Accepted cfrpki 1.3.0-1 (source) into unstable
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Sat, 18 Sep 2021 23:59:55 +0200
Source: cfrpki
Architecture: source
Version: 1.3.0-1
Distribution: unstable
Urgency: medium
Maintainer: Marco d'Itri <md@linux.it>
Changed-By: Marco d'Itri <md@linux.it>
Closes: 994572
Changes:
cfrpki (1.3.0-1) unstable; urgency=medium
.
* New upstream release. Fixes:
+ Prevent ROA issuers from making cfrpki emit an invalid VRP
"MaxLength" value, hence causing RTR sessions to terminate.
(CVE-2021-3761, Closes: #994572)
Checksums-Sha1:
5d19885ad085319cedb5a6c41bf433ba52479c07 1670 cfrpki_1.3.0-1.dsc
d74acdd1857c41bcaf07284e05b345760b6ff932 2065076 cfrpki_1.3.0.orig.tar.xz
1977f5cb1fba2e48fcc0ee614d955787e0a5e4f3 5192 cfrpki_1.3.0-1.debian.tar.xz
cad6bb779f9ce453f22950d1ff75e46c6a996162 8852 cfrpki_1.3.0-1_amd64.buildinfo
Checksums-Sha256:
9602ba1cce21afd6dd6d4679171689baf25f1f92d85b16c201e8b4c7ba168425 1670 cfrpki_1.3.0-1.dsc
fba61b3a12cc24b6068b67ade787f8ae93574f8c261ec8e0210310747e9857f2 2065076 cfrpki_1.3.0.orig.tar.xz
96a0ebf4319d49e8b241e074d0231aba6327b4631d96d64122f174fd29eeff48 5192 cfrpki_1.3.0-1.debian.tar.xz
a20ff103962bfac9c49114f625eaadd7d784242a5b2130529e4625b6929b9b87 8852 cfrpki_1.3.0-1_amd64.buildinfo
Files:
3bf3c9f7b4c90ff59e36a8944fdfe2f6 1670 net optional cfrpki_1.3.0-1.dsc
42f004de4882ba40a895921daafeb623 2065076 net optional cfrpki_1.3.0.orig.tar.xz
e0099512b83cd78f1102634983ebb784 5192 net optional cfrpki_1.3.0-1.debian.tar.xz
1963f5ba0aba67308f159e4102e4a050 8852 net optional cfrpki_1.3.0-1_amd64.buildinfo
-----BEGIN PGP SIGNATURE-----
iHUEARYIAB0WIQQnKUXNg20437dCfobLPsM64d7XgQUCYUZonQAKCRDLPsM64d7X
gU0eAQDlFn/z/gbCaqcX6TnNhdSQq7B7s2jpWrXfA4icq5dH4gEAwt8rDxD0J76M
Qe04AaCWvBhL5Hrl0qIncgLHYpnMPws=
=BrXL
-----END PGP SIGNATURE-----