Accepted libapache2-mod-authnz-external 3.2.4-2.1 (source amd64)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Format: 1.8 Date: Mon, 18 Jul 2011 10:26:11 +1000 Source: libapache2-mod-authnz-external Binary: libapache2-mod-authnz-external Architecture: source amd64 Version: 3.2.4-2.1 Distribution: unstable Urgency: high Maintainer: Hai Zaar haiz...@haizaar.com Changed-By: Steffen Joeris wh...@debian.org Description: libapache2-mod-authnz-external - authenticate Apache against external authentication services Closes: 633637 Changes: libapache2-mod-authnz-external (3.2.4-2.1) unstable; urgency=high . * Non-maintainer upload by the security team * Fix SQL injection via the $user paramter (Closes: #633637) Fixes: CVE-2011-2688 Checksums-Sha1: 0de6e958e966f184447226c4fa59fd96b1b3f343 1214 libapache2-mod-authnz-external_3.2.4-2.1.dsc df06932fe7da2cbb6a00b4d5d74d3e1fe7de447c 3613 libapache2-mod-authnz-external_3.2.4-2.1.diff.gz 47222b3442e64d3217f73b319d84b313b77987b6 24640 libapache2-mod-authnz-external_3.2.4-2.1_amd64.deb Checksums-Sha256: 3b0844019250924afb235d15bc6fb27095ed25b6b332eccbcb3dd8a1c83accb6 1214 libapache2-mod-authnz-external_3.2.4-2.1.dsc 7255a4c23a948d943bf9a815f45cf94a6c9c6bf3ca09706b3b5921655e2038f4 3613 libapache2-mod-authnz-external_3.2.4-2.1.diff.gz 70fc8d5f3028511ea740ab8292177daa1a9c489f053d70b9eec440dabcf2b0f7 24640 libapache2-mod-authnz-external_3.2.4-2.1_amd64.deb Files: 7840d7735cd2e33f014228c7c3796509 1214 web optional libapache2-mod-authnz-external_3.2.4-2.1.dsc 58c4d961fa1ce9010027c4d3454c5ead 3613 web optional libapache2-mod-authnz-external_3.2.4-2.1.diff.gz 4cdf5d46a542c1431d3224cde7ebf42e 24640 web optional libapache2-mod-authnz-external_3.2.4-2.1_amd64.deb -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.11 (GNU/Linux) iEYEARECAAYFAk4jf6IACgkQ62zWxYk/rQcDZACeOmzxWS11MoBQmJVG3e4K9XOl MhEAn2IbmG6irpoYx5KourhC5aadyefL =BlZk -END PGP SIGNATURE- Accepted: libapache2-mod-authnz-external_3.2.4-2.1.diff.gz to main/liba/libapache2-mod-authnz-external/libapache2-mod-authnz-external_3.2.4-2.1.diff.gz libapache2-mod-authnz-external_3.2.4-2.1.dsc to main/liba/libapache2-mod-authnz-external/libapache2-mod-authnz-external_3.2.4-2.1.dsc libapache2-mod-authnz-external_3.2.4-2.1_amd64.deb to main/liba/libapache2-mod-authnz-external/libapache2-mod-authnz-external_3.2.4-2.1_amd64.deb -- To UNSUBSCRIBE, email to debian-devel-changes-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/e1qijwf-0002se...@franck.debian.org
Accepted collectd 4.10.1-2.1 (source all amd64)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Format: 1.8 Date: Wed, 08 Dec 2010 17:45:50 +1100 Source: collectd Binary: collectd-core collectd collectd-utils collectd-dbg collectd-dev libcollectdclient-dev libcollectdclient0 Architecture: source amd64 all Version: 4.10.1-2.1 Distribution: unstable Urgency: high Maintainer: Sebastian Harl tok...@debian.org Changed-By: Steffen Joeris wh...@debian.org Description: collectd - statistics collection and monitoring daemon collectd-core - statistics collection and monitoring daemon (core system) collectd-dbg - statistics collection and monitoring daemon (debugging symbols) collectd-dev - statistics collection and monitoring daemon (development files) collectd-utils - statistics collection and monitoring daemon (utilities) libcollectdclient-dev - client library for collectd's control interface (development file libcollectdclient0 - client library for collectd's control interface Closes: 605092 Changes: collectd (4.10.1-2.1) unstable; urgency=high . * Non-maintainer upload by the security team * Fix DoS in RRD file creation (Closes: #605092) Fixes: CVE-2010-4336 Thanks to Florian Forster Checksums-Sha1: d4c3c1422dc9ef3a115032599829054d7b77560c 2501 collectd_4.10.1-2.1.dsc 934e821151cbaea0667b94dde33d03a92a70216b 58515 collectd_4.10.1-2.1.diff.gz e0db5f2c7e4b110e2325639260fc78fc1d82568e 819464 collectd-core_4.10.1-2.1_amd64.deb dbfbc288e7b6339b5048031ad8b8f077c7107262 66634 collectd_4.10.1-2.1_amd64.deb f18e25e6af943c621284c6404ce509b61a3c0f7c 68606 collectd-utils_4.10.1-2.1_amd64.deb fc2f53ff1c6faffc22ffb07100856a8a9dcf004a 840040 collectd-dbg_4.10.1-2.1_amd64.deb ed0cbfc4e86cdc6241ff2a7117f89cd158ad5b2c 61254 libcollectdclient-dev_4.10.1-2.1_amd64.deb d7e53a3a9518704bf1aef23f36be2c4cda194d83 66860 libcollectdclient0_4.10.1-2.1_amd64.deb fe09cbd70ebb918ba5ea846d18427b1e23846b86 101538 collectd-dev_4.10.1-2.1_all.deb Checksums-Sha256: 716660b06c587e5cc6525b53b14b40efd6f8320fe58cc89fe24d8251b8706bb0 2501 collectd_4.10.1-2.1.dsc 76de98ea03f09c00581fd43ce0c8ee392ca9bd0c7613482669714a27e585709a 58515 collectd_4.10.1-2.1.diff.gz c6ae951c01813829e1fceda1ff11360820bcf62a9cc9151b2683c8f7fd9023d1 819464 collectd-core_4.10.1-2.1_amd64.deb e50c8a37b0accba4d22414ca31198f8190e0730056e7dd7e2949101e273ff8d9 66634 collectd_4.10.1-2.1_amd64.deb 4702c2e16c5272bdb6b0a20bbd88a606dd37229e7356ec83e8f4bda78643d233 68606 collectd-utils_4.10.1-2.1_amd64.deb f56e186af6f05f7528373d21712fdc07980d47d16fd611c2621a76e2d13bf11b 840040 collectd-dbg_4.10.1-2.1_amd64.deb a693400bebe7b171d2b8b4cfcd0cc42bbdaf01faae8041335b71d3bbe9b2c971 61254 libcollectdclient-dev_4.10.1-2.1_amd64.deb e8255c900a400d1b0d6b82084cfdf10baf9f2774dd663d5f7acb99fff53b5105 66860 libcollectdclient0_4.10.1-2.1_amd64.deb 130c33bb47a4798f2abda8d5dffafd285f67de37bbd33fb3fb97bf7e821320b0 101538 collectd-dev_4.10.1-2.1_all.deb Files: 64c9ffe7bd915aeceec342c4fb09c656 2501 utils optional collectd_4.10.1-2.1.dsc 945faa15b8c8eb86d62725e53a3e5137 58515 utils optional collectd_4.10.1-2.1.diff.gz e325e82f8e03c3bac364ccc0d53cf1b0 819464 utils optional collectd-core_4.10.1-2.1_amd64.deb 795a09cbb0aef3faaae0d1656fb61771 66634 utils optional collectd_4.10.1-2.1_amd64.deb 2aeebb8a5869baea4cbfebe5977cbb51 68606 utils optional collectd-utils_4.10.1-2.1_amd64.deb 783ee1916509bbb82ae60ddb58bd784f 840040 debug extra collectd-dbg_4.10.1-2.1_amd64.deb 797c2081d4fc673e9dd8d692756eea4b 61254 libdevel optional libcollectdclient-dev_4.10.1-2.1_amd64.deb db08bf77a8c12bc21177480218530230 66860 libs optional libcollectdclient0_4.10.1-2.1_amd64.deb a506ab778a6fd361764ae49883227f49 101538 utils optional collectd-dev_4.10.1-2.1_all.deb -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.10 (GNU/Linux) iEYEARECAAYFAkz/NPEACgkQ62zWxYk/rQeGrQCfToLOgOm1qPPCSirgVSqs9U/V 0V0An0L/cJixXacR7MQodaCnd8Ihd6Zm =1eT1 -END PGP SIGNATURE- Accepted: collectd-core_4.10.1-2.1_amd64.deb to main/c/collectd/collectd-core_4.10.1-2.1_amd64.deb collectd-dbg_4.10.1-2.1_amd64.deb to main/c/collectd/collectd-dbg_4.10.1-2.1_amd64.deb collectd-dev_4.10.1-2.1_all.deb to main/c/collectd/collectd-dev_4.10.1-2.1_all.deb collectd-utils_4.10.1-2.1_amd64.deb to main/c/collectd/collectd-utils_4.10.1-2.1_amd64.deb collectd_4.10.1-2.1.diff.gz to main/c/collectd/collectd_4.10.1-2.1.diff.gz collectd_4.10.1-2.1.dsc to main/c/collectd/collectd_4.10.1-2.1.dsc collectd_4.10.1-2.1_amd64.deb to main/c/collectd/collectd_4.10.1-2.1_amd64.deb libcollectdclient-dev_4.10.1-2.1_amd64.deb to main/c/collectd/libcollectdclient-dev_4.10.1-2.1_amd64.deb libcollectdclient0_4.10.1-2.1_amd64.deb to main/c/collectd/libcollectdclient0_4.10.1-2.1_amd64.deb -- To UNSUBSCRIBE, email to debian-devel-changes-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/e1pqek7-0007ha...@franck.debian.org
Accepted squid3 3.1.6-1.1 (source all amd64)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Format: 1.8 Date: Mon, 13 Sep 2010 17:07:51 +1000 Source: squid3 Binary: squid3 squid3-dbg squid3-common squidclient squid-cgi Architecture: source all amd64 Version: 3.1.6-1.1 Distribution: unstable Urgency: high Maintainer: Luigi Gangitano lu...@debian.org Changed-By: Steffen Joeris wh...@debian.org Description: squid-cgi - A full featured Web Proxy cache (HTTP proxy) - control CGI squid3 - A full featured Web Proxy cache (HTTP proxy) squid3-common - A full featured Web Proxy cache (HTTP proxy) - common files squid3-dbg - A full featured Web Proxy cache (HTTP proxy) - Debug symbols squidclient - A full featured Web Proxy cache (HTTP proxy) - control utility Closes: 596086 Changes: squid3 (3.1.6-1.1) unstable; urgency=high . * Non-maintainer upload by the security team * Fix DoS due to wrong string handling (Closes: #596086) Fixes: CVE-2010-3072 Checksums-Sha1: 0c30cdcdf2e2890feb82b8e459513a162f0d2a98 1269 squid3_3.1.6-1.1.dsc 166740246b6f8c077f1c31c7d5387e087caa36c8 18873 squid3_3.1.6-1.1.diff.gz 5351e7b3d5edeeea9b7542905b68f6a17d0b9319 193770 squid3-common_3.1.6-1.1_all.deb a809e1c0ffd1dc400dcf85e99d673e3c5ead0faf 1502952 squid3_3.1.6-1.1_amd64.deb cff1c3e2c4f10b7b395dd18827db0ca160f438c3 5614614 squid3-dbg_3.1.6-1.1_amd64.deb 87b60b8b60e3e95d027040235693c468764b3df5 105408 squidclient_3.1.6-1.1_amd64.deb c2496198b1977c85cbf7aa926d0fe9c929103bcf 107808 squid-cgi_3.1.6-1.1_amd64.deb Checksums-Sha256: c76aaccfeba8724e6e466749c8c3c40597360098690aadf05e0fb602e4b0d5a1 1269 squid3_3.1.6-1.1.dsc e7418f2318d514bcffa90037134b18dfc27dfac1bf1d556107abe2e25fb3df01 18873 squid3_3.1.6-1.1.diff.gz aee9ecca60cb69012ed417d602316b4230411dfed5916f3557808fe8e70cee2f 193770 squid3-common_3.1.6-1.1_all.deb 220c2aae5eafc12e825c35e28fdb7a18415fc230a54f1f401a1fb46499d0148c 1502952 squid3_3.1.6-1.1_amd64.deb 6f8921fc645709ae29c3e9b663dcdbd3602e23d905e3b6debcfdd082e33bb991 5614614 squid3-dbg_3.1.6-1.1_amd64.deb f07f80a643e618cc446e805d3212f84be07de214d926ca20fa8d3b67f587660f 105408 squidclient_3.1.6-1.1_amd64.deb e5e3c932b1f0b3cbdf31dcd1c833431470697f3fd951182a58672b3e97df3a41 107808 squid-cgi_3.1.6-1.1_amd64.deb Files: 19a5a6cca364601f75beddaddbf6c702 1269 web optional squid3_3.1.6-1.1.dsc 111416afbf32cf5f3dc606de91284bc7 18873 web optional squid3_3.1.6-1.1.diff.gz 59b45a42ca8f6f776b97c02160b10310 193770 web optional squid3-common_3.1.6-1.1_all.deb bbeb3a554412ea963a92444f51592d11 1502952 web optional squid3_3.1.6-1.1_amd64.deb 39c6179a1b77cbf68873623aa6bf250a 5614614 debug extra squid3-dbg_3.1.6-1.1_amd64.deb 2023ab6817198c745ed8f73c58db8ab8 105408 web optional squidclient_3.1.6-1.1_amd64.deb 3270515530d4a6a00ccab7d22d735c72 107808 web optional squid-cgi_3.1.6-1.1_amd64.deb -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.10 (GNU/Linux) iEYEARECAAYFAkyVlzsACgkQ62zWxYk/rQcs0wCeMeXREaciKoCpxjO7/oYVDQJh ZWEAoLeedacUSR7of/meeXF822OLSz9C =jo36 -END PGP SIGNATURE- Accepted: squid-cgi_3.1.6-1.1_amd64.deb to main/s/squid3/squid-cgi_3.1.6-1.1_amd64.deb squid3-common_3.1.6-1.1_all.deb to main/s/squid3/squid3-common_3.1.6-1.1_all.deb squid3-dbg_3.1.6-1.1_amd64.deb to main/s/squid3/squid3-dbg_3.1.6-1.1_amd64.deb squid3_3.1.6-1.1.diff.gz to main/s/squid3/squid3_3.1.6-1.1.diff.gz squid3_3.1.6-1.1.dsc to main/s/squid3/squid3_3.1.6-1.1.dsc squid3_3.1.6-1.1_amd64.deb to main/s/squid3/squid3_3.1.6-1.1_amd64.deb squidclient_3.1.6-1.1_amd64.deb to main/s/squid3/squidclient_3.1.6-1.1_amd64.deb -- To UNSUBSCRIBE, email to debian-devel-changes-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/e1oxc2z-0003uf...@franck.debian.org
Accepted tdiary 2.2.1-1.1 (source all)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Format: 1.8 Date: Tue, 09 Mar 2010 18:54:19 +1100 Source: tdiary Binary: tdiary tdiary-theme tdiary-plugin tdiary-mode tdiary-contrib Architecture: source all Version: 2.2.1-1.1 Distribution: unstable Urgency: high Maintainer: Daigo Moriwaki da...@debian.org Changed-By: Steffen Joeris wh...@debian.org Description: tdiary - a communication-friendly weblog system tdiary-contrib - Plugins of tDiary to add functionalities tdiary-mode - tDiary editing mode for Emacsen tdiary-plugin - Plugins of tDiary to add functionalities tdiary-theme - Themes of tDiary to change the design Closes: 572417 Changes: tdiary (2.2.1-1.1) unstable; urgency=high . * Non-maintainer upload by the security team * Fix XSS issue in tb-send.rb (Closes: #572417) Fixes: CVE-2010-0726 Thanks to Hideki Yamane Checksums-Sha1: 0fe8572de7a343f27ff684881e1a614f94c07d03 1063 tdiary_2.2.1-1.1.dsc c6b110e799945d32382a0cf9aa7a468b764ac869 28836 tdiary_2.2.1-1.1.diff.gz 3fda506f11c8a75bbb121d8e029e7f9e96efb474 201712 tdiary_2.2.1-1.1_all.deb 175a253320d3b5b461adfa4b59a866524c7c4082 3671572 tdiary-theme_2.2.1-1.1_all.deb db100491781b4a7b8a9556a1af15735507335ac7 270074 tdiary-plugin_2.2.1-1.1_all.deb 86f66b574a7a5364e82d4cda97f06870fd51ecb7 36904 tdiary-mode_2.2.1-1.1_all.deb 51e4faf0bdc37ae1cb9c82e6994fba431ccad1f7 209252 tdiary-contrib_2.2.1-1.1_all.deb Checksums-Sha256: cc302c8e69ac85220c212a7bfb0d9f75ef4ab91ad838c08bf9f6a37dc09645f2 1063 tdiary_2.2.1-1.1.dsc c2a537bd005743d6324d8904cae8adafa1f692b943786765667c79dfd8f43af6 28836 tdiary_2.2.1-1.1.diff.gz 034e681cc4d58b0e86af9f0afa375d13c2bf55bf73a75ede1784fb67e7811054 201712 tdiary_2.2.1-1.1_all.deb e0b0e0182411cbbc55d5051af30a9d668ab8c0f07a3fbd96b3fe3d286364a99d 3671572 tdiary-theme_2.2.1-1.1_all.deb 7989219d059b8d100a1961e1dc4d0afbad75fcf0d7e3221b8e278419ec49566e 270074 tdiary-plugin_2.2.1-1.1_all.deb 3ecde24bd4d0f0e10fc9115599da2ceb9cb2754d500d6eee22450c4a566b2f18 36904 tdiary-mode_2.2.1-1.1_all.deb 2fe2a24c1eabd1cf9e1e6654d0bb0bba2afa4dcb8fa09df374542ba89f90f744 209252 tdiary-contrib_2.2.1-1.1_all.deb Files: bd63579483d6206a9b5db8a059be2cc3 1063 web optional tdiary_2.2.1-1.1.dsc 25d81b1be26bf4840ec5f22134e19dc3 28836 web optional tdiary_2.2.1-1.1.diff.gz bd9a7852d0dd843e5bb577824fe4c817 201712 web optional tdiary_2.2.1-1.1_all.deb a5f31190766e3008b4574ef2b04d8dc4 3671572 web optional tdiary-theme_2.2.1-1.1_all.deb f315a9a0c5896be76e81b06c90ad6708 270074 web optional tdiary-plugin_2.2.1-1.1_all.deb 9aa4f71d05730793b378f41e20a94f70 36904 web optional tdiary-mode_2.2.1-1.1_all.deb b295182815de1eee0586006f94f78dec 209252 web optional tdiary-contrib_2.2.1-1.1_all.deb -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.10 (GNU/Linux) iEYEARECAAYFAkuWG+MACgkQ62zWxYk/rQcF7gCffMkTUYombFEeKRTjMGjeELm4 1wcAnjr02pA/1D/SMAV0ZHTEyX/fzfVL =4In4 -END PGP SIGNATURE- Accepted: tdiary-contrib_2.2.1-1.1_all.deb to main/t/tdiary/tdiary-contrib_2.2.1-1.1_all.deb tdiary-mode_2.2.1-1.1_all.deb to main/t/tdiary/tdiary-mode_2.2.1-1.1_all.deb tdiary-plugin_2.2.1-1.1_all.deb to main/t/tdiary/tdiary-plugin_2.2.1-1.1_all.deb tdiary-theme_2.2.1-1.1_all.deb to main/t/tdiary/tdiary-theme_2.2.1-1.1_all.deb tdiary_2.2.1-1.1.diff.gz to main/t/tdiary/tdiary_2.2.1-1.1.diff.gz tdiary_2.2.1-1.1.dsc to main/t/tdiary/tdiary_2.2.1-1.1.dsc tdiary_2.2.1-1.1_all.deb to main/t/tdiary/tdiary_2.2.1-1.1_all.deb -- To UNSUBSCRIBE, email to debian-devel-changes-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/e1nowup-000344...@ries.debian.org
Accepted audiere 1.9.4-3.1 (source i386)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Format: 1.8 Date: Sat, 30 Jan 2010 18:57:35 +0100 Source: audiere Binary: libaudiere-1.9.4 libaudiere-dev libaudiere-1.9.4-dbg Architecture: source i386 Version: 1.9.4-3.1 Distribution: unstable Urgency: low Maintainer: Arthur Loiret arthur.loi...@gmail.com Changed-By: Steffen Joeris wh...@debian.org Description: libaudiere-1.9.4 - a portable, high-level audio library libaudiere-1.9.4-dbg - a portable, high-level audio library (debug information) libaudiere-dev - a portable, high-level audio library (development files) Closes: 505122 Changes: audiere (1.9.4-3.1) unstable; urgency=low . * Non-maintainer upload * Fix FTBFS with GCC 4.4 (Closes: #505122) Thanks to Martin Michlmayr Checksums-Sha1: b425175650b02f2bdc79b7e0a01ad951c2825ae2 1108 audiere_1.9.4-3.1.dsc 17bd76f70e8a06fc77af86a8ac322b88ca5dcd89 3409 audiere_1.9.4-3.1.diff.gz 1472e86692059c0931bc0edba2bb090ac135ee97 105566 libaudiere-1.9.4_1.9.4-3.1_i386.deb f211582daa478e1838097393c8d31ad15d19c109 146150 libaudiere-dev_1.9.4-3.1_i386.deb 86306865b140c3c5c223487d5f4092efb6f19fd1 394234 libaudiere-1.9.4-dbg_1.9.4-3.1_i386.deb Checksums-Sha256: a02db7bc9e114098bc9b0212421ef88feb4ed18be461805affdefd6ad2f4a600 1108 audiere_1.9.4-3.1.dsc e8b23150600c6d3c936b82091c3d93fc10aefe934e2fb428e4cef52c52f5d8c2 3409 audiere_1.9.4-3.1.diff.gz 4e548f2663bcc3c0eabb1bcb99e38cff54cce1b1ee1f57a3383eec302e426e0d 105566 libaudiere-1.9.4_1.9.4-3.1_i386.deb 68ffe176b2e1efe0d48e21ad0d1ba95f91127fb0bcda751de123776cbf42483d 146150 libaudiere-dev_1.9.4-3.1_i386.deb 4d43c8c6888da95cd409510683cb999314dc920c2b7561b07e31b52eb4fd6ff3 394234 libaudiere-1.9.4-dbg_1.9.4-3.1_i386.deb Files: e40e5308a62f3ed8c6f1f01b9bc18d69 1108 libs optional audiere_1.9.4-3.1.dsc baea64b3351ff11948e7ab2431e95940 3409 libs optional audiere_1.9.4-3.1.diff.gz a433a3f63ebaaac8a0dd31f025291cea 105566 libs optional libaudiere-1.9.4_1.9.4-3.1_i386.deb 32b1794fd02e57dc31bb8b38d0bca7e2 146150 libdevel optional libaudiere-dev_1.9.4-3.1_i386.deb 4634d7de6a3fe6cdcc6cf4a373c873b4 394234 libs optional libaudiere-1.9.4-dbg_1.9.4-3.1_i386.deb -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.10 (GNU/Linux) iEYEARECAAYFAktkdZwACgkQ62zWxYk/rQcSawCfbXh3Kcyda05S6irhnsozlyCn ouYAn0JuY4AEU/LUFDSMB1REDUvAmlbk =kHCc -END PGP SIGNATURE- Accepted: audiere_1.9.4-3.1.diff.gz to main/a/audiere/audiere_1.9.4-3.1.diff.gz audiere_1.9.4-3.1.dsc to main/a/audiere/audiere_1.9.4-3.1.dsc libaudiere-1.9.4-dbg_1.9.4-3.1_i386.deb to main/a/audiere/libaudiere-1.9.4-dbg_1.9.4-3.1_i386.deb libaudiere-1.9.4_1.9.4-3.1_i386.deb to main/a/audiere/libaudiere-1.9.4_1.9.4-3.1_i386.deb libaudiere-dev_1.9.4-3.1_i386.deb to main/a/audiere/libaudiere-dev_1.9.4-3.1_i386.deb -- To UNSUBSCRIBE, email to debian-devel-changes-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Accepted hybserv 1.9.2-4.1 (source i386)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Format: 1.8 Date: Fri, 29 Jan 2010 14:30:27 +0100 Source: hybserv Binary: hybserv Architecture: source i386 Version: 1.9.2-4.1 Distribution: unstable Urgency: high Maintainer: Aurélien GÉRÔME a...@roxor.cx Changed-By: Steffen Joeris wh...@debian.org Description: hybserv- IRC services for IRCD-Hybrid Closes: 550389 Changes: hybserv (1.9.2-4.1) unstable; urgency=high . * Non-maintainer upload by the security team * Fix DoS via commands with tabs (Closes: #550389) Fixes: CVE-2010-0303 * Add db_stop into hybserv.postinst to avoid that the postinst script hangs due to open debconf file descriptors Thanks to Julien Cristau Checksums-Sha1: 7ced83be9e24e62d817c85af03a3942d6ab2336b 980 hybserv_1.9.2-4.1.dsc e7dadf556b43cc4ed1c2ac279ac0afa20e2b1db1 12946 hybserv_1.9.2-4.1.diff.gz 8432987fde84342ddc728266dd3e0013bd7186c4 212000 hybserv_1.9.2-4.1_i386.deb Checksums-Sha256: 339e87560ffd8c9dbf8d5eee839d6107043be6ee5ef70b798a0420893d2ffd57 980 hybserv_1.9.2-4.1.dsc 131ac9243089630ad556bce67ab4c1e4a387659616e57038623b0c22b217fee5 12946 hybserv_1.9.2-4.1.diff.gz a6593da4598d2d9b1341c624cfc139d7d7995fbbf4fad8dff01e3246f489d18b 212000 hybserv_1.9.2-4.1_i386.deb Files: 57bb4ed34dfb0bfd41e16d007819bf7c 980 net extra hybserv_1.9.2-4.1.dsc f0c32f632f67779c7cfbb3d66ceea232 12946 net extra hybserv_1.9.2-4.1.diff.gz c45860d825c29f039833381255efd821 212000 net extra hybserv_1.9.2-4.1_i386.deb -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.10 (GNU/Linux) iEYEARECAAYFAkti5DEACgkQ62zWxYk/rQdArgCfa6/LAkDkqxDd2nzsLkxcEvbV 1okAn3TqILfkTdIYyrI3qtzrHheN0C8F =e8ve -END PGP SIGNATURE- Accepted: hybserv_1.9.2-4.1.diff.gz to main/h/hybserv/hybserv_1.9.2-4.1.diff.gz hybserv_1.9.2-4.1.dsc to main/h/hybserv/hybserv_1.9.2-4.1.dsc hybserv_1.9.2-4.1_i386.deb to main/h/hybserv/hybserv_1.9.2-4.1_i386.deb -- To UNSUBSCRIBE, email to debian-devel-changes-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Accepted maildrop 2.2.0-3.1 (source i386)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Format: 1.8 Date: Thu, 28 Jan 2010 20:24:22 +0100 Source: maildrop Binary: maildrop Architecture: source i386 Version: 2.2.0-3.1 Distribution: unstable Urgency: high Maintainer: Josip Rodin joy-packa...@debian.org Changed-By: Steffen Joeris wh...@debian.org Description: maildrop - mail delivery agent with filtering abilities Closes: 564601 Changes: maildrop (2.2.0-3.1) unstable; urgency=high . * Non-maintainer upload by the security team * Fix privilege escalation via maildrop -d which grants root group privileges (Closes: #564601) Thanks to Sam Varshavchik Checksums-Sha1: f2ce686042c60a93c32608717735f02bc6d60dfa 1101 maildrop_2.2.0-3.1.dsc 39a43fcaa2f4f3d79b7c0e2c09378950178a9361 631070 maildrop_2.2.0-3.1.diff.gz fba21c6a89d01aee9f8aa043bd42fa79020ed5c5 367904 maildrop_2.2.0-3.1_i386.deb Checksums-Sha256: d35722c442c34b391f41a95ff76837c2f81688e13c983a5845efad8581433f14 1101 maildrop_2.2.0-3.1.dsc f56f279bb17182f0e5bf1b9cb2156f908da0bae1e3e0097341a7298e4c7e8bab 631070 maildrop_2.2.0-3.1.diff.gz b15acf5062468abd9becca55e201c20ba3550b20956e3beb973a25d3099d3835 367904 maildrop_2.2.0-3.1_i386.deb Files: 5b0031829042677e03bbcab35211a7b3 1101 mail optional maildrop_2.2.0-3.1.dsc 3db51f268a0209dfb9b28728c3189362 631070 mail optional maildrop_2.2.0-3.1.diff.gz f4c7f47026047b8c6e714c7eb8f325be 367904 mail optional maildrop_2.2.0-3.1_i386.deb -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.10 (GNU/Linux) iEYEARECAAYFAkth5u8ACgkQ62zWxYk/rQcWtwCfetQFArCCjEiu04t6ULGWQ73g WW4AnRywfp0YoVkl3M51vBMzIhGqx6mf =j/Uv -END PGP SIGNATURE- Accepted: maildrop_2.2.0-3.1.diff.gz to main/m/maildrop/maildrop_2.2.0-3.1.diff.gz maildrop_2.2.0-3.1.dsc to main/m/maildrop/maildrop_2.2.0-3.1.dsc maildrop_2.2.0-3.1_i386.deb to main/m/maildrop/maildrop_2.2.0-3.1_i386.deb -- To UNSUBSCRIBE, email to debian-devel-changes-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Accepted mm3d 1.3.7-1.2 (source i386)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Format: 1.8 Date: Fri, 22 Jan 2010 23:08:35 +0100 Source: mm3d Binary: mm3d Architecture: source i386 Version: 1.3.7-1.2 Distribution: unstable Urgency: low Maintainer: Gürkan Sengün gur...@phys.ethz.ch Changed-By: Steffen Joeris wh...@debian.org Description: mm3d - OpenGL based 3D model editor Closes: 505626 Changes: mm3d (1.3.7-1.2) unstable; urgency=low . * Non-maintainer upload * Fix FTBFS due to newer GCC compiler (Closes: #505626) Thanks to Martin Michlmayr Checksums-Sha1: 07265fe780656c156f686096bad00c5ed69d06ef 1033 mm3d_1.3.7-1.2.dsc d8fbea1fa427d4e73252404140c36b7d890493fc 25165 mm3d_1.3.7-1.2.diff.gz 1d94f0a95b5be38458e49854301a9dea894d7c3e 1700366 mm3d_1.3.7-1.2_i386.deb Checksums-Sha256: 673f1ad19bf5cb2af223ec3e47d01de21b0ce7d02f2094df4a112a64d1f29b56 1033 mm3d_1.3.7-1.2.dsc d947abbf2bed99bcddd19cb132d28d3d6a94f0277833dad8e260792efe7fe867 25165 mm3d_1.3.7-1.2.diff.gz 2a607f5cb2a8a3f814f309df12f3cc057431f3897b34dfd99e1161fc73bbf4ad 1700366 mm3d_1.3.7-1.2_i386.deb Files: d4305189e874dcaad953e7fb1af2e668 1033 graphics optional mm3d_1.3.7-1.2.dsc f366b07e33c3ccb33a6455fe3c460f46 25165 graphics optional mm3d_1.3.7-1.2.diff.gz c8eebdf870ee94744d1af992d7404b1e 1700366 graphics optional mm3d_1.3.7-1.2_i386.deb -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.10 (GNU/Linux) iEYEARECAAYFAktaJ9EACgkQ62zWxYk/rQft5ACeI7iFPjoQrmuiJmPfRcQAeD1n OhwAn1lpHWtepxiysIEO5H50WxjRiy8d =ys2t -END PGP SIGNATURE- Accepted: mm3d_1.3.7-1.2.diff.gz to main/m/mm3d/mm3d_1.3.7-1.2.diff.gz mm3d_1.3.7-1.2.dsc to main/m/mm3d/mm3d_1.3.7-1.2.dsc mm3d_1.3.7-1.2_i386.deb to main/m/mm3d/mm3d_1.3.7-1.2_i386.deb -- To UNSUBSCRIBE, email to debian-devel-changes-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Accepted score-reading-trainer 0.1.4-2 (source i386)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Format: 1.8 Date: Mon, 25 Jan 2010 15:41:05 +0100 Source: score-reading-trainer Binary: score-reading-trainer Architecture: source i386 Version: 0.1.4-2 Distribution: unstable Urgency: low Maintainer: Steffen Joeris wh...@debian.org Changed-By: Steffen Joeris wh...@debian.org Description: score-reading-trainer - trainer for reading music notes Closes: 566725 Changes: score-reading-trainer (0.1.4-2) unstable; urgency=low . * Fix menu entry in .desktop file to make sure it shows up under the category Education (Closes: #566725) - Use simple-patchsys to apply the patch and move all changes to the .desktop and Makefile.am into 01_fix-desktop-file.patch Thanks to Petter Reinholdtsen * Fix issues in debian/copyright - Explicitly point to GPL version2 rather than the symlink - Mention the copyright notice * Bump standard version to 3.8.3 Checksums-Sha1: d8dab6abf54a9fb9f00eee64087ef50df3df692e 1125 score-reading-trainer_0.1.4-2.dsc 2283185b345c68f72f9bfee598c62e249bfba5b7 9611 score-reading-trainer_0.1.4-2.diff.gz 3f026df88c10a54dd41d7e97090d13706f0aa4f6 129988 score-reading-trainer_0.1.4-2_i386.deb Checksums-Sha256: 78554e683f6d318a8c16768ef0211fd866c00b11b3b28cf83b1927b42e0889cf 1125 score-reading-trainer_0.1.4-2.dsc 6a14a14b90f3f95b72066a3c3708e76fe42ba7fe4191f9f85ca1188c46ae7bc4 9611 score-reading-trainer_0.1.4-2.diff.gz b25101537b7de4aa6701f142fdcd152987f49f5b9f3296e0edd17111bfa039c1 129988 score-reading-trainer_0.1.4-2_i386.deb Files: 0ace0ed3a39ef1dd7aaa0e810514d03f 1125 kde optional score-reading-trainer_0.1.4-2.dsc cb65a93cc64369ead29ce95c688ea59f 9611 kde optional score-reading-trainer_0.1.4-2.diff.gz d5c7aba4f021a80754f2b9d41b8ce687 129988 kde optional score-reading-trainer_0.1.4-2_i386.deb -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.10 (GNU/Linux) iEYEARECAAYFAktdsO8ACgkQ62zWxYk/rQcczgCgh64J88YVFFoMabfD77WDWv3v RYkAoMBEpjmjCN9zQIwjq+rc1eceTVz4 =+oQL -END PGP SIGNATURE- Accepted: score-reading-trainer_0.1.4-2.diff.gz to main/s/score-reading-trainer/score-reading-trainer_0.1.4-2.diff.gz score-reading-trainer_0.1.4-2.dsc to main/s/score-reading-trainer/score-reading-trainer_0.1.4-2.dsc score-reading-trainer_0.1.4-2_i386.deb to main/s/score-reading-trainer/score-reading-trainer_0.1.4-2_i386.deb -- To UNSUBSCRIBE, email to debian-devel-changes-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Accepted bastille 1:3.0.9-12.1 (source all)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Format: 1.8 Date: Sat, 23 Jan 2010 13:08:40 +0100 Source: bastille Binary: bastille Architecture: source all Version: 1:3.0.9-12.1 Distribution: unstable Urgency: low Maintainer: Javier Fernandez-Sanguino Pen~a j...@debian.org Changed-By: Steffen Joeris wh...@debian.org Description: bastille - Security hardening tool Closes: 563784 Changes: bastille (1:3.0.9-12.1) unstable; urgency=low . * Non-maintainer upload * Change dependency in init LSB header to use $network rather than $local_fs to make sure networking is available during boot and to make the package installation work again (Closes: #563784) Thanks to Petter Reinholdtsen Checksums-Sha1: 48d507154166f8e3945246272784f3b09b68 1021 bastille_3.0.9-12.1.dsc ddf064fe590a35e9fb8e8082d1ae2d34e7e3892c 39020 bastille_3.0.9-12.1.diff.gz 1264398d39f94ff8154981920fce26b7a2c8d975 462490 bastille_3.0.9-12.1_all.deb Checksums-Sha256: 23f75376c7f4651153364f298bad971402ffb57d16617a08fa704d851bdc0dc4 1021 bastille_3.0.9-12.1.dsc 3cd0d568d266118cc9d7eb0c6df2aee35a37bee25be9974c0ea03845342c4d1e 39020 bastille_3.0.9-12.1.diff.gz 26b0be4c568d00f885fd8e4c3b334dc9a996e50c7a07957e40d6cd940572d8e3 462490 bastille_3.0.9-12.1_all.deb Files: e5c0b333662b32685c092d4b0e3a36fb 1021 admin optional bastille_3.0.9-12.1.dsc d192b14f3a73e68782e4d68e2679da1b 39020 admin optional bastille_3.0.9-12.1.diff.gz fc8270233948dd43514b85508f5df560 462490 admin optional bastille_3.0.9-12.1_all.deb -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.10 (GNU/Linux) iEYEARECAAYFAkta6FgACgkQ62zWxYk/rQduQwCgvINliBFkIY6LCly3WwgClYQK FfwAn0WBF1T8XMiVCL7WqSbYl4DxlfjR =X7Or -END PGP SIGNATURE- Accepted: bastille_3.0.9-12.1.diff.gz to main/b/bastille/bastille_3.0.9-12.1.diff.gz bastille_3.0.9-12.1.dsc to main/b/bastille/bastille_3.0.9-12.1.dsc bastille_3.0.9-12.1_all.deb to main/b/bastille/bastille_3.0.9-12.1_all.deb -- To UNSUBSCRIBE, email to debian-devel-changes-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Accepted argus 1:2.0.6.fixes.1-16.1 (source i386)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Format: 1.8 Date: Fri, 22 Jan 2010 15:16:59 +0100 Source: argus Binary: argus-server Architecture: source i386 Version: 1:2.0.6.fixes.1-16.1 Distribution: unstable Urgency: low Maintainer: Andrew Pollock apoll...@debian.org Changed-By: Steffen Joeris wh...@debian.org Description: argus-server - IP network transaction auditing tool Closes: 557807 Changes: argus (1:2.0.6.fixes.1-16.1) unstable; urgency=low . * Non-maintainer upload * Use pcap_dispatch() rather than the private functions pcap_offline_read()/pcap_read() and fix a few compilation errors (Closes: #557807) Checksums-Sha1: 473f60b680d6ffb6f8e5d81cd7c8f41290c5dfaf 1131 argus_2.0.6.fixes.1-16.1.dsc 41ae0a044806db91525366d3a333a0ea8706352f 27224 argus_2.0.6.fixes.1-16.1.diff.gz 2b34e3150cccb50d8659e5da82025389a1767c20 137164 argus-server_2.0.6.fixes.1-16.1_i386.deb Checksums-Sha256: c2974839cacf2ec2391871404b2845deccb8527c05193bc41a233727b5c41aa6 1131 argus_2.0.6.fixes.1-16.1.dsc b14eac51222c98f5253943140a53086f007b8a2068c576bff73a6dbbc8aa8dd0 27224 argus_2.0.6.fixes.1-16.1.diff.gz 95d9507c25444595eb251fdd47b830db61055de4d48471fec09c71943a3c72da 137164 argus-server_2.0.6.fixes.1-16.1_i386.deb Files: 1cdde1b275df5b65f72cb081ef0957cf 1131 net optional argus_2.0.6.fixes.1-16.1.dsc b0879bceb9fbcce77e59b23a88cac6ef 27224 net optional argus_2.0.6.fixes.1-16.1.diff.gz aa94bfcf8f73fc7b1f4ccd325a152fc4 137164 net optional argus-server_2.0.6.fixes.1-16.1_i386.deb -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.10 (GNU/Linux) iEYEARECAAYFAktZ6coACgkQ62zWxYk/rQdWewCgnRMhoX/qqqPIuGrnVEd4DKHD 4AwAn3oVpR1rA3MvUycbNqUW5s5mWweH =Yv59 -END PGP SIGNATURE- Accepted: argus-server_2.0.6.fixes.1-16.1_i386.deb to main/a/argus/argus-server_2.0.6.fixes.1-16.1_i386.deb argus_2.0.6.fixes.1-16.1.diff.gz to main/a/argus/argus_2.0.6.fixes.1-16.1.diff.gz argus_2.0.6.fixes.1-16.1.dsc to main/a/argus/argus_2.0.6.fixes.1-16.1.dsc -- To UNSUBSCRIBE, email to debian-devel-changes-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Accepted gwget2 1.0.4-1.1 (source i386)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Format: 1.8 Date: Fri, 22 Jan 2010 21:39:05 +0100 Source: gwget2 Binary: gwget epiphany-extension-gwget Architecture: source i386 Version: 1.0.4-1.1 Distribution: unstable Urgency: low Maintainer: Arnaud Fontaine ar...@debian.org Changed-By: Steffen Joeris wh...@debian.org Description: epiphany-extension-gwget - Gwget extension for Epiphany web browser gwget - GNOME front-end for wget Closes: 565287 Changes: gwget2 (1.0.4-1.1) unstable; urgency=low . * Non-maintainer upload * Fix FTBFS in gwget2 by adjusting configure.ac and debian/rules (Closes: #565287) Thanks to Peter Green Checksums-Sha1: 1e5ff3d573e0a44b94e875c6db06ff8e6161acc6 1582 gwget2_1.0.4-1.1.dsc 0e79e0bfedc83cb84a0c55255d1ec2b9a481b9ff 7037 gwget2_1.0.4-1.1.diff.gz 680b1f4dafac3aa714dcc5a08f8fcd80b82876c7 253436 gwget_1.0.4-1.1_i386.deb 6c43bd1cfb99cef349a6fe780e56858697b6ed43 35398 epiphany-extension-gwget_1.0.4-1.1_i386.deb Checksums-Sha256: 959d6aa7c5083df1e07d67b06c3bf7827945aa91d28a5af53f3bbb7595819f4c 1582 gwget2_1.0.4-1.1.dsc b596a95c6cf4bee45bc05fb1edd9782579087906a64d52b0fe06905a2b2c1d0f 7037 gwget2_1.0.4-1.1.diff.gz 05c320a92845a5526c86451e3c6db76ebb15d0aae477eb7f6e32ddc6a41db36b 253436 gwget_1.0.4-1.1_i386.deb 078013f1461a8806b408714c558cb1199bd32a1a038da93222c1ac4e0607488a 35398 epiphany-extension-gwget_1.0.4-1.1_i386.deb Files: 65d4c54d3d1058e08e7f37a891967d9f 1582 gnome optional gwget2_1.0.4-1.1.dsc 908a15c746c0946a9b7973cb1a4d17a7 7037 gnome optional gwget2_1.0.4-1.1.diff.gz 0466fc4f5a82be442b21e1135eb7c0f6 253436 gnome optional gwget_1.0.4-1.1_i386.deb ad6b4374f41a8bb59591cba24c44f0cc 35398 gnome optional epiphany-extension-gwget_1.0.4-1.1_i386.deb -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.10 (GNU/Linux) iEYEARECAAYFAktaERoACgkQ62zWxYk/rQewoQCdGFuQBL/ty3c5XXXRQm10PTJx 8WsAn06Mwy1IY95GX9UNIlErGxdSGYAg =BdjS -END PGP SIGNATURE- Accepted: epiphany-extension-gwget_1.0.4-1.1_i386.deb to main/g/gwget2/epiphany-extension-gwget_1.0.4-1.1_i386.deb gwget2_1.0.4-1.1.diff.gz to main/g/gwget2/gwget2_1.0.4-1.1.diff.gz gwget2_1.0.4-1.1.dsc to main/g/gwget2/gwget2_1.0.4-1.1.dsc gwget_1.0.4-1.1_i386.deb to main/g/gwget2/gwget_1.0.4-1.1_i386.deb -- To UNSUBSCRIBE, email to debian-devel-changes-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Accepted qemulator 0.5-3.1 (source all)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Format: 1.8 Date: Wed, 23 Dec 2009 22:19:35 +0100 Source: qemulator Binary: qemulator Architecture: source all Version: 0.5-3.1 Distribution: unstable Urgency: low Maintainer: Francesco Namuri france...@namuri.it Changed-By: Steffen Joeris wh...@debian.org Description: qemulator - a solution for easy setup and management of qemu Closes: 560604 Changes: qemulator (0.5-3.1) unstable; urgency=low . * Non-maintainer upload * Add libmagickcore2-extra as build-depends since imagemagick has reorganised the plugin packages (thanks to Stuart Prescott) (Closes: #560604) Checksums-Sha1: 2fc46e7107e1fc88a9d8745e24875d8e097cf716 1074 qemulator_0.5-3.1.dsc ce03a49d388c08c114b5159e14a2e384a303abc8 4654 qemulator_0.5-3.1.diff.gz acbcbd7151ae6d5bf6ae51fbf5873a7d29fc0ad4 710022 qemulator_0.5-3.1_all.deb Checksums-Sha256: 3d2a7a81aff9321dd34b7689b33b3af3ffa38078a6e764f1bdeb3a4e227b9ac2 1074 qemulator_0.5-3.1.dsc 74175455c0a141e8cdaad3fd7d2a6ee14f72e0e2ab20e5b163c51930241336d0 4654 qemulator_0.5-3.1.diff.gz 8927a457f7e5b85f650fd1ac2db69cfdf6a2582e7cbd1610fcad5e3f9ccdf015 710022 qemulator_0.5-3.1_all.deb Files: 7496eb429d5f57bab2586d82627308b9 1074 otherosfs extra qemulator_0.5-3.1.dsc d0df0b9bfc629fbac705275e8633035d 4654 otherosfs extra qemulator_0.5-3.1.diff.gz 8a1309f353725b655bc75bfb0c987d9e 710022 otherosfs extra qemulator_0.5-3.1_all.deb -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.10 (GNU/Linux) iEYEARECAAYFAksyisIACgkQ62zWxYk/rQdrlQCgvqpyKvYAf4UdDN9ItatsyffN jHMAnROk8PQW8dh3yBvw0iKTG5oraqvS =YQL5 -END PGP SIGNATURE- Accepted: qemulator_0.5-3.1.diff.gz to main/q/qemulator/qemulator_0.5-3.1.diff.gz qemulator_0.5-3.1.dsc to main/q/qemulator/qemulator_0.5-3.1.dsc qemulator_0.5-3.1_all.deb to main/q/qemulator/qemulator_0.5-3.1_all.deb -- To UNSUBSCRIBE, email to debian-devel-changes-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Accepted cacti 0.8.7e-1.1 (source all)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Format: 1.8 Date: Wed, 16 Dec 2009 12:06:20 +0100 Source: cacti Binary: cacti Architecture: source all Version: 0.8.7e-1.1 Distribution: unstable Urgency: high Maintainer: Sean Finney sean...@debian.org Changed-By: Steffen Joeris wh...@debian.org Description: cacti - Frontend to rrdtool for monitoring systems and services Changes: cacti (0.8.7e-1.1) unstable; urgency=high . * Non-maintainer upload by the security team * Fix several cross-site scriptings via different vectors Fixes: CVE-2009-4032 Checksums-Sha1: 7a1b4e5d75cef3744fb66c2300ab4de9d0c01ff1 1121 cacti_0.8.7e-1.1.dsc 6ba93e200e0fbbddfbc5a9a98a9cf0f70842d904 2232297 cacti_0.8.7e.orig.tar.gz b0b9d0f2d4961a62e09dbb42efb8c85f3ee94593 40336 cacti_0.8.7e-1.1.diff.gz edd12c687bf354cbd2482619a449f18ae8aaadf2 2085942 cacti_0.8.7e-1.1_all.deb Checksums-Sha256: e76f44280562854cd254270c666298ac8783a366832e23ded9d9d1dd755754a6 1121 cacti_0.8.7e-1.1.dsc 1983f16cd5cf5e30b33b43b167e324713f0711167f5dcde57f3cbfbeddbaa7ff 2232297 cacti_0.8.7e.orig.tar.gz 7ac48543f8b05a608bf8ac9ebe7de61061b907be2574057cb3a334bbe4487780 40336 cacti_0.8.7e-1.1.diff.gz b880011f940b0f99d54ee638ee804ba13f8ce20d039f37c94a8eee734a05df81 2085942 cacti_0.8.7e-1.1_all.deb Files: cbf4cc35adf3597818f1fcfe1b283094 1121 web extra cacti_0.8.7e-1.1.dsc 7563a58a57d2c6cc0da28cc341a30969 2232297 web extra cacti_0.8.7e.orig.tar.gz a0c6ac9066be3ddb2b788eb6690f9621 40336 web extra cacti_0.8.7e-1.1.diff.gz fb0fef0b8028b8bd07076a5223a2e242 2085942 web extra cacti_0.8.7e-1.1_all.deb -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.10 (GNU/Linux) iEYEARECAAYFAksowHkACgkQ62zWxYk/rQcUngCeJwPFlsYRecnDbhSKi1NC+3uJ qB0An1MO69hqAqOXs7A4Thx4KyOkovM7 =/L27 -END PGP SIGNATURE- Accepted: cacti_0.8.7e-1.1.diff.gz to main/c/cacti/cacti_0.8.7e-1.1.diff.gz cacti_0.8.7e-1.1.dsc to main/c/cacti/cacti_0.8.7e-1.1.dsc cacti_0.8.7e-1.1_all.deb to main/c/cacti/cacti_0.8.7e-1.1_all.deb -- To UNSUBSCRIBE, email to debian-devel-changes-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Re: Bug#559802: CVE-2009-3736 local privilege escalation
On Tue, 8 Dec 2009 04:23:41 pm Michael Gilbert wrote: On Tue, 8 Dec 2009 03:13:06 +1100, Steffen Joeris wrote: The following CVE (Common Vulnerabilities Exposures) id was published for libtool. I have determined that this package embeds a vulnerable copy of the libtool source code. However, since this is a mass bug filing (due to so many packages embedding libtool), I have not had time to determine whether the vulnerable code is actually present in any of the binary packages. Please determine whether this is the case. If the package is not affected, please feel free to close the bug with a message containing the details of what you did to check. CVE-2009-3736[0]: | ltdl.c in libltdl in GNU Libtool 1.5.x, and 2.2.6 before 2.2.6b, | attempts to open a .la file in the current working directory, | which allows local users to gain privileges via a Trojan horse | file. Note that this problem also affects etch and lenny, so if your package is affected, please coordinate with the security team to release the DSA for the affected packages. Is this different to all these python modules that include the working directory? When I had a quick look it smelled like these once, in which case none of the packages probably deserves a DSA and they can all be fixed through s-p-u/o-s-p-u (and can be urgency 'slow'), but I thought I'd ask first in case I misunderstood the issue. So, as i interpret the issue, the difference here is that libtool will load any and all .la and .a file available on the LD_LOAD_LIBRARY path; whereas python will load modules in the current directory only if they are specifically called from the script. I have just recently realized that LD_LOAD_LIBRARY has a relatively safe default that does not include the current working directory. Given this fact, I believe that the impact is rather limited (only users that have modified that LD_LOAD_LIBRARY path are affected; and i'm sure there are those who have done this, but it is a minor subset of all debian users). Hence, I think that for any package embedding libtool, updates should be pushed in stable-proposed-updates, rather than DSAs. As for libtool itself, it may still make sense to issue a DSA. If there is concurrence on this assessment, I will send a message along these lines to all of the bugs that I submitted. Please do so, if the packages have an embedded code copy and do not link against libtool. Cheers Steffen -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Re: Bug#559802: CVE-2009-3736 local privilege escalation
Hi The following CVE (Common Vulnerabilities Exposures) id was published for libtool. I have determined that this package embeds a vulnerable copy of the libtool source code. However, since this is a mass bug filing (due to so many packages embedding libtool), I have not had time to determine whether the vulnerable code is actually present in any of the binary packages. Please determine whether this is the case. If the package is not affected, please feel free to close the bug with a message containing the details of what you did to check. CVE-2009-3736[0]: | ltdl.c in libltdl in GNU Libtool 1.5.x, and 2.2.6 before 2.2.6b, | attempts to open a .la file in the current working directory, which | allows local users to gain privileges via a Trojan horse file. Note that this problem also affects etch and lenny, so if your package is affected, please coordinate with the security team to release the DSA for the affected packages. Is this different to all these python modules that include the working directory? When I had a quick look it smelled like these once, in which case none of the packages probably deserves a DSA and they can all be fixed through s-p-u/o-s-p-u (and can be urgency 'slow'), but I thought I'd ask first in case I misunderstood the issue. Cheers Steffen -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Re: Bits from the FTPMaster meeting
On Mon, 16 Nov 2009 02:04:28 pm Carlo Segre wrote: On Sun, 15 Nov 2009, Joerg Jaspert wrote: The current winning opinion is to go with the source+throw away binaries route. We are close to being able to achieve this, it is simply that it has not yet been enabled. Before any version of this can be enabled, buildd autosigning needs to be implemented in order that dak can differentiate buildd uploads vs maintainer uploads. It may be necessary to also move the building of contrib packages to the unofficial non-free buildd network. As it stands any contrib package which has a non-free Build-Depends is not guaranteed to build on all architectures since not all the buildd systems include the non-free archives. Up to now it has been possible to do binary uploads to work around this and get as many architectures in the archive as possible to build manually. When this new option is enabled, it will no longer be possible. As I understood it, it is still possible for DDs to do binary-only uploads (as allowed per GR). This throwing away of the binary package is only for the initial source+binary upload. (In an ideal world, there should be no need for DDs to do binary-only uploads by hand, but in reality it has to happen every now and then, at least for security). Cheers Steffen -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
packages that use deprecated SQL escape functions
Hi everyone We had a few issues in the past with insufficient database escaping, which lead to possible SQL injections due to the use of the deprecated functions mysql_escape_string() and PQescapeString(). These functions do not take the encoding of the established connection into account, which can lead to insufficient escaping, if the encoding of this connection can be set to certain multibyte character encodings (such as GBK). I found the explanation given in this email[0] quite useful to elaborate on the thread. In order to prevent this issue, the new functions mysql_real_escape_string() [1] and PQescapeStringConn()[2] have been added, which honour the specific encoding of the connection. Thanks to Kees, I have prepared a list of packages (below) that are still using the deprecated functions. Apologies for all false-positives, I've tried to eliminate as many as possible. If you find your package in the list below, please have a look at the code and check, if you can change to the new functions. You are likely vulnerable to an SQL injection attack, if you only rely on the deprecated functions for escaping (or have some self-made escaping for that matter) AND if it is possible to set the client encoding. If other encodings, such as UTF-8, are used, you are not vulnerable, so check that as well, please. In the near future, I will try to do the archive scan again and file bugs with severity normal for the packages below that are still relying on the deprecated functions. (Should they be found vulnerable, the severity will be raised of course). If you are in doubt about anything or if you found that your package is vulnerable, please contact the security team (t...@security.debian.org). Cheers Steffen [0]: http://www.mail-archive.com/pgsql-hack...@postgresql.org/msg71061.html [1]: http://dev.mysql.com/doc/refman/5.0/es/mysql-real-escape-string.html [2]: http://www.postgresql.org/docs/8.4/static/libpq-exec.html ampache: Charlie Smotherman cj...@cableone.net ./ampache-3.5.1/modules/getid3/extension.cache.mysql.php:$filenam2 = mysql_escape_string($filename); ./ampache-3.5.1/modules/getid3/extension.cache.mysql.php:$res2 = mysql_escape_string(serialize($result)); asterisk-addons: Debian VoIP Team pkg-voip- maintain...@lists.alioth.debian.org ./asterisk-addons-1.4.7/cdr/cdr_addon_mysql.c: mysql_escape_string(clid, cdr-clid, strlen(cdr-clid)); ./asterisk-addons-1.4.7/cdr/cdr_addon_mysql.c: mysql_escape_string(dcontext, cdr-dcontext, strlen(cdr-dcontext)); ./asterisk-addons-1.4.7/cdr/cdr_addon_mysql.c: mysql_escape_string(channel, cdr-channel, strlen(cdr-channel)); ./asterisk-addons-1.4.7/cdr/cdr_addon_mysql.c: mysql_escape_string(dstchannel, cdr-dstchannel, strlen(cdr-dstchannel)); ./asterisk-addons-1.4.7/cdr/cdr_addon_mysql.c: mysql_escape_string(lastapp, cdr-lastapp, strlen(cdr-lastapp)); ./asterisk-addons-1.4.7/cdr/cdr_addon_mysql.c: mysql_escape_string(lastdata, cdr-lastdata, strlen(cdr-lastdata)); ./asterisk-addons-1.4.7/cdr/cdr_addon_mysql.c: mysql_escape_string(src, cdr-src, strlen(cdr-src)); ./asterisk-addons-1.4.7/cdr/cdr_addon_mysql.c: mysql_escape_string(dst, cdr-dst, strlen(cdr-dst)); ./asterisk-addons-1.4.7/cdr/cdr_addon_mysql.c: mysql_escape_string(accountcode, cdr-accountcode, strlen(cdr-accountcode)); ./asterisk-addons-1.4.7/cdr/cdr_addon_mysql.c: mysql_escape_string(uniqueid, cdr-uniqueid, strlen(cdr-uniqueid)); ./asterisk-addons-1.4.7/cdr/cdr_addon_mysql.c: mysql_escape_string(userfielddata, cdr-userfield, strlen(cdr-userfield)); b2evolution: Xavier Luthi xav...@caroxav.be ./b2evolution-2.4.7/blogs/inc/_core/model/db/_db.class.php:return mysql_escape_string( $unescaped_string ); boinc: Debian BOINC Maintainers pkg-boinc-de...@lists.alioth.debian.org ./boinc-6.4.5+dfsg/html/ops/bbcode_convert_signature.php:$query = update forum_preferences set signature = '.mysql_escape_string($text).' where userid=.$forum_preferences-userid; ./boinc-6.4.5+dfsg/html/ops/bbcode_convert.php:$query = update post set content = '.mysql_escape_string($text).' where id=.$post-id; ./boinc-6.4.5+dfsg/html/ops/bbcode_convert_response2.php:$query = update profile set response2 = '.mysql_escape_string($text).' where userid=.$profile-userid; ./boinc-6.4.5+dfsg/html/ops/bbcode_convert_response1.php:$query = update profile set response1 = '.mysql_escape_string($text).' where userid=.$profile-userid;
Re: packages that use deprecated SQL escape functions
Hi Charles On Thu, 15 Oct 2009 01:50:35 pm Charles Plessy wrote: Le Thu, Oct 15, 2009 at 01:26:14PM +1100, Steffen Joeris a écrit : In the near future, I will try to do the archive scan again and file bugs with severity normal for the packages below that are still relying on the deprecated functions. (Should they be found vulnerable, the severity will be raised of course). Dear Steffen, shouldn’t the upstream maintainer(s) be warned before the security issue is advertised in public? Before I sent the list, I checked some of the major packages together with the maintainers, so there was some work that happened in the background before publication. Also, I don't expect many of the packages below to be vulnerable, because not every applications allows the setting of the client encoding. Also, I've released a few DSAs to update common bindings in different languages that only offered the deprecated functions. At this stage, it is better to publish this list and ask the maintainers for help, because we don't have the manpower to check them all individually and test them. Cheers Steffen signature.asc Description: This is a digitally signed message part.
Re: Bits from the release team: Release goals, schedule, state of the union
Hi Marc On Wed, 26 Aug 2009 04:23:09 pm Marc 'HE' Brockschmidt wrote: Steffen Joeris steffen.joe...@skolelinux.de writes: On Wed, 26 Aug 2009 06:51:48 am Marc 'HE' Brockschmidt wrote: Release Goals = [...] - kFreeBSD: Debian 6.0 Squeeze should be the first Debian release shipping with a non-Linux kernel. Out of curiosity, how is security support working for this and who is providing it? We [1] were hoping that kfreebsd-{i386,amd64} would be handled like i386 and amd64 and be supported by the security team. As we know that the security team's manpower is limited, we acknowledge this by asking you for any concers in supporting a architecture. For the Squeeze cycle, this hasn't been done yet [2], as we haven't decided yet which of the old architectures can't be supported from a release team point of view. Including kFreeBSD architectures in the release has been in discussion for some time now, and we didn't see any official security team position on this yet, thus assumed there were no (big) concers. Should you have see some, please inform us soon. For kernel-security support, we have Dann Frazier in the security team, who is also working in the kernel team (and of course other kernel team members might help on security behind the curtain). Now I am not sure how to do it for another kernel, because the rest of the team is usually busy with the rest of the archive. Maybe it would be a good idea to see, if someone from the kfreeBSD kernel team would be willing to help? Also, I guess Dann or someone else from the sec team should probably comment on this as well. Cheers Steffen -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Re: Bits from the release team: Release goals, schedule, state of the union
On Wed, 26 Aug 2009 04:58:24 pm Andreas Barth wrote: * Steffen Joeris (steffen.joe...@skolelinux.de) [090826 08:53]: For kernel-security support, we have Dann Frazier in the security team, who is also working in the kernel team (and of course other kernel team members might help on security behind the curtain). So your basic concern is: Who will support the kbsd-specific packages (kernel plus kernel-near userland)? (The other packages shouldn't be an issue, or?) Yeah basically, I mean they should be supported from within the security team, but I was wondering, whether we have a particular individual appointed for it (like for the linux kernel) or how the details should look like. I just reread my first response to Marc and saw that it could have been read as very sarcastic and rude, my apologies that wasn't the intention I wrote that sentence in a hurry. Cheers Steffen P.S. The comments/ideas/questions in this thread are my own, not the view of the security team. P.P.S. We could probably drop -devel from this thread. signature.asc Description: This is a digitally signed message part.
Re: Bits from the release team: Release goals, schedule, state of the union
On Wed, 26 Aug 2009 06:51:48 am Marc 'HE' Brockschmidt wrote: Heya, This mail should be the first in a row of roughly monthly mails informing the project about the state of the release. Please don't hesitate to contact us on debian-rele...@lists.debian.org whenever you have questions. Release Goals = We have now reviewed the list of release goals [RT-Goals] and have ACKed most of the proposed things. A short overview: - multiarch We hope to allow our users to install binaries for several architectures on a single machine in Squeeze. - kFreeBSD: Debian 6.0 Squeeze should be the first Debian release shipping with a non-Linux kernel. Out of curiosity, how is security support working for this and who is providing it? Cheers Steffen -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Accepted sork-passwd-h3 3.1-1.2 (source all)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Format: 1.8 Date: Tue, 14 Jul 2009 11:13:26 +0200 Source: sork-passwd-h3 Binary: sork-passwd-h3 Architecture: source all Version: 3.1-1.2 Distribution: unstable Urgency: high Maintainer: Debian Horde Maintainers pkg-horde-hack...@lists.alioth.debian.org Changed-By: Steffen Joeris wh...@debian.org Description: sork-passwd-h3 - Horde3 module for users to change their password Changes: sork-passwd-h3 (3.1-1.2) unstable; urgency=high . * Non-maintainer upload by the security team * Fix regression in main.php, introduced by the previous NMU Checksums-Sha1: cc5c58410a548f7194445f4f3a70af6f47ec16f8 1314 sork-passwd-h3_3.1-1.2.dsc c40d0abb18191198c5865e7395e65b81cdf13359 9015 sork-passwd-h3_3.1-1.2.diff.gz 597035eaf56f1bd79aba984e0ada8d414f22054e 1424160 sork-passwd-h3_3.1-1.2_all.deb Checksums-Sha256: 1595ee785d243ba10e995cd2fa2be2a7f2fc58ab33cf1a5d26119133a1694d77 1314 sork-passwd-h3_3.1-1.2.dsc 59a9d42bd74d10b678b7aba21a452bd2b91f7fbb27e38f9929dd8329eafa96b7 9015 sork-passwd-h3_3.1-1.2.diff.gz c4c7d1377a0da613e49a70418e502188db1176904d59c0f2b429c2914949c3c4 1424160 sork-passwd-h3_3.1-1.2_all.deb Files: 62bc96640d35cdbbed08aeb638d8914e 1314 web optional sork-passwd-h3_3.1-1.2.dsc 4dbdd7b8ec0e0a1a383de09a7c77dc03 9015 web optional sork-passwd-h3_3.1-1.2.diff.gz 9e2152948ad8d7af7e0e9258b0571f7d 1424160 web optional sork-passwd-h3_3.1-1.2_all.deb -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.9 (GNU/Linux) iEYEARECAAYFAkpcTXUACgkQ62zWxYk/rQc0BQCfSLev1ca6d/GG+lvB92eVtwT0 9+MAoLkuM5sAVh7AR1liZEZGO9fuOrlc =qWP9 -END PGP SIGNATURE- Accepted: sork-passwd-h3_3.1-1.2.diff.gz to pool/main/s/sork-passwd-h3/sork-passwd-h3_3.1-1.2.diff.gz sork-passwd-h3_3.1-1.2.dsc to pool/main/s/sork-passwd-h3/sork-passwd-h3_3.1-1.2.dsc sork-passwd-h3_3.1-1.2_all.deb to pool/main/s/sork-passwd-h3/sork-passwd-h3_3.1-1.2_all.deb -- To UNSUBSCRIBE, email to debian-devel-changes-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Accepted sork-passwd-h3 3.1-1.1 (source all)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Format: 1.8 Date: Sat, 11 Jul 2009 06:02:56 + Source: sork-passwd-h3 Binary: sork-passwd-h3 Architecture: source all Version: 3.1-1.1 Distribution: unstable Urgency: high Maintainer: Debian Horde Maintainers pkg-horde-hack...@lists.alioth.debian.org Changed-By: Steffen Joeris wh...@debian.org Description: sork-passwd-h3 - Horde3 module for users to change their password Closes: 536554 Changes: sork-passwd-h3 (3.1-1.1) unstable; urgency=high . * Non-maintainer upload by the security team * Fix XSS via the backend parameter (Closes: #536554) Fixes: CVE-2009-2360 Checksums-Sha1: 46325f67f6816128ef56cc80a806d2b3ef4c29ee 1314 sork-passwd-h3_3.1-1.1.dsc 9394c534063d5f3d23293f85f59e443e31095f03 8968 sork-passwd-h3_3.1-1.1.diff.gz f4e0e9f5b1f4293a2c57b693ffc68d996a8cd254 1424154 sork-passwd-h3_3.1-1.1_all.deb Checksums-Sha256: 9776761da54a7c5604a7624c7ddb9c29df2ab2c6e3cc9bf6b673bb81f9d3e9a7 1314 sork-passwd-h3_3.1-1.1.dsc e838762e350a76780fb8efa48897e6fb10ae4b55613b2b3d80ed9304e6bb7532 8968 sork-passwd-h3_3.1-1.1.diff.gz 27b6ed55e5cd7794812f0e33b92dca2145b966f38656bac759737cd397b88e1d 1424154 sork-passwd-h3_3.1-1.1_all.deb Files: 6c420a0cd82ff2d3dfc6a0842bac394d 1314 web optional sork-passwd-h3_3.1-1.1.dsc 09585405aba4d60706c85e355dc3a6f0 8968 web optional sork-passwd-h3_3.1-1.1.diff.gz d0e9551225d11475c61ec8c62dcb5ea3 1424154 web optional sork-passwd-h3_3.1-1.1_all.deb -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.9 (GNU/Linux) iEYEARECAAYFAkpYL3sACgkQ62zWxYk/rQfEXgCcC4dP5Gkr7MG2anAmGjRI04Ie oBsAn04n/l/bQLWICUejm7q/3KfAh5KD =iGkc -END PGP SIGNATURE- Accepted: sork-passwd-h3_3.1-1.1.diff.gz to pool/main/s/sork-passwd-h3/sork-passwd-h3_3.1-1.1.diff.gz sork-passwd-h3_3.1-1.1.dsc to pool/main/s/sork-passwd-h3/sork-passwd-h3_3.1-1.1.dsc sork-passwd-h3_3.1-1.1_all.deb to pool/main/s/sork-passwd-h3/sork-passwd-h3_3.1-1.1_all.deb -- To UNSUBSCRIBE, email to debian-devel-changes-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Accepted ipplan 4.91a-1.1 (source all)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Format: 1.8 Date: Mon, 06 Jul 2009 08:09:24 + Source: ipplan Binary: ipplan Architecture: source all Version: 4.91a-1.1 Distribution: unstable Urgency: high Maintainer: Jan Wagner w...@cyconet.org Changed-By: Steffen Joeris wh...@debian.org Description: ipplan - web-based IP address manager and tracker Closes: 530271 Changes: ipplan (4.91a-1.1) unstable; urgency=high . * Non-maintainer upload by the security team * Fix cross-site scripting vulnerability, which can be exploited via the userid, userdescrip, useremail, grp and grpdescrip parameters (Closes: #530271) Fixes: CVE-2009-1732 Checksums-Sha1: 9b832a957c1354caaa9d79da4bd89563aff383a9 1124 ipplan_4.91a-1.1.dsc aa5360438d891bd69184f42902521f750c2583d8 23627 ipplan_4.91a-1.1.diff.gz c694b176145fa792db2e35f202fcbeef8b7e0322 788768 ipplan_4.91a-1.1_all.deb Checksums-Sha256: 5441985020f57b802941298db27f672dc6ef12b677014874eb4ff04636953316 1124 ipplan_4.91a-1.1.dsc cb0fef9b18360ce5999b13014ccf13a9b832325891ef4897477d96d1c2516186 23627 ipplan_4.91a-1.1.diff.gz 486d0aebdfaa3d6e11c008d5fe897036a8041db307d2446f4189364f0ce24731 788768 ipplan_4.91a-1.1_all.deb Files: 854b9e23d8ecb9016020e5ad45fbddc7 1124 web optional ipplan_4.91a-1.1.dsc 836743adf47d7d76c3ef475f252bbfe0 23627 web optional ipplan_4.91a-1.1.diff.gz ad2f14853f183c6276a07c5c955d6da9 788768 web optional ipplan_4.91a-1.1_all.deb -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.9 (GNU/Linux) iEYEARECAAYFAkpRyWgACgkQ62zWxYk/rQccTwCeJW5tSznr81a1nuJdNBRUyOR8 kokAoLUNCOEjfXJcAK+FsazbugwBGR2z =jf+U -END PGP SIGNATURE- Accepted: ipplan_4.91a-1.1.diff.gz to pool/main/i/ipplan/ipplan_4.91a-1.1.diff.gz ipplan_4.91a-1.1.dsc to pool/main/i/ipplan/ipplan_4.91a-1.1.dsc ipplan_4.91a-1.1_all.deb to pool/main/i/ipplan/ipplan_4.91a-1.1_all.deb -- To UNSUBSCRIBE, email to debian-devel-changes-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Accepted amule 2.2.5-1.1 (source i386 all)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Format: 1.8 Date: Thu, 18 Jun 2009 14:10:54 + Source: amule Binary: amule amule-common amule-utils amule-utils-gui amule-daemon Architecture: source i386 all Version: 2.2.5-1.1 Distribution: unstable Urgency: high Maintainer: Adeodato Simó d...@net.com.org.es Changed-By: Steffen Joeris wh...@debian.org Description: amule - client for the eD2k and Kad networks, like eMule amule-common - common files for the rest of aMule packages amule-daemon - non-graphic version of aMule, a client for the eD2k and Kad netwo amule-utils - utilities for aMule (command-line version) amule-utils-gui - graphic utilities for aMule Closes: 525078 Changes: amule (2.2.5-1.1) unstable; urgency=high . * Non-maintainer upload by the security team * Make sure that the single tick is handled properly in order to avoid code execution (Closes: #525078) Fixes: CVE-2009-1440 Checksums-Sha1: eca69d1f728bd9eb5fd5d0166a2d22f07be2fbcb 1354 amule_2.2.5-1.1.dsc 56fac5bec7be4578bc7ffe07abae977f358278b7 22380 amule_2.2.5-1.1.diff.gz 7a79d557b4878073b8fa533cb41b1f407ec0de8a 1837034 amule_2.2.5-1.1_i386.deb ba992080be3299c7fc1fd72dc4160a1b34bf3fbb 453092 amule-utils_2.2.5-1.1_i386.deb 9197ec36d05b0511701d2019614aa05ec47f740d 1279660 amule-utils-gui_2.2.5-1.1_i386.deb 96facb3319ff3f7ecf7827a451b60648502a90ad 1172070 amule-daemon_2.2.5-1.1_i386.deb 98b70cf45cb4d0884e474178312ff69e2c1ad9e5 2425196 amule-common_2.2.5-1.1_all.deb Checksums-Sha256: 460e516e5695ff6e33470a072e0c907559269ed24483fedb6f01a24ff982d83a 1354 amule_2.2.5-1.1.dsc 636474bed2a275f5509f6b4ad522beee09289ce9b21dc5334a4663d9b21a6248 22380 amule_2.2.5-1.1.diff.gz 64fb96eb54652c10381bdb9da1e476ad208e82f36dd1ea4d87bb92c33a33ae90 1837034 amule_2.2.5-1.1_i386.deb c2d12441970e2e33c546c242aa3b84ba9707d10186a08efae8ee972ad9886d13 453092 amule-utils_2.2.5-1.1_i386.deb 5ac7010b32f9d8627233f8dfae2d18013d1013511f4966332bdccae1c2c749cd 1279660 amule-utils-gui_2.2.5-1.1_i386.deb 835813b9f0c5ac02de02dfe60ecdc9679986f1d05e0a8174ef86e2140080da6e 1172070 amule-daemon_2.2.5-1.1_i386.deb 549b33e10eab33018df7cadde99e72afaa6d825a38f40b2bc0ef52b65e95b50a 2425196 amule-common_2.2.5-1.1_all.deb Files: 449189bbe29936f917cbbee573ba4331 1354 net optional amule_2.2.5-1.1.dsc 62d5abc386d341a0b8be0daf541ae2fe 22380 net optional amule_2.2.5-1.1.diff.gz d49bb32b073d7a26be12c8ceed44a9ba 1837034 net optional amule_2.2.5-1.1_i386.deb 4fa5346969144acd9fe6bb8f4a9c226d 453092 net optional amule-utils_2.2.5-1.1_i386.deb 89e2faffbfb72a3136fc6bbe76fc5d01 1279660 net optional amule-utils-gui_2.2.5-1.1_i386.deb 3d37ccc83a5598918cd2bc10bf470e89 1172070 net optional amule-daemon_2.2.5-1.1_i386.deb 1c2d31b3a69fe707e88a086d3c796305 2425196 net optional amule-common_2.2.5-1.1_all.deb -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.9 (GNU/Linux) iEYEARECAAYFAko+54wACgkQ62zWxYk/rQd0qACbBEP50smzGrX8F4sYPRyuthZ8 XhgAoMxh2U81v7fLaZ/r9lX2ImgZTjWp =DGeX -END PGP SIGNATURE- Accepted: amule-common_2.2.5-1.1_all.deb to pool/main/a/amule/amule-common_2.2.5-1.1_all.deb amule-daemon_2.2.5-1.1_i386.deb to pool/main/a/amule/amule-daemon_2.2.5-1.1_i386.deb amule-utils-gui_2.2.5-1.1_i386.deb to pool/main/a/amule/amule-utils-gui_2.2.5-1.1_i386.deb amule-utils_2.2.5-1.1_i386.deb to pool/main/a/amule/amule-utils_2.2.5-1.1_i386.deb amule_2.2.5-1.1.diff.gz to pool/main/a/amule/amule_2.2.5-1.1.diff.gz amule_2.2.5-1.1.dsc to pool/main/a/amule/amule_2.2.5-1.1.dsc amule_2.2.5-1.1_i386.deb to pool/main/a/amule/amule_2.2.5-1.1_i386.deb -- To UNSUBSCRIBE, email to debian-devel-changes-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Re: webapps in stable release cyles Was: flashplugin-nonfree in Debian
Hi Romain (and others) On Thu, 23 Apr 2009 09:23:24 am Romain Beauxis wrote: Le Wednesday 22 April 2009 18:52:48 Raphael Geissert, vous avez écrit : I gave this example precisely because mediawiki upstream release management is one of the most serious I know in webapps. And even though they fix issues with care, and their code is surely very good, then this ends up with *huge* security patches. Or, are you claiming that we should rewrite mediawiki ? The issue was mostly caused by a design error (or should I say because it was not quite the best design so that it doesn't sound too rough? and no, I don't and won't claim that my software designs are good or the best; just in case somebody wanted to troll.) Just because there are a set of big patches it doesn't mean that the app should be rewritten (or parts of it, I should have said on my first email.) I was thinking more about wordpress when I wrote that part; because IMHO that's the best that could happen to it. On mediawiki's case there's a huge advantage, because like you said, it is well supported and it is developed seriously (at least compared to the vast majority of PHP apps), and patches are available quickly, which is hard or even impossible to accomplish on an app where fixing one bug exposes four more. Well, I am sorry if I hurted you. The matter is that I do not believe it is a correct answer to point fingers at various developpers and claim they are not doing the thing right. It is always better when it comes with a concrete argument. Idealy, I would like as you that things are done the right way. However, my experience and, as I can see from the proposal, the one of others contradict this fact. Pragmatically speaking, requiring the same workflow for fixing security fixes and producing uploads for webapps is rather different than for other type of software. I you want to show that the fault has to be put on the upstream maintenance of the packagers, then you better come with a real explanation of how they should do it and not only general ideas about the way it should be done.. That is why I showed the example of mediawiki. The security issue was basically a wrong handling of MIME types in internet explorer. As you said, the upstream maintainers did some input sanitizing cleanups. However, this ended whith a *whole* new class for fixing this, plus all the required changes to make it work, which apparently spread into a lot of various classes and cases. The full patch can be seen here: http://svn.debian.org:80/viewsvn/pkg- mediawiki/mediawiki/lenny/debian/patches/CVE-2008-5249_CVE-2008-5250_CVE-20 08-5252.patch?revision=92view=markup Now, to me this has not much to do with what we characterize as security patches. It is indeed very hard, if not impossible to check wether this will have undesirable side effects, or is minimal. However, I fail to see how this could have been done otherwise, and I feel that pretending this is a minimal security update is somehow not very different than simply upgrading to the latest upstream release, considering the size of the patch... Let me try to clarify what Raphael is trying to bring across (and which is my opinion as well): The problem with many of the webapps is that maintainers didn't consider the following things before bringing the package into testing/stable: - the package has to be maintained for a long time (stable-security and oldstable-security) and this should be discussed with upstream, too many upstreams do not want to maintain old versions for such a long time. - it is the maintainer's responsibility to get security updates out (yes, the security team often NMUs, but maintainer interaction is most welcome and whenever I email a certain maintainer, I expect that he either knows the code and can answer my concerns or at least engages in a discussion with upstream, mostly behind the curtain). It happens too often that I have to go to upstream right away, because there is no point in talking to the maintainer or that I am left alone with a big chunk of unknown code to me, which nobody is willing to analyze (sometimes upstream doesn't even know the debian maintainer). - the security threads are more complex, so a certain amount of time has to be dedicated to testing/fixing these issues, rather than to unstable/experimental development. (Yes I know, this is boring work and not too rewarding, but it's neccessary). - ... possible other points I forgot to mention. (Unfortunately, I have no idea how to guarantee these points in the first place, other than taking the maintainer's word for it). If these requirements are not met, then a maintainer should reconsider, whether the package should be in debian or maybe ask for a bigger team (without having the usual 20 co-maintainers, who are just in the field for the sake of it). Romain, this is in no way directed to you or anyone else in particular
Re: Bug#522996: ITP: jruby1.2 -- 100% pure-Java implementation of Ruby
On Wed, 8 Apr 2009 05:10:12 pm Romain Beauxis wrote: Le Tuesday 07 April 2009 22:59:00 Sebastien Delafond, vous avez écrit : On Apr/07, Mike Hommey wrote: While I see why it can be needed for python, I fail to see how it is important for jruby... to have 2 versions of jruby available ? I guess so you can at least, for instance, try the new one on your existing jruby code without removing the old one, for instance ? If we were to apply this policy to all software packaged in debian, that would be a mess. It would be a security mess as well, I don't particularly want to fix the same issue in 2-4 packages ... Are you advocating for only one instance of jruby at all times in the archive ? If so, why ? I think this is the other way round: by default there should be only one version per package -- after all that is why we have package name and package version.. Hence, it should be explained why multiple version of the same package are relevant for Debian and its users. And I don't think that testing several versions is a good explanation.. If a dozen (or more) packages really need the older version, then it could be discussed I guess (some details here would be nice). But I agree that having it around for testing reasons is not a valid reason. Cheers Steffen -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Accepted auth2db 0.2.5-2+dfsg-1.1 (source all)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Format: 1.8 Date: Mon, 30 Mar 2009 11:21:06 +0200 Source: auth2db Binary: auth2db auth2db-common auth2db-frontend auth2db-filters Architecture: source all Version: 0.2.5-2+dfsg-1.1 Distribution: unstable Urgency: high Maintainer: Ulises Vitulli uvitu...@fi.uba.ar Changed-By: Steffen Joeris wh...@debian.org Description: auth2db- Powerful and eye-candy IDS logger, log viewer and alert generator auth2db-common - Common configuration files for Auth2db backend and web frontend auth2db-filters - Auth2db defaults filters pack auth2db-frontend - Web frontend view for auth2DB log engine Changes: auth2db (0.2.5-2+dfsg-1.1) unstable; urgency=high . * Non-maintainer upload by the security team * Fix possible SQL injection vulnerability when used with multibyte encodings by using mysql_real_escape_string() Checksums-Sha1: 286334f4cfa8c75d7effdcef3c7dcf77b4c4fbc3 1104 auth2db_0.2.5-2+dfsg-1.1.dsc 0c4993d0f28ff9b8235510951cd68aad3352a87b 660036 auth2db_0.2.5-2+dfsg-1.1.diff.gz edef1bcdc7916baf715ffeccab3fb3c1fd0c8693 29258 auth2db_0.2.5-2+dfsg-1.1_all.deb 9784b6f23fa04d0cb3c5db85509f2e2beef2e539 648670 auth2db-common_0.2.5-2+dfsg-1.1_all.deb d25fa6b0c20461640fe852a4a301a19196cc297b 566232 auth2db-frontend_0.2.5-2+dfsg-1.1_all.deb f3d0ebdc2129da702db683bd7b92fb33eb0929c0 13940 auth2db-filters_0.2.5-2+dfsg-1.1_all.deb Checksums-Sha256: 19df8f0220f41480870db97b5352c0e8e0c8e10ea710cf9667f5566c8d9da726 1104 auth2db_0.2.5-2+dfsg-1.1.dsc 88fe53f796ca87c4729921a2f54aa23f47b23951dd4224290004db1547e78f09 660036 auth2db_0.2.5-2+dfsg-1.1.diff.gz a211321356e14b7327adc0c0ecaf797d394bd56b57ee13e91c1760ac5f9dea8c 29258 auth2db_0.2.5-2+dfsg-1.1_all.deb 620ff4e7d856db5ee212190534eb42f5fd734c318e5d645b7ed4636c86b20db5 648670 auth2db-common_0.2.5-2+dfsg-1.1_all.deb 89e6aff700f23a8b96b038fc237d0a00d6a8fdcbf6e27d646aad4208e180a96a 566232 auth2db-frontend_0.2.5-2+dfsg-1.1_all.deb 243ae45336b38701b9888bb40809c8dd74f801e4279d15cee2ffbf66cff239c9 13940 auth2db-filters_0.2.5-2+dfsg-1.1_all.deb Files: a4d21f48b5c81049e2425c4b15c1666f 1104 net extra auth2db_0.2.5-2+dfsg-1.1.dsc 2d7898726c5ee4aa28b7b0b417e73230 660036 net extra auth2db_0.2.5-2+dfsg-1.1.diff.gz 6db81d277980e5227e62228d06942a81 29258 net extra auth2db_0.2.5-2+dfsg-1.1_all.deb 355b2fd147ab422329b6be489043fe88 648670 net extra auth2db-common_0.2.5-2+dfsg-1.1_all.deb a7c1b2ce29fac23fb950260042da329d 566232 net extra auth2db-frontend_0.2.5-2+dfsg-1.1_all.deb c662dedcddac0575f763c3c6f2f0b2a6 13940 net extra auth2db-filters_0.2.5-2+dfsg-1.1_all.deb -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.9 (GNU/Linux) iEYEARECAAYFAknQkpoACgkQ62zWxYk/rQezdACgnFBwro+X1zfnWblZZ7QxC7i7 BzEAn2o0oibPrsQYOnk0mFwKXQXbtMk+ =1I4Z -END PGP SIGNATURE- Accepted: auth2db-common_0.2.5-2+dfsg-1.1_all.deb to pool/main/a/auth2db/auth2db-common_0.2.5-2+dfsg-1.1_all.deb auth2db-filters_0.2.5-2+dfsg-1.1_all.deb to pool/main/a/auth2db/auth2db-filters_0.2.5-2+dfsg-1.1_all.deb auth2db-frontend_0.2.5-2+dfsg-1.1_all.deb to pool/main/a/auth2db/auth2db-frontend_0.2.5-2+dfsg-1.1_all.deb auth2db_0.2.5-2+dfsg-1.1.diff.gz to pool/main/a/auth2db/auth2db_0.2.5-2+dfsg-1.1.diff.gz auth2db_0.2.5-2+dfsg-1.1.dsc to pool/main/a/auth2db/auth2db_0.2.5-2+dfsg-1.1.dsc auth2db_0.2.5-2+dfsg-1.1_all.deb to pool/main/a/auth2db/auth2db_0.2.5-2+dfsg-1.1_all.deb -- To UNSUBSCRIBE, email to debian-devel-changes-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Re: New Security Team Members
Hi Raphael Can i ask how they started to work and develop with security? My dream is to become an security developer/professional. All the neccessary documentation to start with is here[0]. It is most important that we keep our security tracker[1] up to date, evaluate the issues and fix them accordingly (preferrably with the maintianer's help). Once you've read through the documentation, feel free to email me in private. I am sure that there are tasks you could start helping us out with. Cheers Steffen [0]: http://testing-security.debian.net/ [1]: http://security-tracker.debian.net/tracker/ signature.asc Description: This is a digitally signed message part.
Accepted squid 2.7.STABLE3-4.1 (source all i386)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Format: 1.8 Date: Thu, 05 Feb 2009 18:28:57 + Source: squid Binary: squid squid-common squid-cgi Architecture: source all i386 Version: 2.7.STABLE3-4.1 Distribution: unstable Urgency: high Maintainer: Luigi Gangitano lu...@debian.org Changed-By: Steffen Joeris wh...@debian.org Description: squid - Internet object cache (WWW proxy cache) squid-cgi - Squid cache manager CGI program squid-common - Internet object cache (WWW proxy cache) - common files Closes: 514142 Changes: squid (2.7.STABLE3-4.1) unstable; urgency=high . * Non-maintainer upload by the security team * Include upstream patch to fix DoS via error in request processing code (Closes: #514142) Checksums-Sha1: 0b2a720fb934ea5336393088bb7b91faa8afe582 1140 squid_2.7.STABLE3-4.1.dsc cc53282596849739132490a7c0c49e24a33139ba 306327 squid_2.7.STABLE3-4.1.diff.gz 44588e498b2b9f4131cd08f18bfa7022ca1596b8 497386 squid-common_2.7.STABLE3-4.1_all.deb cc8336d7bd3c9b8b912d454ddf8c0f2e6f4c2a52 691012 squid_2.7.STABLE3-4.1_i386.deb d30c30d1a661d639a3de9df2bc612b044429ebe3 117816 squid-cgi_2.7.STABLE3-4.1_i386.deb Checksums-Sha256: 2865953342f62b4c24cb703fe14235839d1bc982ce43401aba7cca9a95e123ed 1140 squid_2.7.STABLE3-4.1.dsc a7540c9c570001b708f08c3321de77e37564ccab0e3d93da6215d12e6232cc4b 306327 squid_2.7.STABLE3-4.1.diff.gz 5215724711099f9864d578c9e2763d5f89eecc16255dd331a8f2e8e2fef854b2 497386 squid-common_2.7.STABLE3-4.1_all.deb 6003338cbe3438ae42c320689e94c4e234dc045caace52000bf3d7d29522d7b6 691012 squid_2.7.STABLE3-4.1_i386.deb af4629250ad90f8db2eee4cf161c90e81718f980c1f7f951504cfa84937e4f47 117816 squid-cgi_2.7.STABLE3-4.1_i386.deb Files: e3d45a9820e7e3d0de1df4b01b22586a 1140 web optional squid_2.7.STABLE3-4.1.dsc a8c94560ae7dccbf9158636699d4f4d9 306327 web optional squid_2.7.STABLE3-4.1.diff.gz 28a2b0cdf885319864983e960d3a4bc8 497386 web optional squid-common_2.7.STABLE3-4.1_all.deb 63cb1ac81e8f0250653c02c898ec3c9f 691012 web optional squid_2.7.STABLE3-4.1_i386.deb d53120e876567b0b298edcfc85de59cb 117816 web optional squid-cgi_2.7.STABLE3-4.1_i386.deb -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.9 (GNU/Linux) iEYEARECAAYFAkmLPrgACgkQ62zWxYk/rQd+twCdGWr+t3pvgvvVN2ZrKFQA+ltx 3OYAoJDx0/9+70Mqs2MVsvgmd37PLCDb =vMp7 -END PGP SIGNATURE- Accepted: squid-cgi_2.7.STABLE3-4.1_i386.deb to pool/main/s/squid/squid-cgi_2.7.STABLE3-4.1_i386.deb squid-common_2.7.STABLE3-4.1_all.deb to pool/main/s/squid/squid-common_2.7.STABLE3-4.1_all.deb squid_2.7.STABLE3-4.1.diff.gz to pool/main/s/squid/squid_2.7.STABLE3-4.1.diff.gz squid_2.7.STABLE3-4.1.dsc to pool/main/s/squid/squid_2.7.STABLE3-4.1.dsc squid_2.7.STABLE3-4.1_i386.deb to pool/main/s/squid/squid_2.7.STABLE3-4.1_i386.deb -- To UNSUBSCRIBE, email to debian-devel-changes-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Accepted moin 1.8.1-1.1 (source all)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Format: 1.8 Date: Wed, 28 Jan 2009 02:34:32 +0100 Source: moin Binary: python-moinmoin Architecture: source all Version: 1.8.1-1.1 Distribution: unstable Urgency: high Maintainer: Jonas Smedegaard d...@jones.dk Changed-By: Steffen Joeris wh...@debian.org Description: python-moinmoin - Python clone of WikiWiki - library Closes: 513158 Changes: moin (1.8.1-1.1) unstable; urgency=high . * Non-maintainer upload by the security team * Fix cross-site scripting vulnerability via basename parameter in the AttachFile action (Closes: #513158) Fixes: CVE-2009-0260 * Fix cross-site scripting vulnerability in antispam.py via malformed content Fixes: CVE-2009-0312 Checksums-Sha1: aee88055ccc086554a96d65774ac51fea05fcb71 1238 moin_1.8.1-1.1.dsc 16101e2d73cba551a4e663f222063cabe5f93d78 94143 moin_1.8.1-1.1.diff.gz ef511ecde30e71e46e362bb279ed4dbf2c2a4e8e 5025896 python-moinmoin_1.8.1-1.1_all.deb Checksums-Sha256: d409a652ee31371fbd526f85885ad18d00131b314676eba1c058097520a3 1238 moin_1.8.1-1.1.dsc e7a6796a48ecea3547c4d38edf0d14c9ce1993f23c91a57bd383d1b765fc3f83 94143 moin_1.8.1-1.1.diff.gz 51dfdcb5be236d374834c5358081b666363a4ed82cd8957be029f6af75cc09f3 5025896 python-moinmoin_1.8.1-1.1_all.deb Files: cf8dcce3b2fc193300d7be768d4600e4 1238 net optional moin_1.8.1-1.1.dsc 8988e5abb7fe89cd57f12ec08083c043 94143 net optional moin_1.8.1-1.1.diff.gz bb509194439b32b0457f29d0c5caba34 5025896 python optional python-moinmoin_1.8.1-1.1_all.deb -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.9 (GNU/Linux) iEYEARECAAYFAkmAjvEACgkQ62zWxYk/rQe/lQCePc4XcWZlUsKJTjm1GeMGMAR0 maAAn2VbVE7qz9ENCKLQp8ivT0kuiYXp =QHtk -END PGP SIGNATURE- Accepted: moin_1.8.1-1.1.diff.gz to pool/main/m/moin/moin_1.8.1-1.1.diff.gz moin_1.8.1-1.1.dsc to pool/main/m/moin/moin_1.8.1-1.1.dsc python-moinmoin_1.8.1-1.1_all.deb to pool/main/m/moin/python-moinmoin_1.8.1-1.1_all.deb -- To UNSUBSCRIBE, email to debian-devel-changes-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Re: problems with the concept of unstable - testing
Hi Russell If I upload a significantly newer version to unstable (which I would like to do for some of my packages as part of ongoing development that will lead to Lenny+1) then AKAIK there is no way to put a minor update in Lenny (unless I was to use an epoch change which would be horrible and might require changes to several other packages). You can upload to testing-proposed-updates (testing in the changelog will work too). Then the package will be autobuild on the archs and released into testing by the release team. Nonetheless, it should be discussed with the release team first, if such an upload is desired. The same goes for security. There is testing-security, which is accepted on security.debian.org. Once it is released there as a DTSA, the packages will be copied to ftp-master and then go into the testing-proposed-updates queue and eventually end up in testing. (Of course it should be coordinated with the security team to avoid confusion, broken uploads and duplicated work :)) Is that what you were after? Cheers Steffen signature.asc Description: This is a digitally signed message part.
Re: [Foo2zjs-maintainer] Bug#449497: Direction on foo2zjs and web fetching scripts
On Tue, 4 Nov 2008 03:40:22 pm Michael Gilbert wrote: Dear release team, Thank you for making a decision on the direction for bug #449497 in foo2zjs [1]. I believe that this is a reasonable choice for now due to the impending release. However, I would really like to see an honest and consructive conversation on the issue. I believe that there are some major security and functionality problems with fetching scripts, and there should be clear direction from the members of the debian project on the matter. I would like to be able to completely trust main, so it is my hope that developers would do everything in their power to keep main as clean and safe as possible. I am just a user, so I feel powerless to do anything, and my experience dealing with this issue through the foo2zjs maintainers was not exactly constructive [2],[3],[4] (primarily because of over-reactiveness and hyper sensitivity on their part and perhaps a lack of appreciation for debian's bug command and control authority [5] on my part -- and of course some good old misunderstanding and misinterpretation). Where do I go from here to make sure the issue gets the appropriate level of thought and consideration that it deserves (after lenny gets released of course)? Best wishes, Michael Gilbert [1] http://lists.debian.org/debian-release/2008/11/msg00106.html [2] http://bugs.debian.org/449497 [3] http://bugs.debian.org/503813 [4] http://bugs.debian.org/503814 [5] http://lists.debian.org/debian-ctte/2008/10/msg6.html Please let me just say two things. First we are not over-sensitive or anything, but we took your ideas into consideration and even asked for advice. I think we were pretty sensible in that manner, so please stop stating otherwise. Furthermore, the script is not automatically called and users know what they are doing (or at least they should), when they call it. Maybe we could even add an additional warning, which I would definitely be open to. Now to your security concerns. Since this script explicitely downloads stuff from an author's webpage (and it is stated like that), the user knows the risk. Are you proposing to call this a security issue? Then packages like iceweasel are also affected and many others ... We can talk about putting the script somwhere else or do $whatever with it after the release, but not for lenny. So please stop the noise and get back to us about it after the release. I promise that I'll do my best to find a solution that suits everyone. But right now you create more work for other people, including me, which I could spend on security related work. Thanks in advance. Cheers Steffen signature.asc Description: This is a digitally signed message part.
Re: Bug Sprint results (draft)
On Mon, 3 Nov 2008 02:39:47 am John H. Robinson, IV wrote: Chris Bannister wrote: On Fri, Oct 31, 2008 at 07:48:21PM +0100, Moritz Muehlenhoff wrote: Stefano Zacchiroli wrote: =2E.. hence, given that Lenny hasn't been release yet, when are we gonna make another one? :) Let's make it a Beer Sprint. The winners receive a package with the local brew from the people who didn't manage to fix their bugs. I'm offering German beer to five winners, just as Joss did for cookies. But ... *who* is gonna want the aussie beer? :) Anybody that has had Victoria Bitter before. You are kidding, right? Cheers Steffen P.S. I am happy to defend that opinion in any flamewar. ... The first debian flameware about beer, yeah :) signature.asc Description: This is a digitally signed message part.
Accepted faad2 2.6.1-3.1 (source all i386)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Format: 1.8 Date: Fri, 26 Sep 2008 12:02:35 + Source: faad2 Binary: libfaad0 libfaad2-0 libfaad-dev faad Architecture: source all i386 Version: 2.6.1-3.1 Distribution: unstable Urgency: high Maintainer: Matthew W. S. Bell [EMAIL PROTECTED] Changed-By: Steffen Joeris [EMAIL PROTECTED] Description: faad - freeware Advanced Audio Decoder player libfaad-dev - freeware Advanced Audio Decoder - development files libfaad0 - freeware Advanced Audio Decoder - runtime files libfaad2-0 - freeware Advanced Audio Decoder - dummy package Closes: 499899 Changes: faad2 (2.6.1-3.1) unstable; urgency=high . * Non-maintainer upload by the security team * Include upstream patch to fix heap overflow in the frontend code (Closes: #499899) Checksums-Sha1: 6ab7302373acdd74e4c091fb4946ed5ff02bf3d5 1057 faad2_2.6.1-3.1.dsc c66eadccb86a7463a2bddd4ebe3e9d4615ec796a 334566 faad2_2.6.1-3.1.diff.gz bffce7f2b24a50b8d2505004a8d491ed016795e7 6340 libfaad2-0_2.6.1-3.1_all.deb b725b1a2852fbe05b54a4cb46e8b83290a5e24e1 168116 libfaad0_2.6.1-3.1_i386.deb 4bc534cb1c6410842dc42c033eee4c86eea59aa7 204646 libfaad-dev_2.6.1-3.1_i386.deb ad3e060a4fdcc9a7326bfdc5f6bd8def55df0c2f 30346 faad_2.6.1-3.1_i386.deb Checksums-Sha256: 5e5f6ef23904584ca5f137f918f69e14fe3070285646ac8c8b18b1e5416bf6e8 1057 faad2_2.6.1-3.1.dsc 24178b8a72b7d049552b6aba0eb3466bb6ef5c11bb36107a318c0bd8a29a1244 334566 faad2_2.6.1-3.1.diff.gz 2ed920457f5b09352a50bab8b4530e9b0f234c72c91d5b42f98d87363fd38ca8 6340 libfaad2-0_2.6.1-3.1_all.deb 6a93b197606da383ec51b6d3c443406c07202309417d1474d5bbdcbb0189542d 168116 libfaad0_2.6.1-3.1_i386.deb 08d1619dc6065782f4f839a07915a4153643d4636c3c3bacf873ca5c9f78a1b5 204646 libfaad-dev_2.6.1-3.1_i386.deb a5e0133542a1f28817ca3ca3c3147e58c11d7defb3022799ea60f0b0951a8a51 30346 faad_2.6.1-3.1_i386.deb Files: ee6dff04537a83f52993d250ed0f831d 1057 libs optional faad2_2.6.1-3.1.dsc c0a2262a0b59bff627f1c9aff8a008af 334566 libs optional faad2_2.6.1-3.1.diff.gz e2be9e646c136611ef2e6c72d0062fe2 6340 libs optional libfaad2-0_2.6.1-3.1_all.deb a76204c2448aab72ec4baca277fbafa2 168116 libs optional libfaad0_2.6.1-3.1_i386.deb 3b5c1e312a251c71e8fc728e83ba1f37 204646 libdevel optional libfaad-dev_2.6.1-3.1_i386.deb eb608789d220ad64f33fd5d70c5a00fc 30346 sound optional faad_2.6.1-3.1_i386.deb -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.9 (GNU/Linux) iEYEARECAAYFAkjc1K4ACgkQ62zWxYk/rQctUACgwb8mLDDlmr9CE8G4Nis1uanT ESEAnj4WFwfEDY1wPUQ1LJub2maKbFm/ =NX4M -END PGP SIGNATURE- Accepted: faad2_2.6.1-3.1.diff.gz to pool/main/f/faad2/faad2_2.6.1-3.1.diff.gz faad2_2.6.1-3.1.dsc to pool/main/f/faad2/faad2_2.6.1-3.1.dsc faad_2.6.1-3.1_i386.deb to pool/main/f/faad2/faad_2.6.1-3.1_i386.deb libfaad-dev_2.6.1-3.1_i386.deb to pool/main/f/faad2/libfaad-dev_2.6.1-3.1_i386.deb libfaad0_2.6.1-3.1_i386.deb to pool/main/f/faad2/libfaad0_2.6.1-3.1_i386.deb libfaad2-0_2.6.1-3.1_all.deb to pool/main/f/faad2/libfaad2-0_2.6.1-3.1_all.deb -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Accepted owl-dms 0.95-1.1 (source all)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Format: 1.8 Date: Sun, 10 Aug 2008 05:41:16 + Source: owl-dms Binary: owl-dms Architecture: source all Version: 0.95-1.1 Distribution: unstable Urgency: high Maintainer: Jose Carlos Medeiros [EMAIL PROTECTED] Changed-By: Steffen Joeris [EMAIL PROTECTED] Description: owl-dms- intranet Knowledgebase or DMS Closes: 493372 493579 Changes: owl-dms (0.95-1.1) unstable; urgency=high . * Non-maintainer upload by the security team * Fix Cross-Site scripting (XSS) in lib/owl.lib.php (Closes: #493579) Fixes: CVE-2008-3100 * Fix Sql injection vulnerability in register.php (Closes: #493372) Fixes: CVE-2008-3359 Checksums-Sha1: 8572132a50995e748a58554f57e7933626a05a79 997 owl-dms_0.95-1.1.dsc 223c23b9cb6a8e2b96f002ab5401cc528f9e2b59 6643 owl-dms_0.95-1.1.diff.gz 0c7b5bb57056a07477620ecab355c6a67fbb385c 2136700 owl-dms_0.95-1.1_all.deb Checksums-Sha256: 4cb9acca93604ec7e1988c1bbcf9c960944cc41c9bb0de30971c0f811b13 997 owl-dms_0.95-1.1.dsc 088e7fb91b419fb72e63c9ce5fb6b42d7375ffa4ca28ac29301b55f4b3f84a13 6643 owl-dms_0.95-1.1.diff.gz f3768deade35cf6bc39a04536c006735c584dcc81cc53e51f75e425e6d1e538b 2136700 owl-dms_0.95-1.1_all.deb Files: 0b6bc90671f600fc6a84dab71d5a5146 997 web optional owl-dms_0.95-1.1.dsc 2a8d39ac4ac3694baed51903ddf4949e 6643 web optional owl-dms_0.95-1.1.diff.gz 81045ddf06165864a6ac0ef0318646e9 2136700 web optional owl-dms_0.95-1.1_all.deb -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.9 (GNU/Linux) iEYEARECAAYFAkie0CIACgkQ62zWxYk/rQcKdQCgnCBAaFhiKuc1DKzP+DrVODPP KeAAoMfHuHnOaxzv8e7pRM9C9v4ltCBx =MTtB -END PGP SIGNATURE- Accepted: owl-dms_0.95-1.1.diff.gz to pool/main/o/owl-dms/owl-dms_0.95-1.1.diff.gz owl-dms_0.95-1.1.dsc to pool/main/o/owl-dms/owl-dms_0.95-1.1.dsc owl-dms_0.95-1.1_all.deb to pool/main/o/owl-dms/owl-dms_0.95-1.1_all.deb -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Accepted links2 2.1pre37-1.1 (source i386)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Format: 1.8 Date: Sat, 02 Aug 2008 03:33:53 + Source: links2 Binary: links2 links Architecture: source i386 Version: 2.1pre37-1.1 Distribution: unstable Urgency: high Maintainer: Gürkan Sengün [EMAIL PROTECTED] Changed-By: Steffen Joeris [EMAIL PROTECTED] Description: links - Web browser running in text mode links2 - Web browser running in both graphics and text mode Closes: 492744 Changes: links2 (2.1pre37-1.1) unstable; urgency=high . * Non-maintainer upload by the security team * Make sure links cannot bypass the proxy, if it is configurered only to use it in order to avoid leaking of sensitive information to external programs, fix in session.c (Closes: #492744) Fixes: CVE-2008-3329 Checksums-Sha1: 58f400cc7d49b14fde04b271f100565ba2f955cd 1283 links2_2.1pre37-1.1.dsc dfd7c1db5243b313fe9e85eb4dac9f594778b7b4 31595 links2_2.1pre37-1.1.diff.gz 5de86cb5a1aded008e92cd7c318b6cb51bc9ce2d 1976042 links2_2.1pre37-1.1_i386.deb 73407f1c66f5ddb903400b5dbc9a80649167f992 491056 links_2.1pre37-1.1_i386.deb Checksums-Sha256: 1cf8498685541e14410775ba88020a86885455cc87ebfd116242576c1e527f8b 1283 links2_2.1pre37-1.1.dsc 77a4c077871146994504d9ef231a82db6e8856e7686c8b2b54a61ce399553dbb 31595 links2_2.1pre37-1.1.diff.gz 6a1adc0be39502d2016fbfe5de4dc437d46be27702dfa947748df03645b4a6d5 1976042 links2_2.1pre37-1.1_i386.deb 53d2594534387bee9b11d0b443c0a4d44b8bd7e4485331da83157c01d0f58419 491056 links_2.1pre37-1.1_i386.deb Files: 0ab9ee7871d1c484dfb822b6649866d3 1283 web optional links2_2.1pre37-1.1.dsc 387be028ea8abba54aa7cfc7b74c785c 31595 web optional links2_2.1pre37-1.1.diff.gz 3a0d7a5053a86403f70724875020b03f 1976042 web optional links2_2.1pre37-1.1_i386.deb 5cb027ae7fa3f637cb50b8832e9d1a3e 491056 web optional links_2.1pre37-1.1_i386.deb -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.9 (GNU/Linux) iEYEARECAAYFAkiVHekACgkQ62zWxYk/rQdhQQCcD1ha7VVpvd7Nbsr7WacZfUI/ cwwAnjP6FdNEHAped/y9Ihpk6Gli0GRm =FLvv -END PGP SIGNATURE- Accepted: links2_2.1pre37-1.1.diff.gz to pool/main/l/links2/links2_2.1pre37-1.1.diff.gz links2_2.1pre37-1.1.dsc to pool/main/l/links2/links2_2.1pre37-1.1.dsc links2_2.1pre37-1.1_i386.deb to pool/main/l/links2/links2_2.1pre37-1.1_i386.deb links_2.1pre37-1.1_i386.deb to pool/main/l/links2/links_2.1pre37-1.1_i386.deb -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Bits from Testing Security team
On Sat, 28 Jun 2008 08:45:54 pm Holger Levsen wrote: Hi Testing Security team, thanks for the announce-mail and your work! On Wednesday 25 June 2008 11:08, Nico Golde wrote: General security support for testing [...] kernel. Also, we would like to state that packages that are not security supported for stable are likewise unsupported for testing. This list includes all packages in contrib and non-free, as well as the ones that are marked unsupported (for example, kfreebsd). The maintainers are solely responsible for security and there won't be any DTSAs for such packages. Where / how are packages marked as unsupported? We just started the work on that together with Enrico. So far, we have a file in svn called package-tags and it currently has the following content: # In this file we keep the debtags for packages in main # where special conditions apply [etch] kfreebsd-5 unsupported (FreeBSD not yet supported) [lenny] kfreebsd-6 unsupported (FreeBSD not yet supported) [lenny] kfreebsd-7 unsupported (FreeBSD not yet supported) Please note that atm all contrib/non-free packages are unsupported by default. Cheers Steffen signature.asc Description: This is a digitally signed message part.
Accepted courier-authlib 0.60.1-2.1 (source i386)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Format: 1.8 Date: Mon, 09 Jun 2008 15:29:23 + Source: courier-authlib Binary: courier-authlib courier-authdaemon courier-authlib-dev courier-authlib-userdb courier-authlib-mysql courier-authlib-postgresql courier-authlib-ldap courier-authlib-pipe Architecture: source i386 Version: 0.60.1-2.1 Distribution: unstable Urgency: high Maintainer: Stefan Hornburg (Racke) [EMAIL PROTECTED] Changed-By: Steffen Joeris [EMAIL PROTECTED] Description: courier-authdaemon - Courier authentication daemon courier-authlib - Courier authentication library courier-authlib-dev - Development libraries for the Courier authentication library courier-authlib-ldap - LDAP support for the Courier authentication library courier-authlib-mysql - MySQL support for the Courier authentication library courier-authlib-pipe - External authentication support for the Courier authentication li courier-authlib-postgresql - PostgreSQL support for the Courier authentication library courier-authlib-userdb - userdb support for the Courier authentication library Closes: 485424 Changes: courier-authlib (0.60.1-2.1) unstable; urgency=high . * Non-maintainer upload by the security team * Fix sql injection vulnerability by changing to use mysql_set_character_set instead of SET NAMES (Change was introduced by upstream in 0.60.6) (Closes: #485424) Checksums-Sha1: e143bc7a1bac103350a6240cb46ae390ec3f92c9 1379 courier-authlib_0.60.1-2.1.dsc 87f194502af31e8587882a980d2e9f0c824f0fe5 17325 courier-authlib_0.60.1-2.1.diff.gz b5c1b90b4ae8800299238f07e47e052382db0aff 71656 courier-authlib_0.60.1-2.1_i386.deb 82f204dbdcdb5569d5698bc3f5c6a54c9658452a 7130 courier-authdaemon_0.60.1-2.1_i386.deb b0890adfb7d8a72c6676b725cb96c863bd4db94a 110844 courier-authlib-dev_0.60.1-2.1_i386.deb 1020bdfc1ffc38691d1820686ec1c0f7edec4bde 32980 courier-authlib-userdb_0.60.1-2.1_i386.deb ffbcc4884487809c9af7a584b2ac12248e4bce23 19734 courier-authlib-mysql_0.60.1-2.1_i386.deb d2b0fbe8a21bbae6560f72a865bfd75249c4927a 19244 courier-authlib-postgresql_0.60.1-2.1_i386.deb 4e7684aefd57a4ee7e2beaef0d473e0c5457b0fb 21898 courier-authlib-ldap_0.60.1-2.1_i386.deb 906c211026a12c46f5601e04957cb29785db4b2a 7900 courier-authlib-pipe_0.60.1-2.1_i386.deb Checksums-Sha256: e73d848ce70e6d3e38f41189f40bea72f0c786c008d148bd05875157e9694940 1379 courier-authlib_0.60.1-2.1.dsc 330fdf082b6fffe8f357cbeb3b7299a4c5e29a61e26122c822be247d7ff39503 17325 courier-authlib_0.60.1-2.1.diff.gz 8469d66565200d2c250a26f10a9d52d94ea19df6dc2c6660b73da67786171d46 71656 courier-authlib_0.60.1-2.1_i386.deb 8e0f9a494eb941066fae8bcfa0e2bef7ab40b064391069d57d045aa9baacb8e3 7130 courier-authdaemon_0.60.1-2.1_i386.deb 65c8836a1196edc170beaec584eba4898175841d6a6ae59ae4166f8b070fa75b 110844 courier-authlib-dev_0.60.1-2.1_i386.deb 840e3f45245c7e281bdbe9673cf1cb3e8b355a86700fb1a4caae45d001500127 32980 courier-authlib-userdb_0.60.1-2.1_i386.deb 84d0582c2cc9ac9eddd9df7c4d61af47412af3b582c0bd50ea0c9538ab7c82ca 19734 courier-authlib-mysql_0.60.1-2.1_i386.deb 9669760cb7f7a98ba02c2134cb660993daebd554685185255f755f0c9d120630 19244 courier-authlib-postgresql_0.60.1-2.1_i386.deb 5047a539d59adf88c6db89519ec24f2fdd13719b338adfe7a7c6d398d7e1253e 21898 courier-authlib-ldap_0.60.1-2.1_i386.deb a0634a90d1d6d0f4fdcbb760660738ae672a603b758d6d11a0433280e4b6f64e 7900 courier-authlib-pipe_0.60.1-2.1_i386.deb Files: 98049d574d31a79c71cbd5c779fdf9f6 1379 mail optional courier-authlib_0.60.1-2.1.dsc 2572b07eb96219b5841cca67ef48ac04 17325 mail optional courier-authlib_0.60.1-2.1.diff.gz 5c97c3ed263483220fe277f4ec7b72f6 71656 mail optional courier-authlib_0.60.1-2.1_i386.deb 915e0235f0172ebe08a198b7af70e234 7130 mail optional courier-authdaemon_0.60.1-2.1_i386.deb 600af841eed335611e8290408271bc24 110844 mail optional courier-authlib-dev_0.60.1-2.1_i386.deb 2d4e3e298e8d4aa10af8da668c4fdc8d 32980 mail optional courier-authlib-userdb_0.60.1-2.1_i386.deb a6cfc40da304166682c02f14d1e7a3ea 19734 mail optional courier-authlib-mysql_0.60.1-2.1_i386.deb 0db2f5eadb7d5eb6b829b1d5dbcde557 19244 mail optional courier-authlib-postgresql_0.60.1-2.1_i386.deb 612eed2717d52b9f7680e3772e37314d 21898 mail optional courier-authlib-ldap_0.60.1-2.1_i386.deb 169dec2e21f413973b98c2db351b370d 7900 mail optional courier-authlib-pipe_0.60.1-2.1_i386.deb -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.9 (GNU/Linux) iEYEARECAAYFAkhNT0UACgkQ62zWxYk/rQdGjwCePn2k63aCEUJnNFu7xaa0PK2z j8gAnim0q4+4Bik5wQzG73A5qr6KNIN8 =jF1z -END PGP SIGNATURE- Accepted: courier-authdaemon_0.60.1-2.1_i386.deb to pool/main/c/courier-authlib/courier-authdaemon_0.60.1-2.1_i386.deb courier-authlib-dev_0.60.1-2.1_i386.deb to pool/main/c/courier-authlib/courier-authlib-dev_0.60.1-2.1_i386.deb courier-authlib-ldap_0.60.1-2.1_i386.deb to pool/main/c/courier-authlib/courier-authlib-ldap_0.60.1-2.1_i386.deb courier-authlib-mysql_0.60.1-2.1_i386.deb to pool
Accepted evolution 2.22.2-1.1 (source all i386)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Format: 1.8 Date: Sat, 07 Jun 2008 03:14:04 + Source: evolution Binary: evolution evolution-common evolution-dev evolution-dbg evolution-plugins evolution-plugins-experimental Architecture: source all i386 Version: 2.22.2-1.1 Distribution: unstable Urgency: high Maintainer: Debian Evolution Maintainers [EMAIL PROTECTED] Changed-By: Steffen Joeris [EMAIL PROTECTED] Description: evolution - groupware suite with mail client and organizer evolution-common - architecture independent files for Evolution evolution-dbg - debugging symbols for Evolution evolution-dev - development library files for Evolution evolution-plugins - standard plugins for Evolution evolution-plugins-experimental - experimental plugins for Evolution Closes: 484639 Changes: evolution (2.22.2-1.1) unstable; urgency=high . * Non-maintainer upload by the security team * Fix two buffer overflows and a possible DoS attack (Closes: 484639) - Use a Gstring instead of a fixed sized buffer to build the HTML string Fixes: CVE-2008-1108 - Avoid using a fixed sized buffer for parsing external data Fixes: CVE-2008-1109 - Add sanity checks to avoid remotely triggered DoS See http://bugzilla.gnome.org/show_bug.cgi?id=535459 Checksums-Sha1: a5d17537678366b3dd8d3195bff7e208613127f1 2824 evolution_2.22.2-1.1.dsc 1325d44d5aa792098ab45026e2cd5278f01c4899 29525 evolution_2.22.2-1.1.diff.gz e3ea5809bd7fed28e4944e7081af9203f03f002e 58463002 evolution-common_2.22.2-1.1_all.deb d0b381fd6e4cbaf85e5e895ee985f78247c575ee 2750302 evolution_2.22.2-1.1_i386.deb 71108b8c8ee68bc884da86868ce646d59f18989a 250076 evolution-dev_2.22.2-1.1_i386.deb f9e923eb6cd9ce39ef10480de239a3ad7aa947dd 6998964 evolution-dbg_2.22.2-1.1_i386.deb bfe12a24dca6b70e1acbb9452526748e1d2e959f 174684 evolution-plugins_2.22.2-1.1_i386.deb 29aeda3c502bc48c828126132d0cbafa92599458 132028 evolution-plugins-experimental_2.22.2-1.1_i386.deb Checksums-Sha256: 6e937cda5003412b8fc99331b8a389a272224aaf7cd4257ebc6cacc88db950eb 2824 evolution_2.22.2-1.1.dsc 0daefd6d775d8dfba7d26ed33e87a5fd76b50351cc46df8bb052dfe0ad188af1 29525 evolution_2.22.2-1.1.diff.gz c8e5d7c9ec8875f0be1854d74526ffea2110c62e51654d15bdd0d2a95b490c1b 58463002 evolution-common_2.22.2-1.1_all.deb 03c205873d8493442475549029246542822aafdb500294365fd1e5993b76 2750302 evolution_2.22.2-1.1_i386.deb 6db40478ece991f4a7e7ce7316ab42bbd127c657210aa727e067cd022efa0351 250076 evolution-dev_2.22.2-1.1_i386.deb 626465918ea31e4b6037ff9e14ff30898ed8e67fc62f0d8d24f503f82640d6ed 6998964 evolution-dbg_2.22.2-1.1_i386.deb 60208e69a08f61d9a90d951490f6a0893c0c7130462b73c0e71d06e01b843954 174684 evolution-plugins_2.22.2-1.1_i386.deb 9cd4d67fa67431809ffbc6764d19570a3e28c0c31ed4b99d525b748ad460c92d 132028 evolution-plugins-experimental_2.22.2-1.1_i386.deb Files: 518abe2c475209ec4069dd7d6a039018 2824 gnome optional evolution_2.22.2-1.1.dsc 1ce700c6f6dfd20200c5a1a74e326e62 29525 gnome optional evolution_2.22.2-1.1.diff.gz c50d712bf0a3cb048c65ac2fb50a61e1 58463002 gnome optional evolution-common_2.22.2-1.1_all.deb d150ba4eac8138917c416f16f8a66421 2750302 gnome optional evolution_2.22.2-1.1_i386.deb c1e4fe41fe4422fb6b3cdd48da247d1e 250076 devel optional evolution-dev_2.22.2-1.1_i386.deb 46bef6fe9cdc606fb4181709f95c81ee 6998964 gnome extra evolution-dbg_2.22.2-1.1_i386.deb 5f95593504cd32cff086d8663e4f8fca 174684 gnome optional evolution-plugins_2.22.2-1.1_i386.deb e44c6fe3a0d2ae7d27fa19b441a25cb2 132028 gnome optional evolution-plugins-experimental_2.22.2-1.1_i386.deb -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.9 (GNU/Linux) iEYEARECAAYFAkhKDhIACgkQ62zWxYk/rQcu4gCgmqZqlDvaW0YkgRHb0PXOm5OD 2cMAn2LQOwyGf8biKlAgO2sEd2vOai7I =5jtF -END PGP SIGNATURE- Accepted: evolution-common_2.22.2-1.1_all.deb to pool/main/e/evolution/evolution-common_2.22.2-1.1_all.deb evolution-dbg_2.22.2-1.1_i386.deb to pool/main/e/evolution/evolution-dbg_2.22.2-1.1_i386.deb evolution-dev_2.22.2-1.1_i386.deb to pool/main/e/evolution/evolution-dev_2.22.2-1.1_i386.deb evolution-plugins-experimental_2.22.2-1.1_i386.deb to pool/main/e/evolution/evolution-plugins-experimental_2.22.2-1.1_i386.deb evolution-plugins_2.22.2-1.1_i386.deb to pool/main/e/evolution/evolution-plugins_2.22.2-1.1_i386.deb evolution_2.22.2-1.1.diff.gz to pool/main/e/evolution/evolution_2.22.2-1.1.diff.gz evolution_2.22.2-1.1.dsc to pool/main/e/evolution/evolution_2.22.2-1.1.dsc evolution_2.22.2-1.1_i386.deb to pool/main/e/evolution/evolution_2.22.2-1.1_i386.deb -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Accepted qliss3d 1.3.2-4 (source i386)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Format: 1.8 Date: Tue, 03 Jun 2008 10:40:20 + Source: qliss3d Binary: qliss3d Architecture: source i386 Version: 1.3.2-4 Distribution: unstable Urgency: low Maintainer: Steffen Joeris [EMAIL PROTECTED] Changed-By: Steffen Joeris [EMAIL PROTECTED] Description: qliss3d- demonstration tool for Lissajous figures Changes: qliss3d (1.3.2-4) unstable; urgency=low . * Bump standards version to 3.7.3 * Bump debhelper level to 6 and change build-depends accordingly * Use Homepage field in debian/control * Change menu section to Applications/Science/Mathematics * No longer ignore errors by make in the clean target Checksums-Sha1: 4c3071d439230bdfb1d99703bcd1fb19ce35c002 1054 qliss3d_1.3.2-4.dsc 6ad071f3ae1f0f532ca4e1c5a4a010a8689e78d7 11276 qliss3d_1.3.2-4.diff.gz 3d10c5cbea099eaed25df69975dd59b3f0cdc555 37884 qliss3d_1.3.2-4_i386.deb Checksums-Sha256: 98f6e2f67db171cd33ac92b65e28d1e9c0d14930c7d8b681b332e579625b1335 1054 qliss3d_1.3.2-4.dsc cb5680a1c7f2a3cf1ce51e5e4ee6b579eeb6bbd307f400a442dfab2a59a12887 11276 qliss3d_1.3.2-4.diff.gz 6bb401966bfc40dd2482adc97ccad9e382cc6effd365343acd689be9afbf7bf2 37884 qliss3d_1.3.2-4_i386.deb Files: 5f9804a0b9ffde9ce2d5c1a414cc58c8 1054 graphics optional qliss3d_1.3.2-4.dsc 24851a2d2293b89f30541bbfbdbbe2f3 11276 graphics optional qliss3d_1.3.2-4.diff.gz 92a3e4120adf77927245c71e995f1d7b 37884 graphics optional qliss3d_1.3.2-4_i386.deb -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.6 (GNU/Linux) iD8DBQFIRTzF62zWxYk/rQcRApvpAKCmMO7f/SzoGiELtLGjIShxRaE1HQCfdrqg wBw98K3XztzoYR12gsqCrs8= =4UKB -END PGP SIGNATURE- Accepted: qliss3d_1.3.2-4.diff.gz to pool/main/q/qliss3d/qliss3d_1.3.2-4.diff.gz qliss3d_1.3.2-4.dsc to pool/main/q/qliss3d/qliss3d_1.3.2-4.dsc qliss3d_1.3.2-4_i386.deb to pool/main/q/qliss3d/qliss3d_1.3.2-4_i386.deb -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Accepted qtodo 0.1.2-3 (source i386)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Format: 1.8 Date: Tue, 03 Jun 2008 13:01:21 + Source: qtodo Binary: qtodo Architecture: source i386 Version: 0.1.2-3 Distribution: unstable Urgency: low Maintainer: Steffen Joeris [EMAIL PROTECTED] Changed-By: Steffen Joeris [EMAIL PROTECTED] Description: qtodo - ToDo List manager Changes: qtodo (0.1.2-3) unstable; urgency=low . * Adjust menu section to new policy and use Applications/Data Management * Bump standards version to 3.7.3 * Bump debhelper level to 6 and change build-depends accordingly * Use Homepage control field * Don't ignore error from make in clean target anymore Checksums-Sha1: 08ef2fbbb69c0407f615041dff8a7c9da0bc7156 993 qtodo_0.1.2-3.dsc 6c5b7e9875a570484cd9b3d86519dda5babc0428 3045 qtodo_0.1.2-3.diff.gz 5142e91812d604773baa85c63f9f55d675422528 469624 qtodo_0.1.2-3_i386.deb Checksums-Sha256: 93ca4352caf49a672bde0b3406ca8f0ec24e42412769d5f98384b3f6fcc33644 993 qtodo_0.1.2-3.dsc ceeaa64ccac845c741a676f8dd2ced9f0d68d776bc91bbf50860eb89fcdc75c6 3045 qtodo_0.1.2-3.diff.gz 70224d7510ddb766a97ee3cc48453d1b16f0c6f2f07059a0a74acb0f227d75a7 469624 qtodo_0.1.2-3_i386.deb Files: ef816be579240005329d6ac956cb5620 993 kde optional qtodo_0.1.2-3.dsc 21efdc505e420e2efca77b61ea0e1180 3045 kde optional qtodo_0.1.2-3.diff.gz e0968c03ae95ace58ac1d82edaebccb7 469624 kde optional qtodo_0.1.2-3_i386.deb -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.6 (GNU/Linux) iD8DBQFIRUO462zWxYk/rQcRAh+ZAKCuDDaScbdtZ9jZx6nE3WiUc1YQigCffBTo GeMK8QArwqthVEBGpJrcMvw= =VLEy -END PGP SIGNATURE- Accepted: qtodo_0.1.2-3.diff.gz to pool/main/q/qtodo/qtodo_0.1.2-3.diff.gz qtodo_0.1.2-3.dsc to pool/main/q/qtodo/qtodo_0.1.2-3.dsc qtodo_0.1.2-3_i386.deb to pool/main/q/qtodo/qtodo_0.1.2-3_i386.deb -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Accepted gpsim 0.22.0-5 (source i386)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Format: 1.8 Date: Sun, 01 Jun 2008 09:30:49 + Source: gpsim Binary: gpsim gpsim-dev Architecture: source i386 Version: 0.22.0-5 Distribution: unstable Urgency: medium Maintainer: Steffen Joeris [EMAIL PROTECTED] Changed-By: Steffen Joeris [EMAIL PROTECTED] Description: gpsim - Simulator for Microchip's PIC microcontrollers gpsim-dev - Libraries needed only for building gpsim components Closes: 471202 474796 475473 Changes: gpsim (0.22.0-5) unstable; urgency=medium . * Acknowledge NMU, thanks Luk (Closes: #471202) * Fix gcc-4.3 compilation issues (Closes: #474796) patch taken from gentoo, thanks to the people involved - Incorporate all gcc-4.3 porting issues into 10-gcc-4.3.dpatch - Add dpatch back to build-depends and call it in debian/rules * Update standards-version to 3.7.3 * Remove some empty dirs under /usr/share/doc/gpsim/examples/ * Remove code, which automatically adds the library extension to the file, in order to let people load the libraries without the gpsim-dev package installed and document library loading in README.Debian (Closes: #475473) Checksums-Sha1: a245e6b15815276baab4f4f396016cb706721ea3 1117 gpsim_0.22.0-5.dsc 42b87ab09338c4d93d5f4e7c07fe1d8dbf24e326 24359 gpsim_0.22.0-5.diff.gz 38bf49dcac2d2b2109e1022af139d56bed120226 1134780 gpsim_0.22.0-5_i386.deb 6291974af22fddb775f239691975aba017e70edc 187530 gpsim-dev_0.22.0-5_i386.deb Checksums-Sha256: 105e4c0104b0123bb99cd3a0ce03e5a679022dafb034f1201684cdcced39e7e7 1117 gpsim_0.22.0-5.dsc 2349db05c3ace2a17262b31c4b2a9f986dbb835f4ad92df84967b0832bd48ac8 24359 gpsim_0.22.0-5.diff.gz ea3c49b875b47a3ac0ae229efc7915ea93c480f14c29fd910ff1bb7c446a35ce 1134780 gpsim_0.22.0-5_i386.deb bddc9b281766703f938cb514db7c699c69036c243327d22855be3d9768bd5c70 187530 gpsim-dev_0.22.0-5_i386.deb Files: 9b7537636ae48c7db6059ee4e9cc1f6f 1117 electronics optional gpsim_0.22.0-5.dsc 7d0af8ad1eb2cceb9aae4bcdd01f96aa 24359 electronics optional gpsim_0.22.0-5.diff.gz eee64a48bcf854a6985bd123259043fa 1134780 electronics optional gpsim_0.22.0-5_i386.deb ab3fa2dfbc2b9d26fc5ce33a705185e3 187530 devel optional gpsim-dev_0.22.0-5_i386.deb -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.6 (GNU/Linux) iD8DBQFIQoGU62zWxYk/rQcRAr1iAKChlEcBWBnBgOQVy7Rz7um/L2m/VACghecw 7Zk6c2LQJGMbjJRyKHUta1w= =wcfl -END PGP SIGNATURE- Accepted: gpsim-dev_0.22.0-5_i386.deb to pool/main/g/gpsim/gpsim-dev_0.22.0-5_i386.deb gpsim_0.22.0-5.diff.gz to pool/main/g/gpsim/gpsim_0.22.0-5.diff.gz gpsim_0.22.0-5.dsc to pool/main/g/gpsim/gpsim_0.22.0-5.dsc gpsim_0.22.0-5_i386.deb to pool/main/g/gpsim/gpsim_0.22.0-5_i386.deb -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Accepted pan 0.132-3.1 (source i386)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Format: 1.8 Date: Sun, 01 Jun 2008 11:55:25 + Source: pan Binary: pan Architecture: source i386 Version: 0.132-3.1 Distribution: unstable Urgency: high Maintainer: Mario Iseli [EMAIL PROTECTED] Changed-By: Steffen Joeris [EMAIL PROTECTED] Description: pan- A Newsreader based on GTK2, which looks like Forte Agent Closes: 483562 Changes: pan (0.132-3.1) unstable; urgency=high . * Non-maintainer upload by the security team * Fix possible buffer overflow by clearing parts from PartsBatch class (Closes: #483562) Fixes: CVE-2008-2363 Checksums-Sha1: 51ab2ed24923d077881b9166d21187b1144fbe0e 1147 pan_0.132-3.1.dsc b635269f518547e795c0b9f9f83fe1301fcbb0b8 20449 pan_0.132-3.1.diff.gz e862db3abde8fd330582623b621f75053b1d40a5 1057268 pan_0.132-3.1_i386.deb Checksums-Sha256: 0ac1bbe68d81359de9eb8938444ed81aa5b4ca34a0e4f825ddd332be3aa2039b 1147 pan_0.132-3.1.dsc 98410deba5def3a6a3762331c62d4b2ab138fc974aae23a4b45884e08dd0344e 20449 pan_0.132-3.1.diff.gz 12854d55dc90ed6340d8e4c490daf88ba790f8fdf28be70c3df4bbb1fb2215e9 1057268 pan_0.132-3.1_i386.deb Files: 0d98d07359c54363b15f16e893efbb57 1147 news optional pan_0.132-3.1.dsc fcab19b095b2b1d792953f1bdbff74f6 20449 news optional pan_0.132-3.1.diff.gz ad43cba16caa5b1366f6d9126fe1a9e9 1057268 news optional pan_0.132-3.1_i386.deb -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.6 (GNU/Linux) iD8DBQFIQqOw62zWxYk/rQcRApDgAKC1oEMNEgKW/Mr0u77i9zIjeK1S+gCgw389 /9nXsGcMsxidRDiqPx2mNBU= =yDkm -END PGP SIGNATURE- Accepted: pan_0.132-3.1.diff.gz to pool/main/p/pan/pan_0.132-3.1.diff.gz pan_0.132-3.1.dsc to pool/main/p/pan/pan_0.132-3.1.dsc pan_0.132-3.1_i386.deb to pool/main/p/pan/pan_0.132-3.1_i386.deb -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Accepted kalgebra 0.5-2 (source i386)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Format: 1.8 Date: Fri, 30 May 2008 13:03:58 + Source: kalgebra Binary: kalgebra Architecture: source i386 Version: 0.5-2 Distribution: unstable Urgency: low Maintainer: Steffen Joeris [EMAIL PROTECTED] Changed-By: Steffen Joeris [EMAIL PROTECTED] Description: kalgebra - calculator based on MathML language Closes: 483580 Changes: kalgebra (0.5-2) unstable; urgency=low . * Change maintainer address to my debian address (please note the RFA bug) * Use the Homepage field in debian/control * Bump standards version to 3.7.3 * Use Applications/Science/Mathematics for debian/menu * Edit kalgebra.desktop to make it show up under Edutainment and Mathematics in the KDE menu (Closes: #483580) Checksums-Sha1: bd96fd1c8c36333a91a05185b7a97d73f08eb7a6 1014 kalgebra_0.5-2.dsc cab8568555746a008f17cf00bd773ea2c9ada0b9 186929 kalgebra_0.5-2.diff.gz d4a5ff66cd28cc5cfadebe5487dcc4ff6f7be7b2 124282 kalgebra_0.5-2_i386.deb Checksums-Sha256: 4345b0934167b689433bcc592b1f324d9ee9851ee50325670d0695d8dd4cb795 1014 kalgebra_0.5-2.dsc e412bee4e385d18a2be705f4c0e25eed731541c630d8fd0803bc7b3e1a0c3c0a 186929 kalgebra_0.5-2.diff.gz ccdb2f961b3551eb105b500b6ddce22f1fb8c5894155ca3d407df4dfa410c61e 124282 kalgebra_0.5-2_i386.deb Files: 3ee753ef0e1a792827eca2a6366c4463 1014 kde optional kalgebra_0.5-2.dsc 0f34e34c9d10d5687c476fb64be11498 186929 kde optional kalgebra_0.5-2.diff.gz e3ea7c52d156665914c5facb80ad931e 124282 kde optional kalgebra_0.5-2_i386.deb -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.6 (GNU/Linux) iD8DBQFIQAaz62zWxYk/rQcRAoPJAJ4spYA/ezQmTR2Odi4Sgk9KvfOKNQCfZzd2 slUJ/HeD5e0aUvCNwM4HY+8= =b1l0 -END PGP SIGNATURE- Accepted: kalgebra_0.5-2.diff.gz to pool/main/k/kalgebra/kalgebra_0.5-2.diff.gz kalgebra_0.5-2.dsc to pool/main/k/kalgebra/kalgebra_0.5-2.dsc kalgebra_0.5-2_i386.deb to pool/main/k/kalgebra/kalgebra_0.5-2_i386.deb -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Accepted stunnel4 3:4.22-1.1 (source all i386)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Format: 1.8 Date: Tue, 27 May 2008 18:28:56 +0200 Source: stunnel4 Binary: stunnel4 stunnel Architecture: source all i386 Version: 3:4.22-1.1 Distribution: unstable Urgency: high Maintainer: Luis Rodrigo Gallardo Cruz [EMAIL PROTECTED] Changed-By: Steffen Joeris [EMAIL PROTECTED] Description: stunnel- dummy upgrade package stunnel4 - Universal SSL tunnel for network daemons Closes: 482644 Changes: stunnel4 (3:4.22-1.1) unstable; urgency=high . * Non-maintainer upload by the security team * Fix security bug in the OCSP functionality that allowed revoked certificates to authenticate (Closes: #482644) Fixes: CVE-2008-2420 Checksums-Sha1: be663293860389bb27e43bf3d846c8afcf247e10 1205 stunnel4_4.22-1.1.dsc 6a2f378bc3e8356a89b40579d83ed0df8bc5cd4e 30952 stunnel4_4.22-1.1.diff.gz f9b3271905c413176406fef8d30ff111b8b9cc02 10166 stunnel_4.22-1.1_all.deb e3cae30f9702ec979abea63e19ef2782c03a2ebc 147182 stunnel4_4.22-1.1_i386.deb Checksums-Sha256: da01005dfbb530d1581dd270caf02405da586f87f016ecefdc957da3c22ecdd7 1205 stunnel4_4.22-1.1.dsc ad0640f8392406fd59856ca5ae0881963026f67409505dd472a67c9ee8d03000 30952 stunnel4_4.22-1.1.diff.gz 616d7c80d6269bbfe5530a20ff5214c8df9e92a054f39cfd9e8f815caa77e5d1 10166 stunnel_4.22-1.1_all.deb a0e0043628570b6c2d974cfabbb246a4a86db861e0eb42d49d098e61af2fffe6 147182 stunnel4_4.22-1.1_i386.deb Files: bcfd6e6c2b04262055fed355b3653be0 1205 net optional stunnel4_4.22-1.1.dsc 6c0b1dc48612b08606cef98c39d4d368 30952 net optional stunnel4_4.22-1.1.diff.gz 9d3162fdeb77a7d4b62fddefc62cdf9f 10166 net optional stunnel_4.22-1.1_all.deb 0f90b5f2ba27b4c7481c25ec2520ba1d 147182 net optional stunnel4_4.22-1.1_i386.deb -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.6 (GNU/Linux) iD8DBQFIPDiC62zWxYk/rQcRAjkQAJ92kVThmy+648ClQm7UbH1iJcmClgCgkagp lpReEuKnXvyLKyzq+aN5d+k= =QOqe -END PGP SIGNATURE- Accepted: stunnel4_4.22-1.1.diff.gz to pool/main/s/stunnel4/stunnel4_4.22-1.1.diff.gz stunnel4_4.22-1.1.dsc to pool/main/s/stunnel4/stunnel4_4.22-1.1.dsc stunnel4_4.22-1.1_i386.deb to pool/main/s/stunnel4/stunnel4_4.22-1.1_i386.deb stunnel_4.22-1.1_all.deb to pool/main/s/stunnel4/stunnel_4.22-1.1_all.deb -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Accepted kvm 66+dfsg-1.1 (source all i386)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Format: 1.8 Date: Tue, 20 May 2008 13:28:14 + Source: kvm Binary: kvm kvm-data kvm-source Architecture: source all i386 Version: 66+dfsg-1.1 Distribution: unstable Urgency: high Maintainer: Jan Lübbe [EMAIL PROTECTED] Changed-By: Steffen Joeris [EMAIL PROTECTED] Description: kvm- Full virtualization on x86 hardware kvm-data - Data files for the KVM package kvm-source - Source for the KVM driver Closes: 480011 481204 Changes: kvm (66+dfsg-1.1) unstable; urgency=high . * Non-maintainer upload by the security team * Merge the fixes for the security issues in the embedded qemu version (Closes: #480011) Thanks to Jamie Strandboge - Add CVE-2007-1320+1321+1322+1366+2893.patch from from qemu 0.9.1-1 to address the following issues: - Cirrus LGD-54XX bitblt heap overflow. - NE2000 mtu heap overflow. - QEMU net socket heap overflow. - QEMU NE2000 receive integer signedness error. - Infinite loop in the emulated SB16 device. - Unprivileged aam instruction does not correctly handle the undocumented divisor operand. - Unprivileged icebp instruction will halt emulation. * Include patch which defaults to existing behaviour (probing based on file contents), so it still requires the mgmt app (e.g. libvirt xml) to pass a new format=raw parameter for raw disk images - Fixes possible privilege escalation, which could allow guest users to read arbitrary files on the host by modifying the header to identify a different format (Closes: #481204) Fixes: CVE-2008-2004 Checksums-Sha1: 91a99c6cd0fb41e7ce54e413f1d8b1ca939f9347 1308 kvm_66+dfsg-1.1.dsc d03b192d199763803083e1c88d3fbe7ac80f35c5 34347 kvm_66+dfsg-1.1.diff.gz 3b32e47d274d621c760209cc686a14a232295e6e 186850 kvm-data_66+dfsg-1.1_all.deb 7d84ae37e8f8fb08e49efed0f9f659a18acee34d 158952 kvm-source_66+dfsg-1.1_all.deb 917f2b97235de8ee38254f42b1a428208fada0d5 632944 kvm_66+dfsg-1.1_i386.deb Checksums-Sha256: a66a2f026ba401e7a0115b1923bd86e52390e2015a58ceb4637b4f5e18abc1ce 1308 kvm_66+dfsg-1.1.dsc 0d65d3c69bf308ddce0f37c23e36fb1a3a69ed245729646293932e54b248deff 34347 kvm_66+dfsg-1.1.diff.gz f25066a3281482ae0f2c043a954c1b566d39a66a3b5eac5e9aec35ff9f6456b8 186850 kvm-data_66+dfsg-1.1_all.deb 37934401158248b77f3daa3ed9fdf1aa1ba268efc7491788eafbc39bc7fa538e 158952 kvm-source_66+dfsg-1.1_all.deb f4c635a3927c2b19d1c3fafe4df16096a54113144c4e149fc9960562195657bf 632944 kvm_66+dfsg-1.1_i386.deb Files: 23def165ed98f21c558245099146b41d 1308 misc optional kvm_66+dfsg-1.1.dsc 5d3bf47baebe9a89d771b30830c9df92 34347 misc optional kvm_66+dfsg-1.1.diff.gz 6b0557c6e139d5803f0878438d49a281 186850 misc optional kvm-data_66+dfsg-1.1_all.deb 0528a7efdd3d30b8d28c4e0674ec28c1 158952 misc optional kvm-source_66+dfsg-1.1_all.deb 202bae86a7d24a0d3270fd91c440922e 632944 misc optional kvm_66+dfsg-1.1_i386.deb -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.6 (GNU/Linux) iD8DBQFIMuDa62zWxYk/rQcRAhzzAKCtHxSlNFh0pwUMOb8jHmMkmRY3owCfWCiJ Nd8wh9rdLpYp6KU6pkcSqD0= =H9hM -END PGP SIGNATURE- Accepted: kvm-data_66+dfsg-1.1_all.deb to pool/main/k/kvm/kvm-data_66+dfsg-1.1_all.deb kvm-source_66+dfsg-1.1_all.deb to pool/main/k/kvm/kvm-source_66+dfsg-1.1_all.deb kvm_66+dfsg-1.1.diff.gz to pool/main/k/kvm/kvm_66+dfsg-1.1.diff.gz kvm_66+dfsg-1.1.dsc to pool/main/k/kvm/kvm_66+dfsg-1.1.dsc kvm_66+dfsg-1.1_i386.deb to pool/main/k/kvm/kvm_66+dfsg-1.1_i386.deb -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Accepted mantis 1.0.8-4.1 (source all)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Format: 1.8 Date: Tue, 20 May 2008 10:26:34 +0200 Source: mantis Binary: mantis Architecture: source all Version: 1.0.8-4.1 Distribution: unstable Urgency: medium Maintainer: Patrick Schoenfeld [EMAIL PROTECTED] Changed-By: Steffen Joeris [EMAIL PROTECTED] Description: mantis - web-based bug tracking system Closes: 481504 Changes: mantis (1.0.8-4.1) unstable; urgency=medium . * Non-maintainer upload by the security team * Fix Cross-site request forgery (CSRF) vulnerability that allowed certain actions via HTTP requests without performing any validity checks (Closes: #481504) Fixes: CVE-2008-2276 Checksums-Sha1: 6d16d4fa8368b4ad063378d86fd1e290edad17b3 1157 mantis_1.0.8-4.1.dsc 16f8b42533e4849369543389a4715151f9f3f622 40597 mantis_1.0.8-4.1.diff.gz c6701a2439f1e40ac1f09cce2dabc24d01af1e85 1284984 mantis_1.0.8-4.1_all.deb Checksums-Sha256: 3f03d2446c8a574c5dd501d9bc39b4399b678f44f600348f9308b749b7424017 1157 mantis_1.0.8-4.1.dsc bc2bf60277256b2ec590ad0745bd03ac77e66e4c74ea00146e327c6c7ba8bbea 40597 mantis_1.0.8-4.1.diff.gz 7b25c96bff260f2b2205d627a0d37402e0f087e4e483b2091f03d49bf56baff1 1284984 mantis_1.0.8-4.1_all.deb Files: 8d45b5ec51febf6be9d12950741e0f82 1157 web optional mantis_1.0.8-4.1.dsc 9ece443220e50f4369a4e6fd5eaed186 40597 web optional mantis_1.0.8-4.1.diff.gz db287509554d3547625d62796fbed8ce 1284984 web optional mantis_1.0.8-4.1_all.deb -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.6 (GNU/Linux) iD8DBQFIMozT62zWxYk/rQcRAok1AJ4gYLRR85X+5OG3CtlL0+xcXfPh7ACgukYQ uuxJxKc/ds+h02tPpIwE484= =iAZd -END PGP SIGNATURE- Accepted: mantis_1.0.8-4.1.diff.gz to pool/main/m/mantis/mantis_1.0.8-4.1.diff.gz mantis_1.0.8-4.1.dsc to pool/main/m/mantis/mantis_1.0.8-4.1.dsc mantis_1.0.8-4.1_all.deb to pool/main/m/mantis/mantis_1.0.8-4.1_all.deb -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Accepted suphp 0.6.2-2.1 (source i386)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Format: 1.8 Date: Sat, 10 May 2008 08:48:45 + Source: suphp Binary: suphp-common libapache2-mod-suphp Architecture: source i386 Version: 0.6.2-2.1 Distribution: unstable Urgency: high Maintainer: Emmanuel Lacour [EMAIL PROTECTED] Changed-By: Steffen Joeris [EMAIL PROTECTED] Description: libapache2-mod-suphp - Apache2 module to run php scripts with the owner permissions suphp-common - Common files for mod suphp Closes: 475431 Changes: suphp (0.6.2-2.1) unstable; urgency=high . * Non-maintainer upload by the security team * Fix race condition in symlink handling by adding 04_CVE-2008-1614.dpatch (Closes: #475431) Fixes: CVE-2008-1614 Checksums-Sha1: d791d701c151c5b4d82afcd88147b022d6498cee suphp_0.6.2-2.1.dsc 37b948887f18f04f3071c25f7b7c30f911ad9ddb 84191 suphp_0.6.2-2.1.diff.gz c03add33f74423e78afef2d320192e2ff6613050 73144 suphp-common_0.6.2-2.1_i386.deb 373782c15adf5af147633120dcf18007785419fc 16836 libapache2-mod-suphp_0.6.2-2.1_i386.deb Checksums-Sha256: 8a52bd47531ddd56680e520780b34b43bb0f86b73dce1fc6836054159a141f7c suphp_0.6.2-2.1.dsc 742d6677be8e948ef0067644fd09e3b200ceb937f5418b390c5569f836b6ebf3 84191 suphp_0.6.2-2.1.diff.gz 3936c1ed8edbe094e7b74175df7532d9c1de7d75d0513c8addb6eb63690227aa 73144 suphp-common_0.6.2-2.1_i386.deb b7c77ad39d5564a1f78b2952436262384b3e97b687db06ab5dbf719585bab0e7 16836 libapache2-mod-suphp_0.6.2-2.1_i386.deb Files: 476ce3e48c4a799382cfc060e141f1a3 web optional suphp_0.6.2-2.1.dsc 45703891e4ce4f14b9edaeecad15d306 84191 web optional suphp_0.6.2-2.1.diff.gz 09e821d65ba60c33b5d950ff11085d8d 73144 web optional suphp-common_0.6.2-2.1_i386.deb dc62b5736fced691e3d1ca454fa360a3 16836 web optional libapache2-mod-suphp_0.6.2-2.1_i386.deb -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.6 (GNU/Linux) iD8DBQFIJWc562zWxYk/rQcRAh2JAJ9XYfMgPsPwjsZzcf+pHDcZ3NTNsQCfTI+0 YOn2c3fM2mRPBYwdSTtwqL8= =OpzX -END PGP SIGNATURE- Accepted: libapache2-mod-suphp_0.6.2-2.1_i386.deb to pool/main/s/suphp/libapache2-mod-suphp_0.6.2-2.1_i386.deb suphp-common_0.6.2-2.1_i386.deb to pool/main/s/suphp/suphp-common_0.6.2-2.1_i386.deb suphp_0.6.2-2.1.diff.gz to pool/main/s/suphp/suphp_0.6.2-2.1.diff.gz suphp_0.6.2-2.1.dsc to pool/main/s/suphp/suphp_0.6.2-2.1.dsc -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Accepted cecilia 2.0.5-2.1 (source all)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Format: 1.8 Date: Fri, 09 May 2008 11:47:07 + Source: cecilia Binary: cecilia Architecture: source all Version: 2.0.5-2.1 Distribution: unstable Urgency: high Maintainer: Free Ekanayaka [EMAIL PROTECTED] Changed-By: Steffen Joeris [EMAIL PROTECTED] Description: cecilia- graphic user interface for CSound Closes: 476321 Changes: cecilia (2.0.5-2.1) unstable; urgency=high . * Non-maintainer upload by the security team * Include 13CVE-2008-1832.dpatch to fix insecure tmp file handling, which allows a symlink attack (Closes: #476321) Fixes: CVE-2008-1832 Checksums-Sha1: 40ee3ffde9ed450ed198041b854d4692971894bf 1023 cecilia_2.0.5-2.1.dsc 4054cf14f8dd530825958ed993fa938a63c8ffa8 13397 cecilia_2.0.5-2.1.diff.gz f9518a463de806a428f6563fb64835db7e220534 1654124 cecilia_2.0.5-2.1_all.deb Checksums-Sha256: 21b43c87f7f855fc454251677b130df9800e52b2e3bfc2c3e50ebce0027b2729 1023 cecilia_2.0.5-2.1.dsc 67af098abfe27b2d0a04b9f8531e1656c07642943fef89240c3cddd9da0ad0a1 13397 cecilia_2.0.5-2.1.diff.gz c7240af8be18ca79621bcfb560a5dd2f46bd107084a0fca57455a7bd14f4d708 1654124 cecilia_2.0.5-2.1_all.deb Files: 7adbf654c3055a6d0ca42739c4ca6679 1023 sound optional cecilia_2.0.5-2.1.dsc cb3a02fc51b07fb218b18405466657bd 13397 sound optional cecilia_2.0.5-2.1.diff.gz b6d6b071b6708f22cb218c42ecedaef3 1654124 sound optional cecilia_2.0.5-2.1_all.deb -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.6 (GNU/Linux) iD8DBQFIJDvU62zWxYk/rQcRAoSkAKC2ebqLKOt2rldCWTfcfWjpHGnQIACeKCgE tiwhodasJnEi6GLSyu/nUaQ= =BeHD -END PGP SIGNATURE- Accepted: cecilia_2.0.5-2.1.diff.gz to pool/main/c/cecilia/cecilia_2.0.5-2.1.diff.gz cecilia_2.0.5-2.1.dsc to pool/main/c/cecilia/cecilia_2.0.5-2.1.dsc cecilia_2.0.5-2.1_all.deb to pool/main/c/cecilia/cecilia_2.0.5-2.1_all.deb -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Accepted dc-qt 0.2.0.alpha-4 (source i386)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Format: 1.8 Date: Tue, 06 May 2008 11:45:30 + Source: dc-qt Binary: dc-qt Architecture: source i386 Version: 0.2.0.alpha-4 Distribution: unstable Urgency: medium Maintainer: Steffen Joeris [EMAIL PROTECTED] Changed-By: Steffen Joeris [EMAIL PROTECTED] Description: dc-qt - GUI frontend for the dc protocol Closes: 477028 Changes: dc-qt (0.2.0.alpha-4) unstable; urgency=medium . * Acknowledge NMU (Thanks to Moritz) * Add build-dependency against zlib1g-dev to avoid FTBFS (Closes: #477028) (Thanks to Sune for the patch and Sebastian for the patch) * Bump standards version to 3.7.3 (no changes needed) * Bump debhelper level to 6 (no changes needed) * Remove obsolete directory /usr/sbin in the package * Now use Homepage field in debian/control * Change Apps/Net to Applications/Network/File Transfer in debian/menu according to new policy Checksums-Sha1: 9ba4c14d6ffc64b4a3c212e8cc6dead779aa3be9 1137 dc-qt_0.2.0.alpha-4.dsc 3e26e0e7e0be6a53ae3df57ce7f47f54b819637f 4299 dc-qt_0.2.0.alpha-4.diff.gz 7d1f3676b88413141f603e7ace1937153dc29ec2 827686 dc-qt_0.2.0.alpha-4_i386.deb Checksums-Sha256: 69067892e6c88113f37b19a845be999ac97e891eb0a1f515a816679c0abf1d68 1137 dc-qt_0.2.0.alpha-4.dsc 5b4baa08e113e95f7b788b08846211aa3e66b8ba88274b7b38b82de83f80a392 4299 dc-qt_0.2.0.alpha-4.diff.gz 404b01763ae8efff81864fc69c2a40eedda667b24af212e63fa65b9495e3e115 827686 dc-qt_0.2.0.alpha-4_i386.deb Files: e3cc99bc7e5a0752af25c8460cccf17a 1137 kde optional dc-qt_0.2.0.alpha-4.dsc eefa2005fa8c6acbbcc1cc57dce5d9b4 4299 kde optional dc-qt_0.2.0.alpha-4.diff.gz 159fc078e40bff2865a6a65defc08c6f 827686 kde optional dc-qt_0.2.0.alpha-4_i386.deb -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.6 (GNU/Linux) iD8DBQFIIEiU62zWxYk/rQcRAtwtAKCg17L9D0NvrgbwTJ5y6U0p2xPt+gCfQyeU Yoi0nFTZnz+dKT4PXNKcZoI= =gSOE -END PGP SIGNATURE- Accepted: dc-qt_0.2.0.alpha-4.diff.gz to pool/main/d/dc-qt/dc-qt_0.2.0.alpha-4.diff.gz dc-qt_0.2.0.alpha-4.dsc to pool/main/d/dc-qt/dc-qt_0.2.0.alpha-4.dsc dc-qt_0.2.0.alpha-4_i386.deb to pool/main/d/dc-qt/dc-qt_0.2.0.alpha-4_i386.deb -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
RFA: gpsim -- Simulator for Microchip's PIC microcontrollers
Package: wnpp Severity: normal Hi My debian time is already taken by other debian things, so I am not finding enough time to maintain this package properly. If you are willing to take it over, be my guest. However, I guess it is a good idea to also adopt the documentation package (gpsim-doc), the module packages (gpsim-lcd, gpsim-logic, gpsim-lcd-graphic and gpsim-logic) and the ktechlab package, which needs gpsim. Therefore, please take all of them in one round :) Cheers Steffen The package description is: Gpsim is a full-featured software simulator for Microchip PIC microcontrollers. . Gpsim has been designed to be as accurate as possible. Accuracy includes the entire PIC - from the core to the I/O pins and including ALL of the internal peripherals. Thus it's possible to create stimuli and tie them to the I/O pins and test the PIC the same PIC the same way you would in the real world. . Gpsim has been designed to be as fast as possible. Real time simulation speeds of 20Mhz PICs are possible. . Gpsim has been designed to be as useful as possible. The standard simulation paradigm including breakpoints, single stepping, disassembling, memory inspect change, have been implemented. In addition, gpsim supports many debugging features that are only available with in-circuit emulators. For example, a continuous trace buffer tracks every action of the simulator. Also, it's possible to set read and write break points on values (e.g. break if a specific value is read from or written to a register). -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Bits from the MIA team
On Sat, 8 Dec 2007 06:39:15 pm Raphael Hertzog wrote: On Sat, 08 Dec 2007, Nico Golde wrote: To make sure packages don't end up with only inactive (co-)maintainers. That could be avoided if you check that every maintainer of the package is MIA. A MIA-check is not something instantaneous. It takes several months. So it's not really possible... I still don't see a reason for a bug. An active maintainer will notice this and will fix it by himself I guess. I don't agree with this. In a team, it's difficult to notice that one member disappeared. And lack of involvement in one package doesn't mean being completely MIA. As co-maintainer I wouldn't want to remove someone if I'm not sure that he won't come back. At least use important. I actually don't care, if there is a bug or not for the issue. But I do care about the testing migration. We do have DDs, who are doing work only during the weekend (which is perfectly acceptable). So if you write an RC bug on monday, this might hold up the testing migration for a couple of days. Imagine there is a security fix waiting for migration. Do you want to keep this from migrating? Please don't make the work of the testing-security team harder ;) Cheers Steffen signature.asc Description: This is a digitally signed message part.
Re: Bits from the MIA team
On Sat, 8 Dec 2007 06:39:15 pm Raphael Hertzog wrote: On Sat, 08 Dec 2007, Nico Golde wrote: To make sure packages don't end up with only inactive (co-)maintainers. That could be avoided if you check that every maintainer of the package is MIA. A MIA-check is not something instantaneous. It takes several months. So it's not really possible... I still don't see a reason for a bug. An active maintainer will notice this and will fix it by himself I guess. I don't agree with this. In a team, it's difficult to notice that one member disappeared. And lack of involvement in one package doesn't mean being completely MIA. As co-maintainer I wouldn't want to remove someone if I'm not sure that he won't come back. At least use important. I actually don't care, if there is a bug or not for the issue. But I do care about the testing migration. We do have DDs, who are doing work only during the weekend (which is perfectly acceptable). So if you write an RC bug on monday, this might hold up the testing migration for a couple of days. Imagine there is a security fix waiting for migration. Do you want to keep this from migrating? Please don't make the work of the testing-security team harder ;) Cheers Steffen signature.asc Description: This is a digitally signed message part.
Accepted sitebar 3.3.8-12.1 (source all)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Format: 1.7 Date: Wed, 5 Dec 2007 16:58:25 +0100 Source: sitebar Binary: sitebar Architecture: source all Version: 3.3.8-12.1 Distribution: unstable Urgency: high Maintainer: Kevin Coyner [EMAIL PROTECTED] Changed-By: Steffen Joeris [EMAIL PROTECTED] Description: sitebar- A web based bookmark manager written in PHP Closes: 447135 448689 448690 Changes: sitebar (3.3.8-12.1) unstable; urgency=high . * Non-maintainer upload by the testing-security team * Fix multiple security issues in the translator module (translator.php) Fixes: CVE-2007-5491, CVE-2007-5492, CVE-2007-5693, CVE-2007-5694 (Closes: #447135) * Fix possible redirect to other websites via the forward parameter in command.php Fixes: CVE-2007-5695 (Closes: #448690) * Fix multiple XSS by adding more checks for certain parameters Fixes: CVE-2007-5692 (Closes: #448689) Files: 748cfcd112066e3be32be59d1f0a5b06 578 web optional sitebar_3.3.8-12.1.dsc 2ae7e1e0872a2c03a9591a17ebacb2b6 24525 web optional sitebar_3.3.8-12.1.diff.gz 9fc4fac487e1a606acc118278999c5c4 711326 web optional sitebar_3.3.8-12.1_all.deb -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.6 (GNU/Linux) iD8DBQFHVs0v62zWxYk/rQcRAvZTAJ9OaKc4rEoJjp0+T99gCQkSKIFobwCguKg3 MtLPpxMxPzy4WanF4/h4fK8= =pHG5 -END PGP SIGNATURE- Accepted: sitebar_3.3.8-12.1.diff.gz to pool/main/s/sitebar/sitebar_3.3.8-12.1.diff.gz sitebar_3.3.8-12.1.dsc to pool/main/s/sitebar/sitebar_3.3.8-12.1.dsc sitebar_3.3.8-12.1_all.deb to pool/main/s/sitebar/sitebar_3.3.8-12.1_all.deb -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Accepted htdig 1:3.2.0b6-4 (source i386 all)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Format: 1.7 Date: Sun, 02 Dec 2007 08:21:04 + Source: htdig Binary: htdig htdig-doc Architecture: source i386 all Version: 1:3.2.0b6-4 Distribution: unstable Urgency: high Maintainer: Debian QA Group [EMAIL PROTECTED] Changed-By: Steffen Joeris [EMAIL PROTECTED] Description: htdig - WWW search system for an intranet or small internet htdig-doc - Documentation for the htdig package Closes: 453278 Changes: htdig (1:3.2.0b6-4) unstable; urgency=high . * QA upload by the testing-security team * Fix XSS in htsearch by not displaying the sort type in htsearch/Display.cc and libhtdig/ResultFetch.cc anymore, if it is unrecognised (Closes: #453278) Thanks to William Grant Fixes: CVE-2007-6110 Files: 51203989aa308590710757d0d8c6a998 602 web optional htdig_3.2.0b6-4.dsc 9a4df1dc1ebf2207a133ac945429bdc6 86277 web optional htdig_3.2.0b6-4.diff.gz dd6480852932d671cbc6cdd7c553267e 528280 doc optional htdig-doc_3.2.0b6-4_all.deb 702ffd38a3ca1964f8a3e3e4db1a5e00 1874888 web optional htdig_3.2.0b6-4_i386.deb -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.6 (GNU/Linux) iD8DBQFHUn/Z62zWxYk/rQcRArf0AKC2W55omBZrgteLAY4dH6pehHoN9ACfeL8k pXutxnJUQbcnV5AiwAVdHLo= =Dmoy -END PGP SIGNATURE- Accepted: htdig-doc_3.2.0b6-4_all.deb to pool/main/h/htdig/htdig-doc_3.2.0b6-4_all.deb htdig_3.2.0b6-4.diff.gz to pool/main/h/htdig/htdig_3.2.0b6-4.diff.gz htdig_3.2.0b6-4.dsc to pool/main/h/htdig/htdig_3.2.0b6-4.dsc htdig_3.2.0b6-4_i386.deb to pool/main/h/htdig/htdig_3.2.0b6-4_i386.deb -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Accepted xscreensaver 5.03-3.1 (source amd64)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Format: 1.7 Date: Fri, 16 Nov 2007 15:04:15 +1100 Source: xscreensaver Binary: xscreensaver xscreensaver-gl Architecture: source amd64 Version: 5.03-3.1 Distribution: unstable Urgency: high Maintainer: Jose Luis Rivas [EMAIL PROTECTED] Changed-By: Steffen Joeris [EMAIL PROTECTED] Description: xscreensaver - Automatic screensaver for X xscreensaver-gl - GL(Mesa) screen hacks for xscreensaver Closes: 448157 Changes: xscreensaver (5.03-3.1) unstable; urgency=high . * Non-maintainer upload by the testing-security team * Include upstream patch to fix crash with gl screensavers, which leads to an authentication bypass (Closes: #448157) Fixes: CVE-2007-5585 Files: d3f692984670185155d97ef608678b23 1075 x11 optional xscreensaver_5.03-3.1.dsc 6ede3fe549343ae5e4a44db40fe1e0ea 189655 x11 optional xscreensaver_5.03-3.1.diff.gz 01f203b9abe72e94ce05c5e57d0915af 4432920 x11 optional xscreensaver_5.03-3.1_amd64.deb 6a715c86e57b6accf06f6de769e756aa 3877190 x11 optional xscreensaver-gl_5.03-3.1_amd64.deb -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.6 (GNU/Linux) iD8DBQFHPRjw62zWxYk/rQcRAqDXAKCBJT3vJRZ/FYFGkZYPH3YFU1FTbQCfT/fo CKz7BleTznoWO82P+7iofI4= =40Dw -END PGP SIGNATURE- Accepted: xscreensaver-gl_5.03-3.1_amd64.deb to pool/main/x/xscreensaver/xscreensaver-gl_5.03-3.1_amd64.deb xscreensaver_5.03-3.1.diff.gz to pool/main/x/xscreensaver/xscreensaver_5.03-3.1.diff.gz xscreensaver_5.03-3.1.dsc to pool/main/x/xscreensaver/xscreensaver_5.03-3.1.dsc xscreensaver_5.03-3.1_amd64.deb to pool/main/x/xscreensaver/xscreensaver_5.03-3.1_amd64.deb -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Accepted nagios2 2.9-1.1 (source i386 all)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Format: 1.7 Date: Tue, 30 Oct 2007 00:56:46 + Source: nagios2 Binary: nagios2-doc nagios2-common nagios2-dbg nagios2 Architecture: source i386 all Version: 2.9-1.1 Distribution: unstable Urgency: high Maintainer: Debian Nagios Maintainer Group [EMAIL PROTECTED] Changed-By: Steffen Joeris [EMAIL PROTECTED] Description: nagios2- A host/service/network monitoring and management system nagios2-common - support files for nagios2 nagios2-dbg - debugging symbols for nagios2 nagios2-doc - documentation for nagios2 Closes: 448371 Changes: nagios2 (2.9-1.1) unstable; urgency=high . * Non-maintainer upload by the testing-security team * Fix potential cross-site scripting in the CGIs (Closes: #448371) Fixes: CVE-2007-5624 Files: 2bdd8224715c662b495f33a2138c4404 931 net optional nagios2_2.9-1.1.dsc 13ab767e3ee94da606dd78c9245d45bc 30350 net optional nagios2_2.9-1.1.diff.gz 528e75c2ad074a9e8ee1395df9d28ce5 983144 net optional nagios2_2.9-1.1_i386.deb 3dedf30c294fd5fe28ef85cabf07c7a8 1583434 net extra nagios2-dbg_2.9-1.1_i386.deb d5effa8ac8826fce7fd8e149e9fbe0e3 61252 net optional nagios2-common_2.9-1.1_all.deb a71d6e2cfae08c8f34a1f86354864bc4 1148886 doc optional nagios2-doc_2.9-1.1_all.deb -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.6 (GNU/Linux) iD8DBQFHJoW362zWxYk/rQcRAlvYAJ9Yl4tiGdR3hTtygRpjGSggGGsSBQCeOC7T qIIdfcmCTHZAP5ST02LfQGI= =f3sW -END PGP SIGNATURE- Accepted: nagios2-common_2.9-1.1_all.deb to pool/main/n/nagios2/nagios2-common_2.9-1.1_all.deb nagios2-dbg_2.9-1.1_i386.deb to pool/main/n/nagios2/nagios2-dbg_2.9-1.1_i386.deb nagios2-doc_2.9-1.1_all.deb to pool/main/n/nagios2/nagios2-doc_2.9-1.1_all.deb nagios2_2.9-1.1.diff.gz to pool/main/n/nagios2/nagios2_2.9-1.1.diff.gz nagios2_2.9-1.1.dsc to pool/main/n/nagios2/nagios2_2.9-1.1.dsc nagios2_2.9-1.1_i386.deb to pool/main/n/nagios2/nagios2_2.9-1.1_i386.deb -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Accepted moin 1.5.8-4.1 (source all)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Format: 1.7 Date: Sun, 21 Oct 2007 14:43:37 + Source: moin Binary: moinmoin-common python-moinmoin Architecture: source all Version: 1.5.8-4.1 Distribution: unstable Urgency: high Maintainer: Jonas Smedegaard [EMAIL PROTECTED] Changed-By: Steffen Joeris [EMAIL PROTECTED] Description: moinmoin-common - Python clone of WikiWiki - common data python-moinmoin - Python clone of WikiWiki - library Closes: 429205 Changes: moin (1.5.8-4.1) unstable; urgency=high . * Non-maintainer upload by the testing-security team * Include upstream patch to enable whitelisting, instead of insufficient blacklisting for file uploads (Closes: #429205) Fixes: CVE-2007-5156, CVE-2007-3163, CVE-2007-2630, CVE-2006-0658 Files: 1c6db8f4bdf80fcb0d125c68f8a8e645 879 net optional moin_1.5.8-4.1.dsc a12006d2160bf027ee79795f392ec462 54930 net optional moin_1.5.8-4.1.diff.gz 8e833bd06f5b19f06b5dd9bd7cdbb280 1661878 net optional moinmoin-common_1.5.8-4.1_all.deb 3f66cdb46a8645b51f5c032b69827bfb 1016818 python optional python-moinmoin_1.5.8-4.1_all.deb -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.6 (GNU/Linux) iD8DBQFHG2qA62zWxYk/rQcRAmPNAJ0fGwetdd9HEuSPzsOKeIsQNPvrNACfe/A0 54GORHcUz3skRDXVwxgiBtA= =//2z -END PGP SIGNATURE- Accepted: moin_1.5.8-4.1.diff.gz to pool/main/m/moin/moin_1.5.8-4.1.diff.gz moin_1.5.8-4.1.dsc to pool/main/m/moin/moin_1.5.8-4.1.dsc moinmoin-common_1.5.8-4.1_all.deb to pool/main/m/moin/moinmoin-common_1.5.8-4.1_all.deb python-moinmoin_1.5.8-4.1_all.deb to pool/main/m/moin/python-moinmoin_1.5.8-4.1_all.deb -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Accepted foo2zjs 20070718dfsg-5 (source amd64)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Format: 1.7 Date: Sun, 07 Oct 2007 17:13:46 +1000 Source: foo2zjs Binary: foo2zjs hannah-foo2zjs Architecture: source amd64 Version: 20070718dfsg-5 Distribution: experimental Urgency: low Maintainer: Debian Foo2zjs Maintainers [EMAIL PROTECTED] Changed-By: Steffen Joeris [EMAIL PROTECTED] Description: foo2zjs- Support for printing to ZjStream-based printers hannah-foo2zjs - Graphical firmware downloader for the foo2zjs package Changes: foo2zjs (20070718dfsg-5) experimental; urgency=low . * Change name of package hannah to hannah-foo2zjs to make it more related to foo2zjs (and because there is already a package in the archive called hannah) - Also rename the binary to hannah-foo2zjs and its references Files: a17cd6277fec70aa5996d1b022d8b5cb 807 text optional foo2zjs_20070718dfsg-5.dsc 136982cb7fbe259ceaf5bf1ec26bcaae 24202 text optional foo2zjs_20070718dfsg-5.diff.gz f8672c5ec4c3313549ab47352dc75655 1075712 text optional foo2zjs_20070718dfsg-5_amd64.deb 7bb910566e57b76bc2d026769a7d7c91 33470 text optional hannah-foo2zjs_20070718dfsg-5_amd64.deb -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.6 (GNU/Linux) iD8DBQFHEEjU62zWxYk/rQcRAs6lAJ4rDY9lbXzciKBRUGahSJqKncQlxQCgrmA0 HFjUfSpVxGjQGopii1ptAkQ= =ogDt -END PGP SIGNATURE- Accepted: foo2zjs_20070718dfsg-5.diff.gz to pool/main/f/foo2zjs/foo2zjs_20070718dfsg-5.diff.gz foo2zjs_20070718dfsg-5.dsc to pool/main/f/foo2zjs/foo2zjs_20070718dfsg-5.dsc foo2zjs_20070718dfsg-5_amd64.deb to pool/main/f/foo2zjs/foo2zjs_20070718dfsg-5_amd64.deb hannah-foo2zjs_20070718dfsg-5_amd64.deb to pool/main/f/foo2zjs/hannah-foo2zjs_20070718dfsg-5_amd64.deb -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Accepted nagios-plugins 1.4.8-2.1 (source i386 all)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Format: 1.7 Date: Sun, 14 Oct 2007 10:36:01 + Source: nagios-plugins Binary: nagios-plugins nagios-plugins-basic nagios-plugins-standard Architecture: source i386 all Version: 1.4.8-2.1 Distribution: unstable Urgency: high Maintainer: Debian Nagios Maintainer Group [EMAIL PROTECTED] Changed-By: Steffen Joeris [EMAIL PROTECTED] Description: nagios-plugins - Plugins for the nagios network monitoring and management system nagios-plugins-basic - Plugins for the nagios network monitoring and management system nagios-plugins-standard - Plugins for the nagios network monitoring and management system Closes: 445475 Changes: nagios-plugins (1.4.8-2.1) unstable; urgency=high . * Non-maintainer upload by the testing-security team * Include CVS patch to fix buffer overflow in redir function in check_http.c, which was caused by parsing HTTP redirect strings using sscanf (Closes: #445475) Fixes: CVE-2007-5198 * Include fix for off-by-one error and a NULL pointer, which leads to a segfault Files: 85b551c67b864cf8ffd47accba11ccad 1027 net extra nagios-plugins_1.4.8-2.1.dsc 51a3aa7172fa9525369f21acc88a2099 24577 net extra nagios-plugins_1.4.8-2.1.diff.gz cec440ca48754ea3fe27e1195770d350 89630 net extra nagios-plugins_1.4.8-2.1_all.deb 024c4ec93e24316f55f8fa6db0e1ea9b 343712 net extra nagios-plugins-basic_1.4.8-2.1_i386.deb c027bc936f38a0facd7e283a4ac96760 193242 net extra nagios-plugins-standard_1.4.8-2.1_i386.deb -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.6 (GNU/Linux) iD8DBQFHEfWV62zWxYk/rQcRAm3CAJwJrVfrTgM1z3ZP2+/r/+Cc8DCB7wCfU21/ 1mzVVFlejsIciYeKS3WlJJk= =+GSl -END PGP SIGNATURE- Accepted: nagios-plugins-basic_1.4.8-2.1_i386.deb to pool/main/n/nagios-plugins/nagios-plugins-basic_1.4.8-2.1_i386.deb nagios-plugins-standard_1.4.8-2.1_i386.deb to pool/main/n/nagios-plugins/nagios-plugins-standard_1.4.8-2.1_i386.deb nagios-plugins_1.4.8-2.1.diff.gz to pool/main/n/nagios-plugins/nagios-plugins_1.4.8-2.1.diff.gz nagios-plugins_1.4.8-2.1.dsc to pool/main/n/nagios-plugins/nagios-plugins_1.4.8-2.1.dsc nagios-plugins_1.4.8-2.1_all.deb to pool/main/n/nagios-plugins/nagios-plugins_1.4.8-2.1_all.deb -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Accepted knowledgeroot 0.9.8.4-1.1 (source all)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Format: 1.7 Date: Sun, 14 Oct 2007 13:07:02 + Source: knowledgeroot Binary: knowledgeroot Architecture: source all Version: 0.9.8.4-1.1 Distribution: unstable Urgency: high Maintainer: Frank Habermann [EMAIL PROTECTED] Changed-By: Steffen Joeris [EMAIL PROTECTED] Description: knowledgeroot - web-based knowledgebase system Closes: 444928 Changes: knowledgeroot (0.9.8.4-1.1) unstable; urgency=high . * Non-maintainer upload by the testing-security team * Changed FCKeditor blacklists to whitelists in order to make sure that remote attackers cannot upload arbitrary PHP code via a file whose name contains unknown extensions (Closes: #444928) Fixes: CVE-2007-5156 Files: b5b2dce118842e01e154a824779576a5 599 web optional knowledgeroot_0.9.8.4-1.1.dsc c0dd552cd01480fe09b2fb35010bcbb4 6574 web optional knowledgeroot_0.9.8.4-1.1.diff.gz 2fd0daaaf7406f11c1a4c663c0687af2 1249104 web optional knowledgeroot_0.9.8.4-1.1_all.deb -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.6 (GNU/Linux) iD8DBQFHEhd162zWxYk/rQcRAiaUAKCdgJkn60nJAb/fdhDUN7Cmn0SYbgCePWAw Ddiy8651p4aem6SbM1ZRZqA= =oC8w -END PGP SIGNATURE- Accepted: knowledgeroot_0.9.8.4-1.1.diff.gz to pool/main/k/knowledgeroot/knowledgeroot_0.9.8.4-1.1.diff.gz knowledgeroot_0.9.8.4-1.1.dsc to pool/main/k/knowledgeroot/knowledgeroot_0.9.8.4-1.1.dsc knowledgeroot_0.9.8.4-1.1_all.deb to pool/main/k/knowledgeroot/knowledgeroot_0.9.8.4-1.1_all.deb -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Packages looking for a new home (RFAs)
Hi folks Unfortunately, I have to admit that I can not give all my packages the best care anymore. My spare time is limited and a lot is already used for other debian stuff. I will try to keep up with the other packages and see how that goes. If I find out that they are better off without me, I will write the appropriate RFAs later. For now, I ask, if someone is willing to take care of one (or more) of these packages: xoscope: digital oscilloscope #446445 k3dsurf: tool for mathematical surfaces #446446 kalgebra: calculator based on MathML language #446447 qliss3d: demonstration tool for Lissajous figures #446448 dc-qt: GUI frontend for the dc protocol #446449 Take good care of them :) Cheers Steffen signature.asc Description: This is a digitally signed message part.
Accepted dircproxy 1.0.5-5.1 (source i386)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Format: 1.7 Date: Tue, 09 Oct 2007 07:36:49 + Source: dircproxy Binary: dircproxy Architecture: source i386 Version: 1.0.5-5.1 Distribution: unstable Urgency: high Maintainer: Alex Pennace [EMAIL PROTECTED] Changed-By: Steffen Joeris [EMAIL PROTECTED] Description: dircproxy - IRC proxy for people who use IRC from different workstations Closes: 445883 Changes: dircproxy (1.0.5-5.1) unstable; urgency=high . * Non-maintainer upload by the testing-security team * Backport upstream patch to fix a NULL pointer reference, which can lead to a DoS (Closes: #445883) Fixes: CVE-2007-5226 Files: 25b170bba4d32548179d2614b617b950 572 net optional dircproxy_1.0.5-5.1.dsc b8887104091b64b7a02fd0e56e4f4248 14619 net optional dircproxy_1.0.5-5.1.diff.gz be66ed9d95c1b1a9d0670269f00fd503 117210 net optional dircproxy_1.0.5-5.1_i386.deb -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.6 (GNU/Linux) iD8DBQFHC0th62zWxYk/rQcRAoG7AJsGiI1KRhqBXWYxCwNY2KRD6iwKwgCfaHj7 33yIS7JxYGgKpAJq2cw0/c8= =2dEe -END PGP SIGNATURE- Accepted: dircproxy_1.0.5-5.1.diff.gz to pool/main/d/dircproxy/dircproxy_1.0.5-5.1.diff.gz dircproxy_1.0.5-5.1.dsc to pool/main/d/dircproxy/dircproxy_1.0.5-5.1.dsc dircproxy_1.0.5-5.1_i386.deb to pool/main/d/dircproxy/dircproxy_1.0.5-5.1_i386.deb -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Accepted marble 0.4.3-2 (source all amd64)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Format: 1.7 Date: Sun, 07 Oct 2007 16:45:17 +1000 Source: marble Binary: marble marble-data Architecture: source amd64 all Version: 0.4.3-2 Distribution: unstable Urgency: medium Maintainer: Steffen Joeris [EMAIL PROTECTED] Changed-By: Steffen Joeris [EMAIL PROTECTED] Description: marble - generic geographical map widget marble-data - data files for Marble Changes: marble (0.4.3-2) unstable; urgency=medium . * Remove gpsd as a build-depends and deactivate the gps support, because gpsd won't make it into testing for quite some time and marble should go into testing now Files: 39a9c0c8e886e39e3a60854a8bac7a0d 595 misc optional marble_0.4.3-2.dsc ad30bcc8e9fa21a0b3d36742bd9e8129 124377 misc optional marble_0.4.3-2.diff.gz aaa89660c2b6a1944c54d69d4eeebf84 9684196 misc optional marble-data_0.4.3-2_all.deb 3c74e8db32e325153df70c26e3d74547 413848 misc optional marble_0.4.3-2_amd64.deb -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.6 (GNU/Linux) iD8DBQFHCIN862zWxYk/rQcRAmjMAJ9Px1YeK1PVvmH0f7ehldAuwqy+qQCfZ0o3 Uh4JaAmTOa2BF0UgIQCk+4Q= =JU/x -END PGP SIGNATURE- Accepted: marble-data_0.4.3-2_all.deb to pool/main/m/marble/marble-data_0.4.3-2_all.deb marble_0.4.3-2.diff.gz to pool/main/m/marble/marble_0.4.3-2.diff.gz marble_0.4.3-2.dsc to pool/main/m/marble/marble_0.4.3-2.dsc marble_0.4.3-2_amd64.deb to pool/main/m/marble/marble_0.4.3-2_amd64.deb -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Accepted foo2zjs 20070718dfsg-3 (source amd64)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Format: 1.7 Date: Sun, 30 Sep 2007 18:10:33 +1000 Source: foo2zjs Binary: foo2zjs Architecture: source amd64 Version: 20070718dfsg-3 Distribution: experimental Urgency: low Maintainer: Debian Foo2zjs Maintainers [EMAIL PROTECTED] Changed-By: Steffen Joeris [EMAIL PROTECTED] Description: foo2zjs- Support for printing to ZjStream-based printers Closes: 443917 443994 Changes: foo2zjs (20070718dfsg-3) experimental; urgency=low . * Include first version of Hannah (GUI for downloading and installing the printer firmware) (Closes: #443994) - Add Hannah code to debian/hannah/* - Modify debian/rules to build hannah from source - Add build-depends against libqt4-dev - Generate the standard directory for .desktop files in debian/dirs - Install hannah.desktop into the standard desktop directory - Update README.Debian to point to Hannah - Renamed dpatch to 60-getweb.in.dpatch and adjusted it to match for Hannah - Use tmp file under /usr/share/foo2zjs/tmp for unpacking and preparing downloaded firmware - Add a depends against kdebase-bin | gksu to use either of both programs to become root, when calling hannah * Fix breaking line in 11-hplj10xx.rules to repair it (Closes: #443917) Thanks to Cristian Ionescu-Idbohrn for the patch Files: 7968a69b3a6d4c725e535a472303592d 791 text optional foo2zjs_20070718dfsg-3.dsc d068f363803efdca033c6eb29a7b6c08 23887 text optional foo2zjs_20070718dfsg-3.diff.gz 1dbd82d583894fbbdbfa64d5cadce53a 1093726 text optional foo2zjs_20070718dfsg-3_amd64.deb -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.6 (GNU/Linux) iD8DBQFG/1ss62zWxYk/rQcRAtORAJ0bXqQ2w3WuEfK3GG93I3uqQ0766gCfSPIW +8us+rneTs0IKz8zfSMjd5A= =PyZf -END PGP SIGNATURE- Accepted: foo2zjs_20070718dfsg-3.diff.gz to pool/main/f/foo2zjs/foo2zjs_20070718dfsg-3.diff.gz foo2zjs_20070718dfsg-3.dsc to pool/main/f/foo2zjs/foo2zjs_20070718dfsg-3.dsc foo2zjs_20070718dfsg-3_amd64.deb to pool/main/f/foo2zjs/foo2zjs_20070718dfsg-3_amd64.deb -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Accepted scponly 4.6-1.1 (source i386)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Format: 1.7 Date: Tue, 25 Sep 2007 10:06:31 + Source: scponly Binary: scponly Architecture: source i386 Version: 4.6-1.1 Distribution: unstable Urgency: high Maintainer: Thomas Wana [EMAIL PROTECTED] Changed-By: Steffen Joeris [EMAIL PROTECTED] Description: scponly- Restricts the commands available to scp- and sftp-users Closes: 437148 Changes: scponly (4.6-1.1) unstable; urgency=high . * Non-maintainer upload by the testing-security team * Disable unison, rsync and svn usability, because all three could be exploited. (Closes: #437148) - The maintainer is working on splitting the packages and providing a binary package, which enables these features, but warns about them and one, which is safe and has them disabled, like this Files: cbc36940db279059d177f6fcef59ecec 592 utils optional scponly_4.6-1.1.dsc e5c1efbf4f95143271b5259d6a3765f2 28435 utils optional scponly_4.6-1.1.diff.gz f8e48b6b8bb8066570ce13eec06647a7 33012 utils optional scponly_4.6-1.1_i386.deb -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.6 (GNU/Linux) iD8DBQFG+OKK62zWxYk/rQcRAs3JAJsEcXcVgHSn2YQXjkdRnwZq0zk2DACgqtLr QPFLwPP1jhLEjtQLfqDAnjA= =ePCh -END PGP SIGNATURE- Accepted: scponly_4.6-1.1.diff.gz to pool/main/s/scponly/scponly_4.6-1.1.diff.gz scponly_4.6-1.1.dsc to pool/main/s/scponly/scponly_4.6-1.1.dsc scponly_4.6-1.1_i386.deb to pool/main/s/scponly/scponly_4.6-1.1_i386.deb -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Accepted gpsim 0.22.0-3 (source amd64)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Format: 1.7 Date: Wed, 19 Sep 2007 21:08:17 +1000 Source: gpsim Binary: gpsim gpsim-dev Architecture: source amd64 Version: 0.22.0-3 Distribution: unstable Urgency: medium Maintainer: Steffen Joeris [EMAIL PROTECTED] Changed-By: Steffen Joeris [EMAIL PROTECTED] Description: gpsim - Simulator for Microchip's PIC microcontrollers gpsim-dev - Libraries needed only for building gpsim components Closes: 442106 Changes: gpsim (0.22.0-3) unstable; urgency=medium . * Add build-depends against libopts25-dev to avoid FTBFS (Closes: #442106) * Remove exdbm as build-depends, because the package will be removed from Debian and gpsim still has an own copy of it Files: 275f6cb9e18f4f7c0529bef706fec06d 748 electronics optional gpsim_0.22.0-3.dsc dab1210f3d74ee6cadb2a26fa7e3f944 23516 electronics optional gpsim_0.22.0-3.diff.gz 43b2942b88eeb4f7f33fb318d831bb65 1172164 electronics optional gpsim_0.22.0-3_amd64.deb fc16b9541ead8e675a0874e01a6f5bc6 186216 devel optional gpsim-dev_0.22.0-3_amd64.deb -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.6 (GNU/Linux) iD8DBQFG8R0i62zWxYk/rQcRAqKMAKChi9UR0PGsTsGpPfWpcVC8awRoLACgzHWs X0qFbWf7kqM0VN2jY343b24= =HQSY -END PGP SIGNATURE- Accepted: gpsim-dev_0.22.0-3_amd64.deb to pool/main/g/gpsim/gpsim-dev_0.22.0-3_amd64.deb gpsim_0.22.0-3.diff.gz to pool/main/g/gpsim/gpsim_0.22.0-3.diff.gz gpsim_0.22.0-3.dsc to pool/main/g/gpsim/gpsim_0.22.0-3.dsc gpsim_0.22.0-3_amd64.deb to pool/main/g/gpsim/gpsim_0.22.0-3_amd64.deb -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Accepted ktechlab 0.3-8 (source amd64)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Format: 1.7 Date: Wed, 19 Sep 2007 22:29:06 +1000 Source: ktechlab Binary: ktechlab Architecture: source amd64 Version: 0.3-8 Distribution: unstable Urgency: medium Maintainer: Steffen Joeris [EMAIL PROTECTED] Changed-By: Steffen Joeris [EMAIL PROTECTED] Description: ktechlab - circuit simulator for microcontrollers and electronics Closes: 441480 Changes: ktechlab (0.3-8) unstable; urgency=medium . * Add libpopt-dev as build-depends to avoid FTBFS (Closes: #441480) * Remove two rpaths from the binaries and add chrpath to build-depends * Change Apps to Applications in menu file to follow new format Files: 2ba46ab132a18df40aaa2f44c2b38cb2 706 kde optional ktechlab_0.3-8.dsc 971fa394bf5ae5ee602b268ea2c36936 6255 kde optional ktechlab_0.3-8.diff.gz fff8f89afcecfd81a59ee5d1419b1f27 1618696 kde optional ktechlab_0.3-8_amd64.deb -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.6 (GNU/Linux) iD8DBQFG8SsL62zWxYk/rQcRAmJJAJ4sEVrnGE1mNs9zGt6Sd/H9zFRZCACeO8/Y h0L8L1DO1XK6VVTse/IqP/A= =36Ka -END PGP SIGNATURE- Accepted: ktechlab_0.3-8.diff.gz to pool/main/k/ktechlab/ktechlab_0.3-8.diff.gz ktechlab_0.3-8.dsc to pool/main/k/ktechlab/ktechlab_0.3-8.dsc ktechlab_0.3-8_amd64.deb to pool/main/k/ktechlab/ktechlab_0.3-8_amd64.deb -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Accepted gpsim 0.22.0-4 (source i386)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Format: 1.7 Date: Wed, 19 Sep 2007 13:31:36 + Source: gpsim Binary: gpsim gpsim-dev Architecture: source i386 Version: 0.22.0-4 Distribution: unstable Urgency: medium Maintainer: Steffen Joeris [EMAIL PROTECTED] Changed-By: Steffen Joeris [EMAIL PROTECTED] Description: gpsim - Simulator for Microchip's PIC microcontrollers gpsim-dev - Libraries needed only for building gpsim components Closes: 442106 Changes: gpsim (0.22.0-4) unstable; urgency=medium . * Correct last upload and remove libopts25-dev from build-depends and add libpopt-dev as a gpsim-dev dependency (Closes: #442106) Files: 8cdf6880c635f030eb57b6aa28799fdd 733 electronics optional gpsim_0.22.0-4.dsc 16949d805b1de905ba3b0303b5d52c92 23190 electronics optional gpsim_0.22.0-4.diff.gz 5dcfea28a6d0337dcc2f1b968d5ff734 1135386 electronics optional gpsim_0.22.0-4_i386.deb c18570b141e0f4adc454595b6a104440 187128 devel optional gpsim-dev_0.22.0-4_i386.deb -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.6 (GNU/Linux) iD8DBQFG8S/q62zWxYk/rQcRAgMGAJ4ghjSKPaMWbqNR77JNO7Ip64I5LQCfY5L6 +EMgDOqxc1R7ip+MK+co30M= =A80r -END PGP SIGNATURE- Accepted: gpsim-dev_0.22.0-4_i386.deb to pool/main/g/gpsim/gpsim-dev_0.22.0-4_i386.deb gpsim_0.22.0-4.diff.gz to pool/main/g/gpsim/gpsim_0.22.0-4.diff.gz gpsim_0.22.0-4.dsc to pool/main/g/gpsim/gpsim_0.22.0-4.dsc gpsim_0.22.0-4_i386.deb to pool/main/g/gpsim/gpsim_0.22.0-4_i386.deb -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Accepted score-reading-trainer 0.1.4-1 (source amd64)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Format: 1.7 Date: Thu, 20 Sep 2007 00:48:43 +1000 Source: score-reading-trainer Binary: score-reading-trainer Architecture: source amd64 Version: 0.1.4-1 Distribution: unstable Urgency: low Maintainer: Steffen Joeris [EMAIL PROTECTED] Changed-By: Steffen Joeris [EMAIL PROTECTED] Description: score-reading-trainer - trainer for reading music notes Closes: 440988 Changes: score-reading-trainer (0.1.4-1) unstable; urgency=low . * New upstream version (Closes: #440988) * Remove 01-extra-line.patch, because it went upstream * Remove use of simple-patchsys, because there are no patches needed * Change Apps to Applications in debian/score-reading-trainer.menu file to match new standard Files: 5a8713b7d13fa9778139a9d79a6389e5 682 kde optional score-reading-trainer_0.1.4-1.dsc 112bf097837b0e12eaed76999534a7f8 2120201 kde optional score-reading-trainer_0.1.4.orig.tar.gz a8c29a20b94564a3941c650ad780dcd0 8231 kde optional score-reading-trainer_0.1.4-1.diff.gz d9646c187272f94969bcd57d2004a6dd 132748 kde optional score-reading-trainer_0.1.4-1_amd64.deb -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.6 (GNU/Linux) iD8DBQFG8T2762zWxYk/rQcRAkHFAKCpY3NAeJ2zsnoGubTMveJPjaExzQCdHoPf h+bsLi20PmLszTJ8LTTyib4= =BD3q -END PGP SIGNATURE- Accepted: score-reading-trainer_0.1.4-1.diff.gz to pool/main/s/score-reading-trainer/score-reading-trainer_0.1.4-1.diff.gz score-reading-trainer_0.1.4-1.dsc to pool/main/s/score-reading-trainer/score-reading-trainer_0.1.4-1.dsc score-reading-trainer_0.1.4-1_amd64.deb to pool/main/s/score-reading-trainer/score-reading-trainer_0.1.4-1_amd64.deb score-reading-trainer_0.1.4.orig.tar.gz to pool/main/s/score-reading-trainer/score-reading-trainer_0.1.4.orig.tar.gz -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Accepted websvn 1.61-22.2 (source all)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Format: 1.7 Date: Tue, 4 Sep 2007 09:42:32 +0200 Source: websvn Binary: websvn Architecture: source all Version: 1.61-22.2 Distribution: unstable Urgency: high Maintainer: Pierre Chifflier [EMAIL PROTECTED] Changed-By: Steffen Joeris [EMAIL PROTECTED] Description: websvn - interface for subversion repositories written in PHP Closes: 439337 Changes: websvn (1.61-22.2) unstable; urgency=high . * Non-maintainer upload by the testing-security team * Include CVE-2007-3056.diff to fix Cross-site scripting (XSS) vulnerability in filedetails.php (Closes: #439337) Fixes: CVE-2007-3056 Files: a668cff6ad12c8654bed3620894c1b31 604 devel optional websvn_1.61-22.2.dsc 30037ad92dcdd96d36be627b11e4d2c6 22944 devel optional websvn_1.61-22.2.diff.gz f19a2aba6536d23f79d7737d1fe27f97 106132 devel optional websvn_1.61-22.2_all.deb -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.6 (GNU/Linux) iD8DBQFG3Q9C62zWxYk/rQcRAkmHAKCeZi5lw9cZw+GaDO+JIBLRWC3ptACeIhS4 IurmrN2S+hKrJFh1T4/jfHA= =5/69 -END PGP SIGNATURE- Accepted: websvn_1.61-22.2.diff.gz to pool/main/w/websvn/websvn_1.61-22.2.diff.gz websvn_1.61-22.2.dsc to pool/main/w/websvn/websvn_1.61-22.2.dsc websvn_1.61-22.2_all.deb to pool/main/w/websvn/websvn_1.61-22.2_all.deb -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Accepted bugzilla 2.22.1-2.2 (source all)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Format: 1.7 Date: Sat, 1 Sep 2007 06:37:21 +0200 Source: bugzilla Binary: bugzilla bugzilla-doc Architecture: source all Version: 2.22.1-2.2 Distribution: unstable Urgency: high Maintainer: Debian Webapps Team [EMAIL PROTECTED] Changed-By: Steffen Joeris [EMAIL PROTECTED] Description: bugzilla - web-based bug tracking system bugzilla-doc - comprehensive guide to Bugzilla Closes: 440106 Changes: bugzilla (2.22.1-2.2) unstable; urgency=high . * Non-maintainer upload by the testing-security team * Upload with the permission of the maintainer * Include CVE-2007-4543.dpatch to fix vulnerability to prevent injection of arbitary code in enter_bug.cgi (Closes: #440106) Fixes: CVE-2007-4543 Files: fd21943536c624890284f1acf6b22fa3 776 web optional bugzilla_2.22.1-2.2.dsc 41894921e9d011ada6ee71880b20733f 68661 web optional bugzilla_2.22.1-2.2.diff.gz f1930bea5d5227fbdb248f6dfcf54a78 827058 web optional bugzilla_2.22.1-2.2_all.deb f2a6eb68de96a8458c58af14bd8196d8 615370 doc optional bugzilla-doc_2.22.1-2.2_all.deb -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.6 (GNU/Linux) iD8DBQFG2O+e62zWxYk/rQcRAhmwAKCh+bTvgBWvW+uyU56WE/jsIA0eoQCgwXZS 2IoYk8KPEIoPyQbdaiqug0s= =Z0jx -END PGP SIGNATURE- Accepted: bugzilla-doc_2.22.1-2.2_all.deb to pool/main/b/bugzilla/bugzilla-doc_2.22.1-2.2_all.deb bugzilla_2.22.1-2.2.diff.gz to pool/main/b/bugzilla/bugzilla_2.22.1-2.2.diff.gz bugzilla_2.22.1-2.2.dsc to pool/main/b/bugzilla/bugzilla_2.22.1-2.2.dsc bugzilla_2.22.1-2.2_all.deb to pool/main/b/bugzilla/bugzilla_2.22.1-2.2_all.deb -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Accepted marble 0.4.3-1 (source all amd64)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Format: 1.7 Date: Thu, 30 Aug 2007 21:13:23 +1000 Source: marble Binary: marble marble-data Architecture: source amd64 all Version: 0.4.3-1 Distribution: unstable Urgency: low Maintainer: Steffen Joeris [EMAIL PROTECTED] Changed-By: Steffen Joeris [EMAIL PROTECTED] Description: marble - generic geographical map widget marble-data - data files for Marble Changes: marble (0.4.3-1) unstable; urgency=low . * New upstream release - Drop cmake_path.patch, because upstream modified build system - Use new -DMARBLE_DATA_INSTALL_PATH and -DMARBLE_DATA_PATH from upstream build system - Modify debian/rules to make sure that the extra LICENSE file is not installed (it is covered by debian/copyright) Files: 31e9d369c777e76fcd0138ea8c0ba045 601 misc optional marble_0.4.3-1.dsc 001fc646deea7aaf036edae26872df7a 11594790 misc optional marble_0.4.3.orig.tar.gz 63633951da1786e5673eeedf5606ca4c 124261 misc optional marble_0.4.3-1.diff.gz d430c7c1d89a18d7a35082446fea6f11 9683852 misc optional marble-data_0.4.3-1_all.deb e6208a27e61ef233c48b3f42e5b891ff 413004 misc optional marble_0.4.3-1_amd64.deb -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.6 (GNU/Linux) iD8DBQFG1qj762zWxYk/rQcRArvpAJ9pWrNIMXGVR8Qmqcs1ZNqtvp+c5ACbBo1d la4H65UlMH55XXMQkHNyaPI= =rIJS -END PGP SIGNATURE- Accepted: marble-data_0.4.3-1_all.deb to pool/main/m/marble/marble-data_0.4.3-1_all.deb marble_0.4.3-1.diff.gz to pool/main/m/marble/marble_0.4.3-1.diff.gz marble_0.4.3-1.dsc to pool/main/m/marble/marble_0.4.3-1.dsc marble_0.4.3-1_amd64.deb to pool/main/m/marble/marble_0.4.3-1_amd64.deb marble_0.4.3.orig.tar.gz to pool/main/m/marble/marble_0.4.3.orig.tar.gz -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Accepted marble 0.4-1 (source all amd64)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Format: 1.7 Date: Tue, 21 Aug 2007 15:11:11 +1000 Source: marble Binary: marble marble-data Architecture: source amd64 all Version: 0.4-1 Distribution: unstable Urgency: low Maintainer: Steffen Joeris [EMAIL PROTECTED] Changed-By: Steffen Joeris [EMAIL PROTECTED] Description: marble - generic geographical map widget marble-data - data files for Marble Changes: marble (0.4-1) unstable; urgency=low . * New upstream release * Remove debian without_msse.patch and fix_ppc.patch, because they are included upstream now * Add build-depends against gpsd for gpsd support * Update debian/copyright file for checkout URL * Change menu section from Apps to Applications, because it has changed in the debian menu structure * Use upstream build system in debian/rules - Adjust debian/marble.dirs and debian/marble-data.dirs - Install into debian/tmp and use debian/marble.install and debian/marble-data.install - Remove obsolete debian/data-files - Remove extra license file for marble - Rearrange debian/rules and add appropriate commands in the right targets - Add cmake_path.patch to set the data dir path for debian - Add icon_desktop.patch to set the path to the png for the icon Files: 8d8ce6a830ed2c010de09ec4e39c3d04 595 misc optional marble_0.4-1.dsc b4d273efed1b9e00267b281b450c214e 11560998 misc optional marble_0.4.orig.tar.gz 23cf94123ee03b2020100abc67b3ecb9 124491 misc optional marble_0.4-1.diff.gz ae835021da67bef359a1e5ecb844434c 9649762 misc optional marble-data_0.4-1_all.deb 6048db1b5b0c2591187da73d4e00aecb 406278 misc optional marble_0.4-1_amd64.deb -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.6 (GNU/Linux) iD8DBQFGynjR62zWxYk/rQcRAtGDAJ9HMfByFtoJ+9W8lZF+XoKXLHq9JwCgqDcI j2G015wNjXpuHoTPQ3vzgiY= =rf15 -END PGP SIGNATURE- Accepted: marble-data_0.4-1_all.deb to pool/main/m/marble/marble-data_0.4-1_all.deb marble_0.4-1.diff.gz to pool/main/m/marble/marble_0.4-1.diff.gz marble_0.4-1.dsc to pool/main/m/marble/marble_0.4-1.dsc marble_0.4-1_amd64.deb to pool/main/m/marble/marble_0.4-1_amd64.deb marble_0.4.orig.tar.gz to pool/main/m/marble/marble_0.4.orig.tar.gz -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Accepted emacs21 21.4a+1-5.1 (source all i386)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Format: 1.7 Date: Tue, 21 Aug 2007 05:23:01 + Source: emacs21 Binary: emacs21-el emacs21-common emacs21-nox emacs21-bin-common emacs21 Architecture: source all i386 Version: 21.4a+1-5.1 Distribution: unstable Urgency: high Maintainer: Rob Browning [EMAIL PROTECTED] Changed-By: Steffen Joeris [EMAIL PROTECTED] Description: emacs21- The GNU Emacs editor emacs21-bin-common - The GNU Emacs editor's shared, architecture dependent files emacs21-common - The GNU Emacs editor's shared, architecture independent infrastru emacs21-el - GNU Emacs LISP (.el) files emacs21-nox - The GNU Emacs editor (without X support) Closes: 408929 433861 Changes: emacs21 (21.4a+1-5.1) unstable; urgency=high . * Non-maintainer upload by the testing-security team * Include patch (CVE-2007-2833.diff) to fix a crash when determining the size of some GIF images (Closes: #408929) Fixes: CVE-2007-2833 * Don't produce the emacs metapackage anymore, because it is now build by the emacs22 source package (Closes: #433861) Files: e99385d45ed0ac972b3f2f7beae37708 880 editors optional emacs21_21.4a+1-5.1.dsc 26a8f6c129b323e21bad45d3b413b747 188543 editors optional emacs21_21.4a+1-5.1.diff.gz f28fbfbd137393eab64fdc64a42cc9b8 9438736 editors optional emacs21-common_21.4a+1-5.1_all.deb 48175495c8b6c85bad7716c4421d7fa8 7211568 editors optional emacs21-el_21.4a+1-5.1_all.deb 0180ad45ff4f2c0688022c848160de39 2023698 editors optional emacs21_21.4a+1-5.1_i386.deb a0d6488b393f4405908e934ab9ca5d0c 1832178 editors optional emacs21-nox_21.4a+1-5.1_i386.deb 58526615fa4266a7c1795cf483ecfee7 147762 editors optional emacs21-bin-common_21.4a+1-5.1_i386.deb -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.6 (GNU/Linux) iD8DBQFGypgb62zWxYk/rQcRAjoYAJ9V3a4msEHj7UvTV9dmEIgp7yukkACfSK8g y3qYanF2XZhzsm/3cccBx0M= =0uJR -END PGP SIGNATURE- Accepted: emacs21-bin-common_21.4a+1-5.1_i386.deb to pool/main/e/emacs21/emacs21-bin-common_21.4a+1-5.1_i386.deb emacs21-common_21.4a+1-5.1_all.deb to pool/main/e/emacs21/emacs21-common_21.4a+1-5.1_all.deb emacs21-el_21.4a+1-5.1_all.deb to pool/main/e/emacs21/emacs21-el_21.4a+1-5.1_all.deb emacs21-nox_21.4a+1-5.1_i386.deb to pool/main/e/emacs21/emacs21-nox_21.4a+1-5.1_i386.deb emacs21_21.4a+1-5.1.diff.gz to pool/main/e/emacs21/emacs21_21.4a+1-5.1.diff.gz emacs21_21.4a+1-5.1.dsc to pool/main/e/emacs21/emacs21_21.4a+1-5.1.dsc emacs21_21.4a+1-5.1_i386.deb to pool/main/e/emacs21/emacs21_21.4a+1-5.1_i386.deb -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Accepted slocate 3.1-1.1 (source i386)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Format: 1.7 Date: Mon, 13 Aug 2007 10:15:47 + Source: slocate Binary: slocate Architecture: source i386 Version: 3.1-1.1 Distribution: unstable Urgency: high Maintainer: Kevin Lindsay [EMAIL PROTECTED] Changed-By: Steffen Joeris [EMAIL PROTECTED] Description: slocate- Secure replacement of findutil's locate Closes: 411937 Changes: slocate (3.1-1.1) unstable; urgency=high . * Non-maintainer upload by the testing security team * Include patch to prevent users obtaining names of private files (apply patch directly, since no patch system is used so far) (Closes: #411937) Fixes: CVE-2007-0227 Thanks to Kees Cook Files: 94a05b56468de8fb9563096e4f1edd3a 562 utils extra slocate_3.1-1.1.dsc 1198153f5dca0292ca54b5d1c941f619 8196 utils extra slocate_3.1-1.1.diff.gz af7cceafd8390ebf122662da257f2814 31008 utils extra slocate_3.1-1.1_i386.deb -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.6 (GNU/Linux) iD8DBQFGwVjF62zWxYk/rQcRAtGZAKC4S6D3tuWH5VjdDZEDi1wmoBCAXgCeL2C+ S1OFChs5FGigCGOA098tgYI= =uwWI -END PGP SIGNATURE- Accepted: slocate_3.1-1.1.diff.gz to pool/main/s/slocate/slocate_3.1-1.1.diff.gz slocate_3.1-1.1.dsc to pool/main/s/slocate/slocate_3.1-1.1.dsc slocate_3.1-1.1_i386.deb to pool/main/s/slocate/slocate_3.1-1.1_i386.deb -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Accepted marble 0.3-2 (source i386 all)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Format: 1.7 Date: Tue, 14 Aug 2007 10:40:08 + Source: marble Binary: marble marble-data Architecture: source i386 all Version: 0.3-2 Distribution: unstable Urgency: medium Maintainer: Steffen Joeris [EMAIL PROTECTED] Changed-By: Steffen Joeris [EMAIL PROTECTED] Description: marble - generic geographical map widget marble-data - data files for Marble Closes: 417569 Changes: marble (0.3-2) unstable; urgency=medium . * Include patch (fix_ppc.patch) to fix segfault during startup on powerpc (Closes: #417569) Thanks to Michel Dänze * Do not ignore erros from make distclean, following lintian's advice Files: 68a3c5088d391ef3becc15a53f61f395 586 misc optional marble_0.3-2.dsc 2498731c13e065058457d28d6ab82acf 5407 misc optional marble_0.3-2.diff.gz b5e25cdd3230b7b8d4bd646431cb7df3 6220100 misc optional marble-data_0.3-2_all.deb f0fb8b73d04984efbaa73f88e6486ffd 197820 misc optional marble_0.3-2_i386.deb -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.6 (GNU/Linux) iD8DBQFGwZLy62zWxYk/rQcRAjsVAJ0dK5V1xUfsI1S5/Jb/2nIewnlKAQCeKPrm HCHnzTq6UkHmKNTrR9sXEBA= =7qSY -END PGP SIGNATURE- Accepted: marble-data_0.3-2_all.deb to pool/main/m/marble/marble-data_0.3-2_all.deb marble_0.3-2.diff.gz to pool/main/m/marble/marble_0.3-2.diff.gz marble_0.3-2.dsc to pool/main/m/marble/marble_0.3-2.dsc marble_0.3-2_i386.deb to pool/main/m/marble/marble_0.3-2_i386.deb -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Accepted imlib 1.9.15-3 (source i386 all)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Format: 1.7 Date: Tue, 14 Aug 2007 11:13:36 + Source: imlib Binary: gdk-imlib1 gdk-imlib11-dev gdk-imlib11 imlib11 imlib-base imlib11-dev Architecture: source i386 all Version: 1.9.15-3 Distribution: unstable Urgency: high Maintainer: Debian QA Group [EMAIL PROTECTED] Changed-By: Steffen Joeris [EMAIL PROTECTED] Description: gdk-imlib1 - compatibility package for gdk-imlib11 gdk-imlib11 - imaging library for use with gtk gdk-imlib11-dev - Header files needed for Gdk-Imlib development imlib-base - Common files needed by the Imlib/Gdk-Imlib packages imlib11- Imlib is an imaging library for X and X11 imlib11-dev - Imlib is an imaging library for X and X11 Closes: 437708 Changes: imlib (1.9.15-3) unstable; urgency=high . * QA upload by the testing security team * Include patch (bpp16-CVE-2007-3568.patch) to fix a DoS caused via a BMP image with a Bits Per Page (BPP) value of 0 (Closes: #437708) Fixes: CVE-2007-3568 Thanks to Luciano Bello for forwarding the patch Files: 7f91f28fb927c9f3c9a48d788dbf1b33 815 graphics optional imlib_1.9.15-3.dsc e200d1eb403dc10463baf8b19a625e22 368320 graphics optional imlib_1.9.15-3.diff.gz cb7cba614df59517ddfecec73893047b 23686 graphics optional imlib-base_1.9.15-3_all.deb 7a52cfcf07bba4ec362cc454b8c09199 16130 oldlibs optional gdk-imlib1_1.9.15-3_all.deb 286c8fc7cd4bbea75b8dc3709739dbc7 85184 oldlibs optional imlib11_1.9.15-3_i386.deb 4e12d0ca57be1d194ec48710e8edae4c 89242 libdevel optional imlib11-dev_1.9.15-3_i386.deb e8dfbb2ca97ba10611b07756d79a83e4 93434 oldlibs optional gdk-imlib11_1.9.15-3_i386.deb ad8c726846a5a9e09b7dfbf34dedd124 78418 oldlibs optional gdk-imlib11-dev_1.9.15-3_i386.deb -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.6 (GNU/Linux) iD8DBQFGwZb262zWxYk/rQcRAjJlAJ9+ZoIkfCcazx5JZNCzlmlyJFEpZwCfVpy9 m6AgZ0XzW/xXThmkJ5FhI7s= =PYep -END PGP SIGNATURE- Accepted: gdk-imlib11-dev_1.9.15-3_i386.deb to pool/main/i/imlib/gdk-imlib11-dev_1.9.15-3_i386.deb gdk-imlib11_1.9.15-3_i386.deb to pool/main/i/imlib/gdk-imlib11_1.9.15-3_i386.deb gdk-imlib1_1.9.15-3_all.deb to pool/main/i/imlib/gdk-imlib1_1.9.15-3_all.deb imlib-base_1.9.15-3_all.deb to pool/main/i/imlib/imlib-base_1.9.15-3_all.deb imlib11-dev_1.9.15-3_i386.deb to pool/main/i/imlib/imlib11-dev_1.9.15-3_i386.deb imlib11_1.9.15-3_i386.deb to pool/main/i/imlib/imlib11_1.9.15-3_i386.deb imlib_1.9.15-3.diff.gz to pool/main/i/imlib/imlib_1.9.15-3.diff.gz imlib_1.9.15-3.dsc to pool/main/i/imlib/imlib_1.9.15-3.dsc -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Accepted postfix-policyd 1.80-2.2 (source i386)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Format: 1.7 Date: Sun, 12 Aug 2007 10:46:25 + Source: postfix-policyd Binary: postfix-policyd Architecture: source i386 Version: 1.80-2.2 Distribution: unstable Urgency: high Maintainer: OndÅej Surý [EMAIL PROTECTED] Changed-By: Steffen Joeris [EMAIL PROTECTED] Description: postfix-policyd - anti-spam plugin for Postfix Closes: 435735 Changes: postfix-policyd (1.80-2.2) unstable; urgency=high . * Non-maintainer upload * Fix buffer overflow in the w_read function in sockets.c to avoid possible DoS and execution of arbitary code via long SMTP commands (apply directly, because no patch system is used so far) (Closes: #435735) Fixes: CVE-2007-3791 Files: 592daa817e03abd56f3bf8dfefd43886 651 mail optional postfix-policyd_1.80-2.2.dsc f7525b9deb91b803e9558b4417a251d0 11346 mail optional postfix-policyd_1.80-2.2.diff.gz 586cf53bc541f4c51fe9d543d8ed9a2e 70442 mail optional postfix-policyd_1.80-2.2_i386.deb -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.6 (GNU/Linux) iD8DBQFGvuaz62zWxYk/rQcRAmn/AJwIIGCJ7nFL5JGo6YMWiSc3d2bOewCeNkEy Gghd3H6grtCzc9UYC5jd8oo= =bgDi -END PGP SIGNATURE- Accepted: postfix-policyd_1.80-2.2.diff.gz to pool/main/p/postfix-policyd/postfix-policyd_1.80-2.2.diff.gz postfix-policyd_1.80-2.2.dsc to pool/main/p/postfix-policyd/postfix-policyd_1.80-2.2.dsc postfix-policyd_1.80-2.2_i386.deb to pool/main/p/postfix-policyd/postfix-policyd_1.80-2.2_i386.deb -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Accepted bugzilla 2.22.1-2.1 (source all)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Format: 1.7 Date: Fri, 10 Aug 2007 15:30:29 +0200 Source: bugzilla Binary: bugzilla bugzilla-doc Architecture: source all Version: 2.22.1-2.1 Distribution: unstable Urgency: high Maintainer: Debian Webapps Team [EMAIL PROTECTED] Changed-By: Steffen Joeris [EMAIL PROTECTED] Description: bugzilla - web-based bug tracking system bugzilla-doc - comprehensive guide to Bugzilla Closes: 409824 Changes: bugzilla (2.22.1-2.1) unstable; urgency=high . * Non-maintainer upload with the permission of the maintainer * Include upstream patch to fix Cross-site scripting (XSS) vulnerability in Atom, which allows remote attackers to inject arbitrary web script or HTML via unspecified vectors (Closes: #409824) Fixes: CVE-2007-0791 Files: 4d899d15e7ab95f259707345950481dd 776 web optional bugzilla_2.22.1-2.1.dsc 20dea2ca9bba92da9edc8ca30fae404c 68201 web optional bugzilla_2.22.1-2.1.diff.gz 7b4507509cde546f630f5432540c20ac 826904 web optional bugzilla_2.22.1-2.1_all.deb 022eccc1b57543d35981751d425b0eb5 615268 doc optional bugzilla-doc_2.22.1-2.1_all.deb -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.6 (GNU/Linux) iD8DBQFGvGrt62zWxYk/rQcRAiUMAJ9VrJvAk0lMgGqROnljYM6OGJb8AwCgzpA2 GhiuxIzRahFRSaccIRs/kHw= =/8WL -END PGP SIGNATURE- Accepted: bugzilla-doc_2.22.1-2.1_all.deb to pool/main/b/bugzilla/bugzilla-doc_2.22.1-2.1_all.deb bugzilla_2.22.1-2.1.diff.gz to pool/main/b/bugzilla/bugzilla_2.22.1-2.1.diff.gz bugzilla_2.22.1-2.1.dsc to pool/main/b/bugzilla/bugzilla_2.22.1-2.1.dsc bugzilla_2.22.1-2.1_all.deb to pool/main/b/bugzilla/bugzilla_2.22.1-2.1_all.deb -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Accepted poppler 0.5.4-6.1 (source i386)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Format: 1.7 Date: Sun, 05 Aug 2007 11:08:24 + Source: poppler Binary: libpoppler-glib-dev poppler-utils libpoppler-qt4-dev libpoppler-qt1 libpoppler1 libpoppler-glib1 libpoppler-qt4-1 libpoppler-dev libpoppler-qt-dev Architecture: source i386 Version: 0.5.4-6.1 Distribution: unstable Urgency: high Maintainer: OndÅej Surý [EMAIL PROTECTED] Changed-By: Steffen Joeris [EMAIL PROTECTED] Description: libpoppler-dev - PDF rendering library -- development files libpoppler-glib-dev - PDF rendering library -- development files (GLib interface) libpoppler-glib1 - PDF rendering library (GLib-based shared library) libpoppler-qt-dev - PDF rendering library -- development files (Qt 3 interface) libpoppler-qt1 - PDF rendering library (Qt 3 based shared library) libpoppler-qt4-1 - PDF rendering library (Qt 4 based shared library) libpoppler-qt4-dev - PDF rendering library -- development files (Qt 4 interface) libpoppler1 - PDF rendering library poppler-utils - PDF utilitites (based on libpoppler) Closes: 435460 Changes: poppler (0.5.4-6.1) unstable; urgency=high . * Non-maintainer upload * Include upstream patch to fix integer overflow in the StreamPredictor::StreamPredictor function (Closes: #435460) Fixes: CVE-2007-3387 Files: 55c8573e83e17a24de3561bf515f7331 1086 devel optional poppler_0.5.4-6.1.dsc 33447ce4205fd491884376fca24410ba 9930 devel optional poppler_0.5.4-6.1.diff.gz ed2625dff323c4a8383f9733fdaf560c 578854 libs optional libpoppler1_0.5.4-6.1_i386.deb 3702de8f758747eebda2a23c96d80c05 767476 libdevel optional libpoppler-dev_0.5.4-6.1_i386.deb dfd53f60d7a15edd72b577505ed58fb0 72194 libs optional libpoppler-glib1_0.5.4-6.1_i386.deb 503d1eedc5c55cefa00e979ea42dd6cd 100822 libdevel optional libpoppler-glib-dev_0.5.4-6.1_i386.deb dbc4eee1926ffd8df621797d88303d85 60288 libs optional libpoppler-qt1_0.5.4-6.1_i386.deb 2ab9d3ab0f7f5f69bf76d50eb8fbc0b5 64070 libdevel optional libpoppler-qt-dev_0.5.4-6.1_i386.deb 4e9f14a86d3216e47c9fd0e9a4ccc891 152192 libs optional libpoppler-qt4-1_0.5.4-6.1_i386.deb 304ba69396149635c639b54dc3e58776 174050 libdevel optional libpoppler-qt4-dev_0.5.4-6.1_i386.deb 97fbbdec9212685f2c5156a79b4c5180 103306 utils optional poppler-utils_0.5.4-6.1_i386.deb -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.6 (GNU/Linux) iD8DBQFGu+Mo62zWxYk/rQcRAuaVAKClhX2BeIsMQWRVlnH/I4vHiA0fwgCbBTTG GgHQgdAWtue4Anrgv5vzSYs= =NTzd -END PGP SIGNATURE- Accepted: libpoppler-dev_0.5.4-6.1_i386.deb to pool/main/p/poppler/libpoppler-dev_0.5.4-6.1_i386.deb libpoppler-glib-dev_0.5.4-6.1_i386.deb to pool/main/p/poppler/libpoppler-glib-dev_0.5.4-6.1_i386.deb libpoppler-glib1_0.5.4-6.1_i386.deb to pool/main/p/poppler/libpoppler-glib1_0.5.4-6.1_i386.deb libpoppler-qt-dev_0.5.4-6.1_i386.deb to pool/main/p/poppler/libpoppler-qt-dev_0.5.4-6.1_i386.deb libpoppler-qt1_0.5.4-6.1_i386.deb to pool/main/p/poppler/libpoppler-qt1_0.5.4-6.1_i386.deb libpoppler-qt4-1_0.5.4-6.1_i386.deb to pool/main/p/poppler/libpoppler-qt4-1_0.5.4-6.1_i386.deb libpoppler-qt4-dev_0.5.4-6.1_i386.deb to pool/main/p/poppler/libpoppler-qt4-dev_0.5.4-6.1_i386.deb libpoppler1_0.5.4-6.1_i386.deb to pool/main/p/poppler/libpoppler1_0.5.4-6.1_i386.deb poppler-utils_0.5.4-6.1_i386.deb to pool/main/p/poppler/poppler-utils_0.5.4-6.1_i386.deb poppler_0.5.4-6.1.diff.gz to pool/main/p/poppler/poppler_0.5.4-6.1.diff.gz poppler_0.5.4-6.1.dsc to pool/main/p/poppler/poppler_0.5.4-6.1.dsc -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Accepted xpdf 3.02-1.1 (source all amd64)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Format: 1.7 Date: Tue, 07 Aug 2007 14:00:34 +1000 Source: xpdf Binary: xpdf-utils xpdf xpdf-reader xpdf-common Architecture: source amd64 all Version: 3.02-1.1 Distribution: unstable Urgency: high Maintainer: Hamish Moffatt [EMAIL PROTECTED] Changed-By: Steffen Joeris [EMAIL PROTECTED] Description: xpdf - Portable Document Format (PDF) suite xpdf-common - Portable Document Format (PDF) suite -- common files xpdf-reader - Portable Document Format (PDF) suite -- viewer for X11 xpdf-utils - Portable Document Format (PDF) suite -- utilities Closes: 435462 Changes: xpdf (3.02-1.1) unstable; urgency=high . * Non-maintainer upload with permission of the maintainer * Fix integer overflow in the StreamPredictor::StreamPredictor function by adding post-3.5.7-kdegraphics-CVE-2007-3387.diff.dpatch (Closes: #435462) Fixes: CVE-2007-3387 Files: 409da82253c0a7a87900a934d28006f6 872 text optional xpdf_3.02-1.1.dsc 4f417baf5dd6660ef7fabf7cdadccd13 32913 text optional xpdf_3.02-1.1.diff.gz a9c9d15d19e2159a2e964b4118069e79 1268 text optional xpdf_3.02-1.1_all.deb e7a7c4f25c03ed80a61638ed108d5955 66394 text optional xpdf-common_3.02-1.1_all.deb 34a244bc8b17b4eac7e25ce8af9c3c97 909930 text optional xpdf-reader_3.02-1.1_amd64.deb 6994b0e495a57116bccbc98bc7aac5a7 1684020 text optional xpdf-utils_3.02-1.1_amd64.deb -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.6 (GNU/Linux) iD8DBQFGt/DD62zWxYk/rQcRAm9uAJ4pu+KAjC86gkKxiIEyV9kJ9nyNGgCgpjLm nBL0FyB3lnGbFMVU6Ldv4TI= =m8cj -END PGP SIGNATURE- Accepted: xpdf-common_3.02-1.1_all.deb to pool/main/x/xpdf/xpdf-common_3.02-1.1_all.deb xpdf-reader_3.02-1.1_amd64.deb to pool/main/x/xpdf/xpdf-reader_3.02-1.1_amd64.deb xpdf-utils_3.02-1.1_amd64.deb to pool/main/x/xpdf/xpdf-utils_3.02-1.1_amd64.deb xpdf_3.02-1.1.diff.gz to pool/main/x/xpdf/xpdf_3.02-1.1.diff.gz xpdf_3.02-1.1.dsc to pool/main/x/xpdf/xpdf_3.02-1.1.dsc xpdf_3.02-1.1_all.deb to pool/main/x/xpdf/xpdf_3.02-1.1_all.deb -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Accepted gnats 4.1.0-0.3 (source amd64)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Format: 1.7 Date: Sat, 04 Aug 2007 19:24:09 +1000 Source: gnats Binary: gnats-user gnats Architecture: source amd64 Version: 4.1.0-0.3 Distribution: unstable Urgency: medium Maintainer: Chad Walstrom [EMAIL PROTECTED] Changed-By: Steffen Joeris [EMAIL PROTECTED] Description: gnats - The GNU problem report management system (central database) gnats-user - The GNU problem report management system (client tools) Closes: 43532 431526 Changes: gnats (4.1.0-0.3) unstable; urgency=medium . * Non-maintainer upload * Fix unconditional use of update-inetd in gnats.postrm script, because update-inetd is not essential (Closes: #431526) * Change dependency from netbase to update-inetd, because update-inetd was moved into a seperate package (Closes: #43532) Files: cd687fb9649122314b5fdc25cd285ee8 621 devel extra gnats_4.1.0-0.3.dsc 729f32375a70308a1caf35f323db1c74 67212 devel extra gnats_4.1.0-0.3.diff.gz 3fc2cada1c168b3d01dcc5b8268bd405 482232 devel extra gnats-user_4.1.0-0.3_amd64.deb 238fe930237cb9ae879626ba3039a0dc 853620 devel extra gnats_4.1.0-0.3_amd64.deb -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.6 (GNU/Linux) iD8DBQFGtEc462zWxYk/rQcRAqi/AJ96t6TiGvGVSPT4+DywGiBUG6gjQgCgi2hE 3hLqq92/OSpf7WQ+YAMinxA= =AYdl -END PGP SIGNATURE- Accepted: gnats-user_4.1.0-0.3_amd64.deb to pool/main/g/gnats/gnats-user_4.1.0-0.3_amd64.deb gnats_4.1.0-0.3.diff.gz to pool/main/g/gnats/gnats_4.1.0-0.3.diff.gz gnats_4.1.0-0.3.dsc to pool/main/g/gnats/gnats_4.1.0-0.3.dsc gnats_4.1.0-0.3_amd64.deb to pool/main/g/gnats/gnats_4.1.0-0.3_amd64.deb -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Accepted cacti 0.8.6j-1.1 (source all)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Format: 1.7 Date: Fri, 3 Aug 2007 19:27:17 +0200 Source: cacti Binary: cacti Architecture: source all Version: 0.8.6j-1.1 Distribution: unstable Urgency: high Maintainer: sean finney [EMAIL PROTECTED] Changed-By: Steffen Joeris [EMAIL PROTECTED] Description: cacti - Frontend to rrdtool for monitoring systems and services Closes: 429224 Changes: cacti (0.8.6j-1.1) unstable; urgency=high . * Non-maintainer upload with the permission of the maintainer * Fix DoS caused by large values passed to the graph_height, graph_width, graph_start and graph_end parameter parameters (Closes: #429224) Fixes: CVE-2007-3112, CVE-2007-3113 Files: 71970460da70b55e2da32d561d29a68f 581 web extra cacti_0.8.6j-1.1.dsc 94024d53937adfe7f6e993d7c0102426 32921 web extra cacti_0.8.6j-1.1.diff.gz 316900d2bed5f3940ba36bc6c5b09ae4 963652 web extra cacti_0.8.6j-1.1_all.deb -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.6 (GNU/Linux) iD8DBQFGs2do62zWxYk/rQcRAqkqAJ9B2zDYAt1aJmxR2NPep3FfjawlTQCfXG4d xCsC7W4sOhwzCPy4K5DuzEg= =EmIB -END PGP SIGNATURE- Accepted: cacti_0.8.6j-1.1.diff.gz to pool/main/c/cacti/cacti_0.8.6j-1.1.diff.gz cacti_0.8.6j-1.1.dsc to pool/main/c/cacti/cacti_0.8.6j-1.1.dsc cacti_0.8.6j-1.1_all.deb to pool/main/c/cacti/cacti_0.8.6j-1.1_all.deb -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Accepted gnome-print 0.37-14 (source all amd64)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Format: 1.7 Date: Sat, 21 Jul 2007 16:55:37 +0200 Source: gnome-print Binary: libgnomeprint-bin libgnomeprint-dev libgnomeprint-data libgnomeprint15 Architecture: source all amd64 Version: 0.37-14 Distribution: unstable Urgency: low Maintainer: Debian QA Group [EMAIL PROTECTED] Changed-By: Steffen Joeris [EMAIL PROTECTED] Description: libgnomeprint-bin - The GNOME Print architecture - binary files libgnomeprint-data - The GNOME Print architecture - data files libgnomeprint-dev - The GNOME Print architecture - development files libgnomeprint15 - The GNOME Print architecture - runtime library Closes: 432960 433403 Changes: gnome-print (0.37-14) unstable; urgency=low . * QA Upload * Make gnome-print binNMU safe by using the appropriate variables ${binary:Version} and ${source:version} in debian/control (Closes: #432960, #433403) Thanks to Lior Kaplan * Bump debhelper compatibility level to 5 * Remove debhelper from build-depends-indep and keep it in build-depends, because it is needed during the clean target * Bump Standards-Version * Update FSF postal address * Provide libgnomeprint15.postinst/postrm to include call for ldconfig, which is somehow not added by dh_makeshlibs Files: 488d1d7c113082c255b8e580066b92d1 805 admin optional gnome-print_0.37-14.dsc 25bae5142fe487dff52216effe593e28 13479 admin optional gnome-print_0.37-14.diff.gz 8f3f1d28e104d08d489eaa8621e69272 235064 oldlibs optional libgnomeprint-data_0.37-14_all.deb b2016f74723f6c200b426945aa1f15bd 258952 oldlibs optional libgnomeprint15_0.37-14_amd64.deb 482362d6461d260bc60f7f4f2718709c 319062 libdevel optional libgnomeprint-dev_0.37-14_amd64.deb d882b18353e2605d52e580da7d316d0f 30656 oldlibs optional libgnomeprint-bin_0.37-14_amd64.deb -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.6 (GNU/Linux) iD8DBQFGokn762zWxYk/rQcRAtQkAKCA6AW6zs7BygqLGRC74+G36ELsXACfWWWA 1AiLXKWnprsRxwMDdY3NOWo= =tmU5 -END PGP SIGNATURE- Accepted: gnome-print_0.37-14.diff.gz to pool/main/g/gnome-print/gnome-print_0.37-14.diff.gz gnome-print_0.37-14.dsc to pool/main/g/gnome-print/gnome-print_0.37-14.dsc libgnomeprint-bin_0.37-14_amd64.deb to pool/main/g/gnome-print/libgnomeprint-bin_0.37-14_amd64.deb libgnomeprint-data_0.37-14_all.deb to pool/main/g/gnome-print/libgnomeprint-data_0.37-14_all.deb libgnomeprint-dev_0.37-14_amd64.deb to pool/main/g/gnome-print/libgnomeprint-dev_0.37-14_amd64.deb libgnomeprint15_0.37-14_amd64.deb to pool/main/g/gnome-print/libgnomeprint15_0.37-14_amd64.deb -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Accepted foo2zjs 20070718dfsg-1 (source amd64)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Format: 1.7 Date: Fri, 20 Jul 2007 18:07:24 +0200 Source: foo2zjs Binary: foo2zjs Architecture: source amd64 Version: 20070718dfsg-1 Distribution: experimental Urgency: low Maintainer: Debian Foo2zjs Maintainers [EMAIL PROTECTED] Changed-By: Steffen Joeris [EMAIL PROTECTED] Description: foo2zjs- Support for printing to ZjStream-based printers Closes: 427665 427678 429872 Changes: foo2zjs (20070718dfsg-1) experimental; urgency=low . [ Luca Bedogni ] * Modified patches to fit with new version * Removed Finn-Arne Johansen (Requested on #427678) * Added me (Luca Bedogni) as co-maintainer * Added Michael Koch as co-maintainer . [ Steffen Joeris ] * Put the alioth list as maintainer and myself as co-maintainer - The package is now team maintained (Closes: #429872) * New upstream version (Closes: #427678) * DFSG repack - Removed binary file c5200mono.prn - Removed crd/qpdl/CLP* , because copyright is unclear * Make sure that the PPD files are installed (Closes: #427665) Files: beb2d7d2fbf58273ba5af6c4da9ce166 779 text optional foo2zjs_20070718dfsg-1.dsc e17de308db78163a717886fbf9326313 958887 text optional foo2zjs_20070718dfsg.orig.tar.gz 1291812cbec608702c09f7baa1aa1df0 18158 text optional foo2zjs_20070718dfsg-1.diff.gz 7f02217bf6e7c4d50166cbff93e2a896 1071150 text optional foo2zjs_20070718dfsg-1_amd64.deb -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.6 (GNU/Linux) iD8DBQFGoN9f62zWxYk/rQcRAvlWAJ9SbIp+ER3UlMISluYqEXXQfRYVowCgrKlT YL+hi0eZ5PjUkkZjJ7bNWOI= =1/IL -END PGP SIGNATURE- Accepted: foo2zjs_20070718dfsg-1.diff.gz to pool/main/f/foo2zjs/foo2zjs_20070718dfsg-1.diff.gz foo2zjs_20070718dfsg-1.dsc to pool/main/f/foo2zjs/foo2zjs_20070718dfsg-1.dsc foo2zjs_20070718dfsg-1_amd64.deb to pool/main/f/foo2zjs/foo2zjs_20070718dfsg-1_amd64.deb foo2zjs_20070718dfsg.orig.tar.gz to pool/main/f/foo2zjs/foo2zjs_20070718dfsg.orig.tar.gz -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Accepted score-reading-trainer 0.1.3-3 (source amd64)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Format: 1.7 Date: Fri, 20 Jul 2007 21:29:17 +0200 Source: score-reading-trainer Binary: score-reading-trainer Architecture: source amd64 Version: 0.1.3-3 Distribution: unstable Urgency: low Maintainer: Steffen Joeris [EMAIL PROTECTED] Changed-By: Steffen Joeris [EMAIL PROTECTED] Description: score-reading-trainer - trainer for reading music notes Changes: score-reading-trainer (0.1.3-3) unstable; urgency=low . * Include 01-extra-line.patch to avoid segfault when using lower notes Thanks to Julian Kniephoff * Use cdbs simple-patchsys in debian/rules * Remove rpath on /usr/bin/score-reading-trainer Files: 821ba30de4dfab3b69acd21fc89facaa 681 kde optional score-reading-trainer_0.1.3-3.dsc e0f2bb0ad0f6e45daeb0dc3b462ec2ea 3283 kde optional score-reading-trainer_0.1.3-3.diff.gz ad21624a3e11667b7a70650366577d39 132788 kde optional score-reading-trainer_0.1.3-3_amd64.deb -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.6 (GNU/Linux) iD8DBQFGoRUY62zWxYk/rQcRAkmTAJ4xdPe6ZsvA266F/K/IvEpiUG6XbwCeKF+W EegFBN0EvP2jvHgCc+OHkq0= =kZo7 -END PGP SIGNATURE- Accepted: score-reading-trainer_0.1.3-3.diff.gz to pool/main/s/score-reading-trainer/score-reading-trainer_0.1.3-3.diff.gz score-reading-trainer_0.1.3-3.dsc to pool/main/s/score-reading-trainer/score-reading-trainer_0.1.3-3.dsc score-reading-trainer_0.1.3-3_amd64.deb to pool/main/s/score-reading-trainer/score-reading-trainer_0.1.3-3_amd64.deb -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Accepted debian-edu-config 0.413 (source all)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Format: 1.7 Date: Thu, 12 Jul 2007 21:53:16 +0200 Source: debian-edu-config Binary: debian-edu-config Architecture: source all Version: 0.413 Distribution: unstable Urgency: low Maintainer: Debian Edu Developers [EMAIL PROTECTED] Changed-By: Steffen Joeris [EMAIL PROTECTED] Description: debian-edu-config - Configuration files for Skolelinux systems Changes: debian-edu-config (0.413) unstable; urgency=low . [ Ronny Aasen and Petter Reinholdtsen ] * Fixed a bug in cfengine's ltsp_arch variable, that broke the installer. Based on patch from Klaus Ade Johnstad. Fixes skolelinux bug #1196. . [ Klaus Ade Johnstad ] * Fixed typo introduced in fix for skolelinux bug #1196 * Fixed tail according to new syntax, 's/tail +/tail -n +/g' in /usr/sbin/ltsp-make-client * Fixed bug #1220, typo in lts.conf . [ Petter Reinholdtsen ] * Update ltsp testsuite to use i386 on amd64 systems to fix skolelinux bug #1200. * Fixed debian-edu-etc-svk initialization using expect, and improved the script to a point where it is working properly. * Make it possible to enable debian-edu-etc-svk by preseeding debian-edu-config/etc-in-svk, and include cronjob for updating the svk state of /etc/. Depend on svk and expect to make sure the needed packages are installed. * Make sure init.d/start-wlan is not executed during package installation, as it can kill the network connection on laptops. * Change init.d/fetch-ldap-cert to extract the server certificate using the SSL protocol, instead of downloading it over HTTP. * Correct ldap-tools/mkslapdcert to extract the server certificate (and no the public key) and make it available for download, as this is the file needed by clients interested in verifying the SSL connection to the LDAP server. * Rewrite ldap.conf to use the downloaded LDAP server certificate to verify the connection, trying to make it possible to disable the 'TLS_REQCERT never' setting to enforce this. It is not yet working, so the 'TLS_REQCERT never' is still needed. This is related to skolelinux bug 1211. * Move stray client side LDAP configuration from cf.ldapserver to the more correct cf.ldapclient. * Remove kdm theme cfengine rules. They are no longer needed. * Renamed the 'update' command in debian-edu-etc-svk to commit. The old command still work, but will be removed in the future. * Add proposed APT sources in the LTSP chroot as well. Related to skolelinux bug #1168. * Remove code in mkslapdcert to make the LDAP SSL certificate available from the web server. It is no longer needed when fetch-ssl-cert can fetch it directly from the LDAP server. Make sure to only try to download the certificate if it is mentioned in the LDAP config. * Modify cfengine rule for editing /etc/libnss-ldap.conf and /etc/pam_ldap.conf to avoid editing if the host setting already is present. * Improve usage information printed by debian-edu-fsautoresize. * Extend testsuite/taskpkgs to detect if a package in a task is missing. * Update cfengine rule for /etc/hosts.allow to also allow access from 10.0.2.0/23 to tftp and portmap, making sure diskless workstation boots get access. * Allow 127.0.0.1 NFS mount privileges to the LTSP chroot, to get qemu testing to work out of the box. * Updates in ltsp-make-client: - General cleanup and convert it to use aptitude instead of apt-get to track manually installed packages. - Make sure it installs debian-edu-archive-keyring, and - fetches the LDAP SSL certificate. - Add code verify that enoug disk space is available in /opt/ltsp/$arch before starting. Using 4096 MiB as the limit. - Add code to make sure /var/lib/dbus and /media is writable by dbus. Solves skolelinux bug #1180. - Stop installing usbmount. It does not work at the moment, and is not needed when udev/hal is working. * Specify SCREEN_07=ldm in lts.conf to make sure ldm is still enabled on thin clients after ltsp-make-clients installed kdm. Solves skolelinux bug #1210. . [ Steffen Joeris ] * Include debian-edu-etc-svk under the SBIN programs in the Makefile to make sure it is included in the binary package * Make sure that the start page translations are in sync with the English page (Closes skolelinux bug #1156) - Include updated Spanish start page Thanks to José L. Redrejo - Include initial Russian start page Thanks to Yuri Kozlov - Include updated German start page Thanks to Ludger Sicking - Include updated French start page Thanks to Xavier Oswald - Include updated Norwegian start page Thanks to Frode Jemtland - Include updated Dutch start page Thanks to Thijs Kinkhorst * Delete old obsolete directories from
Accepted debian-edu 0.819 (source amd64)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Format: 1.7 Date: Thu, 12 Jul 2007 22:06:14 +0200 Source: debian-edu Binary: education-services education-main-server education-desktop-other education-common education-thin-client-server education-music education-mathematics education-desktop-kde education-tasks education-chemistry education-workstation education-logic-games education-electronics education-graphics education-language education-laptop education-geography education-physics education-networked education-standalone education-desktop-gnome education-astronomy education-misc Architecture: source amd64 Version: 0.819 Distribution: unstable Urgency: low Maintainer: Debian Edu Developers [EMAIL PROTECTED] Changed-By: Steffen Joeris [EMAIL PROTECTED] Description: education-astronomy - DebianEdu astronomy related applications education-chemistry - DebianEdu chemistry related applications education-common - DebianEdu common packages education-desktop-gnome - DebianEdu GNOME desktop applications education-desktop-kde - DebianEdu KDE desktop applications education-desktop-other - DebianEdu desktop applications (non-GNOME and non-KDE) education-electronics - DebianEdu electronics related applications education-geography - DebianEdu applications for geography education-graphics - DebianEdu graphics related applications education-language - DebianEdu language related educational applications education-laptop - DebianEdu laptop packages education-logic-games - DebianEdu logic games education-main-server - DebianEdu main server packages education-mathematics - DebianEdu mathematical applications education-misc - DebianEdu miscellaneous applications for education education-music - DebianEdu music and sound applications education-networked - DebianEdu networked packages education-physics - DebianEdu physics related applications education-services - DebianEdu services for educational institutions education-standalone - DebianEdu standalone workstation packages education-tasks - Debian Edu tasks for tasksel education-thin-client-server - DebianEdu networked thin client server packages education-workstation - DebianEdu networked workstation packages Closes: 432235 Changes: debian-edu (0.819) unstable; urgency=low . [ Petter Reinholdtsen ] * Generated using the packages in testing. (Closes: #432235) * common task: - Reduce wireshark | ethereal, vim and emacs21 to suggests, to reduce the noise and options in the K menu, based on proposal from Klaus Ade Johnstad. * standalone task: - Avoid non-free packages cmap-adobe-japan1 and xpdf-japanese on the DVD. - Move googleearth-package to the geography task. - Reduce gnash packages from depends and recommends to suggests until it is ready for production use. - Recommend gnome-themes and gtk2-engines-gtk-qt proposed by José L. Redrejo RodrÃguez to improve the fonts in gtk apps. - Promote ispell dictionaries from suggests to recommends, to have them installed by default now that we are using a DVD. - Reduce foomatic-gui to suggests, to reduce the noise and options in the K menu, based on proposal from Klaus Ade Johnstad. * desktop-kde: - Add amarok, gwenview and gwenview-i18n as recommends and krita as suggests. The packages were proposed by Knut Yrvin. - Fix typo which held recommended packages knode, kfloppy, kcron, kuser, knotes, kscd, kdewallpapers, kedit, kdeutils, kamera, digikam, kipi-plugins, kpilot, kdenetwork-kfile-plugins, kdeaccessibility and kiosktool out of the task list. Moved knode, kcron, kuser, kscd, and kedit to suggest after suggestions from Knut Yrvin and Ejercicios Resueltos. - Drop kppp as recommends, as it is already a suggest in standalone. Based on proposal from Klaus Ade Johnstad. * electronics task: - Avoid non-free package eagle on the DVD. * main-server task: - Ignore ocsinventory-server and ocsinventory-reports, might be a useful alternative / supplement for sitesummary. - Reduce cipux-related packages from suggests to ignore until it is production ready. * geography task: - Added googleearth-package as suggest next to google-earth, as the former is a Debian package generating the latter. * laptop task: - Promote pcmciautils to depends and make obsolete pcmcia-cs an alternative. - Promote kdebluetooth, klaptopdaemon, kmilo and ksynaptics from ignore to recommends, to have these packages installed by default. * logic-games task: - Reduce gnome-games to suggests, and make kdegames an alternative for it, based on feedback from Knut Yrvin and José L. Redrejo RodrÃguez. Files: de4fbbf1c75954b212dc8e835761ea56 1285 misc extra debian-edu_0.819.dsc a738c9b4e82cdeba2b00bab51cd18f46 58275 misc extra debian-edu_0.819.tar.gz 62c254467d80d8d389427130a4c229cf 23288
Accepted 915resolution 0.5.3-1 (source amd64)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Format: 1.7 Date: Sun, 01 Jul 2007 19:37:58 +0200 Source: 915resolution Binary: 915resolution Architecture: source amd64 Version: 0.5.3-1 Distribution: unstable Urgency: low Maintainer: Steffen Joeris [EMAIL PROTECTED] Changed-By: Steffen Joeris [EMAIL PROTECTED] Description: 915resolution - resolution modification tool for Intel graphic chipset Closes: 430741 Changes: 915resolution (0.5.3-1) unstable; urgency=low . * New upstream version * Update the 01-add-chipsets.dpatch (Closes: #430741) . Thanks to Kyle McMartin Files: ebc49d5eeca50c46d4ea698be2396538 623 x11 extra 915resolution_0.5.3-1.dsc 91fb217a828aaa8b28b6d423692b7720 7995 x11 extra 915resolution_0.5.3.orig.tar.gz 334aa03208e542212f0759c31c70893b 6665 x11 extra 915resolution_0.5.3-1.diff.gz 9d3dd8472e5f7b55aa5abebff5767954 15464 x11 extra 915resolution_0.5.3-1_amd64.deb -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.6 (GNU/Linux) iD8DBQFGh+lX62zWxYk/rQcRAgoGAKDLbGY+WP5z8kwkA1sYdhr39UNajgCgwYFB SJrz6OjIQq7NGTmZeBko8RM= =qNKj -END PGP SIGNATURE- Accepted: 915resolution_0.5.3-1.diff.gz to pool/main/9/915resolution/915resolution_0.5.3-1.diff.gz 915resolution_0.5.3-1.dsc to pool/main/9/915resolution/915resolution_0.5.3-1.dsc 915resolution_0.5.3-1_amd64.deb to pool/main/9/915resolution/915resolution_0.5.3-1_amd64.deb 915resolution_0.5.3.orig.tar.gz to pool/main/9/915resolution/915resolution_0.5.3.orig.tar.gz -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Accepted gpsim 0.22.0-2 (source amd64)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Format: 1.7 Date: Fri, 29 Jun 2007 14:22:49 +0200 Source: gpsim Binary: gpsim gpsim-dev Architecture: source amd64 Version: 0.22.0-2 Distribution: unstable Urgency: low Maintainer: Steffen Joeris [EMAIL PROTECTED] Changed-By: Steffen Joeris [EMAIL PROTECTED] Description: gpsim - Simulator for Microchip's PIC microcontrollers gpsim-dev - Libraries needed only for building gpsim components Closes: 417213 Changes: gpsim (0.22.0-2) unstable; urgency=low . * Include patch to add missing includes needed by g++-4.3 (Closes: #417213) Thanks to Martin Michlmayr * Change maintainer address * Make sure that make distclean errors are not ignored * Remove substvar in debian/control as it has some backwards compatibility * Delete several rpaths using chrpath and add it to build-depends * Update gpsim lintian override Files: 254bdcfbc302cf45c30fa9484ffa680e 740 electronics optional gpsim_0.22.0-2.dsc 3bd453c33194ed2a15d7c464b0d29bb6 23383 electronics optional gpsim_0.22.0-2.diff.gz 190580aba704645850ac229e7e75f88d 1166730 electronics optional gpsim_0.22.0-2_amd64.deb 5f4262c6adcdbed8f3e6bed32cb6db9b 186150 devel optional gpsim-dev_0.22.0-2_amd64.deb -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.6 (GNU/Linux) iD8DBQFGhQJe62zWxYk/rQcRAi8PAKCypLSOd3B5mMjmv6U9QiRrvFl+RACgxhzG lIZYi07Rg5d2XCkOqVmK4QU= =mgw0 -END PGP SIGNATURE- Accepted: gpsim-dev_0.22.0-2_amd64.deb to pool/main/g/gpsim/gpsim-dev_0.22.0-2_amd64.deb gpsim_0.22.0-2.diff.gz to pool/main/g/gpsim/gpsim_0.22.0-2.diff.gz gpsim_0.22.0-2.dsc to pool/main/g/gpsim/gpsim_0.22.0-2.dsc gpsim_0.22.0-2_amd64.deb to pool/main/g/gpsim/gpsim_0.22.0-2_amd64.deb -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Accepted remstats 1.0.13a-10 (source all amd64)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Format: 1.7 Date: Thu, 21 Jun 2007 15:40:21 +0200 Source: remstats Binary: remstats-bintools remstats-servers remstats remstats-doc Architecture: source all amd64 Version: 1.0.13a-10 Distribution: unstable Urgency: low Maintainer: [EMAIL PROTECTED] Changed-By: Steffen Joeris [EMAIL PROTECTED] Description: remstats - Remote Statistics System: collectors and presentation-cgis remstats-bintools - Remote Statistics System: traceroute and multiping remstats-doc - Remote Statistics System: documentation remstats-servers - Remote Statistics System: remote information servers Closes: 417026 Changes: remstats (1.0.13a-10) unstable; urgency=low . * QA upload * Include additional checks for deluser as well really (Closes: #417026) Files: b7a2a22cd895be96bf76fcc0d7a67eb8 704 net extra remstats_1.0.13a-10.dsc 05081eedc13e815cb794ffd4f73809e9 83918 net extra remstats_1.0.13a-10.diff.gz a0cd2f65abe7b9e81e60ad6ff071b020 364430 net extra remstats_1.0.13a-10_all.deb f15d173e034166eb1f509c2f420ee8f2 106142 net extra remstats-servers_1.0.13a-10_all.deb afec9539e55bbfe5bf01df69eb6cdc75 273442 doc extra remstats-doc_1.0.13a-10_all.deb fab1d1b7c477e7ecef3d2f444968ad08 69788 net extra remstats-bintools_1.0.13a-10_amd64.deb -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.6 (GNU/Linux) iD8DBQFGeoE+62zWxYk/rQcRAg8tAJ0c49teTFiJJv37qdJ0/OSlekxU0ACeKX7f QevgQ4hEkcjPnX/S+nKXzZo= =B0Za -END PGP SIGNATURE- Accepted: remstats-bintools_1.0.13a-10_amd64.deb to pool/main/r/remstats/remstats-bintools_1.0.13a-10_amd64.deb remstats-doc_1.0.13a-10_all.deb to pool/main/r/remstats/remstats-doc_1.0.13a-10_all.deb remstats-servers_1.0.13a-10_all.deb to pool/main/r/remstats/remstats-servers_1.0.13a-10_all.deb remstats_1.0.13a-10.diff.gz to pool/main/r/remstats/remstats_1.0.13a-10.diff.gz remstats_1.0.13a-10.dsc to pool/main/r/remstats/remstats_1.0.13a-10.dsc remstats_1.0.13a-10_all.deb to pool/main/r/remstats/remstats_1.0.13a-10_all.deb -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#429872: RFH: foo2zjs
Package: wnpp Severity: normal Hi I would like to request some help with the foo2zjs package. At the moment, I do not have a printer to test the package with. Therefore, I would welcome a co-maintainer, or I would act as a co-maintainer. If somebody wants to take it over completely, he is also welcome. I can also sponsor uploads if needed. Cheers Steffen -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#429873: RFH: kradio -- Comfortable Radio Application for KDE
Package: wnpp Severity: normal Hi I request assistance with maintaining the kradio package. Right now I do not have a working card anymore, which makes it hard to test it properly. I would act as the maintainer or the co-maintainer. I am also happy to completely give up maintainership, if that is required. I can also sponsor uploads if needed. The package description is: KRadio is a comfortable radio application for KDE 3.x with support for V4L and V4L2 radio cards drivers. . KRadio currently provides . * V4L/V4L2 radio support * Remote control support (LIRC) * Alarms, sleep Countdown * Several GUI Controls (Docking Menu, Station Quickbar, Radio Display) * Recording capabilities, including MP3 and Ogg/Vorbis encoding * Timeshifter functionality * Extendable plugin architecture . This package also includes a growing collection of station preset files for many cities around the world contributed by KRadio users. . As KRadio is based on an extendable plugin architecture, contributions of new plugins (e.g. Internet Radio Streams, new cool GUIs) are welcome. . Homepage: http://kradio.sourceforge.net/ Cheers Steffen -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Bug#429872: RFH: foo2zjs
On Thu, 21 Jun 2007 01:44:39 am Evgeni Golov wrote: On Wed, 20 Jun 2007 23:11:50 +0200 Steffen Joeris wrote: I would like to request some help with the foo2zjs package. Well, I do not have such a printer, but after looking at the homepage, I'm a bit scared. There is some big red box, saying: *** DON'T USE the foo2zjs package from Ubuntu, SUSE, Mandrake/Manrivia, Debian, RedHat, Gentoo, MacOSX, or BSD! *** Download it here and follow the directions below. Erm?! WTF? Sorry... I welcome every free software in Debian, but I do not like upstreams saying such a foo (remember ion3 :() When I continue reading: Before you email me, make sure you have contributed something. I did not mention the upstream author? Sorry my mistake, but thanks for telling everyone about it. My chances are going down now ;) Cheers Steffen -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Accepted kradio 0.1.1.1~20061112-3 (source amd64)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Format: 1.7 Date: Wed, 20 Jun 2007 22:14:59 +0200 Source: kradio Binary: kradio Architecture: source amd64 Version: 0.1.1.1~20061112-3 Distribution: unstable Urgency: low Maintainer: [EMAIL PROTECTED] Changed-By: Steffen Joeris [EMAIL PROTECTED] Description: kradio - Comfortable Radio Application for KDE Closes: 424463 426649 Changes: kradio (0.1.1.1~20061112-3) unstable; urgency=low . * Modify build-system to use automake - Remove build-depends against unsermake as it shall be removed from debian soon - Add build-depends against automake1.9 - Recreate the autofoo files - Add build-depends against chrpath and use it to remove some rpaths * Make sure that all the .gmo generated files are deleted to avoid the FTBFS during a second build (Closes: #424463) * Dependencies are accurate for the new libflac libraries (Closes: #426649) Files: de4f77ab7faa450b6e87b513d22319c4 682 sound optional kradio_0.1.1.1~20061112-3.dsc 4c15cca7e0086ad0b4aa915644f1ad65 213614 sound optional kradio_0.1.1.1~20061112-3.diff.gz 82f9ecad87604950161e5d3f58b53320 2143772 sound optional kradio_0.1.1.1~20061112-3_amd64.deb -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.6 (GNU/Linux) iD8DBQFGeZUH62zWxYk/rQcRAtGlAJ4z7Fbsvf1pJmgMOSvCH47QcM4kEQCgzD/S I/EzDdxgSmvis+tjhmJUxMo= =xaIe -END PGP SIGNATURE- Accepted: kradio_0.1.1.1~20061112-3.diff.gz to pool/main/k/kradio/kradio_0.1.1.1~20061112-3.diff.gz kradio_0.1.1.1~20061112-3.dsc to pool/main/k/kradio/kradio_0.1.1.1~20061112-3.dsc kradio_0.1.1.1~20061112-3_amd64.deb to pool/main/k/kradio/kradio_0.1.1.1~20061112-3_amd64.deb -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Accepted remstats 1.0.13a-9 (source all amd64)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Format: 1.7 Date: Thu, 21 Jun 2007 00:19:26 +0200 Source: remstats Binary: remstats-bintools remstats-servers remstats remstats-doc Architecture: source all amd64 Version: 1.0.13a-9 Distribution: unstable Urgency: low Maintainer: [EMAIL PROTECTED] Changed-By: Steffen Joeris [EMAIL PROTECTED] Description: remstats - Remote Statistics System: collectors and presentation-cgis remstats-bintools - Remote Statistics System: traceroute and multiping remstats-doc - Remote Statistics System: documentation remstats-servers - Remote Statistics System: remote information servers Closes: 417026 Changes: remstats (1.0.13a-9) unstable; urgency=low . * QA upload * Make sure that there is a check in the postrm scripts if userdel is available, otherwise fallback to deluser (Closes: #417026) * Include checks for scripts which are called during remstats.postrm to make sure they are really available Files: b7c87425dcc3cf90759b352d4a8862d3 702 net extra remstats_1.0.13a-9.dsc d05a2ffb722e47a2c358c5d648d5f4f4 83857 net extra remstats_1.0.13a-9.diff.gz b2b4a88958f06ee17461f1761854e9d9 364342 net extra remstats_1.0.13a-9_all.deb 4db8fbd45e3ca00449adcb21f5be8923 106068 net extra remstats-servers_1.0.13a-9_all.deb ee131436e1a62bd614bfd2a041c197c3 273378 doc extra remstats-doc_1.0.13a-9_all.deb c4fec588651416c11bddfdd7defd8a03 69732 net extra remstats-bintools_1.0.13a-9_amd64.deb -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.6 (GNU/Linux) iD8DBQFGea4g62zWxYk/rQcRAiQQAJ0drgozoftUxW351cmuztsxqmKqGQCgunyL qp400NkEwuHbZdI7cwY7+T0= =evyy -END PGP SIGNATURE- Accepted: remstats-bintools_1.0.13a-9_amd64.deb to pool/main/r/remstats/remstats-bintools_1.0.13a-9_amd64.deb remstats-doc_1.0.13a-9_all.deb to pool/main/r/remstats/remstats-doc_1.0.13a-9_all.deb remstats-servers_1.0.13a-9_all.deb to pool/main/r/remstats/remstats-servers_1.0.13a-9_all.deb remstats_1.0.13a-9.diff.gz to pool/main/r/remstats/remstats_1.0.13a-9.diff.gz remstats_1.0.13a-9.dsc to pool/main/r/remstats/remstats_1.0.13a-9.dsc remstats_1.0.13a-9_all.deb to pool/main/r/remstats/remstats_1.0.13a-9_all.deb -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Accepted vym 1.8.1-5 (source amd64)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Format: 1.7 Date: Mon, 18 Jun 2007 14:56:01 +0200 Source: vym Binary: vym Architecture: source amd64 Version: 1.8.1-5 Distribution: unstable Urgency: low Maintainer: [EMAIL PROTECTED] Changed-By: Steffen Joeris [EMAIL PROTECTED] Description: vym- mindmapping tool Closes: 427699 Changes: vym (1.8.1-5) unstable; urgency=low . * Make sure that the desktop icon also shows up in !kde desktops (Closes: #427699) * Include German translation for .desktop file . Thanks to Bruno Kleinert Files: afe75bacf787f9f4cda6120df43233be 619 kde optional vym_1.8.1-5.dsc 0fd6e7e33148a3f429d477dc29688f04 4649 kde optional vym_1.8.1-5.diff.gz 986f0c267ca30fe5b70680f18917dc0e 1184512 kde optional vym_1.8.1-5_amd64.deb -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.6 (GNU/Linux) iD8DBQFGdoP362zWxYk/rQcRAo25AKCWi4nCKqPk9gubRzRdVTWZXW5O3QCgvswq E/pmqUJU++jEcPyHODM+0Gk= =hUO5 -END PGP SIGNATURE- Accepted: vym_1.8.1-5.diff.gz to pool/main/v/vym/vym_1.8.1-5.diff.gz vym_1.8.1-5.dsc to pool/main/v/vym/vym_1.8.1-5.dsc vym_1.8.1-5_amd64.deb to pool/main/v/vym/vym_1.8.1-5_amd64.deb -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]