe; I've not worked with the gcc upstream before. I would personally like binaries not built by debian/rules but built on Debian systems to be hardened by default. Yup. I couldn't agree more, but that decision isn't mine and has already been made. -Kees -- Kees Cook@debian.org -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20120401182941.gm8...@outflux.net
Accepted hardening-wrapper 2.0 (source all amd64)
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Format: 1.8
Date: Sat, 31 Mar 2012 16:32:03 -0700
Source: hardening-wrapper
Binary: hardening-wrapper hardening-includes
Architecture: source amd64 all
Version: 2.0
Distribution: unstable
Urgency: low
Maintainer: Package Hardening hardening-disc...@lists.alioth.debian.org
Changed-By: Kees Cook k...@debian.org
Description:
hardening-includes - Makefile for enabling compiler flags for security
hardening
hardening-wrapper - Compiler wrapper to enable security hardening flags
Closes: 664495 664862 666471 666520
Changes:
hardening-wrapper (2.0) unstable; urgency=low
.
* hardening-check: add color, based on a patch from Simon Ruderich.
* hardening-check: fix lintian tag for non-PIE ELF to no-pie.
* debian/rules, debian/hardening-wrapper.{prerm,postinst}: add gcc-4.7
to the diversion list (Closes: 666520).
* debian/control:
- fix Vcs-Browser link for loggerhead (Closes: 664495).
- add Multiarch tag to hardening-includes (Closes: 666471).
* Makefile, debian/*: convert to dh(1).
* hardening-check: generate list of libc functions at build time.
* hardening-check, tests/Makefile.common: add support for scanning
object archives for stack-protector and fortify (Closes: 664862).
Checksums-Sha1:
c87b17019a163a26c7cc085b40f0d7b7d55294f3 1860 hardening-wrapper_2.0.dsc
eaca555b14ec1bc8cc02122f55fab8b510edefdd 20070 hardening-wrapper_2.0.tar.gz
d4a7998dc6841a8a6a5d858fa7428949d8a3617b 13290 hardening-wrapper_2.0_amd64.deb
bb8cbc591f72c737290acc5dcffb4692d7a9 17402 hardening-includes_2.0_all.deb
Checksums-Sha256:
eb9b9776307900b4f459ce70625a8010675a4837bf9ff5bdb365d7ac98d47da8 1860
hardening-wrapper_2.0.dsc
96d1350771d9fee8898721d058a2e054f1459105beeebc6fea78d7ec19ff1530 20070
hardening-wrapper_2.0.tar.gz
45aed77aae45ed8ee648f1df6c838aea4dcf9ac3b09d68146cb687a8baeddb21 13290
hardening-wrapper_2.0_amd64.deb
7f5b5bf6ffc9acb264ee27775f93dd719d9963388f274b9365616e26f2e05bda 17402
hardening-includes_2.0_all.deb
Files:
3620621feb820f04de3b075584d9b33d 1860 devel optional hardening-wrapper_2.0.dsc
f6d4c802a4cb59cc925b497ead753cd3 20070 devel optional
hardening-wrapper_2.0.tar.gz
52eaa212024070830adef478dc1bcf1c 13290 devel optional
hardening-wrapper_2.0_amd64.deb
b69acdd93e9732b3069206d8ef8536eb 17402 devel optional
hardening-includes_2.0_all.deb
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Kees Cook k...@outflux.net
iQIcBAEBCgAGBQJPd5hYAAoJEIly9N/cbcAmKwQQAKPoU1LtLANGQDIfi8L4NGx6
DnXbLxUN22/q9M5PAYaSS1ntYdaLq9Krd9IihDBxciG0cENzCSyOIGkkAHKG8c0b
cQzoNFDGKkVeb0DAP+JIGrJXtLWvVZFiLWW/IrYF8xXfPqv+7U238oeR5jr6aROS
IqytjXdP45BfXeevl+ooX6x3/+q9js/ihsEfGxLIc3TinQGa1iLkPAVf+W5AjsH2
i6youuO0N9mUTIaOFtJactpMrDPYbBhAspbkCZ66d35Xy7am2ICGWNLFPZo/QKpm
l+27PBvoRWDcv8O3CRihYavX7dv3ImH1rDe/RDX7pl6q6TIL+PdsUhptHUFfpgFn
TAPfIypaUG3qvmha6q4ADf2r5iwhY2fXZ3Y6HMIv0KXk3b5r51qyPneWbJD0C4UR
ClFV9oF4O+y1MsHNtGA/bV0DqP7VNWHBLFb37PrEJrcTxBsiobcIp2tGoCLCeyMS
CsAQ1vErgk36I3bvhU4O6AjQkrAWiap85Bcqhkmab3a8KeKZeRLdTNllA02ermkl
doujW7a73xbUuBzQWkFVNPMGMGcLgItgdot2AgfCJGPksSlnj/nstEPeJ5ehi+zD
TzmzhGxmucVKy6GiOmJ0mJBAwFPmUlaT+OxdhaaXABc7DUy2wGSdOh5CUkiALyN6
4NR+uBfg4gXdcYqT7fly
=CMeI
-END PGP SIGNATURE-
Accepted:
hardening-includes_2.0_all.deb
to main/h/hardening-wrapper/hardening-includes_2.0_all.deb
hardening-wrapper_2.0.dsc
to main/h/hardening-wrapper/hardening-wrapper_2.0.dsc
hardening-wrapper_2.0.tar.gz
to main/h/hardening-wrapper/hardening-wrapper_2.0.tar.gz
hardening-wrapper_2.0_amd64.deb
to main/h/hardening-wrapper/hardening-wrapper_2.0_amd64.deb
--
To UNSUBSCRIBE, email to debian-devel-changes-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/e1se8gs-0004rz...@franck.debian.org
Re: Enabling hardened build flags for Wheezy
On Fri, Mar 02, 2012 at 09:12:16AM +0100, Mike Hommey wrote: On Thu, Mar 01, 2012 at 09:58:23PM -0800, Russ Allbery wrote: Kees Cook k...@debian.org writes: Speaking to the false positives problem, I've discussed with some people the idea of having build flags be included in some sort of ELF comment-like area that can be examined. That way it's becomes trivial to answer how was this built? and all these crapy heuristic checks that get thrown away. In the mean time, I'll continue to work on the crappy heuristic checks. ;) That sounds complicated, since there are separate compiler flags for every object (which may not match) and then the linker flags used to assemble the final executable or shared object. Does ELF give you object-specific comment areas? You can have a comment sections generated for each object (as a matter of fact, gcc does that already to put its version), and the linker aggregates them in a single section. I'm not a big fan of cluttering ELF binaries for a relatively small benefit. Except maybe if that's moved with the debug info in /usr/lib/debug. Yeah, I'm not sure what it'd look like, but I would want to see it upstream. Besides being an intrusive change, there are other projects interested in this kind of post-build analysis. -Kees -- Kees Cook@debian.org -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20120302165349.gc3...@outflux.net
Re: Enabling hardened build flags for Wheezy
On Fri, Mar 02, 2012 at 07:41:25PM +0100, Julian Taylor wrote: On 03/02/2012 05:53 PM, Kees Cook wrote: On Fri, Mar 02, 2012 at 09:12:16AM +0100, Mike Hommey wrote: On Thu, Mar 01, 2012 at 09:58:23PM -0800, Russ Allbery wrote: Kees Cook k...@debian.org writes: Speaking to the false positives problem, I've discussed with some people the idea of having build flags be included in some sort of ELF comment-like area that can be examined. That way it's becomes trivial to answer how was this built? and all these crapy heuristic checks that get thrown away. In the mean time, I'll continue to work on the crappy heuristic checks. ;) That sounds complicated, since there are separate compiler flags for every object (which may not match) and then the linker flags used to assemble the final executable or shared object. Does ELF give you object-specific comment areas? You can have a comment sections generated for each object (as a matter of fact, gcc does that already to put its version), and the linker aggregates them in a single section. I'm not a big fan of cluttering ELF binaries for a relatively small benefit. Except maybe if that's moved with the debug info in /usr/lib/debug. Yeah, I'm not sure what it'd look like, but I would want to see it upstream. Besides being an intrusive change, there are other projects interested in this kind of post-build analysis. -Kees if I understood it correctly gcc 4.7 will support adding its switches to the debugging data: http://gcc.gnu.org/gcc-4.7/changes.html Other significant improvements A new option (-grecord-gcc-switches) was added that appends compiler command-line options that might affect code generation to the DW_AT_producer attribute string in the DWARF debugging information. Ah-ha! That must be it. Thanks for finding that! So, yes, I guess it means that a solid lintian check can be run if the dbg packages are built also, or something along those lines. -Kees -- Kees Cook@debian.org -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20120302211452.gl3...@outflux.net
Re: Enabling hardened build flags for Wheezy
On Fri, Mar 02, 2012 at 07:25:25PM +0100, Moritz Mühlenhoff wrote: Kees Cook k...@debian.org schrieb: In the mean time, I'll continue to work on the crappy heuristic checks. ;) Shall we move hardening-check to devscripts, now that dpkg-buildflags slowly trickles into standard Debian development practice? I'm not sure -- I'd like it out of hardening-includes just so that the whole hardening-wrapper source package can be deprecated, but lintian needs to have a Depend on whatever ships hardening-check. I think it might be rather extreme to have lintian depend on devscripts, though. I was pondering shipping it in lintian, but I'd like it to live in /usr/bin. I guess it could just be its own source package. -Kees -- Kees Cook@debian.org -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20120302213351.gm3...@outflux.net
Re: Linux kernel hardening - link restrictions
On Fri, Mar 02, 2012 at 05:11:58AM +, Ben Hutchings wrote: The longstanding link restriction patches were recently accepted by Andrew Morton and are likely to end up in Linux 3.4. I've applied these to src:linux-2.6 in svn and they should end up in the upcoming version 3.2.9-1. That's excellent news! (I am biased, obviously.) We know that these are going to break some programs, most notably 'at' (#597130, fixed in wheezy/sid). But of course it's possible to work around that by disabling the restriction, so I don't think this should result in a 'Breaks' relation. FWIW, as some background, at is the only package that I'm aware of breaking across 1.5 years of (a version of) this patch living in Ubuntu, and in many more years living in Openwall Linux and grsecurity. So I feel like going to break some is strong. :) I'm therefore intending to warn about this with the following NEWS entry in the linux-image metapackages: Index: debian/linux-image.NEWS === --- debian/linux-image.NEWS (revision 18757) +++ debian/linux-image.NEWS (working copy) @@ -1,3 +1,18 @@ +linux-latest (44) unstable; urgency=low + + * The new kernel version includes security restrictions on links, which +are enabled by default. These are specified in +Documentation/sysctl/fs.txt in the linux-doc-3.2 and linux-source-3.2 +packages. + +These restrictions may cause some legitimate programs to fail. +In particular, if the 'at' package is installed, you should either: +- Upgrade it to at least version 3.1.13-1 (or a backport of that) +or: +- Set sysctl fs.protected_hardlinks=0 (see /etc/sysctl.conf) + + -- Ben Hutchings b...@decadent.org.uk Fri, 02 Mar 2012 04:58:24 + + This seems like a sensible NEWS item to me. The use of may break seems better than going to break some. linux-latest-2.6 (26) unstable; urgency=low * The old IDE (PATA) drivers are no longer developed. Most PATA --- END --- (Why in the metapackages, you ask? Because apt-listchanges shows NEWS from upgraded packages, not new packages.) Does anyone have a better idea how to do this? Know about other packages that are affected? It's a trivial patch[1] to fix at. How about just backporting that change to stable, to avoid that known trouble too? This is what Ubuntu did for the Lucid LTS release that was getting backported kernels (with link restrictions) built for it. -Kees [1] http://anonscm.debian.org/gitweb/?p=collab-maint/at.git;a=commitdiff;h=f4114656c3a6c6f6070e315ffdf940a49eda3279 -- Kees Cook@debian.org -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20120302054021.gu3...@outflux.net
Re: Enabling hardened build flags for Wheezy
On Thu, Mar 01, 2012 at 09:44:15AM +0100, Thijs Kinkhorst wrote: On Thu, March 1, 2012 00:11, Patrick Matthaei wrote: Am 29.02.2012 23:57, schrieb Russ Allbery: Patrick Matthaei pmatth...@debian.org writes: I fully support the hardening goal. May it be an option to add lintian errors (also non-fatal errors on ftp-master side) about missing-hardening-build in the future? But maybe it still would be an option to add am lintian warning (regarding your above arguments throwing an error would not be the right solution) about maybe-missing-hardening? The maintainer would be aware about this potential problem, check his package and if it is realy a false positive he still could overwrite it. There's already some discussion in this bug: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=650536 Progress is being made on this, but I've been slow. I got distracted by some other things. I'm hoping to spend some time on it this weekend now that all the infrastructure I need is in dpkg. Speaking to the false positives problem, I've discussed with some people the idea of having build flags be included in some sort of ELF comment-like area that can be examined. That way it's becomes trivial to answer how was this built? and all these crapy heuristic checks that get thrown away. In the mean time, I'll continue to work on the crappy heuristic checks. ;) -Kees -- Kees Cook@debian.org -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20120302055202.gv3...@outflux.net
Re: Enabling hardened build flags for Wheezy
On Thu, Mar 01, 2012 at 06:16:14PM +0100, Arno Töll wrote: On 01.03.2012 18:11, Arno Töll wrote: The vanilla kernel itself has some ASLR protection as well, although I think it is still not enabled by default in Debian (and is perhaps ^^ KiBi corrected me. It is, sorry. FWIW, here's a quick way to see if stuff is running with ASLR. This will show you what memory regions are _not_ being randomized: $ diff -u (cat /proc/self/maps) (cat /proc/self/maps) | grep ^ 0040-0040d000 r-xp fb:00 17301639 /bin/cat 0060d000-0060e000 r--p d000 fb:00 17301639 /bin/cat 0060e000-0060f000 rw-p e000 fb:00 17301639 /bin/cat ff60-ff601000 r-xp 00:00 0 [vsyscall] In this case, the sections for the cat ELF are not randomized because cat wasn't built with PIE. And the vsyscall on amd64, but that's not very important, and there are even patches coming to randomize that too, so no worries there. Some architectures do not have mmap ASLR, so in that case, all the libraries will be in the same place too. (And any arch without mmap ASLR also has no text (PIE) ASLR.) -Kees -- Kees Cook@debian.org -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20120302055627.gw3...@outflux.net
Re: Enabling hardened build flags for Wheezy
On Thu, Mar 01, 2012 at 12:01:12PM -0400, Joey Hess wrote: Moritz Muehlenhoff wrote: 1. dpkg-buildflags exports hardened build flags. These hardened build flags mitigate/nullify some classes of security vulnerabilities and make exploitation of security problems more difficult. At least temporarily. Are you familiar with Return Oriented Programming and similar technologies for getting around these protections? This is why everyone should run 64-bit systems and build with hardening fully enabled: export DEB_BUILD_MAINT_OPTIONS = hardening=+all In this situation, you've got NX for sure, full ASLR in a large memory space, stack protector, and the libc fortifications in place. It'll always be an arms race, but why knowingly be behind? :) -Kees -- Kees Cook@debian.org -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20120302060021.gx3...@outflux.net
Accepted apparmor 2.7.0-1 (source all amd64)
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Format: 1.8
Date: Thu, 09 Feb 2012 15:24:08 -0800
Source: apparmor
Binary: apparmor apparmor-utils apparmor-profiles apparmor-docs libapparmor-dev
libapparmor1 libapparmor-perl libapache2-mod-apparmor libpam-apparmor
apparmor-notify python-libapparmor dh-apparmor
Architecture: source amd64 all
Version: 2.7.0-1
Distribution: unstable
Urgency: low
Maintainer: Kees Cook k...@debian.org
Changed-By: Kees Cook k...@debian.org
Description:
apparmor - User-space parser utility for AppArmor
apparmor-docs - Documentation for AppArmor
apparmor-notify - AppArmor notification system
apparmor-profiles - Profiles for AppArmor Security policies
apparmor-utils - Utilities for controlling AppArmor
dh-apparmor - AppArmor debhelper routines
libapache2-mod-apparmor - changehat AppArmor library as an Apache module
libapparmor-dev - AppArmor development libraries and header files
libapparmor-perl - AppArmor library Perl bindings
libapparmor1 - changehat AppArmor library
libpam-apparmor - changehat AppArmor library as a PAM module
python-libapparmor - AppArmor library Python bindings
Closes: 649784 651297 651434
Changes:
apparmor (2.7.0-1) unstable; urgency=low
.
* debian/po/pt.po add new Portuguese translation, thanks to Pedro Ribeiro,
(Closes: 651434).
* debian/control: do not require initramfs-tools on !linux-any
(Closes: 651297).
* debian/{control,rules,debhelper/*}: move dh_apparmor into separate
binary package, out of debhelper (Closes: 649784).
* debian/{control,rules}: fix up lack of real build-indep.
* debian/patches/0036-fix-manpage-errors.patch: minor man page cleanups.
* merge changes from Ubuntu (r1443).
Checksums-Sha1:
f2a04712ab3ec5808b0aa7a519934c90a1c30b91 2573 apparmor_2.7.0-1.dsc
9428e466e242b9381ac152dafb58d488c8a01921 1399442 apparmor_2.7.0.orig.tar.gz
66887ded8423f405fb0b580883e2ba4c5f2b0ce4 85987 apparmor_2.7.0-1.debian.tar.gz
11ff0b5139f7f685da9709cc5f8236f3417a3836 360642 apparmor_2.7.0-1_amd64.deb
25a11493f47ffb649437423147edee7c6c99da16 118800
apparmor-utils_2.7.0-1_amd64.deb
d8a31cddb7993364f2d9054a32d8e61c6ea0a4bb 45112
libapparmor-dev_2.7.0-1_amd64.deb
1c873c6a2c07e1f69b189997fc42fb425ea02ca6 55532 libapparmor1_2.7.0-1_amd64.deb
27d1cd5fef90d41100ec7c84ae37d0de72a8c8ce 49962
libapparmor-perl_2.7.0-1_amd64.deb
b7a68588094c9089bca5e042341a5c3c10cd193a 33116
libapache2-mod-apparmor_2.7.0-1_amd64.deb
ac79f4a8736f71d052fc8bd00c5fdfea45d25363 29122
libpam-apparmor_2.7.0-1_amd64.deb
1bd967cc5ade8183f95c68301e5167cda0f20914 47872
python-libapparmor_2.7.0-1_amd64.deb
b781483ff81e27ef13c8a17e01da77daf0aead42 54840
apparmor-profiles_2.7.0-1_all.deb
0761fc4dab58150791a7f19085af9f1fca68ed54 253758 apparmor-docs_2.7.0-1_all.deb
01bea02e147e4a7cd867bfc6b333c6a48f6a0d7c 33486 apparmor-notify_2.7.0-1_all.deb
7451272d78c92ab0171647bea6ada481c7bea009 27228 dh-apparmor_2.7.0-1_all.deb
Checksums-Sha256:
fe9e6aeb1a0ddd8de1fc9eb4ce52adc8877d12ddcc84bc82308443360fc5592d 2573
apparmor_2.7.0-1.dsc
ff8a2f49f902faa78e502590c65d3850fb9a2a3453bef0dc1f99e947c52fc60f 1399442
apparmor_2.7.0.orig.tar.gz
99c7499cec73c9718caf8a9419d39978c35e4e62efa69bda3a85daa53fe51445 85987
apparmor_2.7.0-1.debian.tar.gz
b6178d9a8e80f2cd4a8ab47cdfc133f6058f4a655a4ea923867f2237a6ca3c0b 360642
apparmor_2.7.0-1_amd64.deb
a7bf4bdcdf7ee83c6deabea6846d5adce72799600788affe451c6dd32ad8c07c 118800
apparmor-utils_2.7.0-1_amd64.deb
1fef11975f30092471d29440cfdb62a3c6107e524c7df98a71ee137144f30103 45112
libapparmor-dev_2.7.0-1_amd64.deb
e791f208f901740f943214af71c4f8ea257ce898ab1c9dd7fe46d39f4989ddab 55532
libapparmor1_2.7.0-1_amd64.deb
dc370f1df7f976b187637dd85cd351e44c25459bdc8d727f2d14a8484a421282 49962
libapparmor-perl_2.7.0-1_amd64.deb
0c2f1527469d484720ec5849d5d137698a688b569bf6da77f14347f17f51a957 33116
libapache2-mod-apparmor_2.7.0-1_amd64.deb
1c4d5af82819f171ee4182f6c75b60e09908415c26e4d280b3bd58397f6cfd06 29122
libpam-apparmor_2.7.0-1_amd64.deb
e217e9cd731081e3d844cad9b2d967edcaf426e85972aade508986fcfbba1f0c 47872
python-libapparmor_2.7.0-1_amd64.deb
809d50337ad83aa908230139d9de9b78b8782a0d8803a8f54969fba993767864 54840
apparmor-profiles_2.7.0-1_all.deb
b366d946efaa3ac8d0b77b342d270ae88e3d7ce4737cb87369e10252d0b213e7 253758
apparmor-docs_2.7.0-1_all.deb
c612e86a72680fa33cc22bac0d5b1509acb32ebc02b4e652d50c15bab5a2e9ea 33486
apparmor-notify_2.7.0-1_all.deb
e31960ccd3789cc780e1c5b5c2f785e471d277c65c7832dca78edd80439d8be0 27228
dh-apparmor_2.7.0-1_all.deb
Files:
ec18268891d78c48383a39318f07779c 2573 admin extra apparmor_2.7.0-1.dsc
9cc38779a43004dbc7f09932fa848366 1399442 admin extra apparmor_2.7.0.orig.tar.gz
8627a9f36e7391e8bc83e53abeea36a6 85987 admin extra
apparmor_2.7.0-1.debian.tar.gz
d7077c9e3ea5314ebb99f1c0a7a3fd1f 360642 admin extra apparmor_2.7.0-1_amd64.deb
dc3083b71e40ac04e209c9cca1b48dc9 118800 admin extra
apparmor-utils_2.7.0-1_amd64.deb
3fd464715d9c8c273f7a347f9d2b540f 45112
Accepted hardening-wrapper 1.36 (source all amd64)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Fri, 27 Jan 2012 12:07:45 -0800 Source: hardening-wrapper Binary: hardening-wrapper hardening-includes Architecture: source all amd64 Version: 1.36 Distribution: unstable Urgency: low Maintainer: Package Hardening hardening-disc...@lists.alioth.debian.org Changed-By: Kees Cook k...@debian.org Description: hardening-includes - Makefile for enabling compiler flags for security hardening hardening-wrapper - Compiler wrapper to enable security hardening flags Changes: hardening-wrapper (1.36) unstable; urgency=low . * hardening-check: fix function-finder to accept IFUNC too, improve reporting slightly, improve manpage to explain false alarms. Checksums-Sha1: 9c8bfcab55948407c9ca7732ee06abea4e3640bf 1841 hardening-wrapper_1.36.dsc 00e6e62bf7a225388b476cd1c387d30f71815d39 19475 hardening-wrapper_1.36.tar.gz f4833dd06274a652becfc8ea8fc35d5dab7fbfba 16224 hardening-includes_1.36_all.deb 4913531ef935ae064704a554efe0e7c21d8342a8 13032 hardening-wrapper_1.36_amd64.deb Checksums-Sha256: 4b099072d9461385bb9959c3fc8698a4f9661c3319f9ca711f413773d3982ac6 1841 hardening-wrapper_1.36.dsc 4511a933ca257de369c11fb458d47e391422df91ec0c4ada2c30bd8a247de191 19475 hardening-wrapper_1.36.tar.gz a96d7b2290ec00f65a394fe5421d9ae48d3d876283bef824ec481267e49073e1 16224 hardening-includes_1.36_all.deb ebe3d7123911a0fb94402e20fa886e499f2cf9aa95fbba61f56cee81d916d141 13032 hardening-wrapper_1.36_amd64.deb Files: bc9be61270f3409a0ebfa0d6bc6c60cc 1841 devel optional hardening-wrapper_1.36.dsc fc514d8755fd4bad910c4373fdf09821 19475 devel optional hardening-wrapper_1.36.tar.gz 00f52439a172206a49aa706c5955df24 16224 devel optional hardening-includes_1.36_all.deb d7ee33e26b1f9c25b3cb4885a967c781 13032 devel optional hardening-wrapper_1.36_amd64.deb -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.11 (GNU/Linux) Comment: Kees Cook k...@outflux.net iQIcBAEBCgAGBQJPIwf8AAoJEIly9N/cbcAmF/gP/2l/C05QQaSE2xvDbGnSPl5H +4/e14SgGY5NoECjYfMbYZGItSuEKUk5Bli+KqZg9byAXBsiEdIkP7fYdXO/Pl7v mRP4xTRK3TnC/Cx2QzgbXMGy36fVu36GdjTZHkB8FJkAjrcldahRkz8r1JryWvLQ GN3TP1nKs00sseFT/YeKy7UI2fjMZj4tJAMVrav6LKu7M0i49x0pDVgAld8d0Rx1 8TNv3YxtUJoIMCc/y69OKsW62jz9TvgU3ALnu6I5RvtkkA10OOgDBmQrsOfaP0Zz YebMPz2xPIabFQsJu7UrwKqd38bhBUVdoGsnnplysQhFMTGKuGHTuREcptc4/rdp RR79TQkUXsnc3JjPS6jJfW9FFlTx+AISNUg5L469zQiD8d10Pip5bbQbVe3tyF+z zQ5EWMpLKTb8OcgvRZXLaH5tqtZ6/ZS+8kTNF/DJkXRtLeJbW1i76sNYYEK1Fp6M hU1XWe38wiwTEo4ndaOvw5xqsKi1mtAFrkY1J6p7BIdpPbggT+pntEdZ4Pw9Clqq hNpQhr3vE84YJcy+wSWp4f5CYMLGfS8C3OB4DS9ea1RgSXYCsATqyaJDvHpksFug wyFoNljFTY3cPaFbs/YT+zOj93m0wBEKgrCXXzkPtBg0h43SyNkwuGygeqUifU+o 8JwjnmVjtjMFQsRVXLPR =EZqS -END PGP SIGNATURE- Accepted: hardening-includes_1.36_all.deb to main/h/hardening-wrapper/hardening-includes_1.36_all.deb hardening-wrapper_1.36.dsc to main/h/hardening-wrapper/hardening-wrapper_1.36.dsc hardening-wrapper_1.36.tar.gz to main/h/hardening-wrapper/hardening-wrapper_1.36.tar.gz hardening-wrapper_1.36_amd64.deb to main/h/hardening-wrapper/hardening-wrapper_1.36_amd64.deb -- To UNSUBSCRIBE, email to debian-devel-changes-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/e1rqska-0002hk...@franck.debian.org
Re: Hardening release goal blocker
On Wed, Dec 14, 2011 at 10:48:00AM +0700, Jonas Smedegaard wrote: On 11-12-13 at 03:10pm, Kees Cook wrote: Notably, I'm curious about this: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=651964 I think this is broken behavior on CDBS's part, and that the some packages mentioned should be fixed so that all the other packages aren't hampered by the problem. I would be happy to change CDBS to always behave sanely (i.e. make CDBS_FIX_COMPILE_FLAGS=1 the default behaviour). This wouldm however, require someone to do the work of investigating and correcting any and all packages in the Debian archive that depends on the older arguably broken behaviour. I'd be happy to help getting some bugs opened and doing rebuild tests. Is the failure condition easy to spot? -Kees -- Kees Cook@debian.org -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20111214203809.gq5...@outflux.net
Hardening release goal blocker
Hi, So, recently it came to my attention that CDBS is not behaving very nicely with dpkg-buildflags, which is causing problems for us to meet the release goal of getting more packages built with compiler hardening enabled: https://wiki.debian.org/ReleaseGoals/SecurityHardeningBuildFlags Notably, I'm curious about this: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=651964 I think this is broken behavior on CDBS's part, and that the some packages mentioned should be fixed so that all the other packages aren't hampered by the problem. This is especially true in the face of: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=651966 Which means there's no way sort of calling dpkg-buildflags directly to get a fully hardening build using only CDBS. :( What's the right way forward to have CDBS and dpkg-buildflags play nice together? :) Thanks, -Kees -- Kees Cook@debian.org -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20111213231042.gp5...@outflux.net
Re: Getting dh_install to do what we need
After looking at the bugs that are solved with this change, I don't think
it's an unreasonable solution. That said, I think it feels incomplete.
On Wed, Dec 07, 2011 at 11:47:49PM +0100, Josselin Mouette wrote:
So, to sum it up. Before, you would do in debian/rules:
sed s/@DEB_HOST_MULTIARCH@/${DEB_HOST_MULTIARCH}/
debian/libfoo.install.in debian/libfoo.install
Now, you will do in debian/foo.install:
#! /bin/sh
sed s/@DEB_HOST_MULTIARCH@/$(dpkg-architecture -qDEB_HOST_MULTIARCH)/
EOF
…
EOF
This doesn't work with source-format-1 packages without adding chmod
lines for the scripted debhelper config files in the rules file. Perhaps
this isn't a big deal since we should all be using source-format-3 anyway.
The debhelper config scripts do not run in the same environment as the
rules file, so none of the environment variables available there are
available to the config scripts. This means either adding export lines to
the rules file (which means you can't have a nice 2-line rules file), or
it means manually re-establishing the environment in the config scripts,
which seems wasteful since dh has already done all the magic to establish
the environment.
I think it would make sense to support the common case, and that appears to
be environment variable replacements (235302, 477625, 614731, 642129), with
general filtering a close second (372310, 438601, 632860).
So, how about:
- Have debhelper do the executable marking in some way. (Yet another
config to list the config scripts?) Or, I guess, just ignore this
problem since it's only a problem in source-format-1.
- Export DEB_* environment variables to the script. This really feels
like the missing piece to me.
-Kees
--
Kees Cook@debian.org
--
To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/20111208161348.gv5...@outflux.net
Re: Getting dh_install to do what we need
On Thu, Dec 08, 2011 at 02:47:00PM -0400, Joey Hess wrote:
Steve Langasek wrote:
While I had originally believed this to be the case when drafting
http://wiki.debian.org/Multiarch/Implementation, feedback from those
implementing this in practice is that dh does *not* export these variables,
it only passes them to autoconf.
That's not correct, dh exports the variables. (You made me look though.)
joey@gnu:~/src/filtershead -n2 Makefile
build:
echo ${CPPFLAGS}
joey@gnu:~/src/filtersecho 9 debian/compat
joey@gnu:~/src/filtersdebian/rules build
dh build
dh_testdir
dh_auto_configure
dh_auto_build
make[1]: Entering directory `/home/joey/src/filters'
echo -D_FORTIFY_SOURCE=2
-D_FORTIFY_SOURCE=2
We must be talking about separate things:
$ head -n3 Makefile
build:
echo CPPFLAGS: $(CPPFLAGS)
echo DEB_HOST_MULTIARCH: $(DEB_HOST_MULTIARCH)
$ cat debian/compat
9
$ fakeroot debian/rules build
dh build
dh_testdir
dh_auto_configure
dh_auto_build
make[1]: Entering directory `/tmp/dhtest-1.0'
echo CPPFLAGS: -D_FORTIFY_SOURCE=2
CPPFLAGS: -D_FORTIFY_SOURCE=2
echo DEB_HOST_MULTIARCH:
DEB_HOST_MULTIARCH:
Which means I can't use DEB_HOST_MULTIARCH in the config-scripts,
unfortunately.
-Kees
--
Kees Cook@debian.org
--
To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/20111208190633.gw5...@outflux.net
Accepted libdisasm 0.23-5 (source i386)
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Format: 1.8
Date: Sun, 04 Dec 2011 12:30:31 -0800
Source: libdisasm
Binary: libdisasm-dev libdisasm0 x86dis
Architecture: source i386
Version: 0.23-5
Distribution: unstable
Urgency: low
Maintainer: Kees Cook k...@debian.org
Changed-By: Kees Cook k...@debian.org
Description:
libdisasm-dev - disassembler library for x86 code (development files)
libdisasm0 - disassembler library for x86 code
x86dis - Frontend to libdisasm
Changes:
libdisasm (0.23-5) unstable; urgency=low
.
* debian/{control,*.install,compat}: convert to Multi-Arch.
* debian/control: bump standard to 3.9.2.0; no changes needed.
Checksums-Sha1:
fdfd34b8f0959be25d3645a0a10ef26a4bc6f194 1991 libdisasm_0.23-5.dsc
1dafba0d361be686beab9c40210035ae60b2bfbc 5023 libdisasm_0.23-5.debian.tar.gz
3cc8846671d92e1c53fc410986b433fa4f251a53 79488 libdisasm-dev_0.23-5_i386.deb
25c0f81def7515572f1285ce75b063b1e4a103c1 45414 libdisasm0_0.23-5_i386.deb
5ed13f0fc26755aa2bf4d089e2e95a0a0075c641 13704 x86dis_0.23-5_i386.deb
Checksums-Sha256:
548529cc0bdd090c4b155d468925ae58e918d08cdd896377714e0b6d8655e301 1991
libdisasm_0.23-5.dsc
5700cb3b9468f5229437a785652d8603836a54644a3bc5f37b5689cc5194e5ac 5023
libdisasm_0.23-5.debian.tar.gz
b2f9ab03c0feafab557555a25abf92a6e3de664fc3cd42cfab61daf5f19a2915 79488
libdisasm-dev_0.23-5_i386.deb
ad746836c6f99e4c5295bf2a424add132ab36543b42fdd7ffb7094becd8d4f70 45414
libdisasm0_0.23-5_i386.deb
e2e16e6878e7b626e11b12577ada5ec65d06a8f9d7c9624a24c8b50862af5105 13704
x86dis_0.23-5_i386.deb
Files:
943639ea4c0763195c140783767c37bc 1991 libs optional libdisasm_0.23-5.dsc
a5dc68ef01696a069ef37cae6bf62389 5023 libs optional
libdisasm_0.23-5.debian.tar.gz
bdf29954339397066ea09ff5506aadd4 79488 libdevel optional
libdisasm-dev_0.23-5_i386.deb
7d980231c25bdd34b3a172d77216f4b0 45414 libs optional libdisasm0_0.23-5_i386.deb
30cd500e0ec8786022816f8fe29ed892 13704 utils optional x86dis_0.23-5_i386.deb
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Kees Cook k...@outflux.net
iQIcBAEBCgAGBQJO29vHAAoJEIly9N/cbcAmjPcP/1uajk16/6aDEDp7hP92K4Uz
dlZdQs8pJ4C8mgYAf4BQzfOBmRNz7hsygQBThIDhakWdDTY/1Rv7e5fFQrlQ4AEO
PRuJLBFiXxEToanc07NMOh2qtqBZ1b6KZPeSiGR96U9p48gSt3vsVsRO1EyUVdkm
vwHVEn30ZxpEpBcFxQqFz/A6ZMPHHkNU4imWSUXDQ0lMmaYGFraYKi95t90h8RpS
S/bDoVcBGxGuVBCNh4B2rpXVlaMdfUqRsDKamwIqXTXsoTSrwtEgidpqUTxCkLgz
Qj0qBcxwUzZKCQ3SWP19V2sSri/yWKPsKfLdGva5D9gQLriibfgoYjco8HKNpH/1
k8fUcupQW0URtNkiwcpX7zJkJ1Jfavftbqwjqitq+bi2mVTrfXa1z1Cv4VsnmNk1
Fq2rn311nCct07VYQmktEsWMAtY095ipn4coEjDi80CU2zw4kVDgGh3HYAc7WouG
vKL0kO/JP5arHMdLrxX/DInFIFtHEo/8ePyifQ0SknwWCOkPbZYQDkER4BLCaxA3
7ytCq+Bvj0Xf0S/v+wqc6a8PXD9p33C74YbjXrwSuyNZsU5497D2CaPJoZfWPjYC
JcP6+VfDQo9JCcXf+tw8a2DN6aDrdzsEXI7wpsYjVKWoVHvjeVksVMFFcyW/R7Ih
ddavjSwpkN9rombnTK24
=o/OC
-END PGP SIGNATURE-
Accepted:
libdisasm-dev_0.23-5_i386.deb
to main/libd/libdisasm/libdisasm-dev_0.23-5_i386.deb
libdisasm0_0.23-5_i386.deb
to main/libd/libdisasm/libdisasm0_0.23-5_i386.deb
libdisasm_0.23-5.debian.tar.gz
to main/libd/libdisasm/libdisasm_0.23-5.debian.tar.gz
libdisasm_0.23-5.dsc
to main/libd/libdisasm/libdisasm_0.23-5.dsc
x86dis_0.23-5_i386.deb
to main/libd/libdisasm/x86dis_0.23-5_i386.deb
--
To UNSUBSCRIBE, email to debian-devel-changes-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/e1rxjli-0003xu...@franck.debian.org
Accepted hardening-wrapper 1.35 (source all amd64)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Thu, 01 Dec 2011 10:15:35 -0800 Source: hardening-wrapper Binary: hardening-wrapper hardening-includes Architecture: source all amd64 Version: 1.35 Distribution: unstable Urgency: low Maintainer: Package Hardening hardening-disc...@lists.alioth.debian.org Changed-By: Kees Cook k...@debian.org Description: hardening-includes - Makefile for enabling compiler flags for security hardening hardening-wrapper - Compiler wrapper to enable security hardening flags Changes: hardening-wrapper (1.35) unstable; urgency=low . * debian/control: switch to optional priority so lintian can depend on hardening-includes. * hardening-check: rewrite in Perl, add --lintian mode, to support fixing bug 650536. Checksums-Sha1: 4374f4048d88355ca5391861abbe38c0ef98cd78 1841 hardening-wrapper_1.35.dsc e2b1dac203640369206a54a1f684a935b23be740 19054 hardening-wrapper_1.35.tar.gz 8e51f93a1f87667fb1235fc6de72851d240ea2ce 15414 hardening-includes_1.35_all.deb e18909af4f8bcdbf2b0bf366e2ae2795bb862c20 12970 hardening-wrapper_1.35_amd64.deb Checksums-Sha256: cd2a2e70d9114351eb7b708d33f57edd68e3ae89258df9cafb7d20d0f65c2f99 1841 hardening-wrapper_1.35.dsc 52c3a9b8963981acbdfb2bf9db970b149e213fb93a5eaf6d9e38b2d6090c74f8 19054 hardening-wrapper_1.35.tar.gz b4f1639f4a88c687313d11fd9ff1c42d6f9645a8488fbe3ba1d9314b4bdfc7ca 15414 hardening-includes_1.35_all.deb a07c509b73341caf9735476490ba572e396f707f051f70f5f93f951e84f1f3b6 12970 hardening-wrapper_1.35_amd64.deb Files: eae5971d4bf6693bd61af6bc8addade9 1841 devel optional hardening-wrapper_1.35.dsc f197bde784b7a8c656aa2eb8e77739f0 19054 devel optional hardening-wrapper_1.35.tar.gz 2c2857348a05d543a515a21b91702b34 15414 devel optional hardening-includes_1.35_all.deb 60de795c8a8d4b621dd065c2efbe3ba1 12970 devel optional hardening-wrapper_1.35_amd64.deb -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.11 (GNU/Linux) Comment: Kees Cook k...@outflux.net iQIcBAEBCgAGBQJO2BnSAAoJEIly9N/cbcAmAJMP/274OOrzqDxTnH4cBWgPkB6Z C4BRt26S9d09IToNocPsWSdMWU9DGXDIoga7RyLqWZe0JWbu2mGcxVIz+oUfbwH7 Ov3qTqlV6+dBTsCTBaFj9UrBeJ7qYX6AewSYz0NeALj1tQMG4oLj9e8e6J1WheDP tea+ebTYzAOCfCUrWHZe41x+HaleNkSFBgS/S3J6BxInlvC+EfQX8KnakmEgA+2l Wrp7Hh8yxopnzZemw1XDvUkS0tRNC88MQdsc6LVxivHHCSegDu358AlsfU1JYqi8 M4nAwVLmO+IhYeSPTiA5BpGqWxred1512iAxnHii1tCBICwyCMSOZOfTNdaJ+Zix HSFhR/18KqYYWy5DbNjJX5UX7NtWpwTM7T/muYu+tCFHhURy3Cy6dlCBkdqwBqu4 SL1k9lUckeK+6JxsyP+lPR5jIp2cSixvZWIDSePqiiS0fhg/C0Km2QCN2MtuHdge Pbq0SqFLW/cTwyHu9WbCiMGCpWGSuI4sJz8ER3gpunMG/boRY4FEIDT7pMQD99yD NKE7orWQ2WDZuFty2Vul5tmqlBHIZbDUJArxvk5tGCTt6V93AUYvHS5oEimXwaUX S8xLCwWdaFocf3XqykjoIoxYbc+xi2RJT+yzUktQ49EuuVjrucUjzAMGwCc09ouh Ff0O1ykiQtuhAf6atAoj =sGOM -END PGP SIGNATURE- Accepted: hardening-includes_1.35_all.deb to main/h/hardening-wrapper/hardening-includes_1.35_all.deb hardening-wrapper_1.35.dsc to main/h/hardening-wrapper/hardening-wrapper_1.35.dsc hardening-wrapper_1.35.tar.gz to main/h/hardening-wrapper/hardening-wrapper_1.35.tar.gz hardening-wrapper_1.35_amd64.deb to main/h/hardening-wrapper/hardening-wrapper_1.35_amd64.deb -- To UNSUBSCRIBE, email to debian-devel-changes-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/e1rwhck-0003hi...@franck.debian.org
Accepted mythtvfs-fuse 0.6.1-3 (source amd64)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Wed, 23 Nov 2011 10:56:23 -0800 Source: mythtvfs-fuse Binary: mythtvfs Architecture: source amd64 Version: 0.6.1-3 Distribution: unstable Urgency: low Maintainer: Kees Cook k...@debian.org Changed-By: Kees Cook k...@debian.org Description: mythtvfs - userspace filesystem client for MythTV Closes: 634805 Changes: mythtvfs-fuse (0.6.1-3) unstable; urgency=low . * debian/control: adjust Depends for kfreebsd (Closes: 634805). * debian/patches/manpage-fixup.patch: reduce width of example filename. * debian/control: update standards version; no changes needed. Checksums-Sha1: f5ad56c0ee1d40a6fc259fd723b9dbfd1865e8cc 1933 mythtvfs-fuse_0.6.1-3.dsc cbb5eaf29bd18377acfe18dd724764b66b90d1f5 3015 mythtvfs-fuse_0.6.1-3.debian.tar.gz 7bf0c4ba1f41dae46ab62c094b4265ef4b3dac7e 25760 mythtvfs_0.6.1-3_amd64.deb Checksums-Sha256: 642c7cc8312801cd01b2d8f645c02ee3407ff5b3d145f246d168f17c73634c03 1933 mythtvfs-fuse_0.6.1-3.dsc 1cc8eeed48b5e81be62e9b868c0b82c448bf86f61b0fa5d44d21f46110ee3278 3015 mythtvfs-fuse_0.6.1-3.debian.tar.gz 88499a7b42882b4623cebb362e758f3a73a675dab535928e43681b84efe8f8bc 25760 mythtvfs_0.6.1-3_amd64.deb Files: b628fe80056b58198a8964e47693ecea 1933 utils optional mythtvfs-fuse_0.6.1-3.dsc 73bdbde095c39e56b8d6c9b05a7e4379 3015 utils optional mythtvfs-fuse_0.6.1-3.debian.tar.gz 0040a9ebf218be95f4ac5503ef6faa77 25760 utils optional mythtvfs_0.6.1-3_amd64.deb -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.11 (GNU/Linux) Comment: Kees Cook k...@outflux.net iQIcBAEBCgAGBQJOzUMnAAoJEIly9N/cbcAmSdsP/jiF+CBkZaFLnvj10MvnSpS2 j/mObnsqIryRvevERXF/xu5eqmfwacjOBYMOVTLIL2wcHxZl6BOpq6bfLN+eKPDt O+2LuczqAtRI+pnZ0LiGUcnwmg4BLmEXlojLGBrqYmucZMvJD86DrMZ072LDWlqs 1eVAZhsEJwdLMiHHQzfYqHjoSJPAZBxeMwf6r5bKODPjUgm7xkA7l6gto37lWPdJ 2yHCgMqNN+FuIk0X0YFZI6XjhrUbQMY62qjIc4Px8A1TyzSlOCDrwSiyfcw6Herx ZM2wEeRKSUgv3D84jviCeVFXj+BcetAMVKqsGSkebNCYP0UZSRnHLVkUZamuscGT uwVV3kP+OD9zwlv9OWehecl49rmumeO5c+vH5Jk6IsZbhD6muxKu8dldERf+Fws3 tr7pAOGkZr92XoOe445OO/ahEvVIAQrVYIKARFPRXS4Tm6T+AbTTt913z02vXxmS fL3S9UxGEMRcRKCF3l5AJ9tTHFSeknIis7MiGfnlkX9ssqiTiYUnHqLGQ5LOjfle 5gbRPhmPdscqnsgFkAeD92+XOZAHI10QdlEJ4mxnfiSng0BFXm8vhvJPmjUfI5Ob TEQf1iB1QcVUN2oTeGkdGtI5vY+pD6rm0ukigyP4yAqRBdAYs/weGh7y36igvJiJ gDwNHHXld8jLSLtSRRdL =h14Q -END PGP SIGNATURE- Accepted: mythtvfs-fuse_0.6.1-3.debian.tar.gz to main/m/mythtvfs-fuse/mythtvfs-fuse_0.6.1-3.debian.tar.gz mythtvfs-fuse_0.6.1-3.dsc to main/m/mythtvfs-fuse/mythtvfs-fuse_0.6.1-3.dsc mythtvfs_0.6.1-3_amd64.deb to main/m/mythtvfs-fuse/mythtvfs_0.6.1-3_amd64.deb -- To UNSUBSCRIBE, email to debian-devel-changes-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/e1rtikn-og...@franck.debian.org
Accepted duo-unix 1.7-3 (source amd64)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Wed, 23 Nov 2011 11:11:09 -0800 Source: duo-unix Binary: libpam-duo login-duo libduo3 libduo-dev Architecture: source amd64 Version: 1.7-3 Distribution: unstable Urgency: low Maintainer: Kees Cook k...@debian.org Changed-By: Kees Cook k...@debian.org Description: libduo-dev - Duo Security development libraries and header files libduo3- Duo Security library libpam-duo - PAM module for Duo Security two-factor authentication login-duo - login wrapper for Duo Security two-factor authentication Closes: 642421 Changes: duo-unix (1.7-3) unstable; urgency=low . * debian/copyright: fix lintian-detected format problems. * debian/patches/fix-configure-privsep-user.patch: do not require that privsep user exist in the build environment (Closes: 642421). Checksums-Sha1: e5a56472ab24fcb4b99ad58fc88672310e23861a 1904 duo-unix_1.7-3.dsc 63e2d9bed3ba2e5c0d8bd692a7a993b4b9739e45 9287 duo-unix_1.7-3.debian.tar.gz 4b02ae500f966f3a5697657b40018b2238fef40c 15852 libpam-duo_1.7-3_amd64.deb 20981d5016206d00a87c8a5a7185049d792a383f 17594 login-duo_1.7-3_amd64.deb 8f33bc08eb6d4e6bf767326fae521dc32db45efd 38072 libduo3_1.7-3_amd64.deb 6368503f94a24afa170d9aaa979e87b431071344 6958 libduo-dev_1.7-3_amd64.deb Checksums-Sha256: fa30b8613930cad9681f5ae4894e15007c2ade704663d3535201371c75a068f0 1904 duo-unix_1.7-3.dsc 4582fcaf54ebce696e72407f130aa702ef3d20d4ca683765c0b7f3ef1fbf2bc0 9287 duo-unix_1.7-3.debian.tar.gz 1f753b5d919c8c56d0b3bb05ede2c209f38236fdafcf5a32beef72dc3b6f2c56 15852 libpam-duo_1.7-3_amd64.deb 9678bed94ffb6e68c41735127d7d363b778200cd2054f4c3b04e6e6817457e32 17594 login-duo_1.7-3_amd64.deb 5b39902f1ba5f955ed12550a689dc95214cd3054a9322007722b85b8a18ebe7b 38072 libduo3_1.7-3_amd64.deb 62fe492a7f5a7ba575b6635c0144e20ec9d6fe7e209a92b1d27434c966cd2458 6958 libduo-dev_1.7-3_amd64.deb Files: e82fee851a12891eed600e1039531775 1904 libs extra duo-unix_1.7-3.dsc 346d6a6d60431a7761ecf0595f3a34d4 9287 libs extra duo-unix_1.7-3.debian.tar.gz 0a2e84cff56933ffa978cdf1fa799590 15852 libs extra libpam-duo_1.7-3_amd64.deb 5737030caa136f510acdab424fd82010 17594 admin extra login-duo_1.7-3_amd64.deb edeed34ab2c04a37a87cee453d1cf80f 38072 libs extra libduo3_1.7-3_amd64.deb d07a7510e49cad33ab5bd02d9ffee3b6 6958 libdevel extra libduo-dev_1.7-3_amd64.deb -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.11 (GNU/Linux) Comment: Kees Cook k...@outflux.net iQIcBAEBCgAGBQJOzVB2AAoJEIly9N/cbcAm5vkP/R0mJzT3H0LD6PerCLQ+CeJm aEc1r8crApLneuKmVhPw3oYgaILg799ziL9t8a8glCHyn0g+xeQnOLtJzA0TJ3Xm sH3IlBw/W9uzSfqEu8PlDKsk45xV8nl+DMVJFDSK3mIO8B3o0KrIUJJVROJcZzUo CTG52cioaLVB2+I9l6HT12kYLSi9MdiPJCBcie3egSQpKyEx/gUqo32cfHOf7JCs 9SwMb+B7Djf0RgWM/LBgWuOe7JxfzXmkVndFDDoFkgO9Kk5/yR9RekvvBnLSWXht KEpItqGEZRlAiPvY3Ah/8naDS9gWWIT+U/6/Sqs/THXLJxTZOHm5izYR80f2abZb 4UJnKK9EZCFPQ5A1L4HzmB+PCKkd57hIUdHsfFjd0AUC16S06+zQbQlHy1yDowQO LgXA0Kltcuf2CEAX02gaM08cGOhKewNQETAaZ/qOkYdpOZ9Fq04pGmmY6c0SerUD lbSlBkI9qWimZviOnRzatbT+XJYzTxgelKCVxC8pqmsSAqsV0nG+NWMnUB4ggQnN BVXM8OsQ61iPwBL6b2SbE9UXLvAluKXELOhAClaG2bW7DNNDL86ivNWm0ZnxZyVN F92HFjfjlvZpMD/+nXtgsiujiCL80XCTTfEkmZJna0bgty7jHAD0qOr2moUEJUXz 6EA7iru/08H0tOstzHdN =8B3e -END PGP SIGNATURE- Accepted: duo-unix_1.7-3.debian.tar.gz to main/d/duo-unix/duo-unix_1.7-3.debian.tar.gz duo-unix_1.7-3.dsc to main/d/duo-unix/duo-unix_1.7-3.dsc libduo-dev_1.7-3_amd64.deb to main/d/duo-unix/libduo-dev_1.7-3_amd64.deb libduo3_1.7-3_amd64.deb to main/d/duo-unix/libduo3_1.7-3_amd64.deb libpam-duo_1.7-3_amd64.deb to main/d/duo-unix/libpam-duo_1.7-3_amd64.deb login-duo_1.7-3_amd64.deb to main/d/duo-unix/login-duo_1.7-3_amd64.deb -- To UNSUBSCRIBE, email to debian-devel-changes-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/e1rtkrx-0005no...@franck.debian.org
Accepted mp3cd 1.27.0-2 (source all)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Wed, 23 Nov 2011 14:15:47 -0800 Source: mp3cd Binary: mp3cd Architecture: source all Version: 1.27.0-2 Distribution: unstable Urgency: low Maintainer: Kees Cook k...@debian.org Changed-By: Kees Cook k...@debian.org Description: mp3cd - Burns normalized audio CDs from lists of MP3s/WAVs/Oggs/FLACs Closes: 618370 Changes: mp3cd (1.27.0-2) unstable; urgency=low . * debian/control, debian/patches/fix-readme-url.patch: correct the HOWTO URL, thanks to Geoff Simmons (Closes: 618370). * debian/control: update standards version, no changes needed. Checksums-Sha1: 6d85211526ad65736743f362aef4f36fd130207e 1780 mp3cd_1.27.0-2.dsc 9d6ec10efcbed15fab6f6c967b45754aa6c63239 3582 mp3cd_1.27.0-2.debian.tar.gz a5c2c1ca408fbafc25ca79dbaf72fb737de1779d 22374 mp3cd_1.27.0-2_all.deb Checksums-Sha256: dfed8fda5ded0bdf40f22fff74f78d93703154487247a5c32b751f0cdda28a3f 1780 mp3cd_1.27.0-2.dsc fe8fee99d8f8944bb3eba445cf40b2ac9199c8c346b181cc2aa5e9ddf8dbbe05 3582 mp3cd_1.27.0-2.debian.tar.gz 96b7305898702b5e803205dd99ee2fe08b4d857699c655d4ddd2039db05b0725 22374 mp3cd_1.27.0-2_all.deb Files: 54ad582f82d5c4f57feb7886ee4b0e48 1780 sound extra mp3cd_1.27.0-2.dsc db8748d36f19bd18ee25a4a4ae9ca690 3582 sound extra mp3cd_1.27.0-2.debian.tar.gz 79dc7a17d935278ff31e6f27a925c9d7 22374 sound extra mp3cd_1.27.0-2_all.deb -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.11 (GNU/Linux) Comment: Kees Cook k...@outflux.net iQIcBAEBCgAGBQJOzXJ8AAoJEIly9N/cbcAmUzoP/jgeABsATXwJ4OX+9RvAXwTQ 6wjL5lD+7P+YGZHsMVMxvRB1r96dUW4hHxMKsKctad+Rgxll2kk+YKpqG7A6wK4/ kplH87G2gZbpndpt8k8ssGTQi8Q7xBjjbG787e5IgJpjr8sb3vziLZXSm8uExVw8 hm74wskhqIUqPK8L5iacRXoO/4xok8T7FggqI03nIngGdOTEBIsXayYxjpsWEaGK LlXpRBlbpwaXwa7HYU557suBk/MLxxZUfyy/ijq6PGtd3yaKOTWDJTVUObq/38f2 mju6OrgMZ1a0D5JJTlVSvVMsCMvrbXoCiv/zcRHQnjPhC2P8Kr1OIwZNDvSvaWI/ lncemy9H5i256m0mofMq+8TtUvCSC++MV0a9xgLP2EbQrVZRAukQv0Il3nZqfnIl OMp0tOvpjaxQnVYefAh34hXcXcSTFUyw2RMAOamZjKnXHmK9OBfvB5WRSU9P3Is5 txZyHPgCfjRhkdWlmNCPIsn1yKlt7yppnZAzTD1Ypy2FXbWXk+/8Dwq7zOGujprE cXczX6psVq1DY+8zQ+MskxdrF8IBVGCGZkpukTT0miOXF/IWRDOWqm3OwZ5Il8kc BCoHMGpDSnn6vJnSdCmGwMziIET2ztCBAL45AB3XzHBxhG8AsdpeIhkwONainp/h 9CMWvCtYZk6QR1xBGsYf =fC0i -END PGP SIGNATURE- Accepted: mp3cd_1.27.0-2.debian.tar.gz to main/m/mp3cd/mp3cd_1.27.0-2.debian.tar.gz mp3cd_1.27.0-2.dsc to main/m/mp3cd/mp3cd_1.27.0-2.dsc mp3cd_1.27.0-2_all.deb to main/m/mp3cd/mp3cd_1.27.0-2_all.deb -- To UNSUBSCRIBE, email to debian-devel-changes-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/e1rtlpp-0001y4...@franck.debian.org
Re: Bits from dpkg developers - dpkg 1.16.1
On Wed, Sep 28, 2011 at 10:52:15PM +0300, Riku Voipio wrote: On Tue, Sep 27, 2011 at 06:01:54PM -0700, Kees Cook wrote: Just to be explicit, PIE tends to have small (1%) performance hits on register-starved architectures (i386) in most cases, for for certain work loads (e.g. python) the hit is large (~15%). On architectures with plenty of registers (amd64) there's virtually no measurable performance hit that I've seen. If your package handles 3rd party data of any kind (renders, network daemons, file parsers, etc), I strongly recommend enabling PIE. However, on 32bit architectures address space randomizing (which is why people try sell PIE as a security feature) does not add much security. http://benpfaff.org/papers/asrandom.pdf This paper does a great job demonstrating why ASLR is only a statistical protection. (And that on small address space systems, the protection is more limited.) This does not, however, detract from the fact that it's still another layer that needs to be bypassed by an attacker. The effects of the bypass attempt also change based on the environment. Is it the kernel itself? Frequently you can't just try again since the machine will have fallen over. Attacking a respawning daemon? Suddenly the attack shows up as a spike in respawns, etc. No security protection is a silver bullet, and ASLR is no different. That said, weighing the potential benefit (which is non-zero) against possible performance impacts is up to the maintainer. I would opt for adding a protection in almost all cases. I'd like to see PIE enabled for all amd64 builds, but one step at a time. :) -Kees -- Kees Cook@debian.org -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20111001174133.gq6...@outflux.net
Re: Bits from dpkg developers - dpkg 1.16.1
On Wed, Sep 28, 2011 at 11:38:06PM +0200, Mike Hommey wrote: On Wed, Sep 28, 2011 at 10:52:15PM +0300, Riku Voipio wrote: On Tue, Sep 27, 2011 at 06:01:54PM -0700, Kees Cook wrote: Just to be explicit, PIE tends to have small (1%) performance hits on register-starved architectures (i386) in most cases, for for certain work loads (e.g. python) the hit is large (~15%). On architectures with plenty of registers (amd64) there's virtually no measurable performance hit that I've seen. If your package handles 3rd party data of any kind (renders, network daemons, file parsers, etc), I strongly recommend enabling PIE. However, on 32bit architectures address space randomizing (which is why people try sell PIE as a security feature) does not add much security. http://benpfaff.org/papers/asrandom.pdf Also note that as long as you can read memory in the process and have access to /proc/self/auxv, you can find the base address of all libraries. The auxv file isn't readable after a uid transition, and if an attacker has sufficient control over a process to read /proc/self, ASLR is already a non-issue for that exploit. :) That said, yes, plugging leaks of process memory locations is important when defending against local attacks. Remote attacks will have many fewer opportunities for finding memory location leaks. -Kees -- Kees Cook@debian.org -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20111001174541.gr6...@outflux.net
Re: Bits from dpkg developers - dpkg 1.16.1
On Thu, Sep 29, 2011 at 06:41:29AM +0900, Charles Plessy wrote: Le Tue, Sep 27, 2011 at 06:01:54PM -0700, Kees Cook a écrit : On Fri, Sep 23, 2011 at 08:17:54AM +0200, Raphael Hertzog wrote: Two hardening features are not enabled by default: PIE and bindnow. If your package supports PIE, you might want to consider enabling it. If the binaries are long running processes like daemons, and as such the startup performance penalty of “bindnow” is acceptable, it might be a good idea to enable it too but only if relro is in effect, although another option might be to just define LD_BIND_NOW=1 on the daemon's environment (for example in the init.d script), in which case the sysadmin can always disable it, something that's not possible with the build option. Just to be explicit, PIE tends to have small (1%) performance hits on register-starved architectures (i386) in most cases, for for certain work loads (e.g. python) the hit is large (~15%). On architectures with plenty of registers (amd64) there's virtually no measurable performance hit that I've seen. By the way – and please pardon me if it is a too naive question – does this recommendation of building packages with PIE when possible make obsolete the recommendation of Policy's §10.2 to not build static libraries with -fPIC ? http://www.debian.org/doc/debian-policy/ch-files.html#s-libraries It will only complicate things if a PIE executable needs to link against a static library like that, which is a relatively uncommon situation in the archive. When we decide to build an entire architecture as PIE, then we'll also need to build those static libs with -fPIE too. -Kees -- Kees Cook@debian.org -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20111001175008.gs6...@outflux.net
Re: Bits from dpkg developers - dpkg 1.16.1
On Fri, Sep 23, 2011 at 08:17:54AM +0200, Raphael Hertzog wrote: Two hardening features are not enabled by default: PIE and bindnow. If your package supports PIE, you might want to consider enabling it. If the binaries are long running processes like daemons, and as such the startup performance penalty of “bindnow” is acceptable, it might be a good idea to enable it too but only if relro is in effect, although another option might be to just define LD_BIND_NOW=1 on the daemon's environment (for example in the init.d script), in which case the sysadmin can always disable it, something that's not possible with the build option. Just to be explicit, PIE tends to have small (1%) performance hits on register-starved architectures (i386) in most cases, for for certain work loads (e.g. python) the hit is large (~15%). On architectures with plenty of registers (amd64) there's virtually no measurable performance hit that I've seen. If your package handles 3rd party data of any kind (renders, network daemons, file parsers, etc), I strongly recommend enabling PIE. And, if you enable PIE, please enable bindnow too. The start-up performance hit of bindnow isn't measurable on most architectures. Some much slower ones can see problems (early ARM). It's possible that PIE and/or bindnow may be enabled by default for certain architectures in the future. If your package is using hardening-wrapper or hardening-includes, you were effectively using +pie,+bindnow, so when converting, please continue to build with PIE and bindnow. :) Thanks! -Kees -- Kees Cook@debian.org -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20110928010154.gh6...@outflux.net
Re: release goal proposal: enable hardening build flags
Hi, On Wed, Sep 14, 2011 at 08:02:13AM +0200, Niels Thykier wrote: I have two questions so far. First what usertag will you be using for the bugs (if any)? As far as I can tell, there is not listed on the wiki. Secondly, where can I (or will I be able to) see the progress of this goal? Ah, right, I forgot that in the proposal. How about goal-hardening? I'll add that to the wiki[1]. Once the subgoal package lists have settled, I was going to build a little graphing tool like is done for build systems. I don't have any code written yet, but I figure a combination of looking at debian/control, compat for the build system or hardening-wrapper use, and maybe build log analysis and it'd be good to go. -Kees [1] http://wiki.debian.org/ReleaseGoals/SecurityHardeningBuildFlags -- Kees Cook@debian.org -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20110914163626.gz4...@outflux.net
release goal proposal: enable hardening build flags
Hi, I would like to propose a release goal of enabling hardening build flags[1] for all C/C++ packages in the archive[2]. For Wheezy, specific sub-goals are being chosen. The default flags are almost settled[3], additional subgoals may come up[4], and more work is needed to identify the specific packages involved in the subgoals[5], but I'd like to get the ball rolling on this as a release goal. Thanks, -Kees [1] http://wiki.debian.org/Hardening [2] http://wiki.debian.org/ReleaseGoals/Hardening [3] http://lists.debian.org/debian-dpkg/2011/09/msg00025.html [4] http://lists.debian.org/debian-devel/2011/09/msg00071.html [5] http://anonscm.debian.org/viewvc/secure-testing/hardening/subgoal-important.txt?view=log http://anonscm.debian.org/viewvc/secure-testing/hardening/subgoal-dsa.txt?view=log -- Kees Cook@debian.org -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20110913223829.gl4...@outflux.net
Re: release goal proposal: enable hardening build flags
Hi, On Tue, Sep 13, 2011 at 07:24:10PM -0400, Michael Gilbert wrote: On Tue, 13 Sep 2011 15:38:29 -0700 Kees Cook wrote: [1] http://wiki.debian.org/Hardening You mean http://wiki.debian.org/ReleaseGoals/Hardening ? It looks like we're duplicating wiki work. The page I created yesterday is much more comprehensive and detailed right now: http://wiki.debian.org/ReleaseGoals/SecurityHardeningBuildFlags That's fine; either works. Moritz started the former on the 8th, but the latter one is, as you say, more complete. We can point to the latter one. -Kees -- Kees Cook@debian.org -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20110914031517.gv4...@outflux.net
Re: release goal proposal: enable hardening build flags
On Tue, Sep 13, 2011 at 07:01:13PM -0400, Michael Gilbert wrote: On Tue, 13 Sep 2011 15:38:29 -0700 Kees Cook wrote: I would like to propose a release goal of enabling hardening build flags[1] for all C/C++ packages in the archive[2]. I think all C/C++ packages is an impossibility in the wheezy timeframe, and we should be honest about that. Something like as many Right, of course. I thought Moritz chose that language as the final goal. The Wheezy-specific bits were the sub-goals. I see the subgoals as the quantifiable real goals, and we need to work to define these first. Agreed. -Kees -- Kees Cook@debian.org -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20110914034759.gx4...@outflux.net
Re: Hardening build flags release goal
On Mon, Sep 05, 2011 at 09:34:37PM +0200, Raphael Hertzog wrote: On Mon, 05 Sep 2011, Julien BLACHE wrote: Cyril Brulebois k...@debian.org wrote: Do we have a proper definition, and sample implementation(s) for “using dpkg-buildflags properly”? On the top of my hat, it looks like semantics and recommendations changed a bit over the years, so I kind of lost count. On top of that, what's the story with regard to non-gcc compilers? No idea, I have only integrated the work others have done in dpkg. I have not studied how other compilers support the hardening compilation flags. What are the compilers you're thinking of? I'm curious to see what it would take to enable the same features in llvm. It's an area I've not looked at in any way. It might be cool to have something familiar with llvm (or other C compilers in use) update http://wiki.debian.org/Hardening with the command line arguments needs to enable each feature too. -Kees -- Kees Cook@debian.org -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20110908010018.gp31...@outflux.net
Re: Hardening build flags release goal
On Mon, Sep 05, 2011 at 07:42:30PM +0200, Moritz Mühlenhoff wrote: I'm thinking of something along the lines of all pkgs with priority = standard and all pkgs which had a DSA in the last five years as specific, important sub goals. Sounds good, I'm happy to help as well. -Kees -- Kees Cook@debian.org -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20110908010421.gq31...@outflux.net
Re: Hardening build flags release goal
On Tue, Sep 06, 2011 at 04:01:04PM +, The Fungi wrote: On Mon, Sep 05, 2011 at 02:22:39PM -0700, Kees Cook wrote: [...] It might be better to extend it further, like all network daemons using dpkg-buildflags properly and enabling PIE [...] And since many network daemons are implemented in interpreted languages, it might be nice to include packaged interpreters in the list of candidates. Yeah, that's a good idea. Ubuntu has a list of packages that were specifically called out to build with PIE (and as a result are well-tested by now): https://wiki.ubuntu.com/SecurityTeam/KnowledgeBase/BuiltPIE One task I haven't had time to do, related to interpreters, is to benchmark the python testsuite with PIE. A number of years ago, a 15% performance hit on i386 (due to so few general registers). I'd really like to see the numbers across all architectures. A future release goal, I think, would be to build all of amd64 (and any other archs that don't see a big hit) with PIE by default. Can someone step up to do this? -Kees -- Kees Cook@debian.org -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20110908010758.gr31...@outflux.net
Accepted duo-unix 1.7-2 (source amd64)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Wed, 07 Sep 2011 09:26:34 -0700 Source: duo-unix Binary: libpam-duo login-duo libduo3 libduo-dev Architecture: source amd64 Version: 1.7-2 Distribution: unstable Urgency: low Maintainer: Kees Cook k...@debian.org Changed-By: Kees Cook k...@debian.org Description: libduo-dev - Duo Security development libraries and header files libduo3- Duo Security library libpam-duo - PAM module for Duo Security two-factor authentication login-duo - login wrapper for Duo Security two-factor authentication Closes: 640740 Changes: duo-unix (1.7-2) unstable; urgency=low . * debian/rules: disable testsuite; currently very broken on buildds (Closes: 640740). Checksums-Sha1: 6477bf5c65cbe6bbf4c21300a7ad0760b9603fa9 1780 duo-unix_1.7-2.dsc d90100b2c2a813375ba13184f19bb78c78331540 8784 duo-unix_1.7-2.debian.tar.gz fb79521f992e0a8e8e4411dfdec6225b24d45733 15798 libpam-duo_1.7-2_amd64.deb becad826e9a0b559035230f32b70cf7076f77eb3 17576 login-duo_1.7-2_amd64.deb 02824935336c1788f75ea2a127af66da77593751 38050 libduo3_1.7-2_amd64.deb 715c1033ae28885a62f39d9ea0e57e153a91da92 6918 libduo-dev_1.7-2_amd64.deb Checksums-Sha256: 5386c58cb4372aa979b33232e5e7cb7e928f0b0c7e06a067f3c2b3a334371340 1780 duo-unix_1.7-2.dsc b4ea6113937f83a20f1793e61679b6b85e47c45ed7aafb3342f1aaaeb982c999 8784 duo-unix_1.7-2.debian.tar.gz 5bfd16ad2d54e4804da9dbd23bf9f41c9cac14e2cf08dd43a93e60ea23459a94 15798 libpam-duo_1.7-2_amd64.deb 8b9fb689763156915134c2510dd56f2c03c2cf192fcfa4b4d28fe43e1635a838 17576 login-duo_1.7-2_amd64.deb 04081f24426b3f886049f1492799bee52fc970ac24a66d74a7cfd72f6e5f0755 38050 libduo3_1.7-2_amd64.deb 84ac86918a77d1746514e0459683f00b2d7445abe040809b96cbef2908d5d9d3 6918 libduo-dev_1.7-2_amd64.deb Files: 064bbe70b1c6ad5f3d218afbfeaea73a 1780 libs extra duo-unix_1.7-2.dsc 07e5770986facf3ac9c4606604a68ae5 8784 libs extra duo-unix_1.7-2.debian.tar.gz 00c7c74908444a6ea791ecefdbd6aaf7 15798 libs extra libpam-duo_1.7-2_amd64.deb f444ec24229fcf55415136764bc8e1bb 17576 admin extra login-duo_1.7-2_amd64.deb 2f001a07f86af47cd63ab44d9bb84036 38050 libs extra libduo3_1.7-2_amd64.deb 3161babef7a3ffd5d80d6086260ebeba 6918 libdevel extra libduo-dev_1.7-2_amd64.deb -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.11 (GNU/Linux) Comment: Kees Cook k...@outflux.net iQIcBAEBCgAGBQJOZ5v/AAoJEIly9N/cbcAmELEP/j4jDuTXvkNNdofhYmhSxElb AhnPRcfuFIrd3V28Q4xXcTD+ol13iW4JbjYhC0JiI+9y2OrDtDdDpqg+20ZMSYGp ZkxsXmvqRFSIZ+VogxGnPUw5paTCmAagGMO+VLrNK7XqwoPRMpyOEfHdunUxa9Jy 8KqimUF28iOOhnXK7GajVJ1hUpl2k3Y0mDpFCMQa6WFYqmq5ZkpWYJE23FKvqy5j qF4dfElmEPgI18g+SxG4q1YBWLVtFprWEPFgEVyD6ZeloePCmFQYreuMuG/ZFK6G TUjR+0IOAS34W7OU0Jau1jXatcCd2KAuZkFHZUyx+aYfpOev0P13adoCiac3eisu c0ScLdFn97RP7h1iXYb+px4Ierg60TyWcWFaivW5FJ+zlceYpQTEknZm/Mbpb/nq 02KvnGgsmfJ3c5w1bQm+J2OTm3yKUpjs4cu+UnOE9wtYyw8y1t+15Rk0zZnYQOce IPywxu0SvdoDnKSj8/GzGIr3EzLaGOlG5LTOa/ueL1Ykzkklea6K9AcjuMkK8Nr6 +DBsa9FxN+AsCmPDaQT29TRah2l9ptF4JjCP6Z/0lUmd4/UqvPoPFs2n7zwR6rVt zkuaWa4bfS35WkmrunlzsmjQqmFOVxn4zEi8APxAYme1ZeyPPYk1EbdjlX0YqesC BOZ9T3nO1Ue62An1+Vm4 =4xxr -END PGP SIGNATURE- Accepted: duo-unix_1.7-2.debian.tar.gz to main/d/duo-unix/duo-unix_1.7-2.debian.tar.gz duo-unix_1.7-2.dsc to main/d/duo-unix/duo-unix_1.7-2.dsc libduo-dev_1.7-2_amd64.deb to main/d/duo-unix/libduo-dev_1.7-2_amd64.deb libduo3_1.7-2_amd64.deb to main/d/duo-unix/libduo3_1.7-2_amd64.deb libpam-duo_1.7-2_amd64.deb to main/d/duo-unix/libpam-duo_1.7-2_amd64.deb login-duo_1.7-2_amd64.deb to main/d/duo-unix/login-duo_1.7-2_amd64.deb -- To UNSUBSCRIBE, email to debian-devel-changes-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/e1r1lhm-000691...@franck.debian.org
Accepted duo-unix 1.7-1 (source amd64)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Fri, 02 Sep 2011 13:17:20 -0700 Source: duo-unix Binary: libpam-duo login-duo libduo3 libduo-dev Architecture: source amd64 Version: 1.7-1 Distribution: unstable Urgency: low Maintainer: Kees Cook k...@debian.org Changed-By: Kees Cook k...@debian.org Description: libduo-dev - Duo Security development libraries and header files libduo3- Duo Security library libpam-duo - PAM module for Duo Security two-factor authentication login-duo - login wrapper for Duo Security two-factor authentication Changes: duo-unix (1.7-1) unstable; urgency=low . * New upstream release. - drop fix-pam-destdir.patch, taken upstream. - drop openssl-license-exception.patch, taken upstream. * debian/watch: fix up new expected download location, add uupdate option. * Build for multi-arch. * debian/libpam-duo.lintian-overrides: explicitly allow mode 0600 config. * debian/control: add python as build-dep for tests. * debian/clean: remove .pyc files during clean-up. * debian/patches/fix-test-preload.patch: fix testsuite to not scare /bin/sh. Checksums-Sha1: a692521561a17071f81661fb7106cc5b17c4246c 1780 duo-unix_1.7-1.dsc b8b5aa446387a25486dae0dd9c5a0ef6912aa728 441371 duo-unix_1.7.orig.tar.gz ecf25094c3f49455934517bbd94e4bf83a654134 8736 duo-unix_1.7-1.debian.tar.gz 3f47366249f084bfa1bba0a08dc35345d9cb2845 15738 libpam-duo_1.7-1_amd64.deb bc01c0f73b24d0b90081a6585970a72e94c025bc 17504 login-duo_1.7-1_amd64.deb ef713df32e604d40c42b5d8c7f3cc4bf761fddec 37988 libduo3_1.7-1_amd64.deb c3eeeda9af4fa8f2a6b8610edb97b9500e2e6af4 6832 libduo-dev_1.7-1_amd64.deb Checksums-Sha256: c4cb8eb56cc068876ec2b0de8adf12d4b8daed5ca521f4c11e0a32c94b221d87 1780 duo-unix_1.7-1.dsc 020027703afba0319a5b4c160d5a7762aed93c733c6ce0c58db498ad87828403 441371 duo-unix_1.7.orig.tar.gz e51ad999bc74d5aba262ff361ada93eab1c2ff94977317112f3397e67d4b9c36 8736 duo-unix_1.7-1.debian.tar.gz 27cc6c558136ca175af08b1dd32d3e9fbeaf99266097ef9e1b07df98c8298113 15738 libpam-duo_1.7-1_amd64.deb f9774c846f4e0ff3e416a371990b20609ebc61a64d90abed604464930c9ad09d 17504 login-duo_1.7-1_amd64.deb faf1fe83f9267d93f37426817a4aa5c2628f9940c4eb10450f7f597d933d09e2 37988 libduo3_1.7-1_amd64.deb 2fd223ebe468a8671fdb2676820bf8866141589364b45299d44e7bfa1791c725 6832 libduo-dev_1.7-1_amd64.deb Files: 63becfd3a00d0fd56774b4c754520fd7 1780 libs extra duo-unix_1.7-1.dsc 20ae128608dd2da7cb15f5724e7a 441371 libs extra duo-unix_1.7.orig.tar.gz 0f636644f4b8692b1c430479fc5aaa70 8736 libs extra duo-unix_1.7-1.debian.tar.gz 63344f94e78223899f66778572188df3 15738 libs extra libpam-duo_1.7-1_amd64.deb 0958f9a2f9e8914322c5d5695bd917f1 17504 admin extra login-duo_1.7-1_amd64.deb 0b0d54c2ad8dcfb26fbce96dfaa5a5ac 37988 libs extra libduo3_1.7-1_amd64.deb 55c2c33608fd96843385dc733fffb826 6832 libdevel extra libduo-dev_1.7-1_amd64.deb -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.11 (GNU/Linux) Comment: Kees Cook k...@outflux.net iQIcBAEBCgAGBQJOZF3aAAoJEIly9N/cbcAmsxcP/jp2M6n1ez80Ft7ijCVXwyy1 bmt0ykclvxEbiyCcvkdvP7oHucyeLiETY7uF0UEADXKierLtBWigYsB99/szQBK1 DljHgn3Klw0JzvuemSa+njK2rk++B74DuC1xgg/9orIekvqAm37WQxBBdvx3s1Qf NCnyLEG1u2UkZ8m+/TBTVAllNQHjMH3jXsCQFcV4ubMDVPh2qchqNANu2Ivoq6Vx PvQwb/oZe03W20Y1/mWBMkBXpzZrTFCV6C5v69wyRxbSbCAgaP5RnJmRPTlfBVdp WM3zBQxREGLH81dtWefBli5I2VHKFsjJ60buSWPezXeJ7RnLlFGJKzX7Ita0+edX 9IrovwlG+qSFPdW7o+trMs9nTW4oGPDfDs9FxzMqgVe2nNzYGB8EvQ7yMj4MrS6t NoLrvkuRyp3XT8XrpItABMWB5/pDf8IiRSxMAUIRJ6IhsBYMdP5YbEy/1Njrf36I uEkgdVx8/QIvAEClcBko3cCjTbAcuHVmDzjdUp1IBF0GQ908dCKCFFMeMOZT7M8W GCmvVVwRKGjaEvsOjSmoAjeUyH+R1gxLKiRS4gGevqTiEcCT20TxfiinKztGi6OI PXwqc9j3pXaI3Heet8JekZo7U0jGxakBOLGiAOjfHrWWWcyLlUYR8VTGp+LB4Pgf IVKtZ5JR55EJU6emEnld =J4AI -END PGP SIGNATURE- Accepted: duo-unix_1.7-1.debian.tar.gz to main/d/duo-unix/duo-unix_1.7-1.debian.tar.gz duo-unix_1.7-1.dsc to main/d/duo-unix/duo-unix_1.7-1.dsc duo-unix_1.7.orig.tar.gz to main/d/duo-unix/duo-unix_1.7.orig.tar.gz libduo-dev_1.7-1_amd64.deb to main/d/duo-unix/libduo-dev_1.7-1_amd64.deb libduo3_1.7-1_amd64.deb to main/d/duo-unix/libduo3_1.7-1_amd64.deb libpam-duo_1.7-1_amd64.deb to main/d/duo-unix/libpam-duo_1.7-1_amd64.deb login-duo_1.7-1_amd64.deb to main/d/duo-unix/login-duo_1.7-1_amd64.deb -- To UNSUBSCRIBE, email to debian-devel-changes-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/e1r0ttq-0003bu...@franck.debian.org
Re: Hardening build flags release goal
On Mon, Sep 05, 2011 at 10:52:40AM +0200, Raphael Hertzog wrote: we're not very far from having hardening build flags set by default by dpkg-buildflags (waiting on some documentation update that Kees should take care of). I'm about halfway through this. Just brushing up on my groff syntax. ;) I would like to find one or two persons to lead a new release goal centered around hardening. The big goal is to have the maximum number of packages using hardening by the time Wheezy is released but it could include more specific sub-goals like all packages with priority = standard should use dpkg-buildflags properly or all packages providing a daemon should use dpkg-buildflags properly. It might be better to extend it further, like all network daemons using dpkg-buildflags properly and enabling PIE It's up to whoever does the work to define their methodology of work but it's probably interesting to write some script to detect whether a package is using dpkg-buildflags. Rebuilding packages with a custom dpkg-buildflags configuration that adds a fake flag and analyzing the build logs has been suggested (see #628516). There's already hardening-includes's hardening-check script, which would be nice to merge into lintian somehow. -Kees -- Kees Cook@debian.org -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20110905212239.ga18...@outflux.net
Accepted apparmor 2.7.0~beta1+bzr1774-1 (source all amd64)
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Format: 1.8
Date: Wed, 10 Aug 2011 18:12:34 -0700
Source: apparmor
Binary: apparmor apparmor-utils apparmor-profiles apparmor-docs libapparmor-dev
libapparmor1 libapparmor-perl libapache2-mod-apparmor libpam-apparmor
apparmor-notify python-libapparmor
Architecture: source amd64 all
Version: 2.7.0~beta1+bzr1774-1
Distribution: unstable
Urgency: low
Maintainer: Kees Cook k...@debian.org
Changed-By: Kees Cook k...@debian.org
Description:
apparmor - User-space parser utility for AppArmor
apparmor-docs - Documentation for AppArmor
apparmor-notify - AppArmor notification system
apparmor-profiles - Profiles for AppArmor Security policies
apparmor-utils - Utilities for controlling AppArmor
libapache2-mod-apparmor - changehat AppArmor library as an Apache module
libapparmor-dev - AppArmor development libraries and header files
libapparmor-perl - AppArmor library Perl bindings
libapparmor1 - changehat AppArmor library
libpam-apparmor - changehat AppArmor library as a PAM module
python-libapparmor - AppArmor library Python bindings
Changes:
apparmor (2.7.0~beta1+bzr1774-1) unstable; urgency=low
.
* New upstream devel snapshot:
- drop 0002-lp750381.patch, taken upstream.
- drop 0004-lp754889.patch, taken upstream.
- drop 0005-lp761217.patch, taken upstream.
- drop 0100-manpage-typo.patch, taken upstream.
- drop 0101-declarations.patch, solved differently upstream.
- drop 0102-manpage-release-name.patch, taken upstream.
- drop 0103-kfreebsd-compile.patch, taken upstream.
- drop define-path-max.patch, taken upstream.
- drop indep-build.patch, taken upstream.
- debian/libapparmor1.manpages: add new function man pages.
* Merge with Ubuntu:
- drop 0104-python-aa-status.patch, taken upstream.
- drop 0105-lightdm.patch, taken upstream.
- drop 0106-lp810270.patch, taken upstream.
- drop 0107-lp767308.patch, taken upstream.
- drop 0108-gnome-mimeinfo.patch, taken upstream.
- drop 0109-add-profile-repo-info.patch, taken upstream.
* Add af_names-generation.patch to allow arbitrary socket.h file location.
.
apparmor (2.6.1-4ubuntu5) oneiric; urgency=low
.
* debian/patches/0109-add-profile-repo-info.patch: add a blurb about the
new profiles repository to aa-genprof, along with a link to the wiki
page.
.
apparmor (2.6.1-4ubuntu4) oneiric; urgency=low
.
* debian/patches/0106-lp810270.patch: updated to use upstream commits
.
apparmor (2.6.1-4ubuntu3) oneiric; urgency=low
.
* debian/patches/0106-lp810270.patch: adjustments for /var/run - /run,
/var/lock - /run/lock and /dev/shm - /run/shm transition (LP: #810270)
* debian/patches/0107-lp767308.patch: allow read access to
/usr/local/share/ca-certificates (LP: #767308)
* debian/patches/0001-add-chromium-browser.patch: updates for newer chromium
(LP: #776648)
* debian/patches/0108-gnome-mimeinfo.patch: allow read access to
/usr/share/gnome/applications/mimeinfo.cache in the gnome abstraction
.
apparmor (2.6.1-4ubuntu2) oneiric; urgency=low
.
* debian/patches/0105-lightdm.patch: allow owner read access to
/var/run/lightdm/authority/[0-9]*
.
apparmor (2.6.1-4ubuntu1) oneiric; urgency=low
.
* Get rid of Perl in main AppArmor package so we can remove perl-modules
from the installation cd:
- debian/patches/0104-python-aa-status.patch: switch aa-status to
Python
- debian/apparmor.*, debian/apparmor-utils.*: move aa-status, symlink
and manpages to main apparmor package.
- debian/control: add appropriate Breaks/Replaces/Depends because of
the file move, add ${python:Depends} to apparmor Depends, add
apparmor-utils to apparmor Suggests.
- debian/rules: add apparmor package to dh_python2.
* debian/lib/apparmor/functions: fix hat separator (LP: #788616)
- Based on upstream revision 1733
Checksums-Sha1:
459c29990083c9e1de3f5ac1d313f79b1ec52ea6 2268
apparmor_2.7.0~beta1+bzr1774-1.dsc
33a5cf7c2f64e417aefcb813f98c069503a926de 1413553
apparmor_2.7.0~beta1+bzr1774.orig.tar.gz
d00da9ab08a728ee85efcc143a1079b2ae7a66e6 43879
apparmor_2.7.0~beta1+bzr1774-1.debian.tar.gz
dd8b27d43e9cffa0af0bee6593ecf0ee190bfc8f 355100
apparmor_2.7.0~beta1+bzr1774-1_amd64.deb
6a1301c159cede6c02e4688076070f70044a9359 116402
apparmor-utils_2.7.0~beta1+bzr1774-1_amd64.deb
fff1b83beed083dbe4c5ecb00f3f2cfabba64cd6 43050
libapparmor-dev_2.7.0~beta1+bzr1774-1_amd64.deb
26125359bb659ec0623f5e04d1abded37119ab44 53330
libapparmor1_2.7.0~beta1+bzr1774-1_amd64.deb
a1c8f80da7f85ae87f60febf23520d473ac89e2b 53352
libapparmor-perl_2.7.0~beta1+bzr1774-1_amd64.deb
0b675512f5da2452198b35bddca7896f49cadc03 31176
libapache2-mod-apparmor_2.7.0~beta1+bzr1774-1_amd64.deb
c3555c5eef9575a12a3b30bff68088f9e5ba071b 27150
libpam-apparmor_2.7.0~beta1+bzr1774-1_amd64.deb
39b81511833f782cd0205cecdd4e175daf07e2f0 45576
python-libapparmor_2.7.0~beta1
Accepted hardening-wrapper 1.34 (source all amd64)
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Format: 1.8
Date: Thu, 28 Jul 2011 12:55:17 -0700
Source: hardening-wrapper
Binary: hardening-wrapper hardening-includes
Architecture: source all amd64
Version: 1.34
Distribution: unstable
Urgency: low
Maintainer: Package Hardening hardening-disc...@lists.alioth.debian.org
Changed-By: Kees Cook k...@debian.org
Description:
hardening-includes - Makefile for enabling compiler flags for security
hardening
hardening-wrapper - Compiler wrapper to enable security hardening flags
Closes: 635642
Changes:
hardening-wrapper (1.34) unstable; urgency=low
.
* debian/control: update VCS tags for bzr.
* hardening{-check,.make}: correct documentation from -O2 to -O1.
* hardened-{cc,ld}, hardening.make, debian/rules: use DEB_HOST_ARCH instead
of of DEB_HOST_ARCH_CPU for behavioral defaults (Closes: 635642).
Checksums-Sha1:
f9b98735d611500049fa90f2688577d96213ceb1 1724 hardening-wrapper_1.34.dsc
120f36704d9764fe18fd7d70401f790753dbade3 16650 hardening-wrapper_1.34.tar.gz
0bb2feb126c70b324d22920965a38bf30f4f4c09 13596 hardening-includes_1.34_all.deb
8d6ed1fbdd1dd3717c33d9576ec0afc522d738cb 12866 hardening-wrapper_1.34_amd64.deb
Checksums-Sha256:
991b7716481ffc4deadef7bec1a56f8c3e55e6e8f0a4bbafde9c9f8de51795b1 1724
hardening-wrapper_1.34.dsc
0cb3ee4b3b65ca31f76a4789531347c7fc16ef9e15bc35650085851348ab6235 16650
hardening-wrapper_1.34.tar.gz
4b94a2fc453362dc79aea4d1c259db0138e2fa7a4d85eb1b6b00f892b16ee430 13596
hardening-includes_1.34_all.deb
c4303eb9bae06e29c529bd82e76a217d112719b42be998d679f22e124ff41c96 12866
hardening-wrapper_1.34_amd64.deb
Files:
238f7cfae2fbcfd325d3019814ec03ec 1724 devel extra hardening-wrapper_1.34.dsc
fe1cc5c35fedf19b9766238d8a56ed16 16650 devel extra
hardening-wrapper_1.34.tar.gz
b2c70135c0ac7b265dd7a424eb661936 13596 devel extra
hardening-includes_1.34_all.deb
4c52d7767ce818f4d2e049e75d016f4a 12866 devel extra
hardening-wrapper_1.34_amd64.deb
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Kees Cook k...@outflux.net
iQIcBAEBCgAGBQJOMiAtAAoJEIly9N/cbcAmkDgP/2VcxgjFv83IlkMPciFs17CU
4sd3N7J6EzrIgk/mkD1WngsQYt12rN9gcNvdIdsgqP/ACrDwE3m5nFng9VPxf9av
w4TkoGXanZGiloGiO6zMgRpPSVUNaTk82kgDRJ66qGk11Z/QitIrQwXf1U3jHA2W
LtAGjwY2PHOBy9tZmJYKDQLxE2Zke12Q2RuWZOH0TozsuB6+Pm0E7eBdFsY7pNuj
up5Q1jh52SLw3xcTyf9Ew6Wpu4ryIQV4tHcgTIR2WdnuOAHbAATzAbMVl5/+Rdo0
okbc7ZvxPfGSFOPM4qg5rloPA4aaC64vd6QkwwF/bNP5KX9kiOl+Ih3YA5DWsTNP
xIQsBxFFTvsw1IXOm22axG3FoZ5MEcvOlwkD0leDXRhlAkI78VoqfYn17bpXmFgg
vncO0SztDz8w3OqeY0EjU6MhloiUdTPZzR0Cz4vh6/MQG1T5MzcQ4N9KPHbF5tQE
tM298y18zGP4vdzIMKzF90wUQn1P7FTbB4v5v+kudgWym9P83BaRr9PP5MJkfXKu
l0kHEK+/Fin5D7f2Hye8eLSbZdA9/bqMj/h3Li9lCPj97W/lhR6EnvmUQ/x54FcV
QTksb0pRFfa8LIpF/k1iVgPrt9Z9hIv6tRxxu27iJ2a+srzE/uVeqKkwCOftDP6F
N6E9nwRMAeETigufEcwM
=cFD4
-END PGP SIGNATURE-
Accepted:
hardening-includes_1.34_all.deb
to main/h/hardening-wrapper/hardening-includes_1.34_all.deb
hardening-wrapper_1.34.dsc
to main/h/hardening-wrapper/hardening-wrapper_1.34.dsc
hardening-wrapper_1.34.tar.gz
to main/h/hardening-wrapper/hardening-wrapper_1.34.tar.gz
hardening-wrapper_1.34_amd64.deb
to main/h/hardening-wrapper/hardening-wrapper_1.34_amd64.deb
--
To UNSUBSCRIBE, email to debian-devel-changes-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/e1qmdl9-0005mn...@franck.debian.org
Accepted hardening-wrapper 1.33 (source all amd64)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Sun, 03 Jul 2011 11:28:00 -0700 Source: hardening-wrapper Binary: hardening-wrapper hardening-includes Architecture: source all amd64 Version: 1.33 Distribution: unstable Urgency: low Maintainer: Package Hardening hardening-disc...@lists.alioth.debian.org Changed-By: Kees Cook k...@debian.org Description: hardening-includes - Makefile for enabling compiler flags for security hardening hardening-wrapper - Compiler wrapper to enable security hardening flags Changes: hardening-wrapper (1.33) unstable; urgency=low . * debian/control: - bump to standards 3.9.2; no changes needed - hardening-wrapper: mark as Multi-Arch: foreign for build sanity. * debian/source/format: mark as 3.0 native. Checksums-Sha1: 558be989e04b639745d1bf674cecbe0a5e5e5bff 1720 hardening-wrapper_1.33.dsc 43e4ab1250a73116789180c205025a3b17981bd7 16843 hardening-wrapper_1.33.tar.gz 02ee03ba497d19c42ec9ce1a395753cb1f1ca681 13460 hardening-includes_1.33_all.deb 816b423ba309262649e76c21fb391a2208fbf578 12758 hardening-wrapper_1.33_amd64.deb Checksums-Sha256: 714fedb084f17187734376eb0b37ef4c5cdf45d1cbfb1b82313bd89e968fdd38 1720 hardening-wrapper_1.33.dsc 50eb9c79b6e88220760d2844ab8b24c2d7ee8a6c3620941c8929f08942b42e8a 16843 hardening-wrapper_1.33.tar.gz e80a7c1a12ba5572f2752ae067b67d12e36338ef5410470e750eb8bc4905bb60 13460 hardening-includes_1.33_all.deb 2d124d27bfb376dd5a3669e4f9f6dd3725a0cafa468ad143a4cd283f13070733 12758 hardening-wrapper_1.33_amd64.deb Files: b13b0ebfc694a7b297c067f4f6705fbe 1720 devel extra hardening-wrapper_1.33.dsc f0939a8121c73c0ccb0e7c665c044839 16843 devel extra hardening-wrapper_1.33.tar.gz cfc531b48fb0e4188027b249fbe932e6 13460 devel extra hardening-includes_1.33_all.deb 9ca78d744b38aa7e0e49ea259961291c 12758 devel extra hardening-wrapper_1.33_amd64.deb -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.11 (GNU/Linux) Comment: Kees Cook k...@outflux.net iQIcBAEBCgAGBQJOELXJAAoJEIly9N/cbcAmKTEP/1eJnEwm4+nw4Tz273dSGF24 hyp320oUusWMM+jomnSRq2UY1RSgA34dSSyctz/44K40znIsmTIkz8O+Cmvo0Pvy u4smm3OP2lIMMuwLmzbbKFjRMYL4YV8jmSJkQElT/yb0raBl4h4bMGperNzGS2Va XVHk8xtF5Pny3ob7GWjk2QbVXjRgnO2hp7Czkjw0+EfcyCMC1SKsJhe4D76b6tA/ PH4/53ASNSj4YSwC/0Bw/SPe9QkNPRVnJsxwkCHTT2imTxjpsFhi0oAX9YUBg30z VNgN43slsQDI1l5Ftky/36k4k2cH+Idq91gVdMNYl0VxH3Bm6GajYf/11CkSEx5G GGmTadJpDUf3buyrX2YhEASPVPLi2ij0eXSucz1wEaqn9/q7mdTh1kfgI7+Ez27P TyqG9/Esat+U1hxKiUxJqFgde0Zl0CN0mWX+ND9fki+uxytkhoHLHuI+WjAft3BR dZgUiJ5tiABd2+Ht2Jtux9pamlqqCWdJWPbdU91pbn7XAJ+mxtFaBggK1ysqal1F EGtSpddHocWIXcVAc1IU8ihZY3tIrhRrepCt2ZeAlFKzlsOrwAhv07jhCS0ro0g5 FZ1ZBR70IH0eAsFDNy8UNFFbBsa0Zd2fl7RmphkJOAMs3X7ilENqgwRdMSsBn/pT /1sZ6FoeCPvbKh6pwXiP =eXrt -END PGP SIGNATURE- Accepted: hardening-includes_1.33_all.deb to main/h/hardening-wrapper/hardening-includes_1.33_all.deb hardening-wrapper_1.33.dsc to main/h/hardening-wrapper/hardening-wrapper_1.33.dsc hardening-wrapper_1.33.tar.gz to main/h/hardening-wrapper/hardening-wrapper_1.33.tar.gz hardening-wrapper_1.33_amd64.deb to main/h/hardening-wrapper/hardening-wrapper_1.33_amd64.deb -- To UNSUBSCRIBE, email to debian-devel-changes-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/e1qdrhf-0004ea...@franck.debian.org
Accepted scantool 1.21+dfsg-2 (source amd64)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Wed, 22 Jun 2011 22:27:26 -0700 Source: scantool Binary: scantool Architecture: source amd64 Version: 1.21+dfsg-2 Distribution: unstable Urgency: low Maintainer: Kees Cook k...@debian.org Changed-By: Kees Cook k...@debian.org Description: scantool - OBD-II vehicle diagnostic scanner Closes: 630603 Changes: scantool (1.21+dfsg-2) unstable; urgency=low . * Add debian/patches/allow-elm327-clones.patch: do not abort when faced with an ELM327 device that wasn't manufactured by ScanTool.Net (Closes: 630603). Checksums-Sha1: 6a3ff9d1764f67b4c2c95f4a5a7486cae93da6e9 2075 scantool_1.21+dfsg-2.dsc 9cdced7c9455a077a92c9d52727b1b64458f73e0 11037 scantool_1.21+dfsg-2.debian.tar.gz d8ec3c14de0caab073b46e536dd4b87869f050c0 587412 scantool_1.21+dfsg-2_amd64.deb Checksums-Sha256: afe51a36fec36d40c7ed69694338b143db3d3ef0f3c849f83349097a51bb47ac 2075 scantool_1.21+dfsg-2.dsc 71c87395120b5d30d64b6fd6298a1566c1f5c81b4b504579537e1ebe95563917 11037 scantool_1.21+dfsg-2.debian.tar.gz d9dddcd98bd079ea7202a456c5ac874e146e9a4c3c45cdb2704b0a007f23e9c1 587412 scantool_1.21+dfsg-2_amd64.deb Files: 709229b31b12d1a71cc84eb05d8ddbec 2075 electronics extra scantool_1.21+dfsg-2.dsc ca8c5cbd3236d48973c619e98d0ced5e 11037 electronics extra scantool_1.21+dfsg-2.debian.tar.gz 3b79eeb69bbb6a2282ee3421531c11f9 587412 electronics extra scantool_1.21+dfsg-2_amd64.deb -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.11 (GNU/Linux) Comment: Kees Cook k...@outflux.net iQIcBAEBCgAGBQJOAs/HAAoJEIly9N/cbcAmYbgQAI9+3So2iyIjZd+eT3kknO+L qYDoraEd/unTS89znwXyRndgv9nFssTn4llr6xyfDDCIxlrxaRme9wGo/0QdRrpm IFBfIgIvU0TAeS1GRCpmIHJgG/pzm3HyOuID4qkTrpOKE9/+O+KkDEgeKrvkoOc1 yVWAtIjyN+ScgyufpkzU0pyHCoHY06bu+995XJRy9f5YrHJYiOIsXkgDchtXu49D nc/WPPeFtLs7ZO0dO3sfhhWZljMCH/rESNxDhyzEj4zKBn2D98YEb98O2ljIMhvD QZEkhU329mVvPpUQqA8G6Xh5r80VQ5IIPQqSU4RnNFyix/QfGZC+p0sx+VfbSDYk 7uEpBidhrsbo2SQnPzAUyT7m0IbZQPcVT3lfAx8OFwBuu3LB9FHBL8haNeAH+RCS usNYl/wf9G5N7hCmi+tWKArBS6uFWArbl3oIV0Kh9treH3BIh97IkSZV3znscTnU JjushoMWx+QQuW01dLd4YEFhLFIlfebvwSdKo2ucMQhScg6Zu+Bw3op8eT7DU000 L8khbPBtzrZ78ARwKMmuzyAO8cSQaqREj5Y1mq1pmGtk+wJZlEl4189e5kYFOI5m 1QvbLwAwZ69g3qZLWJQ4tJQgsWbvI8Bp78WM8P1hkZqRcmsVmnhL+ae/Ytm+/Jpv mKGaVxpXpkxudNlcVGkS =bnHV -END PGP SIGNATURE- Accepted: scantool_1.21+dfsg-2.debian.tar.gz to main/s/scantool/scantool_1.21+dfsg-2.debian.tar.gz scantool_1.21+dfsg-2.dsc to main/s/scantool/scantool_1.21+dfsg-2.dsc scantool_1.21+dfsg-2_amd64.deb to main/s/scantool/scantool_1.21+dfsg-2_amd64.deb -- To UNSUBSCRIBE, email to debian-devel-changes-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/e1qzcl8-0006pb...@franck.debian.org
Accepted scantool 1.21+dfsg-1 (source amd64)
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Format: 1.8
Date: Sat, 28 May 2011 06:57:37 -0700
Source: scantool
Binary: scantool
Architecture: source amd64
Version: 1.21+dfsg-1
Distribution: unstable
Urgency: low
Maintainer: Kees Cook k...@debian.org
Changed-By: Kees Cook k...@debian.org
Description:
scantool - OBD-II vehicle diagnostic scanner
Closes: 627635
Changes:
scantool (1.21+dfsg-1) unstable; urgency=low
.
* Initial release (Closes: 627635).
- dropped unused non-free listports.{c,h} from orig tarball.
Checksums-Sha1:
d8de72c89541f6a6135da047d8b19820eb6fd40f 2075 scantool_1.21+dfsg-1.dsc
f3f303fa90827481a47af61081c40627d4df5fb5 248577
scantool_1.21+dfsg.orig-dzcomm.tar.bz2
4a145892900ca1a2dc4fdfdd8dba7c41342a9211 156134 scantool_1.21+dfsg.orig.tar.bz2
1f8b3084a6adff87093f7b28ab08dad8ee5be684 10578
scantool_1.21+dfsg-1.debian.tar.gz
c9bb20998f77b49731d1bf73aa3e315c1ad0335d 590790 scantool_1.21+dfsg-1_amd64.deb
Checksums-Sha256:
a14edee3a0a3019282f8da1b5c876fcd5016b57c6a67717e1fb51bacbc99ef1d 2075
scantool_1.21+dfsg-1.dsc
d19cf959325c5dee3ee1c03b99d726094c3d825bdc7755752215761fb8ee3c2e 248577
scantool_1.21+dfsg.orig-dzcomm.tar.bz2
5e5b7034b7f8d5fe8d219ef2b5816a1a944aed02175f353b2d26a786700ae177 156134
scantool_1.21+dfsg.orig.tar.bz2
47070ce6b821b95bc655ae3ea0d9a8c6117b04a09dfac7992e470e8395a1fb4b 10578
scantool_1.21+dfsg-1.debian.tar.gz
7c4e991788f27de0202cc833c3b2a2c6cfb2f30b7e629450e84fbf11a45d64a9 590790
scantool_1.21+dfsg-1_amd64.deb
Files:
39895d6f51f3acc84b53471d17fc873f 2075 electronics extra
scantool_1.21+dfsg-1.dsc
806c69dd3db0bae85083f29a8e52c1a8 248577 electronics extra
scantool_1.21+dfsg.orig-dzcomm.tar.bz2
fe0cfc1340060d4356925349e5c67ec4 156134 electronics extra
scantool_1.21+dfsg.orig.tar.bz2
7a62031163a7c5993fcc76abdf530f3b 10578 electronics extra
scantool_1.21+dfsg-1.debian.tar.gz
2d859eeec907f14b2d09f8ad713c5cde 590790 electronics extra
scantool_1.21+dfsg-1_amd64.deb
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Kees Cook k...@outflux.net
iQIcBAEBCgAGBQJN4QGoAAoJEIly9N/cbcAmV9gP+wVrDaXPCqPwBtOhkgJqTtS1
42lvvgnbSHbVjnw9z9utjaYNBdGHuqbuDV0JUwNLQ0ihv1LfrH/M/JeMepfYXNl7
Es2fNfDlzvBmzYLWrS0ymGuBa/LVZXRrHXgqjNbyw4x/XJgpaLwboy/+XjtLRERf
EM8rVrGhKBi4w4bbisX5D4EGYKX+eYd/0hie8HA6W2U+1kutNwpFEMQnbMVYdi4U
Zmb3SU5APkr8mC6g8kvso8Ai75QnYlysX8MtU3c1cvZRRrNVQqh91IDhpM/8wJxG
zs3hoYdreaL1jWZDarZaj0P5Wjpl5NwhwnzaXSck0GrWXZ8KlzL8XkhBw2Plme1D
2uTYH6T/f/WnEOk+jLTjQEH2pQD1NS/Nm2bOl5PTcwm9zAmubwTw6lCGDUKi6BOX
1s81CqXy/5+ztEYasSGurUwECsg8xkoM7pyDtXypUV5P+LhKVnE13Efqb5Wdo9M+
LUNIMSpr5pEwB+qkw9zLhVF8vQ1/VK1wLmSf8z+naVgD3T31NhkNxiWozHADRRRV
3GVHaSw/rBG/bxChTDiOut43Cq6vnT53WZK5SR8AnZ3nKrMlHkDJbbPMKsL7UgiY
l1Pdg2t4QiEFFGgbpWJH/6IDzcWVEDhclXgUVqP+G7b9ncbh62zknwc6C7qr1c8r
YV8rwOt1nMfb4XTqvK/0
=QUFT
-END PGP SIGNATURE-
Accepted:
scantool_1.21+dfsg-1.debian.tar.gz
to main/s/scantool/scantool_1.21+dfsg-1.debian.tar.gz
scantool_1.21+dfsg-1.dsc
to main/s/scantool/scantool_1.21+dfsg-1.dsc
scantool_1.21+dfsg-1_amd64.deb
to main/s/scantool/scantool_1.21+dfsg-1_amd64.deb
scantool_1.21+dfsg.orig-dzcomm.tar.bz2
to main/s/scantool/scantool_1.21+dfsg.orig-dzcomm.tar.bz2
scantool_1.21+dfsg.orig.tar.bz2
to main/s/scantool/scantool_1.21+dfsg.orig.tar.bz2
--
To UNSUBSCRIBE, email to debian-devel-changes-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/e1qqef5-0002bk...@franck.debian.org
Accepted apparmor 2.6.1-4 (source all amd64)
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Format: 1.8
Date: Fri, 27 May 2011 13:51:18 -0700
Source: apparmor
Binary: apparmor apparmor-utils apparmor-profiles apparmor-docs libapparmor-dev
libapparmor1 libapparmor-perl libapache2-mod-apparmor libpam-apparmor
apparmor-notify python-libapparmor
Architecture: source amd64 all
Version: 2.6.1-4
Distribution: unstable
Urgency: low
Maintainer: Kees Cook k...@debian.org
Changed-By: Kees Cook k...@debian.org
Description:
apparmor - User-space parser utility for AppArmor
apparmor-docs - Documentation for AppArmor
apparmor-notify - AppArmor notification system
apparmor-profiles - Profiles for AppArmor Security policies
apparmor-utils - Utilities for controlling AppArmor
libapache2-mod-apparmor - changehat AppArmor library as an Apache module
libapparmor-dev - AppArmor development libraries and header files
libapparmor-perl - AppArmor library Perl bindings
libapparmor1 - changehat AppArmor library
libpam-apparmor - changehat AppArmor library as a PAM module
python-libapparmor - AppArmor library Python bindings
Closes: 624853 625252 625264 625465 625931 625977 626269 626803 626836 626903
627031
Changes:
apparmor (2.6.1-4) unstable; urgency=low
.
* debian/po: add new translations:
- zh_CN.po: Simplified Chinese, thanks to Aron Xu (Closes: 624853).
- da.po: Danish, thanks to Joe Dalton (Closes: 625252).
- sv.po: Swedish, thanks to Martin Bagge (Closes: 625264).
- cs.po: Czech, thanks to Michal Šimůnek (Closes: 625465).
- de.po: German, thanks to Chris Leick (Closes: 625931).
- nl.po: Dutch, thanks to Jeroen Schot (Closes: 626269).
- ja.po: Japanese, thanks to Hideki Yamane (Closes: 626803).
- it.po: Italian, thanks to Dario Santamaria (Closes: 626836).
- fr.po: French, thanks to Julien Patriarca (Closes: 626903).
- es.po: Spanish, thanks to Francisco Javier Cuadrado (Closes: 627031).
* debian/patches/define-path-max.patch: fix Hurd FTBFS.
* debian/patches/indep-build.patch: allow split indep/arch builds.
* debian/{control,rules,non-linux}: add fake parser for non-Linux
builds so that apparmor-utils is installable (Closes: 625977).
Checksums-Sha1:
2f8f9cfc69ec813b386ae1e8a2ecf564598b40cb 2170 apparmor_2.6.1-4.dsc
3e07695c844ddf53bfa195142c5e4b028f317acb 48616 apparmor_2.6.1-4.debian.tar.gz
55932831343062f28f9da6c47823637b85ac9086 345704 apparmor_2.6.1-4_amd64.deb
1ee48f423f32859e672011444901d19449e680c0 120850
apparmor-utils_2.6.1-4_amd64.deb
56a56407b1d40a8c88f8975b4ac14adda7ca7391 40664
libapparmor-dev_2.6.1-4_amd64.deb
e9af386fee08c015cea32cad5cc92c05600b8a70 45532 libapparmor1_2.6.1-4_amd64.deb
e892d8f85d88a563f05f0aa1b7eefce26f8a9d3d 48926
libapparmor-perl_2.6.1-4_amd64.deb
7a9e1128f944d37fa6cb59ece6766097f0bc26cc 30376
libapache2-mod-apparmor_2.6.1-4_amd64.deb
7d8d48ffc4d036375e70074b57c57bc4100b7456 26324
libpam-apparmor_2.6.1-4_amd64.deb
e9de64db673d3a6e8aac040f19d5ac9a188422b7 42684
python-libapparmor_2.6.1-4_amd64.deb
55d12d9d503f676c25d8b2afa74b76811739f8af 50822
apparmor-profiles_2.6.1-4_all.deb
0141dde2338d0a3ada0ad024569bbc08048981f5 251070 apparmor-docs_2.6.1-4_all.deb
0e62a72caa33622fbfc0f50ca26d461922ce8421 30074 apparmor-notify_2.6.1-4_all.deb
Checksums-Sha256:
68dd4d0560205755e5690191794de5dfe6fa40454eee9960197a9edf5a5336ca 2170
apparmor_2.6.1-4.dsc
63c1771916324bd0954a4baca09e7c3df158f07d88b7b6b6c0af3b1c22b0c5c7 48616
apparmor_2.6.1-4.debian.tar.gz
13e12ef1b91566bd48f6ffc4a0aa013dd5184ea66bbb72de5ca740d7a04742a9 345704
apparmor_2.6.1-4_amd64.deb
afd80d74f330ba7ffca97313fd104d2aaa720880bb3af92394969fe56e38e571 120850
apparmor-utils_2.6.1-4_amd64.deb
22b11c387fd5a4de342d0c3c503e746b901774d79215637344332df46f1ed4db 40664
libapparmor-dev_2.6.1-4_amd64.deb
64d18a1e663b70d65612c8b5ffa318aba96e15e0381ba621b10928a26c502f43 45532
libapparmor1_2.6.1-4_amd64.deb
b4c9bbc5e2238c4eb131e39b666d3c8dfa963707d24ec980ace72a2d37cfa80e 48926
libapparmor-perl_2.6.1-4_amd64.deb
c0c9c97872d0a7c2d15307f286093e3bbb94fec5f09445e55f771c4c8d22cb1d 30376
libapache2-mod-apparmor_2.6.1-4_amd64.deb
bac30d593f3675434ba5da56ca1c5203d6ac3db6e5b0645a176ad599241832cf 26324
libpam-apparmor_2.6.1-4_amd64.deb
11c7f422d5850c5547c5e43a9dde2c0f458397275ff5aad1a9d9580d507fd625 42684
python-libapparmor_2.6.1-4_amd64.deb
fb4bdb5ee7547c04dd50173a9d88d7c9d1e5fbf501ceb0e46173af9ee6897eb5 50822
apparmor-profiles_2.6.1-4_all.deb
845ca039a39d3ed64cff5174a5968a4122160e5533a733f51bdf875a795fc662 251070
apparmor-docs_2.6.1-4_all.deb
18fca9106e470f4a1cd24c1d6b8565cb6a6079f34fcd1e12f850411db776d06c 30074
apparmor-notify_2.6.1-4_all.deb
Files:
a48e2d3f4e1d47d426e05630edd52fed 2170 admin extra apparmor_2.6.1-4.dsc
e3dd0077e48e33a52ea9133e783bd420 48616 admin extra
apparmor_2.6.1-4.debian.tar.gz
87fa6b871008395eba9224f8aab66821 345704 admin extra apparmor_2.6.1-4_amd64.deb
6b2b7ba8d12bd5af142cfd08166d34e7 120850 admin extra
apparmor-utils_2.6.1-4_amd64.deb
Bug#627635: ITP: scantool -- OBD-II car diagnostic scanner
Package: wnpp Severity: wishlist Owner: Kees Cook k...@debian.org * Package name: scantool Version : 1.21 Upstream Author : ScanTool.net LLC * URL : http://www.scantool.net/scantool/downloads/diagnostic-software/ * License : GPL-2+ Programming Lang: C Description : OBD-II vehicle diagnostic scanner Scanning tool that communicates with OBD-II serial port devices, used for vehicle diagnostics. Requires a serial to CAN bus device specific to the OBD-II port for a given model vehicle. -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20110523021101.20655.45481.reportbug@localhost6.localdomain6
