Accepted libav 6:0.8.20-0+deb7u1 (source amd64 all) into oldstable
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Mon, 16 Jan 2017 22:09:59 +0100 Source: libav Binary: libav-tools ffmpeg ffmpeg-dbg libav-dbg libav-extra-dbg ffmpeg-doc libav-doc libavutil51 libavcodec53 libavdevice53 libavformat53 libavfilter2 libpostproc52 libswscale2 libavutil-dev libavcodec-dev libavdevice-dev libavformat-dev libavfilter-dev libpostproc-dev libswscale-dev libavutil-extra-51 libavcodec-extra-53 libavdevice-extra-53 libavfilter-extra-2 libpostproc-extra-52 libavformat-extra-53 libswscale-extra-2 Architecture: source amd64 all Version: 6:0.8.20-0+deb7u1 Distribution: wheezy-security Urgency: high Maintainer: Debian Multimedia Maintainers <pkg-multimedia-maintain...@lists.alioth.debian.org> Changed-By: Hugo Lefeuvre <h...@debian.org> Description: ffmpeg - Multimedia player, server, encoder and transcoder (transitional p ffmpeg-dbg - Debug symbols for Libav related packages (transitional package) ffmpeg-doc - Documentation of the Libav API (transitional package) libav-dbg - Debug symbols for Libav related packages libav-doc - Documentation of the Libav API libav-extra-dbg - Debug symbols for Libav related packages (transitional package) libav-tools - Multimedia player, server, encoder and transcoder libavcodec-dev - Development files for libavcodec libavcodec-extra-53 - Libav codec library (additional codecs) libavcodec53 - Libav codec library libavdevice-dev - Development files for libavdevice libavdevice-extra-53 - Libav device handling library (transitional package) libavdevice53 - Libav device handling library libavfilter-dev - Development files for libavfilter libavfilter-extra-2 - Libav filter library (transitional package) libavfilter2 - Libav video filtering library libavformat-dev - Development files for libavformat libavformat-extra-53 - Libav video postprocessing library (transitional package) libavformat53 - Libav file format library libavutil-dev - Development files for libavutil libavutil-extra-51 - Libav utility library (transitional package) libavutil51 - Libav utility library libpostproc-dev - Development files for libpostproc libpostproc-extra-52 - Libav video postprocessing library (transitional package) libpostproc52 - Libav video postprocessing library libswscale-dev - Development files for libswscale libswscale-extra-2 - Libav video software scaling library (transitional package) libswscale2 - Libav video scaling library Changes: libav (6:0.8.20-0+deb7u1) wheezy-security; urgency=high . * Non-maintainer upload by the LTS Team. * New upstream release fixing multiple security issues. - CVE-2016-9820: mpegvideo: Fix undefined negative shifts in mpeg_motion_internal. - CVE-2016-9819: mpegvideo: Fix undefined negative shifts in ff_init_block_index. - mpeg12dec: move setting first_field to mpeg_field_start(). - CVE-2016-9822: mpeg12dec: avoid signed overflow in bitrate calculation. - CVE-2016-9821: mpegvideo_parser: avoid signed overflow in bitrate calculation. - h264: Use the right H264Context for struct member comparison. Checksums-Sha1: 1f3357e5943da1646d27bddcec0927f33a0a6e9d 4348 libav_0.8.20-0+deb7u1.dsc 0c7a2417c3a01eb74072691bb93ce802ae1be08f 3773548 libav_0.8.20.orig.tar.xz a39f898c54ddc48ccbd47f6dfa862e4acb633a61 47335 libav_0.8.20-0+deb7u1.debian.tar.gz f1a6071150ae59d1fc24f232c158ef97387280a5 376632 libav-tools_0.8.20-0+deb7u1_amd64.deb bc4d5468bfe35910be1c4b1a44df5e9e35352b72 151104 ffmpeg_0.8.20-0+deb7u1_amd64.deb 82663fcb5346a2f68b1b51c59372d4ae6a44ef2e 56196 ffmpeg-dbg_0.8.20-0+deb7u1_all.deb 8ddbaa0aa0491e25d28cf7b1a0129800e8adb68a 21775654 libav-dbg_0.8.20-0+deb7u1_amd64.deb ecebac5fbe9c0f90fa85e849d66efd461f31b6c9 56192 libav-extra-dbg_0.8.20-0+deb7u1_all.deb dfad8c8e0552b786cab7a5fb6b0b11937151b196 56262 ffmpeg-doc_0.8.20-0+deb7u1_all.deb 215a57243532336bb0df43bc0336205ba8f5562b 12480212 libav-doc_0.8.20-0+deb7u1_all.deb 948aa8f87182a59357a527c5235f849684982f06 105636 libavutil51_0.8.20-0+deb7u1_amd64.deb 2bb557b0e95cf617481f4c994b9328a6d90ccdd6 2521974 libavcodec53_0.8.20-0+deb7u1_amd64.deb 52c41561a5c9b190ebc8a1b7cf0fe28ee41cbf93 81326 libavdevice53_0.8.20-0+deb7u1_amd64.deb 85d2f900636ba5dbe002431a99d993e862e7dd87 478752 libavformat53_0.8.20-0+deb7u1_amd64.deb 976033be42899b54824c115e7dc78f6b3c90d6dd 127578 libavfilter2_0.8.20-0+deb7u1_amd64.deb c352f955244214a09a2ea5f0743186927fae7baa 101740 libpostproc52_0.8.20-0+deb7u1_amd64.deb ced2c10dcd8730c023765a724caff52b3068a52c 133756 libswscale2_0.8.20-0+deb7u1_amd64.deb 4708c4ed58ef4dc62a2ede25b3f3e08639a2b361 145438 libavutil-dev_0.8.20-0+deb7u1_amd64.deb cf099be7610b821f00541e99822945b5c77f9bf1 2766958 libavcodec-dev_0.8.20-0+deb7u1_amd64.deb 6ed3679b329d6667f22ca57c5999d95def49d35b 83178 libavdevice-dev_0.8.20-0+deb7u1_amd64.deb 46a2b4309a2f3f29b5dfb0b6f5ed5a76bf8cc88d 564416 libavformat-dev_0.8.20-0+deb7
Accepted botan1.10 1.10.5-1+deb7u2 (source amd64) into oldstable
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Thu, 12 Jan 2017 16:38:50 +0100 Source: botan1.10 Binary: botan1.10-dbg libbotan-1.10-0 libbotan1.10-dev Architecture: source amd64 Version: 1.10.5-1+deb7u2 Distribution: wheezy-security Urgency: high Maintainer: Ondřej Surý <ond...@debian.org> Changed-By: Hugo Lefeuvre <h...@debian.org> Description: botan1.10-dbg - multiplatform crypto library (debug) libbotan-1.10-0 - multiplatform crypto library libbotan1.10-dev - multiplatform crypto library (development) Changes: botan1.10 (1.10.5-1+deb7u2) wheezy-security; urgency=high . * Non-maintainer upload by the LTS Team. * CVE-2016-9132: Integer overflow in BER decoder. Checksums-Sha1: e755bbe3ce0e2ed65af0ad90c7fc2f28f492cf0f 2090 botan1.10_1.10.5-1+deb7u2.dsc 859341c05dbcd132f3a2946585a9fa6bc0a7a419 17908 botan1.10_1.10.5-1+deb7u2.debian.tar.gz 03348b784468c376560cee5a855e12191798cac4 140588 botan1.10-dbg_1.10.5-1+deb7u2_amd64.deb 8beff7655d7e79a0cf7be8341782253e03669832 1180668 libbotan-1.10-0_1.10.5-1+deb7u2_amd64.deb d74c9fd85cc1ffb5863071617501b3524a616173 2449346 libbotan1.10-dev_1.10.5-1+deb7u2_amd64.deb Checksums-Sha256: cb3d8878dad6ad257153bd7ab9fe101ac33c9a6b218dae817d58922ac6752450 2090 botan1.10_1.10.5-1+deb7u2.dsc 32050861c85551191bc7c163cc62b43302d6ae35279b6a77556c04c140b87272 17908 botan1.10_1.10.5-1+deb7u2.debian.tar.gz 48d3c9712a3a473be2be77139da443530ccdbde29e7de47adcade69b56382b57 140588 botan1.10-dbg_1.10.5-1+deb7u2_amd64.deb 6311d2ba4c53f4358ebe3546ed631a4e1720c2cafb31b6ab76aaadfcd07714ac 1180668 libbotan-1.10-0_1.10.5-1+deb7u2_amd64.deb 7c2dfa5d76ceac8d88b0b3c52176e0cde01a7d5fc91a146d11cee3cbd944e24f 2449346 libbotan1.10-dev_1.10.5-1+deb7u2_amd64.deb Files: 45fd419226535735a89866423b9b94a4 2090 libs optional botan1.10_1.10.5-1+deb7u2.dsc cc2319dbf49ad4aa2817603a2296f05d 17908 libs optional botan1.10_1.10.5-1+deb7u2.debian.tar.gz 621ec5ee7b77d2e97b334cad9bfa5285 140588 debug extra botan1.10-dbg_1.10.5-1+deb7u2_amd64.deb 5067796826283a5771da399728d871ef 1180668 libs optional libbotan-1.10-0_1.10.5-1+deb7u2_amd64.deb 4827e9914f7dbb6d18abe38138dd48d0 2449346 libdevel optional libbotan1.10-dev_1.10.5-1+deb7u2_amd64.deb -BEGIN PGP SIGNATURE- iQJDBAEBCgAtFiEErLe2fxl/mzIVM0McrJCsPsUkBl4FAlh8fs4PHGhsZUBkZWJp YW4ub3JnAAoJEKyQrD7FJAZe60QQAMT/rI8tdUUwdP28lpgnSB/KrzO6we6B7zPO 5kYCCcdF9xbBP7xoyPBzTQhLbNFnvLo+WxSGQfpScSMpkJXVODKpHwzfBqgsGfBy Wxtc2YI5fcUUytyd0IhLcxeKELFSG3qqeeS6BRRu+7M7IW3tE5+swisNgAE6I1d8 7baPBeI4L+2ZP9PA1CnIJYDPe0u06PX2dA7DAXA65ygz8AFPMtNhiw4VYQIQqjG6 PDj02MXMEBdJxseVOvcRdjgyNguxAVmPMVyPLT4NQG8vh3fJKn8Gd7tBMR27AwCT jXesk05o8ey3WMwm+dhDp8IEmrqfn96fcNE0Iz4XnWH5+braRhYyti3CvdxnlUjo /JXEARHnn/0LAu359gUWys4NV3ZkpkX4UF8+vVm+GDfpvoDOq3oHvpBcG0qf2m4h mmlqOK3R8bDDXh+6jQ7V0xucaJJVTq/XfYeFPZgydzjigQiExL9hgQ6DVC6bcYdF jPDMD5CObNv8+T4cFm3MwkD/RiC18ti6IapwUY7Mq/JCTsuq8pDGUedesgmiYfoY sxsLeHWp8AYRT6TTUZFQ97YN0sPNDMJH0nFhyGyIpvQxBI/CHDoB9MzuvlBZrMKq 6uTBi0WL3AEnh7psvzaxJLhv3WoTw+j0oZWP7eEQJBLiWFKw1l6yaY0TvFaDj05t GikL3u2W =nKju -END PGP SIGNATURE-
Accepted libav 6:0.8.18-0+deb7u1 (source amd64 all) into oldstable
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Mon, 03 Oct 2016 17:36:42 +0200 Source: libav Binary: libav-tools ffmpeg ffmpeg-dbg libav-dbg libav-extra-dbg ffmpeg-doc libav-doc libavutil51 libavcodec53 libavdevice53 libavformat53 libavfilter2 libpostproc52 libswscale2 libavutil-dev libavcodec-dev libavdevice-dev libavformat-dev libavfilter-dev libpostproc-dev libswscale-dev libavutil-extra-51 libavcodec-extra-53 libavdevice-extra-53 libavfilter-extra-2 libpostproc-extra-52 libavformat-extra-53 libswscale-extra-2 Architecture: source amd64 all Version: 6:0.8.18-0+deb7u1 Distribution: wheezy-security Urgency: high Maintainer: Debian Multimedia Maintainers <pkg-multimedia-maintain...@lists.alioth.debian.org> Changed-By: Hugo Lefeuvre <h...@debian.org> Description: ffmpeg - Multimedia player, server, encoder and transcoder (transitional p ffmpeg-dbg - Debug symbols for Libav related packages (transitional package) ffmpeg-doc - Documentation of the Libav API (transitional package) libav-dbg - Debug symbols for Libav related packages libav-doc - Documentation of the Libav API libav-extra-dbg - Debug symbols for Libav related packages (transitional package) libav-tools - Multimedia player, server, encoder and transcoder libavcodec-dev - Development files for libavcodec libavcodec-extra-53 - Libav codec library (additional codecs) libavcodec53 - Libav codec library libavdevice-dev - Development files for libavdevice libavdevice-extra-53 - Libav device handling library (transitional package) libavdevice53 - Libav device handling library libavfilter-dev - Development files for libavfilter libavfilter-extra-2 - Libav filter library (transitional package) libavfilter2 - Libav video filtering library libavformat-dev - Development files for libavformat libavformat-extra-53 - Libav video postprocessing library (transitional package) libavformat53 - Libav file format library libavutil-dev - Development files for libavutil libavutil-extra-51 - Libav utility library (transitional package) libavutil51 - Libav utility library libpostproc-dev - Development files for libpostproc libpostproc-extra-52 - Libav video postprocessing library (transitional package) libpostproc52 - Libav video postprocessing library libswscale-dev - Development files for libswscale libswscale-extra-2 - Libav video software scaling library (transitional package) libswscale2 - Libav video scaling library Changes: libav (6:0.8.18-0+deb7u1) wheezy-security; urgency=high . * Non-maintainer upload by the LTS Team. * New upstream release fixing multiple security issues. - CVE-2016-7393: Fix stack buffer overflow errors detected by address sanitizer in various fate tests. - CVE-2015-1872: Check number of components for JPEG-LS. - CVE-2015-5479: The ff_h263_decode_mba function in libavcodec/ituh263dec.c in earlier versions allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a file with crafted dimensions. * Remove debian/patches/CVE-2014-9676.patch: Integrated in the new upstream release. Checksums-Sha1: 3017a5507d56157171b34a8f2b7d72c972f839f7 4319 libav_0.8.18-0+deb7u1.dsc c324bafb51c8f525061e8da080686465df807944 5306141 libav_0.8.18.orig.tar.gz bfc0c27128431fd7555d80ba7c06492335d08acc 47905 libav_0.8.18-0+deb7u1.debian.tar.gz c2a0f43452949a0b5025db8cbfe15552acad3e2e 376268 libav-tools_0.8.18-0+deb7u1_amd64.deb 11c1e8f1a888d1b3f1494b7019df68232b914a72 150632 ffmpeg_0.8.18-0+deb7u1_amd64.deb 27c22c993ffbea8c545beb434e8b9a1277f9b15a 55704 ffmpeg-dbg_0.8.18-0+deb7u1_all.deb 6927c8b3008928b01f2d7ffa5bd96cfacfa1548e 21777252 libav-dbg_0.8.18-0+deb7u1_amd64.deb 87c917caeb53f58317b82e9682879bf56bcf4b75 55700 libav-extra-dbg_0.8.18-0+deb7u1_all.deb ff423ba36e7af980f2cfbfe7699e51c3f39f4b2f 55768 ffmpeg-doc_0.8.18-0+deb7u1_all.deb f2f84f87b7851497adaa90ae621f0f5577729e8d 12477034 libav-doc_0.8.18-0+deb7u1_all.deb 98d196369d4aa238a666fa7f1e9fafe991fe924e 105094 libavutil51_0.8.18-0+deb7u1_amd64.deb 079b38b3a17658ebf12069c34bc5e78c664ac052 2521446 libavcodec53_0.8.18-0+deb7u1_amd64.deb 16fa2f5391601d3016b27620343ab162ab7bf71d 80902 libavdevice53_0.8.18-0+deb7u1_amd64.deb b331551355411ec50f269ba59572b66e5ef51828 477998 libavformat53_0.8.18-0+deb7u1_amd64.deb ff69ce3033932955784f558bb738eca9be6911c9 127140 libavfilter2_0.8.18-0+deb7u1_amd64.deb d6c573504b957e9d8f2f533a46e592ba957db6e8 101228 libpostproc52_0.8.18-0+deb7u1_amd64.deb 682923e358d9becbfa829dff10cf5263d3aafd50 133250 libswscale2_0.8.18-0+deb7u1_amd64.deb 29d16e2f784a30a0ee971a33fe514e4b2394aa21 144972 libavutil-dev_0.8.18-0+deb7u1_amd64.deb a0dd88e399cbd507b19d3a3cfbda3a01b862116a 2766778 libavcodec-dev_0.8.18-0+deb7u1_amd64.deb 6c2237fad36da8dc4c6c75aa9665dcfd85c43752 82668 libavdevice-dev_0.8.18-0+deb7u1_amd64.deb 594e4c982fa1b0497b55a1be86ff4f829485c5a8 564030 libavformat-
Accepted qemu 1.1.2+dfsg-6+deb7u16 (source all amd64) into oldstable
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Fri, 07 Oct 2016 18:31:51 +0200 Source: qemu Binary: qemu qemu-keymaps qemu-system qemu-user qemu-user-static qemu-utils Architecture: source all amd64 Version: 1.1.2+dfsg-6+deb7u16 Distribution: wheezy-security Urgency: high Maintainer: Debian QEMU Team <pkg-qemu-de...@lists.alioth.debian.org> Changed-By: Hugo Lefeuvre <h...@debian.org> Description: qemu - fast processor emulator qemu-keymaps - QEMU keyboard maps qemu-system - QEMU full system emulation binaries qemu-user - QEMU user mode emulation binaries qemu-user-static - QEMU user mode emulation binaries (static version) qemu-utils - QEMU utilities Closes: 837316 838850 839835 Changes: qemu (1.1.2+dfsg-6+deb7u16) wheezy-security; urgency=high . * Non-maintainer upload by the LTS Team. * CVE-2016-7161: hw: net: Fix a heap overflow in xlnx.xps-ethernetlite (Closes: #838850). * CVE-2016-7170: vmware_vga: OOB stack memory access when processing svga command (Closes: #837316). * CVE-2016-7908: net: mcf: limit buffer descriptor count (Closes: #839835). Checksums-Sha1: 4242ab868437ffc4a6d281576c0905e0cae6b031 2971 qemu_1.1.2+dfsg-6+deb7u16.dsc e529364e12eb8e5987d88fc76a70248bb8889bb6 145631 qemu_1.1.2+dfsg-6+deb7u16.debian.tar.gz 6f2c35ccc2ae947968a1074f2e36bfef3bb08d43 52800 qemu-keymaps_1.1.2+dfsg-6+deb7u16_all.deb 976810e830ababa151315c3fb5bffceb27b7167e 119060 qemu_1.1.2+dfsg-6+deb7u16_amd64.deb a5be1a448a86da47b47b9d7d66f1cebf0dc37f68 27923922 qemu-system_1.1.2+dfsg-6+deb7u16_amd64.deb 3847eca7cf92a66e22f5f86d28169a0249bf1114 7725242 qemu-user_1.1.2+dfsg-6+deb7u16_amd64.deb 826a29854789c5af8c543a2f3111081e983977d1 16575806 qemu-user-static_1.1.2+dfsg-6+deb7u16_amd64.deb 74239a3f31bf214a67b4782532c79d3c07902b8f 665516 qemu-utils_1.1.2+dfsg-6+deb7u16_amd64.deb Checksums-Sha256: 86217cedfdcad704df39f0393ce614742729a50f83d61caeed624316b6d00c5b 2971 qemu_1.1.2+dfsg-6+deb7u16.dsc 4de7c71938fd6e4fdd4696a88b8aed31d54928b7c0fd6a3931ee4b6c135a0d8f 145631 qemu_1.1.2+dfsg-6+deb7u16.debian.tar.gz 5f98af3ca4a942fa95000c36300bdaf72924a6d0c477e65a08725a4ec667e261 52800 qemu-keymaps_1.1.2+dfsg-6+deb7u16_all.deb 99fa5f759fc43ff538c4e5d4e6953474a179f83aa5c99af4f9036d9f1bc53d1c 119060 qemu_1.1.2+dfsg-6+deb7u16_amd64.deb f3d931903c42f1f8300e8922265f4ca28824d40c5321b1ef6bbb8c13e1a1e1ff 27923922 qemu-system_1.1.2+dfsg-6+deb7u16_amd64.deb dbb76f7e2365df9296e74ae6dc80f3a2fe50515890d8da06a51d36fef3ef4545 7725242 qemu-user_1.1.2+dfsg-6+deb7u16_amd64.deb 27417ecb6fc9e77893fdd652cb5ee6ba1f6dac8dc0fa0c2015dcc897fef5c68f 16575806 qemu-user-static_1.1.2+dfsg-6+deb7u16_amd64.deb af449c6c9454da8c8f029deb252087be55104ec67c24c560717db1a4e1bf9a09 665516 qemu-utils_1.1.2+dfsg-6+deb7u16_amd64.deb Files: f853b188c1ceccd4cf669b5b9a17c70b 2971 misc optional qemu_1.1.2+dfsg-6+deb7u16.dsc 373ce597db80db44afc94f9a111d82c1 145631 misc optional qemu_1.1.2+dfsg-6+deb7u16.debian.tar.gz 901cdc92321bd2855c32f95dab6828bc 52800 misc optional qemu-keymaps_1.1.2+dfsg-6+deb7u16_all.deb 48ead15acbe94af32def8a51f50996fd 119060 misc optional qemu_1.1.2+dfsg-6+deb7u16_amd64.deb 9e7d18c97d20e2f9213f6698bf74b44a 27923922 misc optional qemu-system_1.1.2+dfsg-6+deb7u16_amd64.deb 32a96ffed022b63b0519a2cf24ca796f 7725242 misc optional qemu-user_1.1.2+dfsg-6+deb7u16_amd64.deb f449eabefc9ce0de4357ef37a7b52756 16575806 misc optional qemu-user-static_1.1.2+dfsg-6+deb7u16_amd64.deb 759ea28a6a3827b5a7d8319be9cf3181 665516 misc optional qemu-utils_1.1.2+dfsg-6+deb7u16_amd64.deb -BEGIN PGP SIGNATURE- iQIsBAEBCgAWBQJX+2RfDxxobGVAZGViaWFuLm9yZwAKCRCskKw+xSQGXhtYEADC 9FhTBTgqdJC+WxQQWoEk8/vIItAyM5cvs4n+nC+1k2O9ZSYCA++F7wj8EeLd4SUS UWKOsMtC6fVw08UXCfa23eEoXw3BU7LWftUY2hKKJpVNnbstmZ75fbvXO2KnUisr S5yxjR3Yw8OdeNWrqalx9ztBTBqH8hvwI6jmxyT0vG05jcYvS9eNIJGfW5F89WLq TvQ52IVi3zsvbx7+BepYWR3PiRWqkPGcjMnipnJF3mWXD55QKlNH0QRBB8Q4ly87 cVYDFifhAt8/CfGW/DdzUleLHdh4pHsErwD7tRaYQaK9D42ABGujLQ1btQHk98vO l5tpU09M6yH9Fl4AsIT3zkCNrp/jwk6Bla8oBHCYK6XqHvEOkwKP1aVucuoKOp1K oLvP2vxdFFN0AoBj8Qw1Jdlx4mjMK5T5zZ2H0Wbiwwau7k4M516CyGEE1k2ZquIE jf4ogqlOLYZ8fth5EITIQxzb+5V2QWUJxfWURCSz9l2hIG3ChlYnfNajDvBQBDBB RLdJqL/SDoDB5gMUpN3ttEC4MSom3hANwsSKdTgH986dp9CT9sWaqGY7Hjdamt0R //eXo21TE5RF7kITF0fjyei0IBeD0JG3n58Pz0g3n3FvZPtViiBVax8aLXPKhmAT TBlugFefam9DHlXNFCCCYIhtGN7nrm+1kSqYZTq9HQ== =+8ML -END PGP SIGNATURE-
Accepted quagga 0.99.22.4-1+wheezy3 (source amd64 all) into oldstable
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Thu, 25 Aug 2016 16:47:10 +0200 Source: quagga Binary: quagga quagga-dbg quagga-doc Architecture: source amd64 all Version: 0.99.22.4-1+wheezy3 Distribution: wheezy-security Urgency: high Maintainer: Christian Hammers <c...@debian.org> Changed-By: Hugo Lefeuvre <h...@debian.org> Description: quagga - BGP/OSPF/RIP routing daemon quagga-dbg - BGP/OSPF/RIP routing daemon (debug symbols) quagga-doc - documentation files for quagga Closes: 822787 835223 Changes: quagga (0.99.22.4-1+wheezy3) wheezy-security; urgency=high . * Non-maintainer upload by the LTS team. * CVE-2016-4049: Missing size check in bgp_dump_routes_func in bgpd/bgp_dump.c allowing DoS (Closes: #822787). * CVE-2016-4036: World readable sensitive files in /etc/quagga (Closes: #835223). Checksums-Sha1: 14b5b6ca03cec730309d0970a77a953161c7b1ef 2139 quagga_0.99.22.4-1+wheezy3.dsc 0f20e02e772f7bcf17d51cb99ad69e87fb3f547e 43042 quagga_0.99.22.4-1+wheezy3.debian.tar.gz 2dc0a33b963cda7227b537f44f310ad00e22da53 1722506 quagga_0.99.22.4-1+wheezy3_amd64.deb 945b8c41a2911b635f99703b5bbdaad95c099f8e 2530810 quagga-dbg_0.99.22.4-1+wheezy3_amd64.deb 1a8aa4178a12437172b38d02fdce69812047662f 656384 quagga-doc_0.99.22.4-1+wheezy3_all.deb Checksums-Sha256: 29c6e74c8c2002a574ae3ab47a226266fe5201c789c4cb1a2bb73ae65aba8aee 2139 quagga_0.99.22.4-1+wheezy3.dsc 441d2e053436bd40bfa8c4f805bbaaa4a8f89eb0f418115356d5cd24b55541c8 43042 quagga_0.99.22.4-1+wheezy3.debian.tar.gz bd72b35c20e2e9b4dcdebb7b16d5f6a50c98629b07779eedfa01ad2a00f29c1c 1722506 quagga_0.99.22.4-1+wheezy3_amd64.deb 2b71f9b9801d5a66c9162434c3534fe6e21ee952ecd256c5a69c4e9449301876 2530810 quagga-dbg_0.99.22.4-1+wheezy3_amd64.deb 7936467505bb1757479060e569a6dc9e330510260c30c693b0a6721ae5629a2e 656384 quagga-doc_0.99.22.4-1+wheezy3_all.deb Files: ec6be919d15e4956573ff926b338cb97 2139 net optional quagga_0.99.22.4-1+wheezy3.dsc c49c7af84c556637ef079e636c467cc9 43042 net optional quagga_0.99.22.4-1+wheezy3.debian.tar.gz 4031be375f970ee94fb63b71e006c847 1722506 net optional quagga_0.99.22.4-1+wheezy3_amd64.deb 3efe7091290d87acfc758eb4c7bc47d0 2530810 debug extra quagga-dbg_0.99.22.4-1+wheezy3_amd64.deb 3f7e410388f3613c2c565332b354520f 656384 net optional quagga-doc_0.99.22.4-1+wheezy3_all.deb -BEGIN PGP SIGNATURE- Version: GnuPG v1 iQIcBAEBCgAGBQJXwA2RAAoJEKyQrD7FJAZeQAwP/R+k0QQSoFINcdVHfBszOQX+ lCbceYUdaroJKjOoLOoKok4IScjZUbGd6Vd1Wg7/1pirnCu95CTuZ6gof1mGXshA 9SFbRSNkIlW0zyUj/KSfskaDN3jbE5GkG/52ZmuLUNYltPULAIjKoTrPnNe0mR7H 9MWhRhK8X9yLtX7jCe7o+23ygIVDNmhbvSkVdQr6j3mvO5qbSIMkDweMvpgCIECr FmhIGJjo5Hi7WqpoxnERbXhjruhCSfhU053muKCW5yM4vp72Te5hhaQaJ3yM8zNg xJJbKMBJx4ORF1L1S+SXX/mUGf0PnsCCl7gYzRn8VkA0RDDQTih4Z9JkPQcBup7X cqamcEYXC3stD/gUaTCZETDeIX2oR/IT5d4IH053oLxcBcwoXam4FwPdudrh9am2 GvTBh/8kZA8wfWnyIWYPhXuzm0oNOWOLHDxvs0IPVNliORb3wpx/GXA+dztYtvMf B6Fe/zo3ynqI0CsaTO9k8eBxkdzPzWIE9smijzmVfeqzszOuJ5ylh1wf6U/Vv/Jv B0CDcgZ99RPsDC1G8zIQ6ALbDzWycQ7GvnnwEQTmgJVQ1n1iUAMRHM+xlLLoRo3f uBxhJZCZTNR+ri3chA7mqj709n6tXhVQ/5PIKnr5F9fgkbJz9WwNWE86+KTLwM6K Ae6w9xdx/THrMArPsbUj =243A -END PGP SIGNATURE-
Accepted qemu-kvm 1.1.2+dfsg-6+deb7u17 (source amd64) into oldstable
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Mon, 24 Oct 2016 19:32:57 +0200 Source: qemu-kvm Binary: qemu-kvm qemu-kvm-dbg kvm Architecture: source amd64 Version: 1.1.2+dfsg-6+deb7u17 Distribution: wheezy-security Urgency: high Maintainer: Michael Tokarev <m...@tls.msk.ru> Changed-By: Hugo Lefeuvre <h...@debian.org> Description: kvm- dummy transitional package from kvm to qemu-kvm qemu-kvm - Full virtualization on x86 hardware qemu-kvm-dbg - Debugging info for qemu-kvm Closes: 840340 840341 840343 840945 Changes: qemu-kvm (1.1.2+dfsg-6+deb7u17) wheezy-security; urgency=high . * Non-maintainer upload by the LTS Team. * CVE-2016-8576: usb: xHCI: infinite loop vulnerability in xhci_ring_fetch (Closes: #840343). * CVE-2016-8577: 9pfs: host memory leakage in v9fs_read (Closes: #840341). * CVE-2016-8578: 9pfs: potential NULL dereference in 9pfs routines (Closes: #840340). * CVE-2016-8669: char: divide by zero error in serial_update_parameters (Closes: #840945). Checksums-Sha1: b6df90e1c75b86076a290e326e5883621bcc2474 2495 qemu-kvm_1.1.2+dfsg-6+deb7u17.dsc e964f1d370079ef1706df0a252e34272e4c5f6d2 136280 qemu-kvm_1.1.2+dfsg-6+deb7u17.debian.tar.gz 99597af2283f4073f1330843fc0ab4fdcc717f59 1685148 qemu-kvm_1.1.2+dfsg-6+deb7u17_amd64.deb 4166a0f11662822c543a90b9473091078cb05b61 5279378 qemu-kvm-dbg_1.1.2+dfsg-6+deb7u17_amd64.deb 20942a6d962689892f09a2b960b5b960497f8b47 26008 kvm_1.1.2+dfsg-6+deb7u17_amd64.deb Checksums-Sha256: 6c9e4f8db3bbe7f70c2f2fb5f13c0b2bda6b000cc5917434212b518a3f9cd140 2495 qemu-kvm_1.1.2+dfsg-6+deb7u17.dsc adef2c5ab16c7344b02681163c43e7136871b34937aa7e74060d5c593e8f303b 136280 qemu-kvm_1.1.2+dfsg-6+deb7u17.debian.tar.gz 257c25e6465a0f3f4d4477400915344040ed28398bfbc49f62c079f40c4f7787 1685148 qemu-kvm_1.1.2+dfsg-6+deb7u17_amd64.deb c2a5388089cf7e757884c6fd5bc5a9efb8c154314bd05a3feda9fa7b305faca4 5279378 qemu-kvm-dbg_1.1.2+dfsg-6+deb7u17_amd64.deb 659297ff46b0ef64e95299c1c91fdff977d8968527f1cf1209e566d7bd308bbf 26008 kvm_1.1.2+dfsg-6+deb7u17_amd64.deb Files: a0f41351513357b067f070d6cdf50c65 2495 misc optional qemu-kvm_1.1.2+dfsg-6+deb7u17.dsc 79dab91ebe41858c87a5c3c1a5bcde73 136280 misc optional qemu-kvm_1.1.2+dfsg-6+deb7u17.debian.tar.gz e7c04463476bae70db40545e922afa1c 1685148 misc optional qemu-kvm_1.1.2+dfsg-6+deb7u17_amd64.deb 9e80a7c4878ccb2b87c11cc990f3fd6c 5279378 debug extra qemu-kvm-dbg_1.1.2+dfsg-6+deb7u17_amd64.deb d482381f67536ae898c550effaf2879d 26008 oldlibs extra kvm_1.1.2+dfsg-6+deb7u17_amd64.deb -BEGIN PGP SIGNATURE- iQIsBAEBCgAWBQJYD6w7DxxobGVAZGViaWFuLm9yZwAKCRCskKw+xSQGXsuSEADe nQVyd7YyZzhUDULRZgrNFEkCc8cv9Yf0PLT9Cz4Ix1VdeYCrgVQwmZFK0Ea9CUQq QfE36W0ZIjI7r4IONF4c+j0KMhXvvoYIIOw9tl0hGVovpga43meilCi7t0ztKYUO 0cxJxp3Mn95yoVB9POsfPY+kEdEBHgFA3ucE+ALWzXcP/3lOVw/+PIGA94TC4CTN yP8kjMkOn18zJhhmCaJZ2k3NOClgZdsQxxHildLc/M4eLi0wKQUi56q2MVnR+pGI q7zHsn+OfByF4Oj63jZ6WKIZV9KwnOkjAG9mrfUAIn+aoaksj5TDg8wpjQJUYNF7 3ad05K0qDRyIVODsTnGg1W+Hf9HfQoLuzg5ONivdjSEh4E+YnMuL0ZkLR1gwDK1U LUe669GZNlSErdxAypZWeNES138SoBPOysi4SB2U/ve+3EpH2KXxlrHF/DHEMyFn wLDvyyP9bVfqvaRykA79bT4vwNE6Eyc0AwXJ23RIqe5uF1LU3oJnT8VDfIEjfUcj 4endJcaeWBejR9yp8Qgs4h17x/OHfFTNli1svzdBZxFbnu3bPEPdjxxubTlnrdCB HHDNgzsOr/pImdKCueeWAbZBGaVrwyM/USbZTQJJBno6xmo8phqWTNzp8lDo0Rsx oHUdtdRIrkglMJtBQGI/JGoo8yxLPfNzgEYW4cybXw== =LNyQ -END PGP SIGNATURE-
Accepted qemu 1.1.2+dfsg-6+deb7u17 (source all amd64) into oldstable
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Mon, 24 Oct 2016 19:32:57 +0200 Source: qemu Binary: qemu qemu-keymaps qemu-system qemu-user qemu-user-static qemu-utils Architecture: source all amd64 Version: 1.1.2+dfsg-6+deb7u17 Distribution: wheezy-security Urgency: high Maintainer: Debian QEMU Team <pkg-qemu-de...@lists.alioth.debian.org> Changed-By: Hugo Lefeuvre <h...@debian.org> Description: qemu - fast processor emulator qemu-keymaps - QEMU keyboard maps qemu-system - QEMU full system emulation binaries qemu-user - QEMU user mode emulation binaries qemu-user-static - QEMU user mode emulation binaries (static version) qemu-utils - QEMU utilities Closes: 840340 840341 840343 840945 Changes: qemu (1.1.2+dfsg-6+deb7u17) wheezy-security; urgency=high . * Non-maintainer upload by the LTS Team. * CVE-2016-8576: usb: xHCI: infinite loop vulnerability in xhci_ring_fetch (Closes: #840343). * CVE-2016-8577: 9pfs: host memory leakage in v9fs_read (Closes: #840341). * CVE-2016-8578: 9pfs: potential NULL dereference in 9pfs routines (Closes: #840340). * CVE-2016-8669: char: divide by zero error in serial_update_parameters (Closes: #840945). Checksums-Sha1: 152beaeaebb7180aa24c92b1135d9ed97fb54f85 2967 qemu_1.1.2+dfsg-6+deb7u17.dsc 0b2dec90ac9c8723f8db634823909c54a0b99698 147974 qemu_1.1.2+dfsg-6+deb7u17.debian.tar.gz 8e299a25aae57cfc9eda2f30d68857d2b1b01058 52920 qemu-keymaps_1.1.2+dfsg-6+deb7u17_all.deb df9abd0f305eeba306411e4849647a454103df92 119198 qemu_1.1.2+dfsg-6+deb7u17_amd64.deb 2cf899df2cbe37e858bb64782fc5bb6b9661a727 27924984 qemu-system_1.1.2+dfsg-6+deb7u17_amd64.deb 5a01264e4354b95e4b715c86bebf9cc873fd9437 7725408 qemu-user_1.1.2+dfsg-6+deb7u17_amd64.deb 76785ba385d5754a73d40b568e3aefc6402c1f4b 16575910 qemu-user-static_1.1.2+dfsg-6+deb7u17_amd64.deb 67beb560364b884bfb3cbc1af4ebe16f3ad8c87a 665666 qemu-utils_1.1.2+dfsg-6+deb7u17_amd64.deb Checksums-Sha256: 7e18c5490a4b2b8133a352c282c5f6ebb35f903471d3a501bf33b02329dde075 2967 qemu_1.1.2+dfsg-6+deb7u17.dsc 561aad62a7b024f1a29e2f0ad7031d0289200699117bbacc34b2c066a382689c 147974 qemu_1.1.2+dfsg-6+deb7u17.debian.tar.gz c399fe3982063eeb94653a85e08fdfacf4fd56e7f2a43735c6a92aec42d669ad 52920 qemu-keymaps_1.1.2+dfsg-6+deb7u17_all.deb 15922bf8d2b726bd7b77537f9531c6dc90e3374eb8c872769516f7cf4b531c90 119198 qemu_1.1.2+dfsg-6+deb7u17_amd64.deb 60b70ab6089c2dc7ffb08d56ae0ceae94959c154b7e6da422fb1d3438a080590 27924984 qemu-system_1.1.2+dfsg-6+deb7u17_amd64.deb 484e002bb7110c64b9c794acf165630900c17ecf0e120546bfca471dc715b414 7725408 qemu-user_1.1.2+dfsg-6+deb7u17_amd64.deb 732e11ee2d2e3325f9e878fa6b09a85a5059d8a73632868d6f32ec03b4992484 16575910 qemu-user-static_1.1.2+dfsg-6+deb7u17_amd64.deb a3aa18835478562bb497bf30d60dbbb6f044352b2c57df0057311bdfb16be010 665666 qemu-utils_1.1.2+dfsg-6+deb7u17_amd64.deb Files: 778f028f1ff78536cf5f6cfd9852c039 2967 misc optional qemu_1.1.2+dfsg-6+deb7u17.dsc 936140a069cb2df89155fa80e20b960f 147974 misc optional qemu_1.1.2+dfsg-6+deb7u17.debian.tar.gz 0c284c8b39fde1e4e74af20fa0336553 52920 misc optional qemu-keymaps_1.1.2+dfsg-6+deb7u17_all.deb e87e8a3148d301205d5e2083f495dd16 119198 misc optional qemu_1.1.2+dfsg-6+deb7u17_amd64.deb 4bfde1777d70d6ae99a0efde92a02586 27924984 misc optional qemu-system_1.1.2+dfsg-6+deb7u17_amd64.deb f0dd104693b8b4de0079190a49d099a1 7725408 misc optional qemu-user_1.1.2+dfsg-6+deb7u17_amd64.deb 325f1fb46af6fc07b4223b952a21a651 16575910 misc optional qemu-user-static_1.1.2+dfsg-6+deb7u17_amd64.deb c7e6d3e87dcb141624f0ad60f8763608 665666 misc optional qemu-utils_1.1.2+dfsg-6+deb7u17_amd64.deb -BEGIN PGP SIGNATURE- iQIsBAEBCgAWBQJYD6eUDxxobGVAZGViaWFuLm9yZwAKCRCskKw+xSQGXm3aEADc Y+igQeBwDmpUb7MLmI5DAe35am06aWO/QwtHy7/ObZ7SGwtBi2VoIDr71XQcyWeJ W/gf3BGdIPWA2Jnfrh8RJq1O7tdaCCUGOCJo+EXhGLWuHw9ybULExC1HUCOMYx4g OY+mzllA6IHGcoG1WIcaIJaBBOGUgUwrJqFmUocp13W0vAXG3khWLpPop/ueEmic 6hlv9OPgPsskIJsRl3ADXT4YhIi+xrbIflnrnNhXuxs7pAunGiVEFKSqF54hpwpI rkAuXNvckRz8/ME3YKnjlQuy2qw2jUYiDp6aqI9tPh/IZEByVkeeptmh/8XCviM/ fBza0T92PCqm3zrquZlvwWSOjEvwDwFAd7s1gvL91kDDhYEMjUTy4eMLo/o8hAQQ PhT3vE1lg0Cie2do9W51Hg/H0GVICctYlIY45ZOsmAVWRA4W5PqLsSwLGd9c7Mms fINmEKNAetHACERbii7NuhIiPHCFwW3c6u5WrmmS+5jl13bIBgEz/BBzbbtk1fpB jMPZQZWsj8g0ABeNrqo5UozgNhjGNtEZFIwlGXYgcDRZ2UtkmWVssYfcJUnVdw+/ wRTa92ASRfQgN3bPKoYXhvntJcBQfy5QxrFvtdvQnEXuFPfhN8U/Rk+kInUSosY0 kQ4Ycr6ttigdBOif62dpOp5G3tq+sg4fJMo+a5wZpg== =DC7z -END PGP SIGNATURE-
Accepted qemu-kvm 1.1.2+dfsg-6+deb7u16 (source amd64) into oldstable
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Fri, 07 Oct 2016 18:31:51 +0200 Source: qemu-kvm Binary: qemu-kvm qemu-kvm-dbg kvm Architecture: source amd64 Version: 1.1.2+dfsg-6+deb7u16 Distribution: wheezy-security Urgency: high Maintainer: Michael Tokarev <m...@tls.msk.ru> Changed-By: Hugo Lefeuvre <h...@debian.org> Description: kvm- dummy transitional package from kvm to qemu-kvm qemu-kvm - Full virtualization on x86 hardware qemu-kvm-dbg - Debugging info for qemu-kvm Closes: 837316 838850 839835 Changes: qemu-kvm (1.1.2+dfsg-6+deb7u16) wheezy-security; urgency=high . * Non-maintainer upload by the LTS Team. * CVE-2016-7161: hw: net: Fix a heap overflow in xlnx.xps-ethernetlite (Closes: #838850). * CVE-2016-7170: vmware_vga: OOB stack memory access when processing svga command (Closes: #837316). * CVE-2016-7908: net: mcf: limit buffer descriptor count (Closes: #839835). Checksums-Sha1: 8dea1ee974d3420e7f702bdeb91eb66929c789f2 2495 qemu-kvm_1.1.2+dfsg-6+deb7u16.dsc c9c60c28250ecca116a9c9234f4307ea6b44b95f 133733 qemu-kvm_1.1.2+dfsg-6+deb7u16.debian.tar.gz 53ff1033d69ea575617340279472132627d41ebd 1684842 qemu-kvm_1.1.2+dfsg-6+deb7u16_amd64.deb df8aedfffd108c239e05b9070609dd22fd94c85d 5279344 qemu-kvm-dbg_1.1.2+dfsg-6+deb7u16_amd64.deb 49483c66c33d203a80cbcc4377617ab33215c80a 25864 kvm_1.1.2+dfsg-6+deb7u16_amd64.deb Checksums-Sha256: e6d13b1a60ba591cde41bd717a8b9964e496cd287e0df18f80141a79e4e5c476 2495 qemu-kvm_1.1.2+dfsg-6+deb7u16.dsc 12cc094d5118e0580081d5a2e4fb6b89cd54fcdc99ba1d774398318e4b84d0ce 133733 qemu-kvm_1.1.2+dfsg-6+deb7u16.debian.tar.gz 247bcc6ee262bb5b7a550be9772289a2d72bc11e4cb826a25511eca768daaead 1684842 qemu-kvm_1.1.2+dfsg-6+deb7u16_amd64.deb 28f8672ddc37829aa7ad31ce2b290c35f6b7f9ab9798c0030aa249f1c955305d 5279344 qemu-kvm-dbg_1.1.2+dfsg-6+deb7u16_amd64.deb bce22df55cf0955ac918a86ae77a333fda630687ca2a6744dfa27372b6cebbfa 25864 kvm_1.1.2+dfsg-6+deb7u16_amd64.deb Files: b94f752062096047ce1479424a101336 2495 misc optional qemu-kvm_1.1.2+dfsg-6+deb7u16.dsc a8d1b1bdabee18b0cc46bf0b32e6ee0b 133733 misc optional qemu-kvm_1.1.2+dfsg-6+deb7u16.debian.tar.gz d9ef4085cc42d8fc1b0500c96e2aa7e9 1684842 misc optional qemu-kvm_1.1.2+dfsg-6+deb7u16_amd64.deb 81fdca0a22541db5701fd53b26229ee1 5279344 debug extra qemu-kvm-dbg_1.1.2+dfsg-6+deb7u16_amd64.deb 19e8e95409933854d4c3cf9f89fa81aa 25864 oldlibs extra kvm_1.1.2+dfsg-6+deb7u16_amd64.deb -BEGIN PGP SIGNATURE- iQIsBAEBCgAWBQJX+5yHDxxobGVAZGViaWFuLm9yZwAKCRCskKw+xSQGXkKQD/9M Wmz0zQkKAEYLtjsWHpNqYOYiNviXBQ8pjpgZBvtga0wA6JcVKc4pJHAhNl9BWRp9 9SAh3z0OrN6DcsQ7ONa9MMDw8k3Jz8HcTUPxkLYw2bhyW/QaB9P6cy9JgfGeyver hpNKSybScTJhIPYN64CDggBndF7BIv153G8nPLUu3t87hoN5DV+kW2DPSWC3l6PV 6HI81HWYl6OjarSBnwHyxI3GdI/ECYevE2YGS5fnhixaaT4Hgp20KChJUA5CucLO NyF7a4hTjQGJr3TQzsv6ecC+UWwbGmIHRiREplg9N1CnECauS49fFpig5dsGeEAi v0UfLRkheR4kP04d9IiuK4c29tt+ef9t+s8W5N7hh6vM/aqMrnXyi5EnAA6DfM64 VMUYprvLUVZWZS/5L84j2KjrVI9vPolsQRFbY88EGsUH3T/9MjodiPv2ukDOgUR2 cbXnqVwfT1NOyr90K/bBBnXjj/+boTf9/BmQ4jkNg0STLqeUN/CxIQSELqp04FFD e9NSPypkjx20suN0W6kti1Kr1jer5U+LN9XJnbnmz8ahhUa25U1WHVLwFiX5ZbBh ZYQG3ou/2DoKbNyLpIoK4Pg4+hoWjpGuIb8QWjXxabpX60VwUuy6Gzo8LELaLath Xqual2GuqDuJmYJwvL+UO5sUht8UG0GWlJMDhcagAA== =KION -END PGP SIGNATURE-
Accepted libxrandr 2:1.3.2-2+deb7u2 (source amd64) into oldstable
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Tue, 17 Oct 2016 13:35:45 +0200 Source: libxrandr Binary: libxrandr2 libxrandr2-dbg libxrandr-dev Architecture: source amd64 Version: 2:1.3.2-2+deb7u2 Distribution: wheezy-security Urgency: high Maintainer: Debian X Strike Force <debia...@lists.debian.org> Changed-By: Hugo Lefeuvre <h...@debian.org> Description: libxrandr-dev - X11 RandR extension library (development headers) libxrandr2 - X11 RandR extension library libxrandr2-dbg - X11 RandR extension library (debug package) Closes: 840441 Changes: libxrandr (2:1.3.2-2+deb7u2) wheezy-security; urgency=high . * Non-maintainer upload by the LTS Team. * CVE-2016-7948, CVE-2016-7947: check responses of the connected X server to avoid oob accesses (Closes: #840441). Checksums-Sha1: 002c8e6345a273de32f8783e4d1f3e0cd6d148c9 2150 libxrandr_1.3.2-2+deb7u2.dsc bdc6355a17b1b34a4e7688eb799f422574b96d70 20593 libxrandr_1.3.2-2+deb7u2.diff.gz c0d5e7ad5509e03b4175dadcb72c4e8b972c57e7 33944 libxrandr2_1.3.2-2+deb7u2_amd64.deb adc78a98eafd24cf1de58f56be01d67a4cdb042c 91380 libxrandr2-dbg_1.3.2-2+deb7u2_amd64.deb d3c36c8a6ebed4852120e9c1c4b61166033032c5 42042 libxrandr-dev_1.3.2-2+deb7u2_amd64.deb Checksums-Sha256: 05b947bc381887728bcf7d73aac8c4ffbe3ae09402a9b106bb3a759763cc154c 2150 libxrandr_1.3.2-2+deb7u2.dsc 7badcd10aca24a6b6d9080c11173ef13587b1caea3097992e30243e47c5f05c4 20593 libxrandr_1.3.2-2+deb7u2.diff.gz 884a957e811060888794b50a2899199d09eb4e24de9b0abe447d2614190d2e1e 33944 libxrandr2_1.3.2-2+deb7u2_amd64.deb 37ea1ca2d5425eada31d6c10b0c3cc00466c7b628e9e5ecc373f062692450ed7 91380 libxrandr2-dbg_1.3.2-2+deb7u2_amd64.deb c84a2a6a801075f313b61953427d0abb0653720f325c6ebdc36e16acbea7f361 42042 libxrandr-dev_1.3.2-2+deb7u2_amd64.deb Files: 5ebfee8e8ccabddad432dbb896f581ff 2150 x11 optional libxrandr_1.3.2-2+deb7u2.dsc e4376856b685102b1de761a685feea77 20593 x11 optional libxrandr_1.3.2-2+deb7u2.diff.gz 619d34bd67583b0035a0d1df5a0e03fc 33944 libs optional libxrandr2_1.3.2-2+deb7u2_amd64.deb a96cc13abc43bf858ed20b7f9dd09a09 91380 debug extra libxrandr2-dbg_1.3.2-2+deb7u2_amd64.deb c1f2db7c808f102538afd5e2f9e7fb1a 42042 libdevel optional libxrandr-dev_1.3.2-2+deb7u2_amd64.deb -BEGIN PGP SIGNATURE- iQIsBAEBCgAWBQJYBPMWDxxobGVAZGViaWFuLm9yZwAKCRCskKw+xSQGXoL8D/4x YbmjA5Qurv5xnpT7zcYHK0E+TP/wn/67JgT4eVLidlK/Edu2h0srrKj0p9b0xGGD FTrWW5Ega2TL39VXNZ2jWHED2u3AmgvLTEJsvWLgd+kxChW4cCNhJNYyH///HHsN 5Evl/5KPsnyJ3/5idD6p6WHep5ZBluh9Ig4emL37PiAFy2Ge0y5uocUFMO7F9UbP lOZiCBRVvAGXM+nEMQcTx/IWkKqgpj4Kt9lvtvLDJDgFcmLS0s+oN3Qm/pJoXr6N b2xTOYQJiihFeG73BssK3dK3eZ45pwlZEc7geOQKb0FLnhpjEOd0TgmbqpiFvpUB 7zrIcOyOGEmSimGla5L/2UTkcrkJdm/h+0aXYvgbEDjaE99J1LvOYJnKc48XWuOp viyFkdY5YCgiCvbfklK44Wi7n/REIsOkMT3GF7vvJeST3/n0kX/jqG+z/vMn4k9a yDEnVHuMMFU4LFo1SZfh37Lc35PTdkG/0VYxg9lblm8x2W3wFszEwMpW5flVmzXa PGDydvbO9W82aunvFgPQ6LYiuqrF7D+OeQ0rs303TAv187FsiUvSOr6gAH2fwcnJ AyV3orScBGqEcuOT6u2z0HCB/KhrW5CZ45lpg/m+32wAgMguhcLQPuhuVfXC5z08 qrIibwL+3dGXH/WsgQc2gz4kNGQ3pIZbsCpWFDepXg== =3GMs -END PGP SIGNATURE-
Accepted libav 6:0.8.19-0+deb7u1 (source amd64 all) into oldstable
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Wed, 11 Jan 2017 18:51:59 +0100 Source: libav Binary: libav-tools ffmpeg ffmpeg-dbg libav-dbg libav-extra-dbg ffmpeg-doc libav-doc libavutil51 libavcodec53 libavdevice53 libavformat53 libavfilter2 libpostproc52 libswscale2 libavutil-dev libavcodec-dev libavdevice-dev libavformat-dev libavfilter-dev libpostproc-dev libswscale-dev libavutil-extra-51 libavcodec-extra-53 libavdevice-extra-53 libavfilter-extra-2 libpostproc-extra-52 libavformat-extra-53 libswscale-extra-2 Architecture: source amd64 all Version: 6:0.8.19-0+deb7u1 Distribution: wheezy-security Urgency: high Maintainer: Debian Multimedia Maintainers <pkg-multimedia-maintain...@lists.alioth.debian.org> Changed-By: Hugo Lefeuvre <h...@debian.org> Description: ffmpeg - Multimedia player, server, encoder and transcoder (transitional p ffmpeg-dbg - Debug symbols for Libav related packages (transitional package) ffmpeg-doc - Documentation of the Libav API (transitional package) libav-dbg - Debug symbols for Libav related packages libav-doc - Documentation of the Libav API libav-extra-dbg - Debug symbols for Libav related packages (transitional package) libav-tools - Multimedia player, server, encoder and transcoder libavcodec-dev - Development files for libavcodec libavcodec-extra-53 - Libav codec library (additional codecs) libavcodec53 - Libav codec library libavdevice-dev - Development files for libavdevice libavdevice-extra-53 - Libav device handling library (transitional package) libavdevice53 - Libav device handling library libavfilter-dev - Development files for libavfilter libavfilter-extra-2 - Libav filter library (transitional package) libavfilter2 - Libav video filtering library libavformat-dev - Development files for libavformat libavformat-extra-53 - Libav video postprocessing library (transitional package) libavformat53 - Libav file format library libavutil-dev - Development files for libavutil libavutil-extra-51 - Libav utility library (transitional package) libavutil51 - Libav utility library libpostproc-dev - Development files for libpostproc libpostproc-extra-52 - Libav video postprocessing library (transitional package) libpostproc52 - Libav video postprocessing library libswscale-dev - Development files for libswscale libswscale-extra-2 - Libav video software scaling library (transitional package) libswscale2 - Libav video scaling library Changes: libav (6:0.8.19-0+deb7u1) wheezy-security; urgency=high . * Non-maintainer upload by the LTS Team. * New upstream release fixing multiple security issues. - h264: Various crashes with invalid-free, corrupted double-linked list or out-of-bounds read - CVE-2016-7424: mpegvideo_motion: Handle edge emulation even without unrestricted_mv * Remove debian/patches/CVE-2014-3062.patch and debian/patches/CVE-2014-2326.patch: Integrated in the new upstream release. Checksums-Sha1: e5aa4710581d1a3664036759ac15db74315d4194 4348 libav_0.8.19-0+deb7u1.dsc c79350d6fa071fcd66448ffc713fe3b9754876a8 3772660 libav_0.8.19.orig.tar.xz a3eef9cb53b5d2a30c7162d180fa595ef936e8ce 47167 libav_0.8.19-0+deb7u1.debian.tar.gz 9df6a73c1397e8f120d3ce62869a5102e8b5c297 376608 libav-tools_0.8.19-0+deb7u1_amd64.deb ca38ee46c7d3372a0f46016c0f4c01a9874ed234 150800 ffmpeg_0.8.19-0+deb7u1_amd64.deb 92a26804fe25aaba017d85297db932bd4c862c97 55898 ffmpeg-dbg_0.8.19-0+deb7u1_all.deb 54c0e248648c55e1c0f53a1575c309b726166dfb 21776608 libav-dbg_0.8.19-0+deb7u1_amd64.deb 8d02a726b9f3b929f1d584300c6950457d90e3f1 55896 libav-extra-dbg_0.8.19-0+deb7u1_all.deb 48a352909a07907897912bc5d2ab5dfac38dff5e 55962 ffmpeg-doc_0.8.19-0+deb7u1_all.deb c279f79efd7abf45c619e94cd05a2848cb58ddd1 12478400 libav-doc_0.8.19-0+deb7u1_all.deb 4f586d4480ffaded6224b47d52a8a88a0074166b 105224 libavutil51_0.8.19-0+deb7u1_amd64.deb f9a1304d241804bfe6a65e2d58c10700d5ac9e64 2521694 libavcodec53_0.8.19-0+deb7u1_amd64.deb 85044262e31b9d44a26962d2665354bde5310450 81158 libavdevice53_0.8.19-0+deb7u1_amd64.deb 682a733e69f56ceb7c970f51e7314a49a63a4ba1 478446 libavformat53_0.8.19-0+deb7u1_amd64.deb 90f21993de3edcabb47a3e225253ee6b972a9133 127226 libavfilter2_0.8.19-0+deb7u1_amd64.deb f2d8a535fe34f8bc7590228413e2315f929ef048 101432 libpostproc52_0.8.19-0+deb7u1_amd64.deb 71ae19a97b8cd85e612a9dbf3d5892881be7a443 133468 libswscale2_0.8.19-0+deb7u1_amd64.deb 1192050e06656de21d7ea8d9b56dc298ff51e1ce 145152 libavutil-dev_0.8.19-0+deb7u1_amd64.deb bb4e2c8fa7f7e3f7ab840ba87f34de7b603c2e09 2767166 libavcodec-dev_0.8.19-0+deb7u1_amd64.deb 607980bd34de07e061a4bd56f270c55443cb9c56 82892 libavdevice-dev_0.8.19-0+deb7u1_amd64.deb 30b07eb8fa1eecc82356c08c1f38bc9cf1b38a4c 564114 libavformat-dev_0.8.19-0+deb7u1_amd64.deb 92d08f178bc859c4bbc77221d96753e4187e316c 146650 libavfilter-dev_0.8.19-0+deb7u1_amd64.deb 4375621a4b35b0c1807bc0891b7f36742dbe85d0 101570 libpostproc-
Accepted qemu 1.1.2+dfsg-6+deb7u19 (source all amd64) into oldstable
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Tue, 13 Dec 2016 10:19:22 +0200 Source: qemu Binary: qemu qemu-keymaps qemu-system qemu-user qemu-user-static qemu-utils Architecture: source all amd64 Version: 1.1.2+dfsg-6+deb7u19 Distribution: wheezy-security Urgency: medium Maintainer: Debian QEMU Team <pkg-qemu-de...@lists.alioth.debian.org> Changed-By: Hugo Lefeuvre <h...@debian.org> Description: qemu - fast processor emulator qemu-keymaps - QEMU keyboard maps qemu-system - QEMU full system emulation binaries qemu-user - QEMU user mode emulation binaries qemu-user-static - QEMU user mode emulation binaries (static version) qemu-utils - QEMU utilities Closes: 847951 847960 Changes: qemu (1.1.2+dfsg-6+deb7u19) wheezy-security; urgency=medium . * Non-maintainer upload by the LTS Team. * CVE-2016-9921, CVE-2016-9922: display: cirrus_vga: a divide by zero in cirrus_do_copy (Closes: #847960) * CVE-2016-9911: usb: ehci: memory leakage in ehci_init_transfer (Closes: #847951) Checksums-Sha1: 30876c8842792d629ab0c9e8df51689a11d390a5 3000 qemu_1.1.2+dfsg-6+deb7u19.dsc 25165091c02571ba85bddeb50ff26306c6a52042 154166 qemu_1.1.2+dfsg-6+deb7u19.debian.tar.gz f8083ecdd18c317fc12c0037371a324b05e962be 53268 qemu-keymaps_1.1.2+dfsg-6+deb7u19_all.deb a494165a0e462a6af1bc432a0c71297324d0162e 119548 qemu_1.1.2+dfsg-6+deb7u19_amd64.deb c0c69dbadcf2cf285255765a0eca184a24b0df49 27925910 qemu-system_1.1.2+dfsg-6+deb7u19_amd64.deb 94b1dd404aa793c3e9f5e4f6bd0abf2062d68795 7725838 qemu-user_1.1.2+dfsg-6+deb7u19_amd64.deb 39eea0e75202760a74c5f00216c10450cb441d4f 16576166 qemu-user-static_1.1.2+dfsg-6+deb7u19_amd64.deb f1ae9a7643c928ddad6fd9d2cacf86ec35dc4a79 665990 qemu-utils_1.1.2+dfsg-6+deb7u19_amd64.deb Checksums-Sha256: 660a0635b03601bdf525a1cbf0b7be5223993edd2c2d4e8abcaf75de9dfb13a1 3000 qemu_1.1.2+dfsg-6+deb7u19.dsc 7a9423280cca2073eaa481e7d3ee5bf56aec383b04fa63b4adc98fb44cd5e9c1 154166 qemu_1.1.2+dfsg-6+deb7u19.debian.tar.gz 42eea99696da7a95daef6ab8882e58143d8215af5f176516f73eaa100618f811 53268 qemu-keymaps_1.1.2+dfsg-6+deb7u19_all.deb abb6d3b76b90e227b8baba5742fce52d17ac770105b3e0d4120dc83f362aaf76 119548 qemu_1.1.2+dfsg-6+deb7u19_amd64.deb b37788020f3c39785090df224e389ef7e69e57e8ef397fa335613cb25f8e1970 27925910 qemu-system_1.1.2+dfsg-6+deb7u19_amd64.deb f0070c636a3844ff82e291a5d7b1ab441564c1873a8b46120c854d6120d7752e 7725838 qemu-user_1.1.2+dfsg-6+deb7u19_amd64.deb 0981ded388655769f17a51adc4635d11989697bde930091854301b7b836d2dc4 16576166 qemu-user-static_1.1.2+dfsg-6+deb7u19_amd64.deb c47522debf63e4c2af9c2c4d3c0a39ed3ed13ba696b89a8be559d32c9d269113 665990 qemu-utils_1.1.2+dfsg-6+deb7u19_amd64.deb Files: b9e2f2f3e009a99f08965efa535f8b05 3000 misc optional qemu_1.1.2+dfsg-6+deb7u19.dsc 8846d16b1285c9b10082f0beddd3057b 154166 misc optional qemu_1.1.2+dfsg-6+deb7u19.debian.tar.gz 8a330f690748e80189d4c97f1c611d8b 53268 misc optional qemu-keymaps_1.1.2+dfsg-6+deb7u19_all.deb 8f36736beea6ecc1f4005e177a1c7856 119548 misc optional qemu_1.1.2+dfsg-6+deb7u19_amd64.deb fb69c6c4bc881e47a9372462271bf8d3 27925910 misc optional qemu-system_1.1.2+dfsg-6+deb7u19_amd64.deb 2e642547825def19fcd26bb83ff8058b 7725838 misc optional qemu-user_1.1.2+dfsg-6+deb7u19_amd64.deb e32a20bcf04461afbd5bdae4fccbf71c 16576166 misc optional qemu-user-static_1.1.2+dfsg-6+deb7u19_amd64.deb 6fb849055c24954aaf80de870cb371d2 665990 misc optional qemu-utils_1.1.2+dfsg-6+deb7u19_amd64.deb -BEGIN PGP SIGNATURE- iQJDBAEBCgAtFiEErLe2fxl/mzIVM0McrJCsPsUkBl4FAlhfrbIPHGhsZUBkZWJp YW4ub3JnAAoJEKyQrD7FJAZeDDwQANRyNyUvIV4WlRdwqLjgaq/ncyWo9Xjpi3cA 5lS34P03OzD3ha7RjSfzUCqbDLiL2tGiT1lpy9vXn2VwCsR8fWZDNY9775P03/ED jjxiHJn373vdLgYW4pS9MRB6NnG7XK1geqJoIKIfWW0A6iHYKITB0kP69t+oscL2 qsmQB1pbkmmWP/10JCO8mxRW7tTqbULXW3YjW0vdbwzY0EfdbofC6mVUANH61keu cjmyXNnxLJ7Fvs5yWksWf7aBm/Kt8yS+PI5Xv+Jb9VnCyqwSz3m3ndOo6voYDnlo tqAPWhTKWQSijt5G1F6BZnf5RY5et+88x4wuGMGwEOBD6mbM721jfqseWtaEe//Z sH+2k/mzGjhT9mnHbgB+REO2qu+rehKHKYtnPWOUH6M8Sv9Cv8sXr1nsxhb8GL/X bbQ4gsmRrmyo67Q+uYbr1BAC4q7LLWczkNyb70itZn7YzZ71XqtHN4bYiqJNXfVk ndj7kdwNCzLtysnZGXtuIKeYey5TCGtNZvGtr35ZwANDzw6O6O4ABZMzMh7FdBP8 tU3srgFzVYjc4GE+QLJOOWipKJSnTWneGsDvpWxtX2i0CUiFs6CJkC47/J+LUU7N VMfeH194oDpAOZc9XL5SuKiFLyIxOt4r+IkCF9AKcLhCBCOhF2jUs/N6zQlgAOt7 g0+AhQa6 =JFWT -END PGP SIGNATURE-
Accepted qemu-kvm 1.1.2+dfsg-6+deb7u19 (source amd64) into oldstable
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Tue, 13 Dec 2016 10:19:22 +0200 Source: qemu-kvm Binary: qemu-kvm qemu-kvm-dbg kvm Architecture: source amd64 Version: 1.1.2+dfsg-6+deb7u19 Distribution: wheezy-security Urgency: medium Maintainer: Michael Tokarev <m...@tls.msk.ru> Changed-By: Hugo Lefeuvre <h...@debian.org> Description: kvm- dummy transitional package from kvm to qemu-kvm qemu-kvm - Full virtualization on x86 hardware qemu-kvm-dbg - Debugging info for qemu-kvm Closes: 847951 847960 Changes: qemu-kvm (1.1.2+dfsg-6+deb7u19) wheezy-security; urgency=medium . * Non-maintainer upload by the LTS Team. * CVE-2016-9921, CVE-2016-9922: display: cirrus_vga: a divide by zero in cirrus_do_copy (Closes: #847960) * CVE-2016-9911: usb: ehci: memory leakage in ehci_init_transfer (Closes: #847951) Checksums-Sha1: 6a8d5eaad933f160503eba2904558e4bf3139249 2524 qemu-kvm_1.1.2+dfsg-6+deb7u19.dsc b43005a3342aaabfbc54c2c5581bb2e7f76d1591 141061 qemu-kvm_1.1.2+dfsg-6+deb7u19.debian.tar.gz 97c29a600dc77eb760a9c3c09773dbe4671cc5de 1685798 qemu-kvm_1.1.2+dfsg-6+deb7u19_amd64.deb 954eade4f9ecbe06385ffbb5365e4b844bb7bff2 5279282 qemu-kvm-dbg_1.1.2+dfsg-6+deb7u19_amd64.deb e9c75d68687d561c9bacc85a6be3fe0a66eba8b1 26288 kvm_1.1.2+dfsg-6+deb7u19_amd64.deb Checksums-Sha256: a166e2712d2eb5a446fe35b83135292214cd0c967b888b92da8bff5c87ae18d0 2524 qemu-kvm_1.1.2+dfsg-6+deb7u19.dsc 1cc91428db4f140c78ddc880bbaaad1d76419c4cad101af6f8d135f7a0449a40 141061 qemu-kvm_1.1.2+dfsg-6+deb7u19.debian.tar.gz c3baf4f53cedac5ca17ac678f805c4a2a4426b2214cc7e78a76017d397df49c8 1685798 qemu-kvm_1.1.2+dfsg-6+deb7u19_amd64.deb 95895aa970d95ae4e51c8047056ba9c82754fa31a79f3bf7fc951d0a12c50e8c 5279282 qemu-kvm-dbg_1.1.2+dfsg-6+deb7u19_amd64.deb d71b2e8d774618d7ffee42b6f77ca31b64e377efa06db1f667075bfefa85e11f 26288 kvm_1.1.2+dfsg-6+deb7u19_amd64.deb Files: fbf8fa3cb04e916ecd7661b9c85a185e 2524 misc optional qemu-kvm_1.1.2+dfsg-6+deb7u19.dsc fff9af24d4ae58894970b6523241d367 141061 misc optional qemu-kvm_1.1.2+dfsg-6+deb7u19.debian.tar.gz 2c627111033fbdac82b85d5fb3bde2a9 1685798 misc optional qemu-kvm_1.1.2+dfsg-6+deb7u19_amd64.deb ff99ffdd9d12e043e895729f294e2c76 5279282 debug extra qemu-kvm-dbg_1.1.2+dfsg-6+deb7u19_amd64.deb e9ed9ab04a139be62188e09308337f60 26288 oldlibs extra kvm_1.1.2+dfsg-6+deb7u19_amd64.deb -BEGIN PGP SIGNATURE- iQJDBAEBCgAtFiEErLe2fxl/mzIVM0McrJCsPsUkBl4FAlhgQIQPHGhsZUBkZWJp YW4ub3JnAAoJEKyQrD7FJAZeU18P/2BmY3A52Y3zPiPwwCVQbKxFOcCU0/VcHfM1 FMyHI9M8yw22VHBJtsOow8wdCEt3BsmwVXmoOEPtXNs653DA3BBQJ01FVO3vKT7J fU8l6vVKwRPAaeecDFhP5AvdZOBUHTJ4kBBdcGOV/PNblDSoZGnmRTNTWRd2BJV8 eLC7QiqwBGArkD89NxwWT3CHRNRNnhns2n0PJ1JfbTYq/egv5yX5riddH6d9ubgb glDFWgyc3OGfu+JdymsHjGd+tYoAUKCP6FgUMDFDxMUeUOBI+lhS4Z8WWGj/nDL3 ASx0LgJoWPuQsTofsmjCeSlpJl+VLGVPy4MLCQR8x3hDOIqJfYS8D6+U6U21MVb7 g6hQ8njKU2OdlpRmBedfSP5rU/err0Y/VWqRq0wfBG1vt3kqHx0qMT7JkIiyTwSw 09LnDZwo5JUNqefqIvdoeJbDqDCkNlX1/Lu/RsBOgH1mSVsjBqzck/bk0xTudkFp b1wy6VnlLCyMyIhSPGAG2R4G/Ocw4Ok3iuyrLZrJ6r1xJu4wxx04aunOf/JU18Y2 XyP1Xja+WbLDVUMiy3uZIHupOoPQsWA+8IxWx910I5JhNHO9J3Nq2wO0v5KsNS0l B2n5tZDLEc8h1V/gnAxeioVBAThc8NINvpIjnRXdkfzTJPag6K2geT/MFFU90k+u 2ktZuHN3 =+qtP -END PGP SIGNATURE-
Accepted potrace 1.10-1+deb7u2 (source amd64) into oldstable
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Sat, 08 Apr 2017 23:10:22 +0200 Source: potrace Binary: potrace libpotrace0 libpotrace-dev Architecture: source amd64 Version: 1.10-1+deb7u2 Distribution: wheezy-security Urgency: high Maintainer: Bartosz Fenski <fe...@debian.org> Changed-By: Hugo Lefeuvre <h...@debian.org> Description: libpotrace-dev - development files for potrace library libpotrace0 - library for tracing bitmaps potrace- utility to transform bitmaps into vector graphics Closes: 843861 Changes: potrace (1.10-1+deb7u2) wheezy-security; urgency=high . * Non-maintainer upload by the LTS Team. * Fix CVE-2016-8685 (Closes: #843861). * Add -fwrapv to build flags in debian/rules to avoid segfaults caused by optimization of code relying on two's-complement wrapping behaviour on signed arithmetic. * export CFLAGS variable in debian/rules. Checksums-Sha1: 9051ca13a6a7b8329e78ad3f7b4513a7bad42636 1814 potrace_1.10-1+deb7u2.dsc 2f9f6c840eb11397a30a11701f5ce5929b4fe1cb 9766 potrace_1.10-1+deb7u2.debian.tar.gz a03a3ab40cfd0eb67f74097594d5896063bbdb46 89556 potrace_1.10-1+deb7u2_amd64.deb 5066602393e58b7b3f3b0b2409debea217b345b7 26174 libpotrace0_1.10-1+deb7u2_amd64.deb 773c8bb3ba160ff03173285777c52b8ab3cf1965 11870 libpotrace-dev_1.10-1+deb7u2_amd64.deb Checksums-Sha256: 1e793d6d0ebb8a82b1b6e61a0bb61484c0f2df4be4d3ade45a24e355ea0e17c9 1814 potrace_1.10-1+deb7u2.dsc f929f179f203b6ebc467daeafe7fc614ca9b17ad1aec065243b2c621f9e38a94 9766 potrace_1.10-1+deb7u2.debian.tar.gz 0cc1f6ac3355d0f5b731855ee942c5e563954994cd0dd93b7fa4340993f60bd3 89556 potrace_1.10-1+deb7u2_amd64.deb df1e5f43fbbfd2706496c2ba3dbfafe1b52810cc4d83de06311c0ac0fbcc97ef 26174 libpotrace0_1.10-1+deb7u2_amd64.deb 0b18f521c474339a712286f12b34857b8e722d694df2df0eb9b7980862b523f9 11870 libpotrace-dev_1.10-1+deb7u2_amd64.deb Files: ab3c6e6c79a2dc2beb7aed74d2d43132 1814 graphics optional potrace_1.10-1+deb7u2.dsc 558021d58de9fdfba3a4d97155945008 9766 graphics optional potrace_1.10-1+deb7u2.debian.tar.gz 0b8d55ec4a5ded1026645b58e7338eee 89556 graphics optional potrace_1.10-1+deb7u2_amd64.deb edadf49c6a46b994488f69945254b5d4 26174 libs optional libpotrace0_1.10-1+deb7u2_amd64.deb 217cdeb9978ef62c93d536736af374a1 11870 libdevel optional libpotrace-dev_1.10-1+deb7u2_amd64.deb -BEGIN PGP SIGNATURE- iQJDBAEBCAAtFiEErLe2fxl/mzIVM0McrJCsPsUkBl4FAljpcnQPHGhsZUBkZWJp YW4ub3JnAAoJEKyQrD7FJAZe67AP/A56LCMY0/IJPz677gVoU/BhdgT0hna1XF18 jw1WvvpWV3kD8qqHsD/OmmK32HqcrCXsTofixUrk8oWQA25/6WSiGyf6g9odgZGq 6seMrV9jBc6D2u+26ooFQtRnJZtEHu9n6NU0JCDbnW13rPNxWJ4AedmMhfUwxma4 oTWlQObH6qTP+/7jnoue0JRnxAHn1z/eGOkPhBVaGgSCS+I3L6NTmd6ej8CvWgSo oINRCQ6u42yZkCNIMCC2yQazfgoq/RFi2Shb1RkP67eReWNsdi2+pIa8Xgb0dPkZ UNqqRHTH6xmqqtrEpaEbH7JUf6CY9puEgK/KvsKikbiKLXxPMLnc4ibs8wABQcW5 xtWFNPSh2ZvT/83xmhECwlM33Hq2CI9QruoWuBEhiB8NDCmnAfCEubit0gh8zuoj vDleTmRY1vrWrWWxB5sJEa8tE447BkKkLu+9q+mLYsfZFDHWH2d1ug4DPrjm+/Qv 5Cb2/tv/lPIf9lycBO83R2gFiJ000zjtHcTzFcJdb84rKyRMdFiccT3j/qWSyOww H7ig9/mG2teSRupD26rUeclMEB/qUGSplppRcAGpDKKaJk+6HXP3p5Dh+1MiJVfl F1ZijwjoEd+zZmgupLfyC4MWblHGKkNQs9Sje0Kwd+W3GzwgpdtZL6Yb9S0GPqJB ri/wADg7 =Qwoe -END PGP SIGNATURE-
Accepted partclone 0.2.48-1+deb7u1 (source amd64) into oldstable
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Tue, 25 Apr 2017 16:11:13 +0200 Source: partclone Binary: partclone Architecture: source amd64 Version: 0.2.48-1+deb7u1 Distribution: wheezy-security Urgency: high Maintainer: Georges Khaznadar <georg...@ofset.org> Changed-By: Hugo Lefeuvre <h...@debian.org> Description: partclone - Utility to clone and restore a partition Closes: 857966 Changes: partclone (0.2.48-1+deb7u1) wheezy-security; urgency=high . * Non-maintainer upload by the LTS Team. * CVE-2017-6596: heap-based buffer overflow vulnerability due to insufficient validation of the partclone image header (Closes: #857966). Checksums-Sha1: 9ee76557224f57680d72c3f1e08a13fca2ad6d26 2007 partclone_0.2.48-1+deb7u1.dsc f64d9c473e59390f9dd80c0ed9fc39abb3432b21 417554 partclone_0.2.48.orig.tar.gz c41a5fb3525febabc17ac76ba386ea10861dd096 9359 partclone_0.2.48-1+deb7u1.debian.tar.gz beeb61bf9ebbf26889d73e0c1447479c0f1fb3fc 391704 partclone_0.2.48-1+deb7u1_amd64.deb Checksums-Sha256: a263502b8dea2fbed177158ef9f994ca17955d391908fa5de93fce0e165f1857 2007 partclone_0.2.48-1+deb7u1.dsc 039d07b61504861401ba0e525541c37c534b73db8e685b3757f220f78b96ecf9 417554 partclone_0.2.48.orig.tar.gz 948b889b7ff2008d785b326e609d366d832ec26426bbfa758ed02af7eebc3b93 9359 partclone_0.2.48-1+deb7u1.debian.tar.gz 485f80e67c4b80615c50dacb07a7d29755b851764ab677024434047b96c8225b 391704 partclone_0.2.48-1+deb7u1_amd64.deb Files: 282a7400b1011ab75604573a4f538165 2007 admin extra partclone_0.2.48-1+deb7u1.dsc 279a575181a35bc50373702516d04b3b 417554 admin extra partclone_0.2.48.orig.tar.gz 4fb2a0162066f1f9e40446410c4742cf 9359 admin extra partclone_0.2.48-1+deb7u1.debian.tar.gz fd9bcd0302966cd882c80583f26917e7 391704 admin extra partclone_0.2.48-1+deb7u1_amd64.deb -BEGIN PGP SIGNATURE- iQJDBAEBCAAtFiEErLe2fxl/mzIVM0McrJCsPsUkBl4FAlkDka0PHGhsZUBkZWJp YW4ub3JnAAoJEKyQrD7FJAZeYG0QAK3mrwNoj089Lya5fhMPFbYZv3UvZif/BGo5 XhjtMYxlhaXc/33moRRPli5ig8UR0xFE9KbHKKZCs/9bdvNpAR0+z2FcLlwrDzL+ 906dhBUgVTuC9knoc1A4A2Xx92pOE1hdSvHAHqonrKdqIs1rX37IbrX26t/SBWq6 3EUW/Ud9mTY+aoGkHe6XQWwNN3QBjb/pWbtxveezZeXUum1w8mafH9L3LULbLcub ZjhXqH21dq/hzEa2acXDcsDe6b0nf6CTk5JXfoF834JgaHgEWV8vJAh5AeZRqYkI 86k8/bYHpL2pL6CE8isVdukXr8hlaBzts+bS9soMK5km5AHHiGlL9JjNUJu+eBCq ApTYujL3dEumnmsyk14PorZrwXWIhT7WEPYwSj/9FW4ocmSyxK5X1ID1DBi/+NL9 47EVUOFTtU2+0pGxJ658316PWbtvVvozGuW4s7IgojAcIJiY6ivPlVRVX0NHiWMJ cirAAQTbVpPXu6LCSu1ZFQj3Vv83iruci0WdR4H9Z4ULYG544DKGZlF2c3HbTRdo h8h3jScOSaqfWsyWRrzZ9/pAeRGJTCtygBHL2ddaQYA2tO3u4FB0HBG1Bl5Uqxmn 76XMExGmDe3C4a90QUJB6E2hUgEynX9uBI9hYxG6f/ccF0qc/IBH+By6Z1SkPo1I xh1af2UJ =iV8R -END PGP SIGNATURE-
Accepted ming 1:0.4.4-1.1+deb7u4 (source amd64 all) into oldoldstable
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Fri, 13 Oct 2017 16:12:34 +0200 Source: ming Binary: libming1 libming-dev ming-fonts-dejavu ming-fonts-opensymbol libswf-perl libming-util python-ming php5-ming Architecture: source amd64 all Version: 1:0.4.4-1.1+deb7u4 Distribution: wheezy-security Urgency: high Maintainer: Stuart R. Anderson <ander...@netsweng.com> Changed-By: Hugo Lefeuvre <h...@debian.org> Description: libming-dev - Library to generate SWF (Flash) Files (development files) libming-util - Library to generate SWF (Flash) Files - Utilities libming1 - Library to generate SWF (Flash) Files libswf-perl - Ming (SWF) module for Perl ming-fonts-dejavu - Ming format DejaVue Fonts ming-fonts-opensymbol - Ming format Opensymbol Fonts php5-ming - Ming module for php5 python-ming - Ming (SWF) module for Python Changes: ming (1:0.4.4-1.1+deb7u4) wheezy-security; urgency=high . * Non-maintainer upload by the LTS Team. * CVE-2017-11704: heap-based buffer over-read in decompileIF in util/decompile.c. * CVE-2017-11728: heap-based buffer over-read in OpCode (called from decompileSETMEMBER) in util/decompile.c. * CVE-2017-11729: heap-based buffer over-read in OpCode (called from decompileINCR_DECR) in util/decompile.c. * CVE-2017-11730: heap-based buffer over-read in OpCode (called from decompileINCR_DECR) in util/decompile.c. * CVE-2017-11731: heap-based buffer over-read in OpCode (called from isLogicalOp and decompileIF) in util/decompile.c. * CVE-2017-11734: heap-based buffer over-read in decompileCALLFUNCTION in util/decompile.c Checksums-Sha1: 21b067dd0f18118feb208b129f814a7970990523 2017 ming_0.4.4-1.1+deb7u4.dsc f13029220844faba0a319bfa00ac08a64bed7d3a 27090 ming_0.4.4-1.1+deb7u4.diff.gz 0154ec7b7b75e9541ae317bf65301f379c69c46a 187234 libming1_0.4.4-1.1+deb7u4_amd64.deb 84bc0715d03947c4bec0ce7742a1f6117f2b1589 241500 libming-dev_0.4.4-1.1+deb7u4_amd64.deb 7f143c418a523de3527eeffc47c072be62565035 213532 libswf-perl_0.4.4-1.1+deb7u4_amd64.deb 1e0457f7f424cd8bc8a37bab475f766f9e177fdf 717342 libming-util_0.4.4-1.1+deb7u4_amd64.deb a4fd6c3ff5d246a09757a1575000e642d05507b1 167144 python-ming_0.4.4-1.1+deb7u4_amd64.deb 1bc6ad2208e4c926cc57f978b63474ab534d13bf 54462 php5-ming_0.4.4-1.1+deb7u4_amd64.deb 921a1d8fbf07d806b2fa5857965bdb6fdb56bfda 37004 ming-fonts-dejavu_0.4.4-1.1+deb7u4_all.deb 31110aa177c0d6c673772f125150a5da8ccd5b2d 5882 ming-fonts-opensymbol_0.4.4-1.1+deb7u4_all.deb Checksums-Sha256: 00fe33f417c5d2aa76507ca65647d5885347c7bc328b8e67814e8904c64daad8 2017 ming_0.4.4-1.1+deb7u4.dsc d87be0aa505042f5cedc57e8a2408f455779401ccfff9b5dd60444fec7e09f6b 27090 ming_0.4.4-1.1+deb7u4.diff.gz 8c82020e60f1ab216015ab236d33b9c537abef9006de3460946b24660e0f8ba3 187234 libming1_0.4.4-1.1+deb7u4_amd64.deb de0f802afc25c0c4e737e92094bb456772a627b3b57ed0fa09b2ae5274920a3a 241500 libming-dev_0.4.4-1.1+deb7u4_amd64.deb df7603843319836b79d0d0ffc0aba6ef43d3d2552378b7cf37abf6f42a87546a 213532 libswf-perl_0.4.4-1.1+deb7u4_amd64.deb 00beb604189fd0c8d81ec9e199cc8c016937cc1a015d1ae9a99af4a9f7e43bba 717342 libming-util_0.4.4-1.1+deb7u4_amd64.deb c5a98556f640bcd7838c648efb9afb581a140ae87dc41a7cbe435f5225e35d89 167144 python-ming_0.4.4-1.1+deb7u4_amd64.deb ae978dd0cebd9c7c901502d28a5b58f5c1533429f57152cd7c605309d60eea2d 54462 php5-ming_0.4.4-1.1+deb7u4_amd64.deb b9c1f17994b77f31509302c51984acb59e3254ae454a555da89d5cc04558404b 37004 ming-fonts-dejavu_0.4.4-1.1+deb7u4_all.deb f9c3c0864b3948bdfdbd8d26bef0333a6058fa6fac60f43c766b966b7ac144a4 5882 ming-fonts-opensymbol_0.4.4-1.1+deb7u4_all.deb Files: 5c7c9a3daaed26bfae3b4268235de990 2017 libs optional ming_0.4.4-1.1+deb7u4.dsc 39f4ccc4e615db26f9a873ba80bd1389 27090 libs optional ming_0.4.4-1.1+deb7u4.diff.gz b29dca6337e8c29c197adc7c4a4aee9f 187234 libs optional libming1_0.4.4-1.1+deb7u4_amd64.deb 9ea0f603ed99f5cc23d93d0f27af0467 241500 libdevel optional libming-dev_0.4.4-1.1+deb7u4_amd64.deb 87cd367fe4e5d4d204b66452a19ecca2 213532 perl optional libswf-perl_0.4.4-1.1+deb7u4_amd64.deb 91d5bff0769e0cb2f0fb38b723dc362c 717342 devel optional libming-util_0.4.4-1.1+deb7u4_amd64.deb ba3871dfcfadd0533159ea1b8a2b15a3 167144 python optional python-ming_0.4.4-1.1+deb7u4_amd64.deb 0293ef34df26c3f5e295fc91cfe47180 54462 web optional php5-ming_0.4.4-1.1+deb7u4_amd64.deb 3ec6b3f4dc5ff3c9f9b9ce3add39c808 37004 web optional ming-fonts-dejavu_0.4.4-1.1+deb7u4_all.deb 638ab2f5f31295be368249daa9045ea0 5882 web optional ming-fonts-opensymbol_0.4.4-1.1+deb7u4_all.deb -BEGIN PGP SIGNATURE- iQEzBAEBCgAdFiEE5LpPtQuYJzvmooL3LVy48vb3khkFAlnh2RgACgkQLVy48vb3 khlXqwf9Go3j0dOejRzDkXawyKoTcK6nEf6rWLXWVVwQcg7z40Btwb2LIhtnpPTD 02n73eY8l9jzGmMfsGZs2X0Jbcw1A9qSRi1wvSyzapE7J/bzpK2cT5EyrP8Ti8fM DXR+XIE5XvCZ0Nt3sphU097EfS6b49ilquCdOEFyXTD52PP5Ngn+KRYUJVpZT+lX /iE2h4U3N9IDnvvrmpxoODg74V+VeNKDXgAyhOLgTNVdebvyhB5AnsGKNmkaZgBo AojS4ATHAUVwLfjbYq04T6XhQ3Vht3i
Accepted quagga 0.99.22.4-1+wheezy3+deb7u2 (source amd64 all) into oldoldstable
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Mon, 30 Oct 2017 16:57:40 +0100 Source: quagga Binary: quagga quagga-dbg quagga-doc Architecture: source amd64 all Version: 0.99.22.4-1+wheezy3+deb7u2 Distribution: wheezy-security Urgency: high Maintainer: Christian Hammers <c...@debian.org> Changed-By: Hugo Lefeuvre <h...@debian.org> Description: quagga - BGP/OSPF/RIP routing daemon quagga-dbg - BGP/OSPF/RIP routing daemon (debug symbols) quagga-doc - documentation files for quagga Closes: 879474 Changes: quagga (0.99.22.4-1+wheezy3+deb7u2) wheezy-security; urgency=high . * Non-maintainer upload by the LTS Team. * CVE-2017-16227: BGP session termination due to rather long AS paths in update messages (Closes: #879474). Checksums-Sha1: 8e6759bb51611861555c55386199dce85e47ea08 1836 quagga_0.99.22.4-1+wheezy3+deb7u2.dsc fa65170118ee112c76394f9fc7c1ab6f87251c35 43713 quagga_0.99.22.4-1+wheezy3+deb7u2.debian.tar.gz 47cfe113862ddf3804fe3b0d22253a120fc01ead 1727756 quagga_0.99.22.4-1+wheezy3+deb7u2_amd64.deb 9dc6770a85e883b072a63d3197d2b1e39994f70f 2528892 quagga-dbg_0.99.22.4-1+wheezy3+deb7u2_amd64.deb 546de1e19d945b5bcb5e6c55ddcadb0c3eeb8ea9 656714 quagga-doc_0.99.22.4-1+wheezy3+deb7u2_all.deb Checksums-Sha256: 5ea683110dfcd765107bafbe774a83da8ea002f8b929e8725ba0ee4fb3413247 1836 quagga_0.99.22.4-1+wheezy3+deb7u2.dsc 8afe0fd3388f41eda70b0b4f9da656fe8d9c0fd96aa0dd58f82b979adaa6a6f1 43713 quagga_0.99.22.4-1+wheezy3+deb7u2.debian.tar.gz 889483d04743f58ed05208e4086f5a467a21cd989a208295c81dac0bd38e4d76 1727756 quagga_0.99.22.4-1+wheezy3+deb7u2_amd64.deb 1ee260f5bd8b9361315766cf572dbe21bf8f61dbfdff67905ddb8f6a2bbceb37 2528892 quagga-dbg_0.99.22.4-1+wheezy3+deb7u2_amd64.deb 86fd5f0cd6ea56e820258e06c204c5cf50668eb934059bada071e8da76c983a6 656714 quagga-doc_0.99.22.4-1+wheezy3+deb7u2_all.deb Files: 51ea5ebed99879a658dae84a16bfa41d 1836 net optional quagga_0.99.22.4-1+wheezy3+deb7u2.dsc 5a1e21e724548bc61314d35e73ee6b7d 43713 net optional quagga_0.99.22.4-1+wheezy3+deb7u2.debian.tar.gz 70679383622817a9c4970eca6ca1dba0 1727756 net optional quagga_0.99.22.4-1+wheezy3+deb7u2_amd64.deb b38b29f0855bf40ebed6e589042e54da 2528892 debug extra quagga-dbg_0.99.22.4-1+wheezy3+deb7u2_amd64.deb 9c31b0cd28c1834c809013d590a1fd5d 656714 net optional quagga-doc_0.99.22.4-1+wheezy3+deb7u2_all.deb -BEGIN PGP SIGNATURE- iQEzBAEBCgAdFiEE5LpPtQuYJzvmooL3LVy48vb3khkFAln4h3wACgkQLVy48vb3 khkg/Af+O8GNNoMcODJAqbnun6jaIOqR8qPN4gMqKPd3z63+g1zSkMEULpMClfJA Oc0e3tWMPEAdH0mQE39sa5pDukeeUvWhB6DwOVkTtGhsDImzf1TUxiTxXKPmK6/I rKFXBL/qqKXkR+Ihl5cW3vIt1b3br1p1nS3QmbYLq8tlwdZtOua5DyyQq3V6fOEP IpSEBCsiNWHXMXs/M93SLS9tlqH/KJ/xgFtCctpioeSyujtJ8tBPkoc+Q93fkmjv RjjqM1049BjGsU/nIdl1QyXFPgzaVUit4Nbmwdj/0cCs2fotR7X51bYj1TyRgJGT KG8xb6RKunFg0E5gKj6r6Th77oJXZw== =6C2j -END PGP SIGNATURE-
Accepted tiff3 3.9.6-11+deb7u11 (source amd64) into oldoldstable
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Sun, 13 May 2018 17:00:04 -0400 Source: tiff3 Binary: libtiff4 libtiffxx0c2 libtiff4-dev Architecture: source amd64 Version: 3.9.6-11+deb7u11 Distribution: wheezy-security Urgency: high Maintainer: Jay Berkenbilt <q...@debian.org> Changed-By: Hugo Lefeuvre <h...@debian.org> Description: libtiff4 - Tag Image File Format (TIFF) library (old version) libtiff4-dev - Tag Image File Format (TIFF) library (old version), development f libtiffxx0c2 - Tag Image File Format (TIFF) library (old version) -- C++ interfa Closes: 893806 Changes: tiff3 (3.9.6-11+deb7u11) wheezy-security; urgency=high . * Non-maintainer upload by the LTS Team. * CVE-2018-8905: heap-based buffer overflow occurs in LZWDecodeCompat() (Closes: #893806). Checksums-Sha1: 455bbd565e512de982f166837fa0db8ba144046d 1619 tiff3_3.9.6-11+deb7u11.dsc 9d8393893f7ea1bd3f42b00822c6233641d575aa 52618 tiff3_3.9.6-11+deb7u11.debian.tar.gz e22ec94a5b40c80c339d2b9f93224c892516173c 206644 libtiff4_3.9.6-11+deb7u11_amd64.deb d641702b9fd1545cc284e42e27ff7f1677bf30a3 66024 libtiffxx0c2_3.9.6-11+deb7u11_amd64.deb 76130093eca8492f410050366990203a0da82bce 342104 libtiff4-dev_3.9.6-11+deb7u11_amd64.deb Checksums-Sha256: 0077bf7558b308fd10dce02317b5c2d37af05a5f2982648c3c8bef689d46d735 1619 tiff3_3.9.6-11+deb7u11.dsc 11cfc05ddaa9b4ab601d157ca17da276085ae8db8576be99c16bae5be02f27f3 52618 tiff3_3.9.6-11+deb7u11.debian.tar.gz 6a43bd2b148e17f339e6d5d074354085d57dc706062a5d0aea8476d28d18704a 206644 libtiff4_3.9.6-11+deb7u11_amd64.deb f6ac32f4cf81c7dfe51f02803167644617336d0c024b6cf370ab6401b04741fc 66024 libtiffxx0c2_3.9.6-11+deb7u11_amd64.deb a1dc68a76dd121452127990ab11e4fc9d9b22d13d36ff22fcc94c98eb838dc7f 342104 libtiff4-dev_3.9.6-11+deb7u11_amd64.deb Files: 8fea08ea2265115e684cd33e9062dbde 1619 oldlibs optional tiff3_3.9.6-11+deb7u11.dsc a5c98a18e029eb6b35d2340e08885909 52618 oldlibs optional tiff3_3.9.6-11+deb7u11.debian.tar.gz 33d0820b2f4c034aada4451adfbf7e59 206644 oldlibs optional libtiff4_3.9.6-11+deb7u11_amd64.deb 4c5ee259088f5d7c6b97c515e29f330f 66024 oldlibs optional libtiffxx0c2_3.9.6-11+deb7u11_amd64.deb d2eae96347cbb0767936e2ddcbb76c3d 342104 libdevel optional libtiff4-dev_3.9.6-11+deb7u11_amd64.deb -BEGIN PGP SIGNATURE- iQEzBAEBCgAdFiEE5LpPtQuYJzvmooL3LVy48vb3khkFAlr4r8gACgkQLVy48vb3 khklXQf/ZH8/MuoPbiEieAk5YAGDRS7ft6gs0SV+iXnYzp1KQxc1MnkZSYuIiuU9 gaVlIjZG97cv4d9wlOu1ssQFqIZN/tFNGkPvCjFdNtHK5kyqk733Z/t2firRLZXD DDD3hrsnuZYmqH3Hu4Ask9DaQW+qabqUXcKCQOjRygtIszrvMvsnZtCAfVy0w1KC Hg5yssPk5ZlBLjMwPG5S13Yv1Ql6ku4K+j/zY1I5qZ7gUbJh+yDyF0j80BbRKtHN f2hXIjXcKwjMyA6W9vpDOLQKAqdMReZm5z8OxsFrVyyKJiJ329wvEAoBu6YlW/0m MRCU75m0rOaDK9PeUZ8mjknC9cx3dw== =Ewgp -END PGP SIGNATURE-
Accepted ming 1:0.4.4-1.1+deb7u9 (source amd64 all) into oldoldstable
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Fri, 25 May 2018 23:06:21 -0400 Source: ming Binary: libming1 libming-dev ming-fonts-dejavu ming-fonts-opensymbol libswf-perl libming-util python-ming php5-ming Architecture: source amd64 all Version: 1:0.4.4-1.1+deb7u9 Distribution: wheezy-security Urgency: high Maintainer: Stuart R. Anderson <ander...@netsweng.com> Changed-By: Hugo Lefeuvre <h...@debian.org> Description: libming-dev - Library to generate SWF (Flash) Files (development files) libming-util - Library to generate SWF (Flash) Files - Utilities libming1 - Library to generate SWF (Flash) Files libswf-perl - Ming (SWF) module for Perl ming-fonts-dejavu - Ming format DejaVue Fonts ming-fonts-opensymbol - Ming format Opensymbol Fonts php5-ming - Ming module for php5 python-ming - Ming (SWF) module for Python Changes: ming (1:0.4.4-1.1+deb7u9) wheezy-security; urgency=high . * Non-maintainer upload by the LTS Team. * CVE-2018-9132: Null pointer dereference in getInt. * CVE-2018-9009: Heap-use-after-free in decompileJUMP. * CVE-2018-7876: Integer overflow and resulting memory exhaustion in parseSWF_ACTIONRECORD. * CVE-2018-7873: Heap-buffer-overflow in function getString. * CVE-2018-7866: Null pointer dereference in newVar3. Checksums-Sha1: b7762ae124bf2f7b1f799a14e9132b2170ba8443 2017 ming_0.4.4-1.1+deb7u9.dsc 5c37f3ccf511e5b173327ea3b66259994fd58d04 39245 ming_0.4.4-1.1+deb7u9.diff.gz e145818375c180fe42fd06a7d86b8b50f3db368b 187686 libming1_0.4.4-1.1+deb7u9_amd64.deb 3d381de394071c561aff6895333b6725882f8b02 242018 libming-dev_0.4.4-1.1+deb7u9_amd64.deb b6863f144105367a618e7b48b6df3bc60336cc4f 214012 libswf-perl_0.4.4-1.1+deb7u9_amd64.deb 498f786f5433efaa38c4eed2bb7a4696ebe1b0b4 725328 libming-util_0.4.4-1.1+deb7u9_amd64.deb 99bda12998f08217cdf9ead9b8bf80a4d45efbbc 167650 python-ming_0.4.4-1.1+deb7u9_amd64.deb 9f120b9b949b93b21be819c37c2773f9c593178d 54932 php5-ming_0.4.4-1.1+deb7u9_amd64.deb 9a3ba20604a88010f5d57f78b2d78034358bf8e8 37534 ming-fonts-dejavu_0.4.4-1.1+deb7u9_all.deb d50f826d77b7da369a67bbda1d71d12c258e3b5b 6340 ming-fonts-opensymbol_0.4.4-1.1+deb7u9_all.deb Checksums-Sha256: ef96d0528d830ba5ff86cdc2637b715c59cb531bbe4b06565b43ba21483432ff 2017 ming_0.4.4-1.1+deb7u9.dsc cf13aaa8cfb86361bb4c1953aea146c80f61a03430bc6496508a01bd1a7ed05e 39245 ming_0.4.4-1.1+deb7u9.diff.gz db40923561bc978c041660cc7b5f9d3e7cb88d9e9fe2b407780cd291c496b59b 187686 libming1_0.4.4-1.1+deb7u9_amd64.deb cfd42ca1e83c04209519be3ae17453ae94a4584ba1e75620cec581391f9c7805 242018 libming-dev_0.4.4-1.1+deb7u9_amd64.deb 7317a16e28ff8aec0d40e182ade3a8ba11229ee0035387dbc83e55fcc134cc93 214012 libswf-perl_0.4.4-1.1+deb7u9_amd64.deb 970983304710ddc0f30efb105218ee08510bb7f6b7c4d9acce57400cb629d2a1 725328 libming-util_0.4.4-1.1+deb7u9_amd64.deb 7e2e585a2a8af6183f8b36077c0e02d25c8697b498e9b80cc7a08c4aa395507b 167650 python-ming_0.4.4-1.1+deb7u9_amd64.deb b86f2dfd279917539b511105192ddc64c2c34a1697360955a13ec41a3ec2fdad 54932 php5-ming_0.4.4-1.1+deb7u9_amd64.deb de585eeb3408d8fa93d27c30d717a049e01368f5083365797c33cce01d9db7fb 37534 ming-fonts-dejavu_0.4.4-1.1+deb7u9_all.deb be86eef4c535e70a25bc286143f0f0e5a3aea3a6662e780d749a4f0fd03abc70 6340 ming-fonts-opensymbol_0.4.4-1.1+deb7u9_all.deb Files: 0126146f06a10a2e6c0883c084dc090e 2017 libs optional ming_0.4.4-1.1+deb7u9.dsc 1208e91d31673d6ef8cd80742cd63bc6 39245 libs optional ming_0.4.4-1.1+deb7u9.diff.gz ae8b80f02062f0af2c8d8ad7626aabcb 187686 libs optional libming1_0.4.4-1.1+deb7u9_amd64.deb ebf6bec1c373d1b5ef6e3f2aff49b775 242018 libdevel optional libming-dev_0.4.4-1.1+deb7u9_amd64.deb 629edd4e768255f6bdb2c8848341e03e 214012 perl optional libswf-perl_0.4.4-1.1+deb7u9_amd64.deb baddeccd6598bec9e25c3edd4c899bab 725328 devel optional libming-util_0.4.4-1.1+deb7u9_amd64.deb 16697541af1d88fbc4bd9cd03029a8ce 167650 python optional python-ming_0.4.4-1.1+deb7u9_amd64.deb 1d5255de4c517972bf42e06bda284a59 54932 web optional php5-ming_0.4.4-1.1+deb7u9_amd64.deb f66c5af50f49ce4ca06ba9a93917a6fe 37534 web optional ming-fonts-dejavu_0.4.4-1.1+deb7u9_all.deb a611f83cce5b3c705a992adb2332f1fd 6340 web optional ming-fonts-opensymbol_0.4.4-1.1+deb7u9_all.deb -BEGIN PGP SIGNATURE- iQEzBAEBCgAdFiEE5LpPtQuYJzvmooL3LVy48vb3khkFAlsI2gUACgkQLVy48vb3 khl6AAgAoyQO0DN8XcMw5+9L9xnyyIanjgza9RAk/NqRLHIFscR7+xWpWEsXLNhI gfZaO95ipBP9r9olJ4Z+dS7f+EhLKKOWjEWHT77AcA2cpMXUtLDoGsWzMs0POL7E Qs5JWhKmBuUOqv8rTMOE+mQCF/+oMQmJ+NVmtCfLeAvbsbeooAFWnkCWVXzsXJu6 ZzCaG3GIwV6bMQahM//Frq8/psY5no4pBaptWyadtkRgWgxGazcNkSp4d9Jzykgf lrq3AhNM+db1PQa3vWJbz+JVH83Y77ToDxU4DYGYXF+WmJqqe0bjlYYqfyBSgaBT AWi8sBEyOB02+i7dGA8RglWEWiN5RA== =TozD -END PGP SIGNATURE-
Accepted ming 1:0.4.4-1.1+deb7u6 (source amd64 all) into oldoldstable
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Wed, 10 Jan 2018 10:18:18 +0100 Source: ming Binary: libming1 libming-dev ming-fonts-dejavu ming-fonts-opensymbol libswf-perl libming-util python-ming php5-ming Architecture: source amd64 all Version: 1:0.4.4-1.1+deb7u6 Distribution: wheezy-security Urgency: high Maintainer: Stuart R. Anderson <ander...@netsweng.com> Changed-By: Hugo Lefeuvre <h...@debian.org> Description: libming-dev - Library to generate SWF (Flash) Files (development files) libming-util - Library to generate SWF (Flash) Files - Utilities libming1 - Library to generate SWF (Flash) Files libswf-perl - Ming (SWF) module for Perl ming-fonts-dejavu - Ming format DejaVue Fonts ming-fonts-opensymbol - Ming format Opensymbol Fonts php5-ming - Ming module for php5 python-ming - Ming (SWF) module for Python Changes: ming (1:0.4.4-1.1+deb7u6) wheezy-security; urgency=high . * Non-maintainer upload by the LTS Team. * CVE-2017-16898: global buffer overflow in printMP3Headers. * CVE-2017-16883: invalid memory read in outputSWF_TEXT_RECORD. * CVE-2017-11732: heap buffer overflow in dcputs. Checksums-Sha1: 12964e98f9aeb153992365412d3ca6bf9536f2dd 2017 ming_0.4.4-1.1+deb7u6.dsc 3e4262f796c095a9c0d8a3cff982b388976f7406 30120 ming_0.4.4-1.1+deb7u6.diff.gz ce8c135c7f879d9aaff7d304aa86517c5a6b2f22 187388 libming1_0.4.4-1.1+deb7u6_amd64.deb d13875041dcf735446b2fe9bdb26cb45eab394e9 241666 libming-dev_0.4.4-1.1+deb7u6_amd64.deb b7236399001bac3548cc0a7bdc08e26148f98897 213680 libswf-perl_0.4.4-1.1+deb7u6_amd64.deb d94a6fb5853888f58b3f89ef248d708634263840 717264 libming-util_0.4.4-1.1+deb7u6_amd64.deb f7e3d4f5d825f768cf443391a9df3589b84aef47 167306 python-ming_0.4.4-1.1+deb7u6_amd64.deb 9c806ccde0469e822ef1b344deb1d6d7d4a54b6d 54612 php5-ming_0.4.4-1.1+deb7u6_amd64.deb 732de6f5d7bba7a016a663b96e1e99060809cfb3 37228 ming-fonts-dejavu_0.4.4-1.1+deb7u6_all.deb 750550f5ec83df0e49e1f03b913f2dbc346ce877 6034 ming-fonts-opensymbol_0.4.4-1.1+deb7u6_all.deb Checksums-Sha256: b4931dc95d2bb2f5ec2ed4132a805e22b382aaa25bccbf14d06911e5744a1d5c 2017 ming_0.4.4-1.1+deb7u6.dsc bc0006278d7707816772b920e554c3e642193731d886375e8c044eff9c8ad8b6 30120 ming_0.4.4-1.1+deb7u6.diff.gz d6fed39bef738dd46399e1d6decd4209f2eeb21b3759aa0d4e18913bdc227b28 187388 libming1_0.4.4-1.1+deb7u6_amd64.deb f8ae1aa3f2d85dd8755ce9cb9b37b871a2ef97719c8f2a4b3281ce0399fddd47 241666 libming-dev_0.4.4-1.1+deb7u6_amd64.deb a27deab6eadfdac0377e1cd9fc396e78e752aa378b6f35e5fa3b6e5be32ff352 213680 libswf-perl_0.4.4-1.1+deb7u6_amd64.deb ec42e3d07f58972a3584eb6a9b075efe2e7d77c73d66f7ba0ec041b9573fa9c9 717264 libming-util_0.4.4-1.1+deb7u6_amd64.deb 1b0959d81b8c0042160387552c9241cd4d231b0b30f13674f6e1c2f035f65eae 167306 python-ming_0.4.4-1.1+deb7u6_amd64.deb 43701122424b954692255039b7dcb654a90b9186f6e5690866ab693355c3c5b1 54612 php5-ming_0.4.4-1.1+deb7u6_amd64.deb 27c68d71f42cf52550eb0b57b855f7bb9a388f19be75845ad163995c249c53b0 37228 ming-fonts-dejavu_0.4.4-1.1+deb7u6_all.deb 68947e0b5ceaf063be4ec951b3be66fc3e15a74a7cdee770f02991f106b6ce6e 6034 ming-fonts-opensymbol_0.4.4-1.1+deb7u6_all.deb Files: f926fd8f3555a23b119d9295c20f8a07 2017 libs optional ming_0.4.4-1.1+deb7u6.dsc 600804c0a4fb68743371110773f50790 30120 libs optional ming_0.4.4-1.1+deb7u6.diff.gz 76c68acdc297ce33befa44ac07294ff2 187388 libs optional libming1_0.4.4-1.1+deb7u6_amd64.deb f7beb8d4fb9c78bd12107f2826b2177c 241666 libdevel optional libming-dev_0.4.4-1.1+deb7u6_amd64.deb 3288409717280d04db52b49acebf7c64 213680 perl optional libswf-perl_0.4.4-1.1+deb7u6_amd64.deb ec846eb45e3eea9ebcaf4c37a28ef6b4 717264 devel optional libming-util_0.4.4-1.1+deb7u6_amd64.deb 0d354578123ed367e3dd2351cb841781 167306 python optional python-ming_0.4.4-1.1+deb7u6_amd64.deb bf997bdda9ae820219864197089e24a6 54612 web optional php5-ming_0.4.4-1.1+deb7u6_amd64.deb f2d5b24034b9a6ba43c54b8e2129775b 37228 web optional ming-fonts-dejavu_0.4.4-1.1+deb7u6_all.deb ed2f74b9bed0fe27cf01a59c96f88d4b 6034 web optional ming-fonts-opensymbol_0.4.4-1.1+deb7u6_all.deb -BEGIN PGP SIGNATURE- iQEzBAEBCgAdFiEE5LpPtQuYJzvmooL3LVy48vb3khkFAlpXJ98ACgkQLVy48vb3 khn7uQf9Fe/+g7qw+8/F5penYCRIWDxri3/8mC6sMgeKB4PkXMsMsJeZ25Pmmw+V apkGMADE2HypjiLFAhhbSPzqcJC4Ztt7qWOH5bQjF4fzNiPG1JCpRbo7B391K8Jr LW/aB/ZLBaSfGestmT4C5HhWzaIHP9naCSSJW9uWmMZSesQAIvSnIh0JAlKs/jqz qcsYx7FTtCMwTvJPnr0KUnKnkt+Lz5HRyZEarTKRBy7V38cUZIdIMtTwd8RRMMd6 YftqTxWxDMyJu3UoDrZfUYl2IKTOGoI5MEFow9ZNcv5xOsFZTuGs8xRRT7kq0TWk Bsc7YOBg+O9hRPDu0fS5dltoT+IKIQ== =kqRl -END PGP SIGNATURE-
Accepted ming 1:0.4.4-1.1+deb7u7 (source amd64 all) into oldoldstable
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Sun, 11 Mar 2018 09:12:51 +0100 Source: ming Binary: libming1 libming-dev ming-fonts-dejavu ming-fonts-opensymbol libswf-perl libming-util python-ming php5-ming Architecture: source amd64 all Version: 1:0.4.4-1.1+deb7u7 Distribution: wheezy-security Urgency: high Maintainer: Stuart R. Anderson <ander...@netsweng.com> Changed-By: Hugo Lefeuvre <h...@debian.org> Description: libming-dev - Library to generate SWF (Flash) Files (development files) libming-util - Library to generate SWF (Flash) Files - Utilities libming1 - Library to generate SWF (Flash) Files libswf-perl - Ming (SWF) module for Perl ming-fonts-dejavu - Ming format DejaVue Fonts ming-fonts-opensymbol - Ming format Opensymbol Fonts php5-ming - Ming module for php5 python-ming - Ming (SWF) module for Python Changes: ming (1:0.4.4-1.1+deb7u7) wheezy-security; urgency=high . * Non-maintainer upload by the LTS Team. * CVE-2018-5294: left shift of a negative value in readSBits. * CVE-2018-5251: integer overflow caused by out-of-range left shift in readUInt32. * CVE-2018-6359: heap-use-after-free in decompileIF. * CVE-2018-6315: NULL pointer dereference in outputSWF_TEXT_RECORD. Checksums-Sha1: 54bc2d1c7da645fd1eb2220acbf6538c0d9b 2017 ming_0.4.4-1.1+deb7u7.dsc f9fe9d62a200ba49d9a42054f6863976aa93588b 32586 ming_0.4.4-1.1+deb7u7.diff.gz bbb990b58efc97de00fe49776ec32a8860523f12 187486 libming1_0.4.4-1.1+deb7u7_amd64.deb 0351f6a05f434af361f1748605b0395e41c8cc94 241784 libming-dev_0.4.4-1.1+deb7u7_amd64.deb 45c6c1f1712b203fb1052c480a7e8280d8b4fb8e 213792 libswf-perl_0.4.4-1.1+deb7u7_amd64.deb b949bf290380668dfaafa56174968db8bbdb480c 717678 libming-util_0.4.4-1.1+deb7u7_amd64.deb c85c5afe52e83d4187deb4bfa1555ccd929587fc 167418 python-ming_0.4.4-1.1+deb7u7_amd64.deb 63a2f3a21276fbc8ffd8240982143be372f85159 54724 php5-ming_0.4.4-1.1+deb7u7_amd64.deb 8dfebd22e8797f7c0694d3862ff932944408e3d3 37324 ming-fonts-dejavu_0.4.4-1.1+deb7u7_all.deb 7c7a6892b40fd7b91dbb24ee5af646cf16b3d5f3 6136 ming-fonts-opensymbol_0.4.4-1.1+deb7u7_all.deb Checksums-Sha256: a79bd5abec3a6c1f5b37e98e577d70089c3796a3ebbc1a65aef61f04ac6b07c8 2017 ming_0.4.4-1.1+deb7u7.dsc 94058c5d21fbab6c157f0c691e07f618d43738fe95d358bfd4a322a0dc4412f1 32586 ming_0.4.4-1.1+deb7u7.diff.gz b5b962f924720f9f94aa2555e91dc49f9260586191be4955b54e85f0d3d8aaf2 187486 libming1_0.4.4-1.1+deb7u7_amd64.deb 6d082f6746598f33defb1438d88c82a64ec345ee33d03af733d43c6ff62cdb82 241784 libming-dev_0.4.4-1.1+deb7u7_amd64.deb a5cbf0ff30d64ab755eda5fbe03ce03af4866f5f6a783bf65a41b63960b17158 213792 libswf-perl_0.4.4-1.1+deb7u7_amd64.deb eecd2f7f7c2ad84f45b93409c88772759a3a5e33415b0a34badf88d7c1a67202 717678 libming-util_0.4.4-1.1+deb7u7_amd64.deb 3ea0d5764779b6a4c7ae4545d6059c962c6673c77f79269da1028e1eb7e9e0e5 167418 python-ming_0.4.4-1.1+deb7u7_amd64.deb bb25bec8ece8dd7a824f1cf3465c8fafb107f152adea629a80c712e3cdf6a865 54724 php5-ming_0.4.4-1.1+deb7u7_amd64.deb af5714053b1a8a7ee7dfbfc66847bb1c4f3392750b5988080a1cc270e9e316a9 37324 ming-fonts-dejavu_0.4.4-1.1+deb7u7_all.deb ff067bc2e8505342a2c96cfd466ee7373e85d51dbc2603b603d33b6a4f7d8cfe 6136 ming-fonts-opensymbol_0.4.4-1.1+deb7u7_all.deb Files: 294e2e20b91724fb91df91f10352cce2 2017 libs optional ming_0.4.4-1.1+deb7u7.dsc 7bb0fe781be0fa33baf0fc6fc76add48 32586 libs optional ming_0.4.4-1.1+deb7u7.diff.gz ea023ad8d50d0bf5ffd357ee7ffc73b8 187486 libs optional libming1_0.4.4-1.1+deb7u7_amd64.deb 0c2600ca5b80651b0f2d2e9f341eb918 241784 libdevel optional libming-dev_0.4.4-1.1+deb7u7_amd64.deb 0e0f9bc2f310fb35fef7019a4644b3d2 213792 perl optional libswf-perl_0.4.4-1.1+deb7u7_amd64.deb f3536efc3886a13cbe5d23153da44129 717678 devel optional libming-util_0.4.4-1.1+deb7u7_amd64.deb 91a22d4e7f4aec0ffb3ba37d07fe4655 167418 python optional python-ming_0.4.4-1.1+deb7u7_amd64.deb 1dcf080d22a0cc19d72cf59eb571a48c 54724 web optional php5-ming_0.4.4-1.1+deb7u7_amd64.deb 9721a5272c85bb805456db3d876e2413 37324 web optional ming-fonts-dejavu_0.4.4-1.1+deb7u7_all.deb 43b25bc11f7c35229b09bd6e36db96ce 6136 web optional ming-fonts-opensymbol_0.4.4-1.1+deb7u7_all.deb -BEGIN PGP SIGNATURE- iQEzBAEBCgAdFiEE5LpPtQuYJzvmooL3LVy48vb3khkFAlqk7zIACgkQLVy48vb3 khlvBgf/Z+Y3mWuB9a/ZK15MI3lbh68qHXmNW8hxf91Biy6o4ujaYoI2Lfnr8jUn IyjE+OueS8cYlhgOOHtr41Z3mrpEomBw8VhYtVF4bQoTqI9BfyEll6c68K8xwbiE C+GRuhhvUTLGPRy6ktBsEKHXWQffWhLsQJ/G+a8xHk01CWYVRuMQuaRXfd1YFOJo em6+GX6iPXyh9Eg+9Cv4Axcbr3gdIJVg00fCsrSO7+95x/TM4+91Pz/p7Ak+X9XC AYl61X1abNIfuGv8Hnf1WYCXwzN9vekTtxkk8Lsf4x9n0wqw58roZNiRZib1eesT EP386iXIJC2UnqS6jJ9wIOWuFLU4PQ== =UHFN -END PGP SIGNATURE-
Accepted ming 1:0.4.4-1.1+deb7u8 (source amd64 all) into oldoldstable
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Sun, 08 Apr 2018 15:04:01 -0400 Source: ming Binary: libming1 libming-dev ming-fonts-dejavu ming-fonts-opensymbol libswf-perl libming-util python-ming php5-ming Architecture: source amd64 all Version: 1:0.4.4-1.1+deb7u8 Distribution: wheezy-security Urgency: high Maintainer: Stuart R. Anderson <ander...@netsweng.com> Changed-By: Hugo Lefeuvre <h...@debian.org> Description: libming-dev - Library to generate SWF (Flash) Files (development files) libming-util - Library to generate SWF (Flash) Files - Utilities libming1 - Library to generate SWF (Flash) Files libswf-perl - Ming (SWF) module for Perl ming-fonts-dejavu - Ming format DejaVue Fonts ming-fonts-opensymbol - Ming format Opensymbol Fonts php5-ming - Ming module for php5 python-ming - Ming (SWF) module for Python Changes: ming (1:0.4.4-1.1+deb7u8) wheezy-security; urgency=high . * Non-maintainer upload by the LTS Team. * CVE-2018-9165: Null pointer dereference in getName. * CVE-2018-6358: Heap-based buffer overflow in printDefineFont2. * CVE-2018-7867: Heap-based buffer overflow in getString. * CVE-2018-7875: Heap-based buffer over-read in getString. * CVE-2018-7871: Heap-based buffer over-read in getName. * CVE-2018-7870: Invalid memory address dereference in getString. * CVE-2018-7872: Invalid memory address dereference in getName. * CVE-2018-7868: Heap-based buffer over-read in getName. Checksums-Sha1: 16408dc53d17b813b910c4e96020e8ca9365a235 2017 ming_0.4.4-1.1+deb7u8.dsc 2a0ba26ab82465c24ffa3d3d2ce5f1446fca5d85 37049 ming_0.4.4-1.1+deb7u8.diff.gz 67a909b3ddda39a09ba52ff990b84ab3b37872de 187588 libming1_0.4.4-1.1+deb7u8_amd64.deb 2e856b394b538bd0393b8d3ac28313d2f2335d33 241902 libming-dev_0.4.4-1.1+deb7u8_amd64.deb eed584eab241d1f60f6553d144fe62173d141c07 213920 libswf-perl_0.4.4-1.1+deb7u8_amd64.deb 8dcebce08fe626c7b170fa229ee2b03c9a3c652f 723700 libming-util_0.4.4-1.1+deb7u8_amd64.deb 7c2dc557f0b3a17e9d3ddfecc9d462a1f50fb20c 167536 python-ming_0.4.4-1.1+deb7u8_amd64.deb 97ed98f7a8b1e258fab35e74537d10645bd1ffe4 54832 php5-ming_0.4.4-1.1+deb7u8_amd64.deb 8b5a971ab23ef551232fa64c51f9d6edc9ac2c17 37402 ming-fonts-dejavu_0.4.4-1.1+deb7u8_all.deb c34f770b5bba6a3c5fc3ddabd6ec27118ba37cd3 6236 ming-fonts-opensymbol_0.4.4-1.1+deb7u8_all.deb Checksums-Sha256: 2a132bc67b636a9a47c7667ee54615299b7b729ec263aa7e2c07fee853208c98 2017 ming_0.4.4-1.1+deb7u8.dsc 359df26b610f9427b4c48b85c3f1e54a1ae5b246974f47e67888f69d06252d89 37049 ming_0.4.4-1.1+deb7u8.diff.gz 431088080c4158806dd4e5cdb44bf3255619e04162462cac93674ea98f6b3c77 187588 libming1_0.4.4-1.1+deb7u8_amd64.deb 31656f9a6296511a52985fb1e727000b6741f5e6742c623f20033769389904e6 241902 libming-dev_0.4.4-1.1+deb7u8_amd64.deb f5b3ed7685186fbb5da958a927010edea1383a77bee9cbd2931d75344a83e52e 213920 libswf-perl_0.4.4-1.1+deb7u8_amd64.deb 24644f9f346c6469047232cbd47d7295aebb81c03c9d9dc2dc42fd5f24b2441b 723700 libming-util_0.4.4-1.1+deb7u8_amd64.deb e531863d0a39785151e04d83230d9a5ce110adc5c8947bee436554c69ca65e02 167536 python-ming_0.4.4-1.1+deb7u8_amd64.deb 14db37f0737b6ea84ac90be8291b3dd085bd80137071eec13a6977ebe5099560 54832 php5-ming_0.4.4-1.1+deb7u8_amd64.deb 13c9e43d710578da63fd081fb77a9e48551230ff0b55cd3b5a9a73ca05518426 37402 ming-fonts-dejavu_0.4.4-1.1+deb7u8_all.deb 11e657177e460cb721ecd639f280a6a5ec8924c42048df4afa4aee18980a679c 6236 ming-fonts-opensymbol_0.4.4-1.1+deb7u8_all.deb Files: 809b48ab56c8c09498c1c3b3020f12f8 2017 libs optional ming_0.4.4-1.1+deb7u8.dsc 1d6d87a5e25e151ae7ae093bce6bf323 37049 libs optional ming_0.4.4-1.1+deb7u8.diff.gz a4b573ebf77fc3e104f2f01895a49729 187588 libs optional libming1_0.4.4-1.1+deb7u8_amd64.deb b130373bdd81f27efc420b7637d669be 241902 libdevel optional libming-dev_0.4.4-1.1+deb7u8_amd64.deb fc758817a797d46fccd7940c695e7657 213920 perl optional libswf-perl_0.4.4-1.1+deb7u8_amd64.deb 3d2bc4d87d35378ce29368a36a592228 723700 devel optional libming-util_0.4.4-1.1+deb7u8_amd64.deb 1910883e2754a4e07ccc734bbc732d71 167536 python optional python-ming_0.4.4-1.1+deb7u8_amd64.deb 4e5ac12137b0466838338ffc6e18e690 54832 web optional php5-ming_0.4.4-1.1+deb7u8_amd64.deb 606f27e82a41d0c02e25c467751b4491 37402 web optional ming-fonts-dejavu_0.4.4-1.1+deb7u8_all.deb 1d5dc10162add5037f9dd43de17f7398 6236 web optional ming-fonts-opensymbol_0.4.4-1.1+deb7u8_all.deb -BEGIN PGP SIGNATURE- iQEzBAEBCgAdFiEE5LpPtQuYJzvmooL3LVy48vb3khkFAlrKx5kACgkQLVy48vb3 khnmcgf/QJ/4WcuKzFiGj45CDbWqfykskZcvlz0+u1Ms79lCi2hJXZ72D4tBTZzG a1Yzr5hCosedR4+35I98nfaBZbnmX/1OvBnrWrHq+Ydvlp7uT01OhuPcVTSkywpb 0QXM/BT+vr3cLuYKiuy9Ptyoy5s+dgP6rCBQw8AfHUNSvqzkh+lYBXHt4eqGjjpW MFZf9k4ewqD8kKyueY5fxtlK3J9h7kzoSycUKPUBtw+j2z8T0E+VkME0Lr66s7r6 2zi094jUAUsQh+XPdXOHSpmELYjgFY4EU+LXoEA64lMyD6MCFCvRE1J5dls6k0SA ZlWrcjuCXkWnI0I9C075dFySovS+aA== =HntY -END PGP SIGNATURE-
Accepted tiff 4.0.2-6+deb7u19 (source all amd64) into oldoldstable
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Sun, 15 Apr 2018 11:48:27 -0400 Source: tiff Binary: libtiff5 libtiffxx5 libtiff5-dev libtiff5-alt-dev libtiff-tools libtiff-opengl libtiff-doc Architecture: source all amd64 Version: 4.0.2-6+deb7u19 Distribution: wheezy-security Urgency: high Maintainer: Ondřej Surý <ond...@debian.org> Changed-By: Hugo Lefeuvre <h...@debian.org> Description: libtiff-doc - TIFF manipulation and conversion documentation libtiff-opengl - TIFF manipulation and conversion tools libtiff-tools - TIFF manipulation and conversion tools libtiff5 - Tag Image File Format (TIFF) library libtiff5-alt-dev - Tag Image File Format library (TIFF), alternative development fil libtiff5-dev - Tag Image File Format library (TIFF), development files libtiffxx5 - Tag Image File Format (TIFF) library -- C++ interface Closes: 891288 Changes: tiff (4.0.2-6+deb7u19) wheezy-security; urgency=high . * Non-maintainer upload by the LTS Team. * CVE-2018-7456: NULL Pointer Dereference occurs in TIFFPrintDirectory() via crafted TIFF image defining illegal SamplesPerPixel or Transfer Function fields (Closes: #891288). Checksums-Sha1: ee79d3fd13b897bd053cfd1770928ca2903de3d0 1865 tiff_4.0.2-6+deb7u19.dsc df33bb80409d913ba5e89ad2df4fb2782a11fd05 85293 tiff_4.0.2-6+deb7u19.debian.tar.gz d621bba59e2740796eac739ea746ae8f6d503195 418754 libtiff-doc_4.0.2-6+deb7u19_all.deb 89d008c1d130fa17e5e904fc1664a926960bcc39 241780 libtiff5_4.0.2-6+deb7u19_amd64.deb 14c4576a874dcdf9904619478b43f6a2deae99b0 78234 libtiffxx5_4.0.2-6+deb7u19_amd64.deb 654749e12a8a130e59d2c3d46b551e43a345bdf8 384434 libtiff5-dev_4.0.2-6+deb7u19_amd64.deb 956a31d9ee866a11b0ca7533aac36f61ba9605e3 304284 libtiff5-alt-dev_4.0.2-6+deb7u19_amd64.deb 4db05062fd3c8d3ac9b695ff9fb6f4e1124785e9 310348 libtiff-tools_4.0.2-6+deb7u19_amd64.deb ff49a16d218ba0c36ef32c165564a0e733605481 83854 libtiff-opengl_4.0.2-6+deb7u19_amd64.deb Checksums-Sha256: 9fab8a1dc874e4d366def2ceb735d19e77abbfdbc47fc812f9c685d9bda997b6 1865 tiff_4.0.2-6+deb7u19.dsc 1333e2d295c4ce5bb6d1d0c09f47991443901cd68d9654001917315cb016e06a 85293 tiff_4.0.2-6+deb7u19.debian.tar.gz b1bc9907b4dd4804da710574732dd1ab491e7bf7f812cf7f520542859f5911d4 418754 libtiff-doc_4.0.2-6+deb7u19_all.deb 48a513e6d04013d37cf908e208788acd2539b8848fea13f1472d50668c66a331 241780 libtiff5_4.0.2-6+deb7u19_amd64.deb fff1838bce15760957e5ca7763f2c2d83716b345dafcf2adfd62737fc60e668c 78234 libtiffxx5_4.0.2-6+deb7u19_amd64.deb 5dca1ce8320013ef956fb449afff84b21245a43453f1116eafbcf0c0263122df 384434 libtiff5-dev_4.0.2-6+deb7u19_amd64.deb bf59ff50c43805b6b0853e41d4ba00d0dc1fec34d4cd8d8799e7a845eb40777b 304284 libtiff5-alt-dev_4.0.2-6+deb7u19_amd64.deb 866b1acd3e6db4d92fae36db74f3f4569ae5cd37cd8624d05ef47f16a6e80416 310348 libtiff-tools_4.0.2-6+deb7u19_amd64.deb 145ca20990ccf5203de5fff570354566b83a29c91056f4269bb8c6bc92039003 83854 libtiff-opengl_4.0.2-6+deb7u19_amd64.deb Files: 10b322929746f6392b30908716755ed2 1865 libs optional tiff_4.0.2-6+deb7u19.dsc dbd2e894c0e770b94a5b7f828cf5a931 85293 libs optional tiff_4.0.2-6+deb7u19.debian.tar.gz 2775e2369b36f056a3c58deb6f1a7c58 418754 doc optional libtiff-doc_4.0.2-6+deb7u19_all.deb 4ee175d15491ff85a3659ccf72629264 241780 libs optional libtiff5_4.0.2-6+deb7u19_amd64.deb 5047bbab3db3394c2614cf00f61e72e9 78234 libs optional libtiffxx5_4.0.2-6+deb7u19_amd64.deb 918b7a9d6ded8161d844264aefeb3572 384434 libdevel optional libtiff5-dev_4.0.2-6+deb7u19_amd64.deb 1473c1fcd9422cd2dc6ceb701e29c06e 304284 libdevel optional libtiff5-alt-dev_4.0.2-6+deb7u19_amd64.deb 59642e02d370d7c3783cf5b46571992e 310348 graphics optional libtiff-tools_4.0.2-6+deb7u19_amd64.deb a0347fa7cdfc701002707935f1e5e909 83854 graphics optional libtiff-opengl_4.0.2-6+deb7u19_amd64.deb -BEGIN PGP SIGNATURE- iQEzBAEBCgAdFiEE5LpPtQuYJzvmooL3LVy48vb3khkFAlrT+bYACgkQLVy48vb3 khn8Cgf+OkpzWr9zJDLlUBMR4ZW96dn9tzNb0rGDio361taWlQH+nro3j3u7FuKj 5Ss66iFOAs4COLnqTzNtp0V6h46tdtYbtEsWBcM5BHJlY6rn86+8UG6iivU/ZloK 6jTGHtzOZqYbINMpwr0dw0oiTqcgiKfibdlX0eGVvd5Yl5QlUK1MiTenvrBvnJF0 UxB+iK7suRb5n49gSJXRpU5JKAAXJUNTQamOhNWcqYcwoCCAy7BYv7q/0PFQYNP+ 7lcONT/IGtn0szGeuCHd0HjISHSTY4aa3wB6h2t8rikqvzUBs0/9D788m+PiSGXu kRB7JFY0nu+jBsc4UskMS1QrPuHhHw== =NXMj -END PGP SIGNATURE-
Accepted tiff3 3.9.6-11+deb7u10 (source amd64) into oldoldstable
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Sun, 15 Apr 2018 12:20:17 -0400 Source: tiff3 Binary: libtiff4 libtiffxx0c2 libtiff4-dev Architecture: source amd64 Version: 3.9.6-11+deb7u10 Distribution: wheezy-security Urgency: high Maintainer: Jay Berkenbilt <q...@debian.org> Changed-By: Hugo Lefeuvre <h...@debian.org> Description: libtiff4 - Tag Image File Format (TIFF) library (old version) libtiff4-dev - Tag Image File Format (TIFF) library (old version), development f libtiffxx0c2 - Tag Image File Format (TIFF) library (old version) -- C++ interfa Closes: 891288 Changes: tiff3 (3.9.6-11+deb7u10) wheezy-security; urgency=high . * Non-maintainer upload by the LTS Team. * CVE-2018-7456: NULL Pointer Dereference occurs in TIFFPrintDirectory() via crafted TIFF image defining illegal SamplesPerPixel or Transfer Function fields (Closes: #891288). Checksums-Sha1: c6353224c2f9d2a047ec079555ae3a47ce20b577 1619 tiff3_3.9.6-11+deb7u10.dsc 234e8dc40fbf789a2385c46295cb27a29ec6feef 52031 tiff3_3.9.6-11+deb7u10.debian.tar.gz f65f2076a0238e3bc30e4ae91b5a8bc7c706f52d 206610 libtiff4_3.9.6-11+deb7u10_amd64.deb 4b81301ae29c08ada74283b906a723c0a6854728 65990 libtiffxx0c2_3.9.6-11+deb7u10_amd64.deb 6b328907b2207d4cf0c736f8fbd3428db0f71e64 342078 libtiff4-dev_3.9.6-11+deb7u10_amd64.deb Checksums-Sha256: 008d75f0e64e259bf5bff4f3869fd9a161fd40eabf08160561a8c720954be16f 1619 tiff3_3.9.6-11+deb7u10.dsc f876224e53d4b3e9f9b65921f2480af78078ca8f9dae566f06af25ea80677e3e 52031 tiff3_3.9.6-11+deb7u10.debian.tar.gz b30cb3820a736746dc703028a5fad5211aad5ea0e8cf720e18a2623dfcd63545 206610 libtiff4_3.9.6-11+deb7u10_amd64.deb 674dbe55e0ed029e932b5021b2183e8dbf7ed54e3afa93c8a63b9c7bbd0d185f 65990 libtiffxx0c2_3.9.6-11+deb7u10_amd64.deb 8af6859ce89783f7a23650beec09e21f00d9bf8fbe4f123d07ed4dee5e2fd3bd 342078 libtiff4-dev_3.9.6-11+deb7u10_amd64.deb Files: 44afbb40eb73d4ae76efb6d52e799b9b 1619 oldlibs optional tiff3_3.9.6-11+deb7u10.dsc da6e826e0016a918c40a68b08a7e0b97 52031 oldlibs optional tiff3_3.9.6-11+deb7u10.debian.tar.gz a311c89026d0582f199c772358c1f3ce 206610 oldlibs optional libtiff4_3.9.6-11+deb7u10_amd64.deb 413cd7204cc4d464b2a2f3c1e53d4ae8 65990 oldlibs optional libtiffxx0c2_3.9.6-11+deb7u10_amd64.deb 12bcb3cf77616dc91b19fa7458d39eab 342078 libdevel optional libtiff4-dev_3.9.6-11+deb7u10_amd64.deb -BEGIN PGP SIGNATURE- iQEzBAEBCgAdFiEE5LpPtQuYJzvmooL3LVy48vb3khkFAlrT+18ACgkQLVy48vb3 khkLfAf/UByCrATCs0+Fr8zN/QKdTe3RI3LtILGHUR0eEFX3l9z8OjLuPsa7JvCd 6iMENNmX5Ghfa5Uysaw8SoWDyPZud8qfhKrJuTJXd5wGU8KJnj4aTfLmOQKk+QAI xSfLMPPhtCVTysnkeE2nbieMKMHN0hsEU2UVHJxARLqeI0qk9+f3NDsllofFLcMb vAsX4+NumYfzNeQNLHk2wvuciuBA2RNkG7A8W/Zod+GxImePfKqtxEkdqK5/cjXB 8Us+e+8OEL+1H591JCN3HZH9Ft9hFdyA0e6B+QS0t0A4lcO0Gx58uPDYxo+sutTt KMsftSyjPP9gPmQrhFCmo58SspfQnw== =IEbx -END PGP SIGNATURE-
Accepted 389-ds-base 1.3.3.5-4+deb8u4 (source all amd64) into oldstable
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Wed, 24 Oct 2018 17:16:21 +0200 Source: 389-ds-base Binary: 389-ds 389-ds-base-libs 389-ds-base-libs-dbg 389-ds-base-dev 389-ds-base 389-ds-base-dbg Architecture: source all amd64 Version: 1.3.3.5-4+deb8u4 Distribution: jessie-security Urgency: high Maintainer: Debian 389ds Team Changed-By: Hugo Lefeuvre Description: 389-ds - 389 Directory Server suite - metapackage 389-ds-base - 389 Directory Server suite - server 389-ds-base-dbg - 389 Directory Server suite - server debugging symbols 389-ds-base-dev - 389 Directory Server suite - development files 389-ds-base-libs - 389 Directory Server suite - libraries 389-ds-base-libs-dbg - 389 Directory Server suite - library debugging symbols Changes: 389-ds-base (1.3.3.5-4+deb8u4) jessie-security; urgency=high . * Non-maintainer upload by the LTS Team. * CVE-2018-14648: A specially crafted search query could lead to excessive CPU consumption in the do_search() function. An unauthenticated attacker could leverage this flaw to cause a denial of service. Checksums-Sha1: 3da5fad95f5901cf9cc507be4d7b9eb703f48557 2277 389-ds-base_1.3.3.5-4+deb8u4.dsc 148696d9752a6bdf7b8ad1fab06b381c984f2f2c 36544 389-ds-base_1.3.3.5-4+deb8u4.debian.tar.xz cb0a637d05cd4c83b306ce09e2c5b667e778bf9d 16502 389-ds_1.3.3.5-4+deb8u4_all.deb 84889ee96a5cae0c362a3b7f23fdd9bdcfc8552f 388920 389-ds-base-libs_1.3.3.5-4+deb8u4_amd64.deb 07a2ebbc7eb7f10590cb815ff13218d0be13ad0d 1282850 389-ds-base-libs-dbg_1.3.3.5-4+deb8u4_amd64.deb 3750c25080cae2f33474683ae49f29e7cccec4b7 69736 389-ds-base-dev_1.3.3.5-4+deb8u4_amd64.deb deecc013817ee98d101a125e3c7f2693c9a654b3 1456510 389-ds-base_1.3.3.5-4+deb8u4_amd64.deb bc182252e3dc88c4cb5356a1f4d8efbccee3c48a 4181570 389-ds-base-dbg_1.3.3.5-4+deb8u4_amd64.deb Checksums-Sha256: 446cdc3fe6f2b73bdea491cf2a28e74f6144bf8936ab3d67bc81fe18b3b5d883 2277 389-ds-base_1.3.3.5-4+deb8u4.dsc cafc27adeb2ed72d446803e9f14ec809a5b57d0b411dd4393e9009f382254acd 36544 389-ds-base_1.3.3.5-4+deb8u4.debian.tar.xz 4220def67c57fed3b2fec78f4561ff7b1af7f15fdec2c01140358914feec427a 16502 389-ds_1.3.3.5-4+deb8u4_all.deb 3c45a806d3ecdef2924ab211c86226f0f10e21f9fa3360f412a5e539dfbf0be9 388920 389-ds-base-libs_1.3.3.5-4+deb8u4_amd64.deb 58617a651571f8d17bfc3538a64d1955fb4504e1cfefb8096890fe03527aee3c 1282850 389-ds-base-libs-dbg_1.3.3.5-4+deb8u4_amd64.deb f0d88e895b9676dbfdfc1ee5859d6daa516333b6eb8753ac80e0eab93744b07d 69736 389-ds-base-dev_1.3.3.5-4+deb8u4_amd64.deb 3f2248bd9dff7d793c3e15cba81525b12b08480051e9e08ff8f749c01007dbe6 1456510 389-ds-base_1.3.3.5-4+deb8u4_amd64.deb ba6fbd1d832860bfacd0ab072917409701cf88d8322ab5dbb592bcb0128d8de2 4181570 389-ds-base-dbg_1.3.3.5-4+deb8u4_amd64.deb Files: d6518b6b1ae8003ae4a8af2bc11a64f7 2277 net optional 389-ds-base_1.3.3.5-4+deb8u4.dsc 500f4251cde336c7b6dd9f222e5dacf1 36544 net optional 389-ds-base_1.3.3.5-4+deb8u4.debian.tar.xz d38ee56991bd8a63ca470b2d27fd562f 16502 net optional 389-ds_1.3.3.5-4+deb8u4_all.deb fd6ce304a65d0dce4f0a236dbfc2cd37 388920 libs optional 389-ds-base-libs_1.3.3.5-4+deb8u4_amd64.deb 7f0caf53065432e92b06bc9b9f19c4ac 1282850 debug extra 389-ds-base-libs-dbg_1.3.3.5-4+deb8u4_amd64.deb 79b985fabe53a75b49729ba32289b93e 69736 libdevel optional 389-ds-base-dev_1.3.3.5-4+deb8u4_amd64.deb b71af9c1615a5da614938b209b1fa348 1456510 net optional 389-ds-base_1.3.3.5-4+deb8u4_amd64.deb 6d4a1300d4ada78668c7a9f03f969881 4181570 debug extra 389-ds-base-dbg_1.3.3.5-4+deb8u4_amd64.deb -BEGIN PGP SIGNATURE- iQEzBAEBCgAdFiEEUFZhdgIWqBhwqCvuZYVUZx9w0DQFAlvQktsACgkQZYVUZx9w 0DRhRAgAn/92OJf4JOTcN2aUZD9GnJmOK2Xbta2+j1D3H4YSkTo9dzF+5pF+vjvc VMLDmut8Ybuom7J8hj+UI8+mBGKeyrEGOOsPqSPvkRqpwiNS5PxNdTDGG5LkJoOU y54ZPcS0it0fEbF0pO06FvpChgyff0Bo/fuLVRBHxj2pZCg3bnDOUPZ0kJ3Tr41+ xCpg2p1Hgk90r7sKt60eyUTKXovlS2p2plJLqvDFfwpHY/HdEJxgbnC4GYA+UZ+u NYKdlrDZcaTUGelG8bL/zHFoOOCmCcKSOBL8BkL8b7hoWUFOYmwSOnw5X9qnVrsh NVUJZv/KBOT5o6bJtLLuXNeF2xMqAA== =vd7b -END PGP SIGNATURE-
Accepted 389-ds-base 1.3.3.5-4+deb8u3 (source all amd64) into oldstable
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Sat, 15 Sep 2018 10:11:57 -0400 Source: 389-ds-base Binary: 389-ds 389-ds-base-libs 389-ds-base-libs-dbg 389-ds-base-dev 389-ds-base 389-ds-base-dbg Architecture: source all amd64 Version: 1.3.3.5-4+deb8u3 Distribution: jessie-security Urgency: high Maintainer: Debian 389ds Team Changed-By: Hugo Lefeuvre Description: 389-ds - 389 Directory Server suite - metapackage 389-ds-base - 389 Directory Server suite - server 389-ds-base-dbg - 389 Directory Server suite - server debugging symbols 389-ds-base-dev - 389 Directory Server suite - development files 389-ds-base-libs - 389 Directory Server suite - libraries 389-ds-base-libs-dbg - 389 Directory Server suite - library debugging symbols Changes: 389-ds-base (1.3.3.5-4+deb8u3) jessie-security; urgency=high . * Non-maintainer upload by the LTS Team. * CVE-2018-14624: The emergency logging system is affected by a race condition caused by the invalidation of the concurrently used log file FD without proper locking. This issue might be triggered by remote attackers to cause DoS (crash) and cause any other undefined behavior. Checksums-Sha1: d0d04c889de9e620e668b0f55fe986fe1877ca0c 2277 389-ds-base_1.3.3.5-4+deb8u3.dsc 4ac8b76b32af33427f280dee4b66854a383685b4 35344 389-ds-base_1.3.3.5-4+deb8u3.debian.tar.xz a72f9c0e0b4e0fc582a4ef6a8d73db421e6222c0 16370 389-ds_1.3.3.5-4+deb8u3_all.deb efaac19ba70fc5fcf16e454abe1aa117b8c0ee7f 387042 389-ds-base-libs_1.3.3.5-4+deb8u3_amd64.deb 850ce398a40eba3d96fe5341bed4239a0acd612b 1282998 389-ds-base-libs-dbg_1.3.3.5-4+deb8u3_amd64.deb f23ad2000270cd1c74f128d03c15dfc5edd12ef5 69618 389-ds-base-dev_1.3.3.5-4+deb8u3_amd64.deb 6f3c3b6f7bfb2a404e425983456ba8559ec0c671 1455770 389-ds-base_1.3.3.5-4+deb8u3_amd64.deb 94bb10fc45cb073a0e15622593a29577f916e2a2 4182226 389-ds-base-dbg_1.3.3.5-4+deb8u3_amd64.deb Checksums-Sha256: 33ceb53fb411a7da1c459276242f0282078bd3c2fbbaffe4709c08264f9c4345 2277 389-ds-base_1.3.3.5-4+deb8u3.dsc 7e8677b8fc7904bbfadafc795af74ac2b8d222480c433258c322d02b8db12402 35344 389-ds-base_1.3.3.5-4+deb8u3.debian.tar.xz e1e0f99cd07f86a2cfaa6046afbc1d5f4ee3e80e3622a10dfe4a15815da96740 16370 389-ds_1.3.3.5-4+deb8u3_all.deb 8062acef542eeaf48b0534c84ff86f2de5dc0716bd70991807a83ebeaac9ba5f 387042 389-ds-base-libs_1.3.3.5-4+deb8u3_amd64.deb ec254e7c37775356291ee58a1924f3cf285a87088d3a62aa55b6c4ee712063e5 1282998 389-ds-base-libs-dbg_1.3.3.5-4+deb8u3_amd64.deb 46b01dcd1bb720a7c4c56c1346ea22c1425df7a16868f8cb612c4ee9a19c3960 69618 389-ds-base-dev_1.3.3.5-4+deb8u3_amd64.deb 75fc0730231ceba38aae6f47aa096f1eae998db1629acbd317c56d9d4264f5d0 1455770 389-ds-base_1.3.3.5-4+deb8u3_amd64.deb 5677ab460fc8350ead39e1442624a87392cb554be2b9fc67e000968d3bc7f5a5 4182226 389-ds-base-dbg_1.3.3.5-4+deb8u3_amd64.deb Files: 852e17adc1e63c09b3240518015ea845 2277 net optional 389-ds-base_1.3.3.5-4+deb8u3.dsc 5383e81e65350cfd7769e8595327b5d1 35344 net optional 389-ds-base_1.3.3.5-4+deb8u3.debian.tar.xz 1cab636825d8892bd5cb8b54cd585ac8 16370 net optional 389-ds_1.3.3.5-4+deb8u3_all.deb 65bcabea694bbee5f66f3cb3160e856e 387042 libs optional 389-ds-base-libs_1.3.3.5-4+deb8u3_amd64.deb fc69ac7134914caea665c8c5178e7f7f 1282998 debug extra 389-ds-base-libs-dbg_1.3.3.5-4+deb8u3_amd64.deb 06b4746c54e718f7cd424d18b7ec0187 69618 libdevel optional 389-ds-base-dev_1.3.3.5-4+deb8u3_amd64.deb 797d0fd2c09e77feab87128cd6db1f6a 1455770 net optional 389-ds-base_1.3.3.5-4+deb8u3_amd64.deb ca7c75f7fd6720f4c4e1677ef4c4a17d 4182226 debug extra 389-ds-base-dbg_1.3.3.5-4+deb8u3_amd64.deb -BEGIN PGP SIGNATURE- iQEzBAEBCgAdFiEEUFZhdgIWqBhwqCvuZYVUZx9w0DQFAluvv4cACgkQZYVUZx9w 0DSR/wf/Zo5mGQesSuXwVGngC/VRIXizojv0xex3LdxQTpGjmDThFvp7Wpy4DGcE XwBN1o6S8/iz6euIu0gyvY0SjXQcoSOq2CZQfqk3zmD2yVVBC/xT15zQcKr+jhRQ zmhmIL0wBhQpHhByt0lNfOOHFjl2+1KyG/BVLiDCEKCv30GIn7LFFP4f6DEL/+cv /v6DMZRtfKS5HindDo9wFYr8KmEGdvdMv1JJC9SRWoL36YEbG70mxZJOAl5A2VF5 AQYRt8SnJzF9CBYOL0Nos/5L5NYOxIof+Zm94KI0l91A0DOri/7wOFs2tE0eewMC ScoS7Dg231u3MMpi5QylQklCxb2Mpw== =Hvgf -END PGP SIGNATURE-
Accepted aria2 1.18.8-1+deb8u1 (source amd64) into oldstable
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Mon, 21 Jan 2019 17:18:53 +0100 Source: aria2 Binary: aria2 Architecture: source amd64 Version: 1.18.8-1+deb8u1 Distribution: jessie-security Urgency: high Maintainer: Patrick Ruckstuhl Changed-By: Hugo Lefeuvre Description: aria2 - High speed download utility Changes: aria2 (1.18.8-1+deb8u1) jessie-security; urgency=high . * Non-maintainer upload by the LTS Team. * CVE-2019-3500: --log leaking user credentials in local log file. Checksums-Sha1: 5561d0be839a8d4f433237ab329fcc3fc6e9152e 1763 aria2_1.18.8-1+deb8u1.dsc b6ad7064b1ea769e78f6a7dc9787a12cfc1e153f 2150587 aria2_1.18.8.orig.tar.bz2 89bb140a6c93004b3e217bbd30390c458d7083a7 6344 aria2_1.18.8-1+deb8u1.debian.tar.xz 2fe7c82b0817651fd6cbbd8f2bb56b50e447bc9c 1200508 aria2_1.18.8-1+deb8u1_amd64.deb Checksums-Sha256: 39f1ef205c70152e67ddf13909ad2bcd90a2560f1934185e124638ecaa61373c 1763 aria2_1.18.8-1+deb8u1.dsc cbb8d89553b819b1e5f840d18ab870771b9519332dc38ce19ff90ac1e66decd2 2150587 aria2_1.18.8.orig.tar.bz2 160d625d776a25b98f44808aa46f88b793934799584a73b6f9d67557781168c6 6344 aria2_1.18.8-1+deb8u1.debian.tar.xz 4409f3738962b4beed0e9789552bf4a6aa0cd86ad397b8d6ddcccd71c93f2a51 1200508 aria2_1.18.8-1+deb8u1_amd64.deb Files: 9985d5c9bcd7e9ac4829ae0b15475d11 1763 net optional aria2_1.18.8-1+deb8u1.dsc 30a4a6d9ee3122105d21290344a5fbf3 2150587 net optional aria2_1.18.8.orig.tar.bz2 29977975ebd4ce0e16c92aec139b5ab8 6344 net optional aria2_1.18.8-1+deb8u1.debian.tar.xz 6a4a7f9fe12ccaf92e158827bc3378bd 1200508 net optional aria2_1.18.8-1+deb8u1_amd64.deb -BEGIN PGP SIGNATURE- iQEzBAEBCgAdFiEEUFZhdgIWqBhwqCvuZYVUZx9w0DQFAlxGCiEACgkQZYVUZx9w 0DQ0twf/ZXpEyGOwgyoJpIDwUZAhmxSThWqmZ8oEDHjQ76BNpXEO3jXOZ6pBGrqc gj4mRhEXfDv3rU7a2ufuG++tQ2eE869fALzQyUOIX5HmLA1Y8qUjrxi/LL17IFLq C0EhsUl7V008lHZB3047NZl9o+9xNj2br6fD65s7db4qP1QexsBMKDGZa/YTy+Z1 /qcB9ySH/tVwCASmYUIq3ZoMbXZIf+We6pGJI0GEQBRxW68iJxg2GzsFNxqEHz3Z Gv4Ee68qRUWlONY6WiwnRQ2HPIJwDY6m/7ctoG4bB61Ay7jSy37NAqJhJDKD+WE8 Lh21TLyHHP7AEI43QPmP/L/Y0oqmmg== =NBlj -END PGP SIGNATURE-
Accepted openjpeg2 2.1.0-2+deb8u6 (source amd64 all) into oldstable
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Sat, 22 Dec 2018 11:50:11 +0100 Source: openjpeg2 Binary: libopenjp2-7-dev libopenjp2-7 libopenjpip7 libopenjp3d7 libopenjp2-7-dbg libopenjpip-dec-server libopenjpip-viewer libopenjpip-server libopenjp3d-tools libopenjp2-tools Architecture: source amd64 all Version: 2.1.0-2+deb8u6 Distribution: jessie-security Urgency: high Maintainer: Debian PhotoTools Maintainers Changed-By: Hugo Lefeuvre Description: libopenjp2-7 - JPEG 2000 image compression/decompression library libopenjp2-7-dbg - debug symbols for libopenjp2-7, a JPEG 2000 image library libopenjp2-7-dev - development files for OpenJPEG, a JPEG 2000 image library libopenjp2-tools - command-line tools using the JPEG 2000 library libopenjp3d-tools - command-line tools using the JPEG 2000 - 3D library libopenjp3d7 - JP3D (JPEG 2000 / Part 10) image compression/decompression librar libopenjpip-dec-server - tool to allow caching of JPEG 2000 files using JPIP protocol libopenjpip-server - JPIP server for JPEG 2000 files libopenjpip-viewer - JPEG 2000 java based viewer for advanced remote JPIP access libopenjpip7 - JPEG 2000 Interactive Protocol Closes: 889683 904873 Changes: openjpeg2 (2.1.0-2+deb8u6) jessie-security; urgency=high . * Non-maintainer upload by the LTS Team. * CVE-2018-14423: Division-by-zero vulnerabilities in the functions pi_next_pcrl, pi_next_cprl, and pi_next_rpcl (closes: #904873). * CVE-2018-6616: Excessive Iteration in opj_t1_encode_cblks (closes: #889683). Checksums-Sha1: 6bbb4b5763e9045d837325cf9697dd138d3745c6 2420 openjpeg2_2.1.0-2+deb8u6.dsc c2a255f6b51ca96dc85cd6e85c89d300018cb1cb 1789675 openjpeg2_2.1.0.orig.tar.gz 90f3e4aa39e8a6f40930fc3b9f0409e7554dc3b3 30596 openjpeg2_2.1.0-2+deb8u6.debian.tar.xz 529c2750a32e50e4aa4b49510dd97b927532da97 39012 libopenjp2-7-dev_2.1.0-2+deb8u6_amd64.deb f4edf4099d5cda2ab624ed13a2c520831b980012 117740 libopenjp2-7_2.1.0-2+deb8u6_amd64.deb b0eb09873c40893ce8b6b1c690a10a225c292b88 60800 libopenjpip7_2.1.0-2+deb8u6_amd64.deb 09fa7df09802bf79e5bee42c4dd38303cb3adf4a 85808 libopenjp3d7_2.1.0-2+deb8u6_amd64.deb 3f94c938f4c13efa7a7dac5f20c364a6152c8a5e 918966 libopenjp2-7-dbg_2.1.0-2+deb8u6_amd64.deb d1b162a55dea13cc74b87ff0817a33faa8bdf50a 28928 libopenjpip-dec-server_2.1.0-2+deb8u6_amd64.deb 8d87542a2f4c882653f5b12c37dd80bed52150ea 45648 libopenjpip-viewer_2.1.0-2+deb8u6_all.deb 8399294064348fce9debf05d1b9a4ae3bd1a902a 49648 libopenjpip-server_2.1.0-2+deb8u6_amd64.deb b32d363c02aad7ebcb920ac3a9e166caa072e786 41552 libopenjp3d-tools_2.1.0-2+deb8u6_amd64.deb de1113091fd8c8ae0933cb9046a353743135f981 79292 libopenjp2-tools_2.1.0-2+deb8u6_amd64.deb Checksums-Sha256: f3e86732b813bd53067fc6bcea156a0acd567dba77ea5cb01fc720ef08c1126c 2420 openjpeg2_2.1.0-2+deb8u6.dsc 1232bb814fd88d8ed314c94f0bfebb03de8559583a33abbe8c64ef3fc0a8ff03 1789675 openjpeg2_2.1.0.orig.tar.gz 17f2e74c25b5b63c23400b7d5d7802730868cd1734705e25a601a200eaaac1a8 30596 openjpeg2_2.1.0-2+deb8u6.debian.tar.xz 3cd83929a05ed678e7835fa8e0bb8654a6e013d45aa04f1b1bbd52c475e711b7 39012 libopenjp2-7-dev_2.1.0-2+deb8u6_amd64.deb 061085904bc55b1d5db0ce9903be9990b7583643790413ae3524c2156e74f0ed 117740 libopenjp2-7_2.1.0-2+deb8u6_amd64.deb d96c808eb240b88a65e7375550447c22d48efc853e9a39c10cbc595f44554a2a 60800 libopenjpip7_2.1.0-2+deb8u6_amd64.deb 2f095a6ac4f49d70ec1047da4c20013da1c0c72c5314ff31cf4063cffecec0a1 85808 libopenjp3d7_2.1.0-2+deb8u6_amd64.deb 9fc03ffc571136012db3e28df17281cbaef770e3d877db8e8d2e7ca8ea330f3b 918966 libopenjp2-7-dbg_2.1.0-2+deb8u6_amd64.deb c321f260f36c95bfa51be70361f4ad6c87c744fbfe624d18a8be580196cc48dd 28928 libopenjpip-dec-server_2.1.0-2+deb8u6_amd64.deb 7a4bf1586a52678be06171800c6d1637f50f94534cef09f4514c156e24c830a4 45648 libopenjpip-viewer_2.1.0-2+deb8u6_all.deb 2ed7bc30b63f22230af445e668b45c73cdd33ba060d371aad7c12c7903c41709 49648 libopenjpip-server_2.1.0-2+deb8u6_amd64.deb 83f0af7d8191575c7e1f1d280b2365bfa6466804e57a5596c1d2bd99e66b00a6 41552 libopenjp3d-tools_2.1.0-2+deb8u6_amd64.deb f5f6aec7df47e3ba018aad4183ae6a1c8b544bed66ee2089909529e4a0232907 79292 libopenjp2-tools_2.1.0-2+deb8u6_amd64.deb Files: 814db9977b0046c1e3b402838b090b44 2420 libs extra openjpeg2_2.1.0-2+deb8u6.dsc f6419fcc233df84f9a81eb36633c6db6 1789675 libs extra openjpeg2_2.1.0.orig.tar.gz 980397707c72747a727578da27a959cf 30596 libs extra openjpeg2_2.1.0-2+deb8u6.debian.tar.xz 16bd2d560886762ce33a15d1e0c35363 39012 libdevel extra libopenjp2-7-dev_2.1.0-2+deb8u6_amd64.deb ea7484dfc8a590ef7c8ae947be42ce74 117740 libs extra libopenjp2-7_2.1.0-2+deb8u6_amd64.deb 1f42b9f30d4a5d29935b08503e7292be 60800 libs extra libopenjpip7_2.1.0-2+deb8u6_amd64.deb 4874893c88ae0984805802c690956b24 85808 libs extra libopenjp3d7_2.1.0-2+deb8u6_amd64.deb 08f6532daa217b3724dc7bcb391d94be 918966 debug extra libopenjp2-7-dbg_2.1.0-2+deb8u6_amd64.deb 7869b5e5448cd24af47feff07707cc2e 28928 graphics extra
Accepted graphicsmagick 1.3.20-3+deb8u5 (source amd64 all) into oldstable
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Wed, 26 Dec 2018 09:51:39 +0100 Source: graphicsmagick Binary: graphicsmagick libgraphicsmagick3 libgraphicsmagick1-dev libgraphicsmagick++3 libgraphicsmagick++1-dev libgraphics-magick-perl graphicsmagick-imagemagick-compat graphicsmagick-libmagick-dev-compat graphicsmagick-dbg Architecture: source amd64 all Version: 1.3.20-3+deb8u5 Distribution: jessie-security Urgency: high Maintainer: Laszlo Boszormenyi (GCS) Changed-By: Hugo Lefeuvre Description: graphicsmagick - collection of image processing tools graphicsmagick-dbg - format-independent image processing - debugging symbols graphicsmagick-imagemagick-compat - image processing tools providing ImageMagick interface graphicsmagick-libmagick-dev-compat - image processing libraries providing ImageMagick interface libgraphics-magick-perl - format-independent image processing - perl interface libgraphicsmagick++1-dev - format-independent image processing - C++ development files libgraphicsmagick++3 - format-independent image processing - C++ shared library libgraphicsmagick1-dev - format-independent image processing - C development files libgraphicsmagick3 - format-independent image processing - C shared library Closes: 916719 916721 916752 Changes: graphicsmagick (1.3.20-3+deb8u5) jessie-security; urgency=high . * Non-maintainer upload by the LTS Team. * CVE-2018-20184: heap-based buffer overflow in the WriteTGAImage function (tga.c) (closes: #916721). * CVE-2018-20185: heap-based buffer over-read in the ReadBMPImage function (bmp.c) (closes: #916719). * CVE-2018-20189: assertion failure in ReadDIBImage (coders/dib.c) (closes: #916752). Checksums-Sha1: a2e79241ff734a350550325f38d593ed74d166ea 2457 graphicsmagick_1.3.20-3+deb8u5.dsc 5a73dc055bcb47ad2d94e1b164a1f31c5443c388 209136 graphicsmagick_1.3.20-3+deb8u5.debian.tar.xz e7484046147bcc1928389c9371a4f7dda911e84d 796882 graphicsmagick_1.3.20-3+deb8u5_amd64.deb ae7dde337fe227e6049ac50fb9fc130e9cf0a7a3 1105084 libgraphicsmagick3_1.3.20-3+deb8u5_amd64.deb 31299e16ffeb1e5f274e0617713f04f601698ffa 1291966 libgraphicsmagick1-dev_1.3.20-3+deb8u5_amd64.deb 7a45223cd455965711adbe08f50d08299bd3e994 119420 libgraphicsmagick++3_1.3.20-3+deb8u5_amd64.deb 4f0ccfdc0ec1d9b3c1af3e5317c55bed834d853a 301640 libgraphicsmagick++1-dev_1.3.20-3+deb8u5_amd64.deb 0e4f5db71c9bb0324ee8788c378af0acf311ae3c 77496 libgraphics-magick-perl_1.3.20-3+deb8u5_amd64.deb c4f60cff58b3eefb315a41364f036dfc49758274 2221078 graphicsmagick-dbg_1.3.20-3+deb8u5_amd64.deb e224a5542c4352c875dfe8af4c041cd2fe793d28 29384 graphicsmagick-imagemagick-compat_1.3.20-3+deb8u5_all.deb 3d7271b13154266f9bf69c5acd46ec4b775df888 32890 graphicsmagick-libmagick-dev-compat_1.3.20-3+deb8u5_all.deb Checksums-Sha256: f7be7295571ea11835f37a2ee4d3501b668f37cb3e8fb53c9095c1b02089f138 2457 graphicsmagick_1.3.20-3+deb8u5.dsc aa6b05590d659a5b2101d4b60a82cd81917bece632b8b5930f18b884432ea643 209136 graphicsmagick_1.3.20-3+deb8u5.debian.tar.xz d415812b2298c8db9935be2e24a9296911e2b3032d5c98272ec4c89f3d12cdbd 796882 graphicsmagick_1.3.20-3+deb8u5_amd64.deb 59e97cd1be859b2b252c14bf2bb886cb35d9658a920ed2e99bf40f0ef634891e 1105084 libgraphicsmagick3_1.3.20-3+deb8u5_amd64.deb bd911840b1bc5895f46b306dd6db69f773ee28c70793dcaf2eb894183e1cd2ee 1291966 libgraphicsmagick1-dev_1.3.20-3+deb8u5_amd64.deb 8d555423f021ef07c46231a28e5a45199d810e17a3638b986d1a70a258622864 119420 libgraphicsmagick++3_1.3.20-3+deb8u5_amd64.deb c9f3bbcf6486d0e81f19a5b40cf309d8f205dd3bce3eef0df370b84156b932af 301640 libgraphicsmagick++1-dev_1.3.20-3+deb8u5_amd64.deb 4b9d32853f8bb32ca323703db7e683d28cf4157f58aebc9ce5f20615fea7b748 77496 libgraphics-magick-perl_1.3.20-3+deb8u5_amd64.deb 559081b11d304beb0e6358e8c0a31480a18ef78449830bad4984defe43eff629 2221078 graphicsmagick-dbg_1.3.20-3+deb8u5_amd64.deb 875e2db18feda255cc0b8aa92c82169dbb303f8a5b61980147c1fd5cbfdfd635 29384 graphicsmagick-imagemagick-compat_1.3.20-3+deb8u5_all.deb 762ee306967cd656cdfc68c828ad88323e3eaf8d0dd205ffbd2b8176f3014ef9 32890 graphicsmagick-libmagick-dev-compat_1.3.20-3+deb8u5_all.deb Files: a269221c3d6b3a2b591e695746d62a59 2457 graphics optional graphicsmagick_1.3.20-3+deb8u5.dsc 7631f32a154a910d9eaec6b7be0b7e1a 209136 graphics optional graphicsmagick_1.3.20-3+deb8u5.debian.tar.xz f24c7b2d9a23459d6e1fe73f8728d7ef 796882 graphics optional graphicsmagick_1.3.20-3+deb8u5_amd64.deb 73d3e50c98133a83ba941f54b1a43be8 1105084 libs optional libgraphicsmagick3_1.3.20-3+deb8u5_amd64.deb d5f48c3a5a4f19cb5c4557a590bf1bcf 1291966 libdevel optional libgraphicsmagick1-dev_1.3.20-3+deb8u5_amd64.deb 4e297730ae9d4de837d3cc265ee8891f 119420 libs optional libgraphicsmagick++3_1.3.20-3+deb8u5_amd64.deb bf41fa3068f68bbc0fbefcac14f61087 301640 libdevel optional libgraphicsmagick++1-dev_1.3.20-3+deb8u5_amd64.deb d6b5a928ceef21b5cb35f4b154d67feb 77496 perl optional libgraphics-magick-perl_1.3.20-3
Accepted sleuthkit 4.1.3-4+deb8u1 (source amd64) into oldstable
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Mon, 17 Dec 2018 15:50:45 +0100 Source: sleuthkit Binary: sleuthkit libtsk10 libtsk-dev Architecture: source amd64 Version: 4.1.3-4+deb8u1 Distribution: jessie-security Urgency: high Maintainer: Debian Forensics Changed-By: Hugo Lefeuvre Description: libtsk-dev - library for forensics analysis (development files) libtsk10 - library for forensics analysis on volume and filesystem data sleuthkit - tools for forensics analysis on volume and filesystem data Closes: 914796 Changes: sleuthkit (4.1.3-4+deb8u1) jessie-security; urgency=high . * Non-maintainer upload by the LTS Team. * CVE-2018-19497: OOB read in hfs_dir_open_meta_cb (tsk/fs/hfs_dent.c) (closes: #914796). Checksums-Sha1: 9851e57e2b64707c13f7c4c3917cf279a6752ad3 1911 sleuthkit_4.1.3-4+deb8u1.dsc 9350bb59bb5fbe41d6e29a8d0494460b937749ef 7952733 sleuthkit_4.1.3.orig.tar.gz 65924383354039ef5dd84fbc8e902d47db968343 29172 sleuthkit_4.1.3-4+deb8u1.debian.tar.xz bd3f0ce02dc31f8faf7995599188c4a9b25b5d63 243352 sleuthkit_4.1.3-4+deb8u1_amd64.deb 18968645d8e7ec2c0d8e70ef5e08eab0fd9030e6 298816 libtsk10_4.1.3-4+deb8u1_amd64.deb 722587147e3433c68f07cc4199e2197469ff1da9 368194 libtsk-dev_4.1.3-4+deb8u1_amd64.deb Checksums-Sha256: 9d9db4d845e7f33867ef039ec71af68337820afc90694422d45e849dfc032d02 1911 sleuthkit_4.1.3-4+deb8u1.dsc 67f9d2a31a8884d58698d6122fc1a1bfa9bf238582bde2b49228ec9b899f0327 7952733 sleuthkit_4.1.3.orig.tar.gz ac59ac4ff50f43c1df6143deee25d5e10eab0c1aa94acf20983b0da4f546a108 29172 sleuthkit_4.1.3-4+deb8u1.debian.tar.xz 3fa4d58fd17b8b1a79326269898815148c7ac4afa085b42c6e176713b93186d4 243352 sleuthkit_4.1.3-4+deb8u1_amd64.deb 322628e9e98da58ea418dae28054eef8869611315cd0b79ec1bcceaaf2574b2c 298816 libtsk10_4.1.3-4+deb8u1_amd64.deb 5326313a117be9965a8ccb67f1356e0997baae0262e2537a8970f98970947ce4 368194 libtsk-dev_4.1.3-4+deb8u1_amd64.deb Files: 63f0e61fd28d8351858af276c77ef7bb 1911 admin optional sleuthkit_4.1.3-4+deb8u1.dsc 139a12f06952d8a40bbe07884994cf5d 7952733 admin optional sleuthkit_4.1.3.orig.tar.gz c72ab23bf04c9008f2a44cc68aa44263 29172 admin optional sleuthkit_4.1.3-4+deb8u1.debian.tar.xz e25fd586f3237e8c996e84832b60c9d2 243352 admin optional sleuthkit_4.1.3-4+deb8u1_amd64.deb deca33dfaf83c0f313c73d1c2a01d023 298816 libs optional libtsk10_4.1.3-4+deb8u1_amd64.deb dc8417d18d05beb7ba44ca7d037a1811 368194 libdevel optional libtsk-dev_4.1.3-4+deb8u1_amd64.deb -BEGIN PGP SIGNATURE- iQEzBAEBCgAdFiEEUFZhdgIWqBhwqCvuZYVUZx9w0DQFAlwXvYIACgkQZYVUZx9w 0DQREgf+OXWK9hT+6b+DmVLlEncZJYF1HMsfZ/R2qckF7CN7nrw8bEtx/hjIoEgj qJXG4CjEoObREG5+7frBRoyAcvenSizRpWlFB0u1fzH54pHqZ8Bd7M6lDdLnjhe5 Z0QOCUWIgYpWucxGaSHHwEcSeozOhBMy06RHLVwaHYonrHhM6llC48sCy8jKoLBw 9dy9mApqec24BfC01D4qXxpZ1zLp3DD1n76whxFRJYjeSABNK7Fm+0pELJKgiVz2 ZHhn2FbvQxSDvaZny85mA24GsQQBh08qs9IppVvcWo/KVyCGzLLnzjSSRQ+EyaqC riEdAxYDgMOMoZ6hfImc/t67dtZVEw== =qkna -END PGP SIGNATURE-
Accepted libsndfile 1.0.25-9.1+deb8u2 (source amd64) into oldstable
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Format: 1.8
Date: Sat, 15 Dec 2018 13:10:27 +0100
Source: libsndfile
Binary: libsndfile1-dev libsndfile1 sndfile-programs libsndfile1-dbg
sndfile-programs-dbg
Architecture: source amd64
Version: 1.0.25-9.1+deb8u2
Distribution: jessie-security
Urgency: high
Maintainer: Erik de Castro Lopo
Changed-By: Hugo Lefeuvre
Description:
libsndfile1 - Library for reading/writing audio files
libsndfile1-dbg - debugging symbols for libsndfile
libsndfile1-dev - Development files for libsndfile; a library for
reading/writing a
sndfile-programs - Sample programs that use libsndfile
sndfile-programs-dbg - debugging symbols for sndfile-programs
Closes: 862202 862203 862204 862205 876783 884735 914381
Changes:
libsndfile (1.0.25-9.1+deb8u2) jessie-security; urgency=high
.
* Non-maintainer upload by the LTS Team.
* CVE-2018-13139, CVE-2018-19432: out of bounds read in sf_write_int
(closes: #914381).
* CVE-2017-8365: global buffer overflow in i2les_array (closes: #862202).
* CVE-2017-8363: heap-based buffer overflow in flac_buffer_copy
(closes: #862203).
* CVE-2017-8362: Invalid memory read in flac_buffer_copy (closes: #862204).
* CVE-2017-8361: global buffer overflow in flac_buffer_copy
(closes: #862205).
* CVE-2017-14634: multiple divide-by-zero issues in double64_init and
float32_init (closes: #876783).
* CVE-2017-17456, CVE-2017-17457, CVE-2018-19662, CVE-2018-19661,
CVE-2017-14245 and CVE-2017-14246: multiple buffer overflow issues in
{d,i}2ulaw_array and {d,i}2alaw_array (closes: #884735).
Checksums-Sha1:
8a3d036170f122afd3ea8431f13510f7c3db6956 1808 libsndfile_1.0.25-9.1+deb8u2.dsc
2fea8d6dade414ae78848f038c591ed7488e72d3 14836
libsndfile_1.0.25-9.1+deb8u2.debian.tar.xz
2347e148a716727142b9335f26bd3a9a8b21a222 704750
libsndfile1-dev_1.0.25-9.1+deb8u2_amd64.deb
d2c65eafff9c7530b01d7b9ae7c851014459a7f5 215482
libsndfile1_1.0.25-9.1+deb8u2_amd64.deb
c79d23f5cbaa5823b12deda00e15cf61cc684df7 109566
sndfile-programs_1.0.25-9.1+deb8u2_amd64.deb
59be70be78b66109b6c8ad45635cf1d7fb3ce212 346292
libsndfile1-dbg_1.0.25-9.1+deb8u2_amd64.deb
8a2cabef5a9ce5cc5de4f8413fd866d24a17c886 138246
sndfile-programs-dbg_1.0.25-9.1+deb8u2_amd64.deb
Checksums-Sha256:
be6bf183d4b0d075ab5fddf5a329b3e25c0cd4e21fb238eda8f2d2f9bd1a869f 1808
libsndfile_1.0.25-9.1+deb8u2.dsc
2f11059b00e62ab2e4ee850e3bd9fe511fb89353902d8ddf2a4e3e8e9ac6bb16 14836
libsndfile_1.0.25-9.1+deb8u2.debian.tar.xz
d699ba09e23af918da2a0c02394aa65bd83cc1d205eb1fbf05cdb73199798039 704750
libsndfile1-dev_1.0.25-9.1+deb8u2_amd64.deb
4db3337f10a6ab9cc9f6601b80bf5d0defe98422503f501419fa8a8abed1d694 215482
libsndfile1_1.0.25-9.1+deb8u2_amd64.deb
af53eb81716ded49a74b80ceb15621be178a4061c84cc29f33ee051d241fec99 109566
sndfile-programs_1.0.25-9.1+deb8u2_amd64.deb
9d4181662a839f3dec73863f924db2ff2650d9c7bbc1ada08ab71d4ece16b4cd 346292
libsndfile1-dbg_1.0.25-9.1+deb8u2_amd64.deb
4ef61a98a512e348f17159066e16453782da9f363e1bd525abeae6acf4e90c9e 138246
sndfile-programs-dbg_1.0.25-9.1+deb8u2_amd64.deb
Files:
1a1d6b31ef4c03d22f19de47dcddf9ab 1808 devel optional
libsndfile_1.0.25-9.1+deb8u2.dsc
ad461beb96a47078df3fe373afac83d7 14836 devel optional
libsndfile_1.0.25-9.1+deb8u2.debian.tar.xz
1e76fa17f2956ec76eefccbad79764aa 704750 libdevel optional
libsndfile1-dev_1.0.25-9.1+deb8u2_amd64.deb
b4b0c4555a884f186d50bb01bcddf1f4 215482 libs optional
libsndfile1_1.0.25-9.1+deb8u2_amd64.deb
6daa3669f7049d6942dcc163a0f1ea1e 109566 utils optional
sndfile-programs_1.0.25-9.1+deb8u2_amd64.deb
ccd72f8e1d98fcc6e0a9012409a63153 346292 debug extra
libsndfile1-dbg_1.0.25-9.1+deb8u2_amd64.deb
bd9a2c6149003e331d8294c804cef49c 138246 debug extra
sndfile-programs-dbg_1.0.25-9.1+deb8u2_amd64.deb
-BEGIN PGP SIGNATURE-
iQEzBAEBCgAdFiEEUFZhdgIWqBhwqCvuZYVUZx9w0DQFAlwgwQ4ACgkQZYVUZx9w
0DTFdwf/eOC31fZAR9qog55nXsqAaxsqkSdyUrFAJMILhaU5My8JVM76r2eBB5VU
MRjngqCtzozaBjQbrOjII3O1t9VW9TQuv4j8IVS3CGsI1Vhb6msAT/0OP+4yUFlG
L6UkWbNO5Bl9fct5LtDFM17RnyOb0g1Z00TQjHMSJf1yUJ4DQnXuTpeMY1TERKhH
bKG2OBRfSx5rnF2mCnVgMLfxk7UwdnVNUK/EwtM/7E4vv/s7ZnHlQmvG+6JMcMC9
Q0MBvcfI0uOJf+6bGYNyAvxak8wRwqSm7w8yKH0N0w/HJ7kOqbJZ6ors1J7O1RR5
wE/OIMVP0p+ubPEqj0GNBs9apVIQQA==
=e0LW
-END PGP SIGNATURE-
Accepted liblivemedia 2014.01.13-1+deb8u1 (source amd64) into oldstable
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Tue, 20 Nov 2018 16:12:02 +0100 Source: liblivemedia Binary: liblivemedia-dev libbasicusageenvironment0 libgroupsock1 liblivemedia23 libusageenvironment1 livemedia-utils Architecture: source amd64 Version: 2014.01.13-1+deb8u1 Distribution: jessie-security Urgency: high Maintainer: Debian Multimedia Maintainers Changed-By: Hugo Lefeuvre Description: libbasicusageenvironment0 - multimedia RTSP streaming library (BasicUsageEnvironment class) libgroupsock1 - multimedia RTSP streaming library (network interfaces and sockets liblivemedia-dev - multimedia RTSP streaming library (development files) liblivemedia23 - multimedia RTSP streaming library libusageenvironment1 - multimedia RTSP streaming library (UsageEnvironment classes) livemedia-utils - multimedia RTSP streaming tools Changes: liblivemedia (2014.01.13-1+deb8u1) jessie-security; urgency=high . * Non-maintainer upload by the LTS Team. * CVE-2018-4013: stack-based buffer overflow in the HTTP packet-parsing functionality, potentially resulting in code execution. Checksums-Sha1: aa80c9e1ac37ab1d9c98d54f22074f48ff1febcc 2139 liblivemedia_2014.01.13-1+deb8u1.dsc e617930d23ef55381613121c2ea921ce59b9ee0e 595705 liblivemedia_2014.01.13.orig.tar.gz ba7daed5d461c3107a76b841317adc72dae2d83f 10636 liblivemedia_2014.01.13-1+deb8u1.debian.tar.xz a7db4becd82fd574e761532e86ee7fbd68cf909b 679790 liblivemedia-dev_2014.01.13-1+deb8u1_amd64.deb 0762c19c873be531a36419379fd49f65389814ef 21204 libbasicusageenvironment0_2014.01.13-1+deb8u1_amd64.deb 55562d6b3d3dd489bc29dfedea6ef8cdc2abd56f 27096 libgroupsock1_2014.01.13-1+deb8u1_amd64.deb aca92e5dd16a7a148b9fc3409ad6d536400063b7 288156 liblivemedia23_2014.01.13-1+deb8u1_amd64.deb ede29b1595c02fc51485cb5bd3628d132e2622e2 11770 libusageenvironment1_2014.01.13-1+deb8u1_amd64.deb 51e789bd77ea59f7c5e6d62335c195737c7bbd4d 60420 livemedia-utils_2014.01.13-1+deb8u1_amd64.deb Checksums-Sha256: 11db688549bd26b14b50f3604425496303820f4ba024e264e06a965a7936e113 2139 liblivemedia_2014.01.13-1+deb8u1.dsc d751a3a608e17b552c63d144c2856af5c23fbe31d340e71e589153e8204bb44e 595705 liblivemedia_2014.01.13.orig.tar.gz 848cdaf0b569e6352f2794db23f71760c076defb5b17e26bfc022041003e3711 10636 liblivemedia_2014.01.13-1+deb8u1.debian.tar.xz c56423dbce9385d9212a40e71f8f7fe05e46a099f0f60dd3faa35fb21be14d3e 679790 liblivemedia-dev_2014.01.13-1+deb8u1_amd64.deb 95c77783bf55be1ad8193d21ca0bab22fd7a38296dd1e07adb60adbb3121590d 21204 libbasicusageenvironment0_2014.01.13-1+deb8u1_amd64.deb bb334fecb75928a9bc0977f4c6dc5382cb868d4866588061113be3c7ba179829 27096 libgroupsock1_2014.01.13-1+deb8u1_amd64.deb c0c3b0b0e492a8743662fed16b2861ce52d89516088ba30542411b0d785d776f 288156 liblivemedia23_2014.01.13-1+deb8u1_amd64.deb ba8c38b0be855d1e1609f7c59ba176971aae3b5ca3bc06e00757558f80a01146 11770 libusageenvironment1_2014.01.13-1+deb8u1_amd64.deb d3e335fc5b83a3dd8413776f5e69c3b935853611a53d74912c3a48a4665651bc 60420 livemedia-utils_2014.01.13-1+deb8u1_amd64.deb Files: 43ebffec7d35561a17ca55e2c569abe7 2139 libs optional liblivemedia_2014.01.13-1+deb8u1.dsc 6eb9942cc8df01d5cd2d7c23ea36bd40 595705 libs optional liblivemedia_2014.01.13.orig.tar.gz d0a31a62880f18b2df1b9400666790fa 10636 libs optional liblivemedia_2014.01.13-1+deb8u1.debian.tar.xz ad5e94e1a385ea77258bddefe6c4123f 679790 libdevel optional liblivemedia-dev_2014.01.13-1+deb8u1_amd64.deb 028be5f63fd4cdf8defd61e3c82e05f6 21204 libs optional libbasicusageenvironment0_2014.01.13-1+deb8u1_amd64.deb 3fa2da2e554a10e628325202298c926e 27096 libs optional libgroupsock1_2014.01.13-1+deb8u1_amd64.deb 1c7aa2041be4e898c10d7c7c52d7858b 288156 libs optional liblivemedia23_2014.01.13-1+deb8u1_amd64.deb 0fadf214a4dfb4b4aaa23bf7127002fd 11770 libs optional libusageenvironment1_2014.01.13-1+deb8u1_amd64.deb 5db66867069a60ef61d8af60dc90034d 60420 net optional livemedia-utils_2014.01.13-1+deb8u1_amd64.deb -BEGIN PGP SIGNATURE- iQEzBAEBCgAdFiEEUFZhdgIWqBhwqCvuZYVUZx9w0DQFAlv0PDQACgkQZYVUZx9w 0DQrYQf/VShuye+QII4VKlxFAO81NUfkskHnC5JAGXrvG1tfhotgJqw7Oh2JJkl4 cuXCAL/gscS1O4ZCcBzGJr+ccthbPe9LrY6ZtQgGP6kwPJI6aG85IldIvb9YNtDq HIB5zilDA5/OAUZrn/vrXCl+RtElaMLZ3s6p4YmayblsHJDxnkGBDNJ1Lvqo8db/ 3rbAW6nIOr24kPbz7uaZbP3crNF7zdenp7u/ry4MbKAV2420Xam3hnABcKd5A8HT vxm84dL9/lsdbjBF0qFDrcCxakjzihY6OCBkjvBcAZPaxgbmssrm35nUX0t0ehKO NyXp0xIl3alhBxwuKU8QcYM1z/fKOA== =VuTg -END PGP SIGNATURE-
Accepted openjpeg2 2.1.0-2+deb8u5 (source amd64 all) into oldstable
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Mon, 19 Nov 2018 17:23:30 +0100 Source: openjpeg2 Binary: libopenjp2-7-dev libopenjp2-7 libopenjpip7 libopenjp3d7 libopenjp2-7-dbg libopenjpip-dec-server libopenjpip-viewer libopenjpip-server libopenjp3d-tools libopenjp2-tools Architecture: source amd64 all Version: 2.1.0-2+deb8u5 Distribution: jessie-security Urgency: high Maintainer: Debian PhotoTools Maintainers Changed-By: Hugo Lefeuvre Description: libopenjp2-7 - JPEG 2000 image compression/decompression library libopenjp2-7-dbg - debug symbols for libopenjp2-7, a JPEG 2000 image library libopenjp2-7-dev - development files for OpenJPEG, a JPEG 2000 image library libopenjp2-tools - command-line tools using the JPEG 2000 library libopenjp3d-tools - command-line tools using the JPEG 2000 - 3D library libopenjp3d7 - JP3D (JPEG 2000 / Part 10) image compression/decompression librar libopenjpip-dec-server - tool to allow caching of JPEG 2000 files using JPIP protocol libopenjpip-server - JPIP server for JPEG 2000 files libopenjpip-viewer - JPEG 2000 java based viewer for advanced remote JPIP access libopenjpip7 - JPEG 2000 Interactive Protocol Changes: openjpeg2 (2.1.0-2+deb8u5) jessie-security; urgency=high . * Non-maintainer upload by the LTS Team. * CVE-2017-17480: write stack buffer overflow due to missing buffer length formatter in fscanf call. * CVE-2018-18088: null pointer dereference caused by null image components in imagetopnm. Checksums-Sha1: 8e6a073a44cd8d6d835597f1cd47d5b2e981a10e 2420 openjpeg2_2.1.0-2+deb8u5.dsc d2b2e1f8aa6d1452f092476bb19bdf8715830289 29512 openjpeg2_2.1.0-2+deb8u5.debian.tar.xz efca96fca1b71e6d8a0fd54d0262c313d0707a18 38882 libopenjp2-7-dev_2.1.0-2+deb8u5_amd64.deb 8147a70b89701faafabeaa6685cf42da0df20628 117602 libopenjp2-7_2.1.0-2+deb8u5_amd64.deb 76a111d8275a1ad9207b17b6d599b8f6f2e5999b 60782 libopenjpip7_2.1.0-2+deb8u5_amd64.deb f9d2f3e1a7842b92f28ce96c7d313dcf9ef2b127 85524 libopenjp3d7_2.1.0-2+deb8u5_amd64.deb f67953cd0739bea52e8e631fa555ba9f6be286ce 918030 libopenjp2-7-dbg_2.1.0-2+deb8u5_amd64.deb ff5e91cf3b7c5bca659aca2023c493f873565f79 28792 libopenjpip-dec-server_2.1.0-2+deb8u5_amd64.deb 49801a70cdb791cbb686905c3c6bb901b11dcc2a 45538 libopenjpip-viewer_2.1.0-2+deb8u5_all.deb ada369afb2f32abe769a6e4481118c888d2be3af 49506 libopenjpip-server_2.1.0-2+deb8u5_amd64.deb b5339486e69a0d564efec2ca11ec4229b1ee02ef 41406 libopenjp3d-tools_2.1.0-2+deb8u5_amd64.deb 2294d8035ac1a0947da0d1e45ba17e082cb697ea 79116 libopenjp2-tools_2.1.0-2+deb8u5_amd64.deb Checksums-Sha256: 91a711b2d01eab45041d7fd9a9d9e1120a5e9c360db8c0a0322a22fbbd872242 2420 openjpeg2_2.1.0-2+deb8u5.dsc f4a97964416b6ae34bfbf38b61ed9620d8c1e9bc3ee8784f78ccf564d1accb2d 29512 openjpeg2_2.1.0-2+deb8u5.debian.tar.xz 6fd7d010aff79e600aff0de2902edb00bd22f094c7a7827e84cee78cea3e75c8 38882 libopenjp2-7-dev_2.1.0-2+deb8u5_amd64.deb f4c57c887ca514af49d94643e8c43d9328b6288ef6ec0f562ff0ebb66268122e 117602 libopenjp2-7_2.1.0-2+deb8u5_amd64.deb bf5d4337f8ef4967ac608adeb54e83e9ef4c43e3cba0c4db06779d3c54ae5231 60782 libopenjpip7_2.1.0-2+deb8u5_amd64.deb a6927246bf70b1a98bd6054083a50843f6bdb3349516591230ad18511e917043 85524 libopenjp3d7_2.1.0-2+deb8u5_amd64.deb 47f4dedd7baacbeed0ab9aab1d9e51abaa66676f89ad763da0ccb7048573bb40 918030 libopenjp2-7-dbg_2.1.0-2+deb8u5_amd64.deb b80f0ff4aac4b3376a543ce58dd1d0640ddca6fb6456dad607d00d9e4e4f5ec4 28792 libopenjpip-dec-server_2.1.0-2+deb8u5_amd64.deb c5faea7d26f93b3f1fde0a69367a9b49d5902d25b28fc51ed829892854413af5 45538 libopenjpip-viewer_2.1.0-2+deb8u5_all.deb f5cb922bfa897101aae4ad916c369ad1314a91e819ea9962596e7f68e8203d09 49506 libopenjpip-server_2.1.0-2+deb8u5_amd64.deb dcca7ab36ecf87b1b2c578f674e6319ab7dd14ec065e0b7c4568f6ee29855b84 41406 libopenjp3d-tools_2.1.0-2+deb8u5_amd64.deb 5a5d168194f3319b89e8f9c3ecd66c076bd02f9e7d522da07c6ae98d12876d0e 79116 libopenjp2-tools_2.1.0-2+deb8u5_amd64.deb Files: e1028feb7c357c99e7efb2636a79730d 2420 libs extra openjpeg2_2.1.0-2+deb8u5.dsc 38e87e171c9fb5cc9720d06b88b5f8fc 29512 libs extra openjpeg2_2.1.0-2+deb8u5.debian.tar.xz 678ab30171140b53a524e53e2c7a828f 38882 libdevel extra libopenjp2-7-dev_2.1.0-2+deb8u5_amd64.deb 362e9b94836c78859be9f3d80568b140 117602 libs extra libopenjp2-7_2.1.0-2+deb8u5_amd64.deb b4a58a015abea9a174161d114afa230e 60782 libs extra libopenjpip7_2.1.0-2+deb8u5_amd64.deb 761199320d4ead48cd146e9433dadb52 85524 libs extra libopenjp3d7_2.1.0-2+deb8u5_amd64.deb 580f878fd366cf14f6d717a7a7ddc8b3 918030 debug extra libopenjp2-7-dbg_2.1.0-2+deb8u5_amd64.deb 4b4558bd4becbf7dc265d3ad0eb061e2 28792 graphics extra libopenjpip-dec-server_2.1.0-2+deb8u5_amd64.deb d09ad64ee14a3d9fb110f798b2c6d8c5 45538 graphics extra libopenjpip-viewer_2.1.0-2+deb8u5_all.deb 54df479fbb0194d103edbf005bfa5c9d 49506 graphics extra libopenjpip-server_2.1.0-2+deb8u5_amd64.deb a3aedbee8988322b3107b093e3db2265 41406 graphics extra libopenjp3d
Accepted libsndfile 1.0.25-9.1+deb8u3 (source amd64) into oldstable
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Thu, 10 Jan 2019 15:02:51 +0100 Source: libsndfile Binary: libsndfile1-dev libsndfile1 sndfile-programs libsndfile1-dbg sndfile-programs-dbg Architecture: source amd64 Version: 1.0.25-9.1+deb8u3 Distribution: jessie-security Urgency: high Maintainer: Erik de Castro Lopo Changed-By: Hugo Lefeuvre Description: libsndfile1 - Library for reading/writing audio files libsndfile1-dbg - debugging symbols for libsndfile libsndfile1-dev - Development files for libsndfile; a library for reading/writing a sndfile-programs - Sample programs that use libsndfile sndfile-programs-dbg - debugging symbols for sndfile-programs Closes: 917416 Changes: libsndfile (1.0.25-9.1+deb8u3) jessie-security; urgency=high . * Non-maintainer upload by the LTS Team. * CVE-2018-19758: heap-buffer-overflow in wav_write_header (closes: #917416). Checksums-Sha1: 7036e11aa83641783c6ddc5bde6e77b46809e6f2 1808 libsndfile_1.0.25-9.1+deb8u3.dsc ac943f623a7578bab0c1251e38ab15e0417a1551 15204 libsndfile_1.0.25-9.1+deb8u3.debian.tar.xz d2fb8bd4231e783d19dea056d8968f1f3852f39e 704206 libsndfile1-dev_1.0.25-9.1+deb8u3_amd64.deb 43612c76537768e90dce966256a257017a90c1c4 215630 libsndfile1_1.0.25-9.1+deb8u3_amd64.deb 7645e6cda2b1b847637590f62748be340be78da7 109622 sndfile-programs_1.0.25-9.1+deb8u3_amd64.deb 9f02bceec16f35ff164bd6062542cf565882de0c 346286 libsndfile1-dbg_1.0.25-9.1+deb8u3_amd64.deb f80896e5a38bd3bacf1ce6e6cb4172be615f260a 138246 sndfile-programs-dbg_1.0.25-9.1+deb8u3_amd64.deb Checksums-Sha256: 0569199d6bce10521ff6e16690ac545d9b58979acc1f961f05c5d95c10aeeeba 1808 libsndfile_1.0.25-9.1+deb8u3.dsc b6606b184617d045d56f6068b2680162d301bb5bbfd8e64fb3f1df1d8f2a9cc4 15204 libsndfile_1.0.25-9.1+deb8u3.debian.tar.xz e60802099a271774bbe49baf1fd7525965c80173752bd007534298b366c53529 704206 libsndfile1-dev_1.0.25-9.1+deb8u3_amd64.deb 6f94dda020639f59275c4eb89e6f426cb1a643d66c690172b9f29b9d34bcb55b 215630 libsndfile1_1.0.25-9.1+deb8u3_amd64.deb b6f6aee88be15560d8101bf15e6450fc40edadea96b686f0807f9fc2dae29bb3 109622 sndfile-programs_1.0.25-9.1+deb8u3_amd64.deb 40c1adbc0641e9ef46ba96a0ad01d56e72c5dd8c0997785495752817fd973007 346286 libsndfile1-dbg_1.0.25-9.1+deb8u3_amd64.deb bf5be76586cbd74a01de30294f3c7ea7100a79b40c60223ecff429412338d41e 138246 sndfile-programs-dbg_1.0.25-9.1+deb8u3_amd64.deb Files: 1f61189046d20b205fe5a4d0ac77d2ba 1808 devel optional libsndfile_1.0.25-9.1+deb8u3.dsc 67dc0d7f04579bf4d1b0f9af80fd9c9c 15204 devel optional libsndfile_1.0.25-9.1+deb8u3.debian.tar.xz 9706ecc83defc5b7be61c7f5e51e69c5 704206 libdevel optional libsndfile1-dev_1.0.25-9.1+deb8u3_amd64.deb 16ec18a0a812847376aa9a75ced24f85 215630 libs optional libsndfile1_1.0.25-9.1+deb8u3_amd64.deb 2464c9d69a8c5425cf6467e623d7e5a0 109622 utils optional sndfile-programs_1.0.25-9.1+deb8u3_amd64.deb c21fb7f860c1dbc09bef24d49672b96f 346286 debug extra libsndfile1-dbg_1.0.25-9.1+deb8u3_amd64.deb 778c5f60090226547f5a1753a21982ea 138246 debug extra sndfile-programs-dbg_1.0.25-9.1+deb8u3_amd64.deb -BEGIN PGP SIGNATURE- iQEzBAEBCgAdFiEEUFZhdgIWqBhwqCvuZYVUZx9w0DQFAlw3WYkACgkQZYVUZx9w 0DTdGAf/XbNGkctPAQ1AvyKMaBzx5ZF9Z1GN1vgBJjoaIfYrubmykuh3xWJCVYdD Jw05EivKWhc5gSEkk43vSl1yS5CHEqDiV3SB1jcsuV4FqcejZOpt+vmqyLWlP1dP 4wts0cemPDMq6UIpOsvv9WTQlQ7uncg5Tj4L4yl5YCZrROowCO2UAIt1rlgxE35P BKbThBidn9oJkcjz66W7II/nlut35yieZZ+fWfg7fsW0zPusCd93ajs/fR5OupIw +pHmYaaYG6O8r3dJFjF7JVK8CCY0QHPtdooi7Cilg6AJthV1Tly9FoZnZokDFbHZ AhG7cMEGmFC4gPEAOw2RXEdSo+CLiQ== =0FBZ -END PGP SIGNATURE-
Accepted suricata 2.0.7-2+deb8u4 (source amd64) into oldstable
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Mon, 08 Apr 2019 13:17:04 +0200 Source: suricata Binary: suricata Architecture: source amd64 Version: 2.0.7-2+deb8u4 Distribution: jessie-security Urgency: high Maintainer: Pierre Chifflier Changed-By: Hugo Lefeuvre Description: suricata - Next Generation Intrusion Detection and Prevention Tool Changes: suricata (2.0.7-2+deb8u4) jessie-security; urgency=high . * Non-maintainer upload by the LTS Team. * CVE-2018-10243: heap-based buffer over-read in htp_parse_authorization_digest via an authorization digest header. * CVE-2018-10242: incorrect parsing of SSH banner (missing length check) resulting in oob read in parsing code. Checksums-Sha1: ca500d5d91cbc9e781b7d15c7eef77ca24523e91 1791 suricata_2.0.7-2+deb8u4.dsc 4dc527315280a0a15e71ffbc67f60a983f489e31 2953232 suricata_2.0.7.orig.tar.gz 4140a201c3ccca9c813a24d2c1525c8f3b73fff3 15372 suricata_2.0.7-2+deb8u4.debian.tar.xz 5f3175c86a3e41b374f1071393716f20ca7bbc00 774630 suricata_2.0.7-2+deb8u4_amd64.deb Checksums-Sha256: 518bbe0e703ee0a0330e4ced211b714d24580fd9c9be6fccc435300e83cc0145 1791 suricata_2.0.7-2+deb8u4.dsc 973e3311281cee5f776279f36eda7e37c266a8661a5f5746b3531c3ccd8af6a9 2953232 suricata_2.0.7.orig.tar.gz b48c648d4e2bebfb94c81972599e1934101f635d14e3c9648fe0d2448ce394e1 15372 suricata_2.0.7-2+deb8u4.debian.tar.xz 5014edf0643f66f8d933416c1685828748c687d4f74afdf079ee25dad2efd9ba 774630 suricata_2.0.7-2+deb8u4_amd64.deb Files: 192ea8a62efd2d02191c77a242eedb93 1791 net optional suricata_2.0.7-2+deb8u4.dsc 18651aac081c817cd8c67cbf11fdb8c6 2953232 net optional suricata_2.0.7.orig.tar.gz 857146f0135fc61b6296bb18e603dbd5 15372 net optional suricata_2.0.7-2+deb8u4.debian.tar.xz 9e9908de41bbf8aa22485ca689d84e8d 774630 net optional suricata_2.0.7-2+deb8u4_amd64.deb -BEGIN PGP SIGNATURE- iQEzBAEBCgAdFiEEUFZhdgIWqBhwqCvuZYVUZx9w0DQFAlyrN7IACgkQZYVUZx9w 0DRlDAgAnZxp3alN51V0b7H+6OCOG3saPTPTcG55dZGLWBs4QZc7o01OX+9pMJrC pbwwIERrZ197LYCRgg0Elh3opLkIQqNAR29YfYGcSC7erX3Pe9DROFQrNTqkHTTn f7mn6y6i0QVHbGm0iQUv62n978JbdEmuGeZJhNiQWRpq0vSsUCRl3tSTIvQReX9N x6ZwHVV/0r1gn1bZy69pknbdzvYvpVsDvxv6pLn5x+D76MrsKBoN2wjKCHky0LZm Dr175NKN12JM6Nk5B4OMcY7HVDAD7eZj+iAgSuA9AymijWheYBKDUFZq6RAIzUmE CZLb+WG62c+3LjqWlZi+KPt3ve7A7A== =FNN1 -END PGP SIGNATURE-
Accepted liblivemedia 2014.01.13-1+deb8u2 (source amd64) into oldstable
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Mon, 25 Feb 2019 16:47:01 +0100 Source: liblivemedia Binary: liblivemedia-dev libbasicusageenvironment0 libgroupsock1 liblivemedia23 libusageenvironment1 livemedia-utils Architecture: source amd64 Version: 2014.01.13-1+deb8u2 Distribution: jessie-security Urgency: high Maintainer: Debian Multimedia Maintainers Changed-By: Hugo Lefeuvre Description: libbasicusageenvironment0 - multimedia RTSP streaming library (BasicUsageEnvironment class) libgroupsock1 - multimedia RTSP streaming library (network interfaces and sockets liblivemedia-dev - multimedia RTSP streaming library (development files) liblivemedia23 - multimedia RTSP streaming library libusageenvironment1 - multimedia RTSP streaming library (UsageEnvironment classes) livemedia-utils - multimedia RTSP streaming tools Changes: liblivemedia (2014.01.13-1+deb8u2) jessie-security; urgency=high . * Non-maintainer upload by the LTS Team. * CVE-2019-7314: use-after-free during RTSP stream termination. * CVE-2019-6256: denial of service when processing get and post with identical x-session-cookie within the same tcp session. Checksums-Sha1: eb6c1e345367d251431b0a91e6be809db23c99e0 2139 liblivemedia_2014.01.13-1+deb8u2.dsc 86b5eb875033cc007f1f88c462bb0ab0c078f70f 11428 liblivemedia_2014.01.13-1+deb8u2.debian.tar.xz 0367dd5f01c118e339355cf60b20c7e57f713f2a 677956 liblivemedia-dev_2014.01.13-1+deb8u2_amd64.deb fce3b7746406b452328d453f178d3adc3bdcea48 21206 libbasicusageenvironment0_2014.01.13-1+deb8u2_amd64.deb 2787cbd30f845c6e23e0f1b15f06fceb4e25a38f 27062 libgroupsock1_2014.01.13-1+deb8u2_amd64.deb 128b5013e2a232966f35bdad9a4c414ce452f379 288518 liblivemedia23_2014.01.13-1+deb8u2_amd64.deb 76aba198144203504a1298cedee94bd363baabe3 11898 libusageenvironment1_2014.01.13-1+deb8u2_amd64.deb 4476c99f72c9b39c7545d1f88fae20b419ab8134 60388 livemedia-utils_2014.01.13-1+deb8u2_amd64.deb Checksums-Sha256: fe5e7ed3c4d561a5ea8238d0240687c6b1df2568c3c2b65f42feddab8d4afa71 2139 liblivemedia_2014.01.13-1+deb8u2.dsc a9156d0533d7a3da760027bd63aba002f39df15ea8d7e1c0a4efa42f38b61a3a 11428 liblivemedia_2014.01.13-1+deb8u2.debian.tar.xz 9917457d5edc79d3b0498a4f392da941c05e5731200779ae64991804b3b2aa4b 677956 liblivemedia-dev_2014.01.13-1+deb8u2_amd64.deb 453995e1f50747766c4ff3c7050dae77f9b0164d4c8e3f987ab34aebfb6b9429 21206 libbasicusageenvironment0_2014.01.13-1+deb8u2_amd64.deb c506fa21644375b1e9d38676e6f53ba69a2c93cd9a8b2554c881c424fad488cf 27062 libgroupsock1_2014.01.13-1+deb8u2_amd64.deb 3ed09b40f8f5cb3f440e0ef07cff440f1f1be71ae64fc2f22a611a387adde75c 288518 liblivemedia23_2014.01.13-1+deb8u2_amd64.deb 778d2d39c42b8e25c700d7272fa3822b3b5e9026cb960d8cd3a289a20da2c723 11898 libusageenvironment1_2014.01.13-1+deb8u2_amd64.deb 962074460d1265277f47bf08e28a650c17231b9cceb271e4b5450b5c5a770fdb 60388 livemedia-utils_2014.01.13-1+deb8u2_amd64.deb Files: d727cc67b08149390ceabe35278cf1a8 2139 libs optional liblivemedia_2014.01.13-1+deb8u2.dsc b4cdce8ea428c4fe3d2ca7d33371ca95 11428 libs optional liblivemedia_2014.01.13-1+deb8u2.debian.tar.xz 2aa01bf7ada2f6d620cf941027eca6c6 677956 libdevel optional liblivemedia-dev_2014.01.13-1+deb8u2_amd64.deb cc8109180c871e83926f7024178c4de0 21206 libs optional libbasicusageenvironment0_2014.01.13-1+deb8u2_amd64.deb 648fd2f44c9231f81f607e10bca0e4fe 27062 libs optional libgroupsock1_2014.01.13-1+deb8u2_amd64.deb 8a901fbfbf450b94e3e73df4cc7a7fae 288518 libs optional liblivemedia23_2014.01.13-1+deb8u2_amd64.deb aa71e23ed41a3ab0c8e07b4653217d2b 11898 libs optional libusageenvironment1_2014.01.13-1+deb8u2_amd64.deb e3e165e049368eb129684588145fd3d2 60388 net optional livemedia-utils_2014.01.13-1+deb8u2_amd64.deb -BEGIN PGP SIGNATURE- iQEzBAEBCgAdFiEEUFZhdgIWqBhwqCvuZYVUZx9w0DQFAlx0HOoACgkQZYVUZx9w 0DRuowf+O5FObjHfYn+tK/fikr6hZRKCYoVV/+3SLgpGclZlG7Kph96yf/kxQIpv hejAG7EAqhmu7nHcjSvrGHHp/VIj5ujOWrkrgZrh8Xu7naWk3vxYQ2SLIFOU3z0Z jNCk9c+N7WRxuB0P0ayLByk6R9SHiI4IxD7xMcXcIVzbMamwt+LGkKRMRBhNKWhU Zm6F4/jV8zK/riw/hhmDqg7UrJWpZum+6pT1JCjQv66V4YZDQCzm+28lkhrqtb95 RCmq+hwdz7iACaPLwkAhC/ToF1vxFGIKDFyJLdtLYa6l07LQBCXxU700MLgeLvcw CPj7AJY6liEJnc5OQmswPXOd+JdYZA== =CJ/v -END PGP SIGNATURE-
Accepted sox 14.4.1-5+deb8u2 (source amd64) into oldstable
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Thu, 28 Feb 2019 08:58:56 +0100 Source: sox Binary: sox libsox2 libsox-fmt-base libsox-fmt-alsa libsox-fmt-ao libsox-fmt-mp3 libsox-fmt-oss libsox-fmt-pulse libsox-fmt-all libsox-dev Architecture: source amd64 Version: 14.4.1-5+deb8u2 Distribution: jessie-security Urgency: high Maintainer: Pascal Giard Changed-By: Hugo Lefeuvre Description: libsox-dev - Development files for the SoX library libsox-fmt-all - All SoX format libraries libsox-fmt-alsa - SoX alsa format I/O library libsox-fmt-ao - SoX Libao format I/O library libsox-fmt-base - Minimal set of SoX format libraries libsox-fmt-mp3 - SoX MP2 and MP3 format library libsox-fmt-oss - SoX OSS format I/O library libsox-fmt-pulse - SoX PulseAudio format I/O library libsox2- SoX library of audio effects and processing sox- Swiss army knife of sound processing Closes: 878808 878810 881121 882144 Changes: sox (14.4.1-5+deb8u2) jessie-security; urgency=high . * Non-maintainer upload by the LTS Team. * CVE-2017-15370: heap-based buffer overflow in the ImaExpandS function of ima_rw.c (Closes: #878810). * CVE-2017-15372: stack-based buffer overflow in the lsx_ms_adpcm_block_expand_i function of adpcm.c (Closes: #878808). * CVE-2017-18189: null pointer dereference caused by corrupt header specifying zero channels, sending read_channels() into an infinite loop (Closes: #881121). * CVE-2017-15642: use-after-free in output_message, triggered by crafted aiff file (Closes: #882144). Checksums-Sha1: 08d778a3a2597fb09965215b17f7ea6c23cb4e7b 2318 sox_14.4.1-5+deb8u2.dsc 91100373c84731f6d5910e1014f8a268279b12cf 15604 sox_14.4.1-5+deb8u2.debian.tar.xz c00973ed2cb26ad43576c8b06aafeeffa3e084f9 137386 sox_14.4.1-5+deb8u2_amd64.deb 4afb4bf54e0374bee61423fedd9419b96e8efb3d 267458 libsox2_14.4.1-5+deb8u2_amd64.deb d93f6bb8a1bc3ad38b09eebd186bbe969531d4d3 68518 libsox-fmt-base_14.4.1-5+deb8u2_amd64.deb 555b45cbb8da6bba0321864510992773af665f7a 47110 libsox-fmt-alsa_14.4.1-5+deb8u2_amd64.deb 00743263075d3487e46a6dc0c45f0dfd1491e41c 44018 libsox-fmt-ao_14.4.1-5+deb8u2_amd64.deb 360c240956bac3319af262d9a281aab44ff1ff8c 52176 libsox-fmt-mp3_14.4.1-5+deb8u2_amd64.deb 631ed504e30cdba9220daa86ad1f2dc6f70d5454 44554 libsox-fmt-oss_14.4.1-5+deb8u2_amd64.deb 434f260430f471c69cc96c0656ececf2f41dda19 44062 libsox-fmt-pulse_14.4.1-5+deb8u2_amd64.deb ce3fd31aa330e9978449ffdb667202dce8d59820 41626 libsox-fmt-all_14.4.1-5+deb8u2_amd64.deb b30dcd5134c6091f96b22a7f057256159c551244 356446 libsox-dev_14.4.1-5+deb8u2_amd64.deb Checksums-Sha256: 13c401966562a47b515e1316203f142b8bef922426673bc6122bee76f7c7e3de 2318 sox_14.4.1-5+deb8u2.dsc d709df28c8262653e8f2c4f8d470749a9aef4e6ca76095ff13e9d232585c53b8 15604 sox_14.4.1-5+deb8u2.debian.tar.xz 1cb65cc661a06a32b2af270b3476583ad0e6909c5f688086a5451bc11cdc82b4 137386 sox_14.4.1-5+deb8u2_amd64.deb 075d1c84b472962fe8f01a67be1d9f74acc35b1eadd33022de0df4580e3b055f 267458 libsox2_14.4.1-5+deb8u2_amd64.deb 3abbc88e317fda0a181d1b0d4075bedf339b60035fbb7476a7d6e2fac7fc06ec 68518 libsox-fmt-base_14.4.1-5+deb8u2_amd64.deb 8bf3b38aca6786549bff42a15d91bf1f8b169f727bc6bca7b81fc2829da8df9f 47110 libsox-fmt-alsa_14.4.1-5+deb8u2_amd64.deb 5fa569742c86de98ac4594d5e0f2da4c28cc03abb858b9ddf7152e52a7bc44f1 44018 libsox-fmt-ao_14.4.1-5+deb8u2_amd64.deb 22c8150fd70413fad466c14fb94c607cb6b3d15bc7aa89379ff25f14518ba87a 52176 libsox-fmt-mp3_14.4.1-5+deb8u2_amd64.deb e6c3fb94a825c26bc6a5be64d189f0bf7e36e7945dc10517c25bfe339f194a92 44554 libsox-fmt-oss_14.4.1-5+deb8u2_amd64.deb f5708948fe2769204d9a016d4a4f4b74a649f860a306df0a4aa3ad3ff746c7a8 44062 libsox-fmt-pulse_14.4.1-5+deb8u2_amd64.deb 02551fd3680a91edb0e7a2c7688ae42143e66c5c09338b38a4830cd4962bcfe1 41626 libsox-fmt-all_14.4.1-5+deb8u2_amd64.deb 34d06c561a87b0bd50117422ce8c6f53a9af08b6e1270faaad3bea45e50171c9 356446 libsox-dev_14.4.1-5+deb8u2_amd64.deb Files: 86b718b46ef01a41475e0884be8d1275 2318 sound optional sox_14.4.1-5+deb8u2.dsc f5994b483127fa3f008edeb417778bbb 15604 sound optional sox_14.4.1-5+deb8u2.debian.tar.xz 3eb4ca2d6cbf6fef4ec364513902a2c3 137386 sound optional sox_14.4.1-5+deb8u2_amd64.deb 82bbd5d8122d90b3b0a21aeb7af03655 267458 libs optional libsox2_14.4.1-5+deb8u2_amd64.deb 9ee773303915ae67394cb7bf09efed1f 68518 libs optional libsox-fmt-base_14.4.1-5+deb8u2_amd64.deb 043823bb04251d7c3a80a8ccc538355c 47110 libs optional libsox-fmt-alsa_14.4.1-5+deb8u2_amd64.deb 9fbbc38e8dfe556974294dbbad6cb93c 44018 libs optional libsox-fmt-ao_14.4.1-5+deb8u2_amd64.deb 00c8ccf22f77fb726e681c983a83c97d 52176 libs optional libsox-fmt-mp3_14.4.1-5+deb8u2_amd64.deb 2cec4e736f71d47d310d180e4033d640 44554 libs optional libsox-fmt-oss_14.4.1-5+deb8u2_amd64.deb b75f53e6e13a98d8879263857c05c6c8 44062 libs optional libsox-fmt-pulse_14.4.1-5+deb8u2_amd64.deb d232016138246b8b394c8a20b9c46e2c 41626 libs optional libsox-fmt-all_14.4.1-5
Accepted sox 14.4.1-5+deb8u3 (source amd64) into oldstable
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Tue, 05 Mar 2019 16:43:06 +0100 Source: sox Binary: sox libsox2 libsox-fmt-base libsox-fmt-alsa libsox-fmt-ao libsox-fmt-mp3 libsox-fmt-oss libsox-fmt-pulse libsox-fmt-all libsox-dev Architecture: source amd64 Version: 14.4.1-5+deb8u3 Distribution: jessie-security Urgency: high Maintainer: Pascal Giard Changed-By: Hugo Lefeuvre Description: libsox-dev - Development files for the SoX library libsox-fmt-all - All SoX format libraries libsox-fmt-alsa - SoX alsa format I/O library libsox-fmt-ao - SoX Libao format I/O library libsox-fmt-base - Minimal set of SoX format libraries libsox-fmt-mp3 - SoX MP2 and MP3 format library libsox-fmt-oss - SoX OSS format I/O library libsox-fmt-pulse - SoX PulseAudio format I/O library libsox2- SoX library of audio effects and processing sox- Swiss army knife of sound processing Closes: 870328 878809 Changes: sox (14.4.1-5+deb8u3) jessie-security; urgency=high . * Non-maintainer upload by the LTS Team. * CVE-2017-15371: reachable assertion in sox_append_comment() (formats.c) (Closes: #878809). * CVE-2017-11359: divide-by-zero error wavwritehdr function (wav.c) (Closes: #870328). * CVE-2017-11332: divide-by-zero error in startread function (wav.c). * CVE-2017-11358: invalid memory read in read_samples function (hcom.c). Checksums-Sha1: d9b241787c1b2ce7955ae3ab8ef1d20539762bb8 2318 sox_14.4.1-5+deb8u3.dsc 3afd714e500aaaff373c256051bd7160be29c947 16776 sox_14.4.1-5+deb8u3.debian.tar.xz 3729add2db53516924a6ee03d9d7fd3c3ea2ac8f 137520 sox_14.4.1-5+deb8u3_amd64.deb c3e77eedc920b67b8923e03a783885887e866c97 267576 libsox2_14.4.1-5+deb8u3_amd64.deb 795bd9af93c1eaea446e8ca0d80c12b6eb9ab532 68704 libsox-fmt-base_14.4.1-5+deb8u3_amd64.deb c267a987c301bc9223d5362a02ca444b8d7cd980 47236 libsox-fmt-alsa_14.4.1-5+deb8u3_amd64.deb 9be7bc2a0445529b87a4a67c5076f2d7b1c79d69 44126 libsox-fmt-ao_14.4.1-5+deb8u3_amd64.deb 07cd84ba89162650a42284d7a26faac61b978cab 52272 libsox-fmt-mp3_14.4.1-5+deb8u3_amd64.deb ee73089fb381eeec789f2fce7502ec6260947df9 44668 libsox-fmt-oss_14.4.1-5+deb8u3_amd64.deb 53fc7b2492bba54e2b2aa52a17b9f206d853ba0b 44190 libsox-fmt-pulse_14.4.1-5+deb8u3_amd64.deb 618c7edbc5cc1dcba9317ad3ebb1fc60e7eb2993 41742 libsox-fmt-all_14.4.1-5+deb8u3_amd64.deb f6684dbb65867454923402c1f2158275125baed4 356584 libsox-dev_14.4.1-5+deb8u3_amd64.deb Checksums-Sha256: 9b0c6a01e4a80a218548851e5615624a0a1646b89170ef22ed2b373d042202ce 2318 sox_14.4.1-5+deb8u3.dsc 71bf3a3631064cd77ad36d12faa89d17cfe72413cf3767216c6f8dc2e88cbdab 16776 sox_14.4.1-5+deb8u3.debian.tar.xz 0c133f1f53fa05b1ccbdcfc74ccabbb057b5a040171206e69bc7c0b9ba220a50 137520 sox_14.4.1-5+deb8u3_amd64.deb 09aa1865269f888ebf470778a5dfa758ebf513f849458b2a99ead5ba28636502 267576 libsox2_14.4.1-5+deb8u3_amd64.deb 19beec07183e5beb91e26b0a74147c9ce5c8bc7a8aedb6627f4f07678d77c906 68704 libsox-fmt-base_14.4.1-5+deb8u3_amd64.deb dba4b0f23b361c5afcfdce9254f057781054d7f5d543965e79ea0e6b59910cd8 47236 libsox-fmt-alsa_14.4.1-5+deb8u3_amd64.deb f5c50f03c137b776f2b42295e4f8d4a5a8b9e4cae8bd63cf758884a9522fb893 44126 libsox-fmt-ao_14.4.1-5+deb8u3_amd64.deb 7beaf83cd41bf2fe1b087df9273affc9e0378672815355f54f437a9c1521 52272 libsox-fmt-mp3_14.4.1-5+deb8u3_amd64.deb 941afe5ed752f7a6a034700c8046ab45c2d12c4e49c35669b25298394c328ee9 44668 libsox-fmt-oss_14.4.1-5+deb8u3_amd64.deb 83a89fc4271d0f49303eff717ec25ab563d6cac793783492d77450b0baac6817 44190 libsox-fmt-pulse_14.4.1-5+deb8u3_amd64.deb ba268ba289127eb637dc36e7abddf4428b1ade2770fc7a081f1b26c06b3fc781 41742 libsox-fmt-all_14.4.1-5+deb8u3_amd64.deb baaa40fa4098aec4a4f35e2b524042bd882f29b48be98503846e7e6d05866a50 356584 libsox-dev_14.4.1-5+deb8u3_amd64.deb Files: 75214863ee23468ccf94554f20bc35a0 2318 sound optional sox_14.4.1-5+deb8u3.dsc 09e9738a6c2528a01a17a9d11f5227da 16776 sound optional sox_14.4.1-5+deb8u3.debian.tar.xz d6d0466220e5d725d3332810b528cc4e 137520 sound optional sox_14.4.1-5+deb8u3_amd64.deb 277c4f3d572e7195eb05bc35a7656490 267576 libs optional libsox2_14.4.1-5+deb8u3_amd64.deb 81177a4cdb24a94630f52c81c7e04974 68704 libs optional libsox-fmt-base_14.4.1-5+deb8u3_amd64.deb 00f64a8e5ff3ea7e616d0048b3ed135f 47236 libs optional libsox-fmt-alsa_14.4.1-5+deb8u3_amd64.deb 79c39913e9c501c9916932cbfcc4ce52 44126 libs optional libsox-fmt-ao_14.4.1-5+deb8u3_amd64.deb 4eb947a9e5a0f4459a04967dd1e681e1 52272 libs optional libsox-fmt-mp3_14.4.1-5+deb8u3_amd64.deb 24cd75f8b1aed68e28f40c6a484d97ac 44668 libs optional libsox-fmt-oss_14.4.1-5+deb8u3_amd64.deb 05a137a2e36ebd6c5425212c2a66bc4e 44190 libs optional libsox-fmt-pulse_14.4.1-5+deb8u3_amd64.deb 8207ee515382a69836ea430a756e4668 41742 libs optional libsox-fmt-all_14.4.1-5+deb8u3_amd64.deb dbf2119cfe41713c4e3063194c66e2e5 356584 libdevel optional libsox-dev_14.4.1-5+deb8u3_amd64.deb -BEGIN PGP SIGNATURE- iQEzBAEBCgAdFiEEUFZhdgIWqBhwqCvuZYVUZx9w0DQFAlx
Accepted qemu 1:2.1+dfsg-12+deb8u10 (source amd64) into oldstable
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Tue, 26 Feb 2019 09:53:23 +0100 Source: qemu Binary: qemu qemu-system qemu-system-common qemu-system-misc qemu-system-arm qemu-system-mips qemu-system-ppc qemu-system-sparc qemu-system-x86 qemu-user qemu-user-static qemu-user-binfmt qemu-utils qemu-guest-agent qemu-kvm Architecture: source amd64 Version: 1:2.1+dfsg-12+deb8u10 Distribution: jessie-security Urgency: high Maintainer: Debian QEMU Team Changed-By: Hugo Lefeuvre Description: qemu - fast processor emulator qemu-guest-agent - Guest-side qemu-system agent qemu-kvm - QEMU Full virtualization on x86 hardware qemu-system - QEMU full system emulation binaries qemu-system-arm - QEMU full system emulation binaries (arm) qemu-system-common - QEMU full system emulation binaries (common files) qemu-system-mips - QEMU full system emulation binaries (mips) qemu-system-misc - QEMU full system emulation binaries (miscelaneous) qemu-system-ppc - QEMU full system emulation binaries (ppc) qemu-system-sparc - QEMU full system emulation binaries (sparc) qemu-system-x86 - QEMU full system emulation binaries (x86) qemu-user - QEMU user mode emulation binaries qemu-user-binfmt - QEMU user mode binfmt registration for qemu-user qemu-user-static - QEMU user mode emulation binaries (static version) qemu-utils - QEMU utilities Closes: 902725 916397 921525 Changes: qemu (1:2.1+dfsg-12+deb8u10) jessie-security; urgency=high . * Non-maintainer upload by the LTS Team. * CVE-2019-6778: slirp: heap buffer overflow in tcp_emu() (Closes: #921525). * CVE-2018-16872: mtp: symlink attack in the usb_mtp_object_readdir function, potentially leading to information disclosure (Closes: #916397). * CVE-2018-12617: integer overflow causing large memory allocation and subsequent null pointer dereference (Closes: #902725). Checksums-Sha1: 894d7ab75bc8730f7ea33ec38ef6ce5b643ba957 5193 qemu_2.1+dfsg-12+deb8u10.dsc 119e6ea6144f430362cb766a68c1d068b286b761 215148 qemu_2.1+dfsg-12+deb8u10.debian.tar.xz 23a009ca917504d6ad1629b6fd8ee4558d18cf82 126310 qemu_2.1+dfsg-12+deb8u10_amd64.deb caa530b21b9c2867149d61455b59383484fd3705 55544 qemu-system_2.1+dfsg-12+deb8u10_amd64.deb bcdbc31af06afd83937ae6d28d5f590e5ea2ab5b 285794 qemu-system-common_2.1+dfsg-12+deb8u10_amd64.deb efe42951d0218cf4ed47a123623e92722fdd204a 5276932 qemu-system-misc_2.1+dfsg-12+deb8u10_amd64.deb 0890d17e160155bf828a0005dfded59545809974 2242736 qemu-system-arm_2.1+dfsg-12+deb8u10_amd64.deb 286072bd224120c25cf9325633492eeefd82883e 2783722 qemu-system-mips_2.1+dfsg-12+deb8u10_amd64.deb a1d24f82be64d2221f7ed4193a8e885b6ee78caa 2758798 qemu-system-ppc_2.1+dfsg-12+deb8u10_amd64.deb 0ccd328163adad767f5cce68eb7889b07b166432 1674426 qemu-system-sparc_2.1+dfsg-12+deb8u10_amd64.deb 6b0fbfa402afc31e1031c2a428704a39df380bb2 2054686 qemu-system-x86_2.1+dfsg-12+deb8u10_amd64.deb 6147dc83aa2b6a7abe4b0f2ead303010f636bdef 5570098 qemu-user_2.1+dfsg-12+deb8u10_amd64.deb a53dbe42d25d1e41433a2a6dbbc5ab0eb15df97a 8232386 qemu-user-static_2.1+dfsg-12+deb8u10_amd64.deb 1e80f64dcc93bae5f04befe4417a536fd90bdec5 2940 qemu-user-binfmt_2.1+dfsg-12+deb8u10_amd64.deb 77eb306c4b08517db192bea78edcba8dafa68199 486070 qemu-utils_2.1+dfsg-12+deb8u10_amd64.deb ab3e175d19f3eeba61f119d8104e5971ccec6e87 139816 qemu-guest-agent_2.1+dfsg-12+deb8u10_amd64.deb baf7891debf57bdd555c8c1fed7276ab35a9654c 56184 qemu-kvm_2.1+dfsg-12+deb8u10_amd64.deb Checksums-Sha256: 73d5b4769c42ddf44f32f6e280e99a35ee649f914cfbbca0a4f93ab266a04766 5193 qemu_2.1+dfsg-12+deb8u10.dsc 7c4057939f8907dd251c23e8a350462e3fe9dd48ee2352d0071286903b03597f 215148 qemu_2.1+dfsg-12+deb8u10.debian.tar.xz c63c1fb2b54bc02a8cc7b41bd7fff0d473b7cdfc3f0436255fef205d701506b7 126310 qemu_2.1+dfsg-12+deb8u10_amd64.deb 7c6884a6585d45090cf67a0d36b0941e572026b5fb147384b0cd290c147439f4 55544 qemu-system_2.1+dfsg-12+deb8u10_amd64.deb ccf8fc4ce27814235105dce95ee1193d143b5e76b3f802c09d9d1ea7d0c08921 285794 qemu-system-common_2.1+dfsg-12+deb8u10_amd64.deb ddaa728f3ac2a7c5ffac56d0cd5bb44267bab4741d7da8cb4f9bdd0b2bb814b4 5276932 qemu-system-misc_2.1+dfsg-12+deb8u10_amd64.deb b6e24cadfd1126e28a109d7ecee0553a54119dd7d39bf70235e8f343ac06aa39 2242736 qemu-system-arm_2.1+dfsg-12+deb8u10_amd64.deb 32349d434655431aae537360c17484ed518b0726b63ef4f3ede022cffd6e24d1 2783722 qemu-system-mips_2.1+dfsg-12+deb8u10_amd64.deb ee7fff9b3e6c85b121bcb7d99842e3cfef7115dba21db7bb282e04bc0d6b89ab 2758798 qemu-system-ppc_2.1+dfsg-12+deb8u10_amd64.deb f137943cd7f4f1dfab7982547b33f49df1c350488d7e727f2dca2ac1ead01fe7 1674426 qemu-system-sparc_2.1+dfsg-12+deb8u10_amd64.deb 218f6b18bfe5fe86e50c461847e01f5a0007a9ab656191ad144617156806621c 2054686 qemu-system-x86_2.1+dfsg-12+deb8u10_amd64.deb b31649e71c8f3288f72ca03d0ae782359733a663a9df127230ac86042a47e03e 5570098 qemu-user_2.1+dfsg-12+deb8u10_amd64.deb 57479176280e9ce8ff28caf0bf4d2ce56305116205ec98505a18d747f69b1a13 8232386
Accepted liblivemedia 2014.01.13-1+deb8u3 (source amd64) into oldstable
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Mon, 18 Mar 2019 09:18:27 +0100 Source: liblivemedia Binary: liblivemedia-dev libbasicusageenvironment0 libgroupsock1 liblivemedia23 libusageenvironment1 livemedia-utils Architecture: source amd64 Version: 2014.01.13-1+deb8u3 Distribution: jessie-security Urgency: high Maintainer: Debian Multimedia Maintainers Changed-By: Hugo Lefeuvre Description: libbasicusageenvironment0 - multimedia RTSP streaming library (BasicUsageEnvironment class) libgroupsock1 - multimedia RTSP streaming library (network interfaces and sockets liblivemedia-dev - multimedia RTSP streaming library (development files) liblivemedia23 - multimedia RTSP streaming library libusageenvironment1 - multimedia RTSP streaming library (UsageEnvironment classes) livemedia-utils - multimedia RTSP streaming tools Changes: liblivemedia (2014.01.13-1+deb8u3) jessie-security; urgency=high . * Non-maintainer upload by the LTS Team. * CVE-2019-9215: malformed headers lead to invalid memory access in the parseAuthorizationHeader function. Checksums-Sha1: 2ca7ad84a98d067723eb1d2706d014bd9dd3eb6e 2139 liblivemedia_2014.01.13-1+deb8u3.dsc e617930d23ef55381613121c2ea921ce59b9ee0e 595705 liblivemedia_2014.01.13.orig.tar.gz c0240e89fb3dbf8536d745fab4cdcc23bc2e0650 12344 liblivemedia_2014.01.13-1+deb8u3.debian.tar.xz b17ec8db7a412ba220b571e745319e9f29e176ba 677864 liblivemedia-dev_2014.01.13-1+deb8u3_amd64.deb 085a225c78f14021b7e639f7ca23526901055bc9 21246 libbasicusageenvironment0_2014.01.13-1+deb8u3_amd64.deb 953a71bca7f72a9eb60a9b1f5ded0f5a26edbcae 27206 libgroupsock1_2014.01.13-1+deb8u3_amd64.deb d1e8d5db16b39089b4923a882e5332e23fbf7b5c 288054 liblivemedia23_2014.01.13-1+deb8u3_amd64.deb a4bf304051be08d582bd7ef89b44079cf1aad92f 11990 libusageenvironment1_2014.01.13-1+deb8u3_amd64.deb a6b1ce71125b267703ddc6f6f0dbf8545fedd56c 60488 livemedia-utils_2014.01.13-1+deb8u3_amd64.deb Checksums-Sha256: 6cf997b96b9b0c83aabcafa7d702cebbad54ec868726b47795d999ac34d9f357 2139 liblivemedia_2014.01.13-1+deb8u3.dsc d751a3a608e17b552c63d144c2856af5c23fbe31d340e71e589153e8204bb44e 595705 liblivemedia_2014.01.13.orig.tar.gz 802d9bf0d19d0575a6b22b767ff6c6b48fcb703ae23a3d0d5d548b3c9657e28e 12344 liblivemedia_2014.01.13-1+deb8u3.debian.tar.xz 01cb7008ccc699300b8afd21e1db6f0fda253fb38e79186ab638dc2746367b15 677864 liblivemedia-dev_2014.01.13-1+deb8u3_amd64.deb 7f9ecae302a9debfb701e756b448b236f0c0adc4e78809251e303542425f1083 21246 libbasicusageenvironment0_2014.01.13-1+deb8u3_amd64.deb 65884133bb936e00d15b4494d01bff8cb9146758fffcd26b163282877bb4728c 27206 libgroupsock1_2014.01.13-1+deb8u3_amd64.deb f4a83281e46e8751c7415a8229c1edbd1750bb51c0126797643716409bddd4ed 288054 liblivemedia23_2014.01.13-1+deb8u3_amd64.deb b2e0a34ef2f4304172f8308c1107789f13b8fcdf0c6053c782ea11eff002c129 11990 libusageenvironment1_2014.01.13-1+deb8u3_amd64.deb 630ec26c3fd2c9992be9020f2771b9e70b2f0ad05ba44f2263061ede25290cf3 60488 livemedia-utils_2014.01.13-1+deb8u3_amd64.deb Files: 8496712fcde64cb43ee06160ba16b73e 2139 libs optional liblivemedia_2014.01.13-1+deb8u3.dsc 6eb9942cc8df01d5cd2d7c23ea36bd40 595705 libs optional liblivemedia_2014.01.13.orig.tar.gz 643c941e521605be84733b1dd135c4cc 12344 libs optional liblivemedia_2014.01.13-1+deb8u3.debian.tar.xz ca2868798dce72b0d4239280e8f57d40 677864 libdevel optional liblivemedia-dev_2014.01.13-1+deb8u3_amd64.deb 52a38ac46dd7672b877f44e16985cbd9 21246 libs optional libbasicusageenvironment0_2014.01.13-1+deb8u3_amd64.deb 98e7fe3959452339cd2116cce2e18f7c 27206 libs optional libgroupsock1_2014.01.13-1+deb8u3_amd64.deb 9a149829b897d57acc4dd918a8f3ce00 288054 libs optional liblivemedia23_2014.01.13-1+deb8u3_amd64.deb 79fbac5f23840288fb40fa25d05bf0f8 11990 libs optional libusageenvironment1_2014.01.13-1+deb8u3_amd64.deb 7b4a94b84111e1c41f85de998690f5f0 60488 net optional livemedia-utils_2014.01.13-1+deb8u3_amd64.deb -BEGIN PGP SIGNATURE- iQEzBAEBCgAdFiEEUFZhdgIWqBhwqCvuZYVUZx9w0DQFAlyPyN0ACgkQZYVUZx9w 0DTmcQf+IaXFo5tpQ9+U0iwwvnjomVqkJ9O/xwyXbhUMtQ418zOV6zdz+ocsVv72 6CNhGc/vBTYZyIkosbc6BUQx7XIX2QH0DWO+UDHObPzcvRsXA72srLAU5BhRweXt itlo1mbiT60G4Rvz7mV6Kl6/kFHdXa6yZTUa95c9SEJCkb6704lFGsj65Y1E5D3v eMb5IBIqLBHiZRuyUQ8/C6do1yWNOZYY8xzGBZIW3lVfovr1I6+4QLT/VA7KLUp2 QShokPggN1j8NIPs6r/O+YF1DeM9aRAfKRWYi6fX4WpsVUQ7iBInF8LMj7xUTM2I 9/mDb2bTpjblavKeMJRxthQy6b7ENw== =R+pU -END PGP SIGNATURE-
Accepted qemu 1:2.1+dfsg-12+deb8u9 (source amd64) into oldstable
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Tue, 22 Jan 2019 18:10:07 +0100 Source: qemu Binary: qemu qemu-system qemu-system-common qemu-system-misc qemu-system-arm qemu-system-mips qemu-system-ppc qemu-system-sparc qemu-system-x86 qemu-user qemu-user-static qemu-user-binfmt qemu-utils qemu-guest-agent qemu-kvm Architecture: source amd64 Version: 1:2.1+dfsg-12+deb8u9 Distribution: jessie-security Urgency: high Maintainer: Debian QEMU Team Changed-By: Hugo Lefeuvre Description: qemu - fast processor emulator qemu-guest-agent - Guest-side qemu-system agent qemu-kvm - QEMU Full virtualization on x86 hardware qemu-system - QEMU full system emulation binaries qemu-system-arm - QEMU full system emulation binaries (arm) qemu-system-common - QEMU full system emulation binaries (common files) qemu-system-mips - QEMU full system emulation binaries (mips) qemu-system-misc - QEMU full system emulation binaries (miscelaneous) qemu-system-ppc - QEMU full system emulation binaries (ppc) qemu-system-sparc - QEMU full system emulation binaries (sparc) qemu-system-x86 - QEMU full system emulation binaries (x86) qemu-user - QEMU user mode emulation binaries qemu-user-binfmt - QEMU user mode binfmt registration for qemu-user qemu-user-static - QEMU user mode emulation binaries (static version) qemu-utils - QEMU utilities Closes: 911499 914599 914727 Changes: qemu (1:2.1+dfsg-12+deb8u9) jessie-security; urgency=high . * Non-maintainer upload by the LTS Team. * CVE-2018-19489: 9p: race condition while renaming files on a shared host directory (Closes: #914727). * CVE-2018-19364: 9p: race condition while modifying fid path (Closes: #914599). * CVE-2018-17958: rtl8139: potential oob access due to integer overflow (Closes: #911499). Checksums-Sha1: fb966dadc058cfaa0082dffbba50e8b896b40cdd 5189 qemu_2.1+dfsg-12+deb8u9.dsc d0c0314af2b710cf3dbd91522963cc0eefa51390 5163316 qemu_2.1+dfsg.orig.tar.xz c74e4c1deefa153396c123e909e0be7ce6890258 214012 qemu_2.1+dfsg-12+deb8u9.debian.tar.xz eb27a34ba356201f1151407113cdb27e46951ca3 126176 qemu_2.1+dfsg-12+deb8u9_amd64.deb e59a77af7ebad540f1eb57c638d3635bb156ac0a 55394 qemu-system_2.1+dfsg-12+deb8u9_amd64.deb 288842c6b61b2de49f470ca63af5fbbb1cef6500 285672 qemu-system-common_2.1+dfsg-12+deb8u9_amd64.deb 8abc4269443ec7cfce144af4da0435cd9cd22cca 5276886 qemu-system-misc_2.1+dfsg-12+deb8u9_amd64.deb 421943d06845d2496ec5561a3e85675bf67cf748 2237936 qemu-system-arm_2.1+dfsg-12+deb8u9_amd64.deb 86917c0e4482039185ef1ce3516af9cb499094eb 2788752 qemu-system-mips_2.1+dfsg-12+deb8u9_amd64.deb 8d04d55271f91e8d3fa8fdbe08ffd5294657af25 2758846 qemu-system-ppc_2.1+dfsg-12+deb8u9_amd64.deb 64cd8d62d738a4f7c543f604ae9a5199a385bc3f 1675076 qemu-system-sparc_2.1+dfsg-12+deb8u9_amd64.deb 74056f8139c886431606828771618fbb6611bf18 2056766 qemu-system-x86_2.1+dfsg-12+deb8u9_amd64.deb 3f6a0434a34ece1b08cd5eac8df641b0db09c919 5573470 qemu-user_2.1+dfsg-12+deb8u9_amd64.deb ae589e15d7e9b2e572e2bb0e7ce46971cf514613 8236436 qemu-user-static_2.1+dfsg-12+deb8u9_amd64.deb 870d5ab15ee0aed28c1f6f81fea77ea63004fae6 2934 qemu-user-binfmt_2.1+dfsg-12+deb8u9_amd64.deb 9942d79bc2fbddb17fe47609c9f40e560f097143 485040 qemu-utils_2.1+dfsg-12+deb8u9_amd64.deb 255bf67ceb3bef2c1888f8e005782468556d1a73 139748 qemu-guest-agent_2.1+dfsg-12+deb8u9_amd64.deb c71a1ade8e9eb66045c9315dfeea80b2285213b9 56032 qemu-kvm_2.1+dfsg-12+deb8u9_amd64.deb Checksums-Sha256: 080d93c5ecda84599c737ab94c389de5055843e060423bf76e2be1b68d1c2b5c 5189 qemu_2.1+dfsg-12+deb8u9.dsc 34b610c2538c7617638b8f1bdedf8a96ca2ff8cd8ad97b920a70c4d8d481d97f 5163316 qemu_2.1+dfsg.orig.tar.xz 301ad7ec338f6daa6364f85ed05389bf050a9b8deaffbecb3f16809b609868e3 214012 qemu_2.1+dfsg-12+deb8u9.debian.tar.xz e16d282d539b558452777479fd13d511b382d8ffcddd55efcad242e3579a15af 126176 qemu_2.1+dfsg-12+deb8u9_amd64.deb c00d21c614d571ebbc90865f6ce3f67ba3a19b298708c4c0d1832e4cd5ef8631 55394 qemu-system_2.1+dfsg-12+deb8u9_amd64.deb 56eb3d38c2a9f29ca4e7253dbbce7938722c4d09e1443466f54ab71e35ab0221 285672 qemu-system-common_2.1+dfsg-12+deb8u9_amd64.deb 3bd351382ddc821d54230739b8b9954f4076f881fee1411557be5672d8d0dff9 5276886 qemu-system-misc_2.1+dfsg-12+deb8u9_amd64.deb 6684db584898361687cfc7327e8bb41030653ebe6c2e608baf826f9cb1b996ec 2237936 qemu-system-arm_2.1+dfsg-12+deb8u9_amd64.deb d9ac93256135c2248dd24fcf2fd9f0f9042aaf947532f0a75b46f3b0b42abca7 2788752 qemu-system-mips_2.1+dfsg-12+deb8u9_amd64.deb e6e5fada081b50b4627bd8d59a524c6f7bb7aeedb166092706a925b743e54dcb 2758846 qemu-system-ppc_2.1+dfsg-12+deb8u9_amd64.deb 609f3564eb525204f7c84008070418fed0fac32b4fc2e118f77918835af0e568 1675076 qemu-system-sparc_2.1+dfsg-12+deb8u9_amd64.deb cd2f2d5dd8b7890acb717e60f9638106d63f77bc536b7cc0c90ddac1f8d42258 2056766 qemu-system-x86_2.1+dfsg-12+deb8u9_amd64.deb acda55276fcdfb6374673db33a79e884947a652b2f44eee2481ce75c34c331c5 5573470 qemu-user_2.1+dfsg-12+deb8u9_amd64.deb
Accepted tmpreaper 1.6.13+nmu1+deb8u1 (source amd64) into oldstable
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Wed, 23 Jan 2019 09:33:21 +0100 Source: tmpreaper Binary: tmpreaper Architecture: source amd64 Version: 1.6.13+nmu1+deb8u1 Distribution: jessie-security Urgency: high Maintainer: Paul Slootman Changed-By: Hugo Lefeuvre Description: tmpreaper - cleans up files in directories based on their age Changes: tmpreaper (1.6.13+nmu1+deb8u1) jessie-security; urgency=high . * Non-maintainer upload by the LTS Team. * CVE-2019-3461: There was a race condition when tmpreaper was testing for a (bind) mount, which was done via rename() which could potentially lead to a file being placed elsewhere on the filesystem hierarchy (e.g. /etc/cron.d/) if the directory being cleaned up was on the same physical filesystem. This has been fixed by using an alternative way of looking for bind mounts using code from mountpoint (from the util-linux package). Checksums-Sha1: dbcd708ca3cbc3344622b3a6ef1f259aad3c6388 1140 tmpreaper_1.6.13+nmu1+deb8u1.dsc c25a488afd2460b816b87b1cfd5ddc4f87dae0f1 160432 tmpreaper_1.6.13+nmu1+deb8u1.tar.gz 4372b274952d38eafb39157acf86735eb7bb2592 50546 tmpreaper_1.6.13+nmu1+deb8u1_amd64.deb Checksums-Sha256: 86b4af178757ad55b4648bd3f96724081120e0f0a1ef8ae45abc3dc07e653684 1140 tmpreaper_1.6.13+nmu1+deb8u1.dsc ad58d240757fb905af1344398307cc1df84d1be167b3ec7580cdec620e198c49 160432 tmpreaper_1.6.13+nmu1+deb8u1.tar.gz ef0e088ff07d49f787d15be362e0066cfb01f4089aca3178cd2487fa1cff0704 50546 tmpreaper_1.6.13+nmu1+deb8u1_amd64.deb Files: fe962d662e65b5ac165d056437e65510 1140 admin optional tmpreaper_1.6.13+nmu1+deb8u1.dsc 9cf8d01c23246dc5b277099cf28a4396 160432 admin optional tmpreaper_1.6.13+nmu1+deb8u1.tar.gz 8e8d859dfa88f8d65d8bbb3ac7fb1608 50546 admin optional tmpreaper_1.6.13+nmu1+deb8u1_amd64.deb -BEGIN PGP SIGNATURE- iQEzBAEBCgAdFiEEUFZhdgIWqBhwqCvuZYVUZx9w0DQFAlxJxjAACgkQZYVUZx9w 0DQMtwgAsS4cgQ5NmfAzcKCLD8TqQtnQw3raxLIFJn4i4Z0Fg/uDdtdLjmGjMiw9 XvWDI99u7tIZnJLF2qC5bo7IYX7gYJXfAQ0IMw10TLmbnnOJXPfLH5wU5sN29hRe JSIKzzVYisgx0Uh7dHRENEyjjARfCumD31INbw3du2zUkzz+lRtA2uoR+J8DXCFv 8jZj0IOwEkITbvO3GWbAYJVB48+AbFTVIo/Y90SmWiWj+qpxNdn/5TRiQgrK9uKP Cmz9wyBj7pI1XtY5KkvK8M9masOrQKhp0cTMTwLche/ekIHP4VZvbSXRucW51d7X nX9BMlzC2RKLNrp7uORPVC6lej0RtQ== =0B8Y -END PGP SIGNATURE-
Accepted wireshark 1.12.1+g01b65bf-4+deb8u19 (source amd64 all) into oldstable
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Tue, 21 May 2019 08:10:00 +0200 Source: wireshark Binary: wireshark-common wireshark wireshark-qt tshark wireshark-dev wireshark-dbg wireshark-doc libwireshark5 libwsutil4 libwsutil-dev libwireshark-data libwireshark-dev libwiretap4 libwiretap-dev Architecture: source amd64 all Version: 1.12.1+g01b65bf-4+deb8u19 Distribution: jessie-security Urgency: medium Maintainer: Balint Reczey Changed-By: Hugo Lefeuvre Description: libwireshark-data - network packet dissection library -- data files libwireshark-dev - network packet dissection library -- development files libwireshark5 - network packet dissection library -- shared library libwiretap-dev - network packet capture library -- development files libwiretap4 - network packet capture library -- shared library libwsutil-dev - network packet dissection utilities library -- shared library libwsutil4 - network packet dissection utilities library -- shared library tshark - network traffic analyzer - console version wireshark - network traffic analyzer - GTK+ version wireshark-common - network traffic analyzer - common files wireshark-dbg - network traffic analyzer - debug symbols wireshark-dev - network traffic analyzer - development tools wireshark-doc - network traffic analyzer - documentation wireshark-qt - network traffic analyzer - Qt version Closes: 926718 Changes: wireshark (1.12.1+g01b65bf-4+deb8u19) jessie-security; urgency=medium . * Non-maintainer upload by the LTS Security Team. * CVE-2019-10895: out-of-bounds reads in NetScaler trace handling (wiretap/netscaler.c) (Closes: #926718). * CVE-2019-10894: assertion failure in epan/packet.c (Closes: #926718). * CVE-2019-10899: heap based buffer under-read, causing DoS of SRVLOC dissector (Closes: #926718). * CVE-2019-10901: NULL pointer dereference causing DoS of LDSS dissector. * CVE-2019-10903: Crafted packet leading to DoS of DCERPC SPOOLSS dissector because of missing boundary checks. Checksums-Sha1: beee5a552af8785d478357d4b6f4448102f30ea8 3001 wireshark_1.12.1+g01b65bf-4+deb8u19.dsc 407f0a5f28c4ea34b0ea2b5a43e1da7632e357a9 25091052 wireshark_1.12.1+g01b65bf.orig.tar.xz 465428fee29dd56e2aa2499a6cdbf6310f05da5f 206668 wireshark_1.12.1+g01b65bf-4+deb8u19.debian.tar.xz 34cb2b65b4e479c2676c0191dc55347d35b0afac 183306 wireshark-common_1.12.1+g01b65bf-4+deb8u19_amd64.deb 022eb1e1d8fd29c00c9df8975df6b2049ca5657b 791256 wireshark_1.12.1+g01b65bf-4+deb8u19_amd64.deb f45051b702f582ac6826d8b67fd509b931ab2dad 1068192 wireshark-qt_1.12.1+g01b65bf-4+deb8u19_amd64.deb 2dc42129792537c934f13c405bf0582829581c7d 164078 tshark_1.12.1+g01b65bf-4+deb8u19_amd64.deb 59047740c69cdfbab4ef7d7cdd3d896d9d7f306d 147190 wireshark-dev_1.12.1+g01b65bf-4+deb8u19_amd64.deb e780e8e500fd24929e30698b6dfd1d3bfc2a8c8e 38789500 wireshark-dbg_1.12.1+g01b65bf-4+deb8u19_amd64.deb 713d7e928478bc3ed983e46fbafed6dec9838a36 3871344 wireshark-doc_1.12.1+g01b65bf-4+deb8u19_all.deb 9a85f1069babb111fdb4d530b671382fddde311d 11271642 libwireshark5_1.12.1+g01b65bf-4+deb8u19_amd64.deb 56581810a690af8db801cce80c2a9ed01ba393f2 97172 libwsutil4_1.12.1+g01b65bf-4+deb8u19_amd64.deb e3f84e002e058dc22e72ae42dea4285ef5934291 74002 libwsutil-dev_1.12.1+g01b65bf-4+deb8u19_amd64.deb 9f9cfb17f0590c5b321f2bbba5e4e1a920a36b0c 839342 libwireshark-data_1.12.1+g01b65bf-4+deb8u19_all.deb 0be87d1734674c241fa7ef51eaf1ad02ac6c8756 769762 libwireshark-dev_1.12.1+g01b65bf-4+deb8u19_amd64.deb 62611df7b433f5df04c192effbb2ec1be6b2f332 189974 libwiretap4_1.12.1+g01b65bf-4+deb8u19_amd64.deb 1fb5a30ef09c6adb229f980370bcb086af92e473 81004 libwiretap-dev_1.12.1+g01b65bf-4+deb8u19_amd64.deb Checksums-Sha256: 1fa97a8860f963014192b412440f8a0f18928b65846daeaefaa2df09c47f9c79 3001 wireshark_1.12.1+g01b65bf-4+deb8u19.dsc 5244081064ba37780804983724e09263440866587f33f2a525a684b6d393d4cf 25091052 wireshark_1.12.1+g01b65bf.orig.tar.xz 0bf1b5e2ba329dfe8f2dd21ff18142208d04a80777f3145490d15197de1f7086 206668 wireshark_1.12.1+g01b65bf-4+deb8u19.debian.tar.xz a3d6a521d5f8329f4ab98b5a01dcd8a63e46f086c7ec5a481d87e680e9d3e701 183306 wireshark-common_1.12.1+g01b65bf-4+deb8u19_amd64.deb 99d67f529b3e152c0c515661986afcb044272af7c2b50dbe6a89c2ecdfdd19f2 791256 wireshark_1.12.1+g01b65bf-4+deb8u19_amd64.deb 8ef3f27f5973b6a49ddc9bd1c48da85624121d2912efccf17f2e8cc763377301 1068192 wireshark-qt_1.12.1+g01b65bf-4+deb8u19_amd64.deb a7ad4ad794dad9832d9d707bae0b0cc977876a8942cf4064e21f13827921115c 164078 tshark_1.12.1+g01b65bf-4+deb8u19_amd64.deb 9fa18510b6600fa25c75956b8d48d4c1d00e477997ca6683987601d00d1054cc 147190 wireshark-dev_1.12.1+g01b65bf-4+deb8u19_amd64.deb 357c114a69410dcbf3e59d6dca75d912b117fc61fa934aa8759785723ab935f5 38789500 wireshark-dbg_1.12.1+g01b65bf-4+deb8u19_amd64.deb b21fa3efb802d2cb4f10c2ba1f5c18f70369ae8619f13e6ddf6c39ee9324cc20 3871344 wireshark-doc_1.12.1+g01b65bf-4+deb8u19_all.deb
Accepted faad2 2.7-8+deb8u2 (source amd64) into oldstable
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Sun, 19 May 2019 11:17:06 +0200 Source: faad2 Binary: libfaad-dev libfaad2 faad2-dbg faad Architecture: source amd64 Version: 2.7-8+deb8u2 Distribution: jessie-security Urgency: medium Maintainer: Debian Multimedia Maintainers Changed-By: Hugo Lefeuvre Description: faad - freeware Advanced Audio Decoder player faad2-dbg - freeware Advanced Audio Decoder - debugging symbols libfaad-dev - freeware Advanced Audio Decoder - development files libfaad2 - freeware Advanced Audio Decoder - runtime files Changes: faad2 (2.7-8+deb8u2) jessie-security; urgency=medium . * Non-maintainer upload by the LTS Security Team. * CVE-2018-20198, CVE-2018-20362: implicit channel mapping reconfiguration is not properly handled, leading to heap based buffer overflow issues when processing crafted AAC files. * CVE-2018-20197, CVE-2018-20194: insufficient user input validation in sbr_hfadj module leads to stack-based buffer underflow issues when processing crafted AAC files. Checksums-Sha1: 8f5ad25f372c1430cc4b3c329ce7f42b265cb47a 1871 faad2_2.7-8+deb8u2.dsc 22118978d00988b6cc6898e7dc7f7849711016e9 1124523 faad2_2.7.orig.tar.gz 92b163a8d341f6c99a08fd17b8e5663452248b55 21556 faad2_2.7-8+deb8u2.debian.tar.xz 0e29b95914446ac4701b40e69adf88e25b00a064 159096 libfaad-dev_2.7-8+deb8u2_amd64.deb 78d1bc65ee689831a11e5fdf8d106628b4ad1c19 146592 libfaad2_2.7-8+deb8u2_amd64.deb 714d628e2a54bd25c977d9bb8135f0de37494863 274392 faad2-dbg_2.7-8+deb8u2_amd64.deb dac37839bbcc13a52f664ef485c22cd978961933 36918 faad_2.7-8+deb8u2_amd64.deb Checksums-Sha256: 0a2836daf966d6b2764366cd11c6b79f7af4b7b922c24065a61119d946524908 1871 faad2_2.7-8+deb8u2.dsc 9d5e35f104c531ef3ff7f4a514578bdfaff3df99ee35b121b0a859295270 1124523 faad2_2.7.orig.tar.gz 16525b71bf5d2c1343364a4823fdcb71d8c15976afe059d6974d8b9bfabfe1f5 21556 faad2_2.7-8+deb8u2.debian.tar.xz b0089b744ec0c037f0dabe6c4e4650ea5583165dceecc8e585defdf371d35609 159096 libfaad-dev_2.7-8+deb8u2_amd64.deb 5fd6ae88046d21b9bebcdd6849394d48f187f317ebbecd89c20373b08431d1da 146592 libfaad2_2.7-8+deb8u2_amd64.deb da6c4f068a31086f61b8142b9c754b63c6d67e77f0af84218cf82d3b0b7b2dfd 274392 faad2-dbg_2.7-8+deb8u2_amd64.deb b9eb6f00c9b61f690e93bb81da5ace8a17381eaa545476567725bed95f2ef73b 36918 faad_2.7-8+deb8u2_amd64.deb Files: e1525467d3f4dc69c54cd9b63c452875 1871 libs optional faad2_2.7-8+deb8u2.dsc 1572090beee91d91efd088394da68214 1124523 libs optional faad2_2.7.orig.tar.gz 8d77b7d9e5a6a17b1afd952c2ab9f3e5 21556 libs optional faad2_2.7-8+deb8u2.debian.tar.xz e446fad52cc7a2ccab3d57f8d8d545f7 159096 libdevel optional libfaad-dev_2.7-8+deb8u2_amd64.deb 61698d193668005ecc6104c5e9beab4b 146592 libs optional libfaad2_2.7-8+deb8u2_amd64.deb 6cf5def7f4fae1fe201034f081ba9358 274392 debug extra faad2-dbg_2.7-8+deb8u2_amd64.deb 44206802c7ec699bf0b73aaf7b2709c9 36918 sound optional faad_2.7-8+deb8u2_amd64.deb -BEGIN PGP SIGNATURE- iQEzBAEBCgAdFiEEUFZhdgIWqBhwqCvuZYVUZx9w0DQFAlzhR+IACgkQZYVUZx9w 0DQycwf/Z9tuXEW2obgPw3VsYHoU5VWX5dOCOVItw6AIIhH/V7VSNmy4MsA/Flb+ 5BO9+GdL+OCKHJADelK1z5alpYtaW6Hh+V/wCxK3QKeixe4Jtku/1C6y3QrsX+xG CMmLCz60LVVb2kiw/wxM1GymkWOq2YsAL18rMaxPGXOY08A9zau7tPv1yOop3THG Fk8A2lukzp3z0vVR6IUKZEO7GQ/fjawSviN/I5sjkepGT/qYB66g6DidD6IdAdLf xC4MIEy0kL2WDFtEgQiE/LNhdOYuBaOc79ErmYZJJM+kODM7iMGH9ocsxqRSoQIF ftrfFPgQ47ue06xKymO9vTre5ybLGQ== =vfQf -END PGP SIGNATURE-
Accepted graphicsmagick 1.3.20-3+deb8u7 (source amd64 all) into oldstable
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Sun, 19 May 2019 08:01:07 +0200 Source: graphicsmagick Binary: graphicsmagick libgraphicsmagick3 libgraphicsmagick1-dev libgraphicsmagick++3 libgraphicsmagick++1-dev libgraphics-magick-perl graphicsmagick-imagemagick-compat graphicsmagick-libmagick-dev-compat graphicsmagick-dbg Architecture: source amd64 all Version: 1.3.20-3+deb8u7 Distribution: jessie-security Urgency: medium Maintainer: Laszlo Boszormenyi (GCS) Changed-By: Hugo Lefeuvre Description: graphicsmagick - collection of image processing tools graphicsmagick-dbg - format-independent image processing - debugging symbols graphicsmagick-imagemagick-compat - image processing tools providing ImageMagick interface graphicsmagick-libmagick-dev-compat - image processing libraries providing ImageMagick interface libgraphics-magick-perl - format-independent image processing - perl interface libgraphicsmagick++1-dev - format-independent image processing - C++ development files libgraphicsmagick++3 - format-independent image processing - C++ shared library libgraphicsmagick1-dev - format-independent image processing - C development files libgraphicsmagick3 - format-independent image processing - C shared library Changes: graphicsmagick (1.3.20-3+deb8u7) jessie-security; urgency=medium . * Non-maintainer upload by the LTS Security Team. * CVE-2019-11506: missing error handling primitives causes heap-based buffer overflow in WriteMATLABImage (coders/mat.c) when processing crafted Matlab matrix data. * CVE-2019-11505: heap-based buffer overflow in WritePDBImage (coders/pdb.c) when processing crafted PDB images. * CVE-2019-11474: floating-point exception in coders/xwd.c when processing crafted XWD images. * CVE-2019-11473: out-of-bounds read in coders/xwd.c when processing crafted XWD images. * Fix GCC warnings introduced in CVE-2017-10799.patch and CVE-2019-11009.patch (previous upload). Checksums-Sha1: acb4fedf2c97b819e7f979ff760f589d693fa008 2489 graphicsmagick_1.3.20-3+deb8u7.dsc 73042eee48e17d074f68f6f70fc81b221481255a 5206616 graphicsmagick_1.3.20.orig.tar.xz baa53df5e7e78305b970d06642903b78ad9f72c6 217924 graphicsmagick_1.3.20-3+deb8u7.debian.tar.xz e386525cc2d84e464c14ce57e3bb078508a9913f 796812 graphicsmagick_1.3.20-3+deb8u7_amd64.deb eeff8d325341a308a8abdc9beeff5a9ce9b711dd 1107448 libgraphicsmagick3_1.3.20-3+deb8u7_amd64.deb aace3f998800275496d9ce03e2526a47533d6176 1293268 libgraphicsmagick1-dev_1.3.20-3+deb8u7_amd64.deb acaa7cea9c59b4c543db25fac776edef25e37486 120200 libgraphicsmagick++3_1.3.20-3+deb8u7_amd64.deb 2f52e0ecc8afeab22aa16541bdce2ce9148baeeb 301176 libgraphicsmagick++1-dev_1.3.20-3+deb8u7_amd64.deb 6a6fb988e787e05fc762f3d3cb3362c82926ef56 77794 libgraphics-magick-perl_1.3.20-3+deb8u7_amd64.deb 8136218704c57d03372d770858a72ae1ff7a22ba 2224868 graphicsmagick-dbg_1.3.20-3+deb8u7_amd64.deb 1cdb7f8a94c5acad9d57977ad7504191368da60e 29854 graphicsmagick-imagemagick-compat_1.3.20-3+deb8u7_all.deb 1e5b2a31b47b40d5477dfbb7650920ed2ca8a2b7 33260 graphicsmagick-libmagick-dev-compat_1.3.20-3+deb8u7_all.deb Checksums-Sha256: 41224f6bc6fdf2f94b0597b0002274c2aea4d4b96c08106aee56964259d4db6b 2489 graphicsmagick_1.3.20-3+deb8u7.dsc 35fa21da4c1479e08da8351c5b1e363adaca803a0064cfc83084363adce387c9 5206616 graphicsmagick_1.3.20.orig.tar.xz 7b004cc5f2ba0d78ca95170c2beaafbdb74729b44302045775c4a8c8f7091e33 217924 graphicsmagick_1.3.20-3+deb8u7.debian.tar.xz d0ee2db79ecd21a0209ccdb9512cf6d156166f2dbaad51046f2e178d49a5c9fe 796812 graphicsmagick_1.3.20-3+deb8u7_amd64.deb 45bbaf27c6d934150653e0a3fb25a3a84ad3e49c591f43e6831a8ac63cbc4991 1107448 libgraphicsmagick3_1.3.20-3+deb8u7_amd64.deb 933e8a542569ab2d959f3310edc9bb2a17f698ae2f89ea351efa6eea9fb380d6 1293268 libgraphicsmagick1-dev_1.3.20-3+deb8u7_amd64.deb de5775238c3237d3d213796d71b4c6c385251b9c06f8d3bad4c072809d9b6757 120200 libgraphicsmagick++3_1.3.20-3+deb8u7_amd64.deb 5b0f996a32fc2109d515d2cebf7fe9e63bc0f9ac385179eb639e0f8fe268fdb7 301176 libgraphicsmagick++1-dev_1.3.20-3+deb8u7_amd64.deb a54e7f29bdb1304b18207a64c21bf82271831368084ea904c9723f6134e93589 77794 libgraphics-magick-perl_1.3.20-3+deb8u7_amd64.deb c36b307f6436591ab00e91e291c8c739c8697dbd14111e678a3ba06e2a892a7c 2224868 graphicsmagick-dbg_1.3.20-3+deb8u7_amd64.deb 45461f62d52ac6f39b1b3695696aaba3d1e75923248fcf9735b63a6898631f37 29854 graphicsmagick-imagemagick-compat_1.3.20-3+deb8u7_all.deb 240c08e7cd07c57a9f62de4dc373b5fa3f64ce9acb327492a034b558d53fbed0 33260 graphicsmagick-libmagick-dev-compat_1.3.20-3+deb8u7_all.deb Files: a042fe17f2ec44202b97a8ea3fe3031c 2489 graphics optional graphicsmagick_1.3.20-3+deb8u7.dsc 5bb456e3466026ada6f12cc53c9776dc 5206616 graphics optional graphicsmagick_1.3.20.orig.tar.xz b7afe36bdfa1fa1a5cd3bc83c6a15f05 217924 graphics optional graphicsmagick_1.3.20-3+deb8u7.debian.tar.xz 213732a9b2ba713ec6df7077ca5c5881 796812 graphics
Accepted imagemagick 8:6.8.9.9-5+deb8u17 (source all amd64) into oldoldstable
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Tue, 13 Aug 2019 10:20:30 +0200 Source: imagemagick Binary: imagemagick-common imagemagick-doc libmagickcore-6-headers libmagickwand-6-headers libmagick++-6-headers imagemagick libimage-magick-perl libmagickcore-6-arch-config imagemagick-6.q16 libmagickcore-6.q16-2 libmagickcore-6.q16-2-extra libmagickcore-6.q16-dev libmagickwand-6.q16-2 libmagickwand-6.q16-dev libmagick++-6.q16-5 libmagick++-6.q16-dev imagemagick-dbg libimage-magick-q16-perl perlmagick libmagickcore-dev libmagickwand-dev libmagick++-dev Architecture: source all amd64 Version: 8:6.8.9.9-5+deb8u17 Distribution: jessie-security Urgency: medium Maintainer: ImageMagick Packaging Team Changed-By: Hugo Lefeuvre Description: imagemagick - image manipulation programs -- binaries imagemagick-6.q16 - image manipulation programs -- quantum depth Q16 imagemagick-common - image manipulation programs -- infrastructure imagemagick-dbg - debugging symbols for ImageMagick imagemagick-doc - document files of ImageMagick libimage-magick-perl - Perl interface to the ImageMagick graphics routines libimage-magick-q16-perl - Perl interface to the ImageMagick graphics routines -- Q16 versio libmagick++-6-headers - object-oriented C++ interface to ImageMagick - header files libmagick++-6.q16-5 - object-oriented C++ interface to ImageMagick libmagick++-6.q16-dev - object-oriented C++ interface to ImageMagick - development files libmagick++-dev - object-oriented C++ interface to ImageMagick libmagickcore-6-arch-config - low-level image manipulation library - architecture header files libmagickcore-6-headers - low-level image manipulation library - header files libmagickcore-6.q16-2 - low-level image manipulation library -- quantum depth Q16 libmagickcore-6.q16-2-extra - low-level image manipulation library - extra codecs (Q16) libmagickcore-6.q16-dev - low-level image manipulation library - development files (Q16) libmagickcore-dev - low-level image manipulation library -- transition package libmagickwand-6-headers - image manipulation library - headers files libmagickwand-6.q16-2 - image manipulation library libmagickwand-6.q16-dev - image manipulation library - development files libmagickwand-dev - image manipulation library - transition for development files perlmagick - Perl interface to ImageMagick -- transition package Closes: 931196 931449 931452 931453 931455 931457 932079 Changes: imagemagick (8:6.8.9.9-5+deb8u17) jessie-security; urgency=medium . * Non-maintainer upload by the LTS Security Team. * CVE-2019-13304, CVE-2019-13305, CVE-2019-13306: multiple stack-based buffer overflows up to 10 bytes in WritePNMImage (coders/pnm.c) (Closes: #931449), (Closes: #931453), (Closes: #931452). * CVE-2019-12974: NULL pointer dereference in ReadPANGOImage and ReadVIDImage (coders/pango.c and coders/vid.c) (Closes: #931196). * CVE-2019-13135: use of uninitialized value in ReadCUTImage (coders/cut.c) (Closes: #932079). * CVE-2019-13295, CVE-2019-13297: heap-based buffer over-reads in AdaptiveThresholdImage (magick/threshold.c) (Closes: #931457), (Closes: #931455). Checksums-Sha1: 227bf31b669133618dc506e2912161afa203fc85 4054 imagemagick_6.8.9.9-5+deb8u17.dsc 63959378d7e588539d59513d08b8f85fd3a74610 312272 imagemagick_6.8.9.9-5+deb8u17.debian.tar.xz 5bad034d670dd9b1b7d8428d43e11e7d76633f85 155356 imagemagick-common_6.8.9.9-5+deb8u17_all.deb fb56cd10f49cb47a59872d212380c72bc62ef399 7639104 imagemagick-doc_6.8.9.9-5+deb8u17_all.deb 46a8ec04e5c657c546d749d25674dfe474415348 173106 libmagickcore-6-headers_6.8.9.9-5+deb8u17_all.deb a21607859ea3d69eff12a0bd166282b18de335a4 136138 libmagickwand-6-headers_6.8.9.9-5+deb8u17_all.deb 1839b8afa056c1f86aae69e85a71099e0906a160 171546 libmagick++-6-headers_6.8.9.9-5+deb8u17_all.deb 278fef21d4e8715b7cfa9866d42f6234253b8473 161594 imagemagick_6.8.9.9-5+deb8u17_amd64.deb f7acee4ffcaff973505a75665dc43a80bdd64137 180256 libimage-magick-perl_6.8.9.9-5+deb8u17_all.deb fff2137cdb84dc5d49cfd34e0c684f5ae0871015 134914 libmagickcore-6-arch-config_6.8.9.9-5+deb8u17_amd64.deb 12aa1cb2dd166f412cdf348cfbae193da171159d 515178 imagemagick-6.q16_6.8.9.9-5+deb8u17_amd64.deb 9aa3f6685d3a9fff20e12dcc5535bf48bf00be11 1693532 libmagickcore-6.q16-2_6.8.9.9-5+deb8u17_amd64.deb 5b1a6c85463f511b9c943fce8d128443e4f229d4 175390 libmagickcore-6.q16-2-extra_6.8.9.9-5+deb8u17_amd64.deb 3cd72d56c247f67edb12e7a3b4124b00c9e44350 1033098 libmagickcore-6.q16-dev_6.8.9.9-5+deb8u17_amd64.deb b755620155806f10a9ad2befda6a9ba1e98803d4 408980 libmagickwand-6.q16-2_6.8.9.9-5+deb8u17_amd64.deb 54437a7d5d1e6c8353cbd5a7f07f2a17e4fb7f74 397120 libmagickwand-6.q16-dev_6.8.9.9-5+deb8u17_amd64.deb 8e507e22e5f68889fe9aa819fd557aad7cd73903 258620 libmagick++-6.q16-5_6.8.9.9-5+deb8u17_amd64.deb 4fb99320b407277570e11b8d00c5e8383a323660 226726 libmagick++-6.q16-dev_6.8.9.9-5+deb8u17_amd64.deb
Accepted faad2 2.7-8+deb8u3 (source amd64) into oldoldstable
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Mon, 26 Aug 2019 09:01:01 -0400 Source: faad2 Binary: libfaad-dev libfaad2 faad2-dbg faad Architecture: source amd64 Version: 2.7-8+deb8u3 Distribution: jessie-security Urgency: medium Maintainer: Debian Multimedia Maintainers Changed-By: Hugo Lefeuvre Description: faad - freeware Advanced Audio Decoder player faad2-dbg - freeware Advanced Audio Decoder - debugging symbols libfaad-dev - freeware Advanced Audio Decoder - development files libfaad2 - freeware Advanced Audio Decoder - runtime files Closes: 914641 Changes: faad2 (2.7-8+deb8u3) jessie-security; urgency=medium . * Non-maintainer upload by the LTS Security Team. * CVE-2019-6956: Buffer over read in the function ps_mix_phase() (libfaad/ps_dec.c). * CVE-2018-19502: Heap buffer overflow in the function excluded_channels() (libfaad/syntax.c) (Closes: #914641). * CVE-2018-20196: Stack buffer overflow in the function calculate_gain (libfaad/sbr_hfadj.c). * CVE-2018-20199, CVE-2018-20360: NULL pointer dereference in the function ifilter_bank (libfaad/filtbank.c). * CVE-2019-15296: Buffer overflow in the function faad_resetbits() (libfaad/bits.c). Checksums-Sha1: a177bb049a6d076866a6aad7dffd3022be785f9c 2066 faad2_2.7-8+deb8u3.dsc f07f93911b65ccc665a11af98ee2d13b2842f224 23680 faad2_2.7-8+deb8u3.debian.tar.xz 29e3e3fb0447eebc086068133599c0ab4ba52529 159568 libfaad-dev_2.7-8+deb8u3_amd64.deb d5e9a447d90c512dab9186e40399b72325985b5a 147164 libfaad2_2.7-8+deb8u3_amd64.deb 37657da3c7041b31be0c38a19da80235ace477b0 274982 faad2-dbg_2.7-8+deb8u3_amd64.deb b4026279de78b86f8f3b5639570e692186221665 37038 faad_2.7-8+deb8u3_amd64.deb Checksums-Sha256: a84b321c5547f404badc79707c5401fba19a31981f0fe8d4dc80b7e7f165030e 2066 faad2_2.7-8+deb8u3.dsc 4ffc7d885c2ce7575ae05ec9c0f998d2fd4f659382a36db2d8e63f05c7438dfb 23680 faad2_2.7-8+deb8u3.debian.tar.xz f992d762e8610d9a043bc1ddab800720729becac389c84daae72aeab5966f3ac 159568 libfaad-dev_2.7-8+deb8u3_amd64.deb b96bbde9df6acc08f9deec30c64b9cd2bfd6cc0fd84d1cbdb8b3fcf35a2159e6 147164 libfaad2_2.7-8+deb8u3_amd64.deb 3bc121adc002860f229a7433614e9cc7b20afa5023f0b2abd166c16a6d5995bb 274982 faad2-dbg_2.7-8+deb8u3_amd64.deb a0422f71088179754a64989144982b20e177beda6ce19906fc3b9ba684799596 37038 faad_2.7-8+deb8u3_amd64.deb Files: 10abfc40fcfd1d526ad7b4269c3579c8 2066 libs optional faad2_2.7-8+deb8u3.dsc 744da67fd3111c4cfe115e6a0f1d45e6 23680 libs optional faad2_2.7-8+deb8u3.debian.tar.xz c668663c6d5d75ee6ba45d9de70420fc 159568 libdevel optional libfaad-dev_2.7-8+deb8u3_amd64.deb 0bf8dd590de8bb1d40192224c8ada78e 147164 libs optional libfaad2_2.7-8+deb8u3_amd64.deb a9274d294d9c41e5d085227e2825bbd1 274982 debug extra faad2-dbg_2.7-8+deb8u3_amd64.deb 26fe3a07d4e0ddad00c86bc3fcfc9d88 37038 sound optional faad_2.7-8+deb8u3_amd64.deb -BEGIN PGP SIGNATURE- iQHDBAEBCgAtFiEEeDb9QWtkMa2LX4zREeMFjl5EGkIFAl1mptsPHGhsZUBkZWJp YW4ub3JnAAoJEBHjBY5eRBpCM4YL/2j7+LKNuDgrbPtGftN2TryUSxbPtbyLsy8+ FRy4lVeRkbawhE2+KqLcX/+1Ckz09R4w2xC8VqTHlJ35qPFCGX4+E0zmdVjhd9Yn AXQKK4ascwh033kQHny602ccx9+5BSVjbW8rq9E8ehF6HzmwnWdlJSKG1zZGOIdr uGlQHpM1Fh7zxAepau3uJ0svE50NN0MQdJ8rR63cfNLsuFb3Lt+DoDN9KKHmiGFY ywwTG908jpLkFWkH1lbeY6EZlU12L5zlYhuqOwe9ij4BVt8KIay5F3HIsYERQN3k TxxHuQK5+wCz8Z54enSX3wvBIlEpPW9FuDOwbINn8/MIyrcj1J9ciwgQ14WU8U6u KeL3O5WT2rhHduW/O1xvpFtYVBYSkdK09vvqDr0NzJWR4GIMwVD2h0dNDMoPbpFK EcVjTx2r37AIQOBYaC3wUgX1+ZZ5hDqZ908wpArCOkNbYcB44qUP8jPf7F+AR7fS Fu61U6YK2ObRyo2yhKdkRXSiG9eXVQ== =Dwgm -END PGP SIGNATURE-
Accepted xymon 4.3.17-6+deb8u2 (source amd64) into oldoldstable
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Sun, 25 Aug 2019 09:18:13 -0400 Source: xymon Binary: xymon xymon-client Architecture: source amd64 Version: 4.3.17-6+deb8u2 Distribution: jessie-security Urgency: medium Maintainer: Christoph Berg Changed-By: Hugo Lefeuvre Description: xymon - monitoring system for systems, networks and applications xymon-client - client for the Xymon network monitor Closes: 935470 Changes: xymon (4.3.17-6+deb8u2) jessie-security; urgency=medium . * Non-maintainer upload by the LTS Security Team. * This update is based on Axel Beckert's 4.3.28-2+deb9u1 update. Thanks! * Apply minimal upstream security patch to fix several (server-only) vulnerabilities reported upstream by Graham Rymer: + CVE-2019-13451: service overflows histlogfn in history.c. + CVE-2019-13452: service overflows histlogfn in reportlog.c. + CVE-2019-13273: srdb overflows dbfn in csvinfo.c. + CVE-2019-13274: reflected XSS in csvinfo.c. + CVE-2019-13455: htmlquoted(hostname) overflows msgline in acknowledge.c. + CVE-2019-13484: htmlquoted(xymondreq) overflows errtxt appfeed.c. + CVE-2019-13485: hostname overflows selfurl in history.c. + CVE-2019-13486: htmlquoted(xymondreq) overflows errtxt in svcstatus.c. + Closes: #935470 * Include hostname validation regression fixes from 4.3.30, too. Checksums-Sha1: 881906ad9b7a0d1d564370be299ac9eb1bea4032 1962 xymon_4.3.17-6+deb8u2.dsc f37ab24205c4762d552d889ae761aaca5d76c468 106412 xymon_4.3.17-6+deb8u2.debian.tar.xz bc57a3d70cd7d1fa3112778599fdd829b1c27c5c 2268674 xymon_4.3.17-6+deb8u2_amd64.deb 6a90ebe8f6494066a758aeaba5fc4d7a83ae7cc8 249730 xymon-client_4.3.17-6+deb8u2_amd64.deb Checksums-Sha256: d807facbbf13a0304d373876cdbc4c410bcec0c5d8cc0d0f549d0a4058bc91e2 1962 xymon_4.3.17-6+deb8u2.dsc 1ec657169f8dab1be010a0e40407defa7ef43f19f001353db825dd2c28fc36ed 106412 xymon_4.3.17-6+deb8u2.debian.tar.xz 0c7de7d91fea10f46e3606c7f12066802145a92ab9ebacef8ed01c65b8f15f08 2268674 xymon_4.3.17-6+deb8u2_amd64.deb 2aaba233ce61e6b256f03df0e24bde768fa9d253f2df1d6ab53ba8201d95ceac 249730 xymon-client_4.3.17-6+deb8u2_amd64.deb Files: 08342c2a9478d20cd1469ccb80d205e7 1962 net extra xymon_4.3.17-6+deb8u2.dsc 04b029039a7b04b08cb3c5769093edab 106412 net extra xymon_4.3.17-6+deb8u2.debian.tar.xz 9b118eb9fb5c510e89098cec1ca1850a 2268674 net extra xymon_4.3.17-6+deb8u2_amd64.deb 21caed032f7cc2086cfb6badc6b0a992 249730 net extra xymon-client_4.3.17-6+deb8u2_amd64.deb -BEGIN PGP SIGNATURE- iQHDBAEBCgAtFiEEeDb9QWtkMa2LX4zREeMFjl5EGkIFAl1jLJMPHGhsZUBkZWJp YW4ub3JnAAoJEBHjBY5eRBpCgkcL/1xdN2+PCqiNQLiXkAzN8x5ARoSa81l5zo1b owEIYKpJtHAmT+lwM0xhU2ydfAmXb98ACf4ifpAo7CZoYYKIRIu+Xbwik/6XCbrm XMCUYhxzM+qfxcDvvc5xa0LBhsrXWca+FFZznBwITQtf48svxGEhyfi5RykSHhhK +pgN3MnIZRGZ+/bXgphabQjpHTOpYs4cXtO2syTyH0sWFhnnGhCwLF+JgYuvb48T 8q6d+uKtnv47l7qYrA+I9zcz7ou9L8PeWvRUx800tYFwIbMg2PzgU1+gjdzp3Svi gev1owugFGMBIoSOu/iBCoHvWTQx2SDpnaRJPdVuVaxXo06SFqhJKIsjSVJyETan ddJnb6a/zOythwaaPbDwVQawcIe5HRSGbe+D2416zj7hGaewB/F/CxoUumbWhEzQ KSKHiyamIJfgBn5hAAUkuHOYNKsHSGd3oUrO6cpeqMa+7m8khAqWG+VlxiTJLSVo BCHOcP3gEK9EeHi+e7tcVBwodIu2dw== =RGJY -END PGP SIGNATURE-
Accepted sdl-image1.2 1.2.12-5+deb8u2 (source amd64) into oldoldstable
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Tue, 23 Jul 2019 11:25:46 -0300 Source: sdl-image1.2 Binary: libsdl-image1.2 libsdl-image1.2-dbg libsdl-image1.2-dev Architecture: source amd64 Version: 1.2.12-5+deb8u2 Distribution: jessie-security Urgency: high Maintainer: Debian SDL packages maintainers Changed-By: Hugo Lefeuvre Description: libsdl-image1.2 - Image loading library for Simple DirectMedia Layer 1.2, libraries libsdl-image1.2-dbg - Image loading library for Simple DirectMedia Layer 1.2, debugging libsdl-image1.2-dev - Image loading library for Simple DirectMedia Layer 1.2, developme Changes: sdl-image1.2 (1.2.12-5+deb8u2) jessie-security; urgency=high . * Non-maintainer upload by the LTS Security Team. * CVE-2018-3977: buffer overflow in do_layer_surface (IMG_xcf.c). * CVE-2019-5052: integer overflow and subsequent buffer overflow in IMG_pcx.c. * CVE-2019-7635: heap buffer overflow in Blit1to4 (IMG_bmp.c). * CVE-2019-12216, CVE-2019-12217, CVE-2019-12218, CVE-2019-12219, CVE-2019-12220, CVE-2019-12221, CVE-2019-1, CVE-2019-5051: OOB R/W in IMG_LoadPCX_RW (IMG_pcx.c). Checksums-Sha1: 64c0b251f14ff968c20d4b414dbfae44a755ea54 2191 sdl-image1.2_1.2.12-5+deb8u2.dsc 16c2eb46407b2d62f331615ad2344a73047019eb 12092 sdl-image1.2_1.2.12-5+deb8u2.debian.tar.xz bd8f6cf15bf65fd99b885907bffd819d2114e3ef 35766 libsdl-image1.2_1.2.12-5+deb8u2_amd64.deb 885a01cf23f3313b360776abce8988277c9d42df 59356 libsdl-image1.2-dbg_1.2.12-5+deb8u2_amd64.deb 706ac0f952ca277a77d2b23c043767e20a3cbbc2 39408 libsdl-image1.2-dev_1.2.12-5+deb8u2_amd64.deb Checksums-Sha256: 56f61ea8c58ec9e1623fe475cef73fb568c51bfd93a2796951745b1e9cbeed4a 2191 sdl-image1.2_1.2.12-5+deb8u2.dsc 92c1f60825de3e1b4bc995194e978278ae5d5be7abfa90b7744d084d0a91b07e 12092 sdl-image1.2_1.2.12-5+deb8u2.debian.tar.xz 218e75b016f40e9b1ac2f07884dd7c241d61b79ceee266b5edf68013988c03c1 35766 libsdl-image1.2_1.2.12-5+deb8u2_amd64.deb 7e45efc451a1d097f04bc1e6dc0860ec456c7d6d8386c779519d3705a415a9a0 59356 libsdl-image1.2-dbg_1.2.12-5+deb8u2_amd64.deb b720e53ae4bb20f764bb4e103cf9e076d81bdc7560cc7ac3aad313a25a2aa1a0 39408 libsdl-image1.2-dev_1.2.12-5+deb8u2_amd64.deb Files: a795e8a8fc167201eb1d4b02a6328764 2191 libs optional sdl-image1.2_1.2.12-5+deb8u2.dsc cf01e819e2728dd16bfd00ad68360869 12092 libs optional sdl-image1.2_1.2.12-5+deb8u2.debian.tar.xz 175c70c32e36f8ea8de8a9900ae03e0b 35766 libs optional libsdl-image1.2_1.2.12-5+deb8u2_amd64.deb 032f8af76ec1612e695e70aab24f507d 59356 debug extra libsdl-image1.2-dbg_1.2.12-5+deb8u2_amd64.deb e8770377d76e3c0c71b175d2af3eb698 39408 libdevel optional libsdl-image1.2-dev_1.2.12-5+deb8u2_amd64.deb -BEGIN PGP SIGNATURE- iQHDBAEBCgAtFiEEeDb9QWtkMa2LX4zREeMFjl5EGkIFAl08idsPHGhsZUBkZWJp YW4ub3JnAAoJEBHjBY5eRBpCltYL/06Kgppx3r94smQbX240pQJiP57jSkEclrD3 Kt4gejiKJLSOJc2ijfdPqQIODLaNnN/9RVOL8iTfAWxkGc7lZGg71HZZyXOLNNi/ Jg92tFRaWckJ3uqktPvy96xnKU8cuXAw2jckThmVn6kHPuCilpJNRzaDkL6fSMvn PRFRlctyARnKoyYA4ZHXrUWNUE/LLShD3WoY4oWcDUbqo5uOCqu3YnSSM864A7dJ 976b3xEUYhd+LEgnvvSpIqkI7v/ip/QejNizF76y5fBX3/9TB+nMDQY78BSv5hQj 9RZtcxFE0Q3kjM3Y25SH30pcVeZlDg5IyFwwMeuw3aOC2cHf6ig5SSBzCXKLvl6K NjPl7xclJUp1qfvY2N9r2K/ppiDSFXQwHMFcGcFhCeWypWv15Z4cgQ77IkMzZNeb g/tS0g5UVdJwgPt+Kxq6TUEswMCkNHJIGLFbDobYxIFUz29BVBA4565glhosakAC jLnYmnlAJ4E0c88LNdsieyYpRbcqHg== =Da/0 -END PGP SIGNATURE-
Accepted libsdl2-image 2.0.0+dfsg-3+deb8u2 (source amd64) into oldoldstable
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Sat, 20 Jul 2019 16:05:46 -0300 Source: libsdl2-image Binary: libsdl2-image-2.0-0 libsdl2-image-dbg libsdl2-image-dev Architecture: source amd64 Version: 2.0.0+dfsg-3+deb8u2 Distribution: jessie-security Urgency: medium Maintainer: Debian SDL packages maintainers Changed-By: Hugo Lefeuvre Description: libsdl2-image-2.0-0 - Image loading library for Simple DirectMedia Layer 2, libraries libsdl2-image-dbg - Image loading library for Simple DirectMedia Layer 2, debugging s libsdl2-image-dev - Image loading library for Simple DirectMedia Layer 2, development Changes: libsdl2-image (2.0.0+dfsg-3+deb8u2) jessie-security; urgency=medium . * Non-maintainer upload by the LTS Security Team. * CVE-2018-3977: buffer overflow in do_layer_surface (IMG_xcf.c). * CVE-2019-5052: integer overflow and subsequent buffer overflow in IMG_pcx.c. * CVE-2019-7635: heap buffer overflow in Blit1to4 (IMG_bmp.c). * CVE-2019-12216, CVE-2019-12217, CVE-2019-12218, CVE-2019-12219, CVE-2019-12220, CVE-2019-12221, CVE-2019-1: OOB R/W in IMG_LoadPCX_RW (IMG_pcx.c). Checksums-Sha1: 1b248c08e24f66dfb3365ba42487a4077019403d 2185 libsdl2-image_2.0.0+dfsg-3+deb8u2.dsc 8dd4f7a28d4ad5f29adc857c80e24797753f8451 10856 libsdl2-image_2.0.0+dfsg-3+deb8u2.debian.tar.xz ceba00cd143d7e66e8c2b7944940c5fd6d936903 45702 libsdl2-image-2.0-0_2.0.0+dfsg-3+deb8u2_amd64.deb 33e41059fc6dc91de7f28e2fe840b781596ec84f 90926 libsdl2-image-dbg_2.0.0+dfsg-3+deb8u2_amd64.deb f346c39deb0f98a2016bb4fa521abb573cd94950 49582 libsdl2-image-dev_2.0.0+dfsg-3+deb8u2_amd64.deb Checksums-Sha256: 2a1a852aa36ef28cc634fd4d2b3c224eb3aea20add50abbebfe225ac0bebd8fe 2185 libsdl2-image_2.0.0+dfsg-3+deb8u2.dsc 74759f093dd07bc301704b2b0a9e1ce6e9c0f392f05bc799bdf5c984a1fbcda0 10856 libsdl2-image_2.0.0+dfsg-3+deb8u2.debian.tar.xz f2b363e9acf6158ef9bc3a83373b1ad17950bef7d4ef98d71349c6e7219308b1 45702 libsdl2-image-2.0-0_2.0.0+dfsg-3+deb8u2_amd64.deb 0fdfcd28c9ace70d1e7fb695cd1a9b1109b480e99d0046a9197710bd4c05d8bf 90926 libsdl2-image-dbg_2.0.0+dfsg-3+deb8u2_amd64.deb ab5d82f83e3937c098f221a7e7f3fb8d8f6828dc5935265dd9f52d944a89516e 49582 libsdl2-image-dev_2.0.0+dfsg-3+deb8u2_amd64.deb Files: f375838402c670c5300bb5fce95d8270 2185 libs optional libsdl2-image_2.0.0+dfsg-3+deb8u2.dsc 4201fd9d0e002e7aafd87638670d36cf 10856 libs optional libsdl2-image_2.0.0+dfsg-3+deb8u2.debian.tar.xz c466fe7d88e4fc5074b0993f0bd3d344 45702 libs optional libsdl2-image-2.0-0_2.0.0+dfsg-3+deb8u2_amd64.deb 04c0525b5974079e7229f5c7e7c9518f 90926 debug extra libsdl2-image-dbg_2.0.0+dfsg-3+deb8u2_amd64.deb 3a43b62e4972adc7ee3d5e6f844805ac 49582 libdevel optional libsdl2-image-dev_2.0.0+dfsg-3+deb8u2_amd64.deb -BEGIN PGP SIGNATURE- iQGzBAEBCgAdFiEEeDb9QWtkMa2LX4zREeMFjl5EGkIFAl018AYACgkQEeMFjl5E GkJxlwwAl8YInhXT5kw0dQW4967FkB4oqHMOI1volEQDk4VveNMco8Gfvn3RMuvl VU8Xrf1XqauCFSac3EGVYGtXiUNhHIe4o85GIXSg6XgbeN+L6zd+7UY41Vhkb2pG YEnrJ9Q0ZkBz/e02s/w9mhVBHYIsODmeHsc0xuY8mBQJy72XydAVqJcia5kDHaQs v0OSv8Bi2vGJWWoQ1Pw88QCjnbpzK4f9+KVWUXfVgydf8BpFOCZoQksTIOfQiF5w akVsQeBGXrzxbOvnXxrx2zPEy1QP678MsAjzwHeJTK0up3EWToSLyvqxNdx2D16Z pGagXeREgFWeFJ8efFbJ6uIBiIiMzY1izkk5NRYGEfvQgLNUH5nBqLHdIJcbRv/O f4DUQ35aEe5x5zdhvF0Oed8sJPXr2eLpEwes1kQyj1jyVN4yHIQecfdbOeU9+h2C QfH0ibEx5E7KyV3SR5259lZHcwP0UZ7DLRIZFtb07pUXIf34J9sbVB+tlBOQvjEi cbOB3322 =VCHZ -END PGP SIGNATURE-
Accepted freeimage 3.15.4-4.2+deb8u2 (source amd64) into oldoldstable
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Sun, 24 Nov 2019 10:42:07 +0100 Source: freeimage Binary: libfreeimage-dev libfreeimage3 libfreeimage3-dbg Architecture: source amd64 Version: 3.15.4-4.2+deb8u2 Distribution: jessie-security Urgency: medium Maintainer: Debian QA Group Changed-By: Hugo Lefeuvre Description: libfreeimage-dev - Support library for graphics image formats (development files) libfreeimage3 - Support library for graphics image formats (library) libfreeimage3-dbg - Support library for graphics image formats (debugging symbols) Closes: 929597 Changes: freeimage (3.15.4-4.2+deb8u2) jessie-security; urgency=medium . * Non-maintainer upload by the LTS Security Team. * CVE-2019-12213: stack exhaustion caused by unwanted recursion in ReadThumbnail (Closes: #929597). * CVE-2019-12211: heap buffer overflow caused by invalid memcpy in PluginTIFF. Checksums-Sha1: 8109782e1452f90e26423a555c60952fe6912326 2018 freeimage_3.15.4-4.2+deb8u2.dsc 13c6c4ff3e180c2bd949921172e3455f63e25845 35664 freeimage_3.15.4-4.2+deb8u2.debian.tar.xz 607d8848ef5cb89a3f3c07ff918373e08e103456 1221704 libfreeimage-dev_3.15.4-4.2+deb8u2_amd64.deb a14da97e6ad159370da3044b098f689f5cd30b5c 72 libfreeimage3_3.15.4-4.2+deb8u2_amd64.deb d7d6fdfcd8da05576ecbbf56c32f7ebfdc090cf7 1198516 libfreeimage3-dbg_3.15.4-4.2+deb8u2_amd64.deb Checksums-Sha256: 8a9c5591f103907612afd93e7340361730b603cd31cf0eb5a4f4fea684a1d34e 2018 freeimage_3.15.4-4.2+deb8u2.dsc ce74391e2b2f250938459b7934cb7d8b713f41502bf2108555139a27a7acc5cd 35664 freeimage_3.15.4-4.2+deb8u2.debian.tar.xz e91f886fc77092271b5c6fc4e67e30388ce65e8335442890aca42c143391f411 1221704 libfreeimage-dev_3.15.4-4.2+deb8u2_amd64.deb 7443a80e7381ef9fb35b6d5aa22beaf0e5fab63315bd879280e6f899a3837715 72 libfreeimage3_3.15.4-4.2+deb8u2_amd64.deb 7b2b1bc105003de167cdd76672e5c84d76573a6de7fbbf3234131bbe597f8886 1198516 libfreeimage3-dbg_3.15.4-4.2+deb8u2_amd64.deb Files: 17d900666d863602c65fc682a6c31bde 2018 libs optional freeimage_3.15.4-4.2+deb8u2.dsc fab0fa9e8b3108cddfb49827720be4b4 35664 libs optional freeimage_3.15.4-4.2+deb8u2.debian.tar.xz ef264307fd2999508ef8ca96ca337e83 1221704 libdevel optional libfreeimage-dev_3.15.4-4.2+deb8u2_amd64.deb e314bb1545a54d8a82460b2ba78e5b99 72 libs optional libfreeimage3_3.15.4-4.2+deb8u2_amd64.deb 4a94389b5592030bcdbfd69061cc3b9e 1198516 debug extra libfreeimage3-dbg_3.15.4-4.2+deb8u2_amd64.deb -BEGIN PGP SIGNATURE- iQGzBAEBCgAdFiEEeDb9QWtkMa2LX4zREeMFjl5EGkIFAl3vulgACgkQEeMFjl5E GkLb1Qv/TdobRRwyFtX1N/4R5BJPHU9iDlMYRIWVhmMT4gzQGupDjt2FcHHjxpUc MfbIud+rH7bcmU/73Ps4y9Lw0INBsw6bvuWZvdTD6c5VjIXUpfI+0nt13MQ5E3s2 gOK8/h9zCvA4uMs9PG/shQNf9EfKcaYG3eKyJPfzQcUxtnvpbwwF85gmrlrZaMMc guMXEHnFWYbJWmJN+llw3KnwJcuiONDGB+mE0xy65SCHT2+ggjjNJ1qXZEORYtCj ljSJwpn1QwmOZZESVMQhzoz7h1voD07/2Ebzs3z0YaZe275mWBJFVi3x/H6oMxBG zuTefHF603XFxj9v/ZJZwGi+c0+eaOylpPq1h6kYKJOzyPPE8IwQqcInatkgDfUQ yDxzSZYBxhlFu5s4nr0d2makDhZW4AvNShvNrnbqFqWTiPdoOlaBMqzYAY9E/liU DHES0BZSte2xiSkxNxXZ3I4GPgKBEZ6Eq873MF8u2guEFaBsqkLvzfgClwDxlopv TOdiACTN =2dXz -END PGP SIGNATURE-
Accepted libsdl2 2.0.2+dfsg1-6+deb8u2 (source amd64) into oldoldstable
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Thu, 10 Oct 2019 15:41:03 +0200 Source: libsdl2 Binary: libsdl2-2.0-0 libsdl2-dev libsdl2-dbg Architecture: source amd64 Version: 2.0.2+dfsg1-6+deb8u2 Distribution: jessie-security Urgency: medium Maintainer: Debian SDL packages maintainers Changed-By: Hugo Lefeuvre Description: libsdl2-2.0-0 - Simple DirectMedia Layer libsdl2-dbg - Simple DirectMedia Layer debug files libsdl2-dev - Simple DirectMedia Layer development files Closes: 878264 Changes: libsdl2 (2.0.2+dfsg1-6+deb8u2) jessie-security; urgency=medium . * Non-maintainer upload by the LTS Security Team. * Last update introduced several patches originally intended for libsdl1.2, not libsdl2, leading to a variety of regressions as reported by Avital Ostromich. - Remove CVE-2019-7637.patch: this patch was never meant for libsdl2. Replace it by CVE-2017-2888.patch, which addresses both CVE-2017-2888 and CVE-2019-7637 (Closes: #878264). - Remove CVE-2019-7635_CVE-2019-7636_CVE-2019-7638.patch: this patch combines several patches which were also meant for libsdl1.2. Replace it by CVE-2019-7635.patch and CVE-2019-76_36-38.patch. Checksums-Sha1: 8c45ae3cb6615cd0ea586d7df447cdb09812f345 2496 libsdl2_2.0.2+dfsg1-6+deb8u2.dsc f67492997e18dc4db77728a90290d0db0056e429 1417848 libsdl2_2.0.2+dfsg1.orig.tar.xz 48e6ef4e6195fe9d1142c068853c1a5bb579158e 19116 libsdl2_2.0.2+dfsg1-6+deb8u2.debian.tar.xz 7585e7a8c81ea648229e3d56939469c9f72736dc 323220 libsdl2-2.0-0_2.0.2+dfsg1-6+deb8u2_amd64.deb e2bb80f1bb0eb1547941fb8a4a6579ab098bea1a 1116616 libsdl2-dev_2.0.2+dfsg1-6+deb8u2_amd64.deb f0a0812d761263d8b26d1a889546445f4d26088e 1269424 libsdl2-dbg_2.0.2+dfsg1-6+deb8u2_amd64.deb Checksums-Sha256: 7d587b955c1da1d6c1be7b43e17f2d5735635db2b0c4767516285217ed3871ea 2496 libsdl2_2.0.2+dfsg1-6+deb8u2.dsc 99205b37b7871fd8abb588ba5855b2aecd04185018894e0d9b7a6664df295d9d 1417848 libsdl2_2.0.2+dfsg1.orig.tar.xz b16bd6255c3e3809f31dcbab1da24c07bfb6785569058490866796eb022dac42 19116 libsdl2_2.0.2+dfsg1-6+deb8u2.debian.tar.xz 11fc9fb2bcf9ee93c84850f8548a1fa8abf4710973c70683cb5855ef2261e70f 323220 libsdl2-2.0-0_2.0.2+dfsg1-6+deb8u2_amd64.deb c97e47906f7c828679f90452d0b8311f047df5a8b3d7eb9ba454fd4489ed88b6 1116616 libsdl2-dev_2.0.2+dfsg1-6+deb8u2_amd64.deb fd42bd467abf6c9623f9176147c00b1101245ddcdb3c81e391d59c5c86c0c57d 1269424 libsdl2-dbg_2.0.2+dfsg1-6+deb8u2_amd64.deb Files: 459f7530ed54b5007193ea1d04cd4415 2496 libs optional libsdl2_2.0.2+dfsg1-6+deb8u2.dsc 43fa75fc9920d5a3da3a383f46eccac4 1417848 libs optional libsdl2_2.0.2+dfsg1.orig.tar.xz cc84eeb49ac16c7df528c452d6d9ed0d 19116 libs optional libsdl2_2.0.2+dfsg1-6+deb8u2.debian.tar.xz 25e23216cd9970300039a7351b80c243 323220 libs optional libsdl2-2.0-0_2.0.2+dfsg1-6+deb8u2_amd64.deb ce9b38455cae641ee57dd3cab75a66d7 1116616 libdevel optional libsdl2-dev_2.0.2+dfsg1-6+deb8u2_amd64.deb 0115c44a44722cb155cb57765ae08a63 1269424 debug extra libsdl2-dbg_2.0.2+dfsg1-6+deb8u2_amd64.deb -BEGIN PGP SIGNATURE- iQGzBAEBCgAdFiEEeDb9QWtkMa2LX4zREeMFjl5EGkIFAl2nIdkACgkQEeMFjl5E GkKRRAv/QcxP80Rshcxwid4f1aT2n6c9S/m5ZqhXBUkcLWXaww2vEK1DAfR9uq8B uC7QUMh4bZqs8giesv3hNzVarxfMHS/vmKh7Oq6Ch4VBdwK53CNrl5zB+BmRSqjH AazYrgR6Qr7QEfRMAc5jK05JO2V+86yQAW6R9bVoiF8UT0VNT6Zqgr2J9zxuMZYh iC1I2D9eP7waaAGNWtRdMXElGSHRPloO8sRyxluLw902adR9cXB+IWlYmLUTkiEv cV0MtkzKJCkIoJqOUHxIbwLWxYKQ65Ty30RdNuwx7hKSJdgAkM02ES2yt6P+KQ2p xk/uRa1ENnazNTEXogzV2Sj7FV3D/lCt4/AURC0ML9YzE8uzH0anXOmUSvUjIpnq sycySDkVFFx3a/xjefeDhMlCE/+kNo8G7zuQ1fSbZWAsJri87V7lUyGL94NPgRG1 yoBlCdTW1o/k+Zu1zZnNICHcUob4WAk8mrbxxC1hKpZeEwYOMUkzuEwR/7b4oKog py3cKSe7 =wgW5 -END PGP SIGNATURE-
Accepted c-icap-modules 1:0.3.2-2+deb8u1 (source amd64 all) into oldoldstable
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Fri, 04 Oct 2019 11:03:26 +0200 Source: c-icap-modules Binary: libc-icap-mod-virus-scan libc-icap-mod-clamav libc-icap-mod-urlcheck Architecture: source amd64 all Version: 1:0.3.2-2+deb8u1 Distribution: jessie-security Urgency: medium Maintainer: Tim Weippert Changed-By: Hugo Lefeuvre Description: libc-icap-mod-clamav - transitional dummy package libc-icap-mod-urlcheck - URL Check Service for c-icap libc-icap-mod-virus-scan - Antivirus Service for c-icap Closes: 919814 Changes: c-icap-modules (1:0.3.2-2+deb8u1) jessie-security; urgency=medium . * Non-maintainer upload by the LTS Security Team. . [ Hugo Lefeuvre ] * Install missing files /etc/c-icap/*.conf. . * Upload based on the stretch package, thanks to: . [ Sebastian Andrzej Siewior ] * Add support for clamav 0.101.1 (Closes: #919814). Checksums-Sha1: 3823d9bdec234c9c1dc4c34c0337e4e9037853d1 1984 c-icap-modules_0.3.2-2+deb8u1.dsc 98dd7b3bf40b8831e297ffa8c4e1eaf7cef57cd0 384788 c-icap-modules_0.3.2.orig.tar.gz a365a7eea4541db0251fbd952ba2b83d458affa2 5672 c-icap-modules_0.3.2-2+deb8u1.debian.tar.xz 452f03702ba6e12f781a685efc06f8c61b08614f 33986 libc-icap-mod-virus-scan_0.3.2-2+deb8u1_amd64.deb 456dfdc694725fd56f5a77abce8b56b9fa3e5591 3490 libc-icap-mod-clamav_0.3.2-2+deb8u1_all.deb 3820dda57c6e4c38d95a5fa070e63cfd31ce1092 27160 libc-icap-mod-urlcheck_0.3.2-2+deb8u1_amd64.deb Checksums-Sha256: 324fed5bb07b282bd1012c8d0b426e7ff9c6cb1dc1d1f04f91cbcb9a7853c8c1 1984 c-icap-modules_0.3.2-2+deb8u1.dsc e3472662687cf9fa37a496df31436924326e315920056a404f023ec5e852e239 384788 c-icap-modules_0.3.2.orig.tar.gz 5ed34f0c0ccae1376d935b6fbb3caec49b3d6cba765e6ff89d1de75c84e1f733 5672 c-icap-modules_0.3.2-2+deb8u1.debian.tar.xz 5483f316d133e5af7c50f82ddfca14a020924b4a6d7f58e4a8e091b858d7d6c7 33986 libc-icap-mod-virus-scan_0.3.2-2+deb8u1_amd64.deb f2c5cc2b7c353950a19ca099f69c1572586b72e283345daa012068f45231329d 3490 libc-icap-mod-clamav_0.3.2-2+deb8u1_all.deb d66d9fbbd642bea69916ccd3e9add34fa27d72d3260b74835720fa7d8be9a7c5 27160 libc-icap-mod-urlcheck_0.3.2-2+deb8u1_amd64.deb Files: d09b51a791509ff7232088cc63d830c7 1984 net extra c-icap-modules_0.3.2-2+deb8u1.dsc 25a904f98cddbcc7431b22720cd3996e 384788 net extra c-icap-modules_0.3.2.orig.tar.gz fec782f61b574b665943a0c1039d0b5d 5672 net extra c-icap-modules_0.3.2-2+deb8u1.debian.tar.xz 5beed0d1397058e8e35ebb32392bc390 33986 net extra libc-icap-mod-virus-scan_0.3.2-2+deb8u1_amd64.deb 30b37c43b81bffba6121b78a0c2de7ef 3490 oldlibs extra libc-icap-mod-clamav_0.3.2-2+deb8u1_all.deb 4b871c259974e9c99aa7c83b38957efb 27160 net extra libc-icap-mod-urlcheck_0.3.2-2+deb8u1_amd64.deb -BEGIN PGP SIGNATURE- iQGzBAEBCgAdFiEEeDb9QWtkMa2LX4zREeMFjl5EGkIFAl2fCsEACgkQEeMFjl5E GkI60Qv/ThL3ZxOoF/m4PgcqD4dJDDIdAZtfSksloKwtZiW25YbfjFpRdQg7MMD6 6EAcQ2ueSMjMKt/LfHvjtsWAni01h+yudVufOpCkZulbqzQGWNB0urkP1YvsWH0h OIb9Epf+ti22K/sotjG4+cVRQ+e2G5h0aZSdRIm7kTltqD/hS6j3YK0z7/9gEwfr hjZyRb1/n+cqgEHvXC4gJpIuZD4VEwDYj/ZUwtZhxbQWeE9rDJtIA007zHE948Zi ow0KmSGMUOOOu5O/+W3ayUnH/9GOv4P6tVtAmI9EHBg7mogULJZsrSiwPo5d4RVc Blk6AHX2MsBzBuhUS4qbVaTYusBAd+W1bVqu4PV72PvOI5wPYxPdEVDHt29f2WhJ QbpSSkPcOea1fqGl44k6TSHh5NJ84WGDfdG8nbB/iBNNJs2ygCLZ0cg+jxMpmh+t kD9FBw0Yu/S2cSYzFeCjde+aiPTBuUXhd19KrLXraPBlnL/djWMbUuWDAD+q4kxF aGAeQSgB =gKQC -END PGP SIGNATURE-
Accepted havp 0.92a-3+deb8u1 (source amd64) into oldoldstable
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Fri, 04 Oct 2019 08:25:20 +0200 Source: havp Binary: havp Architecture: source amd64 Version: 0.92a-3+deb8u1 Distribution: jessie-security Urgency: medium Maintainer: ClamAV Team Changed-By: Hugo Lefeuvre Description: havp - HTTP Anti Virus Proxy Closes: 920865 Changes: havp (0.92a-3+deb8u1) jessie-security; urgency=medium . * Non-maintainer upload by the LTS Security Team. * Upload based on the stretch package, thanks to: . [ Sebastian Andrzej Siewior ] * Add support for clamav 0.101 (Closes: #920865). * Bump libclamav-dev build-depends to match. Checksums-Sha1: 477a2659eb34c87d9ced6c82be2ce2cfeff0edc6 1957 havp_0.92a-3+deb8u1.dsc 5bb6b14b187e40a367f9097a5697e2f7ecffcb15 121987 havp_0.92a.orig.tar.gz e55cdd107fcf658a17eae1be5d2fc1bb8966a07e 24476 havp_0.92a-3+deb8u1.debian.tar.xz c9a0ceafe4661da3191c082f4ba88ad6c8800a0c 133114 havp_0.92a-3+deb8u1_amd64.deb Checksums-Sha256: e852101e80a50e878b56652632a450e331a76428e3d619e8fbca41cad8002608 1957 havp_0.92a-3+deb8u1.dsc 0dec86390b5738184aa7155af0c66dd00a97476fcd7377bcec8f1f0bf50f0e9a 121987 havp_0.92a.orig.tar.gz 112e26c9337e87b64a9d15b985f59c8ba814306986a0686bc9fefc4f4c07901f 24476 havp_0.92a-3+deb8u1.debian.tar.xz 2dbcf6381166f8e4b5bc22650dcda9276ef102090ca2af8b641bd311ff91fc15 133114 havp_0.92a-3+deb8u1_amd64.deb Files: e808b06e917f1bc98458506576cb64ec 1957 net optional havp_0.92a-3+deb8u1.dsc f9a3746eceea579b9034c5fa8a69 121987 net optional havp_0.92a.orig.tar.gz 424768304fadb05a74b687dd661bb2ba 24476 net optional havp_0.92a-3+deb8u1.debian.tar.xz 5159f758112f59e44364da0f48c36753 133114 net optional havp_0.92a-3+deb8u1_amd64.deb -BEGIN PGP SIGNATURE- iQGzBAEBCgAdFiEEeDb9QWtkMa2LX4zREeMFjl5EGkIFAl2fDAoACgkQEeMFjl5E GkIUnwwAkQG1eN6lFcnO/6I48sj7VEHosuPBx0kBgbvoyOH5PDxnuLK/uBcRCTgG vNs8RShKO+vkIbafYWDXn0S59gUnbRzo5Jjr7Sx4036FaIXUNQpLRzlPfQgiYLtT Tu9OwPnwHYdZ68vYSIg1lqqba2snJI6RH5f3itKmHIFn6mhl4yE6A+dMFMD+a4Fk TWADMFTygQQ0ZnJUVeNfdgj8oKn4SBX+lQymBYF9FIXbsrcXb4az1mL6I5Jg6A8A R5tpCqEuH/BK8bE/a5ez02vE+BLULADzByqs4fV0K1HF4yY1vEjopDIeYX8rqHHg ju3PJAR4d35wcd9Z7t3XjFO9SFhq+QX73XD3twPLZUfUIrJvxydhXLPFTdKDSU0Z 52RSC2LIG9rAEdq71kGDaYKnTX4yWKQObbtdfg8coIN3ilF23oFBs0b8GOBYRYIk J0JLbhgdgHifUhHXL/V6Ra9mL9Ujx3kLHsn70xcqMZyhpj3So/Fw14LPNrcvHDtz p/7uVws3 =hBUg -END PGP SIGNATURE-
Accepted clamav 0.101.4+dfsg-0+deb8u1 (source all amd64) into oldoldstable
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Tue, 01 Oct 2019 11:04:25 +0200 Source: clamav Binary: clamav-base clamav-docs clamav-dbg clamav libclamav-dev libclamav9 clamav-daemon clamdscan clamav-testfiles clamav-freshclam clamav-milter Architecture: source all amd64 Version: 0.101.4+dfsg-0+deb8u1 Distribution: jessie-security Urgency: medium Maintainer: ClamAV Team Changed-By: Hugo Lefeuvre Description: clamav - anti-virus utility for Unix - command-line interface clamav-base - anti-virus utility for Unix - base package clamav-daemon - anti-virus utility for Unix - scanner daemon clamav-dbg - debug symbols for ClamAV clamav-docs - anti-virus utility for Unix - documentation clamav-freshclam - anti-virus utility for Unix - virus database update utility clamav-milter - anti-virus utility for Unix - sendmail integration clamav-testfiles - anti-virus utility for Unix - test files clamdscan - anti-virus utility for Unix - scanner client libclamav-dev - anti-virus utility for Unix - development files libclamav9 - anti-virus utility for Unix - library Closes: 921190 934359 Changes: clamav (0.101.4+dfsg-0+deb8u1) jessie-security; urgency=medium . * Non-maintainer upload by the LTS Security Team. * Upload based on the stretch package, thanks to: . [ Sebastian Andrzej Siewior ] * Import 0.101.4 (Closes: #921190) - CVE-2019-12625 (Add scan time limit to limit the processing zip-bombs) (Closes: #934359) - CVE-2019-12900 (An out of bounds write was possible within ClamAV's NSIS bzip) - update symbols file (bump to 101.4 and drop unused cli_strnstr). Checksums-Sha1: ccb5ac1b9eeba37e5a53b4a37a59902dfd1c57d6 2990 clamav_0.101.4+dfsg-0+deb8u1.dsc ae609c30ebf523a2f5e1b5f3cf25332cbb48686d 4975416 clamav_0.101.4+dfsg.orig.tar.xz 71bf6f8386c710769c15924f9efc738023d041d5 218816 clamav_0.101.4+dfsg-0+deb8u1.debian.tar.xz 12746934b9a5dbbdea34e16b28e9a5d868c923f8 112338 clamav-base_0.101.4+dfsg-0+deb8u1_all.deb 51d430d58335aa6ea3c378b6cecce0631dcabeb9 273912 clamav-docs_0.101.4+dfsg-0+deb8u1_all.deb 8b510dcac861dcea022f88caac608ecb958ca484 2472738 clamav-dbg_0.101.4+dfsg-0+deb8u1_amd64.deb 604cee45f74ad396f11d4832c409c2bed18777db 166844 clamav_0.101.4+dfsg-0+deb8u1_amd64.deb 2c98f088b84ca92c7d2f283951413db5abe69002 67828 libclamav-dev_0.101.4+dfsg-0+deb8u1_amd64.deb 7f04f8de7196807e6364672e66fc8a84662b8893 850320 libclamav9_0.101.4+dfsg-0+deb8u1_amd64.deb 2726d3da3158aac8db2c2a426a900f36256d2e1b 268858 clamav-daemon_0.101.4+dfsg-0+deb8u1_amd64.deb 70daf68e5193422a317ae595a38336554a011398 126522 clamdscan_0.101.4+dfsg-0+deb8u1_amd64.deb ccf5c0eba92be924d4c70c4fe45dca6957847644 2878646 clamav-testfiles_0.101.4+dfsg-0+deb8u1_all.deb 4170e861a7d45e5e15e63932af36aafe692cc719 221386 clamav-freshclam_0.101.4+dfsg-0+deb8u1_amd64.deb fe6f14455d8fab0ba7c0fbaa898006de4854de5a 265000 clamav-milter_0.101.4+dfsg-0+deb8u1_amd64.deb Checksums-Sha256: 79abca6d77524ef32ad19895c96eaeaead65c66950041c994de9e5313ab6b330 2990 clamav_0.101.4+dfsg-0+deb8u1.dsc f97e09180cf15391db8b5c9db18a1409b748a417861a6aa4621db8844dde3c23 4975416 clamav_0.101.4+dfsg.orig.tar.xz c5cbb3cfd18b55aea89c178461215b8cf140a02362286fc0070e7cb5158839ac 218816 clamav_0.101.4+dfsg-0+deb8u1.debian.tar.xz e00aab1f4016ba71e8caa4544e6d95805f3779518d581006cdb890266bdca5e8 112338 clamav-base_0.101.4+dfsg-0+deb8u1_all.deb 931ffcf1fc1f5595b87f3879ff69c2ab9720c3bcf02aacaf4fd358fe43dddf0c 273912 clamav-docs_0.101.4+dfsg-0+deb8u1_all.deb a6687182373f4aa08109a307fd9875016105018bc2a66bb0d47e0ce92c0a1092 2472738 clamav-dbg_0.101.4+dfsg-0+deb8u1_amd64.deb 1027f5a0129694f57e8625d4647278af6a462f6ecfd498da3ca614f6f8d4b104 166844 clamav_0.101.4+dfsg-0+deb8u1_amd64.deb e6d23c3abe8bc960ce7921c3efed08ba540cc8a3c397a7fd0b7fbc5b378ee52a 67828 libclamav-dev_0.101.4+dfsg-0+deb8u1_amd64.deb b4e0d11b5d1856495d2db76d295d4c833ad4b7ca3b096fbeea90f7a3c2a56f65 850320 libclamav9_0.101.4+dfsg-0+deb8u1_amd64.deb 5c3601cc0bf2cf38002638edfe3f071d8b4afec125367e3c1f0b27f4dc67f12e 268858 clamav-daemon_0.101.4+dfsg-0+deb8u1_amd64.deb 252a36718934c4700fd875f21ef38e342d6d4c9c4a81844a0f61a01259d40d84 126522 clamdscan_0.101.4+dfsg-0+deb8u1_amd64.deb ec82aa6c7892f8fb293ee43ece1972009fed755adf07ec9a153c9ad1fd9030c9 2878646 clamav-testfiles_0.101.4+dfsg-0+deb8u1_all.deb 2fb1f03cb79d203ae750e08de91130b5a23c04ad889d924998bb7fd41a6d2b42 221386 clamav-freshclam_0.101.4+dfsg-0+deb8u1_amd64.deb 46fe617147ca98fa6725d6e357c2ba39dffbbf4dc3bf1517361eafbb64b83853 265000 clamav-milter_0.101.4+dfsg-0+deb8u1_amd64.deb Files: 2637d75b9eef49e539968694a292e62f 2990 utils optional clamav_0.101.4+dfsg-0+deb8u1.dsc 915d7b2d6113055a31d8adcca1e0d0dd 4975416 utils optional clamav_0.101.4+dfsg.orig.tar.xz f2851ca3585928ee55ce4aca258da42a 218816 utils optional clamav_0.101.4+dfsg-0+deb8u1.debian.tar.xz 55e0c65e6a4dbcca8dd4b7d5b30a85cf 112338 utils optional clamav-base_0.101.4+dfsg-0+deb8u1_all.deb
Accepted libsdl1.2 1.2.15-10+deb8u2 (source amd64) into oldoldstable
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Wed, 09 Oct 2019 10:08:03 +0200 Source: libsdl1.2 Binary: libsdl1.2debian libsdl1.2-dev libsdl1.2-dbg Architecture: source amd64 Version: 1.2.15-10+deb8u2 Distribution: jessie-security Urgency: medium Maintainer: Debian SDL packages maintainers Changed-By: Hugo Lefeuvre Description: libsdl1.2-dbg - Simple DirectMedia Layer debug files libsdl1.2-dev - Simple DirectMedia Layer development files libsdl1.2debian - Simple DirectMedia Layer Changes: libsdl1.2 (1.2.15-10+deb8u2) jessie-security; urgency=medium . * Non-maintainer upload by the LTS Security Team. * Last update introduced a fix for CVE-2019-7637 which contains copy-and- paste mistakes. CVE-2019-7637-followup.patch addresses issues in the initial patch. Checksums-Sha1: cb54086795f3690ef83f11360a9f61520cddcd28 2320 libsdl1.2_1.2.15-10+deb8u2.dsc 0c5f193ced810b0d7ce3ab06d808cbb5eef03a2c 3920622 libsdl1.2_1.2.15.orig.tar.gz 41717d6fc19f15da00cf63b8240ea61f21b63733 28612 libsdl1.2_1.2.15-10+deb8u2.debian.tar.xz 9c91693a28fe958238c1f10dfd0eed9f87fe9c3f 189958 libsdl1.2debian_1.2.15-10+deb8u2_amd64.deb 114af13432bbb59f0d9fc0394c994a3a5c5ee7eb 734286 libsdl1.2-dev_1.2.15-10+deb8u2_amd64.deb f3f06869cd25dc14427fe5e5fbc20b9512867144 750182 libsdl1.2-dbg_1.2.15-10+deb8u2_amd64.deb Checksums-Sha256: 776d79330e73c0ef513c3bfc3fb8b4d06087f92f5ed45d13c24c06c78fe12730 2320 libsdl1.2_1.2.15-10+deb8u2.dsc d6d316a793e5e348155f0dd93b979798933fb98aa1edebcc108829d6474aad00 3920622 libsdl1.2_1.2.15.orig.tar.gz 0c72129443b28e91e343a08f7737cd2b770504a013094a99817f7c11382ce3d4 28612 libsdl1.2_1.2.15-10+deb8u2.debian.tar.xz 7959b8afd21405ca092e50a76af2fa7350b94e780c6325b128fa061a6eb8a4f8 189958 libsdl1.2debian_1.2.15-10+deb8u2_amd64.deb 110f889ce2b4f70d677a48707be34819b26b638dec4a247944dd87aa9d69 734286 libsdl1.2-dev_1.2.15-10+deb8u2_amd64.deb 574bdd509eb465491379c10ab3c37b8fa749f826574c0b073e7c7db8c0c86405 750182 libsdl1.2-dbg_1.2.15-10+deb8u2_amd64.deb Files: 7beaa2926cde34b98020b1050ce766c2 2320 libs optional libsdl1.2_1.2.15-10+deb8u2.dsc 9d96df8417572a2afb781a7c4c811a85 3920622 libs optional libsdl1.2_1.2.15.orig.tar.gz 7d4bf81fa848b2072a3f67394b48c5f6 28612 libs optional libsdl1.2_1.2.15-10+deb8u2.debian.tar.xz 4d9bc977c89668498976d8ccebf45aa2 189958 libs optional libsdl1.2debian_1.2.15-10+deb8u2_amd64.deb 0dfe0d052825fe78674b402ef75fbf4c 734286 libdevel optional libsdl1.2-dev_1.2.15-10+deb8u2_amd64.deb ca8344bf8f1356d5ec0958c4ec6f2c1e 750182 debug extra libsdl1.2-dbg_1.2.15-10+deb8u2_amd64.deb -BEGIN PGP SIGNATURE- iQGzBAEBCgAdFiEEeDb9QWtkMa2LX4zREeMFjl5EGkIFAl2kYHsACgkQEeMFjl5E GkKiRAv/ZcE/7iLGJvNA9XSZeie1yCdOMMqItkftnmemajWW/dyfGoEX5x35WC1n JyqCedOmXGL5WyYwouyubcqhR6Ny+nCDATGsMLPbx4BO7u2gemMUWftitOGQBHBK OpaTJT/xbEmUjfX9g20heTMO1LWSjuiK9KKT8L0e5/MqA2LSyEKZxo/AM6HdlzkC I2qPgXFbKmaEAm3Ybb5CsB1poLTRkHcWz00Kko0Pu3NmWc0MJ11+uHiV7YQXrKzY 01yDYBrkb3mDBhM1hJs5jEukCpGqA/BkzI9yHNNWPocUUScJOY1PmeSXo+bvKi5J Xz2zwdgYjUx7Z4t8axnR7utlKXckEDSI7Q6hAybznDEYYAa6iinqlqC2K4e4+xN6 tOL0NMdrX0emPJiMrzVwCP9PLHRzYNT5fpc3lYS5hF0+CFeh0hXi31gCYTqzIKnM Gg4WteOnyoEfgBHhxFLY1ddQadyICDVzs66QIJNFwoZAQVIxK4JFm/Y9pYPIGjDk ntDb/5Uu =NgSY -END PGP SIGNATURE-
Accepted imagemagick 8:6.8.9.9-5+deb8u19 (source all amd64) into oldoldstable
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Sat, 28 Dec 2019 12:31:07 +0100 Source: imagemagick Binary: imagemagick-common imagemagick-doc libmagickcore-6-headers libmagickwand-6-headers libmagick++-6-headers imagemagick libimage-magick-perl libmagickcore-6-arch-config imagemagick-6.q16 libmagickcore-6.q16-2 libmagickcore-6.q16-2-extra libmagickcore-6.q16-dev libmagickwand-6.q16-2 libmagickwand-6.q16-dev libmagick++-6.q16-5 libmagick++-6.q16-dev imagemagick-dbg libimage-magick-q16-perl perlmagick libmagickcore-dev libmagickwand-dev libmagick++-dev Architecture: source all amd64 Version: 8:6.8.9.9-5+deb8u19 Distribution: jessie-security Urgency: medium Maintainer: ImageMagick Packaging Team Changed-By: Hugo Lefeuvre Description: imagemagick - image manipulation programs -- binaries imagemagick-6.q16 - image manipulation programs -- quantum depth Q16 imagemagick-common - image manipulation programs -- infrastructure imagemagick-dbg - debugging symbols for ImageMagick imagemagick-doc - document files of ImageMagick libimage-magick-perl - Perl interface to the ImageMagick graphics routines libimage-magick-q16-perl - Perl interface to the ImageMagick graphics routines -- Q16 versio libmagick++-6-headers - object-oriented C++ interface to ImageMagick - header files libmagick++-6.q16-5 - object-oriented C++ interface to ImageMagick libmagick++-6.q16-dev - object-oriented C++ interface to ImageMagick - development files libmagick++-dev - object-oriented C++ interface to ImageMagick libmagickcore-6-arch-config - low-level image manipulation library - architecture header files libmagickcore-6-headers - low-level image manipulation library - header files libmagickcore-6.q16-2 - low-level image manipulation library -- quantum depth Q16 libmagickcore-6.q16-2-extra - low-level image manipulation library - extra codecs (Q16) libmagickcore-6.q16-dev - low-level image manipulation library - development files (Q16) libmagickcore-dev - low-level image manipulation library -- transition package libmagickwand-6-headers - image manipulation library - headers files libmagickwand-6.q16-2 - image manipulation library libmagickwand-6.q16-dev - image manipulation library - development files libmagickwand-dev - image manipulation library - transition for development files perlmagick - Perl interface to ImageMagick -- transition package Closes: 870273 947308 947309 Changes: imagemagick (8:6.8.9.9-5+deb8u19) jessie-security; urgency=medium . * Non-maintainer upload by the LTS Security Team. * Fix regression introduced in 8:6.8.9.9-5+deb8u10 (Closes: #870273). * Add missing HeapOverflowSanityCheck symbol from 8:6.8.9.9-5+deb8u6. * CVE-2019-19948: heap buffer overflow in WriteSGIImage (Closes: #947308). * CVE-2019-19949: heap buffer over-read in WritePNGImage (Closes: #947309). Checksums-Sha1: 5652ba40be8eef9473ab6bc7a691756a5f9fb880 4078 imagemagick_6.8.9.9-5+deb8u19.dsc f484a0203596c794b975ac11872cf6fda79022dd 327808 imagemagick_6.8.9.9-5+deb8u19.debian.tar.xz 39666dda84dc324c01755980ad64663777384c1b 155446 imagemagick-common_6.8.9.9-5+deb8u19_all.deb 9f33768e055589818e20a37caf93b18a53e02bfd 7697572 imagemagick-doc_6.8.9.9-5+deb8u19_all.deb 39836c9fa72e5d03edacbf2b72f8ccfd01a3818f 173312 libmagickcore-6-headers_6.8.9.9-5+deb8u19_all.deb 2551759083fd49b0efd2ac48d0a7776581f47de7 136308 libmagickwand-6-headers_6.8.9.9-5+deb8u19_all.deb 73686e27dadf5fc622f41a3a11afdaec20175013 172280 libmagick++-6-headers_6.8.9.9-5+deb8u19_all.deb d04905303d7f14299277dae560f289c566edf893 161040 imagemagick_6.8.9.9-5+deb8u19_amd64.deb c75f2d3053877e9c3177ef375d640d6ac4e0b198 180080 libimage-magick-perl_6.8.9.9-5+deb8u19_all.deb a0655c0fca39e0fa63e3e531a950c44506589417 135128 libmagickcore-6-arch-config_6.8.9.9-5+deb8u19_amd64.deb 9dd22f65f02d5aa32c2113f4781773f016079f3c 515080 imagemagick-6.q16_6.8.9.9-5+deb8u19_amd64.deb 88b8bdc8605f4fa674427f16edb4adbad16ccc5c 1695960 libmagickcore-6.q16-2_6.8.9.9-5+deb8u19_amd64.deb d62b6c2d7de178663f1415a35fa6a96872dcd495 175630 libmagickcore-6.q16-2-extra_6.8.9.9-5+deb8u19_amd64.deb b7f292f36c7c6ac1b92fe52ada381267df20079c 1033794 libmagickcore-6.q16-dev_6.8.9.9-5+deb8u19_amd64.deb 2ca10663a127b90d3f374dbb98ac1972de030105 408712 libmagickwand-6.q16-2_6.8.9.9-5+deb8u19_amd64.deb dce6c113706bf368684201e47b88c655b4547455 397016 libmagickwand-6.q16-dev_6.8.9.9-5+deb8u19_amd64.deb 8f4fd6a7926847eb7cbdd4308c301b704d94b467 259230 libmagick++-6.q16-5_6.8.9.9-5+deb8u19_amd64.deb d38d5c768458a2cdc7c1e5a7056fa1d826ab7c14 227134 libmagick++-6.q16-dev_6.8.9.9-5+deb8u19_amd64.deb 11993204ae7d6382c7aeeb09306adbf9b2d20af2 5013680 imagemagick-dbg_6.8.9.9-5+deb8u19_amd64.deb 9df8e389be389e45222d1bdf80c8a9d7e6a70cc5 225954 libimage-magick-q16-perl_6.8.9.9-5+deb8u19_amd64.deb cae16453b3db5d0e00783f457de52dbdc659e904 127466 perlmagick_6.8.9.9-5+deb8u19_all.deb 2babfef0d1f24bd1a92f76df4e14c2bee9cd3f06 127452
