Accepted libreoffice 1:3.5.4+dfsg2-0+deb7u9 (source all amd64) into oldstable

2017-04-23 Thread Emilio Pozuelo Monfort 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Format: 1.8
Date: Sun, 23 Apr 2017 17:42:11 +0200
Source: libreoffice
Binary: libreoffice libreoffice-l10n-za libreoffice-l10n-in libreoffice-core 
libreoffice-common libreoffice-java-common libreoffice-writer libreoffice-calc 
libreoffice-impress libreoffice-draw libreoffice-math libreoffice-base-core 
libreoffice-base libreoffice-style-crystal libreoffice-style-oxygen 
libreoffice-style-tango libreoffice-style-hicontrast libreoffice-style-galaxy 
libreoffice-gtk libreoffice-gtk3 libreoffice-gnome libreoffice-emailmerge 
python-uno python3-uno libreoffice-officebean libreoffice-filter-mobiledev 
openoffice.org-dtd-officedocument1.0 libreoffice-script-provider-python 
libreoffice-script-provider-bsh libreoffice-script-provider-js 
libreoffice-l10n-af libreoffice-l10n-ar libreoffice-l10n-as 
libreoffice-l10n-ast libreoffice-l10n-be libreoffice-l10n-bg 
libreoffice-l10n-bn libreoffice-l10n-br libreoffice-l10n-bs libreoffice-l10n-ca 
libreoffice-l10n-cs libreoffice-l10n-cy libreoffice-l10n-da libreoffice-l10n-de 
libreoffice-l10n-dz libreoffice-l10n-el
 libreoffice-l10n-en-gb libreoffice-l10n-en-za libreoffice-l10n-eo 
libreoffice-l10n-es libreoffice-l10n-et libreoffice-l10n-eu libreoffice-l10n-fa 
libreoffice-l10n-fi libreoffice-l10n-fr libreoffice-l10n-ga libreoffice-l10n-gl 
libreoffice-l10n-gu libreoffice-l10n-he libreoffice-l10n-hi libreoffice-l10n-hr 
libreoffice-l10n-hu libreoffice-l10n-id libreoffice-l10n-is libreoffice-l10n-it 
libreoffice-l10n-ja libreoffice-l10n-ka libreoffice-l10n-km libreoffice-l10n-ko 
libreoffice-l10n-ku libreoffice-l10n-lt libreoffice-l10n-lv libreoffice-l10n-mk 
libreoffice-l10n-mn libreoffice-l10n-ml libreoffice-l10n-mr libreoffice-l10n-nb 
libreoffice-l10n-ne libreoffice-l10n-nl libreoffice-l10n-nn libreoffice-l10n-nr 
libreoffice-l10n-nso libreoffice-l10n-oc libreoffice-l10n-om 
libreoffice-l10n-or libreoffice-l10n-pa-in libreoffice-l10n-pl 
libreoffice-l10n-pt libreoffice-l10n-pt-br libreoffice-l10n-ro 
libreoffice-l10n-ru libreoffice-l10n-rw libreoffice-l10n-si libreoffice-l10n-sk
 libreoffice-l10n-sl libreoffice-l10n-sr libreoffice-l10n-ss 
libreoffice-l10n-st libreoffice-l10n-sv libreoffice-l10n-ta libreoffice-l10n-te 
libreoffice-l10n-tg libreoffice-l10n-th libreoffice-l10n-tn libreoffice-l10n-tr 
libreoffice-l10n-ts libreoffice-l10n-ug libreoffice-l10n-uk libreoffice-l10n-uz 
libreoffice-l10n-ve libreoffice-l10n-vi libreoffice-l10n-xh 
libreoffice-l10n-zh-cn libreoffice-l10n-zh-tw libreoffice-l10n-zu 
libreoffice-help-en-us libreoffice-help-ca libreoffice-help-cs 
libreoffice-help-da libreoffice-help-de libreoffice-help-dz libreoffice-help-el 
libreoffice-help-en-gb libreoffice-help-es libreoffice-help-et 
libreoffice-help-eu libreoffice-help-fi libreoffice-help-fr libreoffice-help-gl 
libreoffice-help-hi libreoffice-help-hu libreoffice-help-it libreoffice-help-ja 
libreoffice-help-km libreoffice-help-ko libreoffice-help-nl libreoffice-help-om 
libreoffice-help-pl libreoffice-help-pt libreoffice-help-pt-br 
libreoffice-help-ru libreoffice-help-sk
 libreoffice-help-sl libreoffice-help-sv libreoffice-help-zh-cn 
libreoffice-help-zh-tw uno-libs3 uno-libs3-dbg ure ure-dbg libreoffice-gcj 
libreoffice-ogltrans libreoffice-wiki-publisher libreoffice-report-builder 
libreoffice-report-builder-bin libreoffice-presentation-minimizer 
libreoffice-presenter-console libreoffice-pdfimport fonts-opensymbol 
ttf-opensymbol libreoffice-dbg libreoffice-dev libreoffice-dev-doc 
libreoffice-kde libreoffice-sdbc-postgresql libreoffice-mysql-connector 
libreoffice-evolution
 libreoffice-filter-binfilter
Architecture: source all amd64
Version: 1:3.5.4+dfsg2-0+deb7u9
Distribution: wheezy-security
Urgency: high
Maintainer: Debian LibreOffice Maintainers 
Changed-By: Emilio Pozuelo Monfort 
Description: 
 fonts-opensymbol - OpenSymbol TrueType font
 libreoffice - office productivity suite
 libreoffice-base - office productivity suite -- database
 libreoffice-base-core - office productivity suite -- shared library
 libreoffice-calc - office productivity suite -- spreadsheet
 libreoffice-common - office productivity suite -- arch-independent files
 libreoffice-core - office productivity suite -- arch-dependent files
 libreoffice-dbg - office productivity suite -- debug symbols
 libreoffice-dev - office productivity suite -- SDK
 libreoffice-dev-doc - office productivity suite -- SDK documentation
 libreoffice-draw - office productivity suite -- drawing
 libreoffice-emailmerge - office productivity suite -- email mail merge
 libreoffice-evolution - office productivity suite -- Evolution addressbook 
support
 libreoffice-filter-binfilter - office productivity suite -- legacy filters 
(e.g. StarOffice 5.2)
 libreoffice-filter-mobiledev - office productivity suite -- mobile devices 
filters
 libreoffice-gcj - office productivity suite -- Java libraries for GIJ
 libreoffice-gnome - office

Re: Wheezy update of batik?

2017-04-23 Thread Emilio Pozuelo Monfort 
On 23/04/17 21:50, Ola Lundqvist wrote:
> Dear maintainer(s),
> 
> The Debian LTS team would like to fix the security issues which are
> currently open in the Wheezy version of batik:
> https://security-tracker.debian.org/tracker/CVE-2017-5662

FWIW I investigated this a bit and there doesn't seem to be any details other
than what is in the advisory: i.e. I couldn't find the commit that fixes this
(looking at the svn repository) or an upstream bug report. I found a
security-related one, reported by Lars Krapf (as mentioned in the oss-security
mail) but that seemed different than CVE-2017-5662 and much older (see [1]).

Also our 1.8 and the upstream 1.9 tarballs have different layouts so it's hard
to compare them.

Cheers,
Emilio

[1] https://issues.apache.org/jira/browse/BATIK-1139

Wheezy update of botan1.10?

2017-04-23 Thread Ola Lundqvist 
Dear maintainer(s),

The Debian LTS team would like to fix the security issues which are
currently open in the Wheezy version of botan1.10:
https://security-tracker.debian.org/tracker/CVE-2017-2801

Would you like to take care of this yourself?

If yes, please follow the workflow we have defined here:
https://wiki.debian.org/LTS/Development

If that workflow is a burden to you, feel free to just prepare an
updated source package and send it to debian-lts@lists.debian.org
(via a debdiff, or with an URL pointing to the source package,
or even with a pointer to your packaging repository), and the members
of the LTS team will take care of the rest. Indicate clearly whether you
have tested the updated package or not.

If you don't want to take care of this update, it's not a problem, we
will do our best with your package. Just let us know whether you would
like to review and/or test the updated package before it gets released.

You can also opt-out from receiving future similar emails in your
answer and then the LTS Team will take care of botan1.10 updates
for the LTS releases.

Thank you very much.

Ola Lundqvist,
  on behalf of the Debian LTS team.

PS: A member of the LTS team might start working on this update at
any point in time. You can verify whether someone is registered
on this update in this file:
https://anonscm.debian.org/viewvc/secure-testing/data/dla-needed.txt?view=markup

Wheezy update of minicom?

2017-04-23 Thread Ola Lundqvist 
Dear maintainer(s),

The Debian LTS team would like to fix the security issues which are
currently open in the Wheezy version of minicom:
https://security-tracker.debian.org/tracker/CVE-2017-7467

Would you like to take care of this yourself?

If yes, please follow the workflow we have defined here:
https://wiki.debian.org/LTS/Development

If that workflow is a burden to you, feel free to just prepare an
updated source package and send it to debian-lts@lists.debian.org
(via a debdiff, or with an URL pointing to the source package,
or even with a pointer to your packaging repository), and the members
of the LTS team will take care of the rest. Indicate clearly whether you
have tested the updated package or not.

If you don't want to take care of this update, it's not a problem, we
will do our best with your package. Just let us know whether you would
like to review and/or test the updated package before it gets released.

You can also opt-out from receiving future similar emails in your
answer and then the LTS Team will take care of minicom updates
for the LTS releases.

Thank you very much.

Ola Lundqvist,
  on behalf of the Debian LTS team.

PS: A member of the LTS team might start working on this update at
any point in time. You can verify whether someone is registered
on this update in this file:
https://anonscm.debian.org/viewvc/secure-testing/data/dla-needed.txt?view=markup

Wheezy update of batik?

2017-04-23 Thread Ola Lundqvist 
Dear maintainer(s),

The Debian LTS team would like to fix the security issues which are
currently open in the Wheezy version of batik:
https://security-tracker.debian.org/tracker/CVE-2017-5662

Would you like to take care of this yourself?

If yes, please follow the workflow we have defined here:
https://wiki.debian.org/LTS/Development

If that workflow is a burden to you, feel free to just prepare an
updated source package and send it to debian-lts@lists.debian.org
(via a debdiff, or with an URL pointing to the source package,
or even with a pointer to your packaging repository), and the members
of the LTS team will take care of the rest. Indicate clearly whether you
have tested the updated package or not.

If you don't want to take care of this update, it's not a problem, we
will do our best with your package. Just let us know whether you would
like to review and/or test the updated package before it gets released.

You can also opt-out from receiving future similar emails in your
answer and then the LTS Team will take care of batik updates
for the LTS releases.

Thank you very much.

Ola Lundqvist,
  on behalf of the Debian LTS team.

PS: A member of the LTS team might start working on this update at
any point in time. You can verify whether someone is registered
on this update in this file:
https://anonscm.debian.org/viewvc/secure-testing/data/dla-needed.txt?view=markup

Wheezy update of fop?

2017-04-23 Thread Ola Lundqvist 
Dear maintainer(s),

The Debian LTS team would like to fix the security issues which are
currently open in the Wheezy version of fop:
https://security-tracker.debian.org/tracker/CVE-2017-5661

Would you like to take care of this yourself?

If yes, please follow the workflow we have defined here:
https://wiki.debian.org/LTS/Development

If that workflow is a burden to you, feel free to just prepare an
updated source package and send it to debian-lts@lists.debian.org
(via a debdiff, or with an URL pointing to the source package,
or even with a pointer to your packaging repository), and the members
of the LTS team will take care of the rest. Indicate clearly whether you
have tested the updated package or not.

If you don't want to take care of this update, it's not a problem, we
will do our best with your package. Just let us know whether you would
like to review and/or test the updated package before it gets released.

You can also opt-out from receiving future similar emails in your
answer and then the LTS Team will take care of fop updates
for the LTS releases.

Thank you very much.

Ola Lundqvist,
  on behalf of the Debian LTS team.

PS: A member of the LTS team might start working on this update at
any point in time. You can verify whether someone is registered
on this update in this file:
https://anonscm.debian.org/viewvc/secure-testing/data/dla-needed.txt?view=markup

Mysql 5.5.55

2017-04-23 Thread Emilio Pozuelo Monfort 
Hi Lars,

I see that you already started preparing MySQL 5.5.55 for wheezy in

https://anonscm.debian.org/cgit/pkg-mysql/mysql-5.5.git/log/?h=debian/wheezy

If you want I can upload the package and send the announcement. Just let me know
when you're done with the update (at least I think the changelog needs to be
updated).

Cheers,
Emilio

testing jasper for Wheezy LTS

2017-04-23 Thread Thorsten Alteholz 

Hi everybody,

I uploaded version 1.900.1-13+deb7u6 of jasper to:

https://people.debian.org/~alteholz/packages/wheezy-lts/jasper/amd64/

Please give it a try and tell me about any problems you met. If you use 
jasper for your own projects, I would be also interested whether you can 
still build it with that new version.


Thanks!
 Thorsten



   * CVE-2016-9591
 Use-after-free on heap in jas_matrix_destroy
 The vulnerability exists in code responsible for re-encoding the
 decoded input image file to a JP2 image. The vulnerability is
 caused by not setting related pointers to be null after the
 pointers are freed (i.e. missing Setting-Pointer-Null operations
 after free). The vulnerability can further cause double-free.
   * CVE-2016-10251
 Integer overflow in the jpc_pi_nextcprl function in jpc_t2cod.c in
 JasPer before 1.900.20 allows remote attackers to have unspecified
 impact via a crafted file, which triggers use of an uninitialized
 value.
   * fix for TEMP-CVE from last upload to avoid hassle with SIZE_MAX

[SECURITY] [DLA 909-1] libcroco security update

2017-04-23 Thread Emilio Pozuelo Monfort 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Package: libcroco
Version: 0.6.6-2+deb7u1
CVE ID : CVE-2017-7960 CVE-2017-7961
Debian Bug : 860961

CVE-2017-7960

A heap-based buffer over-read vulnerability could be triggered
remotely via a crafted CSS file to cause a denial of service.

CVE-2017-7961

An "outside the range of representable values of type long"
undefined behavior issue was found in libcroco, which might
allow remote attackers to cause a denial of service (application
crash) or possibly have unspecified other impact via a crafted
CSS file.

For Debian 7 "Wheezy", these problems have been fixed in version
0.6.6-2+deb7u1.

We recommend that you upgrade your libcroco packages.

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
-BEGIN PGP SIGNATURE-

iQIzBAEBCAAdFiEEcJymx+vmJZxd92Q+nUbEiOQ2gwIFAlj8lAcACgkQnUbEiOQ2
gwKfrA//QTmxVgaeY2VZ5wEz5LgLHX7J/0LD4p5TOt0Bmuehk6Iqa5k3dF9Wa/EJ
TFG1/Q1h6ehED3UX/qvQChQo1ZPrf/R5hEdgTvKm/UOWPj+c+0COsT2eYwmwGjGx
XlqBe19ChgfbJSyUdDogG/jIr4DXVfi8Lsmk22fJUzMNE0HTFRWoA+NaWiO96/IX
A4j3f0G9Ujfxmpz0nLV7x52oVxnYgIzC8jBSA2dJ/J0fGeOXqK1ULSpzdmP57DPe
GZiYyaVcFrz0QnD2sXygjO9Tiwzk9KzrdAxjKLkoT3LhoXHjF0keMoC1ILoEEQSX
wh8Orc4Iap6MbL1OPessn2VsoISqnxwffOidMRq2yt2k3qAz2YFWuDhb96hmI/9r
zWMLQ9XHavo2aQl+gtJrXBsqjYCkkndHLORkzNP+FT65bss3c4MXj3fe+QvcLBWu
ffzW5gByfdZVeIFH8bti4M8Y3INC2e7Hx+gSJhA6Myxz9p02iPgcKMp0EFhgM3rD
CYCm4RR6tHnl387kwp9fl00mSf0JlFftxvMNxY6ynfvNiQ9xefRUlIghCoMG8zLX
HAKpNYyBdrk/YviPdz3kFwtw6WVb6TR8o7ons2aLvDS1u1UbYVB1EOzZrv4i8dPd
vE/c9TrNHpqawvLoUUOFH/KmnYxueIK5iUJFEbSAPDi6VlQ2ehY=
=I3WB
-END PGP SIGNATURE-

Accepted libcroco 0.6.6-2+deb7u1 (source amd64) into oldstable

2017-04-23 Thread Emilio Pozuelo Monfort 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Format: 1.8
Date: Sun, 23 Apr 2017 13:12:05 +0200
Source: libcroco
Binary: libcroco3-dev libcroco3 libcroco-tools
Architecture: source amd64
Version: 0.6.6-2+deb7u1
Distribution: wheezy-security
Urgency: medium
Maintainer: Debian GNOME Maintainers 

Changed-By: Emilio Pozuelo Monfort 
Description: 
 libcroco-tools - Cascading Style Sheet (CSS) parsing and manipulation toolkit 
- ut
 libcroco3  - Cascading Style Sheet (CSS) parsing and manipulation toolkit
 libcroco3-dev - Cascading Style Sheet (CSS) parsing and manipulation toolkit
Closes: 860961
Changes: 
 libcroco (0.6.6-2+deb7u1) wheezy-security; urgency=medium
 .
   * CVE-2017-7960-heap-buffer-overflow.patch:
 - CVE-2017-7960: check end of input before reading from buffer.
   * CVE-2017-7961-double-to-long-check.patch:
 - CVE-2017-7961: check color value before converting to long.
   * The above closes: #860961.
Checksums-Sha1: 
 ec0e72c88d4c989dd3581d3f627c2224aee58999 2346 libcroco_0.6.6-2+deb7u1.dsc
 62a2a27bbb180d23b55c65d0349a3cb2f4222df8 463920 libcroco_0.6.6.orig.tar.xz
 5d7699e39fb36dc6ee0ba7a00f897d17d9483bfd 8224 
libcroco_0.6.6-2+deb7u1.debian.tar.gz
 447af4ef9cf9bccb8ee0cd8ce6f8ebcbff8546e8 155904 
libcroco3-dev_0.6.6-2+deb7u1_amd64.deb
 78a1468830415bc13e2e3ea756d8de549daecbd3 133738 
libcroco3_0.6.6-2+deb7u1_amd64.deb
 d63ae3e0f879c04cdcb7e941314ed9c079e045fe 64890 
libcroco-tools_0.6.6-2+deb7u1_amd64.deb
Checksums-Sha256: 
 c62438cb7a1fcaed368b031fbb5f35e159efb5f8b004857e0faa1241b7b6a898 2346 
libcroco_0.6.6-2+deb7u1.dsc
 72ecace2f3d016a25f2b923c6d0cc76cced823e94171692c533f6c2088086bd9 463920 
libcroco_0.6.6.orig.tar.xz
 4375f95f208719c6795ce3fb70cb22bc5b07c2c51d19c9e50193331b66a4a621 8224 
libcroco_0.6.6-2+deb7u1.debian.tar.gz
 59f304572901a5449ed1f7df2b7b2d673afd5d8578e59cbcda766c89d69e65d8 155904 
libcroco3-dev_0.6.6-2+deb7u1_amd64.deb
 d9497de32a1ab1e657349ff5db96b2531757e17ee60a6d3f620c09a56912f610 133738 
libcroco3_0.6.6-2+deb7u1_amd64.deb
 d0a678333cbdf509265c76fcf4ddc5c102c5cda31da45afdd9b366198f694174 64890 
libcroco-tools_0.6.6-2+deb7u1_amd64.deb
Files: 
 6a439901130c554812e77397df06e2ff 2346 libs optional libcroco_0.6.6-2+deb7u1.dsc
 bc2b2bb80f14e76caed4f76aa3a01070 463920 libs optional 
libcroco_0.6.6.orig.tar.xz
 d1a30c679064f5d45c6c7c2ca91154b8 8224 libs optional 
libcroco_0.6.6-2+deb7u1.debian.tar.gz
 b76fc85d8f93d75f0f1c4397725edb1e 155904 libdevel optional 
libcroco3-dev_0.6.6-2+deb7u1_amd64.deb
 e92bd8a2ad30cd41c2f7974b2406b5e6 133738 libs optional 
libcroco3_0.6.6-2+deb7u1_amd64.deb
 01ad1b8451935bc811e3718933a4e45c 64890 libs optional 
libcroco-tools_0.6.6-2+deb7u1_amd64.deb

-BEGIN PGP SIGNATURE-

iQIzBAEBCAAdFiEEcJymx+vmJZxd92Q+nUbEiOQ2gwIFAlj8jw8ACgkQnUbEiOQ2
gwLQ8w/+K/LG1yv3ni2RcbhbM8H10qKLazt/AaWOVVqmgQWTBs3qjP8hIWBz6qYR
R4+3y2gojRV8a9F8UZg3k6os8CjbBWrb7fTCy7QO1umUtDCPtOj58+ct8kg4kaAt
eS+SK2UqfSkVmBgd4dda2Oj4wKZxAbzL5EWO/D+9kKafmha2vc9VAeFfWrHv5Er5
G41hTRO395DG84g3CR41Qma665rj80wBWTjVQDk8UV6bK6145RbiEztFDGJxIQuH
KcmZq3PemvgYD7d9cuNG8eZeTalWMfs0X02dUWUdg4aTxREJuoettDfO0ruww/iA
A3KjOJVz38Wa5AB/h2h8FG05eWLLfcl8gKyRjrXdtVOJ3O8Z+RJr/vNKPf4GxSv3
08QJeQOngb1KYDrjkbi18HlOuw7XDGx4IeqmI5QhEBiye+smnjsLkG+FTE595EKb
ZEq0OwKsHk28HVqFc6NZaJvnl6n7Z62lMJ4T5DJQC4yYOgS5RPm4ro9lgTBReqKv
33v8B2kFPycyubSsL+dzbH4Fm/g2Bm1q/GklglGo0nr2y78PHkLTehjlTU8fz6Rw
oiJfSD9pWBokV7U2Ko19s42+lY3lzec7lHE00XbGrGbKrhA1r/oHLI6pnIDoFpp6
V/fFxM/oMYTqTkSluOfXdFUKVB8nq+4l/u+Izb/g156/LAXRDA0=
=oL3h
-END PGP SIGNATURE-

[SECURITY] [DLA 908-1] chicken security update

2017-04-23 Thread Emilio Pozuelo Monfort 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Package: chicken
Version: 4.7.0-1+deb7u2
CVE ID : CVE-2017-6949
Debian Bug : 858057

It was found that CHICKEN did not sanitize the size argument when
allocating SRFI-4 vectors, which could lead to segfaults or buffer
overflows with some sizes.

For Debian 7 "Wheezy", these problems have been fixed in version
4.7.0-1+deb7u2.

We recommend that you upgrade your chicken packages.

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
-BEGIN PGP SIGNATURE-

iQIzBAEBCAAdFiEEcJymx+vmJZxd92Q+nUbEiOQ2gwIFAlj8f+8ACgkQnUbEiOQ2
gwI2uw/+IQZYxo4VZ+OcHlucFqIv5kOa8A5Tb8quJL5/WW7IL8xva1dWCDgMhP2S
6gZBzJlp+EJBKDCwAujpw+tpYOQN2orKG7WqqtuQZTVOSA6m7A52UuIBnW9xC+qU
WqmXvIzEXp6Jt/p71xP7YRcYpy4mbK67DfI8LLIkIMseTu3BAUIZkOLATceAGRZO
X27yxn6rtIt6dSw74sG4gRkO8M6Eb7cxETqgV2EDZfcDOaupFtv63CfzG6fuAoEC
9PemSap5Rmv0auJNV7m30YP9/J4xbCoxBNpZrmX/PrFfmE2WeojPmHe6AfMYI9em
+oQRm/rRG+Iz13ZNpqxi8oZwD47rhSuZE9R/G8kiMLsRWEbjyqyg5PDwU4UQ7KkH
kHuL+X9l/efBqHucnfGRk99DAVMHcyNS3Ik/SpfOcLKLua0JbKetRvO9OB/7nRet
uorQ1jcQomYgDPjAvFweGOjhfwXZOuCod0S4cbVrIkvnYSBzaot8XJZQGKEgNy8e
vUTSADHAqv3ov5ahw2ttqKf5aNy6LhWJ5icaz6653IaxSFlAoByWYAIj9GQbXA2U
33q2MTqYp9IjdYNP7T7ZPNo1+4JscvdgCf8vTWyrMIFQZ1arCIZn6hS5xR/RcAZg
XIEjvxHMi5HSMfk2T7b1LPJ7JZsNj+gvP9AZd/eaYZw3NXTujPI=
=FI3f
-END PGP SIGNATURE-

Accepted chicken 4.7.0-1+deb7u2 (source amd64) into oldstable

2017-04-23 Thread Emilio Pozuelo Monfort 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Format: 1.8
Date: Sat, 22 Apr 2017 15:46:59 +0200
Source: chicken
Binary: chicken-bin libchicken6 libchicken-dev
Architecture: source amd64
Version: 4.7.0-1+deb7u2
Distribution: wheezy-security
Urgency: medium
Maintainer: Davide Puricelli (evo) 
Changed-By: Emilio Pozuelo Monfort 
Description: 
 chicken-bin - Practical and portable Scheme system - compiler
 libchicken-dev - Practical and portable Scheme system - development
 libchicken6 - Practical and portable Scheme system - runtime
Changes: 
 chicken (4.7.0-1+deb7u2) wheezy-security; urgency=medium
 .
   * Non-maintainer upload by the LTS team.
   * CVE-2017-6949-vector-allocations.patch: range check vector allocations
 to avoid crashes or buffer overreads. CVE-2017-6949.
Checksums-Sha1: 
 cc63df003f34d3bd0cbe7cbbb95a87d12b10965f 1867 chicken_4.7.0-1+deb7u2.dsc
 a5de10ac27b756d2f60a03f0799ef444becfb675 3390484 chicken_4.7.0.orig.tar.gz
 8dae457922e04432737d1ce1aa35e68f4e980859 144059 
chicken_4.7.0-1+deb7u2.debian.tar.gz
 b11637426c4400a494814f639760474246e9731e 1342750 
chicken-bin_4.7.0-1+deb7u2_amd64.deb
 f57ec6ed3c61b9d3aa7c783c2f1f30a8b31407a0 1305930 
libchicken6_4.7.0-1+deb7u2_amd64.deb
 aa7faee00a3b195c189072a46adcd02b87fd8d98 1621564 
libchicken-dev_4.7.0-1+deb7u2_amd64.deb
Checksums-Sha256: 
 27875304eccce73c0be119adf02a353880d442a5768d515f56cab5cbde1cf3ee 1867 
chicken_4.7.0-1+deb7u2.dsc
 e1719fa404e73bc95023d54e0d09688329f7da2f217734d27dc6487baf163300 3390484 
chicken_4.7.0.orig.tar.gz
 d473fd6719d43b9ffb09cd67c1af5702a7d1ec5e73addc71f7f6c041472ecfe5 144059 
chicken_4.7.0-1+deb7u2.debian.tar.gz
 3a5bd5ea725506311cd038e495bf1c040fc9106e71de30756422986662f16548 1342750 
chicken-bin_4.7.0-1+deb7u2_amd64.deb
 6279b5fe28eecb263274ecfa6262bec6afc636deed2ad4e2ad2ea4fc5ca7d98e 1305930 
libchicken6_4.7.0-1+deb7u2_amd64.deb
 b271cb6f8bac1ae3cd2b82c432dd5e81194b5b195376bf070fcfbe82fb8b8a5b 1621564 
libchicken-dev_4.7.0-1+deb7u2_amd64.deb
Files: 
 89a2e551f9e95b0c47f059657b5631f8 1867 interpreters optional 
chicken_4.7.0-1+deb7u2.dsc
 69ee35a78c52b37b84178ffd93d324e9 3390484 interpreters optional 
chicken_4.7.0.orig.tar.gz
 767257638c4e986f8282be6a1cb5ca88 144059 interpreters optional 
chicken_4.7.0-1+deb7u2.debian.tar.gz
 04291453c5d36d3d248dbb1d89cdc792 1342750 lisp optional 
chicken-bin_4.7.0-1+deb7u2_amd64.deb
 a20d4207e07385d2d3ad141e49f9610c 1305930 libs optional 
libchicken6_4.7.0-1+deb7u2_amd64.deb
 d533b0a1d091e1ceed3a1a8f0dc0804a 1621564 libdevel optional 
libchicken-dev_4.7.0-1+deb7u2_amd64.deb

-BEGIN PGP SIGNATURE-

iQIzBAEBCAAdFiEEcJymx+vmJZxd92Q+nUbEiOQ2gwIFAlj8dJsACgkQnUbEiOQ2
gwIX+xAArZBmg4hTkl/2xBQt88cXt+ls2QowepxoeJxBpwOyGUfJ3EOtl7u5UXRW
fEN0l7g6xgFImi8xlO8uKc+p3YV4CAVwvTsXu9Kmr3Z3LO+o+v5RcJwsKo+DDNt6
Hy6kbpfFlFjEZNs4NgWwqzAfIdJvUtNY5biFihnsx+hl1vtv7mjWc27EgNyOjxBR
gKpJFP5FiKOYy6dIkQ2yqkUi3tYXYvNNsFu1N4adCLWp/87BD0fhr6lQE/ehvsIm
S3ny0XFbhKcbaJBql7a8MAo13Yq9rEXhxo1wM1ntdQxO8VwuCyiTSzHkL9OCv+2O
NdYlGIL/Zh13qbnzCFFq1KYlSbjftgUn7ypLtr6/RkiNEMfXlc0AfbhoP4oDALmI
xDlum1eccH30gGI3bBw/vBha2TzBmHxySa/mecBdQ0hIVKWHZeLV8t9B0Nfwp5jM
0h1Ah/fs7YOaoU7z5AhRFr19DqDu03fVGOe8imSocbTu5SBXJNXRSYE7QSxXx1f3
RhnHSC6AuO48ZJzGVZs/vXyIqVEZhwoNopg0x523GwHmi3rzYMXkEx8dQ3wKdmvE
XHCkQYrzYpWIDnUIUcA0JTxMwzWi+7CaDba0N3bQqM/2/Qe+quWupy+MGddYAUE7
Quk8rKgYWFTTUD6arNCDTmsV5Aom04ORxAK9hGi9qVNQLGaYPM0=
=QIkO
-END PGP SIGNATURE-