Accepted gsoap 2.8.35-4+deb9u1 (source amd64 all) into proposed-updates->stable-new, proposed-updates
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Wed, 16 Aug 2017 11:58:11 +0200
Source: gsoap
Binary: libgsoap10 libgsoap-dev gsoap gsoap-doc libgsoap-dbg gsoap-dbg
Architecture: source amd64 all
Version: 2.8.35-4+deb9u1
Distribution: stretch
Urgency: medium
Maintainer: Mattias Ellert <mattias.ellert@physics.uu.se>
Changed-By: Mattias Ellert <mattias.ellert@physics.uu.se>
Description:
gsoap - Stub generators for gSOAP
gsoap-dbg - Debugging symbols for gSOAP stub generators
gsoap-doc - gSOAP documentation
libgsoap-dbg - Debugging symbols for gSOAP libraries
libgsoap-dev - Development libraries and headers for gSOAP
libgsoap10 - Runtime libraries for gSOAP
Changes:
gsoap (2.8.35-4+deb9u1) stretch; urgency=medium
.
* Fix for CVE-2017-9765
Integer overflow in the soap_get function in Genivia gSOAP 2.7.x and 2.8.x
before 2.8.48, allows remote attackers to execute arbitrary code or cause
a denial of service (stack-based buffer overflow and application crash)
via a large XML document.
Checksums-Sha1:
f5d103cd6f57bd1f8e91395d66ea631fa5dd05fb 2199 gsoap_2.8.35-4+deb9u1.dsc
34b8e916aca590d16345d714d051d8786545d160 5723766 gsoap_2.8.35.orig.tar.gz
1faa4271dd93f24b991e8b3405a509ab7637b3d5 13092 gsoap_2.8.35-4+deb9u1.debian.tar.xz
242c7c12303d253cea74521b16b963b2fcba978d 4091038 gsoap-dbg_2.8.35-4+deb9u1_amd64.deb
58db71fb282eabce3dde73afd89b8ec29f327853 11385248 gsoap-doc_2.8.35-4+deb9u1_all.deb
d23046500b18939b669ab3765f0e9f40afed853f 8577 gsoap_2.8.35-4+deb9u1_amd64.buildinfo
dee2e7dc4e824110ccc0cbb002307994f76db39a 943524 gsoap_2.8.35-4+deb9u1_amd64.deb
ccf024602737aef22878eb309ed50fe8b0a10e3c 1214158 libgsoap-dbg_2.8.35-4+deb9u1_amd64.deb
60723e86bea5879e98b7ba533ea310637738b813 265078 libgsoap-dev_2.8.35-4+deb9u1_amd64.deb
67867bfc49c8caebcfd3b2f345a93535d6509f03 265426 libgsoap10_2.8.35-4+deb9u1_amd64.deb
Checksums-Sha256:
32f2056c4f3b1f38a691b95527d2161fef2a19914999d7c0a13a41a326f85bee 2199 gsoap_2.8.35-4+deb9u1.dsc
20d607d499ec347c0ba21c926bba09da232f53f4da90c47f20a6a67970c1fb5e 5723766 gsoap_2.8.35.orig.tar.gz
d27338f22758e8d1ed7113e13535b3eb2c09973b64c985d6491dcd87ee35dfc4 13092 gsoap_2.8.35-4+deb9u1.debian.tar.xz
8acbbbafd4ef0ee24107793c235c3d02c3dec55b43429898f1b4a9c8c77abc5c 4091038 gsoap-dbg_2.8.35-4+deb9u1_amd64.deb
d5dd4337de970752f181a9b0567f0a5baf375c1f79e6bcff381bd9fbecafce31 11385248 gsoap-doc_2.8.35-4+deb9u1_all.deb
f456a03b5a28426d897ac512131cd91f9c26209bde5f6abde84c87b6b6a415e8 8577 gsoap_2.8.35-4+deb9u1_amd64.buildinfo
a8ebc58be9a499dd9ecf8da2c106b3ab3201b942cd2318927671bdc7c4e68035 943524 gsoap_2.8.35-4+deb9u1_amd64.deb
c1ea2abef70be1ae95165fc5d58cef859d26dcb4f2cf86c5a2a64227fc78df31 1214158 libgsoap-dbg_2.8.35-4+deb9u1_amd64.deb
c4cf334d185dcff5a6c4227d554461c52e5290a764751418cf5e778356f50ce5 265078 libgsoap-dev_2.8.35-4+deb9u1_amd64.deb
9b85c658d95994852b8e68b81497adecf166e416655774a4daa2bf3aa89321bf 265426 libgsoap10_2.8.35-4+deb9u1_amd64.deb
Files:
fde3ecb1ef972c050685c3b592bc341e 2199 devel optional gsoap_2.8.35-4+deb9u1.dsc
78c05da816e30e59c2df69dbb6ab2dea 5723766 devel optional gsoap_2.8.35.orig.tar.gz
c97da6985daa46bd076f9ae195816755 13092 devel optional gsoap_2.8.35-4+deb9u1.debian.tar.xz
05725b621ef3c5c5fc60565e41e58e4f 4091038 debug extra gsoap-dbg_2.8.35-4+deb9u1_amd64.deb
c1355ae75fa2fbaf9d24c7201d58d245 11385248 doc optional gsoap-doc_2.8.35-4+deb9u1_all.deb
b3d53d868e8799145711a71058beeaa4 8577 devel optional gsoap_2.8.35-4+deb9u1_amd64.buildinfo
9114636bf12771c17cd05eba2c6df6c2 943524 devel optional gsoap_2.8.35-4+deb9u1_amd64.deb
12dbbe3020b12c027549ce1d5963f0be 1214158 debug extra libgsoap-dbg_2.8.35-4+deb9u1_amd64.deb
50643732472fc562aa90210980d6a780 265078 libdevel optional libgsoap-dev_2.8.35-4+deb9u1_amd64.deb
25576dce085158aaea02ac48d199c485 265426 libs optional libgsoap10_2.8.35-4+deb9u1_amd64.deb
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEE6hgwr99NQxrZ4RRS6K7C/zvhqUsFAlnJKYIACgkQ6K7C/zvh
qUsmeQ//WFZWnvEXpik8+wshwM4//I7ESgrrOLz35zpGHemmgysUpX9XXGOEJn1Y
QGXTHFmFotLBW+kVImj6TgOatFfuWNrdOsLdrl9DsnmFxxHj47tdoUoM8aFbaxqg
5sqTi0R2CBYO4KSbxEv//6JnZNna/Gy8nMHC7+ypuqeZ2mdjoigoDUSjR6whVgBE
Wt+Pmm+OHKq9vxdlY92+JrPlZx8FSnzg3p2vTFuMMf2KMJGWrEXXM+qy5gPGAEns
1wp1FtnHxRbCGtRIGJGhMVkDv7z5XGBQx15zTt9vvhTL+gOL1YnA/GKQxvwLpjEB
rpitIhJeomgyNOdvLTu0FvbXVk6sUBqRfdoGCuWQX27lU5YTYDjSTVv6fCJprHld
RqNmK2M8x3nh2mUdqzlSvj/gpdyokLsju7zeJ9EJ0OA3WDnRD2N7ZNEOqnnHXMd9
N+WiKbJ/zVGYi8BtwEE0Fqen845xbFp5OUIusUGMKZDNX5Q5ocFKKl79I+FBuVRT
SkJv4qT5U79uHUSu9TwU8yH4iKBMF2nIhKaUgH+1c9JGGIZxh1EK7Ss3k4SbXR9O
UJx7hZXGydrVdNJVtJu51cTI40Dsi6HcJr/1mX5uvAkujlsFBI4fo/ouDITEoG6N
7AmqsySP8CEju2VjNB6ADm0VQIh26bUA1hdd5M/ewc9xMc4gJqg=
=yLxJ
-----END PGP SIGNATURE-----