Accepted systemd 215-17+deb8u12 (source amd64) into oldstable
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Tue, 23 Apr 2019 10:55:22 +0200 Source: systemd Binary: systemd systemd-sysv libpam-systemd libsystemd0 libsystemd-dev libsystemd-login0 libsystemd-login-dev libsystemd-daemon0 libsystemd-daemon-dev libsystemd-journal0 libsystemd-journal-dev libsystemd-id128-0 libsystemd-id128-dev udev libudev1 libudev-dev udev-udeb libudev1-udeb libgudev-1.0-0 gir1.2-gudev-1.0 libgudev-1.0-dev python3-systemd systemd-dbg Architecture: source amd64 Version: 215-17+deb8u12 Distribution: jessie-security Urgency: medium Maintainer: Debian systemd Maintainers Changed-By: Mike Gabriel Description: gir1.2-gudev-1.0 - libgudev-1.0 introspection data libgudev-1.0-0 - GObject-based wrapper library for libudev libgudev-1.0-dev - libgudev-1.0 development files libpam-systemd - system and service manager - PAM module libsystemd-daemon-dev - systemd utility library (transitional package) libsystemd-daemon0 - systemd utility library (deprecated) libsystemd-dev - systemd utility library - development files libsystemd-id128-0 - systemd 128 bit ID utility library (deprecated) libsystemd-id128-dev - systemd 128 bit ID utility library (transitional package) libsystemd-journal-dev - systemd journal utility library (transitional package) libsystemd-journal0 - systemd journal utility library (deprecated) libsystemd-login-dev - systemd login utility library (transitional package) libsystemd-login0 - systemd login utility library (deprecated) libsystemd0 - systemd utility library libudev-dev - libudev development files libudev1 - libudev shared library libudev1-udeb - libudev shared library (udeb) python3-systemd - Python 3 bindings for systemd systemd- system and service manager systemd-dbg - system and service manager (debug symbols) systemd-sysv - system and service manager - SysV links udev - /dev/ and hotplug management daemon udev-udeb - /dev/ and hotplug management daemon (udeb) Changes: systemd (215-17+deb8u12) jessie-security; urgency=medium . * Non-maintainer upload by the LTS team. * CVE-2017-18078: tmpfiles: refuse to chown()/chmod() files which are hardlinked, unless protected_hardlinks sysctl is on. * CVE-2019-3842: pam-systemd: use secure_getenv() rather than getenv(). Checksums-Sha1: 0c9ac184a1544b082401653c32850d821255 4182 systemd_215-17+deb8u12.dsc 7a592f90c0c1ac05c43de45b8fde1f23b5268cb4 2888652 systemd_215.orig.tar.xz 330fb82dc2f69101bb681e23c21ec94ed6278a51 248692 systemd_215-17+deb8u12.debian.tar.xz ca98f6138cce25a8e33741fe455eea86a99613cf 2554300 systemd_215-17+deb8u12_amd64.deb a3317419d7d4e110d79a5a59d9f52623f6f24b82 37430 systemd-sysv_215-17+deb8u12_amd64.deb 163f4c3cf43c9f42a5cd32e9d5301a8c8ae9c170 127352 libpam-systemd_215-17+deb8u12_amd64.deb 46a8b937ef5b5146aa5d751475ff0927a4f45f4a 90368 libsystemd0_215-17+deb8u12_amd64.deb 8f9aae1a40c692f77495b319aa883a2bb7a6aa4c 96370 libsystemd-dev_215-17+deb8u12_amd64.deb e81233773649873e70c9f3ac552d3238f0f2f485 50634 libsystemd-login0_215-17+deb8u12_amd64.deb 37fe868393bb9db61132ed1d6b95cd106ab0ee6b 33122 libsystemd-login-dev_215-17+deb8u12_amd64.deb 3438138d683feaed1878037a114b0efb7c411b22 39702 libsystemd-daemon0_215-17+deb8u12_amd64.deb b086cd6b1b633e772002f7017197c7871dce4b55 33110 libsystemd-daemon-dev_215-17+deb8u12_amd64.deb 8568c92b929291916dcbc13b0e93efc9705006ff 75896 libsystemd-journal0_215-17+deb8u12_amd64.deb 33daeaa674fe0c87192056168634bdaa73ada42e 33116 libsystemd-journal-dev_215-17+deb8u12_amd64.deb 7f5d4c2a9de39a086796191bcd4cc13d48323b29 38632 libsystemd-id128-0_215-17+deb8u12_amd64.deb e7784505fa0f46e4898bedc65e35cabf0a798980 33112 libsystemd-id128-dev_215-17+deb8u12_amd64.deb cda0ed9ba436a3d08a74d9fbc4a411e4e7424433 877648 udev_215-17+deb8u12_amd64.deb b12c3ec0297f44b29025fe41c98c7b37d809eaed 58750 libudev1_215-17+deb8u12_amd64.deb 587beb37e3993734364f84bb9ba6a37f6ebf2201 23388 libudev-dev_215-17+deb8u12_amd64.deb b369fba0c42dc949754df46ae7b6a909085ad175 195540 udev-udeb_215-17+deb8u12_amd64.udeb 54e9087857bdb2ad8c540ac73976f4fa11e81dbf 24738 libudev1-udeb_215-17+deb8u12_amd64.udeb 6c8dc2dc206aad34da93afb7eca145d593f14a97 43400 libgudev-1.0-0_215-17+deb8u12_amd64.deb c5ad94618d04343dcc09a02c0d5f49bc2bce0d4a 2846 gir1.2-gudev-1.0_215-17+deb8u12_amd64.deb f12fbbf528e72a4e4aca95170d610e8d6096e424 24614 libgudev-1.0-dev_215-17+deb8u12_amd64.deb 652d0154bddc3b9970e0788c738e827e473f3f00 63274 python3-systemd_215-17+deb8u12_amd64.deb 0b8efa2b818d26c810d08dcc78391d6cbc76db26 15998212 systemd-dbg_215-17+deb8u12_amd64.deb Checksums-Sha256: c5ce984fe61dcda0e1ebd4ba9ac4d6931edd954882ebad73b05efba93c816507 4182 systemd_215-17+deb8u12.dsc ce76a3c05e7d4adc806a3446a5510c0c9b76a33f19adc32754b69a0945124505 2888652 systemd_215.orig.tar.xz 84df36aa8b8dc72ccb9f3e09eafb0535662aca876bb6fb26e1df6189c0899f00 248692 systemd_215-17+deb8u12.debian.tar.xz
Accepted putty 0.63-10+deb8u2 (source amd64 all) into oldstable
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Tue, 23 Apr 2019 19:03:02 +0200 Source: putty Binary: pterm putty putty-tools putty-doc Architecture: source amd64 all Version: 0.63-10+deb8u2 Distribution: jessie-security Urgency: high Maintainer: Colin Watson Changed-By: Thorsten Alteholz Description: pterm - PuTTY terminal emulator putty - Telnet/SSH client for X putty-doc - PuTTY HTML documentation putty-tools - command-line tools for SSH, SCP, and SFTP Changes: putty (0.63-10+deb8u2) jessie-security; urgency=high . * Non-maintainer upload by the LTS Team. * CVE-2019-9897 - Fix crash printing a width-2 char in a width-1 terminal. - Limit the number of combining chars per terminal cell. - Fix crash on ESC#6 + combining chars + GTK + odd-width terminal. * CVE-2019-9894 RSA kex: enforce the minimum key length. * CVE-2019-9898 Fix one-byte buffer overrun in random_add_noise(). * additional patches from upstream that are security related and as well present in the Stretch version of putty - In random_add_noise, put the hashed noise into the pool, not the raw noise. - sk_tcp_close: fix memory leak of output bufchain. - Fix handling of bad RSA key with n=p=q=0. - Sanity-check the 'Public-Lines' field in ppk files. - Introduce an enum of the uxsel / select_result flags. Checksums-Sha1: 66e595cf5e5a809fe1e149ea82a20f2c388942a8 2205 putty_0.63-10+deb8u2.dsc 195c0603ef61082b91276faa8d4246ea472bba3b 1887913 putty_0.63.orig.tar.gz 9449083c66119e2a44bd375447720a31bcdd1b49 72056 putty_0.63-10+deb8u2.debian.tar.xz 8030fb587aea20f2c686ca3acb577969cfb11454 182968 pterm_0.63-10+deb8u2_amd64.deb 38aad7ec482e653076abf310816d0e73f2e02fd4 310828 putty_0.63-10+deb8u2_amd64.deb ab3c21573956ea60e7e153ba7855cd4eb30a95c8 323664 putty-tools_0.63-10+deb8u2_amd64.deb 0259517b932d2c0b402b458045f952454d9fc0df 137176 putty-doc_0.63-10+deb8u2_all.deb Checksums-Sha256: 6b9078d46bccc1c7bea5bf5ad244735e752cbc9ac146301427a4bc555f49c50f 2205 putty_0.63-10+deb8u2.dsc 81e8eaaf31be7d9a46b4f3fb80d1d9540776f142cd89d0a11f2f8082dc68f8b5 1887913 putty_0.63.orig.tar.gz 4efc99ac9d084c98e019bc4c20fc4047ef2ad3255da0c8a95a2c2c7e3b4c6c84 72056 putty_0.63-10+deb8u2.debian.tar.xz f79dbf0be65b97c651b2ef9d39c9f32639486066020f7d7e31cfa3523b9edda2 182968 pterm_0.63-10+deb8u2_amd64.deb 771571d9e7cf3744738166e483fb074a6e87116b2bfa74e4e2c02592ed1f43cc 310828 putty_0.63-10+deb8u2_amd64.deb b2d836952f8cefea23609646d9abfc986d167affd5b851c20fe37ab2f3ef5c44 323664 putty-tools_0.63-10+deb8u2_amd64.deb 9fc057f9685fdf3d3680fec2f44a25a37103f40042fda813f0f1c819a38c2459 137176 putty-doc_0.63-10+deb8u2_all.deb Files: bd0bf84a9743fcb099d79fc66acb03cc 2205 net optional putty_0.63-10+deb8u2.dsc 567207b590a149656454d6e6ea7af124 1887913 net optional putty_0.63.orig.tar.gz 2e125b9b901f529f094cdc2a047eddee 72056 net optional putty_0.63-10+deb8u2.debian.tar.xz 4e79e5909555df94723bf74d8cf6b2a5 182968 x11 optional pterm_0.63-10+deb8u2_amd64.deb af841bd76be06133d237b854206b4f9c 310828 net optional putty_0.63-10+deb8u2_amd64.deb d4bd2941dcae24209bfb9a77ade17209 323664 net optional putty-tools_0.63-10+deb8u2_amd64.deb b04587d258f466b920ed9044ec9f7f32 137176 doc optional putty-doc_0.63-10+deb8u2_all.deb -BEGIN PGP SIGNATURE- iQKnBAEBCgCRFiEEYgH7/9u94Hgi6ruWlvysDTh7WEcFAlzApipfFIAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDYy MDFGQkZGREJCREUwNzgyMkVBQkI5Njk2RkNBQzBEMzg3QjU4NDcTHGRlYmlhbkBh bHRlaG9sei5kZQAKCRCW/KwNOHtYR6N+D/90GiRnY++uZGD+lZjhYbq9iKiTiUSi 3YTpknwrYdU0k3C1lZIes+Xcc1x7Jwszjyh5ONzTR5VLa9b1prr4bEfK0WmxwQRw O5mpzvDhnpaSOj1Jh+NVdB8j2C4pbh9GDV1F+ZUagvTvJp9eQkIGqxl1dK4Lqo1B nwfx6K2YzqgBnsTBuW0M05rdWGKJgmYDnxGPtSr+pxfr1ym+HlIOy4sdWtu57wwa Kd3nVG5wDVQZNj8FAkzWN/kUGG/AwI1+bVqT/RVV34RQtiQQw3RY3ijbKG+RZZPu AjUaNYV+KDpKmgErwHt6cBLPqiPRY3fHNybGN2JQCglmjIqtNgSMCTmP87gfVz6a BtWwzEPCXYJKZPUA1XCngHWBdNaJZKvCUnhVG0a/yHcx+HTDQd7i0ytnFdiNHhS6 64/BI7A9XY+WWk1GGpakE/mBy2fNBppAzaCU2zfuaYzgxw/cai5sm6ev5KwDRtjm bvF8J2Ub4rh37xZDxnbwCcDu4GIY/mUgA2Ra/ytBXWMnSK0yFkvE82os2JYKneOX iVNU5kFJay3J8VCBK5dDewgbVjZGcjYZqFJBoRepn+sPf+azmgCunjeh2QXal8gJ s+vsQe8so1n9dyo0lvoTcHk2yUNwbpeUk+vFQKUYOLkhRVd0j1ukl5o0OGV/Z2fv rqAiYWPnccN5Xg== =XLcj -END PGP SIGNATURE-